Centos7最小安装下Install Clamav（2017-06-09最后更新）

If you are installing ClamAV for the first time, you have to add a new user and group to your system:

groupadd clamav

useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav

1.建立源，epel-release

yum install -y epel-release （这是一个源）

yum -y update

2.安装clamav包

yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd -y

3.设定clamav守護進程（Configuration of Clam daemon）

cp /usr/share/clamav/template/clamd.conf /etc/clamd.d/clamd.conf

vim /etc/clamd.d/clamd.conf

Example改为#Example

sed -i -e 's/^Example/#Example/' /etc/clamd.d/clamd.conf(这是用命令行来为Example加#）

 

Configure SELinux for ClamAV.You had to write this command to get it working with SELinux:

setsebool -P antivirus_can_scan_system 1   (实际操作并没有用到此行）

4.1修改freshclam配置（Enable Freshclam）

cp /etc/freshclam.conf /etc/freshclam.conf.bak

vim /etc/freshclam.conf

Example改为#Example

sed -i -e 's/^Example/#Example/' /etc/freshclam.conf (这是用命令行来为Example加#）

 

4.2 启用每日自动更新病毒库

freshclam通过/etc/cron.d/clamav-update来运行，默认情况下是禁止的，

vim /etc/sysconfig/freshclam

FRESHCLAM_DELAY=disabled-warn # REMOVE ME改为#FRESHCLAM_DELAY=disabled-warn # REMOVE ME

4.3配置扫描文件

Edit the configuration installed by the clamd-scanner package:

vim /etc/clamd.d/scan.conf

Example改为#Example                             sed -i -e 's/^Example/#Example/' /etc/clamd.d/scan.conf (这是用命令行来为Example加#）

#LocalSocket /var/run/clamd.scan/clamd.sock改为LocalSocket /var/run/clamd.scan/clamd.sock   (85行）

资料：https://www.adminsys.ch/2015/08/21/installing-clamav-epel-centosred-hat-7-nightmare/

4.4建立“clam-freshclam.service”服务

vim /usr/lib/systemd/system/clam-freshclam.service

 

# Run the freshclam as daemon
[Unit]
Description = freshclam scanner
After = network.target
[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 4
Restart = on-failure
PrivateTmp = true
[Install]
WantedBy=multi-user.target

4.5启动更新病毒库服务

systemctl enable clam-freshclam.service
systemctl start clam-freshclam.service
systemctl status clam-freshclam.service

看到active字样，就表示clam-freshclam.service安装成功。

4.6 手动更新病毒库：

freshclam

*******************************************************************************************************************************

*******************************************************************************************************************************

*******************************************************************************************************************************

5.启动服务

cd /usr/lib/systemd/system

 

systemctl enable clamd@scan.service

会显示Created symlink from /etc/systemd/system/multi-user.target.wants/clamd@scan.service to /usr/lib/systemd/system/clamd@scan.service.

systemctl start clamd@scan.service

systemctl status clamd@scan.service

7.扫描home，-r选项表示包含子目录

# clamscan --infected --remove --recursive /home

备注

如果在手动更新病毒库的时候遇到错误，此时就要删除掉旧的镜像地址文件#rm -f /var/lib/clamav/mirrors.dat

再手动更新一次病毒库，#freshclam