Centos7 安装clamav杀毒
一、下载安装
1.下载
clamav官网:http://www.clamav.net/downloads,最新稳定版是0.100.2。 点击这里下载或者wget直接下载源码包。
wget https://www.clamav.net/downloads/production/clamav-0.102.0.tar.gz (下载可能有问题,windows下载上传)
2.解压
tar -zxf clamav-0.102.2.tar.gz
3.编译安装
cd clamav-0.102.2
./configure --prefix=/usr/local/clamav
make
make install
出现错误:
Your libcurl (e.g. libcurl-devel) is too old. Installing ClamAV with clamonacc requires libcurl 7.45 or higher. For a quick fix, run ./configure again with
--disable-clamonacc if you do not wish to use on-access scanning features. For more information on ClamAV's on-access scanner, please read our documentation:
https://www.clamav.net/documents/on-access-scanning#on-access-scanning
1、安装repo
rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/rhel7/x86_64/city-fan.org-release-2-1.rhel7.noarch.rpm
2、查看该 repo 包含的 curl 版本
yum --showduplicates list curl --disablerepo="*" --enablerepo="city*"
Loaded plugins: fastestmirror city-fan.org | 3.0 kB 00:00:00 city-fan.org-debuginfo | 3.0 kB 00:00:00 city-fan.org-source | 3.0 kB 00:00:00 (1/3): city-fan.org-debuginfo/7/primary_db | 39 kB 00:00:02 (2/3): city-fan.org-source/7/primary_db | 344 kB 00:00:03 (3/3): city-fan.org/7/primary_db | 489 kB 00:00:03 Loading mirror speeds from cached hostfile * city-fan.org: nervion.us.es * city-fan.org-debuginfo: www.city-fan.org * city-fan.org-source: nervion.us.es Installed Packages curl.x86_64 7.29.0-42.el7 @anaconda Available Packages curl.x86_64 7.62.0-1.0.cf.rhel7 city-fan.org
3、修改该repo的enable为1
vim /etc/yum.repos.d/city-fan.org.repo [city-fan.org] name=city-fan.org repository for Red Hat Enterprise Linux (and clones) $releasever ($basearch) #baseurl=http://mirror.city-fan.org/ftp/contrib/yum-repo/rhel$releasever/$basearch mirrorlist=http://mirror.city-fan.org/ftp/contrib/yum-repo/mirrorlist-rhel$releasever enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-city-fan.org
4、安装最新的curl
yum install curl
Error: Package: libcurl-7.65.1-1.0.cf.rhel7.x86_64 (city-fan.org) Requires: libnghttp2.so.14()(64bit)
yum install epel-release -y
yum --enablerepo=epel install libnghttp2 -y && yum install libcurl -y
4.添加用户组和组成员groupadd clamav
useradd -g clamav clamav
二、配置
1.创建日志目录和病毒库目录
mkdir /usr/local/clamav/logs -p
mkdir /usr/local/clamav/updata -p
2. 创建日志文件
touch /usr/local/clamav/logs/clamd.log
touch /usr/local/clamav/logs/freshclam.log
3. 文件授权
chown clamav:clamav /usr/local/clamav/logs/clamd.log chown clamav:clamav /usr/local/clamav/logs/freshclam.log chown clamav:clamav /usr/local/clamav/updata
4. 修改配置文件
cp /usr/local/clamav/etc/clamd.conf.sample /usr/local/clamav/etc/clamd.conf
cp /usr/local/clamav/etc/freshclam.conf.sample /usr/local/clamav/etc/freshclam.conf
编辑这两个配置文件内容
vim /usr/local/clamav/etc/clamd.conf #Example //注释掉这一行 #添加以下内容 LogFile /usr/local/clamav/logs/clamd.log PidFile /usr/local/clamav/updata/clamd.pid DatabaseDirectory /usr/local/clamav/updata
vim /usr/local/clamav/etc/freshclam.conf #Example //注释掉这一行 #添加以下内容 DatabaseDirectory /usr/local/clamav/updata UpdateLogFile /usr/local/clamav/logs/freshclam.log PidFile /usr/local/clamav/updata/freshclam.pid
三、执行
1. 更新病毒库
/usr/local/clamav/bin/freshclam
2.杀毒扫描
参数:
-r 递归扫描子目录
-i 只显示发现的病毒文件
–no-summary 不显示统计信息
用法:
--帮助
/usr/local/clamav/bin/clamscan --help
--默认扫描当前目录下的文件,并显示扫描结果统计信息
/usr/local/clamav/bin/clamscan
--扫描当前目录下的所有目录和文件,并显示结果统计信息
/usr/local/clamav/bin/clamscan -r
--扫描data目录下的所有目录和文件,并显示结果统计信息
/usr/local/clamav/bin/clamscan -r /data
--扫描data目录下的所有目录和文件,只显示有问题的扫描结果
/usr/local/clamav/bin/clamscan -r --bell -i /data
--扫描data目录下的所有目录和文件,不显示统计信息
/usr/local/clamav/bin/clamscan --no-summary -ri /data
例如:
/usr/local/clamav/bin/clamscan -r /data
一般使用计划任务,让服务器每天定时更新和定时杀毒,保存杀毒日志。设置crontab定时任务。
1 3 * * * /usr/local/clamav/bin/freshclam --quiet 20 3 * * * /usr/local/clamav/bin/clamscan -r /home --remove -l /var/log/clamscan.log
