With my last post, I talked about how to install ClamAV (Clam Anti-Virus) for Linux on CentOS 7. And yet, I was not able to get the clamd daemon to run without errors. Every time I ran clamd, I got a permission error. I verified the file permissions and folder permissions. I suspect it has something to do with the security context and selinux. I may investigate this further later, but for now all I really wanted was a daily scan anyway. The clamd daemon has additioanl features like real-time virus scanning and scanning incoming e-mails. But for my current use that is not applicable.
I found this article over at CentOS blog. He has a pretty simple article about how to install it and set up a simple daily cron job which runs “clamscan” at midnight every day. His article is for the older CentOS 6 version and needs to be slightly modified for CentOS7 and the associated version of ClamAV. So here it is:
- Create a cron.daily file:
vi /etc/cron.daily/clamscan_daily
#!/bin/bash
SCAN_DIR="/home"
LOG_FILE="/var/log/clamscan.log"
/usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE
- Change the permissions on the file to executable:
chmod +x /etc/cron.daily/clamscan_daily
And that is pretty much it. Of course one could make a cron entry in the crontab to run the scan as often as needed. But that’s the basics to set up a daily scan of your server or system.
You only need to set the following two booleans (global policies) to allow clamav to scan unimpeded by SELinux (enforcing).
$ sudo setsebool -P antivirus_can_scan_system 1
$ sudo setsebool -P clamd_use_jit 1