Linux tutorials

How To Install Clam-AV on-access scanner on Ubuntu 22.04

Before installing ClamAV, it’s a good idea to update your system packages. Open a terminal window and run the following commands:

sudo apt update
sudo apt upgrade

2. Install ClamAV

To install ClamAV, run the following command:

sudo apt install clamav clamav-daemon

3. Configure ClamAV

After the installation is complete, stop the ClamAV service to make configuration changes:

sudo systemctl stop clamav-daemon

Edit the ClamAV configuration file:

sudo nano /etc/clamav/clamd.conf

Find the following line:

#OnAccessIncludePath /home

Uncomment it by removing the '#' at the beginning and update the path to the directory you want to scan:

OnAccessIncludePath /path/to/scan

Enable the on-access scanning by adding the following lines at the end of the file:

OnAccessPrevention yes
ScanOnAccess yes

Save the changes and exit the text editor by pressing `Ctrl + X`, then `Y`, and finally `Enter`.

4. Configure the ClamAV user

By default, ClamAV runs as the "clamav" user, which may not have sufficient permissions to scan all files. To change the user to "root", run the following command:

sudo nano /etc/systemd/system/

Find the line:


Replace "clamav" with "root":


Save the changes and exit the text editor.

5. Reload the systemd configuration

To apply the changes made to the ClamAV user, reload the systemd configuration:

sudo systemctl daemon-reload

6. Start the ClamAV service

Start the ClamAV service with the following command:

sudo systemctl start clamav-daemon

7. Enable ClamAV to start on boot

To ensure that ClamAV starts automatically when your server boots, run the following command:

sudo systemctl enable clamav-daemon

8. Update the ClamAV virus database

Finally, update the ClamAV virus database by running:

sudo freshclam

You've now successfully installed ClamAV on your Ubuntu 22.04 server and configured it as an on-access scanner. To test the on-access scanning, you can download the EICAR test file (a harmless file used to test antivirus programs) and access it to see if ClamAV detects it:


If ClamAV is working correctly, you should see a message indicating that the file was blocked due to a virus.

Leave a Reply

Your email address will not be published. Required fields are marked *