Configuring Clamav's clamd for enhanced virus-scanning performance
Home Mac OS X Psion EPOC

Rationale

ClamXav performs an installation of clamav, the open-source virus-scanning package, but does not configure the supplied clamd scanning daemon. This daemon offers significant performance gains over the basic clamscan command in return for eating ~40MB of system RAM whilst quiescent. Whilst ClamXav will not take advantage of clamd even if it is set up, the other virus-scanning HOWTOs at this web site will do so.

Resources

Procedure

  1. Edit clamd.conf. I've supplied a ready-tweaked version in Resources which you can download and drop into /usr/local/ClamXav/etc/. If however you prefer to edit your existing file for yourself:
    • open /usr/local/ClamXav/etc/clamd.conf in a text editor, e.g. pico.
    • comment out any line that begins with the text "Example". Doing so enables clamd.
    • modify the DatabaseDirectory parameter to point to where your clamav virus database resides. On a standard ClamXav install this is /usr/local/clamXav/share/clamav.
    • I've tweaked some of the other settings from default in the sample file above, notably the location and quality of logging, but the above two steps is the minimum needed to get things working.
  2. Make clamd launch at boot time.
    • On Tiger and above you'd use launchd to do this, but I'm using Panther so I've had to compose a StartupItem.
    • In Terminal, create a clamd StartupItem folder: mkdir /Library/StartupItems/clamd
    • Download the two StartupItem files from Resources above, and put them in your new folder.
    • Make the clamd file executable by issuing this command in your Terminal window: chmod a+x /Library/StartupItems/clamd
  3. Configuration finished. Reboot your machine and keep an eye on the messages that are output before the login window is displayed; if all is well you'll see 'Starting clamd' at some point, though it might zip past too quickly to be noticed. Once you've logged in, run Activity Monitor; so long as you see 'clamd' somewhere in the list then all is well.
  4. A final tweak. If you tend to leave your machine switched on for long periods of time and let it sleep overnight, periodically your system will download virus updates. clamd needs to be made aware of these updates, and the following procedure will make that happen.
    • open /usr/local/ClamXav/etc/freshclam.conf in a text editor.
    • add this line at the end of the file: NotifyClamd /usr/local/clamXav/etc/clamd.conf
    • save and close