Skip to main content
ExLibris

Knowledge Assistant

BETA
  • Subscribe by RSS
  • Back
    Rosetta

     

    Ex Libris Knowledge Center
    1. Search site
      Go back to previous article
      1. Sign in
        • Sign in
        • Forgot password
    1. Home
    2. Rosetta
    3. Knowledge Articles
    4. How to install ClamAV virus detection plugin for the Rosetta validation stack

    How to install ClamAV virus detection plugin for the Rosetta validation stack

    1. Last updated
    2. Save as PDF
    3. Share
      1. Share
      2. Tweet
      3. Share
    1. Additional Information
    • Product: Rosetta

    Note that it must be installed on all APP servers.

    Procedure:


    Part I: SSH/UNIX

    1. Open a UNIX session as the 'root' user (or sudo).

     

    2. Install the package: yum install clamav clamd

     

    RH7: Install EPEL 7: yum install epel-release (sudo yum install may also work)

     

    RH7: Install ClamAV packages: yum install clamav clamav-scanner-systemd

     

    RH7: Create symbolic link to the default file path; link it to the clamd@scan file: ln -s /etc/clamd.d/scan.conf /etc/clamd.conf

     

    RH7: Edit the clamd-scanner package configuration: vi /etc/clamd.d/scan.conf

     

    Comment the example line: #Example

     

    Uncomment the LocalSocket config line to enable it: LocalSocket /var/run/clamd.scan/clamd.sock

     

    Save and quit the text editor.

     


    3. Start the ClamAV application: /etc/init.d/clamd start

     

    RH7: Turn on the SELinux boolean for antivirus: setsebool -P antivirus_can_scan_system 1

     

    RH7: Start the service and enable it at boot:

     

    systemctl start clamd@scan
    systemctl enable clamd@scan

    If the above doesn't work, first run: sudo freshclam

    After that, running "systemctl start clamd@scan" and "systemctl enable clamd@scan" should work.
     


    4. Confirm that the application is started: chkconfig clamd on (systemctl status clamd@scan may also work)

    Running systemctl status clamd@scan returns:

    sudo systemctl status clamd@scan
    ● clamd@scan.service - Generic clamav scanner daemon
       Loaded: loaded (/usr/lib/systemd/system/clamd@scan.service; enabled; vendor preset: di
       Active: active (running) since Thu 2018-09-27 11:15:19 EDT; 7min ago
     Main PID: 25611 (clamd)
       CGroup: /system.slice/system-clamd.slice/clamd@scan.service
               └─25611 /usr/sbin/clamd -c /etc/clamd.d/scan.conf

    Sep 27 11:15:19 rosetta1 clamd[25611]: ELF support enabled.
    Sep 27 11:15:19 rosetta1 clamd[25611]: Mail files support enabled.
    Sep 27 11:15:19 rosetta1 clamd[25611]: OLE2 support enabled.
    Sep 27 11:15:19 rosetta1 clamd[25611]: PDF support enabled.
    Sep 27 11:15:19 rosetta1 clamd[25611]: SWF support enabled.
    Sep 27 11:15:19 rosetta1 clamd[25611]: HTML support enabled.
    Sep 27 11:15:19 rosetta1 clamd[25611]: XMLDOCS support enabled.
    Sep 27 11:15:19 rosetta1 clamd[25611]: HWP3 support enabled.
    Sep 27 11:15:19 rosetta1 clamd[25611]: Self checking every 600 seconds.
    Sep 27 11:15:19 rosetta1 systemd[1]: Started Generic clamav scanner daemon.



    5. Download latest software updates for ClamAV: /usr/bin/freshclam (if you didn't already run it in step #3 above.)

     

    RH7: Install and configure the ClamAV update: yum install clamav-update

     

    RH7: Edit the configuration file: vi /etc/freshclam.conf

     

    Comment the example line: #Example

     

    RH7: Edit freshclam configuration file: vi /etc/sysconfig/freshclam

     

    Comment this line to enable crontab: #FRESHCLAM_DELAY=disabled-warn

     

    Save and quit the text editor.

     

    RH7: Run “freshclam” command to update the virus database


    6. Restart ClamAV: /etc/init.d/clamd restart (systemctl restart clamd@scan may also work)

    7. Enter "view /etc/hosts" to find local host:

    # Do not remove the following line, or various programs
    # that require network functionality will fail.
    10.100.2.19 us-rosetta01.corp.exlibrisgroup.com us-rosetta01
    127.0.0.1 localhost.localdomain localhost
    ::1 localhost6.localdomain6 localhost6

    NOTE: Take the 127.0.0.1 address

    8. Enter "netstat -tulpn" to discover on which port the ClamAV is running (based on the host name):

    us-rosetta01-d4(1) >>netstat -tulpn [NOTE that RH6 and 7 results may vary]

    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 127.0.0.1:32000 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:3873 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:4801 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:6852 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 0.0.0.0:5989 0.0.0.0:* LISTEN -
    tcp 0 0 10.100.2.19:4712 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 0.0.0.0:1801 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:5801 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:4713 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:4457 0.0.0.0:* LISTEN 12962/java
    ********tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN -
    tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
    tcp 0 0 10.100.2.19:2801 0.0.0.0:* LISTEN 12962/java

    NOTE: The port for 127.0.0.1 is 3310 as above.
    NOTE: Be sure that this port (3310) is open.

