Cannot start cxs watch: Option Wsymlin is ambiguous

Community forum to discuss cxs.
If you believe that there is a problem with your cxs installation and want support then, as a paid product, you should use the helpdesk after having consulted the documentation.
1 post Page 1 of 1
Junior Member
Posts: 1
Joined: 20 Mar 2017, 12:01


I can't start cxs watch. It was working last week but I checked this morning and it wasn't running at all. I tried to start, enable, restart but all of them gives me same warning:
Code: Select all
Starting cxswatch daemon:Option Wsymlin is ambiguous (Wsymlink, Wsymlinkmax, Wsymlinksec)
    cxs [OPTION]... RESOURCE

       -?, --help               Display the documentation
       -V, --version            Display the version
           --terms              Display the License Agreement
       -Z, --quiet              Quiet output
       -U, --upgrade            Upgrade to the latest version
           --mail [email]       Send scan report to email address [email]
           --smtp               Send emails via localhost SMTP instead of sendmail
           --template [file]    Use [file] as a template when sending scan reports
           --report [file]      Write scan report to [file]
           --logfile [file]     Append scan report files to [file]
       -N, --cleanlog           Log clean Web script or FTP files with --logfile 
           --[no]virusscan      Do [not] perform virus scanning (default:on)
           --[no]exploitscan    Do [not] perform exploit scanning (default:on)
           --[no]sversionscan   Do [not] perform script version scanning (def:on)
           --[no]summary        Do [not] display scan summary (default:on)
           --[no]html           Do [not] send emails in HTML format (default:on)
           --[no]ssl            Do [not] retrieve all URLs using SSL (default:on)
       -S, --sizemax [bytes]    Maximum amount of text to scan (default:500000)
       -F, --filemax [num]      Skip dir if > than [num] resources (default:10000)
       -H, --timemax [secs]     Scan timeout per file in seconds (default:30)
           --ctime [hours]      Ignore files changed more than [hours] ago
       -C, --clamdsock [sock]   Location of the clamd socket
           --[no]fallback       Do [not] use clamscan if clamd errors (default:off)
           --[no]unofficial     Do [not] allow unofficial ClamAV sigs (default:off)
       -D, --delete             Delete suspicious files
           --defapache [user]   Default apache user
           --force              Force scanning within restricted directories
       -K, --skipover [user]    Start scanning after [user] with --allusers
           --jumpfrom [user]    Start scanning from [user] (incl) with --allusers
           --jumpto [user]      Stop scanning to [user] (incl) with --allusers
           --ulist [file]       Scan users listed in [file] with --allusers
           --uidmin [uid]       Min UID for GENERIC with --allusers (default:1000)
           --uidmax [uid]       Max UID for GENERIC with --allusers (default:65535)
       -E, --deep               Perform a deep scan
           --debug              Print a LOT of debugging information
           --decode [file]      Decode PHP base64/rot13 encoded file
           --depth [num]        Decode to [num] depth for --decode
           --block              Block FTP IP addresses using csf
           --MD5                Display matched file md5sum
           --prenice [num]      Set process nice priority value
           --pionice [num]      Set process ionice priority value
       -B, --background         Run scan as a background process
       -T, --throttle [num]     Sleep if load is greater than [num]
       -I, --ignore [file]      A file with resources for scanning to ignore
       -X, --xtra [file]        A file with more resources for scanning to use
           --script [script]    Run [script] if a match is detected
           --tscripts [list]    When using --options [T] only detect these types
           --www                Only scan in public_html subdir (--allusers/--user)
           --generate           Generate --ignore [file] using --report [file]
           --wttw [file]        Report script to ConfigServer
           --comment "text"     Include quoted comment when using --wttw [file]
           --voptions [mfuhexT] Virus scan specified file types only
           --doptions [mMfuSGchexTEvU] Delete specified file types only (def:Mv)
           --soptions [ad]      Script version scanning options
           --options [-/+][mMOLfuSGcChexdnwWTEDZRPU] Exploit scan options

       -Q, --quarantine [dir]   Move suspicious files to quarantine [dir]
           --qoptions [mMfuSGchexTEvBU] Quarantine specified file types only (def:Mv)
           --qcreate            Create a cxs quarantine directory
           --qclean [days]      Clean quarantine retaining [days] of files
           --qlocal             Quarantine ModSecurity files locally (mod_ruid2)
           --qrestore [file]    Restore quarantine [file] to original location
           --qignore [method]   Add an ignore entry for [file] into an ignore file
           --qview [file]       View quarantine [file]

           --[no]bayes          Do [not] perform script Bayes classification
           --breport [level]    Min Bayes level to report (default:medium)
           --baction [level]    Min Bayes level to quarantine/delete (default:high)
           --bget               Retrieve the trained master Bayes corpus
           --blearn [X|C]       Add a file to the local corpus
           --bforget [X|C]      Remove a file from the local corpus

           --Wstart             Start the cxs Watch daemon
           --Wstop              Stop the cxs Watch daemon
           --Wmaxchild [num]    The number of Watch child processes (default:3)
           --Wadd [file]        A file with more resources for cxs Watch to scan
           --Wsleep [secs]      Sleep delay (default:3 secs)
           --Wloglevel [num]    cxs Watch daemon log file verbosity [0..2]
           --Wrefresh [days]    Restart cxs Watch daemon every [days] (default:7)
           --Wrateignore [secs] Ignore excessively updated files (default:0)
           --Wmonitor [file]    A file with resources to monitor for changes
           --Wmonignore [file]  An ignore file to use with --Wmonitor [file]

           [file/directory]     A file or directory to scan, or
           --allusers           Scan all user login directories (alphabetical), or
           --user [user]        Scan [user] login directory

1 post Page 1 of 1