Installing ClamAV

Clam Antivirus is command line virus scanner written entirely in C and its database is kept up to date. For more information, Please see: http://www.clamav.net/

Installing clamav


# cd /usr/ports/security/clamav
# make install clean

Make sure the following are checked:

ARC
ARJ
LHA
UNZOO
UNRAR

Now we want to create the clamav and freshclam service scripts:


# mkdir -m 1755 /var/qmail/supervise/clamav
# mkdir -m 1755 /var/qmail/supervise/freshclam
# mkdir -m 755 /var/qmail/supervise/clamav/log
# mkdir -m 755 /var/qmail/supervise/freshclam/log
# cd /var/qmail/supervise/clamav
# cp /downloads/qmailrocks/clamav-run run
# chmod 755 run
# cd log
# cp /downloads/qmailrocks/service-any-log-run run
# chmod 755 run
# cd /var/qmail/supervise/freshclam
# cp /downloads/qmailrocks/freshclam-run run
# chmod 755 run
# cd log
# cp /downloads/qmailrocks/service-any-log-run run
# chmod 755 run

Now we need to edit the clamd.conf file so it will run correctly via daemontools:


# chmod 744 /usr/local/etc/clamd.conf
# vi /usr/local/etc/clamd.conf

        #Example - must be commented out or removed
        #LogFile - multilog will handle logging
        #LogSysLog no - see LogFile
        PidFile /var/run/clamav/clamd.pid
        DatabaseDirectory /var/db/clamav
        FixStaleSocket yes - optional
        User - should be uncommented and set to qscand
        Foreground yes - required to run clamav via daemontools


Now we need to edit the freshclam.conf file so it will run correctly via daemontools:


# chmod 744 /usr/local/etc/freshclam.conf
# vi /usr/local/etc/freshclam.conf

        # Example
        DatabaseDirectory /var/db/clamav
        # UpdateLogFile - multilog will handle logging
        # LogSyslog no - see UpdateLogFile
        PidFile /var/run/clamav/freshclam.pid
        DatabaseOwner - change from clamav to qscand
        Foreground yes - required to run freshclam via daemontools


For your information when this is setup, freshclam is going to run every 2 hours by default. If you want to change it so it more or less frequent, just change this section in freshclam.conf


# Number of database checks per day.
# Default: 12 (every two hours)
# Checks 24

Now to set some file permissions before we start clamav:


# chown -R qscand:qscand /var/log/clamav
# chown -R qscand:qscand /var/run/clamav/
# chown qscand:qscand /var/db/clamav/

Now to create the symlinks to the service: 


# ln -s /var/qmail/supervise/clamav /service/
# ln -s /var/qmail/supervise/freshclam /service/

Check to see if clamav and freshclam are running: 


# svstat /service/clamav/ /service/clamav/log


/service/clamav: up (pid 82396) 63 seconds
/service/clamav/log: up (pid 82446) 25 seconds



# svstat /service/freshclam/ /service/freshclam/log


/service/freshclam/: up (pid 82409) 69 seconds
/service/freshclam/log: up (pid 82410) 69 seconds


Now to remove the startup scripts: 


# rm /usr/local/etc/rc.d/clamav-clamd
# rm /usr/local/etc/rc.d/clamav-freshclam 

Now we have a choice on which version of qmail-scanner to install. The 2 choices are using qmail-scanner 1.25 with qms analog or qmail-scanner 2.0 without qms analog. The main difference there is qmail reporting. If you want to have the qmailstats report, you will want to install 1.25. If you are setting up a box and don't need qmailstats, you can use the newly updated qmail-scanner 2.0 Choose wisely ...

Setting up QmailScanner 1.25 with qms analog

or

Setting up QmailScanner 2.0 without qms analog