clamonacc - Man Page
an anti-virus on-access scanning daemon and clamd client
Synopsis
clamonacc [options]
Description
The clamonacc daemon registers for file access notifications from the Linux kernel and in response, submits scans to the clamd scanning daemon for a verdict. On-Access is only available on Linux systems. On Linux, On-Access requires a kernel version >= 3.8. This is because it leverages a kernel api called fanotify to block processes from attempting to access malicious files. This prevention occurs in kernel-space, and thus offers stronger protection than a purely user-space solution.
Options
- -h, --help
Output help information and exit.
- -V, --version
Print the version number and exit.
- -v, --verbose
Be verbose.
- -l FILE, --log=FILE
Save the scan report to FILE.
- -F, --foreground
Run in foreground; do not daemonize.
- -W FILE, --watch-list=FILE
Watch directories from FILE.
- -e FILE, --exclude-list=FILE
Exclude directories from FILE.
- -p A[:I], --ping A[:I]
Ping clamd up to [A] times at optional interval [I] until it responds.
- -w, --wait
Wait up to 30 seconds for clamd to start. Optionally use alongside ping to set attempts [A] and interval [I] to check clamd.
- --remove
Remove infected files. Be careful.
- --move=DIRECTORY
Move infected files into DIRECTORY.
- --copy=DIRECTORY
Copy infected files into DIRECTORY.
- -c FILE, --config-file=FILE
Read configuration from FILE.
- --allmatch
Continue scanning within file after finding a match.
- --fdpass
Pass the file descriptor permissions to clamd. This is useful if clamd is running as a different user as it is faster than streaming the file to clamd. Only available if connected to clamd via local(unix) socket.
- --stream
Forces file streaming to clamd. This is generally not needed as clamdscan detects automatically if streaming is required. This option only exists for debugging and testing purposes, in all other cases --fdpass is preferred.
Signals
ClamOnAcc recognizes the following signals:
- SIGHUP
Reopen the logfile.
- SIGUSR2
Reload the signature databases.
- SIGTERM
Perform a clean exit.
Files
/etc/clamd.conf
Credits
Please check the full documentation for credits.
Author
Tomasz Kojm <tkojm@clamav.net>