othman.suseno/calypso
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
alpha-v1.0.0
calypso/docs/alpha/components/clamav/ClamAV-Installation-Guide.md
Othman H. Suseno 7b91e0fd24 fix storage
2026-01-09 16:54:39 +00:00

103 lines
2.8 KiB
Markdown
Raw Permalink Blame History

# ClamAV Installation and Configuration Guide for Ubuntu 24.04
## 1. Introduction
This guide provides step-by-step instructions for installing and configuring ClamAV on Ubuntu 24.04. The configuration files will be moved to a custom directory: `/opt/calypso/conf/clamav`.
## 2. Installation
First, update the package lists and install the `clamav` and `clamav-daemon` packages.
```bash
sudo apt-get update
sudo apt-get install -y clamav clamav-daemon
```
## 3. Configuration File Migration
Create the new configuration directory and copy the default configuration files.
```bash
sudo mkdir -p /opt/calypso/conf/clamav
sudo cp /etc/clamav/clamd.conf /opt/calypso/conf/clamav/clamd.conf
sudo cp /etc/clamav/freshclam.conf /opt/calypso/conf/clamav/freshclam.conf
```
Change the ownership of the new directory to the `clamav` user and group.
```bash
sudo chown -R clamav:clamav /opt/calypso/conf/clamav
```
## 4. Systemd Service Configuration
Create override files for the `clamav-daemon` and `clamav-freshclam` services to point to the new configuration file locations.
### 4.1. clamav-daemon Service
```bash
sudo mkdir -p /etc/systemd/system/clamav-daemon.service.d
sudo bash -c 'cat > /etc/systemd/system/clamav-daemon.service.d/override.conf <<EOF
[Service]
ExecStart=
ExecStart=/usr/sbin/clamd --foreground=true --config-file=/opt/calypso/conf/clamav/clamd.conf
EOF'
```
### 4.2. clamav-freshclam Service
```bash
sudo mkdir -p /etc/systemd/system/clamav-freshclam.service.d
sudo bash -c 'cat > /etc/systemd/system/clamav-freshclam.service.d/override.conf <<EOF
[Service]
ExecStart=
ExecStart=/usr/bin/freshclam -d --foreground=true --config-file=/opt/calypso/conf/clamav/freshclam.conf
EOF'
```
Reload the systemd daemon to apply the changes.
```bash
sudo systemctl daemon-reload
```
## 5. AppArmor Configuration
By default, AppArmor restricts ClamAV from accessing files outside of its default directories. You need to create local AppArmor override files to allow access to the new configuration directory.
### 5.1. freshclam AppArmor Profile
```bash
sudo echo "/opt/calypso/conf/clamav/freshclam.conf r," > /etc/apparmor.d/local/usr.bin.freshclam
```
### 5.2. clamd AppArmor Profile
```bash
sudo echo "/opt/calypso/conf/clamav/clamd.conf r," > /etc/apparmor.d/local/usr.sbin.clamd
```
You also need to grant execute permissions to the parent directory for the clamav user to be able to traverse it.
```bash
sudo chmod o+x /opt/calypso/conf
```
Reload the AppArmor profiles to apply the changes.
```bash
sudo systemctl reload apparmor
```
## 6. Starting and Verifying Services
Restart the ClamAV services and check their status to ensure they are using the new configuration file.
```bash
sudo systemctl restart clamav-daemon clamav-freshclam
sudo systemctl status clamav-daemon clamav-freshclam
```
You should see that both services are `active (running)`.
Reference in New Issue View Git Blame Copy Permalink