Open staskysel opened 4 months ago
Hi,
Thank you for your submission.
We don't use O_NOATIME because it is required that the UID of the process match the owner UID of the file, and clam is not guaranteed to be run by the owner of all the files it scans.
Thanks, Andy
Describe the bug
clamscan opens scanned files without using O_NOATIME, and thus resets access time. Since typically all files are scanned on filesystem, this basically defeats using atime for anything. atime is used for example by tmpfiles.d to determine file age, so clamscan breaks tmpfiles.d.
How to reproduce the problem
check atime again and see that it has changed Here is transcript:
[test10@test001 ~]$ mkdir test [test10@test001 ~]$ perl -e 'print "A" x 1024' >test/file [test10@test001 ~]$ ls -lau --full-time test/file -rw-r--r--. 1 test10 test10 1024 2024-04-29 10:34:25.865646505 -0400 test/file [test10@test001 ~]$ clamscan -r test Loading: 24s, ETA: 0s [========================>] 8.69M/8.69M sigs
Compiling: 8s, ETA: 0s [========================>] 41/41 tasks
/home/test10/test/file: OK
----------- SCAN SUMMARY ----------- Known viruses: 8692057 Engine version: 1.3.1 Scanned directories: 1 Scanned files: 1 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 35.174 sec (0 m 35 s) Start Date: 2024:04:29 10:42:12 End Date: 2024:04:29 10:42:47 [test10@test001 ~]$ ls -lau --full-time test/file -rw-r--r--. 1 test10 test10 1024 2024-04-29 10:42:45.412563874 -0400 test/file [test10@test001 ~]$ rpm -q clamav clamav-1.3.1-1.x86_64
Checking configuration files in /usr/local/etc
clamd.conf not found
Config file: freshclam.conf
DatabaseMirror = "database.clamav.net"
clamav-milter.conf not found
Software settings
Version: 1.3.1 Optional features supported: MEMPOOL AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON RAR
Database information
Database directory: /usr/local/share/clamav WARNING: freshclam.conf and clamd.conf point to different database directories daily.cvd: version 27260, sigs: 2060227, built on Mon Apr 29 04:23:47 2024 bytecode.cvd: version 335, sigs: 86, built on Tue Feb 27 10:37:24 2024 main.cvd: version 62, sigs: 6647427, built on Thu Sep 16 08:32:42 2021 Total number of signatures: 8707740
Platform information
uname: Linux 4.18.0-513.18.1.el8_9.x86_64 #1 SMP Thu Feb 1 03:51:05 EST 2024 x86_64 OS: Linux, ARCH: x86_64, CPU: x86_64 zlib version: 1.3.1 (1.3.1), compile flags: a9 platform id: 0x0a21c9c90800000002040805
Build information
GNU C: 4.8.5 20150623 (Red Hat 4.8.5-44) (4.8.5) sizeof(void*) = 8 Engine flevel: 201, dconf: 201
Attachments