Blue Flower

Sunday, 05 July 2015 13:21

Installing ClamAV

Written by
Rate this item
(0 votes)

Clam Antivirus is command line virus scanner written entirely in C and its database is kept up to date. For more information, Please see: http://www.clamav.net/

Installing clamav


# cd /usr/ports/security/clamav
# make install clean

Make sure the following are checked:

ARC
ARJ
DMG_XAR
DOCS
IPV6 (Optional)
LHA
LLVM
UNRAR
UNZOO

Now we want to create the clamav and freshclam service scripts:


# mkdir -m 1755 /var/qmail/supervise/clamav
# mkdir -m 1755 /var/qmail/supervise/freshclam
# mkdir -m 755 /var/qmail/supervise/clamav/log
# mkdir -m 755 /var/qmail/supervise/freshclam/log
# mkdir -m 1755 /var/log/qmail/clamav
# mkdir -m 1755 /var/log/qmail/freshclam
# cd /var/qmail/supervise/clamav
# fetch http://freebsdrocks.net/files/clamav-run
# mv clamav-run run
# chmod 755 run
# cd log
# fetch http://freebsdrocks.net/files/log-run
# mv log-run run
# chmod 755 run
# vi run

Change the last line to read /var/log/qmail/clamav like so

exec /usr/local/bin/multilog t n20 s1048576 /var/log/qmail/clamav


# cd /var/qmail/supervise/freshclam
# fetch http://freebsdrocks.net/files/freshclam-run
# mv freshclam-run run
# chmod 755 run
# cd log
# fetch http://freebsdrocks.net/files/log-run
# mv log-run run
# chmod 755 run
# vi run

Change the last line to read /var/log/qmail/clamav like so

exec /usr/local/bin/multilog t n20 s1048576 /var/log/qmail/freshclam

Now we need to edit the clamd.conf file so it will run correctly via daemontools:


# vi /usr/local/etc/clamd.conf

#Example - must be commented out or removed
#LogFile - multilog will handle logging
#LogSysLog no - see LogFile
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/db/clamav
FixStaleSocket yes - optional
User - should be uncommented and set to qscand
Foreground yes - required to run clamav via daemontools

Now we need to edit the freshclam.conf file so it will run correctly via daemontools:


# vi /usr/local/etc/freshclam.conf

# Example
DatabaseDirectory /var/db/clamav
# UpdateLogFile - multilog will handle logging
# LogSyslog no - see UpdateLogFile
PidFile /var/run/clamav/freshclam.pid
DatabaseOwner - change from clamav to qscand
Foreground yes - required to run freshclam via daemontools

For your information when this is setup, freshclam is going to run every 2 hours by default. If you want to change it so it more or less frequent, just change this section in freshclam.conf


# Number of database checks per day.
# Default: 12 (every two hours)
# Checks 24

Now to set some file permissions before we start clamav:


# chown -R qscand:qscand /var/log/clamav
# chown -R qscand:qscand /var/run/clamav/
# chown qscand:qscand /var/db/clamav/

Now to create the symlinks to the service:


# ln -s /var/qmail/supervise/clamav /service/
# ln -s /var/qmail/supervise/freshclam /service/

Note: I want to point out before you run the next command that it could take some time for the clamav service to come up due to the updates for freshclam being downloaded. This is normal and it could take several seconds or several minutes for freshclam to update clamav. Don't panic if clamav is stuck at 0 or 1. Just check the freshclam logs to find out when the download is complete and it says it has notified clamav of the database update.

Check to see if clamav and freshclam are running:


# svstat /service/clamav/ /service/clamav/log

/service/clamav: up (pid 82396) 63 seconds
/service/clamav/log: up (pid 82446) 25 seconds

# svstat /service/freshclam/ /service/freshclam/log

/service/freshclam/: up (pid 82409) 69 seconds
/service/freshclam/log: up (pid 82410) 69 seconds

Now to remove the startup scripts:


# rm /usr/local/etc/rc.d/clamav-clamd
# rm /usr/local/etc/rc.d/clamav-freshclam

Read 1936 times Last modified on Thursday, 29 September 2016 02:40

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.