This How To Install Calmav On OpenHAB helps you to install anti virus protection on your openHABian. The installation will be made in very simple steps.
Install Clamav on OpenHAB
Index of How To Install Clamav On OpenHAB
Background
Running a malware protection is considered best practice by the majority of cybersecurity experts. You maybe also the opinion, that you better install an anti virus software than regretting it at a later stage and after cyber risks have materialised.
There are many debates whether Linux based systems need malware protection. My opinion on this is very simple:
- malware protection is available for Linux system, hence why not to use it
- I don’t know what the future brings and which zero day attacks will show up, but having an anti virus installed maybe supports better protection
- If the Linux system is used also as file server or to exchange files (which with openhabian is possible) then maybe files are getting stored by Windows systems. These files maybe have not a Linux virus included, but having an anti virus running on the Linux system helps to detect also other virus
As for my system enviornement:
- OpenHAB with openhabian 3.0.0 on a Raspberry Pi 4 Model B
- I am using the Clamav open-source anti virus protection
How To Install Clamav On OpenHAB
Before we install it, we double check whether it is installed already. This you can do by simply executing
sudo apt-cache policy clamav clamav-daemon
If you have not installed it, than you will see something like this:
openhabian@OpenHAB:~ $ sudo apt-cache policy clamav clamav-daemon
clamav:
Installed: (none)
Candidate: 0.103.7+dfsg-0+deb11u1
Version table:
0.103.7+dfsg-0+deb11u1 500
500 http://raspbian.raspberrypi.org/raspbian bullseye/main armhf Packages
0.103.6+dfsg-0+deb10u1 500
500 http://archive.raspbian.org/raspbian buster/main armhf Packages
clamav-daemon:
Installed: (none)
Candidate: 0.103.7+dfsg-0+deb11u1
Version table:
0.103.7+dfsg-0+deb11u1 500
500 http://raspbian.raspberrypi.org/raspbian bullseye/main armhf Packages
0.103.6+dfsg-0+deb10u1 500
500 http://archive.raspbian.org/raspbian buster/main armhf PackagesThe “Installed: (none)” in the above tells us, that Clamav is not installed. Therefore we install it by a very simple command:
sudo apt-get install clamav clamav-daemon
Keep Your Malware Protection Up To Date
Once installed, we would like to check whether the Daemon responsible for keeping the anti-virus signatures up to date is running. We do this by executing the below command:
sudo systemctl status clamav-freshclam
The output should look (similar) like this:
openhabian@OpenHAB:~ $ sudo systemctl status clamav-freshclam
● clamav-freshclam.service - ClamAV virus database updater
Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-11-12 15:05:47 CET; 2min 36s ago
Docs: man:freshclam(1)
man:freshclam.conf(5)
https://docs.clamav.net/
Main PID: 365 (freshclam)
Tasks: 1 (limit: 4915)
CPU: 1min 17.726s
CGroup: /system.slice/clamav-freshclam.service
└─365 /usr/bin/freshclam -d --foreground=true
Nov 12 15:05:47 OpenHAB freshclam[365]: Sat Nov 12 15:05:47 2022 -> ClamAV update process started at Sat Nov 12 15:05:47 2022
Nov 12 15:05:47 OpenHAB freshclam[365]: Sat Nov 12 15:05:47 2022 -> daily database available for download (remote version: 26718)
Nov 12 15:05:48 OpenHAB systemd[1]: /lib/systemd/system/clamav-freshclam.service:11: Standard output type syslog is obsolete, auto>
Nov 12 15:05:54 OpenHAB systemd[1]: /lib/systemd/system/clamav-freshclam.service:11: Standard output type syslog is obsolete, auto>
Nov 12 15:05:58 OpenHAB systemd[1]: /lib/systemd/system/clamav-freshclam.service:11: Standard output type syslog is obsolete, auto>
Nov 12 15:06:00 OpenHAB systemd[1]: /lib/systemd/system/clamav-freshclam.service:11: Standard output type syslog is obsolete, auto>
Nov 12 15:06:46 OpenHAB freshclam[365]: Sat Nov 12 15:06:46 2022 -> Testing database: '/var/lib/clamav/tmp.3900af4eec/clamav-c7534>
Nov 12 15:07:42 OpenHAB freshclam[365]: Sat Nov 12 15:07:42 2022 -> Database test passed.
Nov 12 15:07:42 OpenHAB freshclam[365]: Sat Nov 12 15:07:42 2022 -> daily.cvd updated (version: 26718, sigs: 2010696, f-level: 90,>
Nov 12 15:07:42 OpenHAB freshclam[365]: Sat Nov 12 15:07:42 2022 -> main database available for download (remote version: 62)You like to watch out for the “Loaded: loaded” and the “Active: active (running)” as in the above. This tells you that the service is up and running.
Double Check Whether Clamav Is Running
To be on the safe site, you should double check whether the malware (anti virus) protection is running properly. To do so, simply check the status of the service by:
sudo systemctl status clamav-daemon
The output should look like something like this:
openhabian@OpenHAB:~ $ sudo systemctl status clamav-daemon
● clamav-daemon.service - Clam AntiVirus userspace daemon
Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/clamav-daemon.service.d
└─extend.conf
Active: active (running) since Sat 2022-11-12 16:40:07 CET; 9s ago
Docs: man:clamd(8)
man:clamd.conf(5)
https://docs.clamav.net/
Process: 11933 ExecStartPre=/bin/mkdir -p /run/clamav (code=exited, status=0/SUCCESS)
Process: 11934 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS)
Main PID: 11935 (clamd)
Tasks: 1 (limit: 4915)
CPU: 9.011s
CGroup: /system.slice/clamav-daemon.service
└─11935 /usr/sbin/clamd --foreground=true
Nov 12 16:40:07 OpenHAB systemd[1]: Starting Clam AntiVirus userspace daemon...
Nov 12 16:40:07 OpenHAB systemd[1]: Started Clam AntiVirus userspace daemon.You like to watch out for the “Loaded: loaded” and the “Active: active (running)” as in the above. This tells you that the service is up and running.
That’s basically it!
Additional Information
Malware (anti virus) protection is one thing to improve security, but there is many other items that can and need to be done too! A while ago I have written a Hardining guide. You maybe like to check it out, refer it to friends and link it to your website or into any sort of forums: Hardening Guide for OpenHAB
There is a very strong openHAB community. You like to check out the community for other cool ideas on security and on features too!
Finally, I love to see your feedback and input! Please leverage on the contact form whilst keeping in mind to book mark this page, create links in forums and other internet communities. Thanks so much!
