Installing precompiled binaries

You can find precompiled binaries at http://www.clamav.net/binary.html and you may wish to use these if you have doubts about compiling the package from source. This is recommended for users who are not familiar with building packages.

Downloading the source on Linux

If you do not know how to download and extract a source tarball, take the time to find out using a search engine like 'Google'. It is well worth the investment.

Briefly, the steps involved are

Decide which version of the package you want to use. Most people will want to use the latest stable version but some like to live closer to the edge...

Download the package and the accompanying signature file.

Ensure that the download is authentic, for example 'gpg --verify clamav-x.xx.x.tar.gz.sig'.

Extract the source into a directory of your choice, for example 'tar xzvf clamav-x.xx.x.tar.gz'.

Read the installation documentation and follow the instructions for building the package. You may need to download and install other packages first.

Building from source on Linux

The documentation will be found in the 'docs' sub-directory if you have downloaded and extracted the source tarball. It is supplied in several different formats. Read it through thoroughly first, because if you simply follow along the steps you may miss something important such as creating a new user for a new ClamAV system. ClamAV has some particular requirements without which it cannot be built, please see the section entitled 'Installation'.

The build process on systems like Linux is outlined briefly below. This sequence of steps (with occasional variations) will become very familiar to you if you become accustomed to building packages from source. You should do the steps up to and including the first 'make' command as an ordinary unprivileged user and normally only become the 'root' user when you need to do the 'make install' step and restart any daemons. Of course if you need to add a user to the system, root privileges are required. This will be the case for a new ClamAV installation. Drop root privileges after creating the new ClamAV user and proceed as below.

• cd ~/source_directory/clamav-a.bb.c/
• ./configure
• make
• su -
• cd /home/username/source_directory/clamav-a.bb.c/
• make install
• restart daemons if appropriate
exit

The first step, './configure' runs a shell script to prepare the source tree for building on your system. You need to run this script from within the clamav source directory. It checks many features which are required and will abort with an error message if something which is necessary is missing from your system, or too old. At this stage warnings may be given if features in the package cannot be used, for example because the bzip2 library is not found. A large volume of text scrolls past on the screen during the './configure' process and some people like to use a means of recording it so that they can look at it later, for example the 'script' utility. A 'Makefile' (often more than one) and a log file called 'config.log' are written by the './configure' script, you may find it useful to read them later. By default, the './configure' step prepares the installation process to place binaries under /usr/local/bin, configuration files under /usr/local/etc and the database under /usr/share/clamav. Advanced users will often have their own views about where components should be installed on their systems. This information is in the Makefile.

The second step, 'make', actually builds the package. The bulk of the work is done by the C compiler, 'make' is just the program that calls it. If all went well during the './configure' step you should see no errors from the compiler, although you may see warnings about things that the compiler considers dubious. You can safely ignore warnings but any errors will halt the build process and you must then find out what went wrong. It can sometimes be difficult but there is plenty of help available. Read 'How to ask questions the smart way' by Eric S. Raymond.

The third step is 'make install' and places the components which were built at the 'make' step into areas of the system which cannot be altered by an unprivileged user. For this reason the third step is preceded by becoming the 'root' user. Obviously you need the root password to do this. When you run 'make install', existing binaries are overwritten but any existing configuration files are not. Configuration files may need attention, for example to make use of new features or to remove obsolete options. If configuration files have been updated in the new package, some people like to compare them with their existing configuration files using a utility like 'diff'.

Finally, if you are using daemons, after installing a new version of ClamAV you must restart them so that the new binaries are used. Also be aware that there have in the past been changes in the locations or names of components in the filesystem. This may make it necessary to delete old libraries or binaries which may not have been overwritten during the installation process so that they cannot be used by accident. Renamed or moved configuration files should not pose such problems but should be archived and removed for the sakes of easy maintenance, clarity and tidiness.

If the build process goes wrong

The simplest way to start again is to delete .../source_directory/clamav-x.xx.x/ in its entirety and extract it again from the tarball. You can try instead to use fancy features like 'make clean' and even 'make distclean' but they're sometimes not implemented and you never really know what they've done. This is especially true if you're new to it all and therefore, unless you're very exceptional, confused by it. If you find that you can't remove a directory that you created, it may be that you did one of the build steps as the 'root' user instead of as an ordinary unprivileged user. Some systems are more picky than others about permissions.

Note:

Beginning with release 0.80 the configuration file for clamd is no longer called clamav.conf, it is called clamd.conf now.

The option StreamSaveToDisk^? is no longer recognized, please remove it from your configuration file if you have it.

