Bug 12001 – Feature-Request: exclude files from files in a directory

Bug 12001 - Feature-Request: exclude files from files in a directory


Summary:	Feature-Request: exclude files from files in a directory

Status:	NEW

Product:	ClamAV
Classification:	ClamAV
Component:	clamscan
Version:	0.99.3
Hardware:	x86_64 GNU/Linux

Importance:	P3 normal
Target Milestone:	feature_request
Assigned To:	ClamAV team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2017-12-20 04:43 EST by A. Schulze
Modified:	2018-01-08 01:17 EST (History)
CC List:	2 users (show)

See Also:
QA Contact:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description A. Schulze 2017-12-20 04:43:24 EST

clamscan can exclude files/directories by naming them via command-line arguments:
$ clamscan / --exclude-dir /tmp

It would be helpful if clam(d)scan could look in a directory (for example --exclude-from-dir=/etc/clamav/clamscan.exclude.d/)
Any file in that directory is expected to contain file- or directrorynames that should be excluded.

Using a direcrory for that purpose is common on Debian and implemented as "run-parts" in a generic way.
see https://manpages.debian.org/stretch/debianutils/run-parts.8.en.html

Maybe such a feature may be implemented in clamav.
I think such a feature will be helpfull for other user, too.
(Maybe similar feature request already exist from other users)

Comment 1 Micah Snyder 2017-12-20 06:53:35 EST

Presently clamd.conf has a config option "ExcludePath" that use can use as many times as you need to exclude directories.  This only affects clamd/clamdscan. 

Is this sufficient for your needs?

Comment 2 A. Schulze 2017-12-20 09:00:05 EST

clamd.conf config option "ExcludePath" is not different to --exclude-file/--exclude-path

and clamdscan isn't the target. consider a cronjob:
 - run freshclam
 - run clamscan
 - report
 - exit and don't consume any resource until next run

Comment 3 Micah Snyder 2017-12-20 12:44:29 EST

Provided that clamd is running in the background, your cronjob could use clamdscan instead.

I can appreciate that it would be nice to bring the exclude feature to clamscan so you don't to have clamd consuming some memory resources in the background.  

We have marked your ticket as a feature request.  Hopefully we will have time to investigate it in the future.  In the meantime, I encourage you to set up clamd with the ExcludePath options.

Comment 4 A. Schulze 2017-12-20 12:58:50 EST

thanks for accepting this as feature request.

Running clamd+clamdscan is not an option because we have to run clamscan as different users to be able to access /all/ files. Otherwise clamd must be run with maximal privileges (root) which we like to avoid.

would it be helpful to sponsor such an enhancement?

Comment 5 Micah Snyder 2017-12-21 13:27:16 EST

I'm not sure what you mean by 'sponsor'.  If you can clarify, that would help. 

I can tell you that I don't hav the authority to make that decision either way.  I will bring it up with my management.

Comment 6 A. Schulze 2018-01-08 01:13:29 EST

sponsor = spend some money

Comment 7 A. Schulze 2018-01-08 01:17:27 EST

Gene Heskett wrote a summary on clamav-users regarding a similar feature in "Amanda", a backup util.

http://lists.clamav.net/pipermail/clamav-users/2018-January/005574.html