|
CentOS安裝配置clamav的若干問題
1、CentOS 安装clamav 0.94无法启动问题
00:29siutungLinux
今天在安装完clamav以后重启,系统在启动过程中却报错:
Starting Clam AntiVirus Daemon: audit(1238453180.550:4): avc: denied { read } for pid=1609
comm="clamd" name="daily.cvd" dev=hda6 ino=98309 scontext=system_u:system_r:clamd_t:s0 tcontext=root:object_r:var_t:s0 tclass=file audit(1238453180.557:5): avc: denied { read } for pid=1609 comm="clamd" name="clamd" dev=hda6 ino=98307 scontext=system_u:system_r:clamd_t:s0 tcontext-system_u:object_r:var_t:s0 tclass=dir
LibClamAV Error: cli_loaddbdir(): Can't open directory /var/clamav
ERROR:Unable to open file or directory
[FAILED]
原因是受SELinux控制影响
解决方法:
方法1、禁用SELinux修改/etc/selinux/config将SELINUX=enforcing更改为SELINUX=disabled保存后重启;
方法2、运行setsebool -P clamd_disable_trans=1,使clamav不受SELinux的控制。
Tags: centos , clamav , selinux , setsebool阅读(742) | 评论(0) | 引用(0)
引用地址:
注意: 该地址仅在今日23:59:59之前有效
2、 处理ClamAV Mail Virus Scanner报错
# /usr/sbin/amavisd -c /etc/amavisd/amavisd.conf debug
Starting Mail Virus Scanner (amavisd): The value of variable $myhostname is "CentOS",but should have been a fully qualified domain name: perhaps uname(3) did not provide such.
You must explicitly assign a FQDN of this host to variable $myhostname in amavisd.conf,or fix what uname(3) provides as a host's network name! [FAILED]
刚装的ClamAV的邮件扫描系统,在系统启动的时候却提示以上错误。
仔细分析了一下,应该是某个地方没有解析出计算机名(域名,在此为CentOS),发现在amavisd.conf有# $myhostname = 'CentOS',将此行的#去掉就OK了。
3、CentOS中安装Clam AntiVirus杀毒软件
方法一:
一、定义yum的非官方库
在服务器构建的过程中,我们将要用到的一些工具不存在于CentOS中yum的官方库中,所以需要定义yum的非官方库文件,让一些必需的工具通过yum也能够安装。
[root@sample ~]# vi /etc/yum.repos.d/dag.repo ← 建立dag.repo,定义非官方库
[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt./redhat/el$releasever/en/$basearch/dag
gpgcheck=1
enabled=1
[root@sample ~]# rpm --import http://dag./rpm/packages/RPM-GPG-KEY.dag.txt ← 导入非官方库的GPG
附:
在使用yum进行install时,经常会出现下面的错误:
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 1aa78495
warning: livna-release-7.rpm: Header V3 DSA signature: NOKEY, key ID a109b1ec
导致安装不能进行。
解决方法如下:
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
二、安装Clam AntiVirus
[root@sample ~]# yum -y install clamd ← 在线安装 Clam AntiVirus
Setting up Install Process
Setting up repositories
dag 100% |=========================| 1.1 kB 00:00
update 100% |=========================| 951 B 00:00
base 100% |=========================| 1.1 kB 00:00
addons 100% |=========================| 951 B 00:00
extras 100% |=========================| 1.1 kB 00:00
Reading repository metadata in from local files
primary.xml.gz 100% |=========================| 1.6 MB 00:08
dag : ################################################## 4610/4610
Added 4610 new packages, deleted 0 old in 94.91 seconds
primary.xml.gz 100% |=========================| 103 kB 00:05
update : ################################################## 256/256
Added 56 new packages, deleted 0 old in 4.25 seconds
Reducing Dag RPM Repository for Red Hat Enterprise Linux to included packages only
Finished
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamd to pack into transaction set.
clamd-0.88.4-1.el4.rf.i38 100% |=========================| 5.3 kB 00:00
---> Package clamd.i386 0:0.88.4-1.el4.rf set to be updated
--> Running transaction check
--> Processing Dependency: clamav = 0.88.4-1.el4.rf for package: clamd
--> Processing Dependency: libclamav.so.1 for package: clamd
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamav to pack into transaction set.
clamav-0.88.4-1.el4.rf.i3 100% |=========================| 8.1 kB 00:00
---> Package clamav.i386 0:0.88.4-1.el4.rf set to be updated
--> Running transaction check
--> Processing Dependency: clamav-db = 0.88.4-1.el4.rf for package: clamav
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamav-db to pack into transaction set.
