There are new viruses coming out every day and we need to make sure that our virus signature database is kept up to date. To do this we will run freshclam twice a day (more if you like) from launchd.

In order to check incoming mails for viruses we should also run clamav as a daemon as well. To do that we will create a pair of plist files. One for clamav and one for freshclam.

First of all, lets setup the auto updating of the clamav database. In your favorite editor create a blank file called com.diymacserver.freshclam.plist and add the following information to it.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>KeepAlive</key>
  <true/>
  <key>Label</key>
  <string>com.diymacserver.freshclam</string>
  <key>OnDemand</key>
  <false/>
  <key>Program</key>
  <string>/usr/local/bin/freshclam</string>
  <key>ProgramArguments</key>
  <array>
    <string>/usr/local/bin/freshclam</string>
    <string>-d</string>
    <string>-c</string>
    <string>2</string>
    <string>–daemon-notify=/etc/clamav/clamd.conf</string>
  </array>
  <key>RunAtLoad</key>
  <false/>
  <key>ServiceIPC</key>
  <false/>
  <key>UserName</key>
  <string>_clamav</string>
</dict>
</plist>

Now that we have a plist file for launchd to use, we have to set it’s permissions and move it into place. We do that with the following commands:

sudo chmod 644 com.diymacserver.freshclam.plist
sudo chown root:wheel com.diymacserver.freshclam.plist
sudo mv com.diymacserver.freshclam.plist /Library/LaunchDaemons/

Now that the plist file is in place and ready to go we load it with the following command:

sudo launchctl load /Library/LaunchDaemons/com.diymacserver.freshclam.plist

When launchd loads the plist it will run freshclam once, then go to sleep for 12 hours. If you would like freshclam to update more often you can change the 2 in the plist to any number up to 50.

We are also going to run clamav as a daemon. For clamav to be loaded and run as a daemon on boot we need a plist for clamav as well. In your favorite editor create a blank file called com.diymacserver.clamd.plist and add the following information to it.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>Label</key>
  <string>com.diymacserver.clamd</string>
  <key>OnDemand</key>
  <false/>
  <key>Program</key>
  <string>/usr/local/sbin/clamd</string>
  <key>ProgramArguments</key>
  <array>
    <string>clamd</string>
  </array>
  <key>ServiceIPC</key>
  <false/>
  <key>UserName</key>
  <string>_amavisd</string>
</dict>
</plist>

Now that we have a plist file for launchd to use, we have to set it’s permissions and move it into place. we do that with the following commands:

sudo chmod 644 com.diymacserver.clamd.plist
sudo chown root:wheel com.diymacserver.clamd.plist
sudo mv com.diymacserver.clamd.plist /Library/LaunchDaemons/

Now that the plist file is in place and ready to go we load it with the following command:

sudo launchctl load /Library/LaunchDaemons/com.diymacserver.clamd.plist

Both clamav and freshclam should now be running in daemon mode. You can check the log files ‘/var/log/clamd.log‘ and ‘/var/log/freshclam.log‘ to make sure that everything loaded properly.