Nextcloud version: 27.0.2
Operating system: Debian 12
Install method: Manual install on my own Apache and MariaDB/MySQL setup
I’ve been hosting my own Nextcloud on this machine for years and I noticed recently that the “antivirus for files” app is no longer scanning files at upload time. The background scan “seems” to be functioning fine because while trying to figure this out, I got a random notification that my test virus was infected and it got deleted, but it did not happen at upload time. I can create a new EICAR test virus and it will sync without issue and not get spotted until the next background scan.
I’ve tried adjusting the app/security settings for the antivirus to use the clamd socket file, which I’ve shown exists and is listening (netstat -a | grep clam). I’ve tried using the “ClamAV executable” using clamav, clamdscan and clamdscan --fdpass as the executables. All of these options “save” without issue, which tells me that they should be working because if you enter incorrect options the save button will output a message “unexpected scan results for test content”, so I’m guessing that when you save options it has its own test virus it scans to make sure it’s functional.
I’m just really not sure why it’s not scanning files at the time they’re uploaded/synced any more, if the commands give me a green light when I save them in the settings.
Just out of curiosity I observed what permissions Nextcloud itself gave to new files and folders when they were uploaded and I chmod-ed my data directory to match to make sure my permissions were correct. I’m not crazy about the “others” label having read access, but that’s what Nextcloud itself does when you make a new folder or upload a new file, so that’s what I applied to the whole data directory to make sure it wasn’t an issue with permissions.
directories = 755
files = 644