Use at your own risk!
First uncomment the following lines of code in the first script at http://textsnippets.com/posts/show/1405:
# create further subdirectories if necessary ... #fi # #fi
Then save the file, start the script and enter the following:
You are going to create a system service agent account! Enter first name: clamavadmin Note: The last name is optional and defaults to "agent" if you just press <return>! Enter last name: Note: The user shell is optional and defaults to "/usr/bin/false" if you just press <return>! Enter user shell: /bin/bash Note: The home directory is optional and defaults to "/private/var/empty" if you just press <return>! Enter home directory: /private/var/clamavadmin System service agent account: clamavadmin successfully created! # test dscl . list /Groups GroupMembership dscl . -read /Users/clamavadmin dscl . -read /Groups/clamavadmin sudo ls -ld /private/var/clamavadmin sudo ls -l /private/var/clamavadmin/log/clamd.log sudo ls -ld /private/var/clamavadmin/tmp #sudo ls -l /private/var/clamavadmin/tmp/clamd # will be created later by man clamd sudo find /private/var/clamavadmin \( -type f -or -type d -or -type s \) -print0 | xargs -0 sudo ls -ldG # add clamavadmin to group admin and group $(logname) # add $(logname) to group clamavadmin sudo dscl . -append /Groups/admin GroupMembership clamavadmin sudo dscl . -append /Groups/$(logname) GroupMembership clamavadmin sudo dscl . -append /Groups/clamavadmin GroupMembership $(logname) #sudo dscl . -delete /Groups/admin GroupMembership clamavadmin #sudo dscl . -delete /Groups/$(logname) GroupMembership clamavadmin #sudo dscl . -delete /Groups/clamavadmin GroupMembership $(logname) # cf. http://textsnippets.com/posts/show/1402 dirmodes ~/Documents/ClamAV/Downloads/QueueDirectory # copy update_clamd_db.sh sudo cp /usr/local/sbin/update_clamd_db.sh /private/var/clamavadmin/update_clamd_db.sh sudo chown clamavadmin:clamavadmin /private/var/clamavadmin/update_clamd_db.sh sudo chmod 0750 /private/var/clamavadmin/update_clamd_db.sh ls -l /private/var/clamavadmin/update_clamd_db.sh # then change the following line in sudo nano /private/var/clamavadmin/update_clamd_db.sh /opt/local/bin/freshclam -u root # ... to read ... /opt/local/bin/freshclam -u clamavadmin # get an overview of your ClamAV file & folder permissions in /opt sudo find /opt \( -type f -or -type d \) -iregex ".*clam.*" -print0 | xargs -0 sudo ls -ldG # set new ClamAV file & folder permissions sudo find /opt \( -type f -or -type d \) -iregex ".*clam.*" -print0 | xargs -0 sudo chown clamavadmin:clamavadmin sudo find /opt \( -type f -or -type d \) -iregex ".*clam.*" -print0 | xargs -0 sudo chmod 0750 # reset permissions #sudo find /opt \( -type f -or -type d \) -iregex ".*clam.*" -print0 | xargs -0 sudo chown root:wheel #sudo find /opt \( -type f -or -type d \) -iregex ".*clam.*" -print0 | xargs -0 sudo chmod 0755 # test sudo find /opt \( -type f -or -type d \) -iregex ".*clam.*" -print0 | xargs -0 sudo ls -ldG sudo find /opt -not -user clamavadmin \( -type f -or -type d \) -iregex ".*clam.*" -print0 | xargs -0 sudo ls -ldG # then modify clamd.conf sudo nano /opt/local/etc/clamd.conf LogFileMaxSize 10M LogTime yes FixStaleSocket yes TCPAddr 127.0.0.1 MaxConnectionQueueLength 30 MaxThreads 20 ExitOnOOM yes ScanOLE2 yes # Microsoft Office documents and .msi files ScanPDF yes ArchiveMaxFileSize 100M ArchiveMaxCompressionRatio 0 #VirusEvent echo virus: %v >> /path/to/file.txt DatabaseDirectory /opt/local/share/clamav # hardcoded #LogFile /private/var/log/clamd.log #TemporaryDirectory /private/var/tmp #DatabaseDirectory /opt/local/share/clamav #LocalSocket /tmp/clamd #DatabaseDirectory /private/var/clamavadmin/share/clamav LogFile /private/var/clamavadmin/log/clamd.log TemporaryDirectory /private/var/clamavadmin/tmp LocalSocket /private/var/clamavadmin/tmp/clamd # modify net.clamav.clamd.plist sudo launchctl unload -w /Library/LaunchDaemons/net.clamav.clamd.plist 2>/dev/null sudo cp -p /Library/LaunchDaemons/net.clamav.clamd.plist /Library/LaunchDaemons/net.clamav.clamd.root-wheel sudo nano /Library/LaunchDaemons/net.clamav.clamd.plist <?xml version="1.0" encoding="UTF-8"?> DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.$"1.0"> sudo launchctl load -w /Library/LaunchDaemons/net.clamav.clamd.plist 2>/dev/null # modify net.clamav.update.clamd.db.plist sudo launchctl unload -w /Library/LaunchDaemons/net.clamav.update.clamd.db.plist 2>/dev/null sudo cp -p /Library/LaunchDaemons/net.clamav.update.clamd.db.plist /Library/LaunchDaemons/net.clamav.update.clamd.db.plist.root-wheel sudo nano /Library/LaunchDaemons/net.clamav.update.clamd.db.plist "1.0" encoding="UTF-8"?> "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.$ <plist version="1.0"> <dict> <key>Disabledkey> Disabled GroupName clamavadmin Label net.clamav.clamd ProgramArguments /opt/local/sbin/clamd -c /opt/local/etc/clamd.conf RunAtLoad UserName clamavadmin /> <key>GroupNamekey> clamavadmin< /string> <key>Labelkey>net.clamav.update.clamd.db< /string> <key>ProgramArgumentskey>/private/var/clamavadmin/update_clamd_db.shstring> </array> <key>RunAtLoadkey> /> <key>StartIntervalkey> 20000< /integer> <key>UserNamekey>clamavadmin< /string> dict> sudo launchctl load -w /Library/LaunchDaemons/net.clamav.update.clamd.db.plist 2>/dev/null # watch clamd.log in a second Terminal window open /bin/bash sudo tail -n 50 -f /private/var/clamavadmin/log/clamd.log # now restart clamd if [[ -e "/private/var/clamavadmin/tmp/clamd" ]]; then sudo /bin/rm -f "/private/var/clamavadmin/tmp/clamd" ; fi sudo /opt/local/sbin/clamd -c /opt/local/etc/clamd.conf # test (sleep 3; echo PING; sleep 3; echo exit) | sudo telnet -u /private/var/clamavadmin/tmp/clamd echo PING | /opt/local/bin/socat - /private/var/clamavadmin/tmp/clamd # requires: sudo port install socat sudo find /private/var/clamavadmin \( -type f -or -type d -or -type s \) -print0 | xargs -0 sudo ls -ldG # /private/var/clamavadmin/tmp/clamd