#!/bin/sh # Script freely provided by Bill Landry (bill@inetmsg.com); however, use # at your own peril! (:-O). Comments, suggestions, and recommendations # for improving this script are always welcome. Feel free to report any # issues, as well. # # Version 1.9 (updated 2/3/09) - Thanks to Jeff Dairiki & Steve Basford for # their suggestions of using "--include-from=FILE" and "--exclude=PATTERN" # with rsync to control database file downloads via a single connection. # - Rewrote SaneSecurity and MSRBL rsync sections. Now all user specified # databases will be downloaded over a single connection. # - Script output will now show which SaneSecurity and MSRBL mirror the # connection was made to. # - Script output will also show the success or failure of GPG signature # testing and clamscan database integrity testing for each updated file. # - Database files now have permissions set (chmod & chown) before they # are moved into the clamav working directory. A final check is slao # still done at the end of the script, as well. # - Some variable names have changed or been removed, as well as some # directory paths added, removed, or changed to better accomodate single # rsync connection downloads, so carefully review the user configuration # section before using the script. # # Version 1.8a (updated 2/1/09) # - Added sanesecurity.ftm & sanesecurity.ftm.sig to the SaneSecurity # rsync database downloads (this helps clamav determine the signature # type to use when scanning email files). # - Added output for GPG signature test results (reports good or bad # GPG signature test results). # - If using clamd daemon monitoring and crash restart, added a check # to see if clamd's lock file still exists after the crash and deletes # it if it does (the orphaned clamd lock file can sometimes prevent # clamd from restarting after a crash has occurred). # # Version 1.8 (updated 1/21/09) # - Changed SaneSecurity downloads from using curl to rsync. # - Automatically download and import SaneSecurity GPG key to keyring. # - Automatically download, and check for updated SaneSecurity GPG # Signature files. # - Test SaneSecurity database downloads against GPG Signature files # before integrity testing databases with clamscan. If either test # fails, that database file will not be updated. # - Added and modified working directory paths to better accommodate # gpg Signature testing. # # Version 1.7d (updated 10/5/08 - Thanks to Burt Heymanson for his # contribution to this update - silence curl output) # - Added 2 new SaneSecurity databases: junk.ndb & rogue.hdb. # - Added a configuration option to silence curl output to only report # errors to stderr rather than all download stats. # # Version 1.7c (updated 9/25/07 - Thanks to Dennis Peterson and Jan-Perter # Cornet for the perl solution for calculating seconds since epoch) # - Added timeout values to curl and rsync downloads in order to prevent # the script from hanging on a non-responsive host site. # - Apparently Solaris does not support "date +%s", which calculates # the number of seconds since epoch. This date function is used to # calculate when to do MBL downloads. A perl solution has been added # as a fall-back option. If "date +%s" is not supported and perl is # not found on the system, the script will report a warning message # and skip MBL updates, but the script will continue processing other # third-party database updates. # # Version 1.7b (updated 9/23/07) # - Changed all script "`expr ...