1 Reply Latest reply on Sep 30, 2014 12:47 PM by Peter M

    Bind mounts

    ckern_s+c

      I'm running McAfee VirusScan Enterprise 1.9.0.28822 under x86_64

      RedHat Enterprise Linux 6. (Running McAfee VSE 2.0 is not an option since

      that would require Kernel 2.6.38 or later which isn't available for RedHat EL 6.)

      The on-access scanner does not recognize files in bind-mounted directories.

      I have my home on the *local disk* in /v/myhostname/home/myusername/

      which is bind-mounted by autofs to /home/myusername/.

      When I copy the eicar.com test virus to /v/myhostname/home/myusername/,

      it is sent to quarantine immediately. When I copy eicar.com to /home/myusername/,

      the file is put there without any complaints by the on-access scanner.

      What's the problem with bind-mounts?

      Other local filesystems which are mounted without autofs are scanned well.

      I do scan files when writing to disk.

      I do not scan files when reading from disk.

      I do not scan network mounted volumes (with NFS this would be hell).

      (I did try solving my problem by *en*abling the scanning of network mounted

      volumes: Didn't help.)

       

      Unfortunately, all relevant directories for virus scans are bind mounts.

      So, without support for bind mounts, the on-access scanner is completely

      worthless for me. (And no, refraining from using autofs is not an option.)

       

      Any idea what I could do?

      Is that a know bug?