Melhttps://unixcop.com
Unix/Linux Guru and FOSS supporter

Install ClamAV on CentOS 8

Clam AntiVirus (ClamAV) is a free software, cross-platform and open-source antivirus software toolkit able to detect many types of malicious software, including viruses. One of its main uses is on mail servers as a server-side email virus scanner. ClamAV includes a number of utilities: a command-line scanner, automatic database updater and a scalable multi-threaded daemon, running on an anti-virus engine from a shared library. In this article you will learn in detail the installation and configuration of ClamAV.

Step 1: Install EPEL Repo

First of all we have to install EPEL release as ClamAv installation will require some necessary packages.

dnf install epel-release -y

Step 2: Installing ClamAV

dnf install clamav -y

dnf install clamd -y

dnf install clamav clamd clamav-update -y

Step 3: Configure SElinux for ClamAV

Adjust ClamAv with SELinux and give it access to all your files with the following command:

setsebool -P antivirus_can_scan_system 1

Step 4: Download latest Signature for ClamAV

now use below command to get latest signatures of antivirus.

freshclam

Step 5: ClamAV configuration

we need to locate ‘LocalSocket’ parameter in /etc/clamd.d/scan.conf file and enable it so that we can use ClamAV.
use below command to enable it.

sed -i 's/#LocalSocket \/run/LocalSocket \/run/g' /etc/clamd.d/scan.conf

Step 6: Create ClamAV Systemd Service

Create systemd service for ClamAV and set it to auto start.

vi /usr/lib/systemd/system/freshclam.service

add below lines in freshclam.service file and save the changes.

[Unit]
Description = ClamAV Scanner
After = network.target

[Service]
Type = forking
# if you want to scan more than one in a day change the number 1 with your desired number in below line.
ExecStart = /usr/bin/freshclam -d -c 1
Restart = on-failure
PrivateTmp =true

[Install]
WantedBy=multi-user.target

Start and enable services

Everything has been installed and configured now its time to enable all services on boot.

systemctl start clamd@scan
systemctl start freshclam
systemctl enable clamd@scan
systemctl enable freshclam

Use following command to check the status of ClamAV services

systemctl status clamd@scan
systemctl status freshclam

Congratulations! installation of ClamAV has been completed.

1 COMMENT

  1. Thanks for the article it worked as a service .. verified using clamdscan command.. however quick question – this is not accessible via tcp 3310.. I made the tcpaddr and TCPport changes in scan.conf file and since I’m using docker centos 8, I could not perform step 3 as selinux is not available in docker centos 8.. question is why service is not available thro tcp socket.. and does setsebool impact tcp behaviour

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

x