Hi, I have a question concerning the exclusion statement in clamd.conf
# clamconf | grep Exclude ExcludePath = "^/run/", "^/dev/", "^/sys/", "^/proc/" # /bin/clamdscan -l /var/log/clamdscan.log /sys -------------------------------------- /sys: Excluded /sys: OK ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 0.000 sec (0 m 0 s) Fine /sys seems to be excluded from scanning. When I issue the same command but starting at the root /, I see a lot of errors popping up in the log file and all of them are pointing to /sys. I am confused because /sys is excluded from scanning but errors are logged for that filesystem. What do I do wrong and/or how can I avoid this? # /bin/clamdscan -l /var/log/clamdscan.log / # head /var/log/clamdscan.log -------------------------------------- /root/eicar.com: Eicar-Signature FOUND /sys/fs/xfs/stats/stats: Can't read file ERROR /sys/fs/xfs/stats/stats_clear: Can't open file or directory ERROR /sys/fs/xfs/dm-0/stats/stats: Can't read file ERROR /sys/fs/xfs/dm-0/stats/stats_clear: Can't open file or directory ERROR /sys/fs/xfs/dm-0/error/fail_at_unmount: Can't read file ERROR /sys/fs/xfs/dm-0/error/metadata/default/max_retries: Can't read file ERROR /sys/fs/xfs/dm-0/error/metadata/default/retry_timeout_seconds: Can't read file ERROR /sys/fs/xfs/dm-0/error/metadata/EIO/max_retries: Can't read file ERROR ........ Pascal De Meerleer Disclaimer <http://www.kbc.com/KBCmailDisclaimer>
_______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
