AfroThundr3007730 · February 5, 2022 05:54 · AfroThundr3007730 · Jan 4, 2020 · m4b0 · Jul 13, 2020
diff --git a/00-clamav-notes.sh b/00-clamav-notes.sh
 # How to get ClamAV working on CentOS 7

 yum -y install epel-release && yum -y update
 yum -y install clamav clamav-data clamav-scanner clamav-scanner-systemd clamav-server clamav-server-systemd clamav-unofficial-sigs clamav-update

 # Add /etc/clamd.d/freshclam.conf

 # Add /usr/lib/systemd/system/clamav-freshclam.service

 systemctl enable clamav-freshclam.service && systemctl start clamav-freshclam.service
 setsebool -P antivirus_can_scan_system 1 && setsebool -P antivirus_use_jit 1

 # Add /etc/clamd.d/scan.conf

 # Add /usr/lib/systemd/system/[email protected]

 systemctl enable [email protected] && systemctl start [email protected]
diff --git a/01-freshclam.conf b/01-freshclam.conf
 # Automatically created by the clamav-freshclam postinst
 Bytecode true
 CompressLocalDatabase no
 ConnectTimeout 30
 DatabaseDirectory /var/lib/clamav
 DatabaseMirror database.clamav.net
 DatabaseMirror db.local.clamav.net
 DatabaseMirror db.us.clamav.net
 DatabaseOwner clamupdate
 Debug false
 DNSDatabaseInfo current.cvd.clamav.net
 Foreground false
 #LogFacility LOG_LOCAL6
 #LogFileMaxSize 0
 #LogRotate true
 LogSyslog false
 LogTime true
 LogVerbose false
 MaxAttempts 5
 NotifyClamd /etc/clamd.d/clamd.conf
 ReceiveTimeout 30
 SafeBrowsing true
 ScriptedUpdates yes
 TestDatabases yes
 #UpdateLogFile /var/log/clamav/freshclam.log
diff --git a/02-clamav-freshclam.service b/02-clamav-freshclam.service
 # Run the freshclam as daemon
 [Unit]
 Description = freshclam scanner
 After = network.target

 [Service]
 Type = forking
 ExecStart = /usr/bin/freshclam -d
 Restart = on-failure
 IOSchedulingPriority = 7
 CPUSchedulingPolicy = 5
 Nice = 19
 PrivateTmp = true

 [Install]
 WantedBy = multi-user.target
diff --git a/03-scan.conf b/03-scan.conf
 #Automatically Generated by clamav-daemon postinst
 AlgorithmicDetection true
 AllowAllMatchScan true
 ArchiveBlockEncrypted false
 BytecodeSecurity Paranoid
 BytecodeTimeout 60000
 Bytecode true
 CommandReadTimeout 5
 #CrossFilesystems true
 DatabaseDirectory /var/lib/clamav
 Debug false
 DetectBrokenExecutables false
 DetectPUA false
 DisableCache false
 DisableCertCheck false
 ExitOnOOM false
 ExtendedDetectionInfo true
 FixStaleSocket true
 FollowDirectorySymlinks false
 FollowFileSymlinks true
 ForceToDisk false
 Foreground false
 HeuristicScanPrecedence false
 IdleTimeout 30
 LeaveTemporaryFiles false
 LocalSocketGroup clamscan
 LocalSocketMode 666
 LocalSocket /var/run/clamd.scan/clamd.ctl
 #LogClean false
 #LogFacility LOG_LOCAL6
 #LogFileMaxSize 0
 #LogFileUnlock false
 #LogFile /var/log/clamav/clamav.log
 #LogRotate true
 LogSyslog true
 LogTime true
 LogVerbose false
 MaxConnectionQueueLength 15
 MaxDirectoryRecursion 15
 MaxEmbeddedPE 10M
 MaxFiles 10000
 MaxFileSize 25M
 MaxHTMLNormalize 10M
 MaxHTMLNoTags 2M
 MaxIconsPE 100
 MaxPartitions 50
 MaxQueue 100
 MaxRecHWP3 16
 MaxRecursion 16
 MaxScanSize 100M
 MaxScriptNormalize 5M
 MaxThreads 12
 MaxZipTypeRcg 1M
 OfficialDatabaseOnly false
 OLE2BlockMacros false
 OnAccessIncludePath /home
 OnAccessMaxFileSize 5M
 PartitionIntersection false
 PCREMatchLimit 10000
 PCREMaxFileSize 25M
 PCRERecMatchLimit 5000
 PhishingAlwaysBlockCloak false
 PhishingAlwaysBlockSSLMismatch false
 PhishingScanURLs true
 PhishingSignatures true
 ReadTimeout 180
 ScanArchive true
 ScanELF true
 ScanHTML true
 ScanHWP3 true
 ScanMail true
 ScanOLE2 true
 ScanOnAccess true
 ScanPartialMessages false
 ScanPDF true
 ScanPE true
 ScanSWF true
 ScanXMLDOCS true
 SelfCheck 3600
 SendBufTimeout 200
 #StatsEnabled false
 #StatsHostID auto
 #StatsPEDisabled false
 #StatsTimeout 10
 StreamMaxLength 25M
 StructuredDataDetection false
 User clamscan
diff --git a/[email protected] b/[email protected]
 # Run the clamd scanner
 [Unit]
 Description = clamd scanner (%i) daemon
 After = syslog.target nss-lookup.target network.target