`" interger expressions to the shell # supported "$((...))" format, which is what was being used in all # other newer sections of the script. So this change should not # pose any problems, but if it does, please let me know. # - Changed all clamscan database file tests from using /dev/null, # which was causing an access permissions issues to the temporary # directory for some users, to a direct path to a temp test file. # # Version 1.7a (updated 9/10/07) # - Added secondary perl socket test to detect if clamd is running. # This test uses the 'IO::Socket::UNIX' perl module. If socat is # not found on the system, then the script will attempt to use the # perl module instead (the user will be warned if neither socat nor # IO::Socket::UNIX are found, but the script will still run updates). # - Added two new SecuriteInfo database file URLs. # - Updated comments to reflect the additional perl socket test. # # Version 1.7 (updated 9/7/07) # - Added a check to see if ClamD is running or not. This can be used # if clamd is running in "LocalSocket" mode (*NOT* TCP/IP mode), and # socat is installed on the system (a check for socat is done). This # test can be enabled in the "User Edit" section below. # - Added a user configurable variable to attempt to restart clamd if # it's detected to not be running. # - Added notification when database file updates are *NOT* detected and # databases are *NOT* reloaded, rather than just when they are detected. # - Added more portable secondary randomization code, removing the # requirement to have the bash shell installed. # - Added general improvements to the time randomization code so that # the time interval does not always end with a zero. # - Added user configurable min and max variables for setting time # randomization intervals (defaults to min=60 and max=600 seconds). # - Added terminal detection to determine whether the script is being # run manually or via cron. If run manually, the script will now # prompt the user to see if they want to delay the script execution # (random) or not. If "yes" is selected, then the script will pause # and display a visual countdown in seconds until script execution. # - Added a variable that the user must set before the script will run. # This will effectively require that script users at least minimally # review the "User Edit Section" before running the script. # - Rearranged some sections, timestame placement, and updated comments. # # Version 1.6 (updated 8/27/07) # - Added support for SecuriteInfo and Malware Black List # database file downloads. # - Changed the script name from ss-msrbl.sh to unofficial-sigs.sh # since there are now 4 different database providers supported. # - Since the MBL database is dynamically created and therefor # cannot be checked for change before downloading, a variable was # added so that a specific download time interval can be set (see # the "USER EDIT SECTION" below). # - Added database file download time randomization (to disable # randomization, see the "USER EDIT SECTION" below for details). # # Version 1.5 (updated 8/17/07 - Thanks to Dan Larsson for his # contributions to this update) # - Added separate variable for ClamAV group ID for setting # appropriate file group access permissions. # - Added variables for database file update URLs. # - Added support for automatic reloading of databases when # updates are found. # # Version 1.4 (updated 7/13/07) # - Added checks to verify that the database files exist, # and if not, do an initial download, decompress and test. # - Added variables for clamav database location path and # clamd user account (the account that clamd runs under). # - Added/modified script comments. # # Version 1.3 # - Added checks to either confirm the existence of the # temporary working directories or to create them. # - Changed "cp --reply=yes" to "cp -f". If this # causes problems with older versions of "cp", # you will need to change it back. # # Version 1.2 # - Repointed URLs for SaneSecurity downloads to # the new mirror redirect links. # # Version 1.1 # - Converted MSRBL downloads from curl to rsync. # # Version 1.0 (initial script created). #################################################################### # SCRIPT USER EDIT SECTION - SET PROGRAM PATHS AND OTHER VARIABLES # #################################################################### # Edit quoted variables below to meet your own particular # needs/requirements, but do not remove the "quote" marks. # Set and export program paths. export PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" # Set ClamD user and group