chun 2016-10-24 10:46
[ 轉貼]EMOS 1.6 64位里YUM 升级CLAMAV到0.99.2
http://www.extmail.org/forum/viewthread.php?tid=25355<br>1.更新CLAMAV:、<br>
a) 配置YUM源:<a href="http://blog.51yip.com/linux/1337.html" target="_blank">http://blog.51yip.com/linux/1337.html</a><br>
i. rpm -ivh <a href="http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm" target="_blank">http://dl.fedoraproject.org/pub/ ... ease-6-8.noarch.rpm</a><br>
ii. rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6<br>
iii. yum install yum-priorities<br>
b) 更新CLAMAV<br>
i. /etc/init.d/clamad stop /etc/init.d/postfix stop<br>
ii. Yum install clamav<br>
iii. 可能在更新前需要先更新:zlib 方法:yum -y install zlib zlib-devel <br>
iv. 如果不想用这个YUM源了,则到/etc/yum.repos.d/将:vim epel.repo里<span href="http://www.extmail.org/forum/tag.php?name=%E7%9A%84" class="t_tag">的</span>enabled=1改成enabled=0就行了<br>
v. 如果还是无法yum安装,则检查:<br>
vi. 文件“/etc/yum.repos.d/epel.repo”, 将baseurl的注释取消, mirrorlist注释掉。即可。再次执行Yum install ClamAV命令<br>
参考:<a href="http://www.linuxidc.com/Linux/2015-05/117932.htm" target="_blank">http://www.linuxidc.com/<span href="http://www.extmail.org/forum/tag.php?name=Linux" class="t_tag">Linux</span>/2015-05/117932.htm</a><br>
vii. 执行<span href="http://www.extmail.org/forum/tag.php?name=freshclam" class="t_tag">freshclam</span>提示出错:<br>
[<span href="http://www.extmail.org/forum/tag.php?name=root" class="t_tag">root</span>@<span href="http://www.extmail.org/forum/tag.php?name=mail" class="t_tag">mail</span> ~]# freshclam<br>
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).<br>
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).<br>
<span href="http://www.extmail.org/forum/tag.php?name=%E8%A7%A3%E5%86%B3" class="t_tag">解决</span>:<br>
[root@mail log]# chown clamav.clamav /var/log/clamav/<br>
[root@mail clamav]# /etc/init.d/clamd restart<br>
Stopping Clam AntiVirus Daemon: [FAILED]<br>
ERROR: LOCAL: Socket file /var/run/clamav/clamd.sock could not be bound: Permissiondenied<br>
[FAILED]<br>
解决:<br>
[root@mail clamav]# chown clamav.clamav /var/run/clamav/<br>
执行:<br>
[root@mail clamav]# freshclam<br>
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).<br>
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).<br>
如果还提示,那么请将/var/log/clamav/之前的文件全部删掉,然后重启clamav后会重建<span href="http://www.extmail.org/forum/tag.php?name=%E6%97%A5%E5%BF%97" class="t_tag">日志</span>,更新日志时也会建立clamav的更新日志。<br>
<br>
viii. 如果设置正确的话,可以在系统中新建<a href="mailto:virusalert@XXX.COM">virusalert@XXX.COM</a>为名字的账户,拦截到的病毒<span href="http://www.extmail.org/forum/tag.php?name=%E9%82%AE%E4%BB%B6" class="t_tag">邮件</span>会转到这个账户里,<span href="http://www.extmail.org/forum/tag.php?name=%E6%B5%8B%E8%AF%95" class="t_tag">测试</span>病毒文件可以用:Eicar-Test-Signature,可以直接<span href="http://www.extmail.org/forum/tag.php?name=%E4%B8%8B%E8%BD%BD" class="t_tag">下载</span>一个作为<span href="http://www.extmail.org/forum/tag.php?name=%E9%99%84%E4%BB%B6" class="t_tag">附件</span>测试。<br>
c) 问题与解决:<br>
i. PID错误:<br>
1. vim /var/log/clamav/clamd.log发现错误:ERROR: Can't unlink the pid file /var/run/clamav/clamd.pid<br>
2. 解决:<a href="http://wenku.baidu.com/link?url=nDDShFTcJNw5ASzfEZaewPv1PSwOxZpXprVBBPurty1PVnBxfgp9O5y4tuzgpPgO_x-z_9B-gEXqtLoYwWQfaw6Kc0O3t1LH2gDCBsHkd77" target="_blank">http://wenku.baidu.com/link?url= ... c0O3t1LH2gDCBsHkd77</a><br>
[root@mail clamav]# chown clamav.clamav /var/run/clamav/<br>
[root@mail clamav]# /etc/init.d/clamd restart<br>
Stopping Clam AntiVirus Daemon: [ OK ]<br>
Starting Clam AntiVirus Daemon: [ OK ]<br>
<br>
ii. 定时更新病毒库和杀毒:<br>
每天晚上定时跟新和定时杀毒。保存杀毒日志,crontab -e<br>
1 3 * * * /usr/bin//freshclam<br>
20 3 * * * /usr/bin/clamscan -r /home --remove -l /var/log/clamscan.log<br>
iii. <br>
iv. 参考网站:<br>
<a href="http://linuxguest.blog.51cto.com/195664/199632/" target="_blank">http://linuxguest.blog.51cto.com/195664/199632/</a> 包括注释Example与自动更新扫描等信息<br>
[root@mail /]# rpm -qa |grep clamav<br>
clamav-0.99-3.el6.x86_64<br>
clamav-db-0.99-3.el6.x86_64<br>
clamav-devel-0.99-3.el6.x86_64<br>
[root@mail /]#
<br>