An anti-virus protected file system
This manual page documents briefly the ClamFS user-space file system.
clamfs is a program that mount anti-virus protected file system into existing directory tree.
* User-space file system (no kernel patches, recompilation, etc.) * Configuration stored in XML files * FUSE (and libfuse) used as file system back-end * Scan files using ClamAV * ScanCache (LRU with time-based and out-of-memory expiration) speeds up file access * Sends mail to administrator when detect virus
ClamFS is completely user-space anti-virus solution for Linux. It uses libfuse and Linux kernel module to provide file system. ClamAV is used as anti-virus scanner.
Normally program (or library) uses glibc open() call to obtain file descriptor. Glibc calls kernel VFS to open file regardless of file system used. If file is on ClamFS file system open call from VFS is directed to user-space by FUSE. ClamFS calls libfuse to communicate with FUSE and through it with VFS.
ClamFS is spitted into four parts: * libfuse bindings -- used to communicate with FUSE (and with VFS through it), * ScanCache -- store (per file) results of anti-virus scanning to speed up future open() requests * ScanQueue -- queue files for scanning * clamd / libclamav bindings -- communicate with anti-virus scanner
This program uses only one command line argument - configuration file name.
ClamFS and this manual page was written by Krzysztof Burghardt <[email protected]> and may be freely distributed under the terms of the GNU General Public License.