| 5def21ff |
.\" Manual page created by Tomasz Kojm, 20021001.
.TH "clamav.conf" "5" "November 11, 2003" "Tomasz Kojm" "Clam AntiVirus" |
| 28e73e95 |
.SH "NAME"
.LP |
| 5def21ff |
\fBclamav.conf\fR \- a configuration file for Clam AntiVirus Daemon |
| 28e73e95 |
.SH "DESCRIPTION"
.LP |
| 5def21ff |
clamav.conf configures the Clam AntiVirus daemon, clamd(8). |
| 28e73e95 |
.SH "FILE FORMAT" |
| 5def21ff |
The file consists of comments and options with optional arguments. Each line that starts with a hash (\fB#\fR) symbol is ignored. Option names are case sensitive and of the form \fBOption Argument\fR. There are a few types of arguments: |
| 28e73e95 |
.TP
\fBSTRING\fR |
| 5def21ff |
String without blank characters. |
| 28e73e95 |
.TP
\fBSIZE\fR |
| 5def21ff |
Size in bytes. You can use the 'M' or 'm' modifiers for megabytes and 'K' or 'k' for kilobytes. |
| 28e73e95 |
.TP
\fBNUMBER\fR
Unsigned integer. |
| 0249f9d2 |
.SH "DIRECTIVES" |
| 28e73e95 |
.LP |
| 5def21ff |
If some option is not used (hashed or doesn't exist in the configuration file), clamd takes a default action. |
| 28e73e95 |
.TP
\fBExample\fR |
| 5def21ff |
If this option is set clamd will not run. |
| 28e73e95 |
.TP
\fBLogFile STRING\fR |
| 5def21ff |
Enable logging to selected file. |
| 28e73e95 |
.br
Default: disabled.
.TP
\fBLogFileUnlock\fR |
| 5def21ff |
Disable a system lock that protects against running clamd with a same configuration multiple times. |
| 28e73e95 |
.br
Default: disabled.
.TP
\fBLogFileMaxSize SIZE\fR |
| 5def21ff |
Limit a size of a log file. The logger will be automatically disabled if the file is greater than SIZE. Value of 0 disables the limit. |
| 28e73e95 |
.br
Default: 1M
.TP
\fBLogTime\fR |
| 5def21ff |
Log time with each message. |
| 28e73e95 |
.br |
| 5def21ff |
Defayult: disabled. |
| 28e73e95 |
.TP
\fBLogSyslog\fR
Use system logger (can work together with LogFile).
.br
Default: disabled.
.TP
\fBPidFile STRING\fR |
| 5def21ff |
Save a process identifier of a listening daemon (main thread) to a specified file. |
| 28e73e95 |
.br
Default: disabled.
.TP
\fBDataDirectory STRING\fR |
| 5def21ff |
Path to a directory containing database files. |
| 28e73e95 |
.br
Default: hardcoded directory.
.TP
\fBLocalSocket STRING\fR |
| 5def21ff |
Path to a local (Unix) socket the daemon will listen on.
.br
Default: disabled.
.TP
\fBFixStaleSocket\fR
Remove stale socket after unclean shutdown. |
| 28e73e95 |
.br
Default: disabled.
.TP
\fBTCPSocket NUMBER\fR
TCP port number the daemon will listen on.
.br
Default: disabled.
.TP |
| 5def21ff |
\fBTCPAddr STRING\fR
TCP address to bind to. By default clamd binds to INADDR_ANY.
.br
Default: disabled.
.TP |
| 28e73e95 |
\fBMaxConnectionQueueLength NUMBER\fR
Maximum length the queue of pending connections may grow to.
.br
Default: 15
.TP
\fBMaxThreads NUMBER\fR |
| 5def21ff |
Maximal number of threads running at the same time. |
| 28e73e95 |
.br
Default: 5.
.TP
\fBThreadTimeout NUMBER\fR
Stop thread\-scanner after specified time (in seconds). Value of 0 disables the timeout.
.br
Default: 180
.TP
\fBMaxDirectoryRecursion NUMBER\fR |
| 5def21ff |
Maximal depth a directories are scanned at. |
| 28e73e95 |
.br
Default: disabled.
.TP
\fBFollowDirectorySymlinks\fR
Follow a directory symlinks. You should have enabled directory recursion limit to avoid a potential problems.
.br
Default: disabled.
.TP
\fBFollowFileSymlinks\fR |
| 5def21ff |
Follow regular file symlinks. |
| 28e73e95 |
.br
Default: disabled.
