1. yum install epel-release
2.yum repolist查看是否有epel/X86_64
yum --disablerepo="*" --enablerepo="epel" list available | less
3.安装ClamAV:
yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd -y
4.setenforce 0
sed -i 's/SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
cp /usr/share/clamav/template/clamd.conf /etc/clamd.d/clamd.conf
sed -i ‘/^Example/d’ /etc/clamd.d/clamd.conf:
打开下面的注释:
User clamscan
LocalSocket /var/run/clamd.<SERVICE>/clamd.sock
sed -i -e “s/^Example/#Example/” /etc/freshclam.conf
sed -i -e “s/^Example/#Example/” /etc/clamd.d/scan.conf
5.vi /etc/sysconfig/freshclam:
FRESHCLAM_DELAY=disabled-warn # REMOVE ME
6.vi /etc/clam.d/scan.conf:
打开注释:
#LocalSocket /var/run/clamd.scan/clamd.sock
7. 编辑服务启动文件:
vim /usr/lib/systemd/system/clam-freshclam.service
# Run the freshclam as daemon
[Unit]
Description = freshclam scanner
After = network.target
[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 4
Restart = on-failure
PrivateTmp = true
[Install]
WantedBy=multi-user.target
systemctl enable clam-freshclam.service
systemctl start clam-freshclam.service
systemctl status clam-freshclam.service
8.配置开机自启动:
mv /usr/lib/systemd/system/clamd@.service /usr/lib/systemd/system/clamd.service
vim /usr/lib/systemd/system/clamd@scan.service:
.include /usr/lib/systemd/system/clamd.service
vim /usr/lib/systemd/system/clamd.service
[Unit]
Description = clamd scanner daemon
After = syslog.target nss-lookup.target network.target
[Service]
Type = simple
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/clamd.conf
Restart = on-failure
PrivateTmp = true
[Install]
WantedBy=multi-user.target
systemctl enable clamd@scan
ln -s ‘/usr/lib/systemd/system/clamd@scan.service’ ‘/etc/systemd/system/multi-user.target.wants/clamd@scan.service’
systemctl start clamd@scan
systemctl status clamd@scan
systemctl enable clamd.service
systemctl start clamd.service
rm -f /var/lib/clamav/mirrors.dat
9.手动更新病毒库:
freshclam
10.命令举例:
命令:for full system scan use this command:
Code:
clamscan --infected --remove --recursive /home
[root@compute clamav]# clamscan --infected --remove --recursive /var/lib/
----------- SCAN SUMMARY -----------
Known viruses: 6032195
Engine version: 0.99.2
Scanned directories: 1701
Scanned files: 15048
Infected files: 0
Data scanned: 30.01 MB
Data read: 249.18 MB (ratio 0.12:1)
Time: 16.310 sec (0 m 16 s)
clamscan --infected --remove --recursive /
for full home scan use this command:
Code:
clamscan --infected --remove --recursive /home
for scanning user account use this command:
Code:
clamscan --infected --remove --recursive /home/user
Change user to user you need scan it like MHafez
command to be :
Code:
clamscan --infected --remove --recursive /home/MHafez