Skip to main content
  • Subscribe by RSS
  • Ex Libris Knowledge Center

    How to install ClamAV virus detection plugin for the Rosetta validation stack

    • Product: Rosetta
    • Relevant for Installation Type: Local

    Desired Outcome Goal:

    To install the ClamAV virus detection application plugin to be called as part of the Rosetta validation stack (task chain).


    Note that it must be installed on all APP servers.


    Note that instructions are for RedHat 6; additional notations are included for RedHat 7.


    Part I: SSH/UNIX

    1. Open a UNIX session as the 'root' user (or sudo).


    2. Install the package: yum install clamav clamd


    RH7: Install EPEL 7: yum install epel-release


    RH7: Install ClamAV packages: yum install clamav clamav-scanner-systemd


    RH7: Create symbolic link to the default file path; link it to the clamd@scan file: ln -s /etc/clamd.d/scan.conf /etc/clamd.conf


    RH7: Edit the clamd-scanner package configuration: vi /etc/clamd.d/scan.conf


    Comment the example line: #Example


    Uncomment the LocalSocket config line to enable it: LocalSocket /var/run/clamd.scan/clamd.sock


    Save and quit the text editor


    3. Start the ClamAV application: /etc/init.d/clamd start


    RH7: Turn on the SELinux boolean for antivirus: setsebool -P antivirus_can_scan_system 1


    RH7: Start the service and enable it at boot:


    systemctl start clamd@scan
    systemctl enable clamd@scan

    4. Confirm that the application is started: chkconfig clamd on

    5. Download latest software updates for ClamAV: /usr/bin/freshclam


    RH7: Install and configure the ClamAV updater: yum install clamav-update


    RH7: Edit the configuration file: vi /etc/freshclam.conf


    Comment the example line: #Example


    RH7: Edit freshclam configuration file: vi /etc/sysconfig/freshclam


    Comment this line to enable crontab: #FRESHCLAM_DELAY=disabled-warn


    Save and quit the text editor


    RH7: Run “freshclam” command to update the virus database

    6. Restart ClamAV: /etc/init.d/clamd restart

    7. Enter "view /etc/hosts" to find local host:

    # Do not remove the following line, or various programs
    # that require network functionality will fail. us-rosetta01 localhost.localdomain localhost
    ::1 localhost6.localdomain6 localhost6

    NOTE: Take the address

    8. Enter "netstat -tulpn" to discover on which port the ClamAV is running (based on the host name):

    us-rosetta01-d4(1) >>netstat -tulpn

    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0* LISTEN 12962/java
    tcp 0 0* LISTEN 12962/java
    tcp 0 0* LISTEN 12962/java
    tcp 0 0* LISTEN 12962/java
    tcp 0 0* LISTEN -
    tcp 0 0* LISTEN 12962/java
    tcp 0 0* LISTEN 12962/java
    tcp 0 0* LISTEN 12962/java
    tcp 0 0* LISTEN 12962/java
    tcp 0 0* LISTEN 12962/java
    ********tcp 0 0* LISTEN -
    tcp 0 0* LISTEN -
    tcp 0 0* LISTEN 12962/java

    NOTE: The port for is 3310 as above.
    NOTE: Be sure that this port (3310) is open.


    9. Close (logout) of the UNIX session as the 'root' user (or sudo).


    10. Open a UNIX session as the 'dps' user.


    11. To deploy and Install the ClamAVVirusCheckPlugin.jar file:


    Download the package from here and unzip it:

    Alternatively, the file can also be retrieved from the target directory of the Rosetta.ClamAVVirusCheckPlugin-master folder.

    Extract the "ClamAVVirusCheckPlugin.jar" file that resides in Rosetta.ClamAVVirusCheckPlugin-master\target\ to the following directorie:

      $op_dir/plugins/custom/ [e.g. /operational_shared/plugins/custom]

    Directories should look like this after installation:

    drwxrwxr-x 6 dps exlibris  260 Jan  3  2016 Rosetta.ClamAVVirusCheckPlugin-master
    -rw-rw-r-- 1 dps exlibris 1816 Jan  3  2016 ClamAVVirusCheckPlugin.jar
    drwxrwxr-x 3 dps exlibris  114 Sep 13 15:20 deploy
    drwxrwxr-x 3 dps exlibris   47 Sep 13 16:19 bin

    drwxrwxr-x 6 dps exlibris     260 Jan  3  2016 Rosetta.ClamAVVirusCheckPlugin-master
    -rw-rw-r-- 1 dps exlibris 5321957 Sep 13 15:20

    The 'dps' user should have read/write permissions on this file.
    Rosetta will display the plug-in in the list of custom plug-ins available for installation.
    If you are installing a new plugin, there is no need to restart Rosetta.
    If you are upgrading an existing plugin a restart is necessary, and you must be sure to increment the plugin version.
    Refer to the 'General Attributes' section of:


    Part II: Rosetta Application

    10. Go to Advanced Configuration > Plug-In Management > Custom Tab > Plug-In Information and add the following:


    Click "Add plug-in Instance" and you should see "ClamAVVirusCheckPlugin"


    Click "Install"

    Plug-In Name: SLUBVirusCheckClamAVPlugin
    Description: SLUB Virus Check Plugin using installed ClamAV daemon via tcp-sockets
    host: take from /etc/hosts reslt (e.g.
    port: take from netstat -tulpn result (e.g. 3310)
    timeout: 1000 (milliseconds)

    Click "Save" to save your changes


    Click the checkmark in the "Active" column to enable.

    12. Go to Advanced Configuration > Repository > Task Chain List: Filter Validation Stack > Add Task Chain:

    Name/Description: Validation Stack with ClamAV
    Add Task: Virus Check
    Name/Description: Virus Check
    Level: File
    Status: Active
    Task Chain Level: IE
    Groups: Validation Stack, Maintenance, etc.
    Task Parameters: SLUBVrusCheckClamAVPlugin

    Note that upon successful implementation of the plugin, Rosetta will copy the jar file to $op_dir/plugins/custom/deploy [e.g. /operational_shared/plugins/custom/deploy]

    13. Run ingest that uses this task to test.

    Additional Information

    As per step #7 above, be sure that this port (3310) is open.

    NOTE: there is a file size limitation with the clamd configuration.
    If SIPs fail the virus check after completing configurations to use this plugin, do the following:

    1. Connect to Rosetta via ssh and vi /etc/clamd.conf
    2. Uncomment and update the following line in the file and restart clamd:
    #StreamMaxLength 10M (change to 500M)

    Installing ClamAV from EPEL to CentOS/Red Hat 7 full instructions


    ClamAV Sources:

    SLUB version of ClamAV

    Simple script ClamAV


    Category: Plugin Framework

    • Article last edited: 09/06/2018