05-troubleshooting/security/clamscan-cpu-spike-nice-ionice.md

@@ -1,17 +1,11 @@
 ---
-title: ClamAV Safe Scheduling on Live Servers
+title: "ClamAV Safe Scheduling on Live Servers"
 domain: troubleshooting
 category: security
-tags:
-  - clamav
-  - cpu
-  - nice
-  - ionice
-  - cron
-  - vps
+tags: [clamav, cpu, nice, ionice, cron, vps]
 status: published
 created: 2026-04-02
-updated: 2026-05-11T18:31
+updated: 2026-04-02
 ---
 # ClamAV Safe Scheduling on Live Servers
 
@@ -81,7 +75,6 @@ kill <PID>
 - `ionice -c 3` (Idle) requires Linux kernel ≥ 2.6.13 and CFQ/BFQ I/O scheduler. Works on most Ubuntu/Debian/Fedora systems.
 - On multi-core servers, consider also using `cpulimit` for a hard cap: `cpulimit -l 30 -- clamscan ...`
 - Always keep `--exclude=/sys` (and optionally `--exclude=/proc`, `--exclude=/dev`) to avoid scanning virtual filesystems.
-- **1 vCPU limitation:** `nice` and `ionice` only help when other processes compete for resources. On a single-core VPS, clamscan will still saturate the CPU at 57-100% even with `nice -n 19 ionice -c 3` — there's nothing to yield to. Accept the weekly spike as benign, or reduce scan scope to shorten the window.
 
 ## Related