To create individual clamd-instance take the following files and modify/copy them in the suggested way:clamd.conf:
- set LogFile, PidFile, LocalSocket and User to suitable values
- place this file into /etc/clamd.d with an unique service-name; e.g. as /etc/clamd.d/<SERVICE>.conf
To make logfile rotation work properly, the LogFile should be writable for the assigned User. Recommended way to reach this, is to:
- make it owned by the User’s group
- assign at least 0620 (u+rw,g+w) permissions
A suitable command might be | # touch <logfile> | # chgrp <user> <logfile> | # chmod 0620 <logfile>
NEVER use ‘clamav’ as the user since he can modify the database. This is the user who is running the application; e.g. for mimedefang (https://www.roaringpenguin.com/products/mimedefang), the user might be ‘defang’.Theoretically, distinct users could be used, but it must be made sure that the application-user can write into the socket-file, and that the clamd-user can access the files asked by the application to be checked.
clamd.logrotate:
- set the correct value for the logfile
- place it into /etc/logrotate.d
clamd.sysconfig:
- set the name of the config-file and the local socket
- copy it to /etc/sysconfig/clamd.<SERVICE>
clamd.init:
- set the service-name
- place it into /etc/init.d/ with an unique name and activate it (e.g. with /sbin/chkconfig clamd.<SERVICE> on)
Additionally, a symlink must be set to clamd in a way like | # ln -s clamd /usr/sbin/clamd.<SERVICE> and the directory for the socket file must be created (see ‘LocalSocket’ in clamd.conf) | # mkdir -p /var/run/clamd.<SERVICE>
This directory must be writable by the ‘User’ chosen in the config-file.
[Disclaimer: this file and the script/configfiles are not part of the official clamav package.
Please send complaints and comments to mailto:enrico.scholz@informatik.tu-chemnitz.de!]