Share your love
Install and Configure ClamAV in Linux – Best Steps
In this article, we want to teach you to Install and Configure ClamAV in Linux Command Line Terminal. The detection and removal of threats on endpoints are powered by the AntiVirus module’s engine. Here we will discuss one of them called ClamAV.
Table of Contents
What is ClamAV Antivirus in Linux?
ClamAV is an open-source and free antivirus. It is licensed under the GNU General Public License, Version 2.
The most important job of ClamAV is to scan emails on email gateways and check the attachment file in real-time.
Also, it can detect millions of viruses, trojans, worms, and other malware and threats.
ClamAV antivirus databases are always updated. It can search for viruses in compressed files. ClamAV antivirus is managed through the command line.
You can now proceed to the following steps provided by the Orcacore team to Install and Configure ClamAV in Linux.
Step To Install and Configure ClamAV in Linux Command Line Terminal
The ClamAV is the best antivirus for the Linux operating system. Let’s see how to Install and Configure ClamAV in Linux distributions.
Step 1 – Install ClamAV on the Linux Command Line
You can install ClamAV on all Linux-based distributions.
In this part, we want to show you how to install ClamAV on RPM packages for Centos, RedHat, AlmaLinux, etc., and DEB packages for Debian, Ubuntu, etc.
To Install and Configure ClamAV in Linux follow the instructions below.
Note: We run commands as the root user. If you log in to your server as a non-root user be sure that you have sudo privileges.
Install ClamAV on AlmaLinux Centos RHEL 8/9
Install the Epel release with the following command:
dnf install epel-release -y
Now you can install ClamAV by using:
dnf install clamav -y
Then run the following command:
dnf install clamav clamd clamav-update -y
Install ClamAV on Centos 7 / Centos 6 / RHEL 7
First, install the latest release of EPEL with the following command:
yum -y install epel-release
Here, you can install ClamAV with the command below:
yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
Configure ClamAV on RHEL
Adjust ClamAV with SELinux and give it access to all your files with the following command:
setsebool -P antivirus_can_scan_system 1
Now get the latest signatures of the antivirus with the command below:
freshclam
For using ClamAV you need to enable the LocalSocket parameter in /etc/clamd.d/scan.conf with the following command:
sed -i 's/#LocalSocket \/run/LocalSocket \/run/g' /etc/clamd.d/scan.conf
Start and Enable ClamAV and Freshclam on RHEL
At this point, you need to create a ClamAV systemd service and set it to auto-start. use the following command to create your file:
vi /usr/lib/systemd/system/freshclam.service
Then, add the following lines to freshclam.service file.
[Unit]
Description = ClamAV Scanner
After = network.target
[Service]
Type = forking
# if you want to scan more than one in a day change the number 1 with your desired number in below line.
ExecStart = /usr/bin/freshclam -d -c 1
Restart = on-failure
PrivateTmp =true
[Install]
WantedBy=multi-user.target
When you are finished, save and close your file.
Start and enable the services:
systemctl start clamd@scan
systemctl start freshclam
systemctl enable clamd@scan
systemctl enable freshclam
When you are finished configuring ClamAV. Now you can check that your service is active and running with:
systemctl status clamd@scan
OutPut
clamd@scan.service - clamd scanner (scan) daemon
Loaded: loaded (/usr/lib/systemd/system/clamd@.service; enabled; vendor pres>
Active: active (running) since Thu 2021-09-09 03:25:00 EDT; 34s ago
Docs: man:clamd(8)
man:clamd.conf(5)
https://www.clamav.net/documents/
Main PID: 52667 (clamd)
Tasks: 2 (limit: 11409)
Memory: 1.2G
CGroup: /system.slice/system-clamd.slice/clamd@scan.service
└─52667 /usr/sbin/clamd -c /etc/clamd.d/scan.conf
systemctl status freshclam
Output
freshclam.service - ClamAV Scanner
Loaded: loaded (/usr/lib/systemd/system/freshclam.service; enabled; vendor p>
Active: active (running) since Thu 2021-09-09 03:25:10 EDT; 36s ago
Main PID: 52672 (freshclam)
Tasks: 1 (limit: 11409)
Memory: 5.3M
CGroup: /system.slice/freshclam.service
Now you are done with installing ClamAV and you can start to scan your system with it.
Install and Configure ClamAV on Debian / Ubuntu
First, you need to update and upgrade the APT packages with the following command:
apt update && apt upgrade
Then, install ClamAV and its services with the following command:
apt install clamav clamav-daemon -y
Now you should start ClamAV-daemon, you can use the following command:
service clamav-daemon start
At this point, you need to update virus signatures. First, stop freshclam by using:
/etc/init.d/clamav-freshclam stop
Now update viruses signatures with the following command:
freshclam
Start Freshclam again with:
/etc/init.d/clamav-freshclam start
Now you need to start the services:
systemctl start clamav-daemon
systemctl start clamav-freshclam
When you are finished installing ClamAV on Debian-based distros, check that your service is active and running with the following command:
systemctl status clamav-daemon
Output
clamav-daemon.service - Clam AntiVirus userspace daemon
Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor>
Drop-In: /etc/systemd/system/clamav-daemon.service.d
└─extend.conf
Active: active (running) since Sat 2021-09-11 01:48:14 EDT; 1min 58s ago
Docs: man:clamd(8)
man:clamd.conf(5)
https://www.clamav.net/documents/
Process: 11093 ExecStartPre=/bin/mkdir -p /run/clamav (code=exited, status=>
Process: 11094 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, sta>
Main PID: 11095 (clamd)
Tasks: 2 (limit: 2340)
Memory: 1.1G
CPU: 28.087s
CGroup: /system.slice/clamav-daemon.service
└─11095 /usr/sbin/clamd --foreground=true
systemctl status clamav-freshclam
Output
clamav-freshclam.service - ClamAV virus database updater
Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; enabled; ven>
Active: active (running) since Sat 2021-09-11 01:49:11 EDT; 1min 33s ago
Docs: man:freshclam(1)
man:freshclam.conf(5)
https://www.clamav.net/documents
Main PID: 11122 (freshclam)
Tasks: 1 (limit: 2340)
Memory: 2.8M
CPU: 93ms
CGroup: /system.slice/clamav-freshclam.service
└─11122 /usr/bin/freshclam -d --foreground=true
Let’s see how to use ClamAV in Linux.
Step 2 – Use ClamAV on Linux from Terminal
At this point, you have learned to Install and Configure ClamAV in Linux. The important tool to use ClamAV is clamscan. The basic syntax of clamscan is:
clamscan [options] [files-or-directories]
Here are the most important options :
- –infected: prints only infected files.
- –remove: removes infected files.
- –recursive: all directories and subdirectories in that path will be scanned.
For more information about clamscan, you can use:
man clamscan
Conclusion
At this point, you know what is ClamAV, and you can easily install and use it on all Linux distros like Centos 7, Ubuntu20.04, Debian 11, etc.
Hope you enjoy this article about How To Install and Configure ClamAV in Linux.
Also, you may like to read the following articles:
Install and Configure Rootkit Hunter in Linux