In file included from fan.c:38:0: fan-syscalllib.h:14:3: error: #error "System call numbers not defined for this architecture" Because: #if defined(__x86_64__) [...] #elif defined(__i386__) [...] #else # error "System call numbers not defined for this architecture" #endif Wow. Luckily, configure has --disable-fanotify. Testing...
(In reply to Jeroen Roovers from comment #0) > Wow. Luckily, configure has --disable-fanotify. Testing... --- clamav-0.98.ebuild 3 Oct 2013 15:59:21 -0000 1.2 +++ clamav-0.98.ebuild 5 Oct 2013 16:07:51 -0000 @@ -42,6 +42,7 @@ src_configure() { econf \ --disable-experimental \ + --disable-fanotify \ --enable-id-check \ --with-dbdir="${EPREFIX}"/var/lib/clamav \ --with-system-tommath \ I just committed that until we have a proper fix for the issue.
Created attachment 372892 [details, diff] patch unistd.h (included earlier in that file) provides the definitions of the syscall numbers. I think literally all that's needed is the removal of that #if defined ... block. Try this.
Just removing --disable-fanotify from the ebuild works for me on clamav-0.98 and clamav-0.98.1, and on-access scanning also seems working. # emerge --info Portage 2.2.8-r1 (default/linux/amd64/13.0, gcc-4.7.3, glibc-2.17, 3.12.13-gentoo x86_64) ================================================================= System uname: Linux-3.12.13-gentoo-x86_64-Intel-R-_Core-TM-_i5-3210M_CPU_@_2.50GHz-with-gentoo-2.2 KiB Mem: 8048812 total, 4917352 free KiB Swap: 0 total, 0 free Timestamp of tree: Sat, 22 Mar 2014 14:45:01 +0000 ld GNU ld (GNU Binutils) 2.23.2 app-shells/bash: 4.2_p45 dev-java/java-config: 2.2.0 dev-lang/python: 2.7.5-r3, 3.3.3 dev-util/cmake: 2.8.11.2 dev-util/pkgconfig: 0.28 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.12.4 sys-apps/sandbox: 2.6-r1 sys-devel/autoconf: 2.13, 2.69 sys-devel/automake: 1.11.6, 1.13.4 sys-devel/binutils: 2.23.2 sys-devel/gcc: 4.7.3-r1 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.2 sys-devel/make: 3.82-r4 sys-kernel/linux-headers: 3.9 (virtual/os-headers) sys-libs/glibc: 2.17 Repositories: gentoo sunrise eyolfson hasufell local_overlay ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=native -O2 -pipe" DISTDIR="/usr/portage/distfiles" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://gentoo.channelx.biz/ http://gentoo.gg3.net/ ftp://gg3.net/pub/linux/gentoo/ ftp://ftp.iij.ad.jp/pub/linux/gentoo/ http://ftp.iij.ad.jp/pub/linux/gentoo/ rsync://ftp.iij.ad.jp/pub/linux/gentoo/ http://ftp.jaist.ac.jp/pub/Linux/Gentoo/ rsync://ftp.jaist.ac.jp/pub/Linux/Gentoo/ ftp://ftp.jaist.ac.jp/pub/Linux/Gentoo/" LANG="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j -l 3" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/var/lib/layman/sunrise /var/lib/layman/eyolfson /var/lib/layman/hasufell /usr/local/portage" SYNC="rsync://rsync.jp.gentoo.org/gentoo-portage" USE="X a52 aac acl acpi alsa amd64 berkdb bluetooth bluray bzip2 cairo caps cli cracklib crypt cxx dbus dirac dri dts dvd faac ffmpeg fontconfig fortran gdbm gif gnutls gtk iconv icu ipv6 jpeg libnotify matroska mmx mng modules mp3 mp4 mpeg ncurses nls nptl ogg ogm opengl openmp pam pango pcre pdf png readline sdl session srt sse sse2 ssl svg tcpd theora threads tiff truetype unicode usb v4l vaapi vorbis x264 xft xinerama xml xvid zlib" ABI_X86="64" ALSA_CARDS="hda-intel" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="efi-64" INPUT_DEVICES="mtrack synaptics evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_3" RUBY_TARGETS="ruby19 ruby20" USERLAND="GNU" VIDEO_CARDS="intel" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON
(In reply to Takahiro Sugiyama from comment #3) > Just removing --disable-fanotify from the ebuild works for me on clamav-0.98 > and clamav-0.98.1, and on-access scanning also seems working. > > # emerge --info > Portage 2.2.8-r1 (default/linux/amd64/13.0, gcc-4.7.3, glibc-2.17, That's because you're on one of the two whitelisted architectures...
(In reply to Matt Turner from comment #4) > That's because you're on one of the two whitelisted architectures... Oh... Understood the problem.
Really disappointed that no one maintaining either the net-mail nor antivirus herds could be bothered to take my patch in nearly 18 months. In any case, upstream commit commit c50982c442b724cb571b53499847511027bbbdd5 Author: David Raynor <draynor@sourcefire.com> Date: Wed Feb 5 16:37:24 2014 -0500 bb#9156/10335: switch fanotify support to use sys/fanotify.h instead of coded syscalls replaced the open-coded syscalls, which was first in clamav-0.98.2. Please remove --disable-fanotify from the clamav ebuilds.