 [Service]
 Type = simple
 ExecStart = /usr/sbin/clamd --foreground=yes
 Restart = on-failure
 IOSchedulingPriority = 7
 CPUSchedulingPolicy = 5
 Nice = 19
 PrivateTmp = true
 MemoryLimit=500M
 CPUQuota=50%

 [Install]
 WantedBy = multi-user.target
	# How to get ClamAV working on CentOS 7

	yum -y install epel-release && yum -y update
	yum -y install clamav clamav-data clamav-scanner clamav-scanner-systemd clamav-server clamav-server-systemd clamav-unofficial-sigs clamav-update

	# Add /etc/clamd.d/freshclam.conf

	# Add /usr/lib/systemd/system/clamav-freshclam.service

	systemctl enable clamav-freshclam.service && systemctl start clamav-freshclam.service
	setsebool -P antivirus_can_scan_system 1 && setsebool -P antivirus_use_jit 1

	# Add /etc/clamd.d/scan.conf

	# Add /usr/lib/systemd/system/[email protected]

	systemctl enable [email protected] && systemctl start [email protected]
	# Automatically created by the clamav-freshclam postinst
	Bytecode true
	CompressLocalDatabase no
	ConnectTimeout 30
	DatabaseDirectory /var/lib/clamav
	DatabaseMirror database.clamav.net
	DatabaseMirror db.local.clamav.net
	DatabaseMirror db.us.clamav.net
	DatabaseOwner clamupdate
	Debug false
	DNSDatabaseInfo current.cvd.clamav.net
	Foreground false
	#LogFacility LOG_LOCAL6
	#LogFileMaxSize 0
	#LogRotate true
	LogSyslog false
	LogTime true
	LogVerbose false
	MaxAttempts 5
	NotifyClamd /etc/clamd.d/clamd.conf
	ReceiveTimeout 30
	SafeBrowsing true
	ScriptedUpdates yes
	TestDatabases yes
	#UpdateLogFile /var/log/clamav/freshclam.log
	# Run the freshclam as daemon
	[Unit]
	Description = freshclam scanner
	After = network.target

	[Service]
	Type = forking
	ExecStart = /usr/bin/freshclam -d
	Restart = on-failure
	IOSchedulingPriority = 7
	CPUSchedulingPolicy = 5
	Nice = 19
	PrivateTmp = true

	[Install]
	WantedBy = multi-user.target
	#Automatically Generated by clamav-daemon postinst
	AlgorithmicDetection true
	AllowAllMatchScan true
	ArchiveBlockEncrypted false
	BytecodeSecurity Paranoid
	BytecodeTimeout 60000
	Bytecode true
	CommandReadTimeout 5
	#CrossFilesystems true
	DatabaseDirectory /var/lib/clamav
	Debug false
	DetectBrokenExecutables false
	DetectPUA false
	DisableCache false
	DisableCertCheck false
	ExitOnOOM false
	ExtendedDetectionInfo true
	FixStaleSocket true
	FollowDirectorySymlinks false
	FollowFileSymlinks true
	ForceToDisk false
	Foreground false
	HeuristicScanPrecedence false
	IdleTimeout 30
	LeaveTemporaryFiles false
	LocalSocketGroup clamscan
	LocalSocketMode 666
	LocalSocket /var/run/clamd.scan/clamd.ctl
	#LogClean false
	#LogFacility LOG_LOCAL6
	#LogFileMaxSize 0
	#LogFileUnlock false
	#LogFile /var/log/clamav/clamav.log
	#LogRotate true
	LogSyslog true
	LogTime true
	LogVerbose false
	MaxConnectionQueueLength 15
	MaxDirectoryRecursion 15
	MaxEmbeddedPE 10M
	MaxFiles 10000
	MaxFileSize 25M
	MaxHTMLNormalize 10M
	MaxHTMLNoTags 2M
	MaxIconsPE 100
	MaxPartitions 50
	MaxQueue 100
	MaxRecHWP3 16
	MaxRecursion 16
	MaxScanSize 100M
	MaxScriptNormalize 5M
	MaxThreads 12
	MaxZipTypeRcg 1M
	OfficialDatabaseOnly false
	OLE2BlockMacros false
	OnAccessIncludePath /home
	OnAccessMaxFileSize 5M
	PartitionIntersection false
	PCREMatchLimit 10000
	PCREMaxFileSize 25M
	PCRERecMatchLimit 5000
	PhishingAlwaysBlockCloak false
	PhishingAlwaysBlockSSLMismatch false
	PhishingScanURLs true
	PhishingSignatures true
	ReadTimeout 180
	ScanArchive true
	ScanELF true
	ScanHTML true
	ScanHWP3 true
	ScanMail true
	ScanOLE2 true
	ScanOnAccess true
	ScanPartialMessages false
	ScanPDF true
	ScanPE true
	ScanSWF true
	ScanXMLDOCS true
	SelfCheck 3600
	SendBufTimeout 200
	#StatsEnabled false
	#StatsHostID auto
	#StatsPEDisabled false
	#StatsTimeout 10
	StreamMaxLength 25M
	StructuredDataDetection false
	User clamscan
	# Run the clamd scanner
	[Unit]
	Description = clamd scanner (%i) daemon
	After = syslog.target nss-lookup.target network.target

	[Service]
	Type = simple
	ExecStart = /usr/sbin/clamd --foreground=yes
	Restart = on-failure
	IOSchedulingPriority = 7
	CPUSchedulingPolicy = 5
	Nice = 19
	PrivateTmp = true
	MemoryLimit=500M
	CPUQuota=50%

	[Install]
	WantedBy = multi-user.target