clamdscan - Man Page
scan files and directories for viruses using Clam AntiVirus Daemon
Examples (TL;DR)
- Scan a file or directory for vulnerabilities:
clamdscan path/to/file_or_directory - Scan data from
stdin:command | clamdscan - - Scan the current directory and output only infected files:
clamdscan --infected - Print the scan report to a log file:
clamdscan --log path/to/log_file - Move infected files to a specific directory:
clamdscan --move path/to/quarantine_directory - Remove infected files:
clamdscan --remove - Use multiple threads to scan a directory:
clamdscan --multiscan - Pass the file descriptor instead of streaming the file to the daemon:
clamdscan --fdpass
Synopsis
clamdscan [options] [file/directory]
Description
clamdscan is a clamd client which may be used as a clamscan replacement. It accepts all the options implemented in clamscan but most of them will be ignored because its scanning abilities only depend on clamd.
Options
- -h, --help
Display help information and exit.
- -V, --version
Print version number and exit.
- -v, --verbose
Be verbose.
- --quiet
Be quiet - only output error messages.
- --stdout
Write all messages (except for libclamav output) to the standard output (stdout).
- -c, --config-file=FILE
Read clamd settings from FILE.
- -l FILE, --log=FILE
Save the scan report to FILE.
- -f FILE, --file-list=FILE
Scan files listed line by line in FILE.
- -p A[:I], --ping A[:I]
Ping clamd up to [A] times at optional interval [I] until it responds.
- -w, --wait
Wait up to 30 seconds for clamd to start. Optionally use alongside ping to set attempts [A] and interval [I] to check clamd.
- -m, --multiscan
In the multiscan mode clamd will attempt to scan the directory contents in parallel using available threads. This option is especially useful on multiprocessor and multi-core systems. If you pass more than one file or directory in the command line, they are put in a queue and sent to clamd individually. This means, that single files are always scanned by a single thread. Similarly, clamdscan will wait for clamd to finish a directory scan (performed in multiscan mode) before sending request to scan another directory. This option can be combined with --fdpass (see below).
- -z, --allmatch
After a match, continue scanning within the file for additional matches.
- --remove
Remove infected files. Be careful.
- --move=DIRECTORY
Move infected files into DIRECTORY.
- --copy=DIRECTORY
Copy infected files into DIRECTORY.
- --no-summary
Do not display summary at the end of scanning.
- --reload
Request clamd to reload virus database.
- --allmatch
Continue scanning within file after finding a match.
- -i, --infected
Only print infected files
- --fdpass
Open the file and pass the opened file descriptor to clamd. This is useful if clamd is running as a different user or if clamd sees a different file system tree. This is faster than streaming the file to clamd. Only available if connected to clamd via local(unix) socket.
- --stream
Forces file streaming to clamd. This is generally not needed as clamdscan detects automatically if streaming is required. This option only exists for debugging and testing purposes, in all other cases --fdpass is preferred.
Examples
- (0) To scan a one file:
clamdscan file
- (1) To scan a current working directory:
clamdscan
- (2) To scan all files in /home:
clamdscan /home
- (3) To scan a file when clamd is running as a different user:
clamdscan --fdpass ~/downloads
- (4) To scan from standard input:
clamdscan - < file_to_scan
cat file_to_scan | clamdscan -
Return Codes
0 : No virus found.
1 : Virus(es) found.
2 : An error occurred.
Credits
Please check the full documentation for credits.
Author
Tomasz Kojm <tkojm@clamav.net>
See Also
Referenced By
clamd(8), clamd.conf(5), clamscan(1).