Building ClamAV 0.97.x on Mac OS X

Memorandum

Memorandum to build ClamAV 0.97.x on Mac OS X

I've tested ClamAV 0.96.x and ClamAV 0.97.x for building on Mac OS X, and now I'm running the latest stable release: ClamAV 0.97.3.

1. Memorandum 1: Building ClamAV on Mac OS X 10.4 (Intel)
2. Memorandum 2: Building ClamAV on Mac OS X 10.4 (PPC)
3. Memorandum 3: Building ClamAV on Mac OS X 10.6 & 10.7…
4. Memorandum 4: Running clamd and freshclam as daemon
5. Memorandum 5: Running ClamXav Sentry as launchd agent on Mac OS X 10.6 & 10.7
6. Links…

To compile ClamAV 0.96.3 or later, bzip2 (Version 1.0.6) that fixes CVE-2010-0405 is required.
Mac OS X has bzip2 (Version 1.0.5) built-in and it is outdated, so you get WARNING as follows while running configuration command.

****** bzip2 libraries are affected by the CVE-2010-0405 bug
****** We strongly suggest you to update bzip2


****** WARNING:
****** You are cross compiling to a different host or you are
****** linking to bugged system libraries or you have manually
****** disabled important configure checks.
****** Please be aware that this build may be badly broken.
****** DO NOT REPORT BUGS BASED ON THIS BUILD !!!

To solve this problem and run 'make check' completely, you can install bzip2 1.0.6 and check 0.9.8 using MacPorts and add this configuration option: export LDFLAGS="-L/opt/local/lib" as follows.

Apple has patched the CVE-2010-0405 bug on Mac OS X 10.6.7 but not on Mac OS X 10.4.11.

Memorandum 1

Building ClamAV on Mac OS X 10.4 (Intel)

In last update, Clam AntiVirus developer team introduced JIT compiler to ClamAV® 0.96.
Apple gcc (version: 4.0.1 build: 5370) in Mac OS X 10.4 (aka Tiger) failed to build ClamAV 0.96.x and 0.97.x with JIT compiled in.
With a brief struggle I found a good solution that I will tell you here.

1) First, install LLVM (Low Level Virtual Machine) and LLVM-GCC 4.2 Front End.
2) Second, add this configuration option: --enable-llvm.

Then you can build ClamAV 0.96.x and 0.97.x with JIT compiled in and use new features included in anti-virus toolkit.

Install LLVM (Low Level Virtual Machine) and LLVM-GCC 4.2 Front End

Installing LLVM-GCC 4.2 Front End Binaries

cd ~
curl -O http://llvm.org/releases/2.3/llvm-gcc4.2-2.3-x86-darwin8.tar.gz
cd /usr/local
sudo tar zxf ~/llvm-gcc4.2-2.3-x86-darwin8.tar.gz

Setting search path

export PATH=/usr/local/llvm-gcc4.2-2.3-x86-darwin8/bin:$PATH

Installing LLVM 2.3

curl -O http://llvm.org/releases/2.3/llvm-2.3.tar.gz
tar zxf llvm-2.3.tar.gz
cd llvm-2.3
./configure
make
sudo make install

Install MacPorts and the packages

Installing MacPorts
Go to their Installing MacPorts page, download the .dmg for your platform, and install it.
Ensure it's up to date by running:

sudo port selfupdate
sudo port sync

Installing the packages: bzip2 & check

sudo port install bzip2 check

Maintaining MacPorts and installed packages

sudo port -d selfupdate
sudo port -d sync
sudo port upgrade installed

Compile ClamAV 0.97.x and Install

./configure

cd clamav-0.97.x
export CFLAGS="-O3 -march=i686"
export CXXFLAGS="-O3 -march=i686"
export LDFLAGS="-O3 -march=i686 -L/opt/local/lib"
export CC=/usr/local/llvm-gcc4.2-2.3-x86-darwin8/bin/i686-apple-darwin8-gcc-4.2.1
./configure --prefix=/usr/local/clamXav --build=i686-apple-darwin`uname -r`
--enable-llvm --enable-check

Make, make check and install ClamAV

make && make check
sudo make install

Memorandum 2

Building ClamAV on Mac OS X 10.4 (PPC)

PPC users have to install LLVM-GCC 4.2 Front End Binaries for PPC and configure ClamAV 0.96.x and 0.97.x with different configuration.

