准备工作
在安装了EPEL源后,运行下面的命令安装ClamAV
[root@server_for_product ~]# yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd -y
Clamav可以通过EPEL源来安装,所以要首先安装EPEL,可以采用两种方法来安装:
[root@server_for_product ~]# yum install epel-release
[root@server_for_product ~]# yum repolist
看到以下字样就代表安装完成
epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64
查看EPEL源含有的安装包
[root@server_for_product ~]# yum --disablerepo="*" --enablerepo="epel" list available | less
安装ClamAV
[root@server_for_product ~]# yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd -y
在两个配置文件/etc/freshclam.conf和/etc/clamd.d/scan.conf中移除“Example”字符[root@server_for_product ~]vim /etc/freshclam.conf
在“Example”前面添加#,注释掉这一行
[root@server_for_product ~]vim/etc/clamd.d/scan.conf
另外将里面的#LocalSocket /var/run/clamd.scan/clamd.sock 行前面的#去掉,使其生效
然后手动更新病毒库
[root@server_for_product ~]# freshclam
顺便一提,freshclam命令通过文件/etc/cron.d/clamav-update来自动运行,里面有一个定时任务的,但是默认是没有打开的
想要执行定时任务的话
[root@server_for_product ~]vim /etc/sysconfig/freshclam
删除里面最下面的那一行FRESHCLAM_DELAY=disabled-warn # REMOVE ME
配置开机启动
[root@server_for_product ~]# systemctl enable clamd@scan
启动并检查服务状态
[root@server_for_product ~]# systemctl start clamd@scan
[root@server_for_product ~]# systemctl status clamd@scan
看到active字样就表示安装成功
使用ClamAV查杀
备注
如果在手动更新病毒库的时候遇到错误:Update Failed. Your network may be down or none of the mirrors listed in freshclam.conf is working.
[root@server_for_product ~]# rm -f /var/lib/clamav/mirrors.dat
再手动更新一次病毒库
[root@server_for_product ~]# freshclam
