Difference between revisions of "ClamAV"

From ArchWiki
Jump to: navigation, search
(cat)
(new templates, see Help:Style)
Line 10: Line 10:
  
 
==Configuration==
 
==Configuration==
Whether you are going to use clamav as a daemon or use it as a simple file checker you need to comment out the line that contains the word ''Example'', usually it is found at the beginning of {{Filename|/etc/clamav/freshclam.conf}} and {{Filename|/etc/clamav/clamd.conf}} files.
+
Whether you are going to use clamav as a daemon or use it as a simple file checker you need to comment out the line that contains the word ''Example'', usually it is found at the beginning of {{ic|/etc/clamav/freshclam.conf}} and {{ic|/etc/clamav/clamd.conf}} files.
  
 
==Start the daemon==
 
==Start the daemon==
Line 16: Line 16:
 
  # /etc/rc.d/clamav start
 
  # /etc/rc.d/clamav start
  
To start it automatically at boot you should edit the daemons array in {{filename|/etc/rc.conf}}:
+
To start it automatically at boot you should edit the daemons array in {{ic|/etc/rc.conf}}:
 
  DAEMONS=(... clamav ...)
 
  DAEMONS=(... clamav ...)
  
Line 28: Line 28:
  
 
==Server setup==
 
==Server setup==
To run as a server edit {{Filename|/etc/clamav/clamd.conf}} and {{Filename|/etc/clamav/freshclam.conf}} and comment out the ''Example'' flag.  In {{Filename|/etc/conf.d/clamav}} change the start options from "no" to "yes".
+
To run as a server edit {{ic|/etc/clamav/clamd.conf}} and {{ic|/etc/clamav/freshclam.conf}} and comment out the ''Example'' flag.  In {{ic|/etc/conf.d/clamav}} change the start options from "no" to "yes".
  
 
  # change these to "yes" to start
 
  # change these to "yes" to start
Line 34: Line 34:
 
  START_CLAMD="yes"
 
  START_CLAMD="yes"
  
* To start clamav at boot edit {{Filename|/etc/rc.conf}} and add clamav.
+
* To start clamav at boot edit {{ic|/etc/rc.conf}} and add clamav.
 
==Scan for Viruses==
 
==Scan for Viruses==
{{Codeline|clamscan}} can be used to scan certain files, home directory, or an entire system:
+
{{ic|clamscan}} can be used to scan certain files, home directory, or an entire system:
  
 
  $ clamscan myfile
 
  $ clamscan myfile
Line 42: Line 42:
 
  $ clamscan -r -i --exclude-dir=^/sys\|^/proc\|^/dev /
 
  $ clamscan -r -i --exclude-dir=^/sys\|^/proc\|^/dev /
  
If you would like {{Codeline|clamscan}} to remove the infected file use the {{Codeline|--remove}} option in the command.
+
If you would like {{ic|clamscan}} to remove the infected file use the {{ic|--remove}} option in the command.
  
 
==Troubleshooting==
 
==Troubleshooting==
Line 62: Line 62:
 
Run freshclam as root:
 
Run freshclam as root:
 
  # freshclam -v
 
  # freshclam -v
 
 
  
 
If you get a:
 
If you get a:

Revision as of 18:05, 6 November 2011

This template has only maintenance purposes. For linking to local translations please use interlanguage links, see Help:i18n#Interlanguage links.


Local languages: Català – Dansk – English – Español – Esperanto – Hrvatski – Indonesia – Italiano – Lietuviškai – Magyar – Nederlands – Norsk Bokmål – Polski – Português – Slovenský – Česky – Ελληνικά – Български – Русский – Српски – Українська – עברית – العربية – ไทย – 日本語 – 正體中文 – 简体中文 – 한국어


External languages (all articles in these languages should be moved to the external wiki): Deutsch – Français – Română – Suomi – Svenska – Tiếng Việt – Türkçe – فارسی

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. Because ClamAV's main use is on file/mail servers for Windows desktops it primarily detects Windows viruses and malware.

Installation

Install with pacman by:

# pacman -S clamav

Configuration

Whether you are going to use clamav as a daemon or use it as a simple file checker you need to comment out the line that contains the word Example, usually it is found at the beginning of /etc/clamav/freshclam.conf and /etc/clamav/clamd.conf files.

Start the daemon

If you want to use the daemon, you can start it with:

# /etc/rc.d/clamav start

To start it automatically at boot you should edit the daemons array in /etc/rc.conf:

DAEMONS=(... clamav ...)

Update Database

Update the virus definitions with:

# freshclam

The database files are saved in:

/var/lib/clamav/daily.cvd
/var/lib/clamav/main.cvd

Server setup

To run as a server edit /etc/clamav/clamd.conf and /etc/clamav/freshclam.conf and comment out the Example flag. In /etc/conf.d/clamav change the start options from "no" to "yes".

# change these to "yes" to start
START_FRESHCLAM="yes"
START_CLAMD="yes"
  • To start clamav at boot edit /etc/rc.conf and add clamav.

Scan for Viruses

clamscan can be used to scan certain files, home directory, or an entire system:

$ clamscan myfile
$ clamscan -r -i /home
$ clamscan -r -i --exclude-dir=^/sys\|^/proc\|^/dev /

If you would like clamscan to remove the infected file use the --remove option in the command.

Troubleshooting

If you get the following messages after running freshclam:

WARNING: Clamd was NOT notified: Cannot connect to clamd through 
/var/lib/clamav/clamd.sock connect(): No such file or directory

Add a sock file for clamav:

# touch /var/lib/clamav/clamd.sock
# chown clamav:clamav /var/lib/clamav/clamd.sock

Then, edit /etc/clamav/clamd.conf

Uncomment this line: #LocalSocket /var/lib/clamav/clamd.sock

Save the file and restart the daemon (/etc/rc.d/clamav stop; /etc/rc.d/clamav start)

If you get the next error when starting the daemon:

LibClamAV Error: cli_loaddb(): No supported database files found
in /var/lib/clamav ERROR: Not supported data format

Run freshclam as root:

# freshclam -v

If you get a:

# can't create temporary directory

error, along with a 'HINT' containing a UID and a GID number.

Do the following:

# chown UID:GID /var/lib/clamav & chmod 755 /var/lib/clamav 
# ex: chown 64:64