Once You Know, You Newegg
Home FAQ ClamAV How to update clamav via Source
How to update clamav via Source PDF Print E-mail
Written by Administrator   
Monday, 06 April 2009 22:22

Download the latest sorces from here:

http://www.clamav.net/download/sources

Untar and cd into the extracted folder and then edit the following files:


# vi /usr/local/etc/clamd.conf (for FreeBSD)
# vi /etc/clamd.conf (for Linux)

        #Example - must be commented out or removed
        #LogFile - multilog will handle logging
        #LogSysLog no - see LogFile
        PidFile /var/run/clamav/clamd.pid
        DatabaseDirectory /var/db/clamav
        FixStaleSocket yes - optional
        User - should be uncommented and set to qscand
        Foreground yes - required to run clamav via daemontools

Now we need to edit the freshclam.conf:

# vi /usr/local/etc/freshclam.conf (for FreeBSD)
# vi /etc/freshclam.conf (for Linux)

        # Example
        DatabaseDirectory /var/db/clamav
        # UpdateLogFile - multilog will handle logging
        # LogSyslog no - see UpdateLogFile
        PidFile /var/run/clamav/freshclam.pid
        DatabaseOwner - change from clamav to qscand
        Foreground yes - required to run freshclam via daemontools

Now to set some file permissions before we restart clamav (This may vary from system to system):

# chown -R qscand:qscand /var/log/clamav
# chown -R qscand:qscand /var/run/clamav/
# chown qscand:qscand /var/db/clamav/
# svc -t /service/clamav

If you are running clamav via a startup script, restart it like so:

 

# /usr/local/etc/rc.d/clamav-clamd.sh restart (For FreeBSD)
# /svc -t /service/clamav (For users using freebsdrocks.net)
# /etc/rc.d/clamd.sh (For Linux)

Now we need to run the following two commands to update qmail-scanner:

# setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -g
# setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -p (If you're using qmail-scanner 2.0 per domain)

This will update the qmail-scanner perlscanner database. This will
update the header information you see when you look for the version
numbers and such.

# setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z

The "-z" option causes qmail-scanner-queue.pl to rebuild a file
called "qmail-scanner-queue-version.txt", which contains the version
numbers of the various virus scanners in use. this text file is read
and the contents used to build the header which qmail-scanner adds to
each message. it also does a clean-up of any old temporary files
which may be laying around in the qmail-scanner directory.

The qmail-scanner author recommends that you run this on a daily
basis, although it doesn't hurt anything to run it more often. a busy
ISP mail server, for example, may choose to run this on an hourly basis.

It's not a bad idea to have this file be rebuilt whenever freshclam
downloads new virus definitions. i'm doing it on my server using the
"OnUpdateExecute" option inside of /etc/freshclam.conf... i've got a
shell script which calls "qmail-scanner-queue.pl -z" and then runs
clamscan on /home, /root, /www (the root beneath all of my web
sites), and /vpop (which on my server is the vpopmail user's home
directory.) this way if a new virus comes out and manages to get
through clamav with an old set of definitions, as long as the user
hasn't retrieved the message from the server it will be removed from
their mailbox automatically.

Special thanks to John Simpson
Last Updated on Saturday, 30 May 2009 15:54