Switch from clamscan to clamd + clamdscan --multiscan
clamscan single-threaded scans were the LS26 bottleneck. Daemon mode parallelises across MaxThreads=8 and only loads signatures once. - Add clamav-daemon + clamav-clamdscan packages. - start.sh::start_clamd waits up to 60s for /tmp/clamd.sock. - New clamd.conf: MaxThreads 8, DetectPUA, AlertOLE2Macros, ExcludePath ^/data/(proc|sys|dev|run)/, log to /tmp/clamd.log. - Drop final USER user so clamd can own its socket as clamav. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
tobias
@@ -1,25 +1,45 @@
|
||||
#!/bin/sh
|
||||
|
||||
start_clamd() {
|
||||
clamd --config-file=/etc/clamav/clamd.conf
|
||||
echo "Waiting for clamd..."
|
||||
attempts=0
|
||||
while [ ! -S /tmp/clamd.sock ] && [ "$attempts" -lt 120 ]; do
|
||||
sleep 0.5
|
||||
attempts=$((attempts + 1))
|
||||
done
|
||||
if [ ! -S /tmp/clamd.sock ]; then
|
||||
echo "ERROR: clamd failed to start"
|
||||
cat /tmp/clamd.log 2>/dev/null
|
||||
exit 2
|
||||
fi
|
||||
echo "clamd ready ($(cat /tmp/clamd.log 2>/dev/null | grep -c 'loaded') databases loaded)"
|
||||
}
|
||||
|
||||
case "${1}" in
|
||||
version )
|
||||
echo "stage: ${1}"
|
||||
clamscan --version
|
||||
clamconf | sed -ne '/Database information/,/^$/p'
|
||||
for file in /var/lib/clamav/* ;
|
||||
for file in /var/lib/clamav/* ;
|
||||
do
|
||||
(clamscan -d $file /proc/cmdline > /dev/null 2>&1) && echo "+ ${file}" || echo "Bad Signaturefile ${file}"
|
||||
(clamscan -d $file /proc/cmdline > /dev/null 2>&1) && echo "+ ${file}" || echo "Bad Signaturefile ${file}"
|
||||
done
|
||||
echo "$(sigtool --list-sigs | wc -l) Signatures loaded"
|
||||
|
||||
;;
|
||||
scan )
|
||||
echo "stage: ${1}"
|
||||
echo "Starting Scan of /data:"
|
||||
clamscan -ir /data
|
||||
start_clamd
|
||||
echo "Starting multiscan of /data:"
|
||||
clamdscan --multiscan /data
|
||||
rc=$?
|
||||
exit $rc
|
||||
;;
|
||||
* )
|
||||
echo "stage: ${1}"
|
||||
echo "Usage:"
|
||||
clamscan --help | head -n 20
|
||||
echo "Usage: scan | version | shell"
|
||||
echo " scan - multithreaded scan of /data via clamd"
|
||||
echo " version - show engine + signature info"
|
||||
/bin/sh
|
||||
;;
|
||||
esac
|
||||
|
||||
Reference in New Issue
Block a user