Masterwishx Posted January 23 Share Posted January 23 4 hours ago, Revan335 said: He was configured ones and not thinking changed when a new Share was created. Only excluded Shares are changed when as needed. This will take a lot of time to scan all shares, so better to select only what you need Quote Link to comment
Masterwishx Posted January 23 Share Posted January 23 4 hours ago, Revan335 said: Can you fix this in the template? Do you have 99:100 permissions for Folder clamav As in container? Quote Link to comment
nate.smith317 Posted January 23 Share Posted January 23 (edited) When I start the ClamAV container, the scan never seems to start. If I manually invoke ClamAV on the /scan directory, it starts and runs interactively in my terminal. When I check the logs, I do not see where the scan starts. What am I doing wrong? Thanks! clamav.txt freshclam.txt Edited January 23 by nate.smith317 Added log copy and paste Quote Link to comment
Masterwishx Posted January 23 Share Posted January 23 2 hours ago, nate.smith317 said: When I start the ClamAV container, the scan never seems to start. What setting in parameter of container? It's better to use script for container to use it. Quote Link to comment
TQ Posted January 23 Author Share Posted January 23 4 hours ago, Masterwishx said: Do you have 99:100 permissions for Folder clamav As in container? Thanks Masterwishx for highlighting this. Indeed, 99:100 is the "Docker Safe Permission" user:group that is set when you run that script (nobody:users). Also, the built-in "newperms" runs this same change. If you have permission issues in your environment, I'd recommend either of these options on your ClamAV folder and running again. 1 Quote Link to comment
Revan335 Posted January 24 Share Posted January 24 ~# ls -la /mnt/cache/appdata/clamav total 20 drwxr-xr-x 2 nobody users 4 Jan 24 18:00 ./ drwxrwxrwx 14 nobody users 14 Aug 14 19:29 ../ -rw-rw-rw- 1 root root 206 Jan 24 18:00 clamavloglast.txt -rw-r--r-- 1 root root 146 Jan 24 18:00 clamavmaplog.txt ~# newperms /mnt/cache/appdata/clamav Processing: /mnt/cache/appdata/clamav ... chmod -R u-x,go-rwx,go+u,ugo+X /mnt/cache/appdata/clamav ... chown -R nobody:users /mnt/cache/appdata/clamav ... sync Completed, elapsed time: 00:00:00 ~# ls -la /mnt/cache/appdata/clamav total 20 drwxrwxrwx 2 nobody users 4 Jan 24 18:00 ./ drwxrwxrwx 14 nobody users 14 Aug 14 19:29 ../ -rw-rw-rw- 1 nobody users 206 Jan 24 18:00 clamavloglast.txt -rw-rw-rw- 1 nobody users 146 Jan 24 18:00 clamavmaplog.txt Hmmm, why is this not default when the Docker Container created the Folder? Quote Link to comment
Revan335 Posted January 24 Share Posted January 24 I don't have the clamavtargets.txt Quote Link to comment
Revan335 Posted February 5 Share Posted February 5 A Scan Time from under 1 Minute is very strange. That's to fast! For multiple Folders or generally. Who can I see the reason and fix that? Quote Link to comment
TQ Posted February 5 Author Share Posted February 5 A Scan Time from under 1 Minute is very strange. That's to fast! For multiple Folders or generally. Who can I see the reason and fix that?I would start with the docker logs of the container. See what the errors tell you. Quote Link to comment
