[clamav-users] Encrypted Word doc/phishing attack

Dennis Peterson dennispe at inetnw.com
Wed Oct 5 14:52:57 EDT 2016

On 10/5/16 11:37 AM, Alex wrote:
> Can you explain how you configured systemd to start two instances of
> the same clamd binary using different config files?
> Thanks,
> Alex
# clamd --help

                       Clam AntiVirus Daemon 0.99.2
            By The ClamAV Team: http://www.clamav.net/about.html#credits
            (C) 2007-2015 Cisco Systems, Inc.

     --help                   -h             Show this help.
     --version                -V             Show version number.
     --debug                                 Enable debug mode.
     --config-file=FILE       -c FILE        Read configuration from FILE.

Create a second config file and give it a unique name or place it in a different 
directory than the original. Edit the new file to change as needed the tcpip 
port if used, or the socket name and location. Make any other changes that 
accomplish what you need from the second instance. Be especially attentive of 
log files, how they're created, how they're managed, and how they're populated.

Edit your startup script to start a second instance (and to stop it) and use the 
--config-file="xxxxx" for both instances where xxxx is the appropriate name and 
path of your config files.

Make what ever changes are needed in your processes that call clam services so 
that they call the correct instance.

You will have to modify  the freshclam script to send a reload command to the 
second instance of clamd as well as the original instance.


More information about the clamav-users mailing list