Centos7 安装clamav杀毒

一、下载安装

1.下载
clamav官网：http://www.clamav.net/downloads，最新稳定版是0.100.2。 点击这里下载或者wget直接下载源码包。

wget https://www.clamav.net/downloads/production/clamav-0.102.0.tar.gz (下载可能有问题，windows下载上传)

2.解压

tar -zxf  clamav-0.102.2.tar.gz

3.编译安装

cd clamav-0.102.2

./configure --prefix=/usr/local/clamav 
make
make install

出现错误：
Your libcurl (e.g. libcurl-devel) is too old. Installing ClamAV with clamonacc requires libcurl 7.45 or higher. For a quick fix, run ./configure again with 
--disable-clamonacc if you do not wish to use on-access scanning features. For more information on ClamAV's on-access scanner, please read our documentation: 
https://www.clamav.net/documents/on-access-scanning#on-access-scanning

1、安装repo

rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/rhel7/x86_64/city-fan.org-release-2-1.rhel7.noarch.rpm

2、查看该 repo 包含的 curl 版本

yum --showduplicates list curl --disablerepo="*" --enablerepo="city*"

Loaded plugins: fastestmirror
city-fan.org | 3.0 kB 00:00:00 
city-fan.org-debuginfo | 3.0 kB 00:00:00 
city-fan.org-source | 3.0 kB 00:00:00 
(1/3): city-fan.org-debuginfo/7/primary_db | 39 kB 00:00:02 
(2/3): city-fan.org-source/7/primary_db | 344 kB 00:00:03 
(3/3): city-fan.org/7/primary_db | 489 kB 00:00:03 
Loading mirror speeds from cached hostfile
* city-fan.org: nervion.us.es
* city-fan.org-debuginfo: www.city-fan.org
* city-fan.org-source: nervion.us.es
Installed Packages
curl.x86_64 7.29.0-42.el7 @anaconda 
Available Packages
curl.x86_64 7.62.0-1.0.cf.rhel7 city-fan.org

3、修改该repo的enable为1

vim /etc/yum.repos.d/city-fan.org.repo

[city-fan.org]

name=city-fan.org repository for Red Hat Enterprise Linux (and clones) $releasever ($basearch)

#baseurl=http://mirror.city-fan.org/ftp/contrib/yum-repo/rhel$releasever/$basearch

mirrorlist=http://mirror.city-fan.org/ftp/contrib/yum-repo/mirrorlist-rhel$releasever

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-city-fan.org

4、安装最新的curl

yum install curl

Error: Package: libcurl-7.65.1-1.0.cf.rhel7.x86_64 (city-fan.org) Requires: libnghttp2.so.14()(64bit)

yum install epel-release -y

yum --enablerepo=epel install libnghttp2 -y && yum install libcurl -y

4.添加用户组和组成员

groupadd clamav
useradd -g clamav clamav

二、配置

1.创建日志目录和病毒库目录

mkdir /usr/local/clamav/logs   -p
mkdir /usr/local/clamav/updata -p

2. 创建日志文件

touch /usr/local/clamav/logs/clamd.log
touch /usr/local/clamav/logs/freshclam.log

3. 文件授权

chown clamav:clamav /usr/local/clamav/logs/clamd.log
chown clamav:clamav /usr/local/clamav/logs/freshclam.log
chown clamav:clamav /usr/local/clamav/updata

4. 修改配置文件

cp  /usr/local/clamav/etc/clamd.conf.sample /usr/local/clamav/etc/clamd.conf
cp /usr/local/clamav/etc/freshclam.conf.sample /usr/local/clamav/etc/freshclam.conf

编辑这两个配置文件内容

vim /usr/local/clamav/etc/clamd.conf

#Example　　//注释掉这一行
#添加以下内容
LogFile /usr/local/clamav/logs/clamd.log
PidFile /usr/local/clamav/updata/clamd.pid
DatabaseDirectory /usr/local/clamav/updata

vim /usr/local/clamav/etc/freshclam.conf

#Example　　//注释掉这一行
#添加以下内容
DatabaseDirectory /usr/local/clamav/updata
UpdateLogFile /usr/local/clamav/logs/freshclam.log
PidFile /usr/local/clamav/updata/freshclam.pid

三、执行

1. 更新病毒库

/usr/local/clamav/bin/freshclam

2.杀毒扫描

参数：
-r 递归扫描子目录
-i 只显示发现的病毒文件
–no-summary 不显示统计信息

用法：
--帮助
/usr/local/clamav/bin/clamscan --help     
--默认扫描当前目录下的文件，并显示扫描结果统计信息            
/usr/local/clamav/bin/clamscan
--扫描当前目录下的所有目录和文件，并显示结果统计信息　　 　                
/usr/local/clamav/bin/clamscan -r　
--扫描data目录下的所有目录和文件，并显示结果统计信息　                 
/usr/local/clamav/bin/clamscan -r /data　 
--扫描data目录下的所有目录和文件，只显示有问题的扫描结果            
/usr/local/clamav/bin/clamscan -r --bell -i /data  
--扫描data目录下的所有目录和文件，不显示统计信息  
/usr/local/clamav/bin/clamscan --no-summary -ri /data

例如:
/usr/local/clamav/bin/clamscan  -r /data

 

3. 自动定时更新和杀毒

  一般使用计划任务，让服务器每天定时更新和定时杀毒，保存杀毒日志。设置crontab定时任务。

1  3  * * *          /usr/local/clamav/bin/freshclam --quiet
20 3  * * *          /usr/local/clamav/bin/clamscan  -r /home  --remove -l /var/log/clamscan.log