Sarocet wrote:
Dennis Peterson wrote:
Nobody has actually tested the files to see if they are Windows executables
that I've
seen. It is entirely possible they could be Linux executables. File
extensions don't
mean much on a Linux system but it seems from this thread a great way to
pass
James Brown wrote:
My freshclam.log only shows entries like:
Log size = 11242653, max = 1048576
LOGGING DISABLED (Maximal log file size exceeded).
How can I increase the max log file size?
The current build of ClamAV has this in the example freshclam.conf file:
# Maximum size of the log
James Brown wrote:
Added the above text, but with LogFileMaxSize 0, (without the '#' of
course!).
ran /usr/local/bin/freshclam
still got a LOGGING DISABLED error in freshclam.log
Thanks Dennis Bill,
Did you stop and restart freshclam (assuming you run it as a daemon)?
What
Robert Schetterer wrote:
aCaB schrieb:
Robert Schetterer wrote:
Hi all,
where can i find a description to JS.Downloader-37
some customer programmer says this is not really a virus
or a security Problem
if it so
is there a way to make clamscan ignore such type of stuff
Report the FP here.
Daniel Garcia Bruno wrote:
Hi everybody,
First of all thank's a million for the work of the ClamAV team!
I've been using it for few years now ... but is the first time I see
this problem after a Linux - Solaris 10 mail servers migration :
SunOS dl380 5.10 Generic_127112-06 i86pc i386
Phil Chambers wrote:
How do I go about diagnosing this?
Do you have log information showing that both messages followed the same path
to your
AV tool, beginning at port 25 of your inbound MTA?
dp
___
Help us build a comprehensive ClamAV guide:
Jose-Marcio Martins da Cruz wrote:
Gregory Carter wrote:
I totally agree, but I think after you pointed out 4(a), all the other
issues cited simply makes further discussion pedantic.
Well, I'd like to add a remark. The discussion about all these issues
isn't pedantic, as long as...
Phil Chambers wrote:
I was not aware that there was any way to get clamd to do anything other than
check the content of messages. The Sanesecurity signatures are just a set of
phishing and scam signatures for ClamAV which are used in addition to the
standard ClamAV ones.
Given that
David F. Skoll wrote:
Bowie Bailey wrote:
Then this may be something that could use some explanation.
Exactly what temp dir setting are you referring to and why should it be
changed?
Many (but not all) UNIX programs respect an environment variable
called TMPDIR that specifies a
Rob MacGregor wrote:
On Jan 3, 2008 3:09 PM, Bowie Bailey [EMAIL PROTECTED] wrote:
Then this may be something that could use some explanation.
Exactly what temp dir setting are you referring to and why should it be
changed?
If the environment variable TMPDIR is defined then well behaved
FM wrote:
hello,
I have lots of false positive with clamav phishing detection.
What is the correct way to remove these rules using sigtool?
From a recent post:
You can disable the heuristics-based phish checks without
disabling the signature-based checks. Both the official
clamav and
Rob MacGregor wrote:
On Jan 3, 2008 4:09 PM, Dennis Peterson [EMAIL PROTECTED] wrote:
The success of this requires a bit of serendipity as well. If for reasons of
convenience the new TMPDIR is globally writeable then nothing has been
accomplished
which is why a global TMPDIR declaration
David F. Skoll wrote:
I think we all need to calm down.
Vulnerability #1: Yes, cli_gentemp has a theoretical race condition.
Is it theoretically exploitable? Sure. Is it *likely* to be exploited
in the real world? No. You have to guess 128 bits of mildly-good random
data. That's quite
David F. Skoll wrote:
Dennis Peterson wrote:
Does any admin actually run this stuff without setting the temp
directory ahead of time?
I bet the vast majority do.
I don't include Linux babies in that...
This problem is as old as Unix.
Indeed.
It is an operator issue.
