Quarantine hits - quarantine_hits
The default quarantine action for malware hits.
Default: 0
Quarantine clean - quarantine_clean
Try to clean string based malware injections. NOTE: quarantine action must be set to "move to quarantine and alert".
Default: 0
Suspend user - quarantine_suspend_user
The default suspend action for users wih hits. When enabled a users shell access will be disabled via the command:
/usr/sbin/usermod -s /bin/false user
Default: 0
Suspend user min userid - quarantine_suspend_user_minuid
The minimum userid value that can be suspended.
Default: 10000
Quarantine on error - quarantine_on_error
When using an external scan engine, such as ClamAV, should files be quarantined if an error from the scanner engine is received?
This is defaulted to 1, always quarantine, as ClamAV generates an error exit code for trivial errors such as file not found.
As such, a large percentage of scans will have ClamAV exiting with error code 2.
Default: 1