Install clamav on Centos 7

Installing clamav on previous Centos version was very easy for me.  When I tried to install on Centos 7. I had to learn many things from scratch!..

Install EPEL repo

Clamav is available on EPEL repo. Please install EPEL first then, run the following command:

# yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

Remove “Example” line from freshclam.conf and /etc/clamd.d/scan.conf in default locatiof of clamd.conf!

#sed -i -e “s/^Example/#Example/” /etc/freshclam.conf

#sed -i -e “s/^Example/#Example/” /etc/clamd.d/scan.conf

Run freshclam to update database manually.

# freshclam

Btw, fresclam is run by cron job from /etc/cron.d/clamav-update 

# cat /etc/cron.d/clamav-update
## Adjust this line…
MAILTO=root

## It is ok to execute it as root; freshclam drops privileges and becomes
## user ‘clamupdate’ as soon as possible
0  */3 * * * root /usr/share/clamav/freshclam-sleep

# /usr/share/clamav/freshclam-sleep
WARNING: update of clamav database is disabled; please see
‘/etc/sysconfig/freshclam’
for information how to enable the periodic update resp. how to turn
off this message.

It seems that freshclam update via cron is disabled. Remove the last line (REMOVE ME) from /etc/sysconfig/freshclam file to active…

# tail /etc/sysconfig/freshclam
## ‘disabled-warn’  …  disables the automatic freshclam update and
##                         gives out a warning
## ‘disabled’       …  disables the automatic freshclam silently
# FRESHCLAM_DELAY=

### !!!!! REMOVE ME !!!!!!
### REMOVE ME: By default, the freshclam update is disabled to avoid
### REMOVE ME: network access without prior activation
FRESHCLAM_DELAY=disabled-warn    # REMOVE ME

run clamd manually for testing purposes

#/usr/sbin/clamd -c /etc/clamd.d/scan.conf –nofork=yes
ERROR: Please define server type (local and/or TCP)

Himm.. We need to define server type. I suggest to use socket option.

Comment out the following line in /etc/clamd.d/scan.conf

#LocalSocket /var/run/clamd.scan/clamd.sock

to

LocalSocket /var/run/clamd.scan/clamd.sock

Enable on startup

# systemctl  enable clamd@scan
ln -s ‘/usr/lib/systemd/system/clamd@scan.service’ ‘/etc/systemd/system/multi-user.target.wants/clamd@scan.service’

and start the service, check the status

# systemctl  start clamd@scan
# systemctl  status clamd@scan
clamd@scan.service – Generic clamav scanner daemon
   Loaded: loaded (/usr/lib/systemd/system/clamd@scan.service; enabled)
   Active: active (running) since Mon 2015-01-05 14:45:08 EET; 3s ago
 Main PID: 13588 (clamd)
   CGroup: /system.slice/system-clamd.slice/clamd@scan.service
           └─13588 /usr/sbin/clamd -c /etc/clamd.d/scan.conf –nofork=yes

Jan 05 14:45:08 Centos7-min systemd[1]: Started Generic clamav scanner daemon.
Jan 05 14:45:08 Centos7-min clamd[13588]: clamd daemon 0.98.5 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Jan 05 14:45:08 Centos7-min clamd[13588]: Running as user clamscan (UID 995, GID 994)
Jan 05 14:45:08 Centos7-min clamd[13588]: Log file size limited to 1048576 bytes.
Jan 05 14:45:08 Centos7-min clamd[13588]: Reading databases from /var/lib/clamav
Jan 05 14:45:08 Centos7-min clamd[13588]: Not loading PUA signatures.
Jan 05 14:45:08 Centos7-min clamd[13588]: Bytecode: Security mode set to “TrustSigned”.

Run a test scan:

# clamdscan -c /etc/clamd.d/scan.conf /etc/hosts
/etc/hosts: OK

———– SCAN SUMMARY ———–
Infected files: 0
Time: 0.002 sec (0 m 0 s)

İsmail YENIGUL

Advertisements
Install clamav on Centos 7

Docker 101 – Part 1

docker-logo-loggedout

Docker 101  – Part 1

I will try to explain basic docker command on Centos 7 in this entry.

First, let’s talk about a little bit docker terms.

Docker is an open-source project that automates the deployment of applications inside software containers. Containers are like lightweight VMs

Docker image: a read-only Layer is called an image and a image never changes

Docker container: an instance of the image. In other words, container is a running

Docker Hub Registry:A public registry maintained by Docker. You can see the list of the repositories and dockerfiles from https://registry.hub.docker.com/

Dockerfile: A text file that contains all the commands you would normally execute manually in order to build a Docker image. It is like a Makefile. Example dockerfiles for mongodb can be seen at https://registry.hub.docker.com/_/mongo/

Install docker

Docker is included by default in the CentOS-Extras repository(64 bit only). To install run the following command.

# yum install docker

Run the docker daemon and enable at startup

# service docker start
Redirecting to /bin/systemctl start  docker.service

# chkconfig docker on
Note: Forwarding request to ‘systemctl enable docker.service’.
ln -s ‘/usr/lib/systemd/system/docker.service’ ‘/etc/systemd/system/multi-user.target.wants/docker.service’

You can use pull parameter to download an image or a repository from a Docker registry server.

As an example, the following command will pull the mongodb listed at https://registry.hub.docker.com/u/dockerfile/mongodb/

# docker pull dockerfile/mongodb
Pulling repository dockerfile/mongodb
0980bbd7909c: Pulling dependent layers
0980bbd7909c: Pulling image (latest) from dockerfile/mongodb

PS: This article was not finished yet.

Docker 101 – Part 1