Skip to content

Instantly share code, notes, and snippets.

@fernandoaleman

fernandoaleman/how-to-install-and-run-clamav-on-centos7.md

Last active April 10, 2024 09:55
Show Gist options
  • Save fernandoaleman/50b134b987297f97c803c91b591e5c52 to your computer and use it in GitHub Desktop.
Save fernandoaleman/50b134b987297f97c803c91b591e5c52 to your computer and use it in GitHub Desktop.
Download ZIP
How to install and run ClamAV on CentOS 7
Raw
how-to-install-and-run-clamav-on-centos7.md

How To Install and Run ClamAV on CentOS 7

ClamAV is an open-source antivirus. It is used to detect viruses, trojans, and malware.

Install ClamAV

Install EPEL repository

yum install -y epel-release

Install ClamAV packages

yum install -y clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

Configure ClamAV

Backup the default config

cp /etc/clamd.d/scan.conf /etc/clamd.d/scan.conf.bak

Update the default config

sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

Open the config file

vim /etc/clamd.d/scan.conf

and uncomment the following line (and any other config settings you want to change)

# LocalSocket /run/clamd.scan/clamd.sock

Setup ClamAV Service

Rename service file to remove the @ symbol

mv /usr/lib/systemd/system/clamd\@.service /usr/lib/systemd/system/clamd.service

Open the service file

vim /usr/lib/systemd/system/clamd.service

Update the service file with the following contents

[Unit]
Description = clamd scanner daemon
After = syslog.target nss-lookup.target network.target
[Service]
Type = forking
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/scan.conf
# Reload the database
ExecReload=/bin/kill -USR2 $MAINPID
Restart = on-failure
TimeoutStartSec=420
[Install]
WantedBy = multi-user.target

Reload the systemd daemon

systemctl daemon-reload

Start service

systemctl start clamd.service

Enable service to start on reboot

systemctl enable clamd.service

Check service status

systemctl status clamd.service

Update ClamAV Antivirus Definitions

Backup the freshclam config

cp /etc/freshclam.conf /etc/freshclam.conf.bak

Update the freshclam config

sed -i -e "s/^Example/#Example/" /etc/freshclam.conf

Update antivirus definitions

freshclam

Setup freshclam Service

Open the service file

vim /usr/lib/systemd/system/freshclam.service

Update the service file with the following contents

[Unit]
Description = freshclam
After = network.target
[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 4
Restart = on-failure
PrivateTmp = true
RestartSec = 10sec
[Install]
WantedBy=multi-user.target

Reload the systemd daemon

systemctl daemon-reload

Start service

systemctl start freshclam.service

Enable service to start on reboot

systemctl enable freshclam.service

Check service status

systemctl status freshclam.service

Scan For Viruses

Create directory to store infected files

mkdir -p /tmp/clamscan

Scan root directory and log results

clamscan -i --recursive --move=/tmp/clamscan --log=/var/log/clamscan.log --exclude-dir="^/sys" /
@KhoiHUFI
Copy link

sudo clamscan -r -r /xyz

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment