Elsewhere, I've seen that AppArmor or SELinux can cause problems for clamdscan.
If you run sudo aa-complain clamd
and the re-scan works, that's probably your issue. (Be sure to re-enable it with sudo aa-enforce clamd
.)
To temporarily disable SELinux, which I haven't run on Ubuntu, you can try
echo 0 > /selinux/enforce
. We can follow up with that if you're running SELinux.
update: Here's a very interesting thread from launchpad: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/450250 .
I would follow Jamie Strandboge's comments there to eliminate AppArmor profiles as the culprit.
If these aren't applicable the hack that springs to mind is piping a directory to standard output via tar, and feeding that into clamdscan (which is a variation on what you've mentioned for a single file). I think that would look something like :
tar -cvf --to-stdout /somedirectory | clamdscan -
You should be able to get the most recent packaged version of clamav from the Ubuntu Clamav team from their ppa : https://launchpad.net/~ubuntu-clamav/+archive/ppa
Also, from the ClamAV site: "If you are going to submit a bug report, always check it against the latest development code ." (Assuming you haven't already done this) You'll have to pull that code manually from their Git repository and compile it.
For bug reporting on the Ubuntu packages, please see http://askubuntu.com...how-do-i-report-a-bug .
=======
One thing to note, is that as far as I can tell, it is clamscan
and not clamdscan
which is supposed to just work unproblematically in your home directory.
Ubuntu presents some possible complication (with the very desirable security increase) by having apparmor turned on by default.
(clamdscan requires the clamav daemon to be running -- clamscan, more of an ad-hoc user-oriented package, does not. With the additional features of clamdscan/clamd, there is added complexity overhead.)
Yet, against that, the bug for clamdscan
and apparmor mentioned in the bug from this post should have been corrected by the time of the current package.
Updated
attempts to reproduce and resolve
I don't think I can completely reproduce your environment or control for user error (definitely mine and possibly yours), however I've reproduced what I think is the same issue under the same version of clamav you have.
Additionally, I've downloaded the latest code from the git repository, compiled and installed it, and still have the issue.
I don't have SELinux, but I do have AppArmor. Have I correctly accounted for that? I'm not 100%. I still get the permission denied errors after turning off AppArmor though.
=======
Terminal
At first you have to update the virus definitions with:
sudo freshclam
Then you can scan for viruses.
clamscan OPTIONS File/Folder
If necessary start with root permissions: sudo clamscan
.
Examples:
To check all files on the computer, displaying the name of each file:
clamscan -r /
To check all files on the computer, but only display infected files and ring a bell when found:
clamscan -r --bell -i /
To scan all files on the computer but only display infected files when found and have this run in the background:
clamscan -r -i / &
Note - Display background process's status by running the jobs
command.
To check files in the all users home directories:
clamscan -r /home
To check files in the USER
home directory and move infected files to another folder:
clamscan -r --move=/home/USER/VIRUS /home/USER
To check files in the USER
home directory and remove infected files (WARNING: Files are gone.):
clamscan -r --remove /home/USER
To see more options:
clamscan --help
See:
Graphical User Interface: ClamTK
ClamTk is a frontend for ClamAV. You can install it via Terminal with:
sudo apt-get install clamtk
You can get the latest version from Bitbucket as Debian package.
There is also a PPA (Outdated):
sudo apt-add-repository ppa:landronimirc/clamtk
sudo apt-get update && sudo apt-get install clamtk
Scan Menu: Here you can choose a file, folder or a device for scanning
View Menu:
Quarantine Menu:
Advanced Menu:
Help Menu: Here you can check for updates.
See:
Best Answer
I would use
cron
for this instead of strictly usingbash
. In the directory/etc/cron.daily/
create a small scriptclamavscan.sh
that looks like:Then be sure to make the script executable with
chmod +x clamavscan.sh
. This should run the clamscan of your home directory once daily at 6:25 (as you can see in the file/etc/crontab
).To have ClamAV scan you entire machine, you should just be able to run
clamscan /
, although this might require root privileges to really scan everything.