Skip to main content.

Introduction

In order to configure and build your own ClamAV engine, you'll first need to download the source code from the ClamAV project page. I suggest downloading the current stable release, not one of the Release Candidates (RC) as they are, by definition, incomplete.

After unpacking the archive, the next step is to edit the freshclam.conf file. After that, if you're using Mac OS X prior to 10.4 (Tiger), you'll need to create a new ClamAV user and group. Next, we go through the familiar process of "configure", "build", "install". Finally, you must set the appropriate permissions on the ClamAV install location.

^ TOP

Editing freshclam.conf (and clamd.conf)

File: clamav-X.XX/etc/freshclam.conf where clamav-X.XX is the clamav source code directory.
Make sure these three lines are in there somewhere and do not have a hash character # in front of them.
   DatabaseMirror database.clamav.net
   MaxAttempts 3
   Checks 12

ClamXav Sentry is capable of using the "clamd" daemon and clamdscan as a means of greatly improving the speed and efficiency of background scanning. In order to make use of this feature, you must also edit clamav-X.XX/etc/clamd.conf and remove the word "Example" wherever you see it in that file. In ClamAV 0.85.1, it exists only on lines 2 and 8.

When launched, ClamXav Sentry will check to see if clamd is running. If it is, clamdscan will be used, otherwise clamscan will be used. This check is also performed whever you choose "Restart Scanning" from the menu.

If you're using clamd and clamdscan, you must remember to quit and relaunch clamd after you've updated virus definitions (or send it the RELOAD command). I'll implement this fully in due course but it's working now for the unix-savvy people!

^ TOP

Creating the ClamAV User & Group

DO NOT PERFORM THIS STEP IF YOU USE OS X 10.4.x (TIGER) or later
Prior to installing, you need to create a 'clamav' user (without log on or shell capability, for security reasons). If you do not do this step, you will not be able to check for updates to the virus definition database and in fact may not be able to compile the code. The following commands must all be run with root privileges.

   niutil -create . /users/clamav
   niutil -createprop . /users/clamav uid 82
   niutil -createprop . /users/clamav gid 82
   niutil -createprop . /users/clamav home /var/virusmails
   niutil -createprop . /users/clamav shell /sbin/nologin Apple set this to /bin/tcsh in Tiger which to me is a security issue. Any comments?
   niutil -createprop . /users/clamav passwd "*"
   niutil -createprop . /users/clamav _writers_passwd clamav
   niutil -createprop . /users/clamav expire 0
   niutil -createprop . /users/clamav name clamav
   niutil -createprop . /users/clamav realname "Clamav User"
   niutil -createprop . /users/clamav change 0
   niutil -create . /groups/clamav
   niutil -createprop . /groups/clamav realname "SPAM Assassin Group 1"
   niutil -createprop . /groups/clamav name clamav
   niutil -createprop . /groups/clamav passwd "*"
   niutil -createprop . /groups/clamav gid 82
   niutil -createprop . /groups/clamav smb_sid "S-1-5-21-183"
   niutil -createprop . /groups/clamav generateduid "ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000052"
I have to admit that I'm not sure about smb_sid and generateduid. Best to check they don't exist in NetInfo Manager first

^ TOP

Configure, Compile, Install

While in the clamav-X.XX source directory, perform the following actions:
   ./configure --prefix=/usr/local/clamXav
   make
   sudo make install

^ TOP

Set Appropriate Permissions

The ClamAV directories need special permissions before you can run either clamscan or freshclam.

   sudo chown -R root:admin /usr/local/clamXav/etc
   sudo chmod 0775 /usr/local/clamXav/etc
   sudo chmod 0664 /usr/local/clamXav/etc/*
   sudo chown -R root:admin /usr/local/clamXav/bin
   sudo chmod 0755 /usr/local/clamXav/bin
   sudo chmod 0755 /usr/local/clamXav/bin/*
   sudo chown clamav /usr/local/clamXav/bin/freshclam
   sudo chmod u+s /usr/local/clamXav/bin/freshclam
   sudo chown -R clamav:clamav /usr/local/clamXav/share/clamav
   sudo chmod 0755 /usr/local/clamXav/share/clamav
   sudo chmod 0644 /usr/local/clamXav/share/clamav/*
   sudo touch /usr/local/clamXav/share/clamav/freshclam.log
   sudo chmod a+rw /usr/local/clamXav/share/clamav/freshclam.log

MacGeneral has written a script to automate this last step should you wish to build your own engine routinely. See this forum thread for more information.

^ TOP

Custom Install Location

If you have built your own copy ClamAV before downloading ClamXav, have it installed under a different directory location, and wish to continue using that, you have to choose "View Instructions" when first requested to install the engine. When the build instructions come up, put a tick in the box entitled "Don't show this again" and then click the "I'm using a newer version" button.

This is where it gets fiddly!

You must now open ClamXav's preferences which are stored in the Preferences folder of your home directory, and change the value of the User Defined clamav Path property to be the path to your ClamAV installation. This is usually whatever you set the --prefix= switch to when you configured ClamAV before building it.

NOTE: This is NOT the path to clamscan! If you have clamsan installed under /usr/bin/clamscan then you probably want to set this property's value to /usr

Remember to set the appropriate permissions as above.