2

ClamAV on Fedora 11

view story
linux-howto

http://forums.fedoraforum.org – This little guide walks you through getting ClamAV and ClamAV-Update (freshclam) installed and configured on your Fedora installation with basic/default configurations. Hopefully, it will help those looking to get started with ClamAV. ---------------------------------- Installation: Code: shell> sudo yum install -y clamav clamav-update ---------------------------------- Setup clamav-update: Code: shell> sudo vi /etc/freshclam.conf Note: Change the following 2 items, then save and quit. Example to #Example #DatabaseDirectory /var/lib/clamav to DatabaseDirectory /var/lib/clamav ---------------------------------- In order for the freshclam cron script to work, we'll need to update /etc/sysconfig/freshclam Code: shell> sudo vi /etc/sysconfig/freshclam Note: Change the following item, then save and quit. FRESHCLAM_DELAY=disabled-warn to #FRESHCLAM_DELAY=disabled-warn ---------------------------------- Run the virus definition updates by hand (for testing): Code: shell> sudo /usr/bin/freshclam Run a test scan on /sbin and /bin (recursively and log to /tmp/clamscan.Month-Day-Year.log): Code: shell> sudo clamscan -r /sbin /bin --log=/tmp/clamscan.`date +%m-%d-%y`.log ---------------------------------- Script for auto-scans: Note: Create the script and save under "root's" home. Code: shell> sudo su - shell> cd ~ shell> vi virus-scan.sh NOTE: Copy and paste the below info into the virus-scan.sh, then save and quit. Code: #!/bin/sh ####################### # Create the log file if needed # CLAM_LOG="/var/log/clamscan.log" if [ ! -f "$CLAM_LOG" ]; then touch "$CLAM_LOG" chmod 644 "$CLAM_LOG" chown clamav.clamav "$CLAM_LOG" fi # ######################## # Setup our common scanned paths - note these are based on my systems $PATH # You can change the user that gets mailed, or don't use mail at all, if using a logging setup etc. # COMMON_DIRS="/bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin /usr/kerberos/bin /usr/kerberos/sbin /usr/lib/qt* /home /tmp" # ######################## # Start the scan and mail to root (change as needed) # /usr/bin/clamscan -ri $COMMON_DIRS --log="$CLAM_LOG" | mail -s virus-scan.`date +%m-%d-%y` root@localhost # ######################## Set the script to be executable and test: Code: shell> chmod +x virus-scan.sh shell> ./virus-scan-sh & Once it's complete check roots mail and/or the log file, if all is well, let's set up a cron job. ---------------------------------- There are many ways to use cron, this example is using the /etc/cron.d structure. Code: shell> cd /etc/cron.d shell> vi virus-scan NOTE: Copy and paste the following into the virus-scan file, the save and quit. Code: # The following will run our script at 2am every day of the week. # Obviously you'll need to adjust this based on workload, uptimes etc. 00 02 * * * root /root/virus-scan.sh > /dev/null 2>&1 ---------------------------------- HTH (HowTos)