1, 下載二進制軟件包(可到clamav的官方網站進行下載,我所使用的是最新的)
https://www.clamav.net/downloads
2, 創建clamav的用戶和組及id
groupadd clamav && useradd -g clamav clamav && id clamav
3, 創建clamav的日誌存放目錄及文件
mkdir /home/clamav/logs/ -p
touch /home/clamav/logs/clamd.log
touch /home/clamav/logs/freshclam.log
3.1,改變屬主屬組
chown -R clamav.clamav /home/clamav/logs/
4, 創建病毒存放目錄
mkdir /home/clamav/update
4.1,改變屬主屬組
chown clamav.clamav /home/clamav/update/
5, 安裝依賴
yum install gcc* openssl openssl-devel -y
6, 編譯安裝
tar -zxf /opt/software/clamav-0.102.2.tar.gz
cd /opt/software/clamav-0.102.2
./configure --prefix=/opt/clamav --with-pcre
6.1,報錯內容
configure: error: Your libcurl (e.g. libcurl-devel) is too old. Installing ClamAV with clamonacc requires libcurl 7.45 or higher. For a quick fix,
6.2,解決報錯(安裝repo)
rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/rhel7/x86_64/city-fan.org-release-2-1.rhel7.noarch.rpm
6.3,查看curl版本
yum --showduplicates list curl --disablerepo="*" --enablerepo="city*"
已安裝的軟件包
curl.x86_6 7.29.0-54.el7_7.2
可安裝的軟件包
curl.x86_64 7.69.1-3.0.cf.rhel7
6.4,修改該repo的enable爲1
vim /etc/yum.repos.d/city-fan.org.repo
[city-fan.org]
name=city-fan.org repository for Red Hat Enterprise Linux (and clones) basearch)
#baseurl=http://mirror.city-fan.org/ftp/contrib/yum-repo/rhelbasearch
mirrorlist=http://mirror.city-fan.org/ftp/contrib/yum-repo/mirrorlist-rhel$releasever
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-city-fan.org
6.5,安裝最新的cur
Yum -y install curl
6.5.1,報錯內容
Error: Package: libcurl-7.65.1-1.0.cf.rhel7.x86_64 (city-fan.org) Requires: libnghttp2.so.14()(64bit)
6.5.2,解決報錯
yum install epel-release -y
yum --enablerepo=epel install libnghttp2 -y && yum install libcurl -y
6.6,繼續編譯安裝
./configure --prefix=/opt/clamav --with-pcre
Make && make install
7, 配置clamav
7.1,複製配置文件
cp -a /opt/clamav/etc/clamd.conf.sample /opt/clamav/etc/clamd.conf
cp -a /opt/clamav/etc/freshclam.conf.sample /opt/clamav/etc/freshclam.conf
7.2,配置clamd.conf
#Example
LogFile /home/clamav/logs/clamd.log
PidFile /home/clamav/updata/clamd.pid
DatabaseDirectory /home/clamav/updata
7.3,配置freshclam.conf
#Example
DatabaseDirectory /home/clamav/updata
UpdateLogFile /home/clamav/logs/freshclam.log
PidFile /home/clamav/updata/freshclam.pid
8, 啓動|關閉|狀態
systemctl start clamav-freshclam.service
systemctl stop clamav-freshclam.service
systemctl status clamav-freshclam.service
9, 更新病毒庫
/opt/clamav/bin/freshclam
10,殺毒命令
Clamscan
10.1,常用參數
-r/–recursive[=yes/no] 遞歸掃描子目錄,所有文件;
-i 只顯示發現的病毒文件;
–no-summary 不顯示統計信息;
–log=FILE/ -l FILE 增加掃描報告,即輸出掃描日誌到指定文件;
–move [路徑] 移動病毒文件到指定路徑;
–remove [路徑] 刪除指定路徑下的病毒文件;
–quiet 只輸出錯誤信息;
–infected/-i 只輸出被感染文件;
–suppress-ok-results/-o 跳過掃描OK的文件;
–bell 掃描到病毒文件發出警報聲音;
–unzip(unrar) 解壓壓縮文件執行掃描;
11,實例()
20 3 * * * /opt/clamav/bin/clamscan -r /home --remove -l /home/clamav/logs/clamscan.log