accounts. clam_user="clamav" clam_group="clamav" # Set path to ClamAV database files location. If unsure, check # your clamd.conf file for the "DatabaseDirectory" path setting. clam_dbs="/var/lib/clamav" # Set path to clamd.pid file (see clamd.conf for path location). # To disable automatic database reloading, comment out the next # line (note, this does *NOT* restart clamd, it simply signals # clamd to reload its databases). clamd_pid="/var/run/clamd.pid" # If running clamd in "LocalSocket" mode (*NOT* in TCP/IP mode), and # either "SOcket Cat" (socat) or the "IO::Socket::UNIX" perl module # are installed on the system, and you want to report whether clamd # is running or not, uncomment the "clamd_socket" variable below (you # will be warned if neither socat nor IO::Socket::UNIX are found, but # the script will still run). You will also need to set the correct # path to your clamd socket file (if unsure of the path, check the # "LocalSocket" setting in your clamd.conf file for socket location). #clamd_socket="/tmp/clamd.socket" # If you would like to attemtp to restart ClamD if detected not running, # uncomment the next 2 lines. Confirm the path to the "clamd_lock" file # (usually can be found in the clamd init script) and also enter the clamd # start command for your particular distro for the "start_clamd" variable. # The sample start command shown should work for most linux distros. NOTE: # these 2 variables are dependant on the "clamd_socket" variable shown # above - if not enabled, then the following 2 variables will be ignored, # whether enabled or not. #clamd_lock="/var/lock/subsys/clamd" #start_clamd="service clamd start" # Set working directory paths (edit to meet your own needs). If these # directories do not exist, the script will attempt to create them. ss_dir="/usr/unofficial-dbs/ss-dbs" msrbl_dir="/usr/unofficial-dbs/msrbl-dbs" si_dir="/usr/unofficial-dbs/si-dbs" mbl_dir="/usr/unofficial-dbs/mbl-dbs" config_dir="/usr/unofficial-dbs/configs" gpg_dir="/usr/unofficial-dbs/gpg-key" temp_dir="/usr/unofficial-dbs/db-test" # Enable or disable download time randomization. This allows the script to # be executed via cron, but the actual database file checking will pause # for a random number of seconds between the "min" and "max" time settings # specified below. This helps to more evenly distribute load on the host # download sites. To disable, set the following variable to "no". enable_random="yes" # If download time randomization is enabled above (enable_random="yes"), # then set the min and max radomization times intervals (in seconds). min_sleep_time="60" # Default minimum is 60 seconds (1 minute). max_sleep_time="600" # Default maximum is 600 seconds (10 minutes). # ======================== # SaneSecurity Database(s) # ======================== # Add/remove/modify database file names between quote marks as needed. # To disable any of the SaneSecurity database file downloads, remove # the appropriate database file name line(s) below. To disable all # SaneSecurity database downloads, comment out all of the following lines. ss_dbs=" phish.ndb scam.ndb junk.ndb rogue.hdb spear.ndb spamimg.hdb lott.ndb spam.ldb sanesecurity.ftm " # ================= # MSRBL Database(s) # ================= # Add/remove/modify database file names between quote marks as needed. # To disable any of the MSRBL database file downloads, remove # the appropriate database file name line(s) below. To disable all # MSRBL database downloads, comment out all of the following lines. msrbl_dbs=" MSRBL-Images.hdb MSRBL-SPAM.ndb " # ======================== # SecuriteInfo Database(s) # ======================== # Add/remove/modify database file names between quote marks as needed. # To disable any SecuriteInfo database downloads, remove the appropriate # line(s) below. To disable all SecuriteInfo database file downloads, # comment out all of the following lines. si_dbs=" vx.hdb honeynet.hdb securiteinfo.hdb antispam.ndb " # ========================= # MalwarePatrol Database(s) # ========================= # Add/remove/modify