Clam AntiVirus (ClamAV) is a free software, cross-platform and open-source antivirus software toolkit able to detect many types of malicious software, including viruses. One of its main uses is on mail servers as a server-side email virus scanner. ClamAV includes a number of utilities: a command-line scanner, automatic database updater and a scalable multi-threaded daemon, running on an anti-virus engine from a shared library. In this article you will learn in detail the installation and configuration of ClamAV.
Step 1: Install EPEL Repo
First of all we have to install EPEL release as ClamAv installation will require some necessary packages.
dnf install epel-release -y
Step 2: Installing ClamAV
dnf install clamav -y
dnf install clamd -y
dnf install clamav clamd clamav-update -y
Step 3: Configure SElinux for ClamAV
Adjust ClamAv with SELinux and give it access to all your files with the following command:
setsebool -P antivirus_can_scan_system 1
Step 4: Download latest Signature for ClamAV
now use below command to get latest signatures of antivirus.
freshclam
Step 5: ClamAV configuration
we need to locate ‘LocalSocket’ parameter in /etc/clamd.d/scan.conf file and enable it so that we can use ClamAV.
use below command to enable it.
sed -i 's/#LocalSocket \/run/LocalSocket \/run/g' /etc/clamd.d/scan.conf
Step 6: Create ClamAV Systemd Service
Create systemd service for ClamAV and set it to auto start.
vi /usr/lib/systemd/system/freshclam.service
add below lines in freshclam.service file and save the changes.
[Unit]
Description = ClamAV Scanner
After = network.target
[Service]
Type = forking
# if you want to scan more than one in a day change the number 1 with your desired number in below line.
ExecStart = /usr/bin/freshclam -d -c 1
Restart = on-failure
PrivateTmp =true
[Install]
WantedBy=multi-user.target
Start and enable services
Everything has been installed and configured now its time to enable all services on boot.
systemctl start clamd@scan
systemctl start freshclam
systemctl enable clamd@scan
systemctl enable freshclam
Use following command to check the status of ClamAV services
systemctl status clamd@scan
systemctl status freshclam
Congratulations! installation of ClamAV has been completed.
Thanks for the article it worked as a service .. verified using clamdscan command.. however quick question – this is not accessible via tcp 3310.. I made the tcpaddr and TCPport changes in scan.conf file and since I’m using docker centos 8, I could not perform step 3 as selinux is not available in docker centos 8.. question is why service is not available thro tcp socket.. and does setsebool impact tcp behaviour