Ubuntu – How to schedule ClamAv to perform a daily scan

15.10antivirusbashclamav

I want to schedule a daily scan in my Home directory using ClamAv.
Can anybody explain me how to perform such task using a bash script?
I don't need to scan mails, just Home directory and maybe other directories.
Thank you

P.s.: I don't really need it, but is there a way to perform a scan on the whole pc?

Best Answer

I would use cron for this instead of strictly using bash. In the directory /etc/cron.daily/ create a small script clamavscan.sh that looks like:

#!/bin/sh
clamscan /home/username/

Then be sure to make the script executable with chmod +x clamavscan.sh. This should run the clamscan of your home directory once daily at 6:25 (as you can see in the file /etc/crontab).

To have ClamAV scan you entire machine, you should just be able to run clamscan /, although this might require root privileges to really scan everything.

Related Solutions

Ubuntu – Why can’t clamdscan scan anything

Elsewhere, I've seen that AppArmor or SELinux can cause problems for clamdscan.

If you run sudo aa-complain clamd and the re-scan works, that's probably your issue. (Be sure to re-enable it with sudo aa-enforce clamd.)

To temporarily disable SELinux, which I haven't run on Ubuntu, you can try echo 0 > /selinux/enforce . We can follow up with that if you're running SELinux.

update: Here's a very interesting thread from launchpad: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/450250 . I would follow Jamie Strandboge's comments there to eliminate AppArmor profiles as the culprit.

If these aren't applicable the hack that springs to mind is piping a directory to standard output via tar, and feeding that into clamdscan (which is a variation on what you've mentioned for a single file). I think that would look something like :

 tar -cvf --to-stdout /somedirectory | clamdscan -

You should be able to get the most recent packaged version of clamav from the Ubuntu Clamav team from their ppa : https://launchpad.net/~ubuntu-clamav/+archive/ppa

Also, from the ClamAV site: "If you are going to submit a bug report, always check it against the latest development code ." (Assuming you haven't already done this) You'll have to pull that code manually from their Git repository and compile it.

For bug reporting on the Ubuntu packages, please see http://askubuntu.com...how-do-i-report-a-bug .

=======

One thing to note, is that as far as I can tell, it is clamscan and not clamdscan which is supposed to just work unproblematically in your home directory.

Ubuntu presents some possible complication (with the very desirable security increase) by having apparmor turned on by default.

(clamdscan requires the clamav daemon to be running -- clamscan, more of an ad-hoc user-oriented package, does not. With the additional features of clamdscan/clamd, there is added complexity overhead.)

Yet, against that, the bug for clamdscan and apparmor mentioned in the bug from this post should have been corrected by the time of the current package.

Updated attempts to reproduce and resolve

I don't think I can completely reproduce your environment or control for user error (definitely mine and possibly yours), however I've reproduced what I think is the same issue under the same version of clamav you have.

Additionally, I've downloaded the latest code from the git repository, compiled and installed it, and still have the issue.

I don't have SELinux, but I do have AppArmor. Have I correctly accounted for that? I'm not 100%. I still get the permission denied errors after turning off AppArmor though.

=======

Security – How to Scan for Viruses with ClamAV

Terminal

At first you have to update the virus definitions with:

sudo freshclam

Then you can scan for viruses.

clamscan OPTIONS File/Folder

If necessary start with root permissions: sudo clamscan.

Examples:

To check all files on the computer, displaying the name of each file:
```
clamscan -r /
```
To check all files on the computer, but only display infected files and ring a bell when found:
```
clamscan -r --bell -i /
```
To scan all files on the computer but only display infected files when found and have this run in the background:
```
clamscan -r -i / &
```
Note - Display background process's status by running the jobs command.
To check files in the all users home directories:
```
clamscan -r /home
```
To check files in the USER home directory and move infected files to another folder:
```
clamscan -r --move=/home/USER/VIRUS /home/USER
```
To check files in the USER home directory and remove infected files (WARNING: Files are gone.):
```
clamscan -r --remove /home/USER
```
To see more options:
```
clamscan --help
```

See:

Latest documentation: PDF | HTML
ClamAV official Wiki
Ubuntu Wiki

Graphical User Interface: ClamTK

ClamTk is a frontend for ClamAV. You can install it via Terminal with:

sudo apt-get install clamtk

You can get the latest version from Bitbucket as Debian package.

There is also a PPA (Outdated):

sudo apt-add-repository ppa:landronimirc/clamtk
sudo apt-get update && sudo apt-get install clamtk

clamtk screenshot

Scan Menu: Here you can choose a file, folder or a device for scanning

clamtk scan menu screenshot

View Menu:

clamtk view menu screenshot

Quarantine Menu:

clamtk quarantine menu screenshot

Advanced Menu:

clamtk advanced menu screenshot

Help Menu: Here you can check for updates.

clamtk help menu screenshot