freshclam - Man Page

• Update virus definitions: freshclam

tldr.sh

freshclam [options]

freshclam is a virus database update tool for ClamAV.

FreshClam reads its configuration from freshclam.conf. The settings can be overwritten with command line options.

-h,  --help

Output help information and exit.

-V,  --version

Print version number and exit.

-v,  --verbose

Be verbose. This option causes freshclam to print much additional information.

--debug

Enable debug messages from LibClamAV.

--quiet

Be quiet - output only error messages.

--no-warnings

Don't print and log warnings.

--stdout

Write all messages to stdout.

--show-progress

Show download progress percentage.

--config-file=FILE

Read configuration from FILE.

-l FILE, --log=FILE

Log report to FILE.

-d,  --daemon

Run in a daemon mode. Defaults to 12 checks per day unless otherwise specified by --checks or freshclam.conf.

-p FILE, --pid=FILE

Write the daemon's pid to FILE.

-F,  --foreground

Don't fork into background (for use in daemon mode).

-u USER, --user USER

Run as USER. By default (when started by root) freshclam drops privileges and operates as the 'clamupdate' user.

--no-dns

This option forces old non-DNS verification method (without a TTL delay).

-c #n, --checks=#n

Check #n times per day for a new database. #n must be between 1 and 50.

--datadir=DIRECTORY

Install new database in DIRECTORY. The directory must be writable for the 'clamupdate' user or unprivileged user running freshclam, already exist, and be an absolute path.

--daemon-notify=/path/to/clamd.conf

Notify the daemon about the new database. By default it reads a hardcoded config file but you can use a different one. Both local and TCP sockets are supported.

-a IP, --local-address=IP

Use (local) IP for HTTP downloads. Useful for multi-homed systems. If binding fails for whatever reason, a warning is issued and freshclam behaves like without this flag.

--on-update-execute=COMMAND

Execute COMMAND after successful update.

--on-error-execute=COMMAND

Execute COMMAND if error occurred. Remember, that virus database freshness is the most important thing in anti-virus system. With this option freshclam can alert you (eg. send SMS) when something is going wrong.

--on-outdated-execute=COMMAND

Execute COMMAND when freshclam reports outdated version. In the command string %v will be replaced by the new version number.

--update-db=DBNAME

With this option you can limit updates to a subset of database files. The DBNAME should be "main", "daily", "bytecode", "safebrowsing" or one of the 3rd party database names. This option can be used multiple times and only works with the official and 3rd party databases distributed through the ClamAV mirrors, your custom databases (specified with DatabaseCustomURL in freshclam.conf) will not be ignored.

freshclam uses the following environment variables:

CURL_CA_BUNDLE

(Linux/Unix only, excluding macOS) May be set to the path of a file (bundle) containing one or more CA certificates. This will override the default openssl certificate path.

FRESHCLAM_CLIENT_CERT

May be set to the path of a file (PEM) containing the client certificate. This may be used for client authentication.

FRESHCLAM_CLIENT_KEY

May be set to the path of a file (PEM) containing the client private key. This is required if FRESHCLAM_CLIENT_CERT is set.

FRESHCLAM_CLIENT_KEY_PASSWD

May be set to a password for the client key PEM file. This is required if FRESHCLAM_CLIENT_KEY is set and the PEM file is password protected.

Note that the CURL_CA_BUNDLE environment variable is also used by the curl command line tool for the same purpose.

(0) Download database to default directory:

freshclam

(1) Download database to current directory:

freshclam --datadir=.

(2) Run as a daemon and check 2 times per day for new database:

freshclam -d -c 2

Some return codes of freshclam can be overwritten with a built-in command EXIT_n which can be passed to --on-*-execute, eg. --on-update-execute=EXIT_1 will force freshclam to always return 1 after successful database update.

0 : Database is up-to-date or successfully updated.

40: Unknown option passed.

50: Can't change directory.

51: Can't check MD5 sum.

52: Connection (network) problem.

53: Can't unlink file.

54: MD5 or digital signature verification error.

55: Error reading file.

56: Config file error.

57: Can't create new file.

58: Can't read database from remote server.

59: Mirrors are not fully synchronized (try again later).

60: Can't get information about 'clamupdate' user from /etc/passwd.

61: Can't drop privileges.

62: Can't initialize logger.

/etc/freshclam.conf

Please check the full documentation for credits.

Tomasz Kojm <tkojm@clamav.net>, Kevin Lin <klin@sourcefire.com>

freshclam.conf(5), clamd(8), clamd.conf(5), clamscan(1)

clamd(8), clamd.conf(5), clamscan(1), clamtk(1), freshclam.conf(5), sigtool(1).