准备工作

在安装了EPEL源后，运行下面的命令安装ClamAV

[root@server_for_product ~]# yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd -y

Clamav可以通过EPEL源来安装，所以要首先安装EPEL，可以采用两种方法来安装：

[root@server_for_product ~]# yum install epel-release

[root@server_for_product ~]# yum repolist

看到以下字样就代表安装完成

epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64

查看EPEL源含有的安装包

[root@server_for_product ~]# yum --disablerepo="*" --enablerepo="epel" list available | less

安装ClamAV

[root@server_for_product ~]# yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd -y

在两个配置文件/etc/freshclam.conf和/etc/clamd.d/scan.conf中移除“Example”字符

[root@server_for_product ~]vim /etc/freshclam.conf

在“Example”前面添加#，注释掉这一行

[root@server_for_product ~]vim/etc/clamd.d/scan.conf

另外将里面的#LocalSocket /var/run/clamd.scan/clamd.sock 行前面的#去掉，使其生效

然后手动更新病毒库

[root@server_for_product ~]# freshclam

顺便一提，freshclam命令通过文件/etc/cron.d/clamav-update来自动运行，里面有一个定时任务的，但是默认是没有打开的

想要执行定时任务的话

[root@server_for_product ~]vim /etc/sysconfig/freshclam

删除里面最下面的那一行FRESHCLAM_DELAY=disabled-warn # REMOVE ME

配置开机启动

[root@server_for_product ~]# systemctl enable clamd@scan

启动并检查服务状态

[root@server_for_product ~]# systemctl start clamd@scan

[root@server_for_product ~]# systemctl status clamd@scan

看到active字样就表示安装成功

使用ClamAV查杀

备注

如果在手动更新病毒库的时候遇到错误：Update Failed. Your network may be down or none of the mirrors listed in freshclam.conf is working.

此时就要删除掉旧的镜像地址文件

[root@server_for_product ~]# rm -f /var/lib/clamav/mirrors.dat

再手动更新一次病毒库

[root@server_for_product ~]# freshclam