No, I
Paul Kosinski wrote:
In reply to various responses:
We haven't reconfigured our local or domain Postfix mail servers
recently to do graylisting etc., but in April we moved from a shared
Web host to a dedicated computer for our domain (iment.com). At that
time, we installed a what was
john wrote:
ha
clamav-milter -V
ClamAV version 0.88.7, clamav-milter version 0.88.7
however when I try to configure with --enable-milter on the new version
0.92
I get:
configure: error: Cannot find libmilter
any idea where I can find it?
In the libmilter package for your distribution?
JF wrote:
Est-ce que quelqu'un ou quelques personne pourrait me dire de quoi il
s'agit, et des étapes à faire pour les enlever si possibilité avec les
commandes pour que j'puisse pas trop galéré à faire n'importe quoi
Bonjour JF
Les fichiers sont des fichiers de test. Ils doivent être
Paul Kosinski wrote:
In December 2006, we were running ClamAV 0.88.7, and there were still
a fair number of real viruses being detected in inbound email. Now
running 0.91.2 and 0.92, there seem to be only phishing attempts, and
not even very many of them. In fact it seems that our log file
Cort, Tom wrote:
Hello,
clamav comes with a sample virus (ClamAV-Test-File) for testing
purposes. It's located in the clamav source tarball in the 'test'
directory and named 'clam.exe'. I'd like to distribute it with a free
software program I maintain, but I can't find the corresponding
Baz wrote:
Hello,
I installed ClamAV and ran a scan on my entire system returning a
report of one infected file. How do I find this file? I
Did you look in your log file?
dp
___
Help us build a comprehensive ClamAV guide: visit
Baz wrote:
And where exactly is it? Do Linux developers intentionally make this
shit difficult and still bitch about Windows/Norton's dominance?
Please crush with all your being any desire to top post.
Apparently you've not read anything yet so a good place to start is the ClamAV
Wiki.
The
Baz wrote:
Or this
# clamscan -r /
Dave, keep that smug attitude going. It only helps M$. Thank God I
still have XP on another partition.
Despite the fact that you are a top posting whining asshat who has no sense of
personal responsibility, it's Christmas so I'm not going to tell you
Andrew McGlashan wrote:
Gerard wrote:
I believe that it is worth mentioning, that the receiver of said
messages must insure that they do not engage in the practice referred
to as backscatter.
http://en.wikipedia.org/wiki/Backscatter#Backscatter_of_email_spam
An improperly configured
Andrew McGlashan wrote:
Dennis Peterson wrote:
You are running a very underpowered system for a virus scanner. That
is the real shame. Memory is cheap even in third world nations -
there is no reason an on-demand system like a virus scanner should be
shackled with 256 meg of memory.
So
Andrew McGlashan wrote:
Dennis Peterson wrote:
I'd be real tempted to
farm out this function to a capable server via tcp/ip connections.
Okay thanks, is there any guides to farm out such connections to help?
I use Sendmail and a milter, J-Chkmail which makes this trivial. It all depends
Henrik Krohns wrote:
On Tue, Dec 11, 2007 at 06:55:09PM -0800, Dennis Peterson wrote:
Andrew McGlashan wrote:
Dennis Peterson wrote:
You are running a very underpowered system for a virus scanner. That
is the real shame. Memory is cheap even in third world nations -
there is no reason
Henrik Krohns wrote:
On Tue, Dec 11, 2007 at 09:19:45PM -0800, Dennis Peterson wrote:
The messages/hour is not a parameter one typically controls. Systems I build
are
build to handle estimated worst case loads.
Maybe you can't control it, but if the load is predictable, what's your
point
Henrik Krohns wrote:
On Tue, Dec 11, 2007 at 09:53:54PM -0800, Dennis Peterson wrote:
Henrik Krohns wrote:
On Tue, Dec 11, 2007 at 09:19:45PM -0800, Dennis Peterson wrote:
The messages/hour is not a parameter one typically controls. Systems I
build are
build to handle estimated worst case
Unai Rodriguez wrote:
Dear all,
Let's imagine that while scanning the system ClamAV finds an infected file:
file: virus FOUND
What is the best way to remove it?
