How To Install ClamAV on Fedora 42

In today’s digital landscape, security remains a paramount concern for all computer users, including those running Linux distributions like Fedora. While Linux systems are generally less targeted by malware compared to Windows, they aren’t immune to security threats. ClamAV, an open-source antivirus toolkit, provides a reliable solution for detecting viruses, trojans, malware, and other malicious content on Linux systems, including Fedora 42.

Whether you’re managing a mail server that needs to scan incoming attachments, sharing files with Windows users, or simply want an additional layer of security, ClamAV offers a robust solution tailored for Linux environments. This comprehensive guide will walk you through the entire process of installing, configuring, and using ClamAV on Fedora 42, ensuring your system remains protected against various cybersecurity threats.

By following this guide, you’ll learn how to implement effective malware scanning routines, configure real-time protection, and optimize ClamAV for your specific needs. We’ll cover everything from basic installation steps to advanced configuration options, troubleshooting common issues, and best practices for maintaining your system’s security posture.

Understanding ClamAV

ClamAV is a versatile, open-source antivirus toolkit designed specifically for Unix-like operating systems, including Linux distributions such as Fedora. Originally developed to scan email attachments on mail gateways, ClamAV has evolved into a comprehensive security solution with a wide range of applications.

What is ClamAV?

At its core, ClamAV is a command-line antivirus scanner that can detect various types of malicious software, including viruses, trojans, malware, and other potential threats. It uses signature-based detection to identify known malware, comparing files against a regularly updated database of virus definitions.

Key Features and Capabilities

ClamAV offers several notable features that make it an excellent choice for Fedora 42 users:

• Versatile Protection: ClamAV diligently guards against various forms of malware, providing a secure environment for your Fedora Linux system.
• Regular Database Updates: The antivirus engine receives frequent signature updates to ensure protection against the latest threats, with the FreshClam component handling automatic database updates.
• Command-Line Interface: ClamAV primarily operates through a straightforward command-line interface, making it highly flexible and scriptable for automation tasks.
• Scanning Options: The toolkit provides numerous options for scanning files, directories, and email attachments, with support for both on-demand and scheduled scans.
• Cross-Platform Compatibility: While designed for Unix-like systems, ClamAV also supports other operating systems, making it useful in heterogeneous environments.

Components of ClamAV

ClamAV consists of several core components that work together:

• clamd: The scanning daemon that runs in the background, providing efficient, multi-threaded scanning capabilities.
• clamscan: A command-line scanner for on-demand scanning of files and directories.
• freshclam: The database update tool that keeps virus definitions current.
• clamav-milter: A mail filtering tool that interfaces with mail transfer agents for email scanning.
• ClamTK: An optional graphical frontend for users who prefer GUI-based operation.

Why ClamAV on Fedora?

While Linux systems like Fedora are generally less susceptible to malware than Windows, ClamAV serves several important purposes:

• Scanning files that will be shared with Windows systems
• Checking downloaded content for malicious code
• Scanning email attachments for viruses
• Providing an additional security layer in multi-user environments
• Detecting Windows malware that might not affect Linux but could be transmitted to Windows systems

Prerequisites for Installation

Before installing ClamAV on your Fedora 42 system, it’s important to ensure that your environment meets certain requirements and is properly prepared for the installation process.

System Requirements

ClamAV has relatively modest hardware requirements, but optimal performance depends on your specific usage:

• A working Fedora 42 installation with administrative (sudo) privileges
• Minimum 512MB RAM (1GB or more recommended for better performance)
• At least 200MB free disk space for the base installation
• Additional disk space (at least 1GB) for virus definition databases
• Internet connection for downloading packages and virus definition updates

Preparing Your Fedora System

The first step before any software installation is to ensure your system is up to date with the latest packages and security patches. This helps prevent potential conflicts during installation and ensures compatibility with the latest software versions.

sudo dnf upgrade --refresh

This command updates the package lists and upgrades all installed packages to their latest available versions. Allow the process to complete before proceeding with the ClamAV installation.

Understanding SELinux Implications

Fedora uses SELinux (Security-Enhanced Linux) by default, which can impact ClamAV’s operation. SELinux policies can restrict ClamAV’s ability to scan certain directories or files based on their security contexts.

To ensure ClamAV functions properly with SELinux enabled, you may need to configure specific SELinux boolean settings after installation:

sudo setsebool -P antivirus_can_scan_system 1

This command allows ClamAV to scan system files by enabling the antivirus_can_scan_system boolean setting.

