Guide On How To Install ClamAV On FreeBSD

Guide On How To Install ClamAV On FreeBSD 2017-08-04T09:41:14+00:00

A Step By Step Guide On How To Install ClamAV On FreeBSD
The battle for Virusses are almost on par with the battle for spam. ClamAV can help you here. There’s not much to say really even though I wanted to make a fancy “tag line”. That’s not going to happen apparently. Ah well maybe another day.

So we will install this baby from ports. And just so you know ClamAV updates it’s database every 2 hours unless otherwise defined. This should be enough for everyone. There is really no need to overload your system by check for new definitions every 5 minutes.

First Things First

I strongly recommend installing the following archivers in order for ClamAV to be able to scan mails with attachments in these formats.

cd /usr/ports/archivers/arc && make install clean BATCH=yes
cd /usr/ports/archivers/arj && make install clean BATCH=yes
cd /usr/ports/archivers/lha && make install clean
cd /usr/ports/archivers/rar && make install clean BATCH=yes
cd /usr/ports/archivers/unrar && make install clean BATCH=yes
cd /usr/ports/archivers/unzoo && make install clean
cd /usr/ports/archivers/xar && make install clean BATCH=yes

Installing ClamAV

cd /usr/ports/security/clamav
make WITH="LLVM" install clean

When the options screen pops up hit “Ok”. As for the rest of the popups just accept the default values.

We need to remove the original startup scripts generated by the installation as ClamAV will be supervised by Daemontools.

rm /usr/local/etc/rc.d/clamav-clamd
rm /usr/local/etc/rc.d/clamav-freshclam 

Running ClamAV with Daemontools

mkdir -m 1755 /var/qmail/supervise/clamav
mkdir -m 1755 /var/qmail/supervise/freshclam
mkdir -m 755 /var/qmail/supervise/clamav/log
mkdir -m 755 /var/qmail/supervise/freshclam/log
mkdir -m 1755 /var/log/qmail/clamav
mkdir -m 1755 /var/log/qmail/freshclam
cd /var/qmail/supervise/clamav
fetch http://www.xfiles.dk/content/files/freebsd-qmail/clamav-run
mv clamav-run run
chmod 755 run
cd log
fetch http://www.xfiles.dk/content/files/freebsd-qmail/clamav-log-run
mv clamav-log-run run
chmod 755 run

Running Freshclam with Daemontools

cd /var/qmail/supervise/freshclam
fetch http://www.xfiles.dk/content/files/freebsd-qmail/freshclam-run
mv freshclam-run run
chmod 755 run
cd log
fetch http://www.xfiles.dk/content/files/freebsd-qmail/freshclam-log-run
mv freshclam-log-run run
chmod 755 run

Adjustning the ClamAV config file

We need to edit the clamav config file otherwise it won’t run probably with daemontools. The file we need to edit is this one /usr/local/etc/clamd.conf

Find the following line.

LogFile /var/log/clamav/clamd.log

And put a # mark in front of it.

# LogFile /var/log/clamav/clamd.log

Now find this line.

User clamav

And change the user to qscand like this.

User qscand

And finally find this line.

# Foreground yes

And remove the # mark like this.

Foreground yes

Adjustning the Freshclam config file

We also need to edit the freshclam config accordingly otherwise it won’t run probably with daemontools. The file we need to edit is this one /usr/local/etc/freshclam.conf

Find the following line.

UpdateLogFile /var/log/clamav/freshclam.log

And put a # mark in front of it.

# UpdateLogFile /var/log/clamav/freshclam.log

Now find this line.

DatabaseOwner clamav

And change the user to qscand like this.

DatabaseOwner qscand

And finally find this line.

# Foreground yes

And change it to.

Foreground yes

Check Permissions

chown -R qscand:qscand /var/log/clamav
chown -R qscand:qscand /var/run/clamav/
chown qscand:qscand /var/db/clamav/

Now if you try to start up ClamAV it may fail. There has been some changes meaning that ClamAV is not longer shipped with a Virus Definition DB. You will have to grab the first DB manually and only after this is done ClamAV will be able to run without errors, as well as being able to automatically update it’s Virus Definition DB.

Manually updating the Virus Definition DB is easy, but be warned this can take some time to complete. So let’s do this now before we continue. Enter the following command.

freshclam

Enable The Service

ln -s /var/qmail/supervise/clamav /service/
ln -s /var/qmail/supervise/freshclam /service/

Check if ClamAV is working as intended.

svstat /service/clamav/ /service/clamav/log

If everything is ok you should get and output like below.

/service/clamav/:    up (pid 86635) 19 seconds
/service/clamav/log: up (pid 86636) 19 seconds

Now check if everything FreshClam is working as intended.

svstat /service/freshclam/ /service/freshclam/log

If everything is ok you should get and output like below.

/service/freshclam/:    up (pid 55698) 20 seconds
/service/freshclam/log: up (pid 55699) 20 second

Adjust update frequency

Optional start.

If you want to change the how often ClamAV is updating its database then you have to modify the /usr/local/etc/freshclam.conf the lines you are looking for are these.

# Number of database checks per day.
# Default: 12 (every two hours)
# Checks 24 

Optional stop.

Adding ClamAV to qmailctl

In order to control dovecut from qmailctl we need to edit this file /usr/bin/qmailctl find the following lines and remove the # mark

# if svok /service/clamav ; then
# svc -u /service/clamav /service/clamav/log
# echo "Starting clamav"
# else
# echo "clamav supervise not running"
# fi

# if svok /service/freshclam ; then
# svc -u /service/freshclam /service/freshclam/log
# echo "Starting freshclam"
# else
# echo "freshclam supervise not running"
# fi

# echo " clamav"
# svc -d /service/clamav /service/clamav/log

# echo " freshclam"
# svc -d /service/freshclam /service/freshclam/log

# svstat /service/clamav
# svstat /service/clamav/log

# svstat /service/freshclam
# svstat /service/freshclam/log

# echo "Pausing clamav"
# svc -p /service/clamav

# echo "Pausing freshclam"
# svc -p /service/freshclam

# echo "Pausing clamav"
# svc -c /service/clamav

# eco "Pausing freshclam"
# svc -c /service/freshclam

# echo "* Restarting clamav"
# svc -t /service/clamav /service/clamav/log

# echo "* Restarting freshclam"
# svc -t /service/freshclam /service/freshclam/log

All of the lines above should now look like this.

if svok /service/clamav ; then
svc -u /service/clamav /service/clamav/log
echo "Starting clamav"
else
echo "clamav supervise not running"
fi

if svok /service/freshclam ; then
svc -u /service/freshclam /service/freshclam/log
echo "Starting freshclam"
else
echo "freshclam supervise not running"
fi

echo " clamav"
svc -d /service/clamav /service/clamav/log

echo " freshclam"
svc -d /service/freshclam /service/freshclam/log

svstat /service/clamav
svstat /service/clamav/log

svstat /service/freshclam
svstat /service/freshclam/log

echo "Pausing clamav"
svc -p /service/clamav

echo "Pausing freshclam"
svc -p /service/freshclam

echo "Pausing clamav"
svc -c /service/clamav

eco "Pausing freshclam"
svc -c /service/freshclam

echo "* Restarting clamav"
svc -t /service/clamav /service/clamav/log

echo "* Restarting freshclam"
svc -t /service/freshclam /service/freshclam/log

Now restart qmail in order for the changes to take effect.

qmailctl restart

And we are done here.

Spell checkers don’t – Grammar checkers don’t either.