clamav

Clam AntiVirus (ClamAV) is a free software, cross-platform and open-source antivirus software toolkit able used to detect trojans and malicious softwares including viruses. One of its main uses is on mail servers as a server-side email virus scanner. ClamAV includes a number of utilities: a command-line scanner, automatic database updater and a scalable multi-threaded daemon, running on an anti-virus engine from a shared library. In this very blog you gonna learn in detail the installation and configuration of ClamAV.

Install EPEL Repo

First we need to install EPEL release as ClamAv installation requires some necessary packages.

dnf install epel-release -y

Installing ClamAV

dnf install clamav -y
dnf install clamd -y
dnf install clamav clamd clamav-update -y

Configure SElinux for ClamAV

Adjust ClamAv with SELinux and give it access to all your files with the following command:

setsebool -P antivirus_can_scan_system 1

Download latest Signature for ClamAV

Now use following command to get latest signatures of antivirus.

freshclam

ClamAV configuration

We need to locate ‘LocalSocket‘ parameter in /etc/clamd.d/scan.conf file and enable it so that we can use ClamAV.
use below command to enable it.

sed -i 's/#LocalSocket \/run/LocalSocket \/run/g' /etc/clamd.d/scan.conf

Create ClamAV Systemd Service

Create systemd service for ClamAV and set it to auto start.

vi /usr/lib/systemd/system/freshclam.service

Add below content in freshclam.service file and save the changes.

[Unit]
Description = ClamAV Scanner
After = network.target
[Service]
Type = forking

# if you want to scan more than one in a day change the number 1 with your desired number.

ExecStart = /usr/bin/freshclam -d -c 1
Restart = on-failure
PrivateTmp =true
[Install]
WantedBy=multi-user.target

Start and Enable Services

Everything has been installed and configured now its time to enable all services on boot.

systemctl start clamd@scan

Use following command to check the status of ClamAV services


systemctl start freshclam
systemctl enable clamd@scan
systemctl enable freshclam
systemctl status clamd@scan

systemctl status freshclam

That’s about it.