I recently migrated an OS X client setup to a new Mac Mini running OS X Server. One installation problem that arose was ClamXav [www.clamxav.com], a free front-end to the clamav virus checker that comes pre-installed with OS X server.
I got this working along with ClamXav Sentry, and I'm posting my notes here in case it's useful to others or someone can suggest alternatives. The main idea is change the configuration so that OS X Server uses the ClamXav binaries, and that the server handles all the freshclam updating details. You could also do the same thing with binaries installed using MacPorts 'port install clamav' in /opt/local.
Notes on setting up ClamXav Sentry on OS X Server 10.6:
Based mostly on 'Updating ClamAV on OS X Server >= 10.5.5' from http://osx.topicdesk.com/content/view/139/41/
This will use the clamav binaries that come with clamXav in /usr/local/clamXav/{bin,sbin}
1. Create and copy all the conf and plist files:
% cd ~/Downloads
% mkdir ~/Downloads/SourceCache
% cd ~/Downloads/SourceCache
% curl -O http://downloads.topicdesk.com/docextras/clamavextras_105096.tar.gz
% tar xzf clamav extras_105096.tar.gz
% cd clamav extras_105096
% sudo chown root:wheel ~/Downloads/SourceCache/clamav extras_105096/*
% sudo vi net.clamav.clamd.plist
/usr/local/sbin/clamd -> /usr/local/clamXav/sbin/clamd
% sudo vi net.clamav.clamd.plist
/usr/local/bin/freshclam -> /usr/local/clamXav/bin/freshclam
% sudo vi freshclam.conf
#DatabaseDirectory /var/clamav
# Path to the log file (make sure it has proper permissions)
# Default: disabledUpdateLogFile /usr/local/clamXav/share/clamav/freshclam.log
UpdateLogFile /usr/local/clamXav/share/clamav/freshclam.log
% sudo mv /usr/local/clamXav/etc/clamd.conf /usr/local/clamXav/etc/clamd.conf.orig
% sudo mv /usr/local/clamXav/etc/freshclam.conf /usr/local/clamXav/etc/freshclam.conf.orig
% sudo chown clamav:wheel freshclam.conf
% sudo cp *.conf /usr/local/clamXav/etc
% sudo cp *.plist /System/Library/LaunchDaemons
% sudo mkdir -p /var/clamav/tmp
% sudo chown amavisd:amavisd /var/clamav/tmp
2. Setup launchctl to use the new files
% sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/org.clamav.freshclam.plist
% sudo /bin/launchctl load -w /System/Library/LaunchDaemons/net.clamav.freshclam.plist
% sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/org.clamav.clamd.plist
% sudo /bin/launchctl load -w /System/Library/LaunchDaemons/net.clamav.clamd.plist
% sudo /bin/launchctl unload /System/Library/LaunchDaemons/org.amavis.amavisd.plist
% sudo /bin/launchctl load /System/Library/LaunchDaemons/org.amavis.amavisd.plist
3. Restart
I got this working along with ClamXav Sentry, and I'm posting my notes here in case it's useful to others or someone can suggest alternatives. The main idea is change the configuration so that OS X Server uses the ClamXav binaries, and that the server handles all the freshclam updating details. You could also do the same thing with binaries installed using MacPorts 'port install clamav' in /opt/local.
Notes on setting up ClamXav Sentry on OS X Server 10.6:
Based mostly on 'Updating ClamAV on OS X Server >= 10.5.5' from http://osx.topicdesk.com/content/view/139/41/
This will use the clamav binaries that come with clamXav in /usr/local/clamXav/{bin,sbin}
1. Create and copy all the conf and plist files:
% cd ~/Downloads
% mkdir ~/Downloads/SourceCache
% cd ~/Downloads/SourceCache
% curl -O http://downloads.topicdesk.com/docextras/clamavextras_105096.tar.gz
% tar xzf clamav extras_105096.tar.gz
% cd clamav extras_105096
% sudo chown root:wheel ~/Downloads/SourceCache/clamav extras_105096/*
% sudo vi net.clamav.clamd.plist
/usr/local/sbin/clamd -> /usr/local/clamXav/sbin/clamd
% sudo vi net.clamav.clamd.plist
/usr/local/bin/freshclam -> /usr/local/clamXav/bin/freshclam
% sudo vi freshclam.conf
#DatabaseDirectory /var/clamav
# Path to the log file (make sure it has proper permissions)
# Default: disabledUpdateLogFile /usr/local/clamXav/share/clamav/freshclam.log
UpdateLogFile /usr/local/clamXav/share/clamav/freshclam.log
% sudo mv /usr/local/clamXav/etc/clamd.conf /usr/local/clamXav/etc/clamd.conf.orig
% sudo mv /usr/local/clamXav/etc/freshclam.conf /usr/local/clamXav/etc/freshclam.conf.orig
% sudo chown clamav:wheel freshclam.conf
% sudo cp *.conf /usr/local/clamXav/etc
% sudo cp *.plist /System/Library/LaunchDaemons
% sudo mkdir -p /var/clamav/tmp
% sudo chown amavisd:amavisd /var/clamav/tmp
2. Setup launchctl to use the new files
% sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/org.clamav.freshclam.plist
% sudo /bin/launchctl load -w /System/Library/LaunchDaemons/net.clamav.freshclam.plist
% sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/org.clamav.clamd.plist
% sudo /bin/launchctl load -w /System/Library/LaunchDaemons/net.clamav.clamd.plist
% sudo /bin/launchctl unload /System/Library/LaunchDaemons/org.amavis.amavisd.plist
% sudo /bin/launchctl load /System/Library/LaunchDaemons/org.amavis.amavisd.plist
3. Restart
Mac Mini, Mac OS X (10.6.4)
Posted on Aug 19, 2010 7:57 PM
It is open source and low resource consumption, but is not free. There is also a free command line version available in brew, fink, and macports under clamav (less ugly). There is some minor configuration, but there are decent guides on the ClamAV site and here, for example. ClamXav is a popular choice for many longtime Mac fans, and overall the app seems good. It's simple to use, offers basic protection for your Mac and stays out of your way. Protect Your Mac With ClamXav For Free OS X Tips By Rob LeFebvre. 6:00 am, May 17.
