Clamav
官网:https://www.clamav.net/downloads
PS:最好使用当前稳定版本,最新版本有很多坑!
1.安装Clamav
1.1 下载依赖
[rootadmin@VM-16-10-centos ~]# yum -y install gcc gcc++ gcc-c++ gcc-gfortran openssl-devel zlib zlib-devel pcre2 pcre2-devel bzip2 bzip2-devel libxml2 libxml2-devel libcurl libcurl-devel
1.2 下载编译clamav
[rootadmin@VM-16-10-centos ~]# wget https://www.clamav.net/downloads/production/clamav-0.103.8.tar.gz
[rootadmin@VM-16-10-centos ~]# tar -zxf clamav-0.103.8.tar.gz
[rootadmin@VM-16-10-centos ~]# cd clamav-0.103.8/
[rootadmin@VM-16-10-centos clamav-0.103.8]# ./configure --prefix=/usr/local/clamav
[rootadmin@VM-16-10-centos clamav-0.103.8]# make && make install
[rootadmin@VM-16-10-centos clamav-0.103.8]# ln -s /usr/local/clamav/bin/clamscan /usr/bin/
[rootadmin@VM-16-10-centos clamav-0.103.8]# clamscan -V
ClamAV 0.103.8
2.配置Clamav
2.1 创建用户
[rootadmin@VM-16-10-centos ~]# groupadd clamav
[rootadmin@VM-16-10-centos ~]# useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
2.2 创建日志、病毒文件
[rootadmin@VM-16-10-centos ~]# mkdir -p /usr/local/clamav/logs
[rootadmin@VM-16-10-centos ~]# touch /usr/local/clamav/logs/clamd.log
[rootadmin@VM-16-10-centos ~]# touch /usr/local/clamav/logs/freshclam.log
[rootadmin@VM-16-10-centos ~]# mkdir -p /usr/local/clamav/updata
[rootadmin@VM-16-10-centos ~]# touch /usr/local/clamav/updata/clamd.pid
[rootadmin@VM-16-10-centos ~]# touch /usr/local/clamav/updata/freshclam.pid
[rootadmin@VM-16-10-centos ~]# chown -R clamav:clamav /usr/local/clamav
2.3 修改配置文件
[rootadmin@VM-16-10-centos clamav-0.103.8]# cd /usr/local/clamav/etc/
[rootadmin@VM-16-10-centos etc]# mv clamd.conf.sample clamd.conf
[rootadmin@VM-16-10-centos etc]# mv freshclam.conf.sample freshclam.conf
[rootadmin@VM-16-10-centos etc]# sed -i 's/Example/#Example/g' /usr/local/clamav//etc/freshclam.conf
[rootadmin@VM-16-10-centos etc]# cat >>clamd.conf<< clamav1
LogFile /usr/local/clamav/logs/clamd.log
PidFile /usr/local/clamav/updata/clamd.pid
DatabaseDirectory /usr/local/clamav/updata
clamav1
[rootadmin@VM-16-10-centos etc]# cat >>freshclam.conf<< clamav2
DatabaseDirectory /usr/local/clamav/updata
UpdateLogFile /usr/local/clamav/logs/freshclam.log
PidFile /usr/local/clamav/updata/freshclam.pid
clamav2
3.启动Clamav
3.1 更新病毒库
[rootadmin@VM-16-10-centos ~]# freshclam
Creating missing database directory: /usr/local/clamav/share/clamav
Assigned ownership of database directory to user "clamav".
ClamAV update process started at Mon Mar 6 17:50:38 2023
daily database available for download (remote version: 26833)
Time: 3.0s, ETA: 12.1s [====> ] 11.44MiB/58.02MiB
......
3.2 扫描目录
[rootadmin@VM-16-10-centos ~]# clamscan -r /home/
3.3 帮助
[rootadmin@VM-16-10-centos ~]# clamscan --help
#更多参数参考帮助
4.一键安装脚本
[rootadmin@VM-16-10-centos ~]# vim clamav_install.sh
#!/bin/bashif [ `whoami` != 'root' ]
thenecho "You must be root to run this script"exit 2
fi#clamav包版本
clamav=clamav-0.103.8
#clamav路径
clamavpath=/usr/local/clamav####################----安装所需依赖包----####################
yum -y install gcc gcc++ gcc-c++ gcc-gfortran openssl-devel zlib zlib-devel pcre2 pcre2-devel bzip2 bzip2-devel libxml2 libxml2-devel libcurl libcurl-devel####################----创建用户----####################groupadd clamav
useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav####################----解压编译安装----####################tar -zxf /root/clamav/$clamav.tar.gz -C /root/clamav/
cd /root/clamav/$clamav/
./configure --prefix=$clamavpath --disable-clamav -with-zlib=/usr/local/zlib
make && make install####################----添加日志文件----####################mkdir -p $clamavpath/logs
touch $clamavpath/logs/clamd.log
touch $clamavpath/logs/freshclam.log
mkdir -p $clamavpath/updata
touch $clamavpath/updata/clamd.pid
touch $clamavpath/updata/freshclam.pid
chown -R clamav:clamav $clamavpath####################----修改配置文件----####################cd $clamavpath/etc/
mv clamd.conf.sample clamd.conf
mv freshclam.conf.sample freshclam.confsed -i 's/Example/#Example/g' $clamavpath/etc/freshclam.confcat >>clamd.conf<< clamav
LogFile $clamavpath/logs/clamd.log
PidFile $clamavpath/updata/clamd.pid
DatabaseDirectory $clamavpath/updata
clamavcat >>freshclam.conf<< clamav
DatabaseDirectory $clamavpath/updata
UpdateLogFile $clamavpath/logs/freshclam.log
PidFile $clamavpath/updata/freshclam.pid
clamav####################----更新病毒库并启动----####################$clamavpath/bin/freshclam
$clamavpath/bin/freshclam -dclamavPID=`ps -ef | grep clamav | grep -v grep |awk '{print $2}'`if [ "$clamavPID" != "" ]
thenecho "clamav 服务已启动! PID:$clamavPID"
elseecho "clamav 服务未启动!"
fi####################----查杀根下所有文件输出日志的到文件----####################
/usr/local/clamav/bin/clamscan -r / -l /usr/local/clamav/logs/clamd.log
