compose:
services:
clamav:
image: clamav/clamav:1.4_base
container_name: fnnas-clamav-scan
restart: "no"
privileged: false
user: 1000:1000
cap_add:
- DAC_READ_SEARCH
environment:
- CLAMD_CONF_ConcurrentDatabaseReload=no
- FRESHCLAM_CONF_TestDatabases=no
volumes:
# 病毒库持久化
- ./clamav-db/clamav:/var/lib/clamav
# 只读挂载根目录到扫描目录
- /:/scan:ro
# 日志持久化到飞牛本地
- ./log:/var/log/clamav
简单说明:因为clamav可能和飞牛有冲突,所以用docker安装,不自动重启,按需启动扫描即可。盲猜飞牛以后会上架这个应用。docker安装更容易删除。
映射的根目录,但我觉得没必要全盘扫描,只扫描系统文件就行。
在终端以root身份执行:
docker exec -u root fnnas-clamav-scan clamscan -r /scan/bin /scan/boot /scan/etc /scan/home /scan/lib /scan/lib64 /scan/opt /scan/root /scan/run /scan/sbin /scan/srv /scan/tmp /scan/usr /scan/var --log=/var/log/clamav/fnnas-safe-malware-scan.log --verbose
扫描结果:
----------- SCAN SUMMARY -----------
Known viruses: 3627375
Engine version: 1.4.3
Scanned directories: 13081
Scanned files: 118832
Infected files: 0
Data scanned: 11717.50 MB
Data read: 11999.55 MB (ratio 0.98:1)
Time: 1401.737 sec (23 m 21 s)
Start Date: 2026:02:10 09:10:46
End Date: 2026:02:10 09:34:08
如果不放心还可以查看一下日志:
grep -E "Infected|FOUND" 你的真实目录/log/fnnas-safe-malware-scan.log
显示:Infected files: 0
