Hi there,
On Fri, 12 Mar 2021, John Pfuntner -X (jpfuntne - EASI LLC at Cisco) via
clamav-users wrote:
I've been experimenting with ClamAV on various Linux distributions
and have had trouble doing on-access scanning on CentOS 8 machines -
everything installs fine and I can do on-demand scanning with
clamscan but on-access scanning isn't preventing me from accessing a
test infected file. I see this behavior right now with ClamAV
0.103.0 on:
AWS CentOS 8.2 (4.18.0-193.6.3.el8_2.x86_64)
GCP CentOS 8.3 (4.18.0-240.10.1.el8_3.x86_64)
I've got a repo with Ansible playbooks to do the installation and
test on-access on on-demand testing:
https://github.com/pfuntner/clamav-onacc. I've gotten successes
consistently using the same playbooks with Debian 9 and 10.
Am I doing something wrong?
Sorry, I have no experience of Centos, but there are surely Centos
users lurking here. Until one pops up, my wild guess - no, you aren't
doing anything wrong but you might need to do some more work. And my
speculation - look into the kernel configurations.
A quick search found this:
https://marc.info/?l=clamav-users=160824995205483=2
(Doesn't Cisco own Sourcefire? :)
--
73,
Ged.
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml