clamav.conf(5)
NAME
clamav.conf - a configuration file for Clam AntiVirus Dae
mon
DESCRIPTION
clamav.conf configures the Clam AntiVirus daemon,
clamd(8).
FILE FORMAT
The file consists of comments and options with optional
arguments. Each line that starts with a hash (#) symbol is
ignored. Option names are case sensitive and of the form
Option Argument. There are a few types of arguments:
STRING String without blank characters.
- SIZE Size in bytes. You can use the 'M' or 'm' modifiers
- for megabytes and 'K' or 'k' for kilobytes.
- NUMBER Unsigned integer.
DIRECTIVES
If some option is not used (hashed or doesn't exist in the
configuration file), clamd takes a default action.
- Example
- If this option is set clamd will not run.
- LogFile STRING
- Enable logging to selected file.
Default: disabled. - LogFileUnlock
- Disable a system lock that protects against running
clamd with a same configuration multiple times.
Default: disabled. - LogFileMaxSize SIZE
- Limit a size of a log file. The logger will be
automatically disabled if the file is greater than
SIZE. Value of 0 disables the limit.
Default: 1M - LogTime
- Log time with each message.
Default: disabled. - LogClean
- Log clean files.
Default: disabled. - LogSyslog
- Use system logger (can work together with LogFile).
Default: disabled. - LogVerbose
- Enable verbose logging.
Default: disabled. - PidFile STRING
- Save a process identifier of a listening daemon
(main thread) to a specified file.
Default: disabled. - DatabaseDirectory STRING
- Path to a directory containing database files.
Default: hardcoded directory. - LocalSocket STRING
- Path to a local (Unix) socket the daemon will lis
ten on.
Default: disabled. - FixStaleSocket
- Remove stale socket after unclean shutdown.
Default: disabled. - TCPSocket NUMBER
- TCP port number the daemon will listen on.
Default: disabled. - TCPAddr STRING
- TCP address to bind to. By default clamd binds to
INADDR_ANY.
Default: disabled. - MaxConnectionQueueLength NUMBER
- Maximum length the queue of pending connections may
grow to.
Default: 15 - MaxThreads NUMBER
- Maximal number of threads running at the same time.
Default: 5. - ThreadTimeout NUMBER
- Stop thread-scanner after specified time (in sec
onds). Value of 0 disables the timeout.
Default: 180 - MaxDirectoryRecursion NUMBER
- Maximal depth a directories are scanned at.
Default: disabled. - FollowDirectorySymlinks
- Follow a directory symlinks. You should have
enabled directory recursion limit to avoid a poten
tial problems.
Default: disabled. - FollowFileSymlinks
- Follow regular file symlinks.
Default: disabled. - SelfCheck NUMBER
- Do internal checks every NUMBER seconds.
Default: 3600 - VirusEvent COMMAND
- Execute the COMMAND when virus is found. In the
command string %v and %f will be replaced by a
virus name and an infected file name respectively.
SECURITY WARNING: Make sure the virus event command cannot be exploited eg. by using some special file name when %f is in use. Always use a full path to the command. Never delete/move files with this directive ! - Default: disabled.
- User STRING
- Drop priviledges to a selected user.
Default: disabled. - AllowSupplementaryGroups
- When started by root and the User option is acti
vated, it will initialize all the groups from
/etc/group for which user is a member.
Default: disabled. - Foreground
- Don't fork into background. Useful in debugging.
Default: disabled. - Debug Enable debug messages from libclamav. You need to
- enable the Foreground option to see them.
- StreamSaveToDisk
- When activated the input stream (see STREAM com
mand) will be saved to disk before scanning - this
allows scanning within archives.
Default: disabled. - StreamMaxLength SIZE
- Close the connection when this limit is exceeded.
Default: disabled. - ScanOLE2
- Enables scanning of Microsoft Office document
macros.
Default: enabled. - ScanMail
- Enable scanning of Mbox, Maildir and raw mail
files.
Default: disabled. - ScanArchive
- Enable archive scanning.
Default: disabled. - ScanRAR
- The built-in RAR unpacker is disabled by default
because the code leaks.
Default: disabled. - ArchiveMaxFileSize SIZE
- Files in archives larger than this limit won't be
scanned. Value of 0 disables the limit.
Default: 10M - ArchiveMaxRecursion NUMBER
- Limit archive recursion level. Value of 0 disables
the limit.
Default: 5 - ArchiveMaxFiles NUMBER
- Number of files to be scanned within archive. Value
of 0 disables the limit.
Default: 1000 - ArchiveMaxCompressionRatio NUMBER
- Analyze compression ratio and mark potential
archive bombs as viruses (0 disables the limit).
Default: 200 - ArchiveLimitMemoryUsage
- Use slower decompression algorithm which uses less
memory. This option affects bzip2 decompressor
only.
Default: disabled - ArchiveBlockEncrypted
- Mark encrypted archives as viruses (Encrypted.Zip,
Encrypted.RAR).
Default: disabled - ClamukoScanOnLine
- Enable Clamuko - on-access scanner for Linux.
Dazuko must be already running.
Default: disabled. - ClamukoScanOnOpen
- Scan a file on open.
Default: disabled. - ClamukoScanOnClose
- Scan a file on close.
Default: disabled. - ClamukoScanOnExec
- Scan a file on execute.
Default: disabled. - ClamukoIncludePath STRING
- Set the include paths (all files and directories in
them will be scanned). You can have multiple Cla
mukoIncludePath options but each directory must be
added with a seperate option.
Default: disabled. Required. - ClamukoExcludePath
- Set the exclude paths. All subdirectories are also
excluded.
Default: disabled. - ClamukoMaxFileSize SIZE
- Don't scan files larger than SIZE.
Default: 5M - ClamukoScanArchive
- Enable archive scanning. It uses ArchiveMax* lim
its.
Default: disabled.
FILES
/etc/clamav.conf
/usr/local/etc/clamav.conf
AUTHOR
Tomasz Kojm <tkojm@clamav.net>