Installation of linux clamav antivirus software

         ClamAV anti-virus is the most popular anti-virus software on the Linux platform. ClamAV is a free and open source product that supports multiple platforms, such as Linux/Unix, MAC OS X, Windows, and OpenVMS. ClamAV is a command line tool based on virus scanning, but there are also ClamTK tools that support a graphical interface. ClamAV is mainly used for mail server scanning mail. It has multiple interfaces to scan emails from the mail server, and supports file formats such as ZIP, RAR, TAR, GZIP, BZIP2, HTML, DOC, PDF, SIS CHM, RTF, etc. ClamAV has an automatic database updater and can also be run from a shared library.

// 以下为源码包安装步骤
groupadd clamav
useradd -g clamav -s /bin/false -c "Clam Antivirus" clamav

# yum -y groupinstall "Development Tools"
# yum -y install openssl openssl-devel libcurl-devel zlib-devel libpng-devel libxml2-devel json-c-devel bzip2-devel pcre2-devel ncurses-devel

# tar xf clamav-0.101.4.tar.gz
# cd clamav-0.101.4

# ./configure --prefix=/hadoop/software/clamav --disable-clamav --disable-clamav --with-systemdsystemunitdir=no

# make && make install

//cp示例配置
cp /hadoop/software/clamav/etc/freshclam.conf.sample
/hadoop/software/clamav/etc/freshclam.conf
cp /hadoop/software/clamav/etc/clamd.conf.sample /hadoop/software/clamav/etc/clamd.conf

# 创建 log 目录
mkdir -p /hadoop/software/clamav/logs
touch /hadoop/software/clamav/logs/clamd.log
touch /hadoop/software/clamav/logs/freshclam.log
touch /hadoop/software/clamav/logs/clamscan.log

# 创建 病毒 更新
mkdir -p /hadoop/software/clamav/updata
chown -R root:clamav /hadoop/software/clamav/
chown -R clamav:clamav /hadoop/software/clamav/updata/
chown -R clamav:clamav /hadoop/software/clamav/logs/clamd.log
chown -R clamav:clamav /hadoop/software/clamav/logs/freshclam.log
chown -R clamav:clamav /hadoop/software/clamav/logs/clamscan.log

// 配置编辑
# vim /hadoop/software/clamav/etc/clamd.conf

# Example    // 注释掉这一行，编辑如下3行
LogFile /hadoop/software/clamav/logs/clamd.log
PidFile /hadoop/software/clamav/updata/clamd.pid
DatabaseDirectory /hadoop/software/clamav/updata

# vim /hadoop/software/clamav/etc/freshclam.conf
#Example    // 注释掉这一行，编辑如下3行
DatabaseDirectory /hadoop/software/clamav/updata
UpdateLogFile /hadoop/software/clamav/logs/freshclam.log
PidFile /var/run/freshclam.pid

//使用示例
/hadoop/software/clamav/bin/freshclam	// 更新病毒库
/hadoop/software/clamav/bin/clamscan --remove	// 查杀当前目录并删除感染的文件

// 对 / 进行杀毒并保存log
/hadoop/software/clamav/bin/clamscan --exclude-dir="^/sys" --infected -r / --remove -l /hadoop/software/clamav/logs/clamscan.log

 

----------- SCAN SUMMARY -----------
Known viruses: 8939128    #已知病毒
Engine version: 0.103.0   #引擎版本
Scanned directories: 134   #扫描目录数
Scanned files: 345         #扫描文件数
Infected files: 0            #受感染文件  
Data scanned: 39.09 MB     #扫描数据大小
Data read: 289.37 MB (ratio 3.84:1)   #数据读取
Time: 1263.709 sec           #花费时长
Start Date: 2020:11:10 13:36:45
End Date:   2020:11:10 13:37:48