by

Installing ClamAV on Rocky Linux 8


Do read up on What is ClamAV by Liquid Web for more information on Clam AV.

I thought I would list a few pointers that might be of use.

  • ClamAV is a free and open-source antivirus software and a cross-platform antivirus toolkit.
  • For Linux Systems, it offers Real-Time Protection, which is a crucial feature against zero-day attacks
  • ClamAV provides a multi-threaded virtual scanner, a tool for automatic virus database updates, and a command-line scanner.

a. Install ClamdAV and its services which include Antivirus and Antivirus Updater

# dnf install clamav clamd clamav-update

b. Setting up a Service Account

If you’re planning to run freshclam or clamd as a service on a Linux or Unix system, you should create a service account. The following instructions assume that you will use the an account named “clamav” for both services, although you may create a different account name for each if you wish.

# groupadd clamav
# useradd -g clamav -s /bin/false -c "Clam Antivirus" clamav

c. Configure SELINUX for ClamAV

# sudo setsebool -P antivirus_can_scan_system 1

d. Run ClamAV Database Update Command

# freshclam

e. Suggested configuration of /etc/clamd/scan.conf or /etc/clamd/clamd.conf as written by ClamAV Setup Notes

ExtendedDetectionInfo yes
FixStaleSocket yes
LocalSocket /var/run/clamav/clamd.ctl
LogFile /var/log/clamav/clamav.log
LogFileMaxSize 5M
LogRotate yes
LogTime yes
MaxDirectoryRecursion 15
MaxThreads 20
OnAccessExcludeUname clamav
OnAccessExcludeUname root
OnAccessIncludePath /home
OnAccessMountPath /home/johnfedoruk
OnAccessPrevention yes
User root
VirusEvent /etc/clamav/detected.sh

f. Create and Edit the systems freshclam.service

vim /usr/lib/systemd/system/freshclam.service
[Unit]
Description = ClamAV Scanner
After = network.target

[Service]
Type = forking
#if you want to update database automatically more than once a day change the number 1  
ExecStart = /usr/bin/freshclam -d -c 1
Restart = on-failure
PrivateTmp =true

[Install]
WantedBy=multi-user.target

g. Start and Enable FreshClam and Calmd Scanner Services

# systemctl start freshclam
# systemctl enable freshclam

h. Scanning a Directory

# clamscan -r /tmp

References:

  1. Installing ClamAV
  2. ClamAV Setup Notes
  3. Install ClamAV Antivirus on Rocky Linux 8 or Alma Linux 8

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.