1. 首页
  2. 系统运维
  3. Linux

CentOS 7 安装ClamAV杀毒软件步骤

Clam AntiVirus(ClamAV)是免费而且开放源代码的防毒软件,软件与病毒码的更新皆由社群免费发布。目前ClamAV主要是使用在由Linux、FreeBSD等Unix-like系统架设的邮件服务器上,提供电子邮件的病毒扫描服务。

安装

添加epel源。

yum install epel-release

安装

yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

安装成功类似如下:

install clamav

配置SELinux

如果centos 7系统没有开启SELinux,直接略过就可以。

关闭SELinux步骤:http://blog.nbqykj.cn/?p=2851.html

命令:

setsebool -P antivirus_can_scan_system 1

20180514110029

如果没有运行上面那个命令,运行freshclam可能就会出现这个错误。

During database load : LibClamAV Warning: RWX mapping denied: Can't allocate RWX Memory: Permission denied

配置clamav

配置文件clamd.conf 。

cp /usr/share/clamav/template/clamd.conf /etc/clamd.d/clamd.conf
sed -i '/^Example/d' /etc/clamd.d/clamd.conf

修改/etc/clamd.d/clamd.conf文件,如果没有clamav用户就新建一个。

User clamav
LocalSocket /var/run/clamd/clamd.sock

开启Freshclam

cp /etc/freshclam.conf /etc/freshclam.conf.bak
sed -i '/^Example/d' /etc/freshclam.conf

配置systemd服务

创建/usr/lib/systemd/system/clam-freshclam.service,内容如下:

# Run the freshclam as daemon
[Unit]
Description = freshclam scanner
After = network.target

[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 4
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target

启动

systemctl enable clam-freshclam.service
systemctl start clam-freshclam.service

查看状态

[root@centos7 system]# systemctl status clam-freshclam.service
clam-freshclam.service - freshclam scanner
Loaded: loaded (/usr/lib/systemd/system/clam-freshclam.service; enabled)
Active: active (running) since Thu 2015-06-11 11:09:24 CEST; 1s ago
Process: 3158 ExecStart=/usr/bin/freshclam -d -c 4 (code=exited, status=0/SUCCESS)
Main PID: 3159 (freshclam)
CGroup: /system.slice/clam-freshclam.service
└─3159 /usr/bin/freshclam -d -c 4

clamav主程序服务开启

默认systemd服务类似如下

[root@centos7 system]# ls -l /usr/lib/systemd/system/clam*
-rw-r--r--. 1 root root 136 Apr 29 20:38 /usr/lib/systemd/system/clamd@scan.service
-rw-r--r--. 1 root root 231 Apr 29 20:38 /usr/lib/systemd/system/clamd@.service

修改

mv /usr/lib/systemd/system/clamd@.service /usr/lib/systemd/system/clamd.service
vi /usr/lib/systemd/system/clamd@scan.service
# 去除.include /lib/systemd/system/clamd@.service 的@符号

修改/usr/lib/systemd/system/clamd.service文件类似如下。

[Unit]
Description = clamd scanner daemon
After = syslog.target nss-lookup.target network.target

[Service]
Type = simple
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/clamd.conf --foreground=yes
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target

启动

[root@centos7 system]# systemctl enable clamd.service
[root@centos7 system]# systemctl enable clamd@scan.service
[root@centos7 system]# systemctl start clamd.service
[root@centos7 system]# systemctl start clamd@scan.service

 

clamav正常就安装完成,接下来可以使用clamav了。例如clamav结合postfix邮件系统。

参考链接:https://linux-audit.com/install-clamav-on-centos-7-using-freshclam/

联系我们

0574-55011290

QQ:248687950

邮件:admin@nbhao.org

工作时间:周一至周五,9:00-18:00,节假日休息

QR code