一、简介
ClamAV(Clam AntiVirus)是Linux平台上的开源扫描程序,主要应用于邮件服务器,采用多线程后台操作,可以自动升级库。
二、安装
2.1、在线安装
[root@localhost ~]# yum install -y epel-release[root@localhost ~]# yum clean all && yum makecache[root@localhost ~]# yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd2.2、离线安装
#在可以联网的服务器上制作离线yam源
yum install -y epel-release
yum clean all && yum makecache
#下载clamav安装包制作yum源
yum install --downloadonly --downloaddir=/data/clamav/ clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
createrepo /data/clamav/
#编写repo文件及安装脚本
cat clamav.repo
[clamav]
name=clamav
baseurl=file:///data/clamav/package
gpgcheck=0
enabled=1
cat install.sh
BAO="clamav"
mv /etc/yum.repos.d /etc/yum.repos.d.bak
mkdir /etc/yum.repos.d
cp ${BAO}.repo /etc/yum.repos.d/
yum clean all
yum makecache
yum -y install ${BAO}
rm -rf /etc/yum.repos.d
mv /etc/yum.repos.d.bak /etc/yum.repos.d
#将文件打包并上传到离线服务器执行sh install安装或者
下载https://www.clamav.net/downloads/release_candidate/clamav-0.105.0-rc2.linux.x86_64.rpm安装rpm -ivh clamav-0.105.0-rc2.linux.x86_64.rpm
三、配置SELinux
setsebool -P antivirus_can_scan_system 1
setsebool -P clamd_use_jit 1
#执行getsebool -a | grep antivirus 显示以下内容说明配置正确
antivirus_can_scan_system --> on
antivirus_use_jit --> on注:如果服务器已经禁用selinux,可跳过这步
四、配置ClamAV
#删除示例
sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf
sed -i -e "s/^Example/#Example/" /etc/freshclam.conf
#编辑配置文件
vim /etc/clamd.d/scan.conf
#找到下面这行将注释#删除,保存
#LocalSocket /var/run/clamd.scan/clamd.sock
五.更新库(在线服务器)
freshclam
#库保存在以下位置
/var/lib/clamav/daily.cvd
/var/lib/clamav/main.cvd