1) clamscan --remove file
NOTE.- What if the files is *BIG*? Do I have to scan it again to remove it?
-
Jeffrey Rice wrote:
Hello,
Is there any way to reduce/control the memory use of clamd? I'm running
a co-hosted VPS, so memory is at a premium. I have 256 Mb of RAM on the
machine, and clamd is taking 95Mb of virtual, and has a 65Mb resident
footprint! That seems excessive, to say the
Dzek wrote:
Dear alll,
Anybody can help me on this, vhen i go to /var/lib/clamav/daily.inc/ there
is no file there. how do i copy one there.
Thanks.
You should have a tool that came with your clamav suite. Find and run clamconf
and
post the results here. Your configuration broken.
dp
Sheikji Nazirudeen wrote:
Hello:
I am in the process of scanning HP and Sun servers. I am running into
issues wherein, it takes a long time for the scan to complete. Is there any
way apart from exculding certain file extensions to increase the speed. I
would be much interested in a software
Steve Wray wrote:
Christoph Cordes wrote:
Hello,
so in the end it boils down to this:
- after a new release ClamAV should mimic the behavior of the
preceding version by default unless it's a major release (.x0) or the
user enabled possible new features explicitly. furthermore the
David F. Skoll wrote:
Tomasz Kojm wrote:
This is getting boring!
I'm sorry you find it so. I actually find this to be exciting reading:
http://www.securityfocus.com/cgi-bin/index.cgi?o=0l=30c=12op=display_listvendor=Clam%20Anti-Virusversion=title=CVE=
Please, Clam developers, before
David F. Skoll wrote:
Ian Eiloart wrote:
Hold on here. Are you stating that you expect users to actually RTFM? I
think you are expecting way too much.
No, it's not. Not when the users are professional IT people.
:-) I don't think we hang around the same Professional IT people
The
G.W. Haywood wrote:
Hi there,
Of course we aren't considering here the case where you might be looking,
say, for vulnerable libraries compiled statically into random executables.
Debian has some patterns for this that are instructional - they are used for
locating
static versions of
Ian G Batten wrote:
On 18 Nov 07, at 0614, Dennis Peterson wrote:
Have you considered scannning only files that have changed (md5sum
difference, for
example) since the last time they were scanned? There's no need to
scan a file
endlessly - only if it has changed since the previous scan
David F. Skoll wrote:
Dennis Peterson wrote:
That which you can't test you are obliged to understand. If you
can't understand a thing because of time constraints, complexity, or
inadequate documentation, then you turn it off until circumstances
change. You finally kinda did that.
Yes
David F. Skoll wrote:
Dennis Peterson wrote:
They didn't turn it on and they didn't install it. They provided a
sample config that is incapable of running and which requires
administrative attention in order to use. What finally ends up
running on the system is your job and mine to manage
Derick Centeno wrote:
Hi Jim:
For OS X the clamav engine works with the interface provided by
clamXav. You can take a look at that page here:
http://www.clamxav.com/
Whenever I'm in OS X, I never fail to be amazed at all the windows
virii, trojans and God knows what attempting to
Gerard wrote:
On November 19, 2007 at 11:43AM Dennis Peterson wrote:
Before the widespread use of Fusion and Parallels in the Mac this wasn't too
much of
a problem. Virtual machines have now made it more important to keep the OS X
file
system clean, now. It's just a matter of time
Ian G Batten wrote:
On 19 Nov 07, at 1228, G.W. Haywood wrote:
Hi there,
On Mon, 19 Nov 2007 Ian G Batten wrote:
On 18 Nov 07, at 0614, Dennis Peterson wrote:
Have you considered scannning only files that have changed (md5sum
difference, for example) since the last time they were scanned
Derick Centeno wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm sure that you're aware that you can also switch that function off
by merely commenting out those lines.
