Updated 4/24/07: Changed ClamAV docs to run from daemontools

Updated 2/14/08: Changed the section where it says to have things unchecked when you run make install to things that should be checked. It makes it a bit better when you are following the guide. 

Clam Antivirus is command line virus scanner written entirely in C and its database is kept up to date. For more information, Please see: http://www.clamav.net/

Installing clamav

# cd /usr/ports/security/clamav
# make install clean

Make sure the following are checked:

ARC
ARJ
LHA
UNZOO
UNRAR

Now we want to create the clamav and freshclam service scripts:

# mkdir -m 1755 /var/qmail/supervise/clamav
# mkdir -m 1755 /var/qmail/supervise/freshclam
# mkdir -m 755 /var/qmail/supervise/clamav/log
# mkdir -m 755 /var/qmail/supervise/freshclam/log
# cd /var/qmail/supervise/clamav
# fetch http://freebsdrocks.net/files/clamav-run
# mv clamav-run run
# chmod 755 run
# cd log
# fetch http://freebsdrocks.net/files/log-run
# mv log-run run
# chmod 755 run
# cd /var/qmail/supervise/freshclam
# fetch http://freebsdrocks.net/files/freshclam-run
# mv freshclam-run run
# chmod 755 run
# cd log
# fetch http://freebsdrocks.net/files/log-run
# mv log-run run
# chmod 755 run

Now we need to edit the clamd.conf file so it will run correctly via daemontools:

# vi /usr/local/etc/clamd.conf

        #Example - must be commented out or removed
        #LogFile - multilog will handle logging
        #LogSysLog no - see LogFile
        PidFile /var/run/clamav/clamd.pid
        DatabaseDirectory /var/db/clamav
        FixStaleSocket yes - optional
        User - should be uncommented and set to qscand
        Foreground yes - required to run clamav via daemontools

Now we need to edit the freshclam.conf file so it will run correctly via daemontools:

# vi /usr/local/etc/freshclam.conf

        # Example
        DatabaseDirectory /var/db/clamav
        # UpdateLogFile - multilog will handle logging
        # LogSyslog no - see UpdateLogFile
        PidFile /var/run/clamav/freshclam.pid
        DatabaseOwner - change from clamav to qscand
        Foreground yes - required to run freshclam via daemontools

For your information when this is setup, freshclam is going to run every 2 hours by default. If you want to change it so it more or less frequent, just change this section in freshclam.conf

# Number of database checks per day.
# Default: 12 (every two hours)
# Checks 24

Now to set some file permissions before we start clamav:

# chown -R qscand:qscand /var/log/clamav
# chown -R qscand:qscand /var/run/clamav/
# chown qscand:qscand /var/db/clamav/

Now to create the symlinks to the service: 

# ln -s /var/qmail/supervise/clamav /service/
# ln -s /var/qmail/supervise/freshclam /service/

Check to see if clamav and freshclam are running: 

# svstat /service/clamav/ /service/clamav/log

/service/clamav: up (pid 82396) 63 seconds
/service/clamav/log: up (pid 82446) 25 seconds

# svstat /service/freshclam/ /service/freshclam/log

/service/freshclam/: up (pid 82409) 69 seconds
/service/freshclam/log: up (pid 82410) 69 seconds

Now to remove the startup scripts: 

# rm /usr/local/etc/rc.d/clamav-clamd
# rm /usr/local/etc/rc.d/clamav-freshclam