Backup Recommendations

As with any system modification, it’s always wise to back up important data before proceeding. While installing ClamAV is generally safe, creating backups ensures you can recover quickly if unexpected issues arise.

Consider backing up critical configuration files and data using Fedora’s built-in backup tools or a simple command like:

sudo cp /path/to/important/file /path/to/important/file.backup

Installation Methods

Fedora 42 offers several methods to install ClamAV, depending on your preferences and requirements. This section explores the different installation approaches, from the straightforward DNF command line to graphical installation options.

Method 1: DNF Command Line Installation

The most direct and recommended method to install ClamAV on Fedora 42 is using the DNF package manager. This approach installs ClamAV from the official Fedora repositories, ensuring compatibility and easy updates.

To install the core ClamAV packages, open a terminal and run:

sudo dnf install clamav clamd clamav-update

This command installs the essential ClamAV components:
– clamav: The base antivirus engine and command-line scanner
– clamd: The ClamAV daemon for on-access scanning
– clamav-update: Tools for updating virus definitions

The installation process should complete quickly, downloading and installing all required packages and dependencies automatically.

To verify that ClamAV was installed correctly, you can check the version information:

clamscan --version

This command should display the installed ClamAV version, confirming successful installation.

Method 2: GUI Installation via GNOME Software Center

For users who prefer graphical interfaces, ClamAV can also be installed through the GNOME Software Center, Fedora’s default application manager.

1. Open the GNOME Software Center from the application menu
2. Search for “ClamTK” (the graphical frontend for ClamAV)
3. Click the “Install” button
4. Provide your administrator password when prompted
5. Wait for the installation to complete

The Software Center will automatically install ClamTK along with the required ClamAV components as dependencies. This method is ideal for users less comfortable with command-line operations.

Method 3: Installation from RPM Packages

In some scenarios, you might need to install ClamAV from RPM packages, especially if you need a specific version or are working in an offline environment.

1. Download the required RPM packages from the official Fedora repository or ClamAV website
2. Open a terminal and navigate to the directory containing the downloaded RPM files
3. Install the packages using DNF:

sudo dnf install ./clamav-*.rpm

This method provides more control over the installation process but requires manual management of dependencies and updates.

Installation Validation

After installing ClamAV using any of the methods above, it’s important to verify that all components are correctly installed and ready for configuration:

rpm -qa | grep clam

This command lists all installed ClamAV-related packages, helping you confirm that all necessary components are present on your system.

Post-Installation Configuration

After successfully installing ClamAV on your Fedora 42 system, proper configuration is essential to ensure optimal performance and security coverage. This section guides you through the key configuration steps to get ClamAV up and running effectively.

Configuring freshclam.conf

The first configuration file to address is freshclam.conf, which controls the virus database update mechanism. By default, this file is located at /etc/freshclam.conf.

1. Open the configuration file for editing:

sudo nano /etc/freshclam.conf

2. Find and comment out or remove the “Example” line (if present) by placing a # at the beginning or deleting it entirely:

# Comment or remove the line below.
#Example

3. Configure essential settings:

# How many times freshclam should check for updates per day
Checks 24

# Enable logging
LogFile /var/log/freshclam.log
LogTime yes
LogVerbose yes

# Set database directory
DatabaseDirectory /var/lib/clamav

4. Save the file and exit the editor (in nano, press Ctrl+O to save and Ctrl+X to exit).

Setting Up clamd.conf

Next, configure the ClamAV daemon by editing the clamd.conf file:

sudo nano /etc/clamd.d/scan.conf

Similar to the freshclam configuration, you’ll need to comment out or remove the “Example” line if present.

Key configuration options to consider include:

# Comment or remove the Example line
#Example

# User to run the daemon as
User clamscan

# Path to the local socket file
LocalSocket /var/run/clamd.scan/clamd.sock

# Allow scanning of the root directory
ScanOnAccess yes

# Set log file path
LogFile /var/log/clamd.scan
LogTime yes
LogVerbose yes

# Set performance parameters
MaxThreads 2
MaxDirectoryRecursion 15

Adjust these settings based on your system’s resources and requirements.

