othman.suseno/calypso
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7b91e0fd24e9e7837f924c11be772043d67e9d53
calypso/docs/alpha/components/clamav/ClamAV-Installation-Guide.md
Othman H. Suseno 7b91e0fd24 fix storage
2026-01-09 16:54:39 +00:00

2.8 KiB
Raw Blame History

ClamAV Installation and Configuration Guide for Ubuntu 24.04

1. Introduction

This guide provides step-by-step instructions for installing and configuring ClamAV on Ubuntu 24.04. The configuration files will be moved to a custom directory: /opt/calypso/conf/clamav.

2. Installation

First, update the package lists and install the clamav and clamav-daemon packages.

sudo apt-get update
sudo apt-get install -y clamav clamav-daemon

3. Configuration File Migration

Create the new configuration directory and copy the default configuration files.

sudo mkdir -p /opt/calypso/conf/clamav
sudo cp /etc/clamav/clamd.conf /opt/calypso/conf/clamav/clamd.conf
sudo cp /etc/clamav/freshclam.conf /opt/calypso/conf/clamav/freshclam.conf

Change the ownership of the new directory to the clamav user and group.

sudo chown -R clamav:clamav /opt/calypso/conf/clamav

4. Systemd Service Configuration

Create override files for the clamav-daemon and clamav-freshclam services to point to the new configuration file locations.

4.1. clamav-daemon Service

sudo mkdir -p /etc/systemd/system/clamav-daemon.service.d
sudo bash -c 'cat > /etc/systemd/system/clamav-daemon.service.d/override.conf <<EOF
[Service]
ExecStart=
ExecStart=/usr/sbin/clamd --foreground=true --config-file=/opt/calypso/conf/clamav/clamd.conf
EOF'

4.2. clamav-freshclam Service

sudo mkdir -p /etc/systemd/system/clamav-freshclam.service.d
sudo bash -c 'cat > /etc/systemd/system/clamav-freshclam.service.d/override.conf <<EOF
[Service]
ExecStart=
ExecStart=/usr/bin/freshclam -d --foreground=true --config-file=/opt/calypso/conf/clamav/freshclam.conf
EOF'

Reload the systemd daemon to apply the changes.

sudo systemctl daemon-reload

5. AppArmor Configuration

By default, AppArmor restricts ClamAV from accessing files outside of its default directories. You need to create local AppArmor override files to allow access to the new configuration directory.

5.1. freshclam AppArmor Profile

sudo echo "/opt/calypso/conf/clamav/freshclam.conf r," > /etc/apparmor.d/local/usr.bin.freshclam

5.2. clamd AppArmor Profile

sudo echo "/opt/calypso/conf/clamav/clamd.conf r," > /etc/apparmor.d/local/usr.sbin.clamd

You also need to grant execute permissions to the parent directory for the clamav user to be able to traverse it.

sudo chmod o+x /opt/calypso/conf

Reload the AppArmor profiles to apply the changes.

sudo systemctl reload apparmor

6. Starting and Verifying Services

Restart the ClamAV services and check their status to ensure they are using the new configuration file.

sudo systemctl restart clamav-daemon clamav-freshclam
sudo systemctl status clamav-daemon clamav-freshclam

You should see that both services are active (running).