How To Install ClamAV On Red Hat Enterprise Linux

Want to install ClamAV on your Red Hat Enterprise Linux, CentOS, or Fedora Core box? Their documentation is pretty darn easy to follow, but this fills in some of the missing pieces for RHEL.

clamd is the scanning daemon, clamav-milter is the milter, and freshclam is the process that updates the virus definitions.

All the commands, in Courier font, should be on one line if they happen to wrap.

  1. Install gmp, gmp-devel, sendmail, sendmail-cf, sendmail-devel, zlib, zlib-devel, bzip2, bzip2-devel.
  2. Get the sendmail source from Extract it, go into the libmilter subdirectory. Run "make" and "make install". That will install libmilter into /usr, where sendmail can find it. No need to build the whole sendmail.
  3. groupadd clamav
  4. useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
  5. Get the ClamAV source, extract it, build it, install it (three lines, two are make):

    ./configure --prefix=/usr/local/clamav --disable-zlib-vcheck --enable-milter
    make install

  6. Configure /usr/local/clamav/etc/clamd.conf. I changed the following:

    # Example
    LogTime: yes
    LogSyslog yes
    LogFacility LOG_MAIL
    PidFile /var/run/clamav/
    TemporaryDirectory /tmp
    LocalSocket /var/run/clamav/clamd.socket
    FixStaleSocket yes
    User clamav

    I chose to have it log via syslog to the mail facility. Why? Because I’m lazy and that log gets rotated already. One less thing to have to change & worry about. If you are high-traffic you might want to have logrotate rotate /var/log/maillog daily.

  7. Configure /usr/local/clamav/etc/freshclam.conf. I changed the following:

    # Example
    LogSyslog yes
    LogFacility LOG_MAIL
    PidFile /var/run/clamav/
    NotifyClamd /usr/local/clamav/etc/clamd.conf

  8. mkdir /var/run/clamav
  9. chown clamav.clamav /var/run/clamav/
  10. chmod 700 /var/run/clamav
  11. Start the base services to make sure they work. You may want to "tail -f /var/log/maillog" while you’re doing this:

    /usr/local/clamav/bin/freshclam -d

  12. Configure the milter. Add the following to /etc/mail/ right before the MAILER(smtp)dnl line. It’s two lines, the second beginning with “define”:

    INPUT_MAIL_FILTER(`clamav’, `S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m;C:30s;E:10m’)dnl
    define(`confINPUT_MAIL_FILTERS’, `clamav’)

  13. Make the new by issuing a "make -C /etc/mail" command.
  14. Start the milter process to test it:

    /usr/local/clamav/sbin/clamav-milter -lo /var/run/clamav/clmilter.sock

  15. Restart sendmail to make it pick up the configuration changes (service sendmail restart).
  16. Send a test email. If everything works make sure you set the services to start at boot, either with the init script that is in the ClamAV contrib directory or just by adding lines to /etc/rc.local.

3 thoughts on “How To Install ClamAV On Red Hat Enterprise Linux”

  1. you need to run this before you can start freshclam

    chown clamav.clamav /var/lib/clamav/

  2. If i would like to make clamav scanning a directory such as /home/ovan in every 24 hours, what should i do.?

    Can you show me how to configure cron syntax to do that please.

    Thank you

Comments are closed.