*** Bug 551364 has been marked as a duplicate of this bug. ***
I'll have a look. If it works fine, I'll try to take this one :)
ScanOnAccess does not work for me. Here's my config (OnAccessMountPath + OnAccessIncludePath might be redundant, but I'm not sure, as the clamd.conf man page is not very verbose about these): --8<-- ScanOnAccess yes OnAccessMountPath / OnAccessMountPath /home OnAccessMountPath /local OnAccessMountPath /opt OnAccessMountPath /tmp OnAccessMountPath /var OnAccessMountPath /var/log OnAccessMountPath /var/tmp OnAccessIncludePath / OnAccessIncludePath /home OnAccessIncludePath /local OnAccessIncludePath /opt OnAccessIncludePath /tmp OnAccessIncludePath /var OnAccessIncludePath /var/log OnAccessIncludePath /var/tmp OnAccessExcludePath /dev OnAccessExcludePath /proc OnAccessExcludePath /run OnAccessExcludePath /sys OnAccessExcludePath /mnt OnAccessExcludePath /usr/portage OnAccessExcludePath /var/cache/edb OnAccessExcludePath /var/db/pkg OnAccessExcludePath /var/tmp/portage OnAccessExcludePath /var/tmp/binpkgs OnAccessExcludePath /var/log/portage OnAccessPrevention yes --8<-- Here's the clamd startup log --8<-- clamd[28117]: clamd daemon 0.99 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) clamd[28117]: Log file size limited to 1048576 bytes. clamd[28117]: Reading databases from /var/lib/clamav clamd[28117]: Bytecode: Security mode set to "TrustSigned". clamd[28117]: Loaded 4251713 signatures. clamd[28117]: LOCAL: Unix socket file /var/run/clamav/clamd.sock clamd[28117]: LOCAL: Setting connection queue length to 200 clamd[28142]: Limits: Global size limit set to 104857600 bytes. clamd[28142]: Limits: File size limit set to 26214400 bytes. clamd[28142]: Limits: Recursion level limit set to 16. clamd[28142]: Limits: Files limit set to 10000. clamd[28142]: Limits: Core-dump limit is 0. clamd[28142]: Limits: MaxEmbeddedPE limit set to 10485760 bytes. clamd[28142]: Limits: MaxHTMLNormalize limit set to 10485760 bytes. clamd[28142]: Limits: MaxHTMLNoTags limit set to 2097152 bytes. clamd[28142]: Limits: MaxScriptNormalize limit set to 5242880 bytes. clamd[28142]: Limits: MaxZipTypeRcg limit set to 1048576 bytes. clamd[28142]: Limits: MaxPartitions limit set to 50. clamd[28142]: Limits: MaxIconsPE limit set to 100. clamd[28142]: Limits: PCREMatchLimit limit set to 10000. clamd[28142]: Limits: PCRERecMatchLimit limit set to 5000. clamd[28142]: Limits: PCREMaxFileSize limit set to 26214400. clamd[28142]: Archive support enabled. clamd[28142]: Algorithmic detection enabled. clamd[28142]: Portable Executable support enabled. clamd[28142]: ELF support enabled. clamd[28142]: Detection of broken executables enabled. clamd[28142]: Mail files support enabled. clamd[28142]: OLE2 support enabled. clamd[28142]: PDF support enabled. clamd[28142]: SWF support enabled. clamd[28142]: HTML support enabled. clamd[28142]: Self checking every 600 seconds. clamd[28142]: Listening daemon: PID: 28142 clamd[28142]: MaxQueue set to: 100 clamd[28142]: ScanOnAccess: notifying only for access attempts. clamd[28142]: ScanOnAccess: Protecting '/' and rest of mount. clamd[28142]: ScanOnAccess: Protecting '/home' and rest of mount. clamd[28142]: ScanOnAccess: Protecting '/local' and rest of mount. clamd[28142]: ScanOnAccess: Protecting '/opt' and rest of mount. clamd[28142]: ScanOnAccess: Protecting '/tmp' and rest of mount. clamd[28142]: ScanOnAccess: Protecting '/var' and rest of mount. clamd[28142]: ScanOnAccess: Protecting '/var/log' and rest of mount. clamd[28142]: ScanOnAccess: Protecting '/var/tmp' and rest of mount. clamd[28142]: ScanOnAccess: Max file size limited to 5242880 bytes --8<-- clamd seems to ignore the "OnAccessPrevention" setting (clamd[28142]: ScanOnAccess: notifying only for access attempts.) Also, it does not even detect the EICAR test file (http://www.eicar.org/85-0-Download.html). Using Skyld AV (https://github.com/xypron/skyldav) which is based on clamd works fine and also detects the EICAR test file (so it's not a Clam AV engine issue). So to me, clamd on access scanning just doesn't work at all. Any suggestions? Cheers, Wolfram
Fixed in 0.99.2-r1.