1Clam On-Access Scanner(8) Clam AntiVirus Clam On-Access Scanner(8)
2
3
4
6 clamonacc - an anti-virus on-access scanning daemon and clamd client
7
9 clamd [options]
10
12 The clamonacc daemon registers for file access notifications from the
13 Linux kernel and in response, submits scans to the clamd scanning dae‐
14 mon for a verdict. On-Access is only available on Linux systems. On
15 Linux, On-Access requires a kernel version >= 3.8. This is because it
16 leverages a kernel api called fanotify to block processes from attempt‐
17 ing to access malicious files. This prevention occurs in kernel-space,
18 and thus offers stronger protection than a purely user-space solution.
19
21 -h, --help
22 Output help information and exit.
23
24 -V, --version
25 Print the version number and exit.
26
27 -v, --verbose
28 Be verbose.
29
30 -l FILE, --log=FILE
31 Save the scan report to FILE.
32
33 -F, --foreground
34 Run in foreground; do not daemonize.
35
36 -w FILE, --watch-list=FILE
37 Watch directories from FILE.
38
39 -e FILE, --exclude-list=FILE
40 Exclude directories from FILE.
41
42 -p A[:I], --ping A[:I]
43 Ping clamd up to [A] times at optional interval [I] until it re‐
44 sponds.
45
46 -w, --wait
47 Wait up to 30 seconds for clamd to start. Optionally use along‐
48 side ping to set attempts [A] and interval [I] to check clamd.
49
50 --remove
51 Remove infected files. Be careful.
52
53 --move=DIRECTORY
54 Move infected files into DIRECTORY.
55
56 --copy=DIRECTORY
57 Copy infected files into DIRECTORY.
58
59 -c FILE, --config-file=FILE
60 Read configuration from FILE.
61
62 --allmatch
63 Continue scanning within file after finding a match.
64
65 --fdpass
66 Pass the file descriptor permissions to clamd. This is useful if
67 clamd is running as a different user as it is faster than
68 streaming the file to clamd. Only available if connected to
69 clamd via local(unix) socket.
70
71 --stream
72 Forces file streaming to clamd. This is generally not needed as
73 clamdscan detects automatically if streaming is required. This
74 option only exists for debugging and testing purposes, in all
75 other cases --fdpass is preferred.
76
78 ClamOnAcc recognizes the following signals:
79
80 SIGHUP Reopen the logfile.
81
82 SIGUSR2
83 Reload the signature databases.
84
85 SIGTERM
86 Perform a clean exit.
87
89 /etc/clamd.conf
90
92 Please check the full documentation for credits.
93
95 Tomasz Kojm <tkojm@clamav.net>
96
98 clamd.conf(5), clamd(8)
99
100
101
102ClamAV 0.103.7 July 29, 2020 Clam On-Access Scanner(8)