onas: changing clamd NotifyOnly option to Prevention and disabling Prevention option by default.

clamd/onaccess_fan.c

@@ -146,7 +146,7 @@ void *onas_fan_th(void *arg)
 	return NULL;
     }
 
-    if (!optget(tharg->opts, "OnAccessNotifyOnly")->enabled && !optget(tharg->opts, "OnAccessMountPath")->enabled) {
+    if (optget(tharg->opts, "OnAccessPrevention")->enabled && !optget(tharg->opts, "OnAccessMountPath")->enabled) {
 	    logg("ScanOnAccess: preventing access attempts on malicious files.\n");
 	    fan_mask |= FAN_ACCESS_PERM | FAN_OPEN_PERM;
     } else {

etc/clamd.conf.sample

@@ -593,11 +593,11 @@ Example
 #OnAccessDisableDDD yes
 
 # Modifies fanotify blocking behaviour when handling permission events.
-# If turned on, fanotify will only notify if the file scanned is a virus,
+# If off, fanotify will only notify if the file scanned is a virus,
 # and not perform any blocking.
 # (On-access scan only)
 # Default: no
-#OnAccessNotifyOnly yes
+#OnAccessPrevention yes
 
 ##
 ## Bytecode

shared/optparser.c

@@ -405,7 +405,7 @@ const struct clam_option __clam_options[] = {
 
     { "OnAccessDisableDDD", "disable-ddd", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD, "This option toggles the dynamic directory determination system for on-access scanning (Linux only).", "no" },
 
-    { "OnAccessNotifyOnly", "notify-only", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD, "This option changes fanotify behavior to not prevent access attempts on malicious files and simply notify the user instead (On Access scan only).", "no" },
+    { "OnAccessPrevention", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD, "This option changes fanotify behavior to prevent access attempts on malicious files instead of simply notifying the user (On Access scan only).", "yes" },
 
     /* FIXME: mark these as private and don't output into clamd.conf/man */
     { "DevACOnly", "dev-ac-only", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, FLAG_HIDDEN, OPT_CLAMD | OPT_CLAMSCAN, "", "" },