Install and Configure ClamAV in Linux – Best Steps

In this article, we want to teach you to Install and Configure ClamAV in Linux Command Line Terminal. The detection and removal of threats on endpoints are powered by the AntiVirus module’s engine. Here we will discuss one of them called ClamAV.

What is ClamAV Antivirus in Linux?

ClamAV is an open-source and free antivirus. It is licensed under the GNU General Public License, Version 2.

The most important job of ClamAV is to scan emails on email gateways and check the attachment file in real-time.

Also, it can detect millions of viruses, trojans, worms, and other malware and threats.

ClamAV antivirus databases are always updated. It can search for viruses in compressed files. ClamAV antivirus is managed through the command line.

You can now proceed to the following steps provided by the Orcacore team to Install and Configure ClamAV in Linux.

Step To Install and Configure ClamAV in Linux Command Line Terminal

The ClamAV is the best antivirus for the Linux operating system. Let’s see how to Install and Configure ClamAV in Linux distributions.

Step 1 – Install ClamAV on the Linux Command Line

You can install ClamAV on all Linux-based distributions.

In this part, we want to show you how to install ClamAV on RPM packages for Centos, RedHat, AlmaLinux, etc., and DEB packages for Debian, Ubuntu, etc.

To Install and Configure ClamAV in Linux follow the instructions below.

Note: We run commands as the root user. If you log in to your server as a non-root user be sure that you have sudo privileges.

Install ClamAV on AlmaLinux Centos RHEL 8/9

Install the Epel release with the following command:

    dnf install epel-release -y

    Now you can install ClamAV by using:

    dnf install clamav -y

    Then run the following command:

    dnf install clamav clamd clamav-update -y

    Install ClamAV on Centos 7 / Centos 6 / RHEL 7

    First, install the latest release of EPEL with the following command:

      yum -y install epel-release

      Here, you can install ClamAV with the command below:

      yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

      Configure ClamAV on RHEL

      Adjust ClamAV with SELinux and give it access to all your files with the following command:

        setsebool -P antivirus_can_scan_system 1

        Now get the latest signatures of the antivirus with the command below:

        freshclam

        For using ClamAV you need to enable the LocalSocket parameter in /etc/clamd.d/scan.conf with the following command:

        sed -i 's/#LocalSocket \/run/LocalSocket \/run/g' /etc/clamd.d/scan.conf

        Start and Enable ClamAV and Freshclam on RHEL

        At this point, you need to create a ClamAV systemd service and set it to auto-start. use the following command to create your file:

        vi /usr/lib/systemd/system/freshclam.service

        Then, add the following lines to freshclam.service file.

        [Unit]
        Description = ClamAV Scanner
        After = network.target
        
        [Service]
        Type = forking
        # if you want to scan more than one in a day change the number 1 with your desired number in below line.
        ExecStart = /usr/bin/freshclam -d -c 1
        Restart = on-failure
        PrivateTmp =true
        
        [Install]
        WantedBy=multi-user.target

        When you are finished, save and close your file.

        Start and enable the services:

        systemctl start clamd@scan
        systemctl start freshclam
        systemctl enable clamd@scan
        systemctl enable freshclam

        When you are finished configuring ClamAV. Now you can check that your service is active and running with:

        systemctl status clamd@scan
        OutPut
        clamd@scan.service - clamd scanner (scan) daemon
        Loaded: loaded (/usr/lib/systemd/system/clamd@.service; enabled; vendor pres>
        Active: active (running) since Thu 2021-09-09 03:25:00 EDT; 34s ago
        Docs: man:clamd(8)
        man:clamd.conf(5)
        https://www.clamav.net/documents/
        Main PID: 52667 (clamd)
        Tasks: 2 (limit: 11409)
        Memory: 1.2G
        CGroup: /system.slice/system-clamd.slice/clamd@scan.service
        └─52667 /usr/sbin/clamd -c /etc/clamd.d/scan.conf
        systemctl status freshclam
        Output
        freshclam.service - ClamAV Scanner
        Loaded: loaded (/usr/lib/systemd/system/freshclam.service; enabled; vendor p>
        Active: active (running) since Thu 2021-09-09 03:25:10 EDT; 36s ago
        Main PID: 52672 (freshclam)
        Tasks: 1 (limit: 11409)
        Memory: 5.3M
        CGroup: /system.slice/freshclam.service

        Now you are done with installing ClamAV and you can start to scan your system with it.

        Install and Configure ClamAV on Debian / Ubuntu

        First, you need to update and upgrade the APT packages with the following command:

        apt update && apt upgrade

        Then, install ClamAV and its services with the following command:

        apt install clamav clamav-daemon -y

        Now you should start ClamAV-daemon, you can use the following command:

        service clamav-daemon start

        At this point, you need to update virus signatures. First, stop freshclam by using:

        /etc/init.d/clamav-freshclam stop

        Now update viruses signatures with the following command:

        freshclam

        Start Freshclam again with:

        /etc/init.d/clamav-freshclam start

        Now you need to start the services:

        systemctl start clamav-daemon
        systemctl start clamav-freshclam

        When you are finished installing ClamAV on Debian-based distros, check that your service is active and running with the following command:

        systemctl status clamav-daemon
        Output
        clamav-daemon.service - Clam AntiVirus userspace daemon
        Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor>
        Drop-In: /etc/systemd/system/clamav-daemon.service.d
        └─extend.conf
        Active: active (running) since Sat 2021-09-11 01:48:14 EDT; 1min 58s ago
        Docs: man:clamd(8)
        man:clamd.conf(5)
        https://www.clamav.net/documents/
        Process: 11093 ExecStartPre=/bin/mkdir -p /run/clamav (code=exited, status=>
        Process: 11094 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, sta>
        Main PID: 11095 (clamd)
        Tasks: 2 (limit: 2340)
        Memory: 1.1G
        CPU: 28.087s
        CGroup: /system.slice/clamav-daemon.service
        └─11095 /usr/sbin/clamd --foreground=true
        systemctl status clamav-freshclam
        Output
        clamav-freshclam.service - ClamAV virus database updater
        Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; enabled; ven>
        Active: active (running) since Sat 2021-09-11 01:49:11 EDT; 1min 33s ago
        Docs: man:freshclam(1)
        man:freshclam.conf(5)
        https://www.clamav.net/documents
        Main PID: 11122 (freshclam)
        Tasks: 1 (limit: 2340)
        Memory: 2.8M
        CPU: 93ms
        CGroup: /system.slice/clamav-freshclam.service
        └─11122 /usr/bin/freshclam -d --foreground=true

        Let’s see how to use ClamAV in Linux.

        Step 2 – Use ClamAV on Linux from Terminal

        At this point, you have learned to Install and Configure ClamAV in Linux. The important tool to use ClamAV is clamscan. The basic syntax of clamscan is:

        clamscan [options] [files-or-directories]

        Here are the most important options :

        1. –infected: prints only infected files.
        2. –remove: removes infected files.
        3. –recursive: all directories and subdirectories in that path will be scanned.

        For more information about clamscan, you can use:

        man clamscan

        Conclusion

        At this point, you know what is ClamAV, and you can easily install and use it on all Linux distros like Centos 7, Ubuntu20.04, Debian 11, etc.

        Hope you enjoy this article about How To Install and Configure ClamAV in Linux.

        Also, you may like to read the following articles:

        Install and Configure Rootkit Hunter in Linux

        Install ClamAV on Windows 10 / 11

        Install ClamAV on DirectAdmin

        Newsletter Updates

        Enter your email address below and subscribe to our newsletter

        Leave a Reply

        Stay informed and not overwhelmed, subscribe now!