linux centos7安装clamav 详情

centos安装clamav

第一步:安装依赖

yum install clamav clamav-server clamav-data clamav-update clamav-filesystem clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd pcre* gcc zlib zlib-devel libssl-devel libssl openssl -y

第二步:下载包

#安装wget
yum install wget
#设置下载安装包目录
cd /usr/local/
#下载安装包
wget  https://www.clamav.net/downloads/production/clamav-0.101.5.tar.gz

第三步：创建用户及目录

#clamav 用户和用户组
groupadd clamav && useradd -g clamav clamav && id clamav
#日志存放目录
mkdir -p /usr/local/clamav/logs
touch /usr/local/clamav/logs/clamd.log
touch /usr/local/clamav/logs/freshclam.log
chown clamav:clamav /usr/local/clamav/logs/clamd.log
chown clamav:clamav /usr/local/clamav/logs/freshclam.log
#病毒存放目录
mkdir -p /usr/local/clamav/update
chown -R root:clamav /usr/local/clamav/
chown -R clamav:clamav /usr/local/clamav/update

第四步：安装

#解压
tar zvxf clamav-0.101.5.tar.gz
#跳转目录
cd clamav-0.101.5/
#安装依赖
yum install gcc* openssl openssl-devel -y 
#安装编译
./configure --prefix=/usr/local/clamav --with-pcre
make && make install

第五步：配置

cd /usr/local/clamav/etc
cp clamd.conf.sample clamd.conf
cp freshclam.conf.sample freshclam.conf
#编辑clamd.conf文件
vi clamd.conf
#注销Example 一行
#Example
#添加配置项
LogFile /usr/local/clamav/logs/clamd.**log**
PidFile /usr/local/clamav/update/clamd.pid
DatabaseDirectory /usr/local/clamav/update

#编辑freshclam.conf文件
cd /usr/local/clamav/etc
vi freshclam.conf
#注销Example 一行
#Example
#添加配置项
DatabaseDirectory /usr/local/clamav/update
UpdateLogFile /usr/local/clamav/logs/freshclam.**log**
PidFile /usr/local/clamav/update/clamd.pid

第六步：启动服务

chown -R clamav:clamav /usr/local/clamav
systemctl start clamav-freshclam.service
systemctl enable clamav-freshclam.service
systemctl status clamav-freshclam.service

第七步：更新病毒库

#停止freshclam
systemctl stop clamav-freshclam.service
#更新，耗时根据网络质量而定
/usr/local/clamav/bin/freshclam
 
#手动下载病毒库到存储目录，更新（若上步更新成功，忽略这步手动更新）
cd /usr/local/clamav/update/
 
wget  http://database.clamav.net/main.cvd
wget  http://database.clamav.net/daily.cvd
wget  http://database.clamav.net/bytecode.cvd
 
#更新完成后，病毒库存放路径下生成四个病毒库文件；
cd /usr/local/clamav/update/
bytecode.cvd daily.cvd main.cvd mirrors.dat
 
#再次启动freshclam
systemctl start clamav-freshclam.service
 
#为扫描操作可执行文件创建软连接，可以直接用clamscan和freshclam命令执行
ln -s /usr/local/clamav/bin/clamscan /usr/local/sbin/clamscan
ln -s /usr/local/clamav/bin/freshclam  /usr/local/sbin/freshclam

第八步-定时任务

#在/usr/local/clamav/logs/目录下创建定时扫描脚本
cd /usr/local/clamav/logs/
#编辑文件
vi  clamav.sh
/usr/local/clamav/bin/clamscan -r --bell -i  /  >/usr/local/clamav/logs/"$(date +%F_%A)".**log**
#在/usr/local/clamav/logs/目录下创建定时更新病毒库脚本
cd /usr/local/clamav/logs/
#编辑文件
vi  freshclam.sh
systemctl stop clamav-freshclam.service
/usr/local/clamav/bin/freshclam --quiet
systemctl start clamav-freshclam.service

#授权执行权限
chmod +x clamav.sh
chmod +x freshclam.sh
#创建定时任务
vi /etc/crontab 
#定时病毒扫描，以及病毒库更新
0 1 * * *  sh /usr/local/clamav/logs/freshclam.sh
30 1 * * * sh /usr/local/clamav/logs/clamav.sh

扫描命令

#扫描指定home目录，并且显示扫描过程和结果
clamscan   -r    /home
#从根目录下开始，扫描所有文件并且只显示有问题的文件，发现病毒文件发出警报声音
clamscan -r --bell -i /
#不显示统计信息，只显示找到的病毒文件，且将病毒文件移动到/tmp路径下；
clamscan --no-summary -ri  /tmp
#扫描home路径以及其路径下所有子目录，只输出被感染文件，且将病毒文件、被感染文件直接删除；
clamscan --infected --**remove**` `--recursive /home

错误处理

1.解决share下缺少clamv

yum install epel-release
yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd -y

2.缺少curl组件时需要执行这个

yum install curl-devel -y