Revan335 Posted February 5 Share Posted February 5 (edited) 35 minutes ago, TQ said: I would start with the docker logs of the container. See what the errors tell you. The Log is not realy full. From the Logs from the appdata Folder. 2024-02-05T18:00:01+01:00 ClamAV process starting Unpdating ClamAV scan DB ClamAV update process started at Mon Feb 5 18:00:01 2024 daily database available for update (local version: 27175, remote version: 27176) Testing database: '/var/lib/clamav/tmp.f4fcca8fc9/clamav-c9679ca3d16a35cbd8ef83a889b2effa.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 27176, sigs: 2052336, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg) Freshclam updated the DB ClamAV 1.2.1/27176/Mon Feb 5 10:35:30 2024 Scanning /scan ----------- SCAN SUMMARY ----------- Known viruses: 8684206 Engine version: 1.2.1 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 13.233 sec (0 m 13 s) Start Date: 2024:02:05 18:00:07 End Date: 2024:02:05 18:00:20 The Docker Container Log: WARNING: Clamd was NOT notified: Can't connect to clamd through /run/clamav/clamd.sock: No such file or directory LibClamAV Warning: Max file-size was set to 4294967296 bytes. Unfortunately, scanning files greater than 2147483647 bytes (2 GiB - 1) is not supported. WARNING: Only scanning files from --file-list (files passed at cmdline are ignored) ERROR: --file-list: Can't open file /scan/appdata/clamav/clamavtargets.txt LibClamAV Warning: Max file-size was set to 4294967296 bytes. Unfortunately, scanning files greater than 2147483647 bytes (2 GiB - 1) is not supported. WARNING: Only scanning files from --file-list (files passed at cmdline are ignored) ERROR: --file-list: Can't open file /scan/appdata/clamav/clamavtargets.txt WARNING: Clamd was NOT notified: Can't connect to clamd through /run/clamav/clamd.sock: No such file or directory LibClamAV Warning: Max file-size was set to 4294967296 bytes. Unfortunately, scanning files greater than 2147483647 bytes (2 GiB - 1) is not supported. WARNING: Only scanning files from --file-list (files passed at cmdline are ignored) ERROR: --file-list: Can't open file /scan/appdata/clamav/clamavtargets.txt bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg) Freshclam updated the DB ClamAV 1.2.1/27175/Sun Feb 4 10:36:45 2024 Scanning /scan ----------- SCAN SUMMARY ----------- Known viruses: 8684116 Engine version: 1.2.1 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 13.054 sec (0 m 13 s) Start Date: 2024:02:04 12:04:34 End Date: 2024:02:04 12:04:47 2024-02-04T18:00:01+01:00 ClamAV process starting Unpdating ClamAV scan DB ClamAV update process started at Sun Feb 4 18:00:01 2024 daily.cld database is up-to-date (version: 27175, sigs: 2052246, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg) Freshclam updated the DB ClamAV 1.2.1/27175/Sun Feb 4 10:36:45 2024 Scanning /scan ----------- SCAN SUMMARY ----------- Known viruses: 8684116 Engine version: 1.2.1 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 12.743 sec (0 m 12 s) Start Date: 2024:02:04 18:00:01 End Date: 2024:02:04 18:00:14 2024-02-05T18:00:01+01:00 ClamAV process starting Unpdating ClamAV scan DB ClamAV update process started at Mon Feb 5 18:00:01 2024 daily database available for update (local version: 27175, remote version: 27176) Testing database: '/var/lib/clamav/tmp.f4fcca8fc9/clamav-c9679ca3d16a35cbd8ef83a889b2effa.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 27176, sigs: 2052336, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg) Freshclam updated the DB ClamAV 1.2.1/27176/Mon Feb 5 10:35:30 2024 Scanning /scan ----------- SCAN SUMMARY ----------- Known viruses: 8684206 Engine version: 1.2.1 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 13.233 sec (0 m 13 s) Start Date: 2024:02:05 18:00:07 End Date: 2024:02:05 18:00:20 ** Drücke eine BELIEBIGE TASTE, um dieses Fenster zu schließen ** Apparently something has been changed in the max file size. I change this Parameter to 2 GB. Here the Files from the appdata Folder. # ls -la /mnt/user/appdata/clamav/ total 361649 drwxrwxrwx 2 nobody users 9 Feb 5 22:06 ./ drwxrwxrwx 33 nobody users 33 Nov 3 21:38 ../ -rw-r--r-- 1 100 console 291965 Apr 7 2023 bytecode.cvd -rw-r--r-- 1 root root 990 Feb 5 18:00 clamavloglast.txt -rw-r--r-- 1 root root 895 Feb 5 18:00 clamavmaplog.txt -rw-r--r-- 1 root root 215 Feb 5 18:00 clamavtargets.txt -rw-r--r-- 1 100 console 198986752 Feb 5 18:00 daily.cld -rw-r--r-- 1 100 console 69 Apr 24 2022 freshclam.dat -rw-r--r-- 1 100 console 170479789 Apr 24 2022 main.cvd Edited February 5 by Revan335 Quote Link to comment
