ClamAV AntiVirus
Views:
For a detailed page on installing and configuring ClamAv from source, see Email Server/ClamAv
This is a FLOSS antivirus scanner which was setup on ares to scan the files uploaded by users. It is not used to protect ares but rather to protect users from each other.
clamd runs as a service in modes 3 and 5, it provides a kind of proxied access to the antivirus definitions database for /usr/bin/clamscan. clamscan obviously does the scanning.
freshclam (another daemon) gets the definition updates and is set to call home once an hour.
Configuration is stored in /etc/clamav.conf
Some changes were made to the default configuration to make it play nice with amavisd-new
- Disable TCPSocket
- Enable LocalSocket
- AllowAleternativeGroups
The services run as the clamav user account
Moodle and rug up
The clamav software is frequently updated. freshclam only deals with virus definitions, running "rug up" will check/download/install any updates for the software.
Moodle uses clamav to scan upload files, however it's a bit flakey and only works if the clamscan binary is in the moodle directory. This means that whenever clamav is updated, the new clamscan binary must be copied from /usr/bin/clamscan to /srv/www/moodle/clamscan
