mirror of
https://github.com/docker/docs.git
synced 2026-04-12 06:19:22 +07:00
e515aa26d2
As previously stated, the entire `%ProgramData%` directory would be ignored. This also uses a PowerShell syntax for which most people may not be familiar, but most often PowerShell users know how to translate from supported environment variables. The main point is to limit the directory to ignore to just docker. Many, many other applications write to `%ProgramData%`.
17 lines
839 B
Markdown
17 lines
839 B
Markdown
---
|
|
title: Antivirus software and Docker
|
|
description: General guidelines for using antivirus software with Docker
|
|
keywords: antivirus, security
|
|
---
|
|
|
|
When antivirus software scans files used by Docker, these files may be locked
|
|
in a way that causes Docker commands to hang.
|
|
|
|
One way to reduce these problems is to add the Docker data directory
|
|
(`/var/lib/docker` on Linux, `%ProgramData%\docker` on Windows Server, or `$HOME/Library/Containers/com.docker.docker/` on Mac) to the
|
|
antivirus's exclusion list. However, this comes with the trade-off that viruses
|
|
or malware in Docker images, writable layers of containers, or volumes are not
|
|
detected. If you do choose to exclude Docker's data directory from background
|
|
virus scanning, you may want to schedule a recurring task that stops Docker,
|
|
scans the data directory, and restarts Docker.
|