TQ Posted February 5 Author Share Posted February 5 ERROR: --file-list: Can't open file /scan/appdata/clamav/clamavtargets.txt WARNING: Only scanning files from --file-list (files passed at cmdline are ignored) ERROR: --file-list: Can't open file /scan/appdata/clamav/clamavtargets.txt WARNING: Only scanning files from --file-list (files passed at cmdline are ignored) ERROR: --file-list: Can't open file /scan/appdata/clamav/clamavtargets.txt This error is at the top. This is your issue. You've explicitly set "--file-list" but the container cannot see that file, or has no permission to it. Quote Link to comment
Revan335 Posted February 5 Share Posted February 5 26 minutes ago, TQ said: You've explicitly set "--file-list" but the container cannot see that file, or has no permission to it. Whats Permissisons are needed? Quote Link to comment
TQ Posted February 6 Author Share Posted February 6 Whats Permissisons are needed?Read at minimum Quote Link to comment
Revan335 Posted February 6 Share Posted February 6 9 hours ago, Revan335 said: Here the Files from the appdata Folder. # ls -la /mnt/user/appdata/clamav/ total 361649 drwxrwxrwx 2 nobody users 9 Feb 5 22:06 ./ drwxrwxrwx 33 nobody users 33 Nov 3 21:38 ../ -rw-r--r-- 1 100 console 291965 Apr 7 2023 bytecode.cvd -rw-r--r-- 1 root root 990 Feb 5 18:00 clamavloglast.txt -rw-r--r-- 1 root root 895 Feb 5 18:00 clamavmaplog.txt -rw-r--r-- 1 root root 215 Feb 5 18:00 clamavtargets.txt -rw-r--r-- 1 100 console 198986752 Feb 5 18:00 daily.cld -rw-r--r-- 1 100 console 69 Apr 24 2022 freshclam.dat -rw-r--r-- 1 100 console 170479789 Apr 24 2022 main.cvd 3 hours ago, TQ said: Read at minimum Read is exist for everyone. Quote Link to comment
TQ Posted February 6 Author Share Posted February 6 4 hours ago, Revan335 said: Read is exist for everyone. Permissions are correct. But the error persists. Perhaps your volume mounts are not correct. Do you have a volume mounted for the directory you are trying to scan as well as the file that has the scan folders in it? From my Github documentation: docker run -d --name=ClamAV \ --cpuset-cpus='0,1' \ -v /path/to/scan:/scan:ro \ -v /path/to/sig:/var/lib/clamav:rw \ tquinnelly/clamav-alpine -i --log=/var/lib/clamav/log.log --max-filesize=2048M That path to "signatures" is the path you are working with. Is that path mounted? If not, you have to mount it before calling a file in it. It also is relevant to the container path, not the host. --file-list: Can't open file /scan/appdata/clamav/clamavtargets.txt If you've mounted it as in my example, it would be: --file-list=/var/lib/clamav/clamavtargets.txt Quote Link to comment
