These instructions work as is for both Snow Leopard and Leopard.
The first thing to do is to get the source code for clamav from sourceforge.
Once we have the source code, we need to expand it, configure it, and build and install it. We will set clamav to store it’s configuration files under
/etc/clamav. We will also set the user and group that clamav will run under to _clamav. On Snow Leopard, this user and group already exists, so we only have to assign clamav to use them. Once you have expanded the archive and switched into the directory we will configure and build with the following commands.
You can now build with:
If all has gone well, we are ready to install with:
The next thing to do is to create a configuration file for clamav. In the config file we will tell clamav where to write it’s pid file for running as a daemon, and where the log file is that we created. We also set the interval for selfchecks. Self checks should be run regularly, the higher the load on your server, the more often that clamav should check itself to make sure everything is running correctly. At the moment it checks the database every 3600 seconds (once and hour). You can increase or decrease the interval as you like.
Amavisd-new will connect to clamav thought a socket file. We set clamav to create that socket in the
Create the a clamd.conf file and add the following lines to it:
Once you have saved we will need to change the permissions and ownership on the configuration file before we move it into place. We do so with the following commands:
sudo chown _clamav:wheel clamd.conf
sudo mv clamd.conf /etc/clamav/
Next we create the log file for clamav to output information too. Once the file is created, we change it’s ownership to ‘_amavisd’. We give amavisd ownership because clamd will be running under the user amavisd while it is in daemon mode.
sudo chown _amavisd /var/log/clamd.log
Now that clamav is installed you can use it by hand to scan files for viruses using clamscan. However, it won’t have the latest virus definitions nor is it ready for use as a daemon in conjunction with postfix and amavisd-new.
Setting up auto updates requires us to create a configuration file for the database updater freshclam. We also need to create the place where that database will be stored. The first thing we will do is create the directory to store the virus database that will be updated by freshclam.
The following 2 commands will create a directory and set the permissions so that only clamav and freshclam can access the information it will contain.
sudo chown _clamav:daemon /var/lib/clamav
Now we have somewhere to put the information, we need to create a configuration file for freshclam. Open up your favorite editor and enter the following.
Save the file as freshclam.conf. We will need to change the permissions and ownership on the configuration file before we move it into place. We do so with the following commands:
sudo chown _clamav:wheel freshclam.conf
Now move it into place with :
We also need a log file for freshclam. Just as we did for clamav, creating the logfile and changing it’s ownership required only two commands. They are as follows:
sudo chown _clamav /var/log/freshclam.log
There is one more thing we need to do to make freshclam work without any troubles. Freshclam requires a .pid file while it is running. In the configuration file we have told freshclam to place that file in
/var/run along with the other .pid files that OS X uses.
In order to give freshclam the ability to create a file in
/var/run we need to add the _clamav user to the daemon group. This is done by entering the following command :
Now that everything is ready, we should run freshclam once by hand to make sure everything will run properly.
If everything has gone well, we should now have clamav installed and updated.