fbpx

How to Install ClamAV and Configure

ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats on Linux. In this article, we will only be configuring ClamAV to run scheduled/on-demand scans; not resident scans.

A. Install ClamAV

1. Install EPEL repo

Before we can do proceed, you must ensure that you have the EPEL yum repository enabled.

The EPEL repo is enabled by simply installing an RPM. Please use the command below to install the EPEL repository on your CentOS server.

CentOS 6 – 32-bit

 CentOS 6 – 64-bit

 CentOS 5 – 32-bit

 CentOS 5 – 64-bit

After running the above commands for your relevant CentOS version, the following file is created:

/etc/yum.repos.d/epel.repo

The above file can be edited directly to enable or disable the EPEL repo.

2. Install required packages
yum install clamav clamd
3. Start the clamd service and set it to auto-start
chkconfig clamd on
/etc/init.d/clamd start
4. Update ClamAV’s signatures
/usr/bin/freshclam

Note: ClamAV will update automatically, as part of /etc/cron.daily/freshclam.

B. Configure Daily Scan

In this example, we will configure a cronjob to scan the /home/ directory every day:

1. Create cron file:
vim /etc/cron.daily/manual_clamscan

Add the following to the file above. Be sure to change SCAN_DIR to the directory that you want to scan:

#!/bin/bash
SCAN_DIR="/home"
LOG_FILE="/var/log/clamav/manual_clamscan.log"

/usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE

Give our cron script executable permissions:

chmod +x /etc/cron.daily/manual_clamscan

You can even run the above script to ensure that it works correctly.

3 Responses on this post

  1. Hello Admin,
    Running the script works fine . But the cron job is not working , error message: /path/to/directory: Permission Denied , Can’t access file

    1. Hi,

      You need to first create the file by :-

      nano /etc/cron.daily/manual_clamscan

      Add the following to the file above. Be sure to change SCAN_DIR to the directory that you want to scan:

      #!/bin/bash
      SCAN_DIR=”/home”
      LOG_FILE=”/var/log/clamav/manual_clamscan.log”

      /usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE

      After the files are added save the document by “ctrl+o” and then exit by “ctrl+z”

      This should do the job, else you can add the following line in crontab -e.

      0 23 0 0 0 /etc/cron.daily/manual_clamscan

      Regards
      Shine Servers LLP

Leave a Reply

Your email address will not be published. Required fields are marked *