Install LLVM (Low Level Virtual Machine) and LLVM-GCC 4.2 Front End

Installing LLVM-GCC 4.2 Front End Binaries

cd ~
curl -O http://llvm.org/releases/2.3/llvm-gcc4.2-2.3-ppc-darwin8.11.0.tar.gz
cd /usr/local
sudo tar zxf ~/llvm-gcc4.2-2.3-ppc-darwin8.11.0.tar.gz

Setting search path

export PATH=/usr/local/llvm-gcc4.2-2.3-ppc-darwin8.11.0/bin:$PATH

Installing LLVM 2.3

curl -O http://llvm.org/releases/2.3/llvm-2.3.tar.gz
tar zxf llvm-2.3.tar.gz
cd llvm-2.3
./configure
make
sudo make install

Install MacPorts and the packages

Installing MacPorts
Go to their Installing MacPorts page, download the .dmg for your platform, and install it.
Ensure it's up to date by running:

sudo port selfupdate
sudo port sync

Installing the packages: bzip2 & check

sudo port install bzip2 check

Maintaining MacPorts and installed packages

sudo port -d selfupdate
sudo port -d sync
sudo port upgrade installed

Compile ClamAV 0.97.x and Install

./configure

cd clamav-0.97.x
export CFLAGS="-O3"
export CXXFLAGS="-O3"
export LDFLAGS="-O3 -L/opt/local/lib"
export CC=/usr/local/llvm-gcc4.2-2.3-ppc-darwin8.11.0/bin/powerpc-apple-darwin8-gcc-4.2.1
./configure --prefix=/usr/local/clamXav --enable-llvm --enable-check

Make and install ClamAV

make && make check
sudo make install

Memorandum 3

Building ClamAV on Mac OS X 10.6 & 10.7…

Mac OS X 10.6 & 10.7 has its built-in LLVM (Low Level Virtual Machine), so you can simply build ClamAV 0.96.x and 0.97.x with JIT compiled in and use new features included in anti-virus toolkit.

Install MacPorts and the packages

Installing MacPorts
Go to their Installing MacPorts page, download the .dmg for your platform, and install it.
Ensure it's up to date by running:

sudo port selfupdate
sudo port sync

Installing the packages: bzip2 & check

sudo port install bzip2 check

Maintaining MacPorts and installed packages

sudo port -d selfupdate
sudo port -d sync
sudo port upgrade installed

Compile ClamAV 0.97.x and Install

./configure

cd clamav-0.97.x
export CFLAGS="-O3 -march=nocona"
export CXXFLAGS="-O3 -march=nocona"
export LDFLAGS="-O3 -march=nocona -L/opt/local/lib"
./configure --prefix=/usr/local/clamXav --build=i686-apple-darwin`uname -r`
--enable-llvm --enable-check

Make, make check and install ClamAV

make && make check
sudo make install

Memorandum 4

Running clamd and freshclam as daemon

I'm running clamd as daemon with LaunchDaemons:
/Library/LaunchDaemons/org.clamav.clamd.plist

sudo chown root:wheel /Library/LaunchDaemons/org.clamav.clamd.plist
sudo chmod 0644 /Library/LaunchDaemons/org.clamav.clamd.plist

I'm running freshclam as daemon with StartupItems:
/Library/StartupItems/FreshClamDaemon/FreshClamDaemon
/Library/StartupItems/FreshClamDaemon/StartupParameters.plist

sudo chown root:wheel /Library/StartupItems/
sudo chmod 0755 /Library/StartupItems/
sudo chown -R root:wheel /Library/StartupItems/FreshClamDaemon/
sudo chmod 0755 /Library/StartupItems/FreshClamDaemon/FreshClamDaemon
sudo chmod 0644 /Library/StartupItems/FreshClamDaemon/StartupParameters.plist

FreshClamDaemon is originally developped by Yuji Okamura.

Edit clamd.conf and freshclam.conf.

Appropriate permissions for ClamXav.

sudo bash
chown -R root:admin /usr/local/clamXav
chown -R root:admin /usr/local/clamXav/etc
chmod 0775 /usr/local/clamXav/etc
chmod 0644 /usr/local/clamXav/etc/*
chown -R root:admin /usr/local/clamXav/bin
chmod 0755 /usr/local/clamXav/bin
chmod 0755 /usr/local/clamXav/bin/*
chown -R clamav:clamav /usr/local/clamXav/share/clamav
chmod -R g+w /usr/local/clamXav/share/clamav
chmod -R u+w /usr/local/clamXav/share/clamav
chmod 0755 /usr/local/clamXav/share/clamav
chmod 0644 /usr/local/clamXav/share/clamav/*
chmod 0644 /usr/local/clamXav/share/clamav/freshclam.log
chown clamav:admin /var/log/clamd.log
chmod 0664 /var/log/clamd.log

Memorandum 5

Running ClamXav Sentry as launchd agent on Mac OS X 10.6 & 10.7

I'm running ClamXav Sentry as launchd agent with LaunchAgents:
/Library/LaunchAgents/org.clamXavSentry.plist

sudo chown root:wheel /Library/LaunchAgents/org.clamXavSentry.plist
sudo chmod 0644 /Library/LaunchAgents/org.clamXavSentry.plist

Mac OS X 10.4 doesn't support 'SuccessfulExit' flag in the launchd config plist.

Links…