My 0.91.2 sample clamd.conf file says:
# With this option enabled ClamAV will try to detect phishing attempts by
Noel Jones wrote:
To disable these heuristics based signatures in
clamd/clamdscan, set
PhishingScanURLs no
in clamd.conf and then stop/start clamd.
Derick Centeno wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm sure that you're aware that you can also switch that
Derick Centeno wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Which is why my primary system is not OS X, but rather Yellow Dog
Linux (YDL)!
This highlights the big gripe I have with Linux. You can't even talk about it
without
immediately indicating which vendor's Linux. It is the
Unai Rodriguez wrote:
Dear All,
We are managing a set of servers running Debian plus VMware Server (free
version). All of them are pretty busy since each of them run several
VMware Virtual Servers.
I am trying to come up with a way (aka Best Practice) of having all
these machines
[EMAIL PROTECTED] wrote:
Hello all.
We've had some consultant make the spurious claim that Clam AV only scans for
'windows viruses' and is really only useful for 'scanning email'.
Despite the fact that I know this to be patently false, is there
documentation out there I can slap him with
Gerard Seibert wrote:
On Monday November 12, 2007 at 04:22:47 (PM) David F. Skoll wrote:
Really? All posters on this thread who gave an opinion wanted
PhishingScanURLs off by default. I invite users who want
PhishingScanURLs to be on by default to come forward; I'll happily go
with the
John Rudd wrote:
John Rudd wrote:
I can produce 2 examples of messages that cause the problem, in RFC822
format, for anyone who wants to experiment with them.
I decided I'd just go ahead and make them available:
http://people.ucsc.edu/~jrudd/ClamAV/318642.mbox
David F. Skoll wrote:
Hello,
A client of ours had a bunch of machines whose CPUs were maxed out
at 100% because of clam. Changing PhishingScanURLs to no from the
default yes dropped the load average from 70+ to about 3, and the
CPU usage from 100% to under 50%. This is under Linux, so
Joe Clements wrote:
For what it is worth, Linux will only forge ahead in the market by
improvements
in 2 areas. One of them is security. I would like to see 1 security suite
which
has the capability to deal with ALL threats. Windows security has to have an
anti virus, anti trojan, adware
Steve Holdoway wrote:
I don't see where Linux is unique in this regard. I also don't see why the
success of
Linux is particularly important vs BSD, Solaris, Windows, etc. But I suppose
that
discussion is for another forum.
I think the OP may beconsidering linux as a desktop.
Bowie Bailey wrote:
I found a privacy policy here:
http://www.scmagazineus.com/PrivacyPolicy/
but I can't quite figure out what it is trying to say.
Bowie
It says clearly they will provide, possibly for a fee, possibly not, all your
information to their contacts list. In addition, if
Dave Warren wrote:
In message [EMAIL PROTECTED] Dennis Peterson
[EMAIL PROTECTED] wrote:
Question: Why is this called a privacy statement rather than an invasion
of
privacy statement?
Just because their statement is you have no privacy doesn't change
that fact that it's a privacy
Gomes, Rich wrote:
I received some emails yesterday matching the following:
Infected messages:
Email.Ecard-28: 2 Message(s)
Email.Phishing.RB-1804: 2 Message(s)
Email.Phishing.RB-1806: 2 Message(s)
I think these are ClamAV-specific names, how can I find out more detailed
Gomes, Rich wrote:
Dennis, Thanks for the reply. I understand all of what you are saying, having
worked as a sysadmin for many years now. My issue is that even with most
vendors
using different naming conventions, they are usually cross-reference in any
technical info that is out there. I
Dean Brunson wrote:
I went there to cast a vote, too. I couldn't find any statement of how
they would use my e-mail address. I closed the window without voting.
