Skip to main content
ExLibris
  • Subscribe by RSS
  • Ex Libris Knowledge Center

    How to install ClamAV virus detection plugin for the Rosetta validation stack

    • Article Type: General
    • Product: Rosetta
    • Product Version: 5
    • Relevant for Installation Type: Local

    Desired Outcome Goal:


    To install the ClamAV virus detection application plugin to be called as part of the Rosetta validation stack (task chain).

     

    Note that it must be installed on all APP servers.

     

    Note that instructions are for RedHat 6; additional notations are included for RedHat 7.

    Procedure:


    Part I: SSH/UNIX

    1. Open a UNIX session as the 'root' user (or sudo).

     

    2. Install the package: yum install clamav clamd

     

    RH7: Install EPEL 7: yum install epel-release

     

    RH7: Install ClamAV packages: yum install clamav clamav-scanner-systemd

     

    RH7: Create symbolic link to the default file path; link it to the clamd@scan file: ln -s /etc/clamd.d/scan.conf /etc/clamd.conf

     

    RH7: Edit the clamd-scanner package configuration: vi /etc/clamd.d/scan.conf

     

    Comment the example line: #Example

     

    Uncomment the LocalSocket config line to enable it: LocalSocket /var/run/clamd.scan/clamd.sock

     

    Save and quit the text editor

     


    3. Start the ClamAV application: /etc/init.d/clamd start

     

    RH7: Turn on the SELinux boolean for antivirus: setsebool -P antivirus_can_scan_system 1

     

    RH7: Start the service and enable it at boot:

     

    systemctl start clamd@scan
    systemctl enable clamd@scan


    4. Confirm that the application is started: chkconfig clamd on

    5. Download latest software updates for ClamAV: /usr/bin/freshclam

     

    RH7: Install and configure the ClamAV updater: yum install clamav-update

     

    RH7: Edit the configuration file: vi /etc/freshclam.conf

     

    Comment the example line: #Example

     

    RH7: Edit freshclam configuration file: vi /etc/sysconfig/freshclam

     

    Comment this line to enable crontab: #FRESHCLAM_DELAY=disabled-warn

     

    Save and quit the text editor

     

    RH7: Run “freshclam” command to update the virus database


    6. Restart ClamAV: /etc/init.d/clamd restart

    7. Enter "view /etc/hosts" to find local host:

    # Do not remove the following line, or various programs
    # that require network functionality will fail.
    10.100.2.19 us-rosetta01.corp.exlibrisgroup.com us-rosetta01
    127.0.0.1 localhost.localdomain localhost
    ::1 localhost6.localdomain6 localhost6

    NOTE: Take the 127.0.0.1 address

    8. Enter "netstat -tulpn" to discover on which port the ClamAV is running (based on the host name):

    us-rosetta01-d4(1) >>netstat -tulpn

    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 127.0.0.1:32000 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:3873 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:4801 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:6852 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 0.0.0.0:5989 0.0.0.0:* LISTEN -
    tcp 0 0 10.100.2.19:4712 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 0.0.0.0:1801 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:5801 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:4713 0.0.0.0:* LISTEN 12962/java
    tcp 0 0 10.100.2.19:4457 0.0.0.0:* LISTEN 12962/java
    ********tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN -
    tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
    tcp 0 0 10.100.2.19:2801 0.0.0.0:* LISTEN 12962/java

    NOTE: The port for 127.0.0.1 is 3310 as above.
    NOTE: Be sure that this port (3310) is open.

     

    9. To deploy and Install the ClamAVVirusCheckPlugin.jar file:

     

    Download the Rosetta.ClamAVVirusCheckPlugin-master.zip package from here and unzip it:

      https://github.com/ExLibrisGroup/Rosetta.ClamAVVirusCheckPlugin/tree/master/target

    Alternatively, the file can also be retrieved from the target directory of the Rosetta.ClamAVVirusCheckPlugin-master folder.

    Extract the "ClamAVVirusCheckPlugin.jar" file that resides in Rosetta.ClamAVVirusCheckPlugin-master\target\ to the following directories:

      $op_dir/plugins/custom/ [e.g. /operational_shared/plugins/custom]

      $op_dir/plugins/custom/deploy [e.g. /operational_shared/plugins/custom/deploy]

    Directories should look like this after installation:

    /operational_shared/plugins/custom/
    drwxrwxr-x 6 dps exlibris  260 Jan  3  2016 Rosetta.ClamAVVirusCheckPlugin-master
    -rw-rw-r-- 1 dps exlibris 1816 Jan  3  2016 ClamAVVirusCheckPlugin.jar
    drwxrwxr-x 3 dps exlibris  114 Sep 13 15:20 deploy
    drwxrwxr-x 3 dps exlibris   47 Sep 13 16:19 bin

    /operational_shared/plugins/custom/deploy
    drwxrwxr-x 6 dps exlibris     260 Jan  3  2016 Rosetta.ClamAVVirusCheckPlugin-master
    -rw-rw-r-- 1 dps exlibris 5321957 Sep 13 15:20 Rosetta.ClamAVVirusCheckPlugin-master.zip


    The 'dps' user should have read/write permissions on this file.
    Rosetta will display the plug-in in the list of custom plug-ins available for installation.
    If you are installing a new plugin, there is no need to restart Rosetta.
    If you are upgrading an existing plugin a restart is necessary, and you must be sure to increment the plugin version.
    Refer to the 'General Attributes' section of: https://developers.exlibrisgroup.com/rosetta/sdk/plugins

     


    Part II: Rosetta Application

    10. Go to Advanced Configuration > Plug-In Management > Custom Tab > Plug-In Information and add the following:

     

    Click "Add plug-in Instance" and you should see "ClamAVVirusCheckPlugin"

     

    Click "Install"


    Plug-In Name: SLUBVirusCheckClamAVPlugin
    Description: SLUB Virus Check Plugin using installed ClamAV daemon via tcp-sockets
    host: take from /etc/hosts reslt (e.g. 127.0.0.1)
    port: take from netstat -tulpn result (e.g. 3310)
    timeout: 1000 (milliseconds)


    Click "Save" to save your changes

     

    Click the checkmark in the "Active" column to enable.

    11. Go to Advanced Configuration > Repository > Task Chain List: Filter Validation Stack > Add Task Chain:

    Name/Description: Validation Stack with ClamAV
    Add Task: Virus Check
    Name/Description: Virus Check
    Level: File
    Status: Active
    Task Chain Level: IE
    Groups: Validation Stack, Maintenance, etc.
    Task Parameters: SLUBVrusCheckClamAVPlugin

    11. Run ingest that uses this task to test.

    Additional Information

    As per step #7 above, be sure that this port (3310) is open.

    NOTE: there is a file size limitation with the clamd configuration.
    If SIPs fail the virus check after completing configurations to use this plugin, do the following:

    1. Connect to Rosetta via ssh and vi /etc/clamd.conf
    2. Uncomment and update the following line in the file and restart clamd:
    #StreamMaxLength 10M (change to 500M)

     

    Installing ClamAV from EPEL to CentOS/Red Hat 7 full instructions:

      https://www.adminsys.ch/2015/08/21/installing-clamav-epel-centosred-hat-7-nightmare/

     

    Category: Plugin Framework


    • Article last edited: 4/19/2017