Revan335 Posted February 6 Share Posted February 6 (edited) docker run -d --name='ClamAV' --net='bridge' -e TZ="Europe/Berlin" -e HOST_OS="Unraid" -e HOST_HOSTNAME="***" -e HOST_CONTAINERNAME="ClamAV" -e 'USER_ID'='99' -e 'GROUP_ID'='100' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.icon='https://github.com/tquizzle/clamav-alpine/blob/master/img/clamav.png?raw=1' -v '/mnt/user':'/scan':'ro' -v '/mnt/user/appdata/clamav':'/var/lib/clamav':'rw' 'tquinnelly/clamav-alpine' -i --log=/var/lib/clamav/log.log --max-filesize=2048M --max-scansize=2048M -f --file-list=/scan/appdata/clamav/clamavtargets.txt Yes, its mounted from the Default Template. With this, we became the same error: docker run -d --name='ClamAV' --net='bridge' -e TZ="Europe/Berlin" -e HOST_OS="Unraid" -e HOST_HOSTNAME="***" -e HOST_CONTAINERNAME="ClamAV" -e 'USER_ID'='99' -e 'GROUP_ID'='100' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.icon='https://github.com/tquizzle/clamav-alpine/blob/master/img/clamav.png?raw=1' -v '/mnt/user':'/scan':'ro' -v '/mnt/user/appdata/clamav':'/var/lib/clamav':'rw' 'tquinnelly/clamav-alpine' -i --log=/var/lib/clamav/log.log --max-filesize=2048M --max-scansize=2048M -f --file-list=/var/lib/clamav/clamavtargets.txt WARNING: Only scanning files from --file-list (files passed at cmdline are ignored) ERROR: --file-list: Can't open file --file-list=/var/lib/clamav/clamavtargets.txt 2024-02-06T13:44:10+01:00 ClamAV process starting Unpdating ClamAV scan DB ClamAV update process started at Tue Feb 6 13:44:10 2024 daily.cld database is up-to-date (version: 27177, sigs: 2052428, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg) Freshclam updated the DB ClamAV 1.2.1/27177/Tue Feb 6 10:34:50 2024 Scanning /scan ----------- SCAN SUMMARY ----------- Known viruses: 8684298 Engine version: 1.2.1 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 12.888 sec (0 m 12 s) Start Date: 2024:02:06 13:44:10 End Date: 2024:02:06 13:44:23 Edited February 6 by Revan335 Quote Link to comment
TQ Posted February 6 Author Share Posted February 6 Maybe try without scan targets txt file. In the errors, you can see the container cannot open that file Quote Link to comment
Revan335 Posted February 7 Share Posted February 7 On 2/6/2024 at 2:07 PM, TQ said: Maybe try without scan targets txt file. In the errors, you can see the container cannot open that file OK, without that. Its Running longer. This is the actually log: 2024-02-07T17:21:25+01:00 ClamAV process starting Unpdating ClamAV scan DB ClamAV update process started at Wed Feb 7 17:21:26 2024 daily database available for update (local version: 27177, remote version: 27178) Testing database: '/var/lib/clamav/tmp.ca29159519/clamav-29d3efd36d02b5b2da1c73d66e4f2cac.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 27178, sigs: 2052470, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg) WARNING: Clamd was NOT notified: Can't connect to clamd through /run/clamav/clamd.sock: No such file or directory Freshclam updated the DB ClamAV 1.2.1/27178/Wed Feb 7 10:35:39 2024 Scanning /scan But why have my two Servers this Permission Error? With or without the Improved Script from @Masterwishx Quote Link to comment
TQ Posted February 7 Author Share Posted February 7 5 hours ago, Revan335 said: OK, without that. Its Running longer. This is the actually log: 2024-02-07T17:21:25+01:00 ClamAV process starting Unpdating ClamAV scan DB ClamAV update process started at Wed Feb 7 17:21:26 2024 daily database available for update (local version: 27177, remote version: 27178) Testing database: '/var/lib/clamav/tmp.ca29159519/clamav-29d3efd36d02b5b2da1c73d66e4f2cac.tmp-daily.cld' ... Database test passed. daily.cld updated (version: 27178, sigs: 2052470, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg) WARNING: Clamd was NOT notified: Can't connect to clamd through /run/clamav/clamd.sock: No such file or directory Freshclam updated the DB ClamAV 1.2.1/27178/Wed Feb 7 10:35:39 2024 Scanning /scan But why have my two Servers this Permission Error? With or without the Improved Script from @Masterwishx Permissions have nothing to do with @Masterwishx script. The should inherit from the UID/GID passed via the container. Quote Link to comment