.TP
\fBSelfCheck NUMBER\fR |
| 5def21ff |
Do internal checks every NUMBER seconds. |
| 28e73e95 |
.br
Default: 3600
.TP |
| 0249f9d2 |
\fBVirusEvent COMMAND\fR |
| 5def21ff |
Execute the COMMAND when virus is found. In the command string %v and %f will be replaced by a virus name and an infected file name respectively.
\fBSECURITY WARNING: Make sure the virus event command cannot be exploited eg. by using some special file name when %f is in use. Always use a full path to the command. Never delete/move files with this directive ! |
| 0249f9d2 |
\fR
.br
Default: disabled.
.TP |
| 28e73e95 |
\fBUser STRING\fR |
| 5def21ff |
Drop priviledges to a selected user. |
| 28e73e95 |
.br
Default: disabled.
.TP
\fBAllowSupplementaryGroups\fR
When started by root and the User option is activated, it will initialize all the groups from /etc/group for which user is a member.
.br
Default: disabled.
.TP
\fBForeground\fR
Don't fork into background. Useful in debugging.
.br
Default: disabled.
.TP |
| 5def21ff |
\fBDebug\fR
Enable debug messages from libclamav. You need to enable the \fBForeground\fR option to see them.
.TP |
| 28e73e95 |
\fBStreamSaveToDisk\fR |
| 5def21ff |
When activated the input stream (see STREAM command) will be saved to disk before scanning \- this allows scanning within archives. |
| 28e73e95 |
.br
Default: disabled.
.TP
\fBStreamMaxLength SIZE\fR |
| 5def21ff |
Close the connection when this limit is exceeded. |
| 28e73e95 |
.br
Default: disabled. |
| 5def21ff |
.TP |
| 28e73e95 |
\fBScanMail\fR |
| 5def21ff |
Enable scanning of Mbox, Maildir and raw mail files. |
| 28e73e95 |
.br
Default: disabled.
.TP
\fBScanArchive\fR
Enable archive scanning.
.br
Default: disabled.
.TP |
| 5def21ff |
\fBScanRAR\fR
The built\-in RAR unpacker is disabled by default because the code leaks.
.br
Default: disabled.
.TP |
| 28e73e95 |
\fBArchiveMaxFileSize SIZE\fR
Files in archives larger than this limit won't be scanned. Value of 0 disables the limit.
.br
Default: 10M
.TP
\fBArchiveMaxRecursion NUMBER\fR
Limit archive recursion level. Value of 0 disables the limit.
.br
Default: 5
.TP
\fBArchiveMaxFiles NUMBER\fR
Number of files to be scanned within archive. Value of 0 disables the limit.
.br
Default: 1000
.TP
\fBArchiveLimitMemoryUsage\fR
Use slower decompression algorithm which uses less memory. This option affects bzip2 decompressor only.
.br
Default: disabled
.TP
\fBClamukoScanOnLine\fR
Enable Clamuko \- on\-access scanner for Linux. Dazuko must be already running.
.br
Default: disabled.
.TP
\fBClamukoScanOnOpen\fR
Scan a file on open.
.br
Default: disabled.
.TP
\fBClamukoScanOnClose\fR
Scan a file on close.
.br
Default: disabled.
.TP
\fBClamukoScanOnExec\fR
Scan a file on execute.
.br
Default: disabled.
.TP
\fBClamukoIncludePath STRING\fR |
| 5def21ff |
Set the include paths (all files and directories in them will be scanned). You can have multiple ClamukoIncludePath options but each directory must be added with a seperate option. |
| 28e73e95 |
.br
Default: disabled. Required.
.TP
\fBClamukoExcludePath\fR
Set the exclude paths. All subdirectories are also excluded.
.br
Default: disabled.
.TP
\fBClamukoMaxFileSize SIZE\fR
Don't scan files larger than SIZE.
.br
Default: 5M
.TP
\fBClamukoScanArchive\fR
Enable archive scanning. It uses ArchiveMax* limits.
.br
Default: disabled.
.SH "FILES"
.LP
/etc/clamav.conf
.br
/usr/local/etc/clamav.conf
.SH "AUTHOR"
.LP |
| 5def21ff |
Tomasz Kojm <tkojm@clamav.net> |
| 28e73e95 |
.SH "SEE ALSO"
.LP |
| 5def21ff |
clamd(8), clamdscan(1), clamscan(1), freshclam(1), sigtool(1), clamav\-milter(8) |