Installing ClamAV 0.93.3 From The Sources (+ Sendmail Integration) On CentOS 5.2

Want to support HowtoForge? Become a subscriber!
 
Submitted by arasel (Contact Author) (Forums) on Thu, 2008-07-31 14:04. :: Anti-Spam/Virus | CentOS | Email

Installing ClamAV 0.93.3 From The Sources (+ Sendmail Integration) On CentOS 5.2

Author: Ioan Ungureanu
server@ro-design.net

Note: This how-to refers to the installation and configuration of Clamav 0.93.3 (from sources) on a Linux server running CentOS 5.2 and sendmail.
We assume the fact you’ve installed sendmail and sendmail-devel from the rpm packages of your distribution

If not just run the command:

yum install sendmail sendmail-devel

The sendmail-devel package is not optional here because we need libmilter. If we don’t install sendmail-devel we have to deal with error message libmilter not foud, so we avoid from start such a stop error.

 

Installing ClamAV-0.93.3 from sources

We need first to create the user and group:

groupadd clamav
useradd -g clamav clamav

We will change the password for the user clamav; for security reasons, this is not really necessary but recommended, choose a complex password, you don't need to remember after install; as a security rule, assume in your /etc/passwd user clamav has /sbin/nologin as shell environment like below, where uid and gid are the user id and group id assigned for clamav user.

cat /etc/passwd |grep 'clamav'

clamav:x:uid:gid::/home/clamav:/sbin/nologin

passwd clamav

We create next working directories for daemon and storeplace for logs:

mkdir /var/clamav
chown clamav:root /var/clamav
mkdir /var/log/clamav/
chown clamav:root /var/log/clamav/
mkdir /usr/local/share/clamav
chown clamav:clamav /usr/local/share/clamav

Now download the ClamAV 0.93.3 sources from a mirror (we used heatnet as a mirror, if it is slow or not responding you can choose another mirror from):

wget http://dl.sourceforge.net/sourceforge/clamav/clamav-0.93.3.tar.gz

or use a mirror like http://sourceforge.net/project/downloading.php?group_id=86638&use_mirror=osdn&filename=clamav-0.93.3.tar.gz&88361377&abmode=1.

tar xzvf clamav-0.93.3.tar.gz

cd clamav-0.93.3
./configure –disable-clamuko –enable-milter –with-dbdir=/usr/local/share/clamav

Basically, on distributions Red Hat based, when trying to compile clamav we see an error from incompatibility with zlib. You have the choise to install both zlib and zlib-devel packages with

yum install zlib zlib-devel

If there are erros, like configure: error: The installed zlib version may contain a security bug. Please upgrade to 1.2.2 or later: http://www.zlib.net. You can omit this check with –disable-zlib-vcheck but DO NOT REPORT any stability issues then!
 we write the command:

yum update zlib zlib-devel

The chance to get error still exist so it is safe to run:

./configure –disable-clamuko –enable-milter –with-dbdir=/usr/local/share/clamav –disable-zlib-vcheck

After we run, for both cases:

make

make install

We need a file named clamav.conf. We edit it in /etc:

vi /etc/clamav.conf

Write the following lines:

#/etc/clamav.conf
LogTime
LogSyslog
LogFile /var/log/clam/clamd.log
PidFile /var/run/clam/clamd.pid
LocalSocket /var/run/clam/clamd.sock
FixStaleSocket
MaxThreads 50
ThreadTimeout 600
MaxDirectoryRecursion 15
FollowFileSymlinks
SelfCheck 600
User clamav
ScanMail
ScanArchive
ArchiveMaxFileSize 10M #file max size in Megabytes for archived scaned files.You can modify this to suit your purposes
ArchiveMaxRecursion 5
ArchiveMaxFiles 1000

Save and close the file.

Now tell your startup script to load the ClamAV daemon:

echo “/usr/local/sbin/clamd” >> /etc/rc.d/rc.local
echo “/usr/local/sbin/clamav-milter -l -o -q /var/milter/clmilter.sock” >> /etc/rc.d/rc.local

cp /etc/clamav.conf /usr/local/etc/
touch /var/log/clam-update.log
chown clamav:clamav /var/log/clam-update.log
touch /tmp/clamd.log
chown clamav:root /tmp/clamd.log
mkdir /var/milter
chown clamav:root /var/milter/
cd /usr/local/etc/

We modify some configuration files [you can download/use those used by me] in the directory /etc:

cd /etc

wget ftp://ftp.ro-design.net/pub/clamd.conf
wget ftp://ftp.ro-design.net/pub/freshclam.conf
mkdir /var/lib/clamav
chown clamav:root /var/lib/clamav/
/usr/local/bin/freshclam -l /var/log/clam-update.log
cp /usr/local/sbin/clamd /etc/init.d/
/etc/init.d/clamd restart

In the file /etc/mail/sendmail.mc add the lines:

INPUT_MAIL_FILTER(`clmilter’,`S=local:/var/milter/clmilter.sock, F=, T=S:4m;R:4m’)
dnl define(`confINPUT_MAIL_FILTERS’, `clmilter’)
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

/etc/init.d/sendmail restart
crontab -e

Add the lines below:

# we will update the database used by Clamav antivirus daily, twice
0 2,13 * * * /usr/local/bin/freshclam –quiet -l /var/log/clam-update.log

Finally:

/etc/rc.d/rc.local

For any questions or troubles you can contact me at: server@ro-design.net


Copyright © 2008 Ioan Ungureanu
All Rights Reserved.
add comment | view as pdf view as pdf | Display a printer-friendly version of this page. print
Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.