Ditto - a data harvesting page if ever I've seen one. I think the least useful
piece
of info you can leave on that page is your
Jonathan Kamens wrote:
Greetings,
Recently, ClamAV version 0.90.2 with main.cvd version 44 and daily.cvd
version 4540 reported that an EXE on one of our servers was infected
with Hacktool.PCGI. This EXE came from a pretty reputable source, and
when I scanned the same file with Symantec
Sean McGlynn wrote:
Hello,
I am testing clamscan, and running the following command:
clamscan -r --move=/var/log/clam/infected -l /var/log/clam/dailyclamscanSPM
/home/justlgn/test/eicar.com
The results indicate can't open file, and that no infected files were
found. The clam log
Sean McGlynn wrote:
Dennis,
Thank you for taking the time to reply.
Yes, I am running the scan as root.
Sean
Is the home directory mounted?
Dennis
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
Dennis Peterson wrote:
Sean McGlynn wrote:
Dennis,
Thank you for taking the time to reply.
Yes, I am running the scan as root.
Sean
Is the home directory mounted?
Should have said NFS mounted.
dp
___
Help us build a comprehensive ClamAV
Sean McGlynn wrote:
The directory I am trying to scan is mounted, as is the directory to where I
want the infected files moved, if I am understanding your question.
Thanks again.
User root is frequently (and correctly) prohibited from deleting files from NFS
mounted sources. There are
Sean McGlynn wrote:
Just to be certain (It's not my first day with Linux, but I'm still
relatively new
to it), you mean NFS as in Network File System, as in mounting a remote file
system on the Linux server, correct? If correct, then no, NFS is not
involved.
Both the directory being
Rob MacGregor wrote:
On 10/14/07, Aniruddha [EMAIL PROTECTED] wrote:
Thanks for the answers, does anyone know this for sure?
Quoting the ClamAV home page:
...designed especially for e-mail scanning on mail gateways.
So no, it's not designed to detect rootkits.
I don't think it's
Pieter wrote:
Hi,
I saw indeed that this info is shown upon running freshclam. However I do
not want to trigger an update to the servers. I only want this info. Just
running freshclam will add more load to your pattern file servers which is
not needed in this case. Hence the request ...
Pieter wrote:
Hi Dennis,
Thanks. For this reply. Is it also possible to view the versions of the
local databases ? So not the version of those available at the mirrors?
(without grepping over the freshclam logfiles).
Kind regards
Pieter
If you have a daily.cvd file:
sigtool
Karsten Bräckelmann wrote:
On Wed, 2007-10-03 at 18:31 -0500, René Berber wrote:
Karsten Bräckelmann wrote:
Another downside of this approach, together with ClamAV treating mbox
format files as text/plain is, that only the first hit will be reported.
That was made to improve performance,
John W. Baxter wrote:
On 10/3/07 10:45 AM, Dennis Peterson [EMAIL PROTECTED] wrote:
Karsten Bräckelmann wrote:
On Tue, 2007-10-02 at 10:24 -0700, Dennis Peterson wrote:
Can anyone offer a reason why the OP found a virus in the mbox file but not
in the
split out maildir messages? That kind
Kapp wrote:
Probably missing something obvious. Hope someone can kick me in the right
direction.
using postfix/amavisd-new/spamassassin/clamd
Yesterday I upgraded to the latest amavisd-new and spamassassin.
Prior to the upgrade when clamd scanned the Eicar test and the
scam-sig-test
Joao S Veiga wrote:
Hi, I was getting tons of these false positives (just reportedsubmitted a
sample).
you can delete the line:
Email.FreeGame:4:*:75626a6563743a{-30}(67|47)616d65*687474703a2f2f(31|32|33|34|35|36|37|38|39)
from /var/lib/clamav/daily.inc/daily.ndb
and it will go
Joao S Veiga wrote:
Hi John,
think long and hard about the combination of payments and entities which are
reduced to using numeric IPs in URLs. I suspect my business goes elsewhere.
Agreed :-), but the problem is (and what has caused most of my problems) that
if
you have an email with
Bill Landry wrote:
Dennis Peterson wrote:
Joao S Veiga wrote:
Hi John,
think long and hard about the combination of payments and entities which
are
reduced to using numeric IPs in URLs. I suspect my business goes
elsewhere.