clamav-db-0.88.4-1.el4.rf 100% |=========================| 3.2 kB 00:00
---> Package clamav-db.i386 0:0.88.4-1.el4.rf set to be updated
--> Running transaction check
Dependencies Resolved
=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
clamd i386 0.88.4-1.el4.rf dag 64 k
Installing for dependencies:
clamav i386 0.88.4-1.el4.rf dag 724 k
clamav-db i386 0.88.4-1.el4.rf dag 5.6 M
Transaction Summary
=============================================================================
Install 3 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 6.4 M
Downloading Packages:
(1/3): clamd-0.88.4-1.el4 100% |=========================| 64 kB 00:01
(2/3): clamav-0.88.4-1.el 100% |=========================| 724 kB 00:04
(3/3): clamav-db-0.88.4-1 100% |=========================| 5.6 MB 00:25
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: clamav-db ######################### [1/3]
Installing: clamav ######################### [2/3]
Installing: clamd ######################### [3/3]
Installed: clamd.i386 0:0.88.4-1.el4.rf
Dependency Installed: clamav.i386 0:0.88.4-1.el4.rf clamav-db.i386 0:0.88.4-1.el4.rf
Complete!
若出现以上红色部分,即表示Clam AntiVirus安装完成!
三、配置Clam AntiVirus
1、Clam AntiVirus的使用者配置:
[root@sample ~]# vi /etc/clamd.conf ← 修改clamd的配置文件
ArchiveBlockMax ← 找到这一行,在行首加上“#”(不把大容量的压缩文件看作被感染病毒的文件)
#ArchiveBlockMax ← 变为此状态
User clamav ← 找到这一行,在行首加上“#”(不允许一般用户控制)
#User clamav ← 变为此状态
2、设置Clam AntiVirus开机随系统自启动:
[root@sample ~]# chkconfig clamd on
3、更新Clam AntiVirus的病毒库
[root@sample ~]# freshclam
ClamAV update process started at Fri Aug 25 18:39:26 2006
Downloading main.cvd [*]
main.cvd updated (version: 40, sigs: 64138, f-level: 8, builder: tkojm)
Downloading daily.cvd [*]
daily.cvd updated (version: 1728, sigs: 2565, f-level: 8, builder: ccordes)
Database updated (66703 signatures) from db.cn.clamav.net (IP: 58.221.253.171)
Clamd successfully notified about the update.
4、让Clam AntiVirus定时运行:
[root@sample ~]# vi scan.sh ← 建立自动扫描脚本,如下:
#!/bin/bash
PATH=/usr/bin:/bin
CLAMSCANTMP=`mktemp`
clamdscan --recursive --remove / > $CLAMSCANTMP
[ ! -z "$(grep FOUND$ $CLAMSCANTMP)" ] && \
grep FOUND $CLAMSCANTMP | mail -s "Virus Found in `hostname`" root
rm -f $CLAMSCANTMP
[root@sample ~]#chmod 700 scan.sh ← 赋予脚本可被执行的权限
[root@sample ~]#crontab -e ← 编辑计划任务,添加如下行
00 03 * * * /root/scan.sh ← 添加这一行,让其在每天3点钟执行扫描
四、病毒扫描
[root@sample ~]# clamdscan ← 进行病毒扫描
/root: OK ----------- SCAN SUMMARY -----------
Infected files: 0 ← 没有发现病毒
Time: 5.074 sec (0 m 5 s)
[root@sample ~]# clamdscan --remove ← 再次进行病毒扫描,并附加删除选项
方法二:
#wget -c http://jaist.dl./sourceforge/clamav/clamav-0.94.2.tar.gz
#tar -zxvf clamav-0.94.2.tar.gz
#cd clamav-0.94.2.tar.gz
#groupadd clamav
#useradd -g clamav -s /sbinlogin -c "Clam Antivirus" clamav
# ./configure --sysconfdir=/etc
#make
#su -c "make install"
修改配置文件
1 使用编辑器修改 /etc/clamd.conf
#vi /etc/clamd.conf
在 Example 前面加 #
2.
#vi /etc/freshclam.conf
在 Example 前面加 #
把Checks 从 "24" 改为 "6",并去掉前面的#
这样是每6小时更新一次病毒码。
3.运行clamd守护进程:
/usr/local/sbin/clamd
4.测试
clamdscan -文件及目录的扫毒
扫描整个目录
#/usr/local/bin/clamscan -r /home
#/usr/local/bin/clamscan -r /
#/usr/local/bin/clamscan -r /usr/share/doc/clamav*
更新命令
#/usr/local/bin/freshclamd
5.设置设置clamav随服务器开机自动启动
#touch /etc/init.d/autoclamav
#vi /etc/init.d/autoclamav
内容如下:
echo "now the clamav will be started automaticly"
/usr/local/sbin/clamd
echo "clamav start has be done"
#chmod 777 /etc/init.d/autoclamav
本文来源于天空极速 http://www. 原文链接:http://www./tags/clamav/1/
|
