On Thu, Sep 26, 2013 at 7:40 AM, Frans de Boer <[email protected]> wrote:
> So far no reaction, try again.... > > > > -------- Original Message -------- > Hi, does anybody knows how to enable and configure interaction with the > fanotify? > > The new clamd.conf files still has the long defunct clamuko switches, > but nothing about fanotify. > > Regards, > Frans de Boer. > > > ______________________________**_________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/**clamav-faq<https://github.com/vrtadmin/clamav-faq> > http://www.clamav.net/support/**ml <http://www.clamav.net/support/ml> > Pardon the delayed response, Frans. With 0.98 there is a new option for configure, --disable-fanotify. It works like the --disable-clamuko option did before and will forces compiling out the fanotify code. If not forced off, then configure tests for presence of fanotify.h on the platform before compiling it in as a potential option. Currently fanotify is only checked on Linux operating systems (it is expected to be unavailable otherwise). Even if support is compiled in, on-access scanning using fanotify is turned off unless explicitly enabled in clamd.conf. The option elements in clamd.conf are similar to Clamuko, but renamed. ClamukoScanOnAccess => ScanOnAccess ClamukoIncludePath => OnAccessIncludePath ClamukoExcludePath => OnAccessExcludePath ClamukoExcludeUID => OnAccessExcludeUID ClamukoMaxFileSize => OnAccessMaxFileSize The current release of this feature does not have all the same options as Clamuko support, so the following configuration items are deprecated but do not have a comparable current option. ClamukoScannerCount ClamukoScanOnOpen ClamukoScanOnClose ClamukoScanOnExec Hope this summary helps, Dave R. -- --- Dave Raynor Sourcefire Vulnerability Research Team [email protected] _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
