Hi there,
On Mon, 17 Oct 2022, Jason Hamrick via clamav-users wrote:
> I am receiving an error in the logs that I am being blocked until a
> specified time this evening. I am not able to load any new files into the
> unscanned bucket, they continue to error out.
It would be more helpful if instead of paraphrasing error messages you
could copy and paste them into your emails so that we can see exactly
what you see.
> To perform a scan of a file, you simply upload the file to the unscanned
> data bucket. Currently, I receive an error that I am blocked.
It seems to me that the supplier of your platform (presumably Google)
has done something creative and perhaps not entirely helpful. Your
description doesn't resemble anything which I recognize as what I'd
call normal ClamAV usage. Let me explain.
In what I'd call normal ClamAV usage you have a platform (some
computer with an operating system, for example Linux or Windows).
This platform has a filesystem which unsurprisingly contains files.
The operating system, through things like shells, scripts, crontabs
and other fun stuff lets you run commands. One of the ways you can
run them is by typing the name of the command at the shell prompt.
Often the point of installing new software is to get new commands that
you can run. Installing ClamAV amongst other things lets you run
commands like 'clamconf' and 'clamscan'. When you run 'clamscan' you
tell it what you want to scan, usually by giving the pathname of a
file (or many files) to be scanned. The scan then takes place, and
clamscan reports what it has found. There's no copying of files to be
scanned into buckets or whatever, they're scanned 'in situ' - exactly
where they are. If you're going to scan a lot of big files it's very
inefficient to have to copy them from place to place to do that but I
grant that the act of copying a file to this 'bucket' of yours might
not truly be copying the data - it might be something like linking.
Your description of the scanning process puzzles me, and so far you've
shown me no convincing evidence that the blocking that you're talking
about has anything at all to do with ClamAV but if you can let us have
detailed log messages we might after all find that's the case.
Apparently you have a shell prompt because you can get "command not
found" from it when you type a command. Unfortunately you don't seem
to be able to run a fundamental utility of a ClamAV installation, the
one which tells you for example how ClamAV is configured. Perhaps you
have what's called a 'restricted shell' which doesn't let you run any
old command just like that. It would make some sort of sense. Maybe
you can find out from the supplier. If that's not the explanation the
command might just not be on the shell's default search path. Not
being able to run it is a problem. Maybe all you need to do is set an
environment variable, or give the full pathname so your shell can find
the command, but I can't believe your platform supplier has made that
omission by accident.
> When I attempt to run that command in the cloud shell it reports back:
> command not found.
I think the supplier of your platform is playing games. I wonder if
in playing these games the requirements of the ClamAV GPLv2 licence
are being met:
https://en.wikipedia.org/wiki/GNU_General_Public_License#Version_2 Well we don't seem to be getting very far here.
To help you much more than this I think I'd need to know a lot more
about your platform than I really want to know but if you can let us
have those log messages we'll at least have somewhere to start from.
--
73,
Ged.
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat