Friday, June 13, 2008

Installing ClamAV latest from source

I love ClamAV. The team rocks, the project rocks, the idea rocks. While the detection rate isn't as good as some name-brand AV distributors (if you are looking to get some name-brand AV for your Linux boxen, check out Avira, they also rock), the response time for ClamAV is uber high since it is open source. Here is how to install the latest version:

Open up a terminal

cd ~
mkdir tmp
cd tmp
wget http://downloads.sourceforge.net/clamav/clamav-0.93.1.tar.gz


This creates a working directory for you to mess around in. After creating the directory, grab the latest stable version from SourceForge. Now, untar the archive, grab the deps, and create the clamav user and group.


tar xzf clamav-0.93.1.tar.gz
sudo apt-get build-dep -y clamav
cd clamav-0.93.1/
sudo adduser clamav --no-create-home --disabled-password


When you create the user, you will be asked for some information. You should be able to just hit enter a couple times and say 'yes'.

To make ClamAV, we must first configure. We will use the --enable-experimental flag which gives us better virus detection at the expense of reliability. I have never had a problem with this flag :-).


./configure --enable-experimental
make


Now, just to be safe, we will do a though cleaning to make sure there aren't any previous installations on your computer.


sudo apt-get remove --purge clamav
sudo make uninstall


Now, you can install it.


sudo make install



Before we can update the virus defs, we must first edit the ClamAV config files in /usr/local/etc/. I originally used vim to do this, but sed is faster.


cat /usr/local/etc/freshclam.conf | sed -e s/Example// | sudo tee /usr/local/etc/freshclam.conf
cat /usr/local/etc/clamd.conf | sed -e s/Example// | sudo tee /usr/local/etc/clamd.conf


You can now update your virus definitions and start scanning!


sudo freshclam
cd ~
clamscan -v -r ./


Some people may get an error that references libclamav.so.4. You should be able to run sudo ldconfig to fix the problem.

I am currently learning how to package, so hopefully, I will be able to start packaging the ClamAV releases and you won't have to do this :-).

3 comments:

  1. % aptitude search clamav | wc -l
    17

    Didn't you miss something? ;)

    ReplyDelete
  2. bperry@w00den-pickle:~$ aptitude show clamav
    Package: clamav
    State: not installed
    Version: 0.92.1~dfsg2-1.1


    Don't think so :-). The version in the repos is old.

    ReplyDelete
  3. I think you should keep contact with ScottK he is involved in the clamav packaging in ubuntu MOTU

    ReplyDelete