#!/bin/sh # Script freely provided by Bill Landry (bill@inetmsg.com); however, use # at your own peril! (:-O). Comments, suggestions, and recommendations # for improving this script are always welcome. Feel free to report any # issues, as well. # # Script updates can be download from: # FTP: ftp.inetmsg.com/pub/unofficial-sigs.sh # HTTP: www.inetmsg.com/pub/unofficial-sigs.sh # # Script changes can be viewed at: # FTP: ftp.inetmsg.com/pub/CHANGELOG # HTTP: www.inetmsg.com/pub/CHANGELOG # # Script Version 2.0b (updated 2/10/09) ###################################################################################### # START OF USER CONFIGURATION SECTION - SET PROGRAM PATHS AND OTHER VARIABLE OPTIONS # ###################################################################################### # Edit quoted variables below to meet your own particular # needs/requirements, but do not remove the "quote" marks. # Set and export program paths. export PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" # Set ClamD user and group accounts. clam_user="clamav" clam_group="clamav" # Set path to ClamAV database files location. If unsure, check # your clamd.conf file for the "DatabaseDirectory" path setting. clam_dbs="/var/lib/clamav" # Set path to clamd.pid file (see clamd.conf for path location). clamd_pid="/var/run/clamd.pid" # If you would like to reload the clamd databases after an update, # change the following variable to "yes". reload_dbs="no" # Set the reload or restart option if the "reload_dbs" variable above # is set to "yes" (only select 'ONE' of the following options or the # last uncommented variable option will be the one used). #reload_opt="clamdscan --reload" #Signals socket to reload dbs #reload_opt="kill -USR2 `cat $clamd_pid`" #Signals PID to reload dbs #reload_opt="service clamd restart" #Signals clamd to do full restart #reload_opt="" #Set custom or system specific reload/restart option # If running clamd in "LocalSocket" mode (*NOT* in TCP/IP mode), and # either "SOcket Cat" (socat) or the "IO::Socket::UNIX" perl module # are installed on the system, and you want to report whether clamd # is running or not, uncomment the "clamd_socket" variable below (you # will be warned if neither socat nor IO::Socket::UNIX are found, but # the script will still run). You will also need to set the correct # path to your clamd socket file (if unsure of the path, check the # "LocalSocket" setting in your clamd.conf file for socket location). #clamd_socket="/tmp/clamd.socket" # If you would like to attemtp to restart ClamD if detected not running, # uncomment the next 2 lines. Confirm the path to the "clamd_lock" file # (usually can be found in the clamd init script) and also enter the clamd # start command for your particular distro for the "start_clamd" variable # (the sample start command shown below should work for most linux distros). # NOTE: these 2 variables are dependant on the "clamd_socket" variable # shown above - if not enabled, then the following 2 variables will be # ignored, whether enabled or not. #clamd_lock="/var/lock/subsys/clamd" #start_clamd="service clamd start" # Set working directory paths (edit to meet your own needs). If these # directories do not exist, the script will attempt to create them. # Top level working directory path: work_dir="/usr/unofficial-dbs" # --- # Working sub-directory names: ss_dir="$work_dir/ss-dbs" msrbl_dir="$work_dir/msrbl-dbs" si_dir="$work_dir/si-dbs" mbl_dir="$work_dir/mbl-dbs" config_dir="$work_dir/configs" gpg_dir="$work_dir/gpg-key" temp_dir="$work_dir/temp-dir" # Enable or disable download time randomization. This allows the script to # be executed via cron, but the actual database file checking will pause # for a random number of seconds between the "min" and "max" time settings # specified below. This helps to more evenly distribute load on the host # download sites. To disable, set the following variable to "no". enable_random="yes" # If download time randomization is enabled above (enable_random="yes"), # then set the min and max radomization times intervals (in seconds). min_sleep_time="60" # Default minimum is 60 seconds (1 minute). max_sleep_time="600" # Default maximum is 600 seconds (10 minutes). # ======================== # SaneSecurity Database(s) # ======================== # Add/remove/modify database file names between quote marks as needed. # To disable any of the SaneSecurity database file downloads, remove # the appropriate database file name line(s) below. To disable all # SaneSecurity database downloads, comment out all of the following lines. ss_dbs=" phish.ndb scam.ndb junk.ndb rogue.hdb spear.ndb spamimg.hdb lott.ndb spam.ldb sanesecurity.ftm " # ================= # MSRBL Database(s) # ================= # Add/remove/modify database file names between quote marks as needed. # To disable any of the MSRBL database file downloads, remove # the appropriate database file name line(s) below. To disable all # MSRBL database downloads, comment out all of the following lines. msrbl_dbs=" MSRBL-Images.hdb MSRBL-SPAM.ndb " # ======================== # SecuriteInfo Database(s) # ======================== # Add/remove/modify database file names between quote marks as needed. # To disable any SecuriteInfo database downloads, remove the appropriate # line(s) below. To disable all SecuriteInfo database file downloads, # comment out all of the following lines. si_dbs=" vx.hdb honeynet.hdb securiteinfo.hdb antispam.ndb " # Since the SecuriteInfo databases are only updated a few time each # month, set a time interval to do database update checks. si_update_hours="4" # Default is 4 hours (6 update checks daily). # ========================= # MalwarePatrol Database(s) # ========================= # Add/remove/modify database file names between quote marks as needed. # To disable any of the MalwarePatrol database file downloads, remove # the appropriate database file name line(s) below. To disable all # MalwarePatrol database downloads, comment out all of the following lines. mbl_dbs=" mbl.db " # Since the MalwarePatrol database file is dynamically created, # there is no way to test for changes prior to downloading. For this # reason, you will need to set a reasonable time interval in "hours" # for MBL database file downloads. As shown below, this has been # set to update every "6" hours, which seems appropriate (that's 4 # file downloads per day) Change only if you REALLY feel you must. # However, I would not suggest going below every 4 hour lest you risk # being blacklisted by the MalwarePatrol site. mbl_update_hours="6" # Default is 6 hours (4 downloads daily). # If you want to silence the stats reported by curl, rsync, gpg, or # the general script comments, change the following variables to "yes". # If all variables are set to yes, then the script will only output # database provider section headers, error output from GPG Signature # varification tests and Clamscan database integrity tests, and report # whether updates were detected and clamd reloaded or not. curl_silence="no" # Default is "no" to report curl stats rsync_silence="no" # Default is "no" to report rsync stats gpg_silence="no" # Default is "no" to report gpg stats comment_silence="no" # Default is "no" to report script comments # If you would like to make a backup copy of the current running database # file before updating, leave the following variable set to "yes". keep_db_backup="yes" # Set the following variable to "yes" once you have completed the # "USER CONFIGURATION SECTION" of this script. user_configuration_complete="no" ####################################################################################### # END OF USER CONFIGURATION SECTION - YOU SHOULD NOT NEED TO EDIT ANYTHING BELOW HERE # ####################################################################################### # Check to see if the script's "USER CONFIGURATION SECTION" has been completed. if [ "$user_configuration_complete" != "yes" ] then echo "" echo " *** SCRIPT CONFIGURATION HAS NOT BEEN COMPLETED ***" echo " Please review and configure the 'USER CONFIGURATION SECTION' of the script." echo " Once the user configuration section has been completed, rerun the script." echo "" exit 1 fi # Check to see if the working directories shown above