Mailing List Archive

[clamav-devel] New socket to manage dynamic mount/umount
‌‌Hello, In my work, we had the need to use the onaccess feature of clamav, but on new(dynamic) mount point. The actual fanoitify/inotify couldn't detect when a directory is mounted, so couldn't follow any mount. So we create a little patch to reflect what we've done against clamav v 0.99.2 In this way, we decide to test another approach : using a socket to add/remove file from the watch tree. A script monitor the mount (dbus-monitor for our needs). This has another benefit : the capacity to filter which mount point we want to follow. However, to simplify the work, we create another socket than the master, dedicated to this works (and so we could have multiple instances with different configurations). To avoid multiples way of declaring the socket, I factorize the already existent (in localserver), and use it in onaccess_ddd. The inner working is really simple : for each line written to the socket, we remove it from the watch tree (to be sure we doesn't duplicate anything).Then, we add it only if the path exist. In addition, I needed to add a little patch to desactivate onas_ddd_handle_extra_scanning. This one scan the directory even if we are "on access", and we want to avoid this. It begin at the 533 line in onaccess_ddd.c, and it is really crude (I didn't want to delete the function). The added functionnality is really a necessity for us, and any help so it could be incorporated into upstream will be appreciated :) Cordially
Re: [clamav-devel] New socket to manage dynamic mount/umount [ In reply to ]
Hi,

Thank you for your effort. Probably, the best way is to open a ticket at
bugzilla.clamav.net and describe the problem, what you have done, and
attach your patches there. Then it can be evaluated, tested, and scheduled
for including with the ClamAV code base. Also, include your name so you can
be credited for your work.

Steve


On Mon, Sep 19, 2016 at 6:03 AM, <clamav@briaeros007.org> wrote:

> ‌‌Hello, In my work, we had the need to use the onaccess feature of
> clamav, but on new(dynamic) mount point. The actual fanoitify/inotify
> couldn't detect when a directory is mounted, so couldn't follow any mount.
> So we create a little patch to reflect what we've done against clamav v
> 0.99.2 In this way, we decide to test another approach : using a socket to
> add/remove file from the watch tree. A script monitor the mount
> (dbus-monitor for our needs). This has another benefit : the capacity to
> filter which mount point we want to follow. However, to simplify the work,
> we create another socket than the master, dedicated to this works (and so
> we could have multiple instances with different configurations). To avoid
> multiples way of declaring the socket, I factorize the already existent (in
> localserver), and use it in onaccess_ddd. The inner working is really
> simple : for each line written to the socket, we remove it from the watch
> tree (to be sure we doesn't duplicate anything).Then, we add it only if the
> path exist. In addition, I needed to add a little patch to desactivate
> onas_ddd_handle_extra_scanning. This one scan the directory even if we
> are "on access", and we want to avoid this. It begin at the 533 line in
> onaccess_ddd.c, and it is really crude (I didn't want to delete the
> function). The added functionnality is really a necessity for us, and any
> help so it could be incorporated into upstream will be appreciated :)
> Cordially
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> http://www.clamav.net/contact.html#ml
>
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

http://www.clamav.net/contact.html#ml