clamonacc - Man Page

an anti-virus on-access scanning daemon and clamd client

Synopsis

clamonacc [options]

Description

The clamonacc daemon registers for file access notifications from the Linux kernel and in response, submits scans to the clamd scanning daemon for a verdict. On-Access is only available on Linux systems. On Linux, On-Access requires a kernel version >= 3.8. This is because it leverages a kernel api called fanotify to block processes from attempting to access malicious files. This prevention occurs in kernel-space, and thus offers stronger protection than a purely user-space solution.

Options

-h,  --help

Output help information and exit.

-V,  --version

Print the version number and exit.

-v,  --verbose

Be verbose.

-l FILE, --log=FILE

Save the scan report to FILE.

-F,  --foreground

Run in foreground; do not daemonize.

-W FILE, --watch-list=FILE

Watch directories from FILE.

-e FILE, --exclude-list=FILE

Exclude directories from FILE.

-p A[:I], --ping A[:I]

Ping clamd up to [A] times at optional interval [I] until it responds.

-w,  --wait

Wait up to 30 seconds for clamd to start. Optionally use alongside ping to set attempts [A] and interval [I] to check clamd.

--remove

Remove infected files. Be careful.

--move=DIRECTORY

Move infected files into DIRECTORY.

--copy=DIRECTORY

Copy infected files into DIRECTORY.

-c FILE, --config-file=FILE

Read configuration from FILE.

--allmatch

Continue scanning within file after finding a match.

--fdpass

Pass the file descriptor permissions to clamd. This is useful if clamd is running as a different user as it is faster than streaming the file to clamd. Only available if connected to clamd via local(unix) socket.

--stream

Forces file streaming to clamd. This is generally not needed as clamdscan detects automatically if streaming is required. This option only exists for debugging and testing purposes, in all other cases --fdpass is preferred.

Signals

ClamOnAcc recognizes the following signals:

SIGHUP

Reopen the logfile.

SIGUSR2

Reload the signature databases.

SIGTERM

Perform a clean exit.

Files

/etc/clamd.conf

Credits

Please check the full documentation for credits.

Author

Tomasz Kojm <tkojm@clamav.net>

See Also

clamd.conf(5), clamd(8)

Info

July 29, 2020 ClamAV 1.4.1 Clam AntiVirus