     

    9. Close (logout) of the UNIX session as the 'root' user (or sudo).

     

    10. Open a UNIX session as the 'dps' user.

     

    11. To deploy and Install the ClamAVVirusCheckPlugin.jar file:

     

    Download the Rosetta.ClamAVVirusCheckPlugin-master.zip package from here and unzip it:

      https://github.com/ExLibrisGroup/Rosetta.ClamAVVirusCheckPlugin/tree/master/target

    Alternatively, the file can also be retrieved from the target directory of the Rosetta.ClamAVVirusCheckPlugin-master folder.

    Extract the "ClamAVVirusCheckPlugin.jar" file that resides in Rosetta.ClamAVVirusCheckPlugin-master\target\ to the following directory:

      $op_dir/plugins/custom/ [e.g. /operational_shared/plugins/custom]

    Directories should look like this after installation:

    /operational_shared/plugins/custom/
    drwxrwxr-x 6 dps exlibris  260 Jan  3  2016 Rosetta.ClamAVVirusCheckPlugin-master
    -rw-rw-r-- 1 dps exlibris 1816 Jan  3  2016 ClamAVVirusCheckPlugin.jar
    drwxrwxr-x 3 dps exlibris  114 Sep 13 15:20 deploy
    drwxrwxr-x 3 dps exlibris   47 Sep 13 16:19 bin

    /operational_shared/plugins/custom/deploy/
    drwxrwxr-x 6 dps exlibris     260 Jan  3  2016 Rosetta.ClamAVVirusCheckPlugin-master
    -rw-rw-r-- 1 dps exlibris 5321957 Sep 13 15:20 Rosetta.ClamAVVirusCheckPlugin-master.zip

    Then run:
    chown dps:exlibris /operational_shared/plugins/custom
    chown dps:exlibris /operational_shared/plugins/custom/ClamAVVirusCheckPlugin.jar
    chmod 664 /operational_shared/plugins/custom/ClamAVVirusCheckPlugin.jar


    The 'dps' user should have read/write permissions on this file.
    Rosetta will display the plug-in in the list of custom plug-ins available for installation.
    If you are installing a new plugin, there is no need to restart Rosetta.
    If you are upgrading an existing plugin a restart is necessary, and you must be sure to increment the plugin version.
    Refer to the 'General Attributes' section of: https://developers.exlibrisgroup.com/rosetta/sdk/plugins

     


    Part II: Rosetta Application

    10. Go to Advanced Configuration > Plug-In Management > Custom Tab > Plug-In Information and add the following:

     

    Click "Add plug-in Instance" and you should see "ClamAVVirusCheckPlugin"

     

    Click "Install"


    Plug-In Name: SLUBVirusCheckClamAVPlugin
    Description: SLUB Virus Check Plugin using installed ClamAV daemon via tcp-sockets
    host: take from /etc/hosts reslt (e.g. 127.0.0.1)
    port: take from netstat -tulpn result (e.g. 3310)
    timeout: 1000 (milliseconds)


    Click "Save" to save your changes

     

    Click the checkmark in the "Active" column to enable.

    12. Go to Advanced Configuration > Repository > Task Chain List: Filter Validation Stack > Add Task Chain:

    Name/Description: Validation Stack with ClamAV
    Add Task: Virus Check
    Name/Description: Virus Check
    Level: File
    Status: Active
    Task Chain Level: IE
    Groups: Validation Stack, Maintenance, etc.
    Task Parameters: SLUBVrusCheckClamAVPlugin

    Note that upon successful implementation of the plugin, Rosetta will copy the jar file to $op_dir/plugins/custom/deploy [e.g. /operational_shared/plugins/custom/deploy]

    13. Run ingest that uses this task to test.

    Additional Information

    As per step #7 above, be sure that this port (3310) is open.

    NOTE: there is a file size limitation with the clamd configuration.
    If SIPs fail the virus check after completing configurations to use this plugin, do the following:

    1. Connect to Rosetta via ssh and vi /etc/clamd.conf
    2. Uncomment and update the following line in the file and restart clamd:
    #StreamMaxLength 10M (change to 500M)

    Installing ClamAV from EPEL to CentOS/Red Hat 7 full instructions

     

    ClamAV Sources:

    SLUB version of ClamAV

    Simple script ClamAV

     

    Category: Plugin Framework


    • Article last edited: 27-Sep-2018
    View article in the Exlibris Knowledge Center
    1. Back to top
      • How to install a SAML tracer in Firefox?
      • How to kill an Oracle database session
    • Was this article helpful?

    Recommended articles

    1. Article type
      Topic
      Content Type
      Knowledge Article
      Language
      English
      Product
      Rosetta
    2. Tags
      This page has no tags.
    1. © Copyright 2025 Ex Libris Knowledge Center
    2. Powered by CXone Expert ®
    • Term of Use
    • Privacy Policy
    • Contact Us
    2025 Ex Libris. All rights reserved