All HowTo's Ansible Ansible & Terraform Automation Cyber-Security Linux Redhat, Fedora and CentOS Linux

Install ClamAV on CentOS 7 with Ansible

This HowTo shows how to install ClamAV and schedule scans using Ansible. There are Ansible modules for this but it’s so simple that you might as well just do it yourself.

Create your playbook. Put the following into a file called “ansible-play-install-clamav.yml”.

---
- hosts: all

  sudo: yes

  tasks:

  - name: Install ClamAV basics
    yum: name=clamav state=latest

  - name: Install ClamAV scanner
    yum: name=clamav-scanner state=latest

  - name: Install ClamAV updater
    yum: name=clamav-update state=latest

  - copy:
      src: files/ansible.cron
      dest: /etc/cron.d/ansible.cron
      owner: root
      group: root
      mode: 0644

  - copy:
      src: files/ansible.freshclam
      dest: /etc/freshclam.conf
      owner: root
      group: root
      mode: 0644

Create your “hosts” file and populate it with the list (one host per line) of hosts you want to install ClamAV on. I recommend testing on a single machine first.

Create two files in your “files” directory. Make sure to customise the cron file to email to the appropriate email address.

File: ansible.cron

0 3 * * * root /usr/bin/freshclam ; /usr/bin/clamscan / --recursive=yes -i | mail -s clamav_log_`hostname` [email protected] -

File: ansible.freshclam

LogSyslog yes
DatabaseMirror database.clamav.net

Finally run Ansible.

ansible-playbook ansible-play-install-clamav.yml -i hosts 

2 comments

  1. What if i’m getting an error that says “no package matching ‘clamav’ found available, installed or updated” ?

Leave a Reply to Owl Cancel reply

Your email address will not be published. Required fields are marked *