Clamxav Uninstall Mac Os X
ClamXav is a free virus checker for Mac OS X. It uses the tried, tested and very popular ClamAV open source antivirus engine as a back end.
Back in the days before OS X, the number of viruses which attacked Macintosh users totalled somewhere between about 60 and 80. Today, the number of viruses actively attacking OS X users is...NONE! However, this doesn't mean we should get complacent about checking incoming email attachments or web downloads, for two reasons. Firstly, there's no guarantee that we Mac users will continue to enjoy the status quo, but more importantly, the majority of the computing world use machines running MS Windows, for which an enormous quantity of viruses exist, so we must be vigilant in checking the files we pass on to our friends and colleagues etc. For example, if you're a wise person and you've turned MS Office's macro support off then you're not going to notice that virus which is hiding inside this month's edition of Extreme Ironing.doc which your friend sent you. If you then forward that document to a less wise person who has not turned off the macro support, then you have most likely just sent him a shiny new Pandora's Box with a sign saying 'Open this end'!
Flippancy aside, I'm sure you get the idea: check the file before opening and/or sending it on to someone else. This gives you the opportunity to avoid the file altogether or at least copy and paste any vital information into a new document and send that instead.
Don't forget, if you run VirtualPC you can still become infected and lose valuable data on your Mac even though technically you're running Windows inside a sandbox. VPC will run any application you tell it to, virus or no virus, it doesn't know the difference. You can protect yourself slightly by not using VPC's 'shared folders', but that's a useful feature which you shouldn't have to be without.
Version 1.0.1 - 18 July 2005
Install buttons work for all languages
ClamXav Sentry's abort function now works properly
ClamXav Sentry's 'Launch ClamXav' menu item now works regardless of ClamXav location
Added '--quiet' switch to freshclam's cron item
Added Norwegian translation - thanks to Jo Daniel Aleksandersen
Added Turkish translation - thanks to Kerem Erkan
Back in the days before OS X, the number of viruses which attacked Macintosh users totalled somewhere between about 60 and 80. Today, the number of viruses actively attacking OS X users is...NONE! However, this doesn't mean we should get complacent about checking incoming email attachments or web downloads, for two reasons. Firstly, there's no guarantee that we Mac users will continue to enjoy the status quo, but more importantly, the majority of the computing world use machines running MS Windows, for which an enormous quantity of viruses exist, so we must be vigilant in checking the files we pass on to our friends and colleagues etc. For example, if you're a wise person and you've turned MS Office's macro support off then you're not going to notice that virus which is hiding inside this month's edition of Extreme Ironing.doc which your friend sent you. If you then forward that document to a less wise person who has not turned off the macro support, then you have most likely just sent him a shiny new Pandora's Box with a sign saying 'Open this end'!
Flippancy aside, I'm sure you get the idea: check the file before opening and/or sending it on to someone else. This gives you the opportunity to avoid the file altogether or at least copy and paste any vital information into a new document and send that instead.
Don't forget, if you run VirtualPC you can still become infected and lose valuable data on your Mac even though technically you're running Windows inside a sandbox. VPC will run any application you tell it to, virus or no virus, it doesn't know the difference. You can protect yourself slightly by not using VPC's 'shared folders', but that's a useful feature which you shouldn't have to be without.
Version 1.0.1 - 18 July 2005
Install buttons work for all languages
ClamXav Sentry's abort function now works properly
ClamXav Sentry's 'Launch ClamXav' menu item now works regardless of ClamXav location
Added '--quiet' switch to freshclam's cron item
Added Norwegian translation - thanks to Jo Daniel Aleksandersen
Added Turkish translation - thanks to Kerem Erkan