Hi,
I have been learning how to get realtime scanning using ClamAV. The official website gives a simple tutorial which I followed and got working. The only problem is that I need to run a command as root at boot time “/usr/bin/clamonacc” as well as the clamd service. I am struggling to find out how to start clamonacc with every boot.
Could some one please point me in the right direction?
Hi,
This is the tutorial I followed and as you can see you need to rum clamonacc. Without this command the on access checking does not happen. Hence my request.
So how do I start a root command during a reboot ?
Hi Malcom,
Many thanks for the help, but it didn’t work.
Firstly I changed clamav-daemon.service to clamd.service, as I believe this is the correct service.
The script says it succeeded, but there is no clamonacc running.
This is the report from systemctl status clamonacc.service
Hi
The sysctl command was mention in the documentation, is there no environment file in /etc/default/clamav-onaccess or is it in a different location and called something else?
In the service add Type=forking and run systemctl daemon-reload and restart the service. Sounds like it will need some more tweaking…
Hi Malcolm,
I did more digging and did try Type - Forking - no luck.
I don’t think it is a timing issue as if I run the service from the command line after reboot - no luck
But if I run it as just a simple > /usr/bin/clamonacc then it works fine.
Hi
By default it will go to the journal, so you could follow that, else just systemctl status will show information as well, then there is the ability to send output in a service file with StandardOutput=
I did more digging and found someone had used service to start clamonacc but they added a -F after the command
ExecStart =/usr/bin/clamonacc -F
When I did this it loads and works as expected.
It looks a bit counter intuitive as running the -F flag indicates an interactive mode to me? :\
**Venus:/etc/systemd/system #** clamonacc --help
ClamAV: On Access Scanning Application and Client 0.102.2
By The ClamAV Team: https://www.clamav.net/about.html#credits
(C) 2020 Cisco Systems, Inc.
clamonacc [options] [file/directory/-]
--help -h Show this help
--version -V Print version number and exit
--verbose -v Be verbose
--log=FILE -l FILE Save scanning output to FILE
--foreground -F Output to foreground and do not daemonize
--watch-list=FILE -w FILE Watch directories from FILE
--exclude-list=FILE -e FILE Exclude directories from FILE
--remove Remove infected files. Be careful!
--move=DIRECTORY Move infected files into DIRECTORY
--copy=DIRECTORY Copy infected files into DIRECTORY
--config-file=FILE Read configuration from FILE.
--allmatch -z Continue scanning within file after finding a match.
--fdpass Pass filedescriptor to clamd (useful if clamd is running as a different user)
--stream Force streaming files to clamd (for debugging and unit testing)
**Venus:/etc/systemd/system #**
Many thanks for your help - I learned quite bit about service.
The effect is that its parent process (presumably “systemd”) can easily monitor whether it stops/crashes/etc, and can perhaps restart it. I’ve noticed that “systemd” likes to run some services that way.