Agreed :-), but the problem is (and what has caused most
Karsten Bräckelmann wrote:
On Tue, 2007-10-02 at 10:24 -0700, Dennis Peterson wrote:
Can anyone offer a reason why the OP found a virus in the mbox file but not
in the
split out maildir messages? That kind of inconsistency is unsettling.
Rather easy I guess, given your analysis of the RE
Karsten Bräckelmann wrote:
On Wed, 2007-10-03 at 10:45 -0700, Dennis Peterson wrote:
Karsten Bräckelmann wrote:
Developers, read on. :)
Somewhat simplified, the signature reads Subject with the string game
and an IP style http link.
Scanning maildirs as well as scanning individual
Tomasz Kojm wrote:
On Thu, 04 Oct 2007 00:47:02 +0200
Karsten Bräckelmann [EMAIL PROTECTED] wrote:
On Wed, 2007-10-03 at 10:45 -0700, Dennis Peterson wrote:
Karsten Bräckelmann wrote:
Developers, read on. :)
Somewhat simplified, the signature reads Subject with the string game
and an IP
Nigel Horne wrote:
Run clamscan --debug mbox-format-file and look for the message
Deal with message number x
-Nigel
I have to say, that is about the worst way I've seen yet to nail down a
positive as
there is a lot of debris to wade through, and there's no indication in the
output
that a
Christoph Cordes wrote:
Am 02.10.2007 um 19:24 schrieb Dennis Peterson:
Can anyone offer a reason why the OP found a virus in the mbox file
but not in the
split out maildir messages? That kind of inconsistency is unsettling.
Just read my reply to one of your mails.
I don't see where
Micah wrote:
No and yes. But you can write a small script, perhaps even a long command,
to
do just that.
- --
René Berber
Sorry if I'm a bit thick...but how?
How can I get ClamScan to tell me what line (for a text file) matched a
signature?
Or
How can I get ClamScan to tell me
Micah wrote:
There are scripts on line you can download that will split your single file
into
individual files - each a complete message. These you scan one at a time.
After
you've found and dealt with the infected message(s) you reassemble the
individual
files into a single file again.
Micah wrote:
http://www.clamav.org/support/faq/ (the 8th item in Miscellaneous) says:
The entire process takes less than a minute here on a file of around 4g in
size.
dp
Okay, so I used mb2md to convert the mbox to 1692 files and then ran the
scanner. Check this out:
---
Chinh Nguyen Tam wrote:
Greetings,
We've notice some strange behavior of clamav in our email server for.
When we try to send some email (HTML format, Outlook 2003) with URL
inside, clamav detects these email as Email.Foolball-2 virus. If we send
the emails with the same URL in
Chinh Nguyen Tam wrote:
Dennis Peterson wrote:
Chinh Nguyen Tam wrote:
Greetings,
We've notice some strange behavior of clamav in our email server for.
When we try to send some email (HTML format, Outlook 2003) with URL
inside, clamav detects these email as Email.Foolball-2 virus. If we
Jon Wagoner - Red Cheetah wrote:
Is there any way I can disable the check for Email.FreeGame?
Is there any reason to suspect this file will ever contain a viable virus? If
not
then don't bother scanning it. Sorry I don't have an answer for your question.
dp
Jon Wagoner - Red Cheetah wrote:
Yes, I'm periodically doing scans of the full drive. I could just
skip
the mysql directory, but that seems pretty bad security practice.
Why does it seem that way to you ?
It appears clamav just does a substring match on the exclude, so it
would be easy to
Jeff Thurston wrote:
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of Chris Adams
Sent: Friday, September 28, 2007 11:48 AM
To: 'ClamAV users ML'
Subject: Re: [Clamav-users] clamd stuck at 100% cpu usage
Once upon a time, Jeff Thurston
Jeff Thurston wrote:
Please forgive my ignorance, I don't use strace very much...
