Thanks for all these answers !
To be more precise :
1. OS X Server has root user account AKA "System Administrator"
configured on BSD local files, Local Netinfo DB, and LDAP (as It is
activated in my case).
2. I am scanning a bunch of files, but I am not scanning It through
the Network but on the Local System, It just happened to be a shared
point. I am using user root because It is the only one to have full
access to all these files.
Here is what happened when I scan It with regular user clamav :
[superxserv:~] clamav% clamscan -l /var/log/clamscan.log -r -v /
Volumes/RAID/Users/ &
[1] 24589
[superxserv:~] clamav% LibClamAV Warning:
********************************************************
LibClamAV Warning: *** This version of the ClamAV engine is
outdated. ***
LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/
faq.html ***
LibClamAV Warning:
********************************************************
/Volumes/RAID/Users/pac3d1: Can't open directory.
/Volumes/RAID/Users/pac3d2: Can't open directory.
/Volumes/RAID/Users/pac3d3: Can't open directory.
/Volumes/RAID/Users/pac3d4: Can't open directory.
/Volumes/RAID/Users/pacabern: Can't open directory.
/Volumes/RAID/Users/pacaccue: Can't open directory.
/Volumes/RAID/Users/pacafeno: Can't open directory.
/Volumes/RAID/Users/pacagonc: Can't open directory.
/Volumes/RAID/Users/paccchar: Can't open directory.
/Volumes/RAID/Users/paccclod: Can't open directory.
/Volumes/RAID/Users/paccfria: Can't open directory.
/Volumes/RAID/Users/pacclepo: Can't open directory.
/Volumes/RAID/Users/paccmont: Can't open directory.
/Volumes/RAID/Users/pacdlaug: Can't open directory.
/Volumes/RAID/Users/pacdshul: Can't open directory.
/Volumes/RAID/Users/pacelipc: Can't open directory.
/Volumes/RAID/Users/pacfgutk: Can't open directory.
/Volumes/RAID/Users/pacglego: Can't open directory.
/Volumes/RAID/Users/pachlope: Can't open directory.
/Volumes/RAID/Users/pacjchik: Can't open directory.
/Volumes/RAID/Users/pacjmich: Can't open directory.
/Volumes/RAID/Users/pacjozan: Can't open directory.
/Volumes/RAID/Users/pacmfern: Can't open directory.
/Volumes/RAID/Users/pacmlame: Can't open directory.
/Volumes/RAID/Users/pacmtric: Can't open directory.
/Volumes/RAID/Users/pacnaiss: Can't open directory.
/Volumes/RAID/Users/pacnisab: Can't open directory.
/Volumes/RAID/Users/pacnodru: Can't open directory.
/Volumes/RAID/Users/pacplari: Can't open directory.
/Volumes/RAID/Users/pacsconj: Can't open directory.
/Volumes/RAID/Users/pacstage: Can't open directory.
----------- SCAN SUMMARY -----------
Known viruses: 86882
Engine version: 0.88.5
Scanned directories: 32
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Time: 4.186 sec (0 m 4 s)
And with root you already know what happened !
superxserv:~ root# clamscan -l /var/log/clamscan.log -r -v /Volumes/
RAID/Users/ &
[1] 24605
superxserv:~ root# ERROR: Can't get information about user 0
[1]+ Exit 60 clamscan -l /var/log/clamscan.log -r -
v /Volumes/RAID/Users/
superxserv:~ root#
???
Le 16 janv. 07 à 03:39, Dennis Peterson a écrit :
Stephen Gran wrote:
On Mon, Jan 15, 2007 at 05:41:52PM -0800, Dennis Peterson said:
It required a visit to the Makefile to see where the user was being
defined and you're right. I did not know this about clamscan and
don't
yet understand the rationale, but it does have an impact on systems
where clamscan is intended to be used but not clamd nor clamdscan -
stand alone systems, in other words. I'll have to tweek my Cfengine
configs some.
Does anyone know what this code is supposed to protect?
My impression is that it is for unpacking archives and following
symlinks and so forth - it deliberately drops privileges before doing
so, so that sensitive files aren't tampered with, Maybe one of
the dev
team can shed more light on the subject, but that's what a quick
glance
through the code suggests.
Of course - and perfectly sensible. I had no need to scan any
archives so didn't make the association. This information allows a
workaround without hacking the code. Thanks, Stephen.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://
wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
________________________________________________
«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Gregober ---> PGP ID --> 0x1BA3C2FD
bsd @at@ todoo.biz
________________________________________________
«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
P "Please consider your environmental responsibility before printing
this e-mail"
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
