centos7 clamav0.101.2 安装

参考此博文

建立源

yum install -y epel-release
yum -y update

安装

yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd -y
clamd --version

配置

cp /usr/share/clamav/template/clamd.conf /etc/clamd.d/clamd.conf
vi /etc/clamd.d/clamd.conf
#注释掉Example,即将Example改为#Example

vi /etc/freshclam.conf
#注释掉Example,即将Example改为#Example(发现当前版本默认已经注释掉了)

#启用每日自动更新病毒库
vi /etc/sysconfig/freshclam
#注释掉,即FRESHCLAM_DELAY=disabled-warn # REMOVE ME改为#FRESHCLAM_DELAY=disabled-warn # REMOVE ME(发现当前版本默认已经注释掉了)

vi /etc/clamd.d/scan.conf
#注释掉Example,即将Example改为#Example
#去掉注释,即#LocalSocket /var/run/clamd.scan/clamd.sock改为LocalSocket /var/run/clamd.scan/clamd.sock

添加用户

groupadd clamav
useradd -g clamav -s /bin/false clamav

启动自动更新病毒库服务

#添加启动文件
vi /usr/lib/systemd/system/clam-freshclam.service
# Run the freshclam as daemon 
[Unit] 
Description = freshclam scanner 
After = network.target 
[Service] 
Type = forking 
ExecStart = /usr/bin/freshclam -d -c 4 
Restart = on-failure 
PrivateTmp = true 
[Install] 
WantedBy=multi-user.target
#启动服务
systemctl enable clam-freshclam.service
systemctl start clam-freshclam.service
systemctl status clam-freshclam.service

#手动更新病毒库
freshclam

启动clamd

cd /usr/lib/systemd/system
systemctl enable clamd@scan.service
systemctl start clamd@scan.service
systemctl status clamd@scan.service

扫描

#不依赖守护进程扫描
clamscan -ri --move=/file/clamavlogs /file

#依赖守护进程扫描
sudo clamdscan --no-summary --fdpass --move=/file/clamavlogs /file/1.jpg

参数示意

  • -r 递归扫描文件夹内文件,clamdscan无法递归扫描
  • -i 仅打印扫描到的问题文件
  • --no-summary 不打印统计信息
  • --move=/file/clamavlogs 将扫描到的问题文件剪切到指定目录
  • --fdpass 将文件权限赋予clamd,只有clamdscan命令能用

添加非root用户clamdscan权限

若要用其它用户执行clamdscan命令,需要给该用户加上权限,否则扫描报错

visudo
#在最后一行加上:用户名 ALL=(ALL) NOPASSWD:/usr/bin/clamdscan