I assume it is as simple as waiting for the process to get stuck at 100%
again, then 'strace -p clamd.pid` and look for... what should I look for?
Yes, pretty much it. You should probably also use the -f
Dennis Peterson wrote:
Jeff Thurston wrote:
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of Chris Adams
Sent: Friday, September 28, 2007 11:48 AM
To: 'ClamAV users ML'
Subject: Re: [Clamav-users] clamd stuck at 100% cpu usage
Once
David F. Skoll wrote:
Dennis Peterson wrote:
Yes, pretty much it. You should probably also use the -f (follow)
switch to see what the kids are doing, too.
Does strace work well with POSIX threads on Linux? My impression was not,
but maybe my information is out of date.
I'm a Solaris guy
Bill Landry wrote:
Dennis Peterson wrote the following on 9/25/2007 9:45 PM -0800:
Also - if you do all your tests up front and discover you'll need to run
multiple instances of perl you may find you can collect multiple code
segments into a single execution of Perl and get everything in one
Bill Landry wrote:
Bill Landry wrote:
After a discussion on the clamav-users list yesterday of an issue a
couple of script users were experiencing with write access to the
temporary directory, I made a change to the script to overcome this
issue. There are also a couple of other script
Jan-Pieter Cornet wrote:
On Tue, Sep 25, 2007 at 03:17:35PM -0700, Bill Landry wrote:
Epoch time:
perl -e 'print time() . \n;'
Golfed:
perl -le print+time
You can even leave the -l switch if used in ``, because the trailing
newline doesn't matter there.
It wouldn't be Perl if there
Jan-Pieter Cornet wrote:
So, TIMTOTDI squared (look ma', no perl!). This does the same as
date +%s too:
echo|awk '{print systime()}'
But not in Solaris which is where the OP's original hack was born. You
need gawk:
echo|gawk '{print systime()}'
My favorite absurd method in
Bill Landry wrote:
Okay, let's try this again. A new update has been posted that will first try
date +%s and if that fails, then it will automatically fall back to a perl
option. I didn't update the version number, just the version info:
You can rip out a lot of code (well, some code) if
Kyle Lanclos wrote:
Dennis wrote:
You can rip out a lot of code (well, some code) if you just use the Perl
date method by default and forget the date +%s stuff entirely.
Your mileage may vary.
$ time perl -le print+time
real0m0.002s
$ time date +%s
real0m0.001s
(Those
Bill Landry wrote:
Dennis Peterson wrote the following on 9/25/2007 8:06 PM -0800:
Bill Landry wrote:
Okay, let's try this again. A new update has been posted that will first
try
date +%s and if that fails, then it will automatically fall back to a perl
option. I didn't update
McGlynn, Sean (DOB) wrote:
Hello,
The /var/spool/mail/root log files on our servers are logging every file
that clamav scans, causing the files to become huge. I don't see what
in our clamd.conf configuration files would be causing this. Our
configuration file follows - any help would be
Dennis Peterson wrote:
McGlynn, Sean (DOB) wrote:
Hello,
The /var/spool/mail/root log files on our servers are logging every file
that clamav scans, causing the files to become huge. I don't see what
in our clamd.conf configuration files would be causing this. Our
configuration file
Matthias Schmidt wrote:
Hello,
I have a little problem with clamd:
the process terminates, because:
Socket file /tmp/clamd is in use by another process.
now I have no glue, which other process could use the socket file from clamd.
I set the permissions to 777 on the end, but didn't help.
Bill Landry wrote:
Thus my original questions, where is the default temporary director used
by clamscan, and how does one determine what uid/gid clamav was possibly
configured to use after-the-fact? Also, does anyone have any other
suggestions on possible ways to overcome this issue by some
Bill Landry wrote:
Thoughts anyone...?
I would also still like to know if there is a way to determine the
uid/gid set during ./configure after clamav has been installed at the
original build directory deleted.
Thanks,
Bill
Unless you are running clamscan as root the owner will be
801 - 900 of 1693 matches
Mail list logo