database file names between quote marks as needed. # To disable any of the MalwarePatrol database file downloads, remove # the appropriate database file name line(s) below. To disable all # MalwarePatrol database downloads, comment out all of the following lines. mbl_dbs=" mbl.db " # Since the MalwarePatrol database file is dynamically created, # there is no way to test for changes prior to downloading. For this # reason, you will need to set a reasonable time interval in "hours" # for MBL database file downloads. As shown below, this has been # set to update every "6" hours, which seems appropriate (that's 4 # file downloads per day) Change only if you REALLY feel you must. # However, I would not suggest going below every 4 hour lest you risk # being blacklisted by the MalwarePatrol site. mbl_update_hours="6" # Default is 6 hours (4 downloads daily). # When running scripts via cron, output is often redirected to # /dev/null so that only error output is mailed to administrators. # However, curl reports stats to stderr whether successful or not. # If you want to silence the stats reported by curl, and only report # errors to stderr, change the following variable to "yes". curl_silence="no" # Default is "no" to report all curl stats # Set the following variable to "yes" once you have completed the # configuration of the "USER EDIT SECTION" of this script above. user_configuration_complete="no" ################################################################################ # END OF SCRIPT USER EDIT SECTION - YOU SHOULD NOT NEED TO EDIT ANYTHING BELOW # ################################################################################ # Check to see if the script's "USER EDIT SECTION" has been completed. if [ "$user_configuration_complete" = "no" -o -z "$user_configuration_complete" ] then echo "" echo " *** SCRIPT CONFIGURATION HAS NOT BEEN COMPLETED ***" echo " Please review and configure the 'USER EDIT SECTION' of the script." echo " Once the user configuration section is complete, rerun the script." echo "" exit 1 fi # Check to see if the working directories shown above were created. # If not, create them. Otherwise, ignore and proceed with script. mkdir -p $ss_dir $msrbl_dir $si_dir $mbl_dir $config_dir $gpg_dir $temp_dir # Create SaneSecurity rsync "include" file. ss_include_dbs="$config_dir/ss-include-dbs.txt" if [ -n ss_dbs ] ; then rm -f $ss_include_dbs for db_name in $ss_dbs ; do echo $db_name* >> $ss_include_dbs done fi # Create MSRBL rsync "include" file. msrbl_include_dbs="$config_dir/msrbl-include-dbs.txt" if [ -n msrbl_dbs ] ; then rm -f $msrbl_include_dbs for db_name in $msrbl_dbs ; do echo "$db_name" >> $msrbl_include_dbs done fi # Unofficial signature database provider URLs ss_url="rsync.sanesecurity.net" msrbl_url="rsync.mirror.msrbl.com" si_url="clamav.securiteinfo.com" mbl_url="www.malware.com.br/cgi/submit?action=list_clamav" # Create a temporary "scan-test.txt" file for database file testing. echo "This is a temporary clamscan test file..." > $temp_dir/scan-test.txt # Download SaneSecurity GPG Key and import to keyring. if [ ! -s "$gpg_dir/publickey.gpg" ] then curl -s -S --connect-timeout 15 --max-time 60 -L -R http://www.sanesecurity.net/publickey.gpg -o $gpg_dir/publickey.gpg && \ test -s $gpg_dir/publickey.gpg && \ gpg --import $gpg_dir/publickey.gpg && \ echo "GPG Key Successfully Imported To Local Keyring" echo "" fi # Silence curl output and only report errors - useful if script is run via cron. if [ "$curl_silence" = "yes" ] then curl_output_level="-s -S" fi # Change shell to the ClamAV database files directory. cd $clam_dbs # If ClamD status check is enabled ("clamd_socket" variable is uncommented # and the socket path is correctly specified in "User Edit" section above), # then test to see if clamd is running or not. if [ -n "$clamd_socket" ] then socat="`which socat 2> /dev/null`" if [ -n "$socat" -a -x "$socat" ] then socket_cat1=1 if [ "`echo PING | socat - "$clamd_socket"`" = "PONG" ] then socket_cat2=1 echo "====================" echo "= ClamD is running =" echo "====================" fi else if [ "`perl -e 'use IO::Socket::UNIX; print $IO::Socket::UNIX::VERSION,"\n"' 2> /dev/null`" ] then io_socket1=1 if [ "`perl -MIO::Socket::UNIX -we '$s = IO::Socket::UNIX->new(shift); $s->print("PING"); \ print $s->getline; $s->close' "$clamd_socket" 2> /dev/null`" = "PONG" ] then io_socket2=1 echo "====================" echo "= ClamD is running =" echo "====================" fi fi fi if [ -z "$socket_cat1" -a -z "$io_socket1" ] then echo "" echo " --- WARNING ---" echo " It appears that neither 'SOcket CAT' (socat) nor the perl module" echo " 'IO::Socket::UNIX' are installed on the system. In order to run" echo " the ClamD socket test to determine whether ClamD is running or" echo " or not, either 'socat' or 'IO::Socket::UNIX' must be installed." echo "" echo " You can silence this warning by either installing 'socat' or the" echo " 'IO::Socket::UNIX' perl module, or by simply commenting out the" echo " 'clamd_socket' variable in the 'USER EDIT SECTION' of the script." else if [ -z "$socket_cat2" -a -z "$io_socket2" ] then echo "" echo " *************************" echo " * !!! ALERT !!! *" echo " * CLAMD IS NOT RUNNING! *" echo " *************************" echo "" if [ -n "$start_clamd" ] then echo " Attempting to start ClamD..." echo "" if [ -n "$socket_cat1" ] then [ "`rm -f $clamd_lock 2> /dev/null`" -a "`$start_clamd 2> /dev/null`" -a "`sleep 5`" ] if [ "`echo PING | socat - "$clamd_socket" 2> /dev/null`" = "PONG" ] then echo "====================================" echo "= ClamD was successfully restarted =" echo "====================================" else echo " *************************" echo " * !!! PANIC !!! *" echo " * CLAMD FAILED TO START *" echo " *************************" echo "" echo "Check to confirm that the clamd start process defined for" echo "the 'start_clamd' variable in the 'USER EDIT SECTION' is" echo "set correctly for your particular distro. If it is, then" echo "check your logs to determine why clamd failed to start." echo "" exit 1 fi else if [ -n "$io_socket1" ] then [ "`$start_clamd 2> /dev/null`" -a "`sleep 5`" ] if [ "`perl -MIO::Socket::UNIX -we '$s = IO::Socket::UNIX->new(shift); \ $s->print("PING"); print $s->getline; $s->close' "$clamd_socket" \ 2> /dev/null`" = "PONG" ] then echo "====================================" echo "= ClamD was successfully restarted =" echo "====================================" else echo " *************************" echo " * !!! PANIC !!! *" echo " * CLAMD FAILED TO START *" echo " *************************" echo "" echo "Check to confirm that the clamd start process defined for" echo "the 'start_clamd' variable in the 'USER EDIT SECTION' is" echo "set correctly for your particular distro. If it is, then" echo "check your logs to determine why clamd failed to start." echo "" exit 1 fi fi fi fi fi fi fi # Database update check, time randomization section. This script now # provides support for both bash and non-bash enabled system shells. if [ "$enable_random" = "yes" ] ; then if [ -n "$RANDOM" 2> /dev/null ] then sleep_time=$(($RANDOM * $(($max_sleep_time - $min_sleep_time)) / 32767 + $min_sleep_time)) else sleep_time=0 while [ "$sleep_time" -lt "$min_sleep_time" -o "$sleep_time" -gt "$max_sleep_time" ] ; do sleep_time=`head -1 /dev/urandom | cksum | awk '{print $2}'` done fi if [ ! -t 0 ] then echo "" echo "`date` - Pausing database file updates for $sleep_time seconds..." sleep $sleep_time echo "" echo "`date` - Pause complete, checking for new database files..." else echo "" echo -n "Running script manually, do you want to pause execution (y/n)?: " read response while [ "$response" != "y" -a "$response" != "n" ] ; do echo -n "Expecting either 'y' or 'n', do you want to pause script execution (y/n)?: " read response done if [ "$response" = "y" ] then seconds=$sleep_time echo "Starting unofficial ClamAV database updates on `date`" echo "" while [ "$sleep_time" -ne 0 ] ; do echo -ne "Pausing database updates for $seconds