Completed clamd results caching
This was a long waiting feature. Version 0.9.1 cache only information about clean files. Infected files was scanned on every access. Starting from version 1.0.0 information about both clean and infected files are kept in cache while files that cannot be scanned (mostly because of permission problems) are discarded from cache.
Starting without clamd available
A new “check” option was added to allow you to mount a ClamFS file system when clamd is not available, such as during an early stage of the boot process. To disable ClamAV Daemon (clamd) check on ClamFS startup set option check to no:
Mounting file systems from /etc/fstab
With “check=no” mounting ClamFS file systems form /etc/fstab is possible using fuse mount helper (/sbin/mount.fuse). ClamFS will be started on boot with configuration file defined here provided as its argument. Simple definition of ClamFS mount point in /etc/fstab looks like:
The “readonly” option was added to the filesystem options allowing you to create a read-only protected file system. Just extend filesystem definition in config file with readonly option set to yes:
File system and cache statistics
ClamFS has file system statistics that allow you to monitor and tune its performance. Statistics module keep track of file system usage and cache hits. Stats module is configured with “stats” tag. It can dump statistics periodically and on ClamFS dismount:
Statistics are dumped to configured logging target. Here is an example of such statistics dumped to syslog:
Feb 8 14:52:51 ghost clamfs: --- begin of statistics --- Feb 8 14:52:51 ghost clamfs: Early cache hit: 1038 Feb 8 14:52:51 ghost clamfs: Early cache miss: 1030 Feb 8 14:52:51 ghost clamfs: Late cache hit: 1038 Feb 8 14:52:51 ghost clamfs: Late cache miss: 0 Feb 8 14:52:51 ghost clamfs: Whitelist hit: 10 Feb 8 14:52:51 ghost clamfs: Blacklist hit: 108 Feb 8 14:52:51 ghost clamfs: Files bigger than maximal-size: 3 Feb 8 14:52:51 ghost clamfs: open() function called 2081 times (allowed: 1803, denied: 278) Feb 8 14:52:51 ghost clamfs: Scan failed 278 times Feb 8 14:52:51 ghost clamfs: --- end of statistics ---
Better default extension blacklist
Default blacklist in configuration file was extended. I advise all users to incorporate blacklist from version 1.0.0 into their configuration files.