TQ Posted February 7 Author Share Posted February 7 I was able to utilize the --file-list option and scanned a specific directory (a subdirectory of /scan) ... daily.cld database is up-to-date (version: 27178, sigs: 2052470, f-level: 90, builder: raynman) main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg) Freshclam updated the DB ClamAV 1.2.1/27178/Wed Feb 7 03:35:39 2024 Scanning /scan WARNING: Only scanning files from --file-list (files passed at cmdline are ignored) ----------- SCAN SUMMARY ----------- Known viruses: 8684340 Engine version: 1.2.1 Scanned directories: 29 Scanned files: 1427 Infected files: 0 Data scanned: 65.70 MB Data read: 25121.64 MB (ratio 0.00:1) Time: 271.660 sec (4 m 31 s) Start Date: 2024:02:07 16:40:51 End Date: 2024:02:07 16:45:23 2024-02-07T16:45:23-06:00 ClamAV scanning finished Latest reconfigured container options: docker run -d --name='ClamAV' --net='bridge' --cpuset-cpus='0,1' -e TZ="America/Chicago" -e HOST_OS="Unraid" -e HOST_HOSTNAME="" -e HOST_CONTAINERNAME="ClamAV" -e 'USER_ID'='99' -e 'GROUP_ID'='100' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.icon='https://github.com/tquizzle/clamav-alpine/blob/master/img/clamav.png?raw=1' -v '/mnt/cache/appdata/downloads/':'/scan':'ro' -v '/mnt/cache/appdata/clamav':'/var/lib/clamav':'rw' 'tquinnelly/clamav-alpine' -i --file-list=/var/lib/clamav/scanfiles --log=/var/lib/clamav/log.log --max-filesize=2040M File list: scanfiles /scan/subdirectory/another-directory The key point here is that the reference to these supporting files passed in as vars are from the containers path, not the host. Hope this helps anyone facing this challenge. Quote Link to comment
Revan335 Posted February 7 Share Posted February 7 (edited) 31 minutes ago, TQ said: --file-list=/var/lib/clamav/scanfiles This is a directory? 31 minutes ago, TQ said: File list: scanfiles /scan/subdirectory/another-directory This is the Entry of scanfiles but than he is a txt file and not a directory? And without the -f Parameter? For example /scan/download/testfolder Edited February 7 by Revan335 Quote Link to comment
Revan335 Posted February 7 Share Posted February 7 Maybe I got it: -i --log=/var/lib/clamav/log.log --max-filesize=2048M --max-scansize=2048M --file-list=/var/lib/clamav/clamavtargets.txt Without the -f I monitoring this. At the next run. Can you update the Template with the new Information's/Parameters? Quote Link to comment
TQ Posted February 8 Author Share Posted February 8 2 hours ago, Revan335 said: This is a directory? No, it is a file that has the contents that is listed below. 2 hours ago, Revan335 said: This is the Entry of scanfiles but than he is a txt file and not a directory? For example /scan/download/testfolder Yes. -f is the shorthand version of --file-list Quote Link to comment
Revan335 Posted February 8 Share Posted February 8 On 2/5/2024 at 10:01 PM, Revan335 said: WARNING: Clamd was NOT notified: Can't connect to clamd through /run/clamav/clamd.sock: No such file or directory Can I fix this? Quote Link to comment
doogle Posted February 10 Share Posted February 10 (edited) Anyone know how to get clamav to not scan .iso files. I would like to use it from the command line and not write a mile long script. I have tried --exclude=*.iso and ?.iso but neither one worked. If I have posted this in the wrong spot. please excuse me. I tried doing a search for this but when it returns 10 plus pages... what is the point of a search. This forum software kinda sucks. Edited February 10 by doogle additional info Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.