SELinux Configuration

As mentioned in the prerequisites section, SELinux can impact ClamAV’s functionality. To ensure ClamAV works correctly with SELinux enabled, configure the necessary boolean settings:

sudo setsebool -P antivirus_can_scan_system 1

This command allows ClamAV to scan system files by setting the appropriate SELinux boolean permanently.

Creating Required Directories and Permissions

Ensure that ClamAV has the necessary directories and permissions to operate correctly:

1. Create the required directories if they don’t exist:

sudo mkdir -p /var/run/clamd.scan
sudo mkdir -p /var/log/clamav

2. Set appropriate permissions:

sudo chown -R clamav:clamav /var/run/clamd.scan
sudo chown -R clamav:clamav /var/log/clamav
sudo chown -R clamav:clamav /var/lib/clamav

These commands ensure that the ClamAV user has the necessary permissions to access and update the virus database and log files.

Updating Virus Definitions

For ClamAV to effectively detect and protect against malware, it needs current virus definitions. This section covers how to update the virus database initially and configure automatic updates to maintain protection against emerging threats.

Initial Database Update

Before using ClamAV for scanning, you need to download the latest virus definitions. The freshclam utility handles this task. However, before running it manually for the first time, ensure the clamav-freshclam service is stopped:

sudo systemctl stop clamav-freshclam

Now, run freshclam manually to download the latest virus definitions:

sudo freshclam

This command connects to ClamAV’s database servers and downloads the latest definition files. The initial download may take some time depending on your internet connection speed, as the definition files can be quite large.

Expected output should show the download progress for various database files, similar to:

ClamAV update process started at Fri Apr 18 00:15:26 2025
daily.cvd database is up-to-date (version: 26546, sigs: 1984482, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2)

If you encounter any errors during the update, such as network connectivity issues or permission problems, troubleshoot accordingly before proceeding.

Configuring Automatic Updates

To ensure your virus definitions remain current, configure ClamAV to automatically update its database:

1. Start and enable the clamav-freshclam service:

sudo systemctl enable clamav-freshclam --now

This command enables the service to start automatically at system boot and starts it immediately.

2. Verify that the service is running correctly:

sudo systemctl status clamav-freshclam

The output should indicate that the service is active and running.

Customizing Update Frequency

By default, freshclam checks for updates 24 times per day (once every hour). You can adjust this frequency by modifying the Checks parameter in /etc/freshclam.conf:

sudo nano /etc/freshclam.conf

Find the Checks line and change the value according to your needs:

# Number of database checks per day
Checks 12

This example configures freshclam to check for updates 12 times per day (every 2 hours). Save the changes and restart the service:

sudo systemctl restart clamav-freshclam

To test that the update mechanism is working correctly, you can view the log file:

sudo tail -f /var/log/freshclam.log

This command displays the most recent entries in the update log, showing successful updates or any errors that occurred.

Scanning for Malware

After installing ClamAV and updating its virus definitions, you’re ready to scan your Fedora 42 system for malware. This section covers various scanning methods, from basic file scans to comprehensive system-wide checks.

Basic Scanning Commands

ClamAV provides clamscan as its primary command-line scanning tool. Here are some basic scanning commands to get you started:

1. Scan a single file:

clamscan /path/to/file

2. Scan a specific directory:

clamscan /home/username/downloads/

3. View detailed information about the scan:

clamscan -v /path/to/file

The scan output will show whether any threats were detected, along with a summary of the scan results.

Scanning Options and Flags

ClamAV offers numerous options to customize your scans according to your specific needs:

1. Recursive directory scanning:

clamscan -r /home/

This command scans all files and subdirectories within the specified directory.

2. Display only infected files:

clamscan -i /home/

This flag causes clamscan to only show files that contain viruses, reducing output noise.

3. Remove infected files automatically:

clamscan --remove /home/username/documents/

This option deletes any infected files found during the scan. Use with caution, as deleted files cannot be recovered.

4. Move infected files to a quarantine directory:

clamscan --move=/home/username/quarantine /home/

This creates a safer alternative to removing files, moving them to a designated quarantine location instead.

5. Sound an alert when viruses are found:

clamscan --bell -i /home/

This option triggers an audible bell notification when malware is detected.

