At 05:29 PM 12/9/2006, Bill Landry wrote:
Tomasz Kojm wrote the following on 12/7/2006 2:01 AM -0800:
> You should be more careful with what you're downloading into the database
> directory. For the official database freshclam makes a number of tests to
> prevent installing broken files. For 3rd party databases I'd
suggest calling
> 'clamscan -d file.ndb' before installing file.ndb in the database
dir and/or
> asking the creator to provide you with online checksum for the file.
I must be doing something wrong here. I am running Fedora Core 3 with:
clamscan -V
ClamAV 0.88.6/2312/Sat Dec 9 10:46:45 2006
However, when I attempt to scan an individual file as Tomasz shows
above, I get all files in the directory scanned:
clamscan -d scam.ndb
/var/tmp/clamdb/phish.ndb: OK
/var/tmp/clamdb/MSRBL-Images.hdb: OK
/var/tmp/clamdb/phish.ndb.gz: OK
/var/tmp/clamdb/scam.ndb: OK
/var/tmp/clamdb/MSRBL-SPAM.ndb: OK
/var/tmp/clamdb/scam.ndb.gz: OK
----------- SCAN SUMMARY -----------
Known viruses: 3841
Engine version: 0.88.6
Scanned directories: 1
Scanned files: 6
Infected files: 0
Data scanned: 6.27 MB
Time: 2.852 sec (0 m 2 s)
This does not allow me to detect a problem with a specific database
file. Any suggestions?
You miss the point... If the database is a bad format "clamscan -d
foo.ndb" will FAIL. So you can use it as a basic test for a sane
database. At this point you don't care about actually scanning the
files in the directory, that's just a side effect. What you care
about is if the command succeeds (exit status 0) or fails (exit status non-0).
You use it in some tmp directory something like this:
clamscan --quiet -d foo.ndb && \
cp -p foo.ndb /var/db/clamav
If the clamscan command fails, the copy is not performed.
--
Noel Jones
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
