ClamAV eating your CPU? Here's how to limit it.
Quick Fix
Edit the service file:
nano /etc/systemd/system/clamd.service
Add these lines under [Service]
:
MemoryLimit=1024M CPUQuota=30% Nice=19
Reload and restart:
systemctl daemon-reload systemctl restart clamd
Full Configuration
Complete service file with all optimizations:
[Unit] Description=ClamAV scanner daemon After=network.target [Service] Type=simple ExecStartPre=-/bin/mkdir -p /var/run/clamd ExecStartPre=-/bin/chown -R clamav:clamav /var/run/clamd ExecStart=/usr/local/sbin/clamd --foreground=yes Restart=on-failure PrivateTmp=true # Resource limits MemoryLimit=1024M # Max 1GB RAM CPUQuota=30% # Max 30% CPU IOSchedulingPriority=7 # Lowest I/O priority CPUSchedulingPolicy=5 # SCHED_IDLE Nice=19 # Lowest process priority [Install] WantedBy=multi-user.target
Settings Explained
MemoryLimit
- Hard RAM limit. Process killed if exceeded.CPUQuota
- CPU percentage limit (100% = 1 core)Nice
- Process priority (-20 to 19, higher = lower priority)IOSchedulingPriority
- Disk I/O priority (0-7, 7 = lowest)CPUSchedulingPolicy
- 5 = SCHED_IDLE (only runs when system idle)
Alternative: cgroups v2
For newer systems using cgroups v2:
MemoryMax=1G # Instead of MemoryLimit CPUWeight=10 # 1-10000, default 100 IOWeight=10 # 1-10000, default 100
Monitoring Impact
Check resource usage:
# CPU and memory systemctl status clamd # Detailed metrics systemd-cgtop # Traditional view htop -p $(pgrep clamd)
Common Values
Light server (2-4 cores, 4GB RAM):
MemoryLimit=512M CPUQuota=20%
Medium server (4-8 cores, 8-16GB RAM):
MemoryLimit=1024M CPUQuota=30%
Heavy server (8+ cores, 16GB+ RAM):
MemoryLimit=2048M CPUQuota=50%
DirectAdmin Specific
DirectAdmin may override systemd settings. Also check:
/usr/local/directadmin/custombuild/configure/clamd/clamd.conf
Add to clamd.conf:
MaxThreads 10 MaxQueue 100 IdleTimeout 30
Troubleshooting
ClamAV still using too much?
# Check actual limits cat /proc/$(pgrep clamd)/limits # Verify cgroup limits cat /sys/fs/cgroup/system.slice/clamd.service/memory.max cat /sys/fs/cgroup/system.slice/clamd.service/cpu.max
If limits aren't applying:
- Check if using correct systemd version (232+)
- Ensure not using init.d scripts
- DirectAdmin might use custom startup
Nuclear Option
Still having issues? Use cpulimit:
apt install cpulimit cpulimit -e clamd -l 30 -b
Or completely disable real-time scanning:
systemctl stop clamd systemctl disable clamd
Keep only scheduled scans with resource limits.