Scheduled Scans

To maintain ongoing protection, it’s advisable to set up scheduled scans that run automatically at predetermined times:

1. Create a scan script:

sudo nano /usr/local/bin/clamav-scan.sh

2. Add the following content to the script:

#!/bin/bash
# ClamAV scan script for Fedora 42

LOG_FILE="/var/log/clamav/scan_$(date +\%Y\%m\%d).log"
QUARANTINE="/home/username/quarantine"

# Ensure quarantine directory exists
mkdir -p $QUARANTINE

# Run the scan
echo "ClamAV scan started at $(date)" > $LOG_FILE
clamscan -ri --move=$QUARANTINE /home >> $LOG_FILE 2>&1
echo "ClamAV scan completed at $(date)" >> $LOG_FILE

# Email summary if any threats were found
INFECTED=$(grep "Infected files" $LOG_FILE | cut -d: -f2 | tr -d ' ')
if [ "$INFECTED" -gt "0" ]; then
    mail -s "ClamAV - Threats detected on $(hostname)" admin@example.com < $LOG_FILE
fi

3. Make the script executable:

sudo chmod +x /usr/local/bin/clamav-scan.sh

4. Set up a cron job to run the script regularly:

sudo crontab -e

5. Add a line to run the scan at midnight every day:

0 0 * * * /usr/local/bin/clamav-scan.sh

This schedule runs the scan script at midnight daily. Adjust the timing according to your requirements and system usage patterns.

Using ClamTK GUI for Scanning

If you installed the ClamTK graphical frontend, you can perform scans through a user-friendly interface:

1. Launch ClamTK from the application menu
2. Use the “Scan a Directory” option to select folders to scan
3. View scan results directly in the interface
4. Access quarantine management features to handle detected threats

ClamTK simplifies the scanning process for users who prefer graphical interfaces over command-line operations.

Real-time Scanning Configuration

While on-demand scanning is useful, real-time protection provides continuous monitoring of your system. ClamAV’s on-access scanning feature enables this capability on Fedora 42, alerting you to threats as they appear rather than during scheduled scans.

Setting Up On-Access Scanning

On-access scanning in ClamAV is handled by the clamd daemon and its on-access scanner component. To enable this feature:

1. Edit the clamd configuration file:

sudo nano /etc/clamd.d/scan.conf

2. Locate and uncomment (or add) the following lines:

# Enable on-access scanning
ScanOnAccess yes

# Set directories to watch
OnAccessIncludePath /home
OnAccessIncludePath /var/www
OnAccessIncludePath /tmp

# Exclude certain directories from scanning
OnAccessExcludePath /var/log
OnAccessExcludePath /dev
OnAccessExcludePath /proc

# Take preventive action when malware is detected
OnAccessPrevention yes

3. Save the file and exit the editor.

4. Start and enable the clamd service:

sudo systemctl enable clamd@scan --now

5. Start and enable the on-access scanning service:

sudo systemctl enable clamav-clamonacc --now

If the on-access service fails to start, check if the clamd daemon is running properly:

sudo systemctl status clamd@scan

In some cases, you might need to manually start clamd before the on-access service will function correctly:

sudo clamd

Then try starting the on-access service again.

Resource Management

On-access scanning can consume significant system resources, potentially impacting performance. To mitigate this, consider the following optimization strategies:

1. Limit the directories monitored by on-access scanning to those most at risk:

OnAccessIncludePath /home/username/Downloads
OnAccessIncludePath /home/username/Documents

2. Exclude file types that are unlikely to contain malware:

OnAccessExcludeUname .mp3
OnAccessExcludeUname .jpg
OnAccessExcludeUname .png

3. Adjust the maximum file size for on-access scanning:

OnAccessMaxFileSize 100M

This limits scanning to files smaller than 100MB, improving performance while still checking most potential threat vectors.

4. Configure the scan recursion depth:

OnAccessMaxRecursion 5

These optimizations help balance security needs with system performance considerations, especially on systems with limited resources.

Troubleshooting Common Issues

While ClamAV is generally reliable on Fedora 42, users may encounter various issues during installation, configuration, or operation. This section addresses common problems and provides practical solutions.

Database Update Failures

One of the most common issues is failure to update virus definitions:

1. Error: freshclam.dat is locked: This typically occurs when multiple instances of freshclam are running simultaneously.

Solution:

sudo rm -f /var/lib/clamav/freshclam.dat
sudo freshclam

2. Network connectivity issues: If freshclam cannot reach the update servers, check your internet connection and firewall settings:

ping database.clamav.net

If the ping fails, ensure your firewall allows outgoing connections to port 80:

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --reload

3. Mirror selection problems: Try specifying a different database mirror in /etc/freshclam.conf:

DatabaseMirror db.us.clamav.net

Replace with a mirror geographically closer to your location.

