[clamav-users] How to exclude specific files from clamdscan
G.W. Haywood
clamav at jubileegroup.co.uk
Wed Jan 27 15:39:34 UTC 2021
Hi there,
On Wed, 27 Jan 2021, Michael Kyriacou via clamav-users wrote:
> ... I am using clamav version 0.102.4, on Ubuntu 20.04.
You really should be upgrading to the latest version.
> I want clamd to exclude all pagefile.sys files it finds when scanning
> mounted filesystems. Currently, it scans them. Is there anyway to do this?
> I know on the source version you can add “Exclude Path”, but I’m not sure
> if it works on the non-source version.
Unless the package maintainer has done something staggeringly foolish,
it will work the same whether you build from source or use a package.
> Additionally, it may get more complicated as the path to the pagefile.sys
> is not the same for each file system. Is there a way to exclude a specific
> file that matches a .sys extension?
The 'ExcludePath' (not 'Exclude Path') directive takes as its argument
a regular expression. You just need to fabricate a regular expression
which matches all the files you don't want to scan. You can have more
than one 'ExcludePath' directive in the configuration file if you wish
and that might help if the regex gets unwieldy.
Feel free to experiment while looking at the verbose logs, no harm will
be done.
You could instead of course move your page files to some other place,
which won't be scanned.
--
73,
Ged.
More information about the clamav-users
mailing list