Clamav connection timeout error

  • Hello all,


    Anybody in here has this Clamav issue ?




    Code
    ii clamav 0.102.2+dfsg-0+deb10u1 amd64 anti-virus utility for Unix - command-line interface
    ii clamav-base 0.102.2+dfsg-0+deb10u1 all anti-virus utility for Unix - base package
    ii clamav-daemon 0.102.2+dfsg-0+deb10u1 amd64 anti-virus utility for Unix - scanner daemon
    ii clamav-freshclam 0.102.2+dfsg-0+deb10u1 amd64 anti-virus utility for Unix - virus database update utility
    ii libclamav9:amd64 0.102.2+dfsg-0+deb10u1 amd64 anti-virus utility for Unix - library
    ii openmediavault-clamav 5.0.9-1 all openmediavault ClamAV plugin
  • Post by Schorschlhuber ().

    This post was deleted by the author themselves ().
  • IMO clamav on-access scanning is currently unusable due their refactoring in the latest version. Simply do not use it at the moment.


    votdev, do you have any more information (or links) that show confirmation of the refactoring breaking on-access scanning?


    We've noticed this in our testing as well but I can't find any further references online to that error except for this thread. I've taken a look at recent bugs in https://bugzilla.clamav.net/ but I don't see anything describing this issue.

  • votdev, do you have any more information (or links) that show confirmation of the refactoring breaking on-access scanning?


    We've noticed this in our testing as well but I can't find any further references online to that error except for this thread. I've taken a look at recent bugs in https://bugzilla.clamav.net/ but I don't see anything describing this issue.

    I have no reference, but they mention in the documentation that the whole on-access scanner has been refactored in the latest version.

  • I have no reference, but they mention in the documentation that the whole on-access scanner has been refactored in the latest version.

    Okay thanks, I've gone ahead and created a Bugzilla request and posted to their mailing list:


    https://bugzilla.clamav.net/show_bug.cgi?id=12563 (you probably can't see this, security locked by default, hopefully they open it up)

    https://lists.clamav.net/piper…sers/2020-May/009567.html

  • Okay thanks, I've gone ahead and created a Bugzilla request and posted to their mailing list:


    https://bugzilla.clamav.net/show_bug.cgi?id=12563 (you probably can't see this, security locked by default, hopefully they open it up)

    https://lists.clamav.net/piper…sers/2020-May/009567.html

    I found a work-around. It's not ideal, but it seems to work.


    The issue has to do with the --fdpass option in clamonacc. If you drop that and have clamd daemon scan the file directly using it's own privileges, the On-Access Scanning works fine. Unfortunately, depending on your use case this might mean you have to run clamd as a privileged user.


    I hope it gets fixed upstream as well, --fdpass works in clamdscan but not clamonacc, so hopefully it's just a matter of comparing that implementation between those two utilities.


    Hope this helps.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!