Scanning Errors

Scanning issues can manifest in various ways:

1. Permission denied errors: These occur when ClamAV doesn’t have access to files it’s trying to scan.

Solution:

sudo clamscan -r /path/to/directory

Using sudo provides the necessary permissions for scanning system files and directories.

2. Memory allocation errors: ClamAV may fail when scanning large files or archives:

Solution: Edit /etc/clamd.d/scan.conf to adjust memory limits:

MaxFileSize 100M
MaxScanSize 150M

3. Slow scanning performance: If scans take too long, optimize the configuration:

MaxThreads 4
MaxRecursion 10

Adjust these values based on your system’s capabilities.

Service Start Failures

Issues with starting ClamAV services often stem from configuration problems:

1. clamd fails to start: This commonly occurs due to configuration errors or permission issues.

Check the service status and logs:

sudo systemctl status clamd@scan
sudo journalctl -u clamd@scan

Ensure the configuration file doesn’t contain the “Example” line and that all paths exist with proper permissions.

2. On-access scanning service fails: The most common cause is that clamd is not running:

ERROR: ClamClient: Could not connect to clamd on LocalSocket
ERROR: Clamonacc: daemon is local, but cannot be contacted

Solution:

sudo systemctl start clamd@scan
sudo systemctl restart clamav-clamonacc

3. SELinux blocks ClamAV operations: If SELinux is preventing ClamAV from functioning properly:

sudo grep "denied" /var/log/audit/audit.log | grep clam

Solution:

sudo setsebool -P antivirus_can_scan_system 1

This allows ClamAV to scan system files when SELinux is enabled.

Advanced Configuration

Beyond basic setup, ClamAV on Fedora 42 offers advanced configuration options for users with specific requirements or those seeking enhanced protection. This section explores sophisticated features for specialized use cases.

Integrating with Email Systems

ClamAV can scan email traffic to detect malicious attachments before they reach users:

1. Install the necessary components:

sudo dnf install clamav-milter

2. Configure the milter by editing /etc/clamav-milter.conf:

MilterSocket /var/run/clamav-milter/clamav-milter.sock
MilterSocketMode 660
ClamdSocket unix:/var/run/clamd.scan/clamd.sock

3. Configure your MTA (e.g., Postfix) to use the ClamAV milter:

sudo nano /etc/postfix/main.cf

Add the following line:

smtpd_milters = unix:/var/run/clamav-milter/clamav-milter.sock

4. Start and enable the clamav-milter service:

sudo systemctl enable clamav-milter --now

This setup ensures all incoming emails are scanned for viruses before delivery.

Excluding Directories from Scans

To improve performance and avoid unnecessary scanning of certain locations:

1. Create an exclusion file:

sudo nano /etc/clamav/scan-exclusions.txt

2. Add directories or file patterns to exclude, one per line:

/proc
/sys
/dev
/var/log/*.log
/home/username/Videos
/home/username/Music

3. Reference this exclusion file in your scan commands:

clamscan -r --exclude-dir=/etc/clamav/scan-exclusions.txt /

For on-access scanning, configure exclusions in /etc/clamd.d/scan.conf:

OnAccessExcludePath /proc
OnAccessExcludePath /sys
OnAccessExcludePath /dev

These exclusions improve scanning performance while maintaining security coverage for important areas.

Custom Virus Signatures

Advanced users can create custom signatures to detect specific threats:

1. Create a directory for custom signatures:

sudo mkdir -p /var/lib/clamav/custom

2. Create a new signature file:

sudo nano /var/lib/clamav/custom/local.ndb

3. Add custom signatures following ClamAV’s database format:

CustomThreat:0:0:7374d00db0edd5ebaeece71c8401e91f

4. Update the ClamAV configuration to include custom signatures:

sudo nano /etc/clamd.d/scan.conf

Add:

DatabaseCustomURL file:///var/lib/clamav/custom/local.ndb

5. Restart the clamd service:

sudo systemctl restart clamd@scan

This allows you to detect specific threats that might not be included in the standard ClamAV database.

