ubuntuにて、clamdscanを使ってHDDを全チェックする設定(1)

diff --git a/clamav/clamd.conf b/clamav/clamd.conf
index d74493f..4a612b1 100644
--- a/clamav/clamd.conf
+++ b/clamav/clamd.conf
@@ -3,11 +3,13 @@
 #Please read /usr/share/doc/clamav-daemon/README.Debian.gz for details
 LocalSocket /var/run/clamav/clamd.ctl
 FixStaleSocket true
-LocalSocketGroup clamav
+#LocalSocketGroup clamav
+LocalSocketGroup root
 LocalSocketMode 666
 # TemporaryDirectory is not set to its default /tmp here to make overriding
 # the default with environment variables TMPDIR/TMP/TEMP possible
-User clamav
+#User clamav
+User root
 ScanMail true
 ScanArchive true
 ArchiveBlockEncrypted false
@@ -59,14 +61,20 @@ SendBufTimeout 200
 MaxQueue 100
 ExtendedDetectionInfo true
 OLE2BlockMacros false
-ScanOnAccess false
+#ScanOnAccess false
+ScanOnAccess true

+OnAccessMountPath /

+OnAccessExtraScanning false   # (null)FOUNDが発生するのでfalseにしておく。
+OnAccessExcludeUID 0
 AllowAllMatchScan true
 ForceToDisk false
 DisableCertCheck false
 DisableCache false
 MaxScanTime 120000
-MaxScanSize 100M
-MaxFileSize 25M
+#MaxScanSize 100M
+MaxScanSize 0
+#MaxFileSize 25M
+MaxFileSize 0
 MaxRecursion 16
 MaxFiles 10000
 MaxPartitions 50
@@ -85,3 +93,8 @@ LogFileMaxSize 0
 Bytecode true
 BytecodeSecurity TrustSigned
 BytecodeTimeout 60000
+ExcludePath ^/proc/
+ExcludePath ^/sys/
+ExcludePath ^/boot/
+ExcludePath ^/dev/
+ExcludePath ^/var/log/clamav/virus/
+#誤検知
+ExcludePath ^/opt/google/chrome/chrome
+#アクセス違反
+ExcludePath ^/run/user/

diff --git a/sudoers b/sudoers
index a006601..cd31128 100644
--- a/sudoers
+++ b/sudoers
@@ -28,3 +28,5 @@ root ALL=(ALL:ALL) ALL
 # See sudoers(5) for more information on "#include" directives:

 #includedir /etc/sudoers.d
+#
+usename  ALL=(ALL:ALL) NOPASSWD:  /usr/bin/clamdscan


※(2)の手順を実施し、セキュリティ設定を無効にする必要あり