A new, very useful option has been added to freshclam: DNSDatabaseInfo^?. It allows freshclam to check for new database releases with a single DNS query. To use it, add the following line to the freshclam configuration file (usually installed under /etc/clamav or /usr/local/etc):

DNSDatabaseInfo^? current.cvd.clamav.net

Then run

freshclam -v

from the command line to verify that everything is working properly. You should see the following lines, amonst others:

main.cvd version from DNS: 27

daily.cvd version from DNS: 568

Clamav-milter

Starting clamav 0.86.2 you must provide the --timeout 0 option when using the internal scanner (which is the default). Otherwise clamav-milter will abort with: --timeout must not be given if --external is not given

Distro specific info

Remark for debian sarge package users: You can upgrade to 0.80 without any problems. The upgrade-scripts rename the configuration file and remove StreamSaveToDisk^? as required. On all our systems this worked flawlessly. No problems. Great work.

Specific issues with third-party software:

If you are using exiscan, before upgrading to ClamAV 0.80 you need to upgrade to exiscan-acl-21 or later.

What is the recommended procedure to update ClamAV installed from sources?

This is the procedure suggested by a user:

Preserve the previous build for fall-back purposes

1. Download the source for the version of interest

2. read the documentation for build changes

3. create a configure/make script (for repeatability - mine has my chosen options in it)

4. examine the new conf files for interesting entries

5. make backup copies of conf files from previous version

6. stop clamav procs

7. rm -f /usr/local/lib/*clam* (to remove old libraries)

8. make install

9. check again conf files - adjust as needed for new version

10. restart clamav processes

If you run

make -n instal

you will be shown what make would do in an install and where things will be put. This will tell you what you need to remove.

OpenBSD^?

See http://wiki.clamav.net/index.php/UpgradeOpenBSD

FreeBSD^? Notes

FreeBSD^? users please note that there is a well-maintained port in /usr/ports/security/clamav/ that you can use to stay current. Sample configs will be placed in /usr/local/etc/clamd.conf.default and freshclam.conf.default. On upgrading, you can look in these samples for any new config parameters/defaults.

You can see any important changes (like the recent change of storing the db; was /usr/local/share/clamav, now is in /var/db/clamav/) at the freshports.org site:

http://www.freshports.org/security/clamav

You can view the old parameters passed to './configure' of previous versions of Clam with:

vi /path/to/old/clam/version/config.log

Note: Clam version 0.80 'make install' does not copy a new 'freshclam.conf' to the application 'etc' dir (by default: '/usr/local/etc/') and you won't be able to enjoy the new DNSDatabaseInfo^? feature (see above). resolve this by creating a backup of the old 'freshclam.conf' file, then copy the new config file to the 'etc' dir and edit it manually:

cp /usr/local/etc/freshclam.conf /usr/local/etc/freshclam.config.old

cp /path/to/new/clam/version/etc/freshclam.conf /usr/local/etc/

vi /usr/local/etc/freshclam.conf

Maayan Turner, QBall Technologies Ltd. maayan!atqballtech!dotnet

I upgraded from 0.73. I had to change my startup scripts and amavis scripts to point to /usr/local/sbin/clamd instead of /usr/local/bin/clamd.

I use Debian stable Woody 3.0 with homemade backports of clamav from unstable sources.

Clamav is daemonized and called by amavisd-new (20030616p10-4)

On upgrade from clamav 0.7 to 0.8 I experienced this problem, after upgrade I got for every mail an error:

Clam Antivirus-clamd FAILED - unknown status: /var/lib/amavis/amavis-1234/parts: Access denied. ERROR\n WARN: all primary virus scanners failed, considering backups TROUBLE in check_mail: virus_scan FAILED: ALL VIRUS SCANNERS FAILED: PRESERVING EVIDENCE in /var/lib/amavis/amavis-1234

Note: in amavis I've not configured clam as a secondary antivirus from command line, and I've no other av scanners

The problem was due to permission on spooled mail into /var/lib/amavis : ownership amavis:amavis and permission 750 Clamd 0.7 run as root while 0.8 run as clamav user, so it cannot read anymore mail spooled by amavis

Solution: put clamav into group amavis, restart clamd and amavis, check if mail is processed correctly Note: I use postfix and no mail was lost for this problem, it simply retried the queues when clamav and amavis where restarted

Massimiliano Ferrero, Midhgard srl, m dot ferrero at midhgard dot it

After doing usermod -G amavis clamav, you may also need to add Allow Supplementary Groups to /etc/clamav/clamd.conf.

-- LucaGibelli - 04 Feb 2007

---

</center-->