seconds. Time remaining: $sleep_time \r" sleep 1 sleep_time=$(($sleep_time - 1)) done echo "" echo "Pause complete, `date`, checking for new database files..." else echo "Running unofficial ClamAV database updates..." fi fi fi # Download MalwarePatrol database file every set number of hours # (as configured in the "User Edit" section above). Since the # database is dynamically created via CGI, there is no way to # compare it to the existing file to determine if it has changed. # We run this update first in order to get an acurate timestamp in # case any other updates cause delays due to site access issues. for source_db in $mbl_dbs ; do if [ `date +%s` -gt 0 2> /dev/null ] then current_time=`date +%s` else if [ `perl -le print+time 2> /dev/null` ] then current_time=`perl -le print+time` fi fi if [ "$current_time" -gt 0 2> /dev/null ] then echo "" echo "======================================================================" echo "MalwarePatrol $source_db Database File Update" echo "======================================================================" echo "" if [ ! -s "$source_db" ] then curl $curl_output_level --connect-timeout 15 --max-time 60 -R -o $mbl_dir/$source_db http://$mbl_url test -s $mbl_dir/$source_db && \ clamscan --quiet -d $mbl_dir/$source_db $temp_dir/scan-test.txt && \ chown $clam_user:$clam_group $mbl_dir/$source_db && \ chmod 644 $mbl_dir/$source_db && \ mv -f $mbl_dir/$source_db . && \ do_clamd_reload=1 echo $current_time > $clam_dbs/last-mbl-update.txt echo "" fi if [ ! -s "$clam_dbs"/last-mbl-update.txt ] then echo $current_time > $clam_dbs/last-mbl-update.txt update_interval=$(($mbl_update_hours * 3600)) lastupdate_time=`cat $clam_dbs/last-mbl-update.txt` time_interval=$(($current_time - $lastupdate_time)) else update_interval=$(($mbl_update_hours * 3600)) lastupdate_time=`cat $clam_dbs/last-mbl-update.txt` time_interval=$(($current_time - $lastupdate_time)) fi # Deduct 600 seconds (10 minutes) from the update interval in # order to compensate for timing anomalies and/or script delays. if [ "$time_interval" -ge $(($update_interval - 600)) ] then curl $curl_output_level --connect-timeout 15 --max-time 60 -R -o $mbl_dir/$source_db http://$mbl_url test -s $mbl_dir/$source_db && \ clamscan --quiet -d $mbl_dir/$source_db $temp_dir/scan-test.txt && \ cp -f $mbl_dbs $source_db-bak && \ chown $clam_user:$clam_group $mbl_dir/$source_db && \ chmod 644 $mbl_dir/$source_db && \ mv -f $mbl_dir/$source_db . && \ do_clamd_reload=1 echo $current_time > $clam_dbs/last-mbl-update.txt else time_remaining=$(($update_interval - $time_interval)) hours_left=$(($time_remaining / 3600)) minutes_left=$(($time_remaining % 3600 / 60)) echo "$mbl_update_hours hours have not yet elapsed since the last MBL update." echo "" echo " --- No update was performed at this time ---" echo "" echo "Next MBL update will be performed in approximately $hours_left hour(s), $minutes_left minute(s)" fi else echo "" echo " --- WARNING ---" echo "The system's date function does not appear to support 'date +%s', nor was" echo "'perl' located on the system. The MBL update was bypassed at this time." echo "" echo "You may silence this warning by either commenting out the 'mbl_dbs' variable" echo "in the 'USER EDIT' section of the script, or by installing perl or the GNU" echo "date utility, either of which can calculate the needed seconds since epoch." fi done # Check for SaneSecurity database & signature file updates. ss_mirror_ip=`host $ss_url | head -1 | awk '{print $NF}'` ss_mirror_name=`host $ss_mirror_ip | awk '{print $NF}' | sed 's/\(.