Install ClamAV Antivirus on RHEL Linux and Run It as a Daemon
This guide will help you install and configure ClamAV Antivirus (clamd
) as a daemon on a RHEL server. This setup will enable the ClamAV daemon to run as a background service. You need at least 4GB of memory on your machine before you start.
Step 1: Install ClamAV and Dependencies
Start by updating and installing the required packages, including the Extra Packages for Enterprise Linux (EPEL) repository:
sudo yum update
sudo yum install epel-release
sudo yum install clamav-server clamav-data clamav-filesystem clamav-lib clamav-update clamav clamav-devel
Step 2: Configure freshclam
for Updates
The freshclam
tool is used to update the ClamAV virus database. To configure it:
- Backup the original freshclam configuration file:
sudo cp /etc/freshclam.conf /etc/freshclam.conf.bak
- Remove the Example line to enable the configuration:
sudo sed -i '/^Example/d' /etc/freshclam.conf
Step 3: Configure ClamAV Daemon (clamd
)
Next, configure the clamd service:
- Open the
/etc/clamd.d/scan.conf
file:
vi /etc/clamd.d/scan.conf
- Update the following lines (if these lines are commented out, make sure to uncomment them):
LocalSocket /run/clamd.scan/clamd.sock
User root
LocalSocketGroup virusgroup
LocalSocketMode 666
Step 4: Enable and Start the clamd Service
Enable and start the ClamAV daemon:
sudo systemctl enable clamd@scan
sudo systemctl start clamd@scan
Step 5: Manual Scanning and Database Updates
To update the virus database manually, run:
sudo freshclam
To scan a specific file for viruses, use:
clamdscan <file_name>
Step 6 (optional): Configure Group Permissions for Apache
If you are using Apache and want it to access ClamAV, add the Apache user to the virusgroup:
sudo usermod -aG virusgroup apache
Additional Note: SELinux Considerations
If SELinux is enabled on your server, additional configuration may be required. Consider reviewing and modifying SELinux policies to allow clamd
to function correctly. Check the SELinux logs (/var/log/audit/audit.log
) if you encounter any permission issues.
Conclusion
ClamAV is now installed and running as a daemon on your RHEL server, with automatic updates and a background scanning service. This setup ensures that your server is actively protected against viruses.