[clamav-users] Antivirus Un-Killable or Password Protect
bvinodvivek at yahoo.co.in
Thu Jan 14 00:34:42 EST 2016
Thank you so much for the reply.
My requirement is different. I can run the ClamAV with some user and so that other users cannot stop this.I was thinking about a centralized antivirus sort of concept. The Un-installation or Un-loading of antivirus on a machine can only be done through command from a server. Even if this is not possible, a password based un-installation or un-loading of antivirus.
As Linux does not allow any user process to catch SIGKILL and drop it and so i was thinking whether this is possible in ClamAV.
Thanks & Regards,
Vinod Kumar Boppanna
On Wednesday, 13 January 2016 11:42 PM, G.W. Haywood <clamav at jubileegroup.co.uk> wrote:
On Wed, 13 Jan 2016, vinod boppanawrote:
> I had installed ClamAV on few Linux Machines. Is it possible to set
> the configuration in such a way that a normal user of the machine
> cannot kill the AntiVirus process (or even a password protect)?
The normal procedure would be to create a special user to start the
ClamAV process, for example user 'clamav'. In this case only users
with permissions to kill that process would be able to do so. It's up
to you how you set your other users' permissions, but by default you
would not normally give unprivileged users the right to kill processes
owned by other users.
The clamav process does, however need to be able to do its job. Many
people run ClamAV as root, and your ordinary users would not then be
able to kill the process, but I would recommend against that in most
situations. It might be necessary for example if only root could read
the data which ClamAV needs to read to perform its function. You have
not said how you are using ClamAV so I can't make any recommendations.
Why have you installed ClamAV on your Linux machines?
Help us build a comprehensive ClamAV guide:
More information about the clamav-users