How to Install ClamAV in CentOS7

ClamAV is a free, open source antivirus program for the detection of trojans, viruses and malware on your VPS. In this tutorial we show you how to install ClamAV in CentOS 7 and how to ensure that ClamAV starts automatically and your VPS scans daily.

Execute the commands in this article as a root user.

Installing ClamAV

Connect to your VPS via SSH and update your VPS first:

yum -y update

ClamAV is not included in the official CentOS package repository. It is included in the Extra Packages for Enterprise Linux (EPEL). Therefore, first install the latest release of EPEL

yum -y install epel-release

Next install ClamAV with the command (please note: there is a scroll bar because it is a long command):

yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

Configuring ClamAV

CentOS 7 is supplied with SELinux. Check whether SELinux is enabled with the command below.

sestatus

If the SELinux status is ‘disabled’, proceed to Step 2. If the SELinux status is ‘enabled’, give ClamAV access to all your files with the following command:

setsebool -P antivirus_can_scan_system 1 
setsebool -P clamd_use_jit 1

ClamAV is supplied with a standard configuration file. A small adjustment is needed in this file before you can use it. The word example needs to be uncommented or removed from scan/conf: 

sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

Open the configuration file /etc/clamd.d/scan.conf: 

vi /etc/clamd.d/scan.conf

Uncomment/remove the # at ‘#LocalSocket /var/run/clamd.scan/clamd.sock‘ so the line looks like this: 

LocalSocket /var/run/clamd.scan/clamd.sock

Save the changes and close the file (ctrl + xyenter). Without this step, the scanning service will not work. 

Before you can use the scan service, Freshclam needs to be enabled and configured. Freshclam updates the database that ClamAV uses with virus definitions (the database is empty in a new installation). Again remove / uncomment ‘Example’ from the configuration file. 

sed -i -e "s/^Example/#Example/" /etc/freshclam.conf

Run Freshclam with the command below. Freshclam will then immediately download the latest virus definitions.

freshclam

Next you create a systemd service so ClamAV is automatically started and executed: 

vi /usr/lib/systemd/system/freshclam.service

Add the following content and save the changes with ctrl + xyenter.

[Unit]
Description = freshclam scanner
After = network.target
[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 1
Restart = on-failure
PrivateTmp =true
[Install]
WantedBy=multi-user.target

Change the number 1 behind ExecStart to 2 if necessary, or another number to have the scan carried out more than once a day.

The virus definitions are now up-to-date. Enable autostart for the ClamAV scan service and freshclam, and start both services as follows: 

systemctl enable clamd@scan 
systemctl enable freshclam
systemctl start clamd@scan
systemctl start freshclam

The installation of ClamAV is now complete! 

Related posts

Leave a Comment