Last active
February 5, 2022 05:54
-
-
Save AfroThundr3007730/91a3e2cbfc848088b70d731133ff3f2a to your computer and use it in GitHub Desktop.
My notes on getting ClamAV working on CentOS 7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# How to get ClamAV working on CentOS 7 | |
yum -y install epel-release && yum -y update | |
yum -y install clamav clamav-data clamav-scanner clamav-scanner-systemd clamav-server clamav-server-systemd clamav-unofficial-sigs clamav-update | |
# Add /etc/clamd.d/freshclam.conf | |
# Add /usr/lib/systemd/system/clamav-freshclam.service | |
systemctl enable clamav-freshclam.service && systemctl start clamav-freshclam.service | |
setsebool -P antivirus_can_scan_system 1 && setsebool -P antivirus_use_jit 1 | |
# Add /etc/clamd.d/scan.conf | |
# Add /usr/lib/systemd/system/[email protected] | |
systemctl enable [email protected] && systemctl start [email protected] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Automatically created by the clamav-freshclam postinst | |
Bytecode true | |
CompressLocalDatabase no | |
ConnectTimeout 30 | |
DatabaseDirectory /var/lib/clamav | |
DatabaseMirror database.clamav.net | |
DatabaseMirror db.local.clamav.net | |
DatabaseMirror db.us.clamav.net | |
DatabaseOwner clamupdate | |
Debug false | |
DNSDatabaseInfo current.cvd.clamav.net | |
Foreground false | |
#LogFacility LOG_LOCAL6 | |
#LogFileMaxSize 0 | |
#LogRotate true | |
LogSyslog false | |
LogTime true | |
LogVerbose false | |
MaxAttempts 5 | |
NotifyClamd /etc/clamd.d/clamd.conf | |
ReceiveTimeout 30 | |
SafeBrowsing true | |
ScriptedUpdates yes | |
TestDatabases yes | |
#UpdateLogFile /var/log/clamav/freshclam.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Run the freshclam as daemon | |
[Unit] | |
Description = freshclam scanner | |
After = network.target | |
[Service] | |
Type = forking | |
ExecStart = /usr/bin/freshclam -d | |
Restart = on-failure | |
IOSchedulingPriority = 7 | |
CPUSchedulingPolicy = 5 | |
Nice = 19 | |
PrivateTmp = true | |
[Install] | |
WantedBy = multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Automatically Generated by clamav-daemon postinst | |
AlgorithmicDetection true | |
AllowAllMatchScan true | |
ArchiveBlockEncrypted false | |
BytecodeSecurity Paranoid | |
BytecodeTimeout 60000 | |
Bytecode true | |
CommandReadTimeout 5 | |
#CrossFilesystems true | |
DatabaseDirectory /var/lib/clamav | |
Debug false | |
DetectBrokenExecutables false | |
DetectPUA false | |
DisableCache false | |
DisableCertCheck false | |
ExitOnOOM false | |
ExtendedDetectionInfo true | |
FixStaleSocket true | |
FollowDirectorySymlinks false | |
FollowFileSymlinks true | |
ForceToDisk false | |
Foreground false | |
HeuristicScanPrecedence false | |
IdleTimeout 30 | |
LeaveTemporaryFiles false | |
LocalSocketGroup clamscan | |
LocalSocketMode 666 | |
LocalSocket /var/run/clamd.scan/clamd.ctl | |
#LogClean false | |
#LogFacility LOG_LOCAL6 | |
#LogFileMaxSize 0 | |
#LogFileUnlock false | |
#LogFile /var/log/clamav/clamav.log | |
#LogRotate true | |
LogSyslog true | |
LogTime true | |
LogVerbose false | |
MaxConnectionQueueLength 15 | |
MaxDirectoryRecursion 15 | |
MaxEmbeddedPE 10M | |
MaxFiles 10000 | |
MaxFileSize 25M | |
MaxHTMLNormalize 10M | |
MaxHTMLNoTags 2M | |
MaxIconsPE 100 | |
MaxPartitions 50 | |
MaxQueue 100 | |
MaxRecHWP3 16 | |
MaxRecursion 16 | |
MaxScanSize 100M | |
MaxScriptNormalize 5M | |
MaxThreads 12 | |
MaxZipTypeRcg 1M | |
OfficialDatabaseOnly false | |
OLE2BlockMacros false | |
OnAccessIncludePath /home | |
OnAccessMaxFileSize 5M | |
PartitionIntersection false | |
PCREMatchLimit 10000 | |
PCREMaxFileSize 25M | |
PCRERecMatchLimit 5000 | |
PhishingAlwaysBlockCloak false | |
PhishingAlwaysBlockSSLMismatch false | |
PhishingScanURLs true | |
PhishingSignatures true | |
ReadTimeout 180 | |
ScanArchive true | |
ScanELF true | |
ScanHTML true | |
ScanHWP3 true | |
ScanMail true | |
ScanOLE2 true | |
ScanOnAccess true | |
ScanPartialMessages false | |
ScanPDF true | |
ScanPE true | |
ScanSWF true | |
ScanXMLDOCS true | |
SelfCheck 3600 | |
SendBufTimeout 200 | |
#StatsEnabled false | |
#StatsHostID auto | |
#StatsPEDisabled false | |
#StatsTimeout 10 | |
StreamMaxLength 25M | |
StructuredDataDetection false | |
User clamscan |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Run the clamd scanner | |
[Unit] | |
Description = clamd scanner (%i) daemon | |
After = syslog.target nss-lookup.target network.target | |
[Service] | |
Type = simple | |
ExecStart = /usr/sbin/clamd --foreground=yes | |
Restart = on-failure | |
IOSchedulingPriority = 7 | |
CPUSchedulingPolicy = 5 | |
Nice = 19 | |
PrivateTmp = true | |
MemoryLimit=500M | |
CPUQuota=50% | |
[Install] | |
WantedBy = multi-user.target |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As indicated in https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html
MemoryMax= replaces MemoryLimit=.
So, the good value must be
MemoryMax = 500M