Pid file -
Save a process identifier of the listening daemon (main thread).
Temporary directory -
Path to the global temporary directory.
Database directory -
Path to the database directory.
Official database only -
Only load the official signatures published by the ClamAV project.
Local socket -
Path to a local socket file the daemon will listen on.
Local socket group -
Sets the group ownership on the unix socket.
Local socket mode -
Sets the permissions on the unix socket to the specified mode.
Fix stale socket -
Remove stale socket after unclean shutdown.
TCP socket -
The TCP port address.
TCP addr -
The TCP address.
Max connection queue length -
Maximum length the queue of pending connections may grow to.
Stream max length -
Close the connection when the data size limit is exceeded. The value should match your MTAs limit for a maximum attachment size.
Stream min port -
Limit port range.
Stream max port -
Limit port range.
Max threads -
Maximum number of threads running at the same time.
Read timeout -
Waiting for data from a client socket will timeout after this time. (seconds)
Command read timeout -
The time after which the antivirus daemon should timeout if a client does not provide any initial command after connecting. (seconds)
Send buffer timeout -
How long to wait if the send buffer is full. (milliseconds)
Max queue -
Maximum number of queued items (including those being processed by MaxThreads threads). It is recommended to have this value at least twice MaxThreads if possible.
Idle timeout -
Waiting for a new job will timeout after this time. (seconds)
Exclude paths -
Do not scan files and directories matching this regex.
Default: ^/proc/ ^/sys/ /usr/share/doc/clamav-*/test/
Max directory recursion -
Maximum depth directories are scanned at.
Follow directory symlinks -
Follow directory symlinks.
Follow file symlinks -
Follow regular file symlinks.
Cross file systems -
Scan files and directories on other filesystems.
Self check -
The interval (in seconds) to check the signature database directory for any changes then reload the signatures if any changes are detected.
Concurrent database reload -
Enable non-blocking (multi-threaded/concurrent) database reloads. This feature will temporarily load a second scanning engine while scanning continues using the first engine. Once loaded, the new engine takes over. The old engine is removed as soon as all scans using the old engine have completed. This feature requires more RAM, so this option is provided in case users are willing to block scans during reload in exchange for lower RAM requirements.
Default: Memory > 4 GB yes otherwise no
Virus event -
Execute a command when virus is found. In the command string %v will be replaced with the virus name.
Run as another user (The antivirus daemon must be started by root).
Exit on out of memory condition -
Stop daemon when libclamav reports out of memory condition.
Do not fork into background.
Enable debug messages in libclamav.
Leave temporary files -
Do not remove temporary files (for debug purposes).
Allow all match scan -
Permit use of the ALLMATCHSCAN command.
Detect possible unwanted apps -
Detect possibly unwanted applications.
Exclude possible unwanted apps -
Exclude a specific possibly unwanted application category.
Include possible unwanted apps -
Only include a specific possibly unwanted application category.
Force to disk -
Force memory or nested map scans to dump the content to disk. More data is written to disk and is available when the LeaveTemporaryFiles option is enabled.
Disable cache -
Disable the caching feature of the engine. By default, the engine will store an MD5 in a cache of any files that are not flagged as virus or that hit limits checks. Disabling the cache will have a negative performance impact on large scans.
Log file -
The log file must be writable for the user running daemon. A full path is required.
Log file unlock -
Disable log file locking.
Log file max size -
Maximum size of the log file. A value of 0 disabled the limit. You may use M/m for megabytes or K/k for kilobytes. To specify the size in bytes just do not use modifiers. If LogFileMaxSize is enabled log rotation (the LogRotate option) will always be enabled.
Log time with each message -
Log the time with each message.
Log clean files -
Also log clean files. Useful in debugging but drastically increases the log size.
Log to syslog -
Use the system logger. This can work together with LogFile.
Log verbose -
Enable verbose logging.
Log rotate -
Enable log rotation. Always enabled when LogFileMaxSize is enabled.
Log extended detection info -
Log additional information about the infected file, such as its size and hash, together with the virus name.