1、在官网上下载安装包(我下载的是clamav-0.103.0.tar.gz)和三个cvd文件(Virus Database下选择下载main.cvd、daily.cvd、bytecode.cvd),官网地址为:http://www.clamav.net/download.html
2、在/tmp目录下放安装包解压 tar -zxvf clamav-0.103.0.tar.gz
3、进入解压后的目录,执行命令:
./configure --prefix=/usr/local/clamav
make && make install
4、添加用户组clamav和组成员clamav
groupadd clamav
useradd -g clamav -c "Clam AntiVirus" clamav
5、新建文件
mkdir -p /usr/local/clamav/logs
touch /usr/local/clamav/logs/clamd.log
touch /usr/local/clamav/logs/freshclam.log
chown clamav.clamav /usr/local/clamav/logs/clamd.log
chown clamav.clamav /usr/local/clamav/logs/freshclam.log
mkdir -p /usr/local/clamav/database
chown -R root.clamav /usr/local/clamav/
chown -R clamav.clamav /usr/local/clamav/database/
6、更新配置:
cd /usr/local/clamav/etc
cp -rd clamd.conf.sample clamd.conf
cp -rd freshclam.conf.sample freshclam.conf
配置clamd.conf和freshclam.conf
clamd.conf:
注释Example
LogFile /usr/local/clamav/logs/clamd.log
PidFile /usr/local/clamav/updata/clamd.pid
DatabaseDirectory /usr/local/clamav/database
freshclam.conf:
注释Example
DatabaseDirectory /usr/local/clamav/database
UpdateLogFile /usr/local/clamav/logs/freshclam.log
PidFile /usr/local/clamav/updata/freshclam.pid
7、在/usr/local/clamav/database目录下放置3个cvd文件
8、删除压缩包和解压文件:
rm -rf /tmp/clamav*(不删除也可以,可以看下查毒结果中有没有clamav中自带的test数据,以检测是否有效)
9、查杀病毒:
/usr/local/clamav/bin/clamscan -r --bell -i / -l /usr/local/clamav/logs/clamd.log
最终结果如下图:
注:
我在第3步make的时候有一台服务器报错undefined reference to 'EVP_MD_CTX_new'之类的,如下图
在网上也查找了一些相关示例,最后定位是该服务器的openssl有问题,再去细致排查,最后解决。