How to Install ClamAV on CentOS 7

How to Install ClamAV on CentOS 7

ClamAV is free and open-source antivirus software, which can be used on multiple platforms. In this tutorial, we will overview ClamAV installation on CentOS 7.

What you’ll need

Before you begin this guide you’ll need the following:

  • SSH root access to the VPS

Step 1 — Installing ClamAV on CentOS 7

As Clam does not come with default CentOS software repos, we will have to add the additional repository by running yum:

yum -y install epel-release
yum clean all

Now, it’s time to install Clam on CentOS. Once again, just run the following command:

yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

All is done, you have just installed antivirus software on your server.

Step 2 — Configuring SELinux

SELinux is a security measure aimed at protecting changes to some files. Additional configuration is required if you want to use ClamAV with enabled SELinux kernel module, otherwise Clam will not be able to read some portion of your files. Just execute following commands:

setsebool -P antivirus_can_scan_system 1
setsebool -P clamd_use_jit 1

To verify the changes, run:

getsebool -a | grep antivirus

You should get this result:

antivirus_can_scan_system --> on
antivirus_use_jit --> off

That’s it, ClamAV is ready to use along with SELinux.

Step 3 — Configuring ClamAV

Before Clam configuration can be enabled, you need to remove Example string from the configuration file:

sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

Next, you will have to specify the server type. Open configuration file with your favorite text editor, in this example we will use nano. If it’s not already installed, install it using yum:

yum install nano -y

Open the configuration file:

nano /etc/clamd.d/scan.conf

Scroll to this line:

#LocalSocket /var/run/clamd.scan/clamd.sock

And change it to:

LocalSocket /var/run/clamd.scan/clamd.sock

Save the changes by hitting CTRL + X shortcut (or COMMAND+X if you are on MAC).

Almost done, now remove Example string from ClamAV’s freshclam update engine configuration file:

sed -i -e "s/^Example/#Example/" /etc/freshclam.conf

Run virus definition database update:


You should get similar output:

ClamAV update process started at Tue Dec  19 09:30:20 2016
    main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
    Trying host database.clamav.net (
    Downloading daily.cvd [100%]
    daily.cvd updated (version: 22739, sigs: 1100989, f-level: 63, builder: neo)
    Downloading bytecode-279.cdiff [100%]
    Downloading bytecode-280.cdiff [100%]
    Downloading bytecode-281.cdiff [100%]
    Downloading bytecode-282.cdiff [100%]
    Downloading bytecode-283.cdiff [100%]
    bytecode.cld updated (version: 285, sigs: 57, f-level: 63, builder: bbaker)
    Database updated (5319836 signatures) from database.clamav.net (IP:

Lastly, start Clamd service and run in on boot:

systemctl start clamd@scan
systemctl enable clamd@scan


You have just taken one of the steps to secure your server by installing ClamAV on CentOS 7. You can now scan your server against malware and viruses.

About the author

Edgaras G.

Edgaras is a veteran server administrator at Hostinger. He makes sure that every server runs at full throttle and has all the latest technological advancements. When he's not working, Edgaras enjoys skiing and exploring the world.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Get Exclusive Content

Join thousands of webmasters who get our free newsletter with tips on how to drive more traffic and revenue to their websites!

Please wait...

Thank you for sign up!

More in VPS
How to Install Linux, Apache, MySQL, PHP (LAMP) stack on CentOS 7