[clamav-users] clamd onaccess scanning NFS
Kris Deugau
kdeugau at vianet.ca
Mon Nov 11 20:44:35 UTC 2019
Mark Parker via clamav-users wrote:
> Hi all,
> I'm investigating clamav as a solution for a couple hundred linux
> boxes. We need onaccess scanning but I'm running into an issue. For
> clamd to do onaccess scanning it needs to be run as root to use the
> inotify components, but since we export our NFS volumes with
> root_squash, it doesn't have permissions to view a user's home directory
> contents.
> Am I missing something?
clamd needs to run as root to scan arbitrary files on the system. Try
scanning home directories on the NFS host instead, and exclude the home
directory tree from scanning on the clients if you have reason to scan
elsewhere on those systems.
-kgd
More information about the clamav-users
mailing list