How to Install ClamAV on CentOS 7: A Step-by-Step Guide

How to Install ClamAV on CentOS 7

We’ll divide this tutorial into three steps – installing ClamAV on CentOS 7, configuring SELinux, and configuring ClamAV. So, let’s get started!

1. Installing ClamAV on CentOS 7

  1. By default, ClamAV doesn’t come prepackaged in the CentOS software repository. We have to add the additional repository by running yum commands one after the other:

sudo yum -y install epel-release

sudo yum clean all

  1. Now, it’s time to install ClamAV on CentOS 7. Simply run the following command:

sudo yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

You have installed ClamAV, but we still need to make several additional configurations to make it work properly.

2. Configuring SELinux

SELinux is a security measure aimed at protecting changes to some files. Additional configuration is required if you want to use ClamAV with enabled SELinux kernel module. Otherwise, ClamAV will not be able to read certain sections of your files.

  1. To configure SELinux, execute the following commands one by one:

sudo setsebool -P antivirus_can_scan_system 1

sudo setsebool -P clamd_use_jit 1

  1. Next, you have to verify the changes:

sudo getsebool -a | grep antivirus

You should get this result:

antivirus_can_scan_system –> on

antivirus_use_jit –> off

Once ClamAV is ready to run alongside SELinux, it is time to configure the antivirus.

3. Configuring ClamAV

  1. Before you can enable ClamAV configuration, you need to remove Example string from the configuration file:

sudo sed -i -e “s/^Example/#Example/” /etc/clamd.d/scan.conf

  1. Next, you will have to specify the server type. Open the configuration file using your favorite text editor. In this example, we will use nano. If it’s not already installed, you can do it using yum:

sudo yum install nano -y

Next, open the configuration file:

sudo nano /etc/clamd.d/scan.conf

Find the following line:

#LocalSocket /var/run/clamd.scan/clamd.sock

Remove the # symbol and save your changes.

  1. Now, remove Example string from ClamAV’s freshclam update engine configuration file:

sudo sed -i -e “s/^Example/#Example/” /etc/freshclam.conf

  1. Once that’s done, you can run virus definition database update:

sudo freshclam

You should get a similar output:

ClamAV update process started at Tue Dec  19 09:30:20 2016

main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)

Trying host (…

Downloading daily.cvd [100%]

daily.cvd updated (version: 22739, sigs: 1100989, f-level: 63, builder: neo)

Downloading bytecode-279.cdiff [100%]

Downloading bytecode-280.cdiff [100%]

Downloading bytecode-281.cdiff [100%]

Downloading bytecode-282.cdiff [100%]

Downloading bytecode-283.cdiff [100%]

bytecode.cld updated (version: 285, sigs: 57, f-level: 63, builder: bbaker)

Database updated (5319836 signatures) from (IP:

  1. Lastly, start Clamd service and run it on boot:

sudo systemctl start [email protected]

sudo systemctl enable [email protected]


Viruses can harm computers and even web servers at any given time, regardless of what operating system you’re using. Therefore, if you own a Linux VPS or a server, you must install an antivirus to protect it from malicious attacks.

You’ve learned how to install ClamAV on CentOS 7 using the command line. Let’s review the steps once more:

  1. Download the EPEL repository and install ClamAV on CentOS 7.
  2. Configure SELinux to make sure ClamAV can thoroughly read all of your files.
  3. Configure ClamAV and start the service.