ClamXav

Build Your Own Engine

This information is not relevant to the Mac App Store version of ClamXav.

Although ClamXav comes with a bundled version of the ClamAV scanning engine, you are not obliged to use it; you can configure, build and install your own version.

Before attempting to follow these instructions, you will need to have Apple's Developer Tools installed. You can find these on the installation disk which comes with Mac OS X, but you would be better to download the most recently available version direct from Apple. For that, you will require a free developer account. Sign up and download the Xcode developer tools from the Mac Dev Center.

Next, you need to download the source code from the ClamAV project page. I suggest downloading the current stable release, not one of the Release Candidates (RC) as they are, by definition, incomplete.

After unpacking the archive, the next step is to edit the freshclam.conf file. After that, if you're using Mac OS X prior to 10.4 (Tiger), you'll need to create a new ClamAV user and group. Next, we go through the familiar process of "configure", "build", "install". Finally, you must set the appropriate permissions on the ClamAV install location.

Editing conf files

ClamXav Sentry makes use of the "clamd" daemon and clamdscan as a means of greatly improving the speed and efficiency of background scanning. In order to make use of this feature, you must edit clamav-X.XX/etc/clamd.conf and remove the word "Example" wherever you see it in that file. You must also enable LocalSocket and specify a path for the socket file. The default path is sufficient, but you must enable it by removing the hash (#) character from the start of the line. You may, of course, make any further changes you need.

You must also edit clamav-X.XX/etc/freshclam.conf to remove any lines starting with "Example" and to set up any country specific settings such as DatabaseMirror. You also need to make freshclam notify the clamd process after performing a definitions update; this is done by configuring the NotifyClamd setting and giving it the path to where clamd.conf will be found after installation.

Creating the ClamAV User & Group

DO NOT PERFORM THIS STEP IF YOU USE OS X 10.4.x (TIGER) or later
Prior to installing, you need to create a 'clamav' user (without log on or shell capability, for security reasons). If you do not do this step, you will not be able to check for updates to the virus definition database and in fact may not be able to compile the code. The following commands must all be run with root privileges.

niutil -create . /users/clamav niutil -createprop . /users/clamav uid 82 niutil -createprop . /users/clamav gid 82 niutil -createprop . /users/clamav home /var/virusmails niutil -createprop . /users/clamav shell /sbin/nologin niutil -createprop . /users/clamav passwd "*" niutil -createprop . /users/clamav _writers_passwd clamav niutil -createprop . /users/clamav expire 0 niutil -createprop . /users/clamav name clamav niutil -createprop . /users/clamav realname "Clamav User" niutil -createprop . /users/clamav change 0 niutil -create . /groups/clamav niutil -createprop . /groups/clamav realname "SPAM Assassin Group 1" niutil -createprop . /groups/clamav name clamav niutil -createprop . /groups/clamav passwd "*" niutil -createprop . /groups/clamav gid 82 niutil -createprop . /groups/clamav smb_sid "S-1-5-21-183" niutil -createprop . /groups/clamav generateduid "ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000052" I have to admit that I'm not sure about smb_sid and generateduid. Best to check those values don't exist in NetInfo Manager first

Configure, Compile, Install

While in the clamav-X.XX source directory, perform the following actions. You need to be using the bash shell if you want to copy and paste the following commands. If not, you'll need to change them to suit:

CC="/usr/bin/gcc-4.2" CXX="/usr/bin/g++-4.2"
CFLAGS="-O2 -g -D_FILE_OFFSET_BITS=64"
CXXFLAGS="-O2 -g -D_FILE_OFFSET_BITS=64"
./configure --disable-dependency-tracking --enable-llvm --enable-clamdtop --with-user=_clamav --with-group=_clamav --prefix=/usr/local/clamXav
make
sudo make install

Each of the three commands above should be entered on one line.
Note, versions of Mac OS X prior to 10.5 do not support gcc 4.2, so you will need to change the commands above from gcc-4.2 to gcc, from g++-4.2 to g++ and -O2 to -O0. Even then, I don't know if it will work correctly, so be sure to run clamscan over the clamav-X.XX/test directory after you install.

Set Appropriate Permissions

The ClamAV directories need special permissions before you can run either clamscan or freshclam.

chown -R root:wheel /usr/local/clamXav/etc
chmod 0775 /usr/local/clamXav/etc
chmod 0664 /usr/local/clamXav/etc/*
chown -R root:wheel /usr/local/clamXav/bin
chmod -R 0755 /usr/local/clamXav/bin
chown clamav /usr/local/clamXav/bin/freshclam
chmod u+s /usr/local/clamXav/bin/freshclam
chown -R clamav:clamav /usr/local/clamXav/share/clamav
chmod 0775 /usr/local/clamXav/share/clamav
chmod 0664 /usr/local/clamXav/share/clamav/*
chown -R clamav:clamav /usr/local/clamXav/share/clamav/daily*
chmod -R a+r /usr/local/clamXav/share/clamav/daily*
chown -R clamav:clamav /usr/local/clamXav/share/clamav/main*
chmod -R a+r /usr/local/clamXav/share/clamav/main.*

Custom Install Location

If you changed the install location (--prefix flag) during the configure phase, you'll need to tell ClamXav where to find your custom build. You can do this in the terminal by typing:
defaults write uk.co.markallan.clamXav PathToClamav <install_prefix>

Optionally, you may also set a specific path for the freshclam log file. The default with a custom installation will be /tmp/freshclam.log, which you can change with the following command:
defaults write uk.co.markallan.clamXav PathToUpdateLog </path/to/freshclam.log>

For ClamXav to function correctly, the log file should be world readable (or at least readable by you) and writable by the clamav user.

The Free Anti-Virus Solution for Mac OS X