Logging and Notifications

Configure comprehensive logging and notifications for security events:

1. Enhance logging in /etc/clamd.d/scan.conf:

LogClean yes
LogTime yes
LogVerbose yes

2. Create a custom notification script:

sudo nano /etc/clamav/notify.sh

#!/bin/bash
# ClamAV notification script

FOUND=$1
FILE=$2
SUBJECT="Virus detected on $(hostname)"
ADMIN="admin@example.com"

echo "Alert: $FOUND detected in $FILE on $(date)" | mail -s "$SUBJECT" $ADMIN

3. Make the script executable:

sudo chmod +x /etc/clamav/notify.sh

4. Configure ClamAV to use the script by adding to your scan command:

clamscan -r --move=/quarantine --exec="/etc/clamav/notify.sh '%v' '%f'" /home

This setup provides immediate notifications when threats are detected, allowing for prompt response to security incidents.

Uninstallation Process

If you need to remove ClamAV from your Fedora 42 system, follow these steps for a clean uninstallation.

Complete Removal

To completely remove ClamAV and all its components:

1. Stop and disable all ClamAV services:

sudo systemctl stop clamav-freshclam
sudo systemctl disable clamav-freshclam

sudo systemctl stop clamd@scan
sudo systemctl disable clamd@scan

sudo systemctl stop clamav-clamonacc
sudo systemctl disable clamav-clamonacc

If you installed the milter component:

sudo systemctl stop clamav-milter
sudo systemctl disable clamav-milter

2. Remove the ClamAV packages:

sudo dnf remove clamav clamd clamav-update

If you installed additional components, include them in the removal command:

sudo dnf remove clamav clamd clamav-update clamav-milter clamtk

3. Remove configuration files and databases:

sudo rm -rf /etc/clamav
sudo rm -rf /var/lib/clamav
sudo rm -rf /var/log/clamav

This ensures all ClamAV components are completely removed from your system.

Preserving Configuration

If you plan to reinstall ClamAV later and want to preserve your configuration:

1. Back up your configuration files before uninstalling:

sudo mkdir -p /backup/clamav
sudo cp -r /etc/clamav /backup/clamav/etc
sudo cp -r /etc/clamd.d /backup/clamav/clamd.d
sudo cp /etc/freshclam.conf /backup/clamav/

2. Proceed with the uninstallation as described above.

3. To restore your configuration when reinstalling:

sudo cp -r /backup/clamav/etc /etc/clamav
sudo cp -r /backup/clamav/clamd.d /etc/clamd.d
sudo cp /backup/clamav/freshclam.conf /etc/freshclam.conf

This approach allows you to quickly restore your customized ClamAV configuration when reinstalling the software.

Best Practices and Security Tips

To maximize ClamAV’s effectiveness on your Fedora 42 system, adopt these best practices and security recommendations for a comprehensive protection strategy.

Combining ClamAV with Other Security Measures

ClamAV works best as part of a layered security approach:

1. Firewall Protection: Ensure Fedora’s built-in firewall is properly configured:

sudo firewall-cmd --state
sudo firewall-cmd --set-default-zone=home

2. Regular System Updates: Keep your system patched against known vulnerabilities:

sudo dnf upgrade --refresh

3. AppArmor or SELinux: Maintain appropriate mandatory access control systems:

sestatus

4. User Account Security: Implement strong password policies and limited privileges:

sudo passwd -l unused_account

5. Network Monitoring: Consider tools like Fail2ban to detect and block suspicious activity:

sudo dnf install fail2ban

These complementary measures create a defense-in-depth strategy that significantly enhances your system’s security posture.

Regular Maintenance Tips

Maintain your ClamAV installation with these routine practices:

1. Update virus definitions daily:

sudo freshclam

2. Schedule regular system scans:

sudo crontab -e

Add:

0 2 * * * clamscan -r --move=/home/quarantine /home

3. Check logs periodically for threats or issues:

sudo tail -f /var/log/clamav/scan.log

4. Update ClamAV itself when new versions are available:

sudo dnf update clamav*

5. Test your scanning and notification system:

wget https://www.eicar.org/download/eicar.com
clamscan eicar.com

This file is a harmless test file that all antivirus software, including ClamAV, will detect as a virus for testing purposes.

Following these best practices ensures your ClamAV installation remains effective and up-to-date against evolving threats.

Congratulations! You have successfully installed ClamAV. Thanks for using this tutorial for installing the ClamAV command-line antivirus scanner on Fedora 42 Linux system. For additional help or useful information, we recommend you check the official ClamAV website.