🛡️ Access Shield Pro v1.4 - Simplified scanner/honeypot config with wildcards & regex support
🤖 AI Support Assistant 2.1 - GPT-5 & Claude Opus 4.1 support, auto-signatures, improved error handling.
🧮 Recalculate Prices v1.2 - Fixed addon pricing, enhanced safety checks, full billing cycle support.
🔧 PowerDNS Manager v1.11 - Enhanced logging security with better data sanitization, improved debug output handling, bug fixes.

  Categories

DirectAdmin Hosting
31
Domain
22
Hosted Email
6
VPS
17
WHMCS Modules
4

  Categories

  Support

My Support Tickets
Knowledgebase
Open Ticket

ClamAV Resource Limits Print

  • 333

ClamAV eating your CPU? Here's how to limit it.

Quick Fix

Edit the service file:

nano /etc/systemd/system/clamd.service

Add these lines under [Service]:

MemoryLimit=1024M
CPUQuota=30%
Nice=19

Reload and restart:

systemctl daemon-reload
systemctl restart clamd

Full Configuration

Complete service file with all optimizations:

[Unit]
Description=ClamAV scanner daemon
After=network.target

[Service]
Type=simple
ExecStartPre=-/bin/mkdir -p /var/run/clamd
ExecStartPre=-/bin/chown -R clamav:clamav /var/run/clamd
ExecStart=/usr/local/sbin/clamd --foreground=yes
Restart=on-failure
PrivateTmp=true

# Resource limits
MemoryLimit=1024M      # Max 1GB RAM
CPUQuota=30%          # Max 30% CPU
IOSchedulingPriority=7 # Lowest I/O priority
CPUSchedulingPolicy=5  # SCHED_IDLE
Nice=19               # Lowest process priority

[Install]
WantedBy=multi-user.target

Settings Explained

  • MemoryLimit - Hard RAM limit. Process killed if exceeded.
  • CPUQuota - CPU percentage limit (100% = 1 core)
  • Nice - Process priority (-20 to 19, higher = lower priority)
  • IOSchedulingPriority - Disk I/O priority (0-7, 7 = lowest)
  • CPUSchedulingPolicy - 5 = SCHED_IDLE (only runs when system idle)

Alternative: cgroups v2

For newer systems using cgroups v2:

MemoryMax=1G          # Instead of MemoryLimit
CPUWeight=10          # 1-10000, default 100
IOWeight=10           # 1-10000, default 100

Monitoring Impact

Check resource usage:

# CPU and memory
systemctl status clamd

# Detailed metrics
systemd-cgtop

# Traditional view
htop -p $(pgrep clamd)

Common Values

Light server (2-4 cores, 4GB RAM):

MemoryLimit=512M
CPUQuota=20%

Medium server (4-8 cores, 8-16GB RAM):

MemoryLimit=1024M
CPUQuota=30%

Heavy server (8+ cores, 16GB+ RAM):

MemoryLimit=2048M
CPUQuota=50%

DirectAdmin Specific

DirectAdmin may override systemd settings. Also check:

/usr/local/directadmin/custombuild/configure/clamd/clamd.conf

Add to clamd.conf:

MaxThreads 10
MaxQueue 100
IdleTimeout 30

Troubleshooting

ClamAV still using too much?

# Check actual limits
cat /proc/$(pgrep clamd)/limits

# Verify cgroup limits
cat /sys/fs/cgroup/system.slice/clamd.service/memory.max
cat /sys/fs/cgroup/system.slice/clamd.service/cpu.max

If limits aren't applying:

  • Check if using correct systemd version (232+)
  • Ensure not using init.d scripts
  • DirectAdmin might use custom startup

Nuclear Option

Still having issues? Use cpulimit:

apt install cpulimit
cpulimit -e clamd -l 30 -b

Or completely disable real-time scanning:

systemctl stop clamd
systemctl disable clamd

Keep only scheduled scans with resource limits.

Was this answer helpful?

Related Articles

Setting Up SSH Keys on Debian/Ubuntu SSH keys provide a secure way to log in to your Linux server without using a password. Generate... Firewalling with Firewalld Firewalld Firewalld is a higher-level implementation of Netfilter, offering a more user-friendly... Firewalling with Firewalld Firewalld Firewalld is a higher-level implementation of Netfilter, offering a more user-friendly... PowerDNS Master-Slave Configuration with DNSSEC Support Introduction This guide provides a detailed walk-through for setting up a PowerDNS... PowerDNS Master-Slave Configuration with DNSSEC Support Introduction This guide provides a detailed walk-through for setting up a PowerDNS...
« Back

  Support

My Support Tickets
Knowledgebase
Open Ticket

WHOIS Information

×
Loading WHOIS information...