Skyld AV provides on access virus scanning for Linux.
The fanotify API is used to control file access. This requires a kernel compiled with
CONFIG\_FANOTIFY=y CONFIG\_FANOTIFY\_ACCESS\_PERMISSIONS=y
On Debian and Fedora you can check the configuration with
grep CONFIG\_FANOTIFY /boot/config-$(uname -r)
Kernel version 3.8.0 or newer is recommended. You can check the version you are using with
uname -a
ClamAV is used for scanning.
Install build dependencies. For Debian use the following command
sudo apt-get install git autoconf-archive autotools-dev pkg-config \ libc6-dev libcanberra-dev libcap-dev libclamav-dev libgtk2.0-dev \ libmount-dev libnotify-dev
For Fedora use the following command
sudo yum install git libtool gcc-c++ gtk2-devel libnotify-devel \ clamav-devel libcanberra-devel autoconf-archive libmount-devel libcap-devel
Clone the git repository.
git clone https://github.com/xypron/skyldav.git skyldav
Move to the source directory.
cd skyldav/
Update from git repository.
git pull
Create the configure script.
autogen.sh
Configure the package.
./configure
Build the package.
make
Test the package.
make check
Install the package.
sudo make install
In directory examples files are supplied which can be used to start Skyld AV as daemon on a Debian system. Copy these to /etc/init.d and /etc/default.