*\)./\1/'` ss_mirror_site_info="$ss_mirror_name $ss_mirror_ip" echo "" echo "======================================================================" echo "SaneSecurity Database & Signature File Updates" echo "======================================================================" echo "" echo "SaneSecurity mirror site used: $ss_mirror_site_info" rsync --include-from=$ss_include_dbs --exclude=* --timeout=30 -az --stats rsync://$ss_mirror_ip/sanesecurity $ss_dir/ for db_file in $ss_dbs ; do if [ "$ss_dir/$db_file" -nt "$clam_dbs/$db_file" -o ! -s "$clam_dbs/$db_file" ] ; then echo "" echo "Testing updated database file: $db_file" gpg --verify $ss_dir/$db_file.sig 2>&1 | grep "Signature" && \ clamscan --quiet -d $ss_dir/$db_file $ss_dir/$db_file.sig 2>&1 && \ echo "Clamscan reports database tested good" chown $clam_user:$clam_group $ss_dir/$db_file && \ chmod 644 $ss_dir/$db_file && \ cp -p $ss_dir/$db_file $temp_dir && \ mv -f $temp_dir/$db_file . && \ do_clamd_reload=1 fi done # Check for MSRBL database file updates. msrbl_mirror_ip=`host $msrbl_url | head -1 | awk '{print $NF}'` msrbl_mirror_name=`host $msrbl_mirror_ip | awk '{print $NF}' | sed 's/\(.*\)./\1/'` msrbl_mirror_site_info="$msrbl_mirror_name $msrbl_mirror_ip" echo "" echo "======================================================================" echo "MSRBL Database File Updates" echo "======================================================================" echo "" echo "MSRBL mirror site used: $msrbl_mirror_site_info" rsync --include-from=$msrbl_include_dbs --exclude=* --timeout=30 -az --stats rsync://$msrbl_mirror_ip/msrbl $msrbl_dir/ for db_file in $msrbl_dbs ; do if [ "$msrbl_dir/$db_file" -nt "$clam_dbs/$db_file" -o ! -s "$clam_dbs/$db_file" ] ; then echo "" echo "Testing updated database file: $db_file" clamscan --quiet -d $msrbl_dir/$db_file $temp_dir/scan-test.txt 2>&1 && \ echo "Clamscan reports database tested good" chown $clam_user:$clam_group $msrbl_dir/$db_file && \ chmod 644 $msrbl_dir/$db_file && \ cp -p $msrbl_dir/$db_file $temp_dir && \ mv -f $temp_dir/$db_file . && \ do_clamd_reload=1 fi done # Check for an existing SecuriteInfo VX database files. If they exists, then # run the update check. Otherwise, just download, extract and test the file. for source_db in $si_dbs ; do echo "" echo "======================================================================" echo "SecuriteInfo $source_db Database File Update" echo "======================================================================" echo "" if [ ! -s "$source_db" ] then curl $curl_output_level --connect-timeout 15 --max-time 60 -L -R -o $si_dir/$source_db.gz http://$si_url/$source_db.gz test -s $si_dir/$source_db.gz && \ gunzip -cdf $si_dir/$source_db.gz > $si_dir/$source_db && \ clamscan --quiet -d $si_dir/$source_db $temp_dir/scan-test.txt && \ chown $clam_user:$clam_group $si_dir/$source_db $si_dir/$source_db.gz && \ chmod 644 $si_dir/$source_db $si_dir/$source_db.gz && \ mv -f $si_dir/$source_db $si_dir/$source_db.gz . && \ do_clamd_reload=1 else curl $curl_output_level --connect-timeout 15 --max-time 60 -L -R -z $source_db.gz -o $si_dir/$source_db.gz http://$si_url/$source_db.gz test -s $si_dir/$source_db.gz && \ gunzip -cdf $si_dir/$source_db.gz > $si_dir/$source_db && \ clamscan --quiet -d $si_dir/$source_db $temp_dir/scan-test.txt && \ cp -f $source_db $source_db-bak && \ chown $clam_user:$clam_group $si_dir/$source_db $si_dir/$source_db.gz && \ chmod 644 $si_dir/$source_db $si_dir/$source_db.gz && \ mv -f $si_dir/$source_db $si_dir/$source_db.gz . && \ do_clamd_reload=1 fi done # Set appropriate file access permissions chown -R $clam_user:$clam_group $clam_dbs chmod 644 $clam_dbs/* # Remove any leftover files in the $temp_dir working directory # (this should only happen if a corrupted database file is detected) rm -f $si_dir/* $mbl_dir/* $temp_dir/* # Reload all clamd databases if updates detected and # neither $clamd_pid nor $do_clamd_reload are null. if [ -n "$clamd_pid" -a -n "$do_clamd_reload" ] then echo "" echo "==================================================" echo "= Update(s) detected, reloading ClamAV databases =" echo "==================================================" kill -USR2 `cat $clamd_pid` else if [ -n "$clamd_pid" -a -z "$do_clamd_reload" ] ; then echo "" echo "=========================================================" echo "= No update(s) detected, NOT reloading ClamAV databases =" echo "=========================================================" fi fi exit $?