Home > CentOS, Vesta > CentOS 7, VestaCP and the Irritating clamd

CentOS 7, VestaCP and the Irritating clamd

Here is the step by step guide in getting clamav to work in CentOS 7 for a VestaCP setup

Install Updated ClamAV components
yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd -y

Link scan.conf to the default VestaCP clamd config file
rm -f /etc/clamd.d/scan.conf
ln -s /etc/clamd.conf /etc/clamd.d/scan.conf

Create freshclam service (Running it as a service will automatically update your AV definitions)
vi /usr/lib/systemd/system/clam-freshclam.service

Description = freshclam scanner
After = network.target
Type = forking
ExecStartPre=/usr/bin/mkdir -p /var/lib/clamav/
ExecStartPre=/usr/bin/chown -R clam.clam /var/lib/clamav
ExecStartPre=/usr/bin/chmod 755 /var/lib/clamav
ExecStart = /usr/bin/freshclam -d -c 4
Restart = on-failure
PrivateTmp = true

Register and start freshclam service
systemctl enable clam-freshclam.service
systemctl restart clam-freshclam.service
systemctl status clam-freshclam.service -l

Update clamd@ service to create the neccessary folders
vi /usr/lib/systemd/system/clamd@.service
Description = clamd scanner (%i) daemon
After = syslog.target nss-lookup.target network.target

Type = simple
***ADD these 2 lines below, they must be before ExecStart
ExecStartPre = /usr/bin/mkdir -p /var/log/clamav/
ExecStartPre = /usr/bin/chown -R clam:clam /var/log/clamav/
ExecStart = …

Update startup to use the new clamd service
cd /usr/lib/systemd/system

systemctl disable clamd.service

systemctl enable clamd@scan.service
systemctl restart clamd@scan.service
systemctl status clamd@scan.service

Test scan, make sure it is successful
clamdscan -c /etc/clamd.d/scan.conf –fdpass


Categories: CentOS, Vesta
  1. hsschile
    August 4, 2016 at 10:22 pm

    Thanks for your tutorial. All is OK but I get an error when I run last command:

    [root@scw-cd3994 system]# clamdscan -c /etc/clamd.d/scan.conf –fdpass
    ERROR: Can’t access file /usr/lib/systemd/system/–fdpass

    ———– SCAN SUMMARY ———–
    Infected files: 0
    Total errors: 1
    Time: 0.000 sec (0 m 0 s)
    [root@scw-cd3994 system]#

    Do I need to fix something else?

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: