clamonacc

Clam On-Access Scanner(8) Clam AntiVirus Clam On-Access Scanner(8)

NAME

   clamonacc - an anti-virus on-access scanning daemon and clamd client

SYNOPSIS

   clamonacc [options]

DESCRIPTION

   The  clamonacc daemon registers for file access notifications from the Linux kernel and in response, submits scans to the clamd scanning daemon for a verdict. On-Access is only avail‐
   able on Linux systems. On Linux, On-Access requires a kernel version >= 3.8. This is because it leverages a kernel api called fanotify to block processes from attempting to access ma‐
   licious files. This prevention occurs in kernel-space, and thus offers stronger protection than a purely user-space solution.

OPTIONS

   -h, --help
          Output help information and exit.

   -V, --version
          Print the version number and exit.

   -v, --verbose
          Be verbose.

   -l FILE, --log=FILE
          Save the scan report to FILE.

   -F, --foreground
          Run in foreground; do not daemonize.

   -W FILE, --watch-list=FILE
          Watch directories from FILE.

   -e FILE, --exclude-list=FILE
          Exclude directories from FILE.

   -p A[:I], --ping A[:I]
          Ping clamd up to [A] times at optional interval [I] until it responds.

   -w, --wait
          Wait up to 30 seconds for clamd to start. Optionally use alongside ping to set attempts [A] and interval [I] to check clamd.

   --remove
          Remove infected files. Be careful.

   --move=DIRECTORY
          Move infected files into DIRECTORY.

   --copy=DIRECTORY
          Copy infected files into DIRECTORY.

   -c FILE, --config-file=FILE
          Read configuration from FILE.

   --allmatch
          Continue scanning within file after finding a match.

   --fdpass
          Pass the file descriptor permissions to clamd. This is useful if clamd is running as a different user as it is faster than streaming the file to clamd.  Only available if  con‐
          nected to clamd via local(unix) socket.

   --stream
          Forces file streaming to clamd. This is generally not needed as clamdscan detects automatically if streaming is required. This option only exists for debugging and testing pur‐
          poses, in all other cases --fdpass is preferred.

SIGNALS

   ClamOnAcc recognizes the following signals:

   SIGHUP Reopen the logfile.

   SIGUSR2
          Reload the signature databases.

   SIGTERM
          Perform a clean exit.

FILES

   /etc/clamav/clamd.conf

CREDITS

   Please check the full documentation for credits.

AUTHOR

   Tomasz Kojm <tkojm@clamav.net>

SEE ALSO

   clamd.conf(5), clamd(8)

ClamAV 1.4.3 July 29, 2020 Clam On-Access Scanner(8)