Configure the ClamAV antivirus settings.
warden --task=antivirus:antivirus
Option |
Value | Default | Description |
---|---|---|---|
--PidFile |
<string> | /run/clamd.scan/clamd.pid | Save a process identifier of the listening daemon (main thread). |
--TemporaryDirectory |
<string> | /var/tmp | Path to the global temporary directory. |
--DatabaseDirectory |
<string> | /var/lib/clamav | Path to the database directory. |
--OfficialDatabaseOnly |
<string> | no | Only load the official signatures published by the ClamAV project. |
--LocalSocket |
<string> | /run/clamd.scan/clamd.sock | Path to a local socket file the daemon will listen on. |
--LocalSocketGroup |
<string> | virusgroup | Sets the group ownership on the unix socket. |
--LocalSocketMode |
<digit> | 660 | Sets the permissions on the unix socket to the specified mode. |
--FixStaleSocket |
<yes|no> | yes | Remove stale socket after unclean shutdown. |
--TCPSocket |
<string> | The TCP port address. | |
--TCPAddr |
<string> | The TCP address. | |
--MaxConnectionQueueLength |
<digit> | 200 | Maximum length the queue of pending connections may grow to. |
--StreamMaxLength |
<digit> | 100M | Close the connection when the data size limit is exceeded. The value should match your MTAs limit for a maximum attachment size. |
--StreamMinPort |
<digit> | 1024 | Limit port range. |
--StreamMaxPort |
<digit> | 2048 | Limit port range. |
--MaxThreads |
<digit> | 10 | Maximum number of threads running at the same time. |
--ReadTimeout |
<digit> | 120 | Waiting for data from a client socket will timeout after this time. (seconds) |
--CommandReadTimeout |
<digit> | 30 | The time after which the antivirus daemon should timeout if a client does not provide any initial command after connecting. (seconds) |
--SendBufTimeout |
<digit> | 500 | How long to wait if the send buffer is full. (milliseconds) |
--MaxQueue |
<digit> | 100 | Maximum number of queued items (including those being processed by MaxThreads threads). It is recommended to have this value at least twice MaxThreads if possible. |
--IdleTimeout |
<digit> | 30 | Waiting for a new job will timeout after this time. (seconds) |
--ExcludePath |
<string1,string2> | ^/proc/ ^/sys/ ^/var/hotcopy/ /usr/share/doc/clamav-*/test/ | Do not scan files and directories matching this regex. |
--ExcludePath_add |
<string> | Add a single entry to ExcludePath. | |
--ExcludePath_del |
<string> | Remove a single entry from ExcludePath. | |
--MaxDirectoryRecursion |
<digit> | 15 | Maximum depth directories are scanned at. |
--FollowDirectorySymlinks |
<yes|no> | no | Follow directory symlinks. |
--FollowFileSymlinks |
<yes|no> | no | Follow regular file symlinks. |
--CrossFilesystems |
<yes|no> | yes | Scan files and directories on other filesystems. |
--SelfCheck |
<digit> | 3600 | The interval (in seconds) to check the signature database directory for any changes then reload the signatures if any changes are detected. |
--VirusEvent |
<yes|no> | no | Execute a command when virus is found. In the command string %v will be replaced with the virus name. |
--User |
<string> | clamscan | Run as another user (The antivirus daemon must be started by root). |
--ExitOnOOM |
<yes|no> | no | Stop daemon when libclamav reports out of memory condition. |
--Foreground |
<yes|no> | no | Do not fork into background. |
--Debug |
<yes|no> | no | Enable debug messages in libclamav. |
--LeaveTemporaryFiles |
<yes|no> | no | Do not remove temporary files (for debug purposes). |
--AllowAllMatchScan |
<yes|no> | yes | Permit use of the ALLMATCHSCAN command. |
--DetectPUA |
<yes|no> | no | Detect possibly unwanted applications. |
--ExcludePUA |
<string1,string2> | Exclude a specific possibly unwanted application category. | |
--ExcludePUA_add |
<string> | Add a single entry to ExcludePUA. | |
--ExcludePUA_del |
<string> | Remove a single entry from ExcludePUA. | |
--IncludePUA |
<string1,string2> | Only include a specific possibly unwanted application category. | |
--IncludePUA_add |
<string> | Add a single entry to IncludePUA. | |
--IncludePUA_del |
<string> | Remove a single entry from IncludePUA. | |
--ForceToDisk |
<yes|no> | no | Force memory or nested map scans to dump the content to disk. More data is written to disk and is available when the LeaveTemporaryFiles option is enabled. |
--DisableCache |
<yes|no> | no | Disable the caching feature of the engine. By default, the engine will store an MD5 in a cache of any files that are not flagged as virus or that hit limits checks. Disabling the cache will have a negative performance impact on large scans. |
--LogFile |
<yes|no> | /var/log/clamd.scan | The log file must be writable for the user running daemon. A full path is required. |
--LogFileUnlock |
<string> | no | Disable log file locking. |
--LogFileMaxSize |
<string> | 1M | Maximum size of the log file. A value of 0 disabled the limit. You may use M/m for megabytes or K/k for kilobytes. To specify the size in bytes just do not use modifiers. If LogFileMaxSize is enabled log rotation (the LogRotate option) will always be enabled. |
--LogTime |
<yes|no> | yes | Log the time with each message. |
--LogClean |
<yes|no> | no | Also log clean files. Useful in debugging but drastically increases the log size. |
--LogSyslog |
<yes|no> | yes | Use the system logger. This can work together with LogFile. |
--LogFacility |
<string> | LOG_LOCAL6 | Specify the type of syslog messages. |
--LogVerbose |
<yes|no> | no | Enable verbose logging. |
--LogRotate |
<yes|no> | yes | Enable log rotation. Always enabled when LogFileMaxSize is enabled. |
--ExtendedDetectionInfo |
<yes|no> | no | Log additional information about the infected file, such as its size and hash, together with the virus name. |
--ConcurrentDatabaseReload |
<yes|no> | no | Enable non-blocking (multi-threaded/concurrent) database reloads. This feature will temporarily load a second scanning engine while scanning continues using the first engine. Once loaded, the new engine takes over. The old engine is removed as soon as all scans using the old engine have completed. This feature requires more RAM, so this option is provided in case users are willing to block scans during reload in exchange for lower RAM requirements. |
--default |
<yes> | Reset all settings to their default values. | |
--default_option |
<option> | Reset a specific setting to its default value. | |
--restart |
<yes> | Restart the service after saving settings. |
// enable the ConcurrentDatabaseReload
warden --task=antivirus:antivirus --ConcurrentDatabaseReload=1 --restart=yes
// reset the ConcurrentDatabaseReload back to its default value
warden --task=antivirus:antivirus --default_option=ConcurrentDatabaseReload --restart=yes
// reset all settings to their default values
warden --task=antivirus:antivirus --default=yes --restart=yes