Skip to content

Instantly share code, notes, and snippets.

@AfroThundr3007730
Last active February 5, 2022 05:54
Show Gist options
  • Save AfroThundr3007730/91a3e2cbfc848088b70d731133ff3f2a to your computer and use it in GitHub Desktop.
Save AfroThundr3007730/91a3e2cbfc848088b70d731133ff3f2a to your computer and use it in GitHub Desktop.
My notes on getting ClamAV working on CentOS 7
# How to get ClamAV working on CentOS 7
yum -y install epel-release && yum -y update
yum -y install clamav clamav-data clamav-scanner clamav-scanner-systemd clamav-server clamav-server-systemd clamav-unofficial-sigs clamav-update
# Add /etc/clamd.d/freshclam.conf
# Add /usr/lib/systemd/system/clamav-freshclam.service
systemctl enable clamav-freshclam.service && systemctl start clamav-freshclam.service
setsebool -P antivirus_can_scan_system 1 && setsebool -P antivirus_use_jit 1
# Add /etc/clamd.d/scan.conf
# Add /usr/lib/systemd/system/[email protected]
systemctl enable [email protected] && systemctl start [email protected]
# Automatically created by the clamav-freshclam postinst
Bytecode true
CompressLocalDatabase no
ConnectTimeout 30
DatabaseDirectory /var/lib/clamav
DatabaseMirror database.clamav.net
DatabaseMirror db.local.clamav.net
DatabaseMirror db.us.clamav.net
DatabaseOwner clamupdate
Debug false
DNSDatabaseInfo current.cvd.clamav.net
Foreground false
#LogFacility LOG_LOCAL6
#LogFileMaxSize 0
#LogRotate true
LogSyslog false
LogTime true
LogVerbose false
MaxAttempts 5
NotifyClamd /etc/clamd.d/clamd.conf
ReceiveTimeout 30
SafeBrowsing true
ScriptedUpdates yes
TestDatabases yes
#UpdateLogFile /var/log/clamav/freshclam.log
# Run the freshclam as daemon
[Unit]
Description = freshclam scanner
After = network.target
[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d
Restart = on-failure
IOSchedulingPriority = 7
CPUSchedulingPolicy = 5
Nice = 19
PrivateTmp = true
[Install]
WantedBy = multi-user.target
#Automatically Generated by clamav-daemon postinst
AlgorithmicDetection true
AllowAllMatchScan true
ArchiveBlockEncrypted false
BytecodeSecurity Paranoid
BytecodeTimeout 60000
Bytecode true
CommandReadTimeout 5
#CrossFilesystems true
DatabaseDirectory /var/lib/clamav
Debug false
DetectBrokenExecutables false
DetectPUA false
DisableCache false
DisableCertCheck false
ExitOnOOM false
ExtendedDetectionInfo true
FixStaleSocket true
FollowDirectorySymlinks false
FollowFileSymlinks true
ForceToDisk false
Foreground false
HeuristicScanPrecedence false
IdleTimeout 30
LeaveTemporaryFiles false
LocalSocketGroup clamscan
LocalSocketMode 666
LocalSocket /var/run/clamd.scan/clamd.ctl
#LogClean false
#LogFacility LOG_LOCAL6
#LogFileMaxSize 0
#LogFileUnlock false
#LogFile /var/log/clamav/clamav.log
#LogRotate true
LogSyslog true
LogTime true
LogVerbose false
MaxConnectionQueueLength 15
MaxDirectoryRecursion 15
MaxEmbeddedPE 10M
MaxFiles 10000
MaxFileSize 25M
MaxHTMLNormalize 10M
MaxHTMLNoTags 2M
MaxIconsPE 100
MaxPartitions 50
MaxQueue 100
MaxRecHWP3 16
MaxRecursion 16
MaxScanSize 100M
MaxScriptNormalize 5M
MaxThreads 12
MaxZipTypeRcg 1M
OfficialDatabaseOnly false
OLE2BlockMacros false
OnAccessIncludePath /home
OnAccessMaxFileSize 5M
PartitionIntersection false
PCREMatchLimit 10000
PCREMaxFileSize 25M
PCRERecMatchLimit 5000
PhishingAlwaysBlockCloak false
PhishingAlwaysBlockSSLMismatch false
PhishingScanURLs true
PhishingSignatures true
ReadTimeout 180
ScanArchive true
ScanELF true
ScanHTML true
ScanHWP3 true
ScanMail true
ScanOLE2 true
ScanOnAccess true
ScanPartialMessages false
ScanPDF true
ScanPE true
ScanSWF true
ScanXMLDOCS true
SelfCheck 3600
SendBufTimeout 200
#StatsEnabled false
#StatsHostID auto
#StatsPEDisabled false
#StatsTimeout 10
StreamMaxLength 25M
StructuredDataDetection false
User clamscan
# Run the clamd scanner
[Unit]
Description = clamd scanner (%i) daemon
After = syslog.target nss-lookup.target network.target
[Service]
Type = simple
ExecStart = /usr/sbin/clamd --foreground=yes
Restart = on-failure
IOSchedulingPriority = 7
CPUSchedulingPolicy = 5
Nice = 19
PrivateTmp = true
MemoryLimit=500M
CPUQuota=50%
[Install]
WantedBy = multi-user.target
@m4b0
Copy link

m4b0 commented Jul 13, 2020

As indicated in https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html

MemoryMax= replaces MemoryLimit=.

So, the good value must be

MemoryMax = 500M

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment