Pid file - PidFile
Save a process identifier of the listening daemon (main thread).
Default: /var/run/clamd.scan/clamd.pid
Temporary directory - TemporaryDirectory
Path to the global temporary directory.
Default: /var/tmp
Database directory - DatabaseDirectory
Path to the database directory.
Default: /var/lib/clamav
Official database only - OfficialDatabaseOnly
Only load the official signatures published by the ClamAV project.
Default: no
Local socket - LocalSocket
Path to a local socket file the daemon will listen on.
Default: /var/run/clamd.scan/clamd.sock
Local socket group - LocalSocketGroup
Sets the group ownership on the unix socket.
Default: clamscan
Local socket mode - LocalSocketMode
Sets the permissions on the unix socket to the specified mode.
Default: 660
Fix stale socket - FixStaleSocket
Remove stale socket after unclean shutdown.
Default: yes
TCP socket - TCPSocket
The TCP port address.
Default: empty
TCP addr - TCPAddr
The TCP address.
Default: empty
Max connection queue length - MaxConnectionQueueLength
Maximum length the queue of pending connections may grow to.
Default: 200
Stream max length - StreamMaxLength
Close the connection when the data size limit is exceeded. The value should match your MTAs limit for a maximum
attachment size.
Default: 25M
Stream min port - StreamMinPort
Limit port range.
Default: 1024
Stream max port - StreamMaxPort
Limit port range.
Default: 2048
Max threads - MaxThreads
Maximum number of threads running at the same time.
Default: 10
Read timeout - ReadTimeout
Waiting for data from a client socket will timeout after this time. (seconds)
Default: 120
Command read timeout - CommandReadTimeout
The time after which the antivirus daemon should timeout if a client does not provide any initial command after
connecting. (seconds)
Default: 5
Send buffer timeout - SendBufTimeout
How long to wait if the send buffer is full. (milliseconds)
Default: 500
Max queue - MaxQueue
Maximum number of queued items (including those being processed by MaxThreads threads). It is recommended to have this
value at least twice MaxThreads if possible.
Default: 100
Idle timeout - IdleTimeout
Waiting for a new job will timeout after this time. (seconds)
Default: 30
Exclude paths - ExcludePath
Do not scan files and directories matching this regex.
Default: ^/proc/ ^/sys/ /usr/share/doc/clamav-*/test/
Max directory recursion - MaxDirectoryRecursion
Maximum depth directories are scanned at.
Default: 15
Follow directory symlinks - FollowDirectorySymlinks
Follow directory symlinks.
Default: no
Follow file symlinks - FollowFileSymlinks
Follow regular file symlinks.
Default: no
Cross file systems - CrossFilesystems
Scan files and directories on other filesystems.
Default: yes
Self check - SelfCheck
The interval (in seconds) to check the signature database directory for any changes then reload the signatures if any changes are detected.
Default: 3600
Concurrent database reload - ConcurrentDatabaseReload
Enable non-blocking (multi-threaded/concurrent) database reloads. This feature will temporarily load a second scanning engine while scanning continues using the first engine. Once loaded, the new engine takes over.
The old engine is removed as soon as all scans using the old engine have completed. This feature requires more RAM, so this option is provided in case users are willing to block scans during reload in exchange for lower RAM requirements.
Default: Memory > 4 GB yes otherwise no
Virus event - VirusEvent
Execute a command when virus is found. In the command string %v will be replaced with the virus name.
Default: no
User - User
Run as another user (The antivirus daemon must be started by root).
Default: clamscan
Exit on out of memory condition - ExitOnOOM
Stop daemon when libclamav reports out of memory condition.
Default: no
Foreground - Foreground
Do not fork into background.
Default: no
Debug - Debug
Enable debug messages in libclamav.
Default: no
Leave temporary files - LeaveTemporaryFiles
Do not remove temporary files (for debug purposes).
Default: no
Allow all match scan - AllowAllMatchScan
Permit use of the ALLMATCHSCAN command.
Default: yes
Detect possible unwanted apps - DetectPUA
Detect possibly unwanted applications.
Default: no
Exclude possible unwanted apps - ExcludePUA
Exclude a specific possibly unwanted application category.
Default: empty
Include possible unwanted apps - IncludePUA
Only include a specific possibly unwanted application category.
Default: empty
Force to disk - ForceToDisk
Force memory or nested map scans to dump the content to disk. More data is written to disk and is available when the
LeaveTemporaryFiles option is enabled.
Default: no
Disable cache - DisableCache
Disable the caching feature of the engine. By default, the engine will store an MD5 in a cache of any files that are not
flagged as virus or that hit limits checks. Disabling the cache will have a negative performance impact on large scans.
Default: no
Log file - LogFile
The log file must be writable for the user running daemon. A full path is required.
Default: /var/log/clamd.scan
Log file unlock - LogFileUnlock
Disable log file locking.
Default: no
Log file max size - LogFileMaxSize
Maximum size of the log file. A value of 0 disabled the limit. You may use M/m for megabytes or K/k for kilobytes. To
specify the size in bytes just do not use modifiers. If LogFileMaxSize is enabled log rotation (the LogRotate option)
will always be enabled.
Default: 1M
Log time with each message - LogTime
Log the time with each message.
Default: yes
Log clean files - LogClean
Also log clean files. Useful in debugging but drastically increases the log size.
Default: no
Log to syslog - LogSyslog
Use the system logger. This can work together with LogFile.
Default: yes
Log verbose - LogVerbose
Enable verbose logging.
Default: no
Log rotate - LogRotate
Enable log rotation. Always enabled when LogFileMaxSize is enabled.
Default: no
Log extended detection info - ExtendedDetectionInfo
Log additional information about the infected file, such as its size and hash, together with the virus name.
Default: no