Hi there, On Fri, 12 Mar 2021, John Pfuntner -X (jpfuntne - EASI LLC at Cisco) via clamav-users wrote:
I've been experimenting with ClamAV on various Linux distributions and have had trouble doing on-access scanning on CentOS 8 machines - everything installs fine and I can do on-demand scanning with clamscan but on-access scanning isn't preventing me from accessing a test infected file. I see this behavior right now with ClamAV 0.103.0 on: AWS CentOS 8.2 (4.18.0-193.6.3.el8_2.x86_64) GCP CentOS 8.3 (4.18.0-240.10.1.el8_3.x86_64) I've got a repo with Ansible playbooks to do the installation and test on-access on on-demand testing: https://github.com/pfuntner/clamav-onacc. I've gotten successes consistently using the same playbooks with Debian 9 and 10. Am I doing something wrong?
Sorry, I have no experience of Centos, but there are surely Centos users lurking here. Until one pops up, my wild guess - no, you aren't doing anything wrong but you might need to do some more work. And my speculation - look into the kernel configurations. A quick search found this: https://marc.info/?l=clamav-users&m=160824995205483&w=2 (Doesn't Cisco own Sourcefire? :) -- 73, Ged. _______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
