Skip to content

Instantly share code, notes, and snippets.

@newtolinux23
Last active July 6, 2024 02:05
Show Gist options
  • Save newtolinux23/3a988b699c4732c781e0a889d7d9d942 to your computer and use it in GitHub Desktop.
Save newtolinux23/3a988b699c4732c781e0a889d7d9d942 to your computer and use it in GitHub Desktop.
This document outlines the steps taken to install and configure ClamAV on NixOS. It also covers the challenges faced during the installation process, the importance of using antivirus software on Linux, and provides commands to scan the system.

Installing and Configuring ClamAV on NixOS

https://www.clamav.net/assets/clamav-trademark.png

Table of Contents

  1. Introduction
  2. Steps to Install ClamAV
  3. Importance of Antivirus on Linux
  4. Commands to Scan the System
  5. Conclusion
  6. Picture

Introduction

This document outlines the steps taken to install and configure ClamAV on NixOS. It also covers the challenges faced during the installation process, the importance of using antivirus software on Linux, and provides commands to scan the system.

Steps to Install ClamAV

Initial Configuration

First, add ClamAV to your NixOS configuration and enable the necessary services:

{ config, pkgs, lib, ... }:
let
  secrets = import ./secrets.nix;
in
{
  environment.systemPackages = with pkgs; [
    clamav
  ];

  systemd.services.clamd = {
    description = "ClamAV Daemon";
    after = [ "network.target" ];
    wantedBy = [ "multi-user.target" ];
    serviceConfig = {
      ExecStart = "${pkgs.clamav}/bin/clamd --foreground=yes";
      Restart = "on-failure";
      User = "clamav";
      Group = "clamav";
      PrivateTmp = true;
      RuntimeDirectory = "clamav";
      RuntimeDirectoryMode = "0755";
    };
  };

  systemd.services.freshclam = {
    description = "ClamAV Virus Database Updater";
    after = [ "network.target" ];
    wantedBy = [ "multi-user.target" ];
    serviceConfig = {
      ExecStart = "${pkgs.clamav}/bin/freshclam --foreground=yes";
      Restart = "on-failure";
      User = "clamav";
      Group = "clamav";
      PrivateTmp = true;
      RuntimeDirectory = "clamav";
      RuntimeDirectoryMode = "0755";
    };
  };
}

After updating the configuration, rebuild the system:

sudo nixos-rebuild switch

Creating Necessary Directories

Ensure the necessary directories exist and have the correct permissions:

sudo mkdir -p /etc/clamav /var/lib/clamav /var/log/clamav /run/clamav
sudo chown -R clamav:clamav /etc/clamav /var/lib/clamav /var/log/clamav /run/clamav
sudo chmod -R 755 /etc/clamav /var/lib/clamav /var/log/clamav /run/clamav

Configuring ClamAV

Create and configure the ClamAV configuration files:

/etc/clamav/clamd.conf

LogFile /var/log/clamav/clamd.log
LogFileMaxSize 0
LogTime true
LogClean false
LogSyslog false
PidFile /run/clamav/clamd.pid
DatabaseDirectory /var/lib/clamav
LocalSocket /run/clamav/clamd.ctl
FixStaleSocket true
TCPSocket 3310
TCPAddr 127.0.0.1
User clamav

/etc/clamav/freshclam.conf

DatabaseDirectory /var/lib/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogFileMaxSize 0
LogTime true
LogSyslog false
PidFile /run/clamav/freshclam.pid
DatabaseOwner clamav
Checks 24
DNSDatabaseInfo current.cvd.clamav.net
DatabaseMirror database.clamav.net

Troubleshooting

Challenges faced included ensuring the ClamAV user and group were correctly set up, creating necessary directories, and setting appropriate permissions. Errors related to user credentials and missing configuration files were resolved by verifying file paths and permissions.

Importance of Antivirus on Linux

While Linux is generally considered secure, using antivirus software like ClamAV adds an additional layer of protection. It helps detect and remove malware, ensuring system integrity and protecting sensitive data from potential threats.

Commands to Scan the System

To scan the system with ClamAV, use the following commands:

Basic Scan of a Directory

clamscan -r /path/to/directory

Scan the Entire System

sudo clamscan -r /

Save Scan Results to a File

sudo clamscan -r / -l /path/to/logfile

Remove Infected Files

sudo clamscan -r --remove / -l /path/to/logfile

Move Infected Files to Quarantine

sudo clamscan -r --move=/var/quarantine / -l /path/to/logfile

Conclusion

Installing and configuring ClamAV on NixOS involves several steps, including updating system configurations, creating necessary directories, and setting appropriate permissions. Regular scans and keeping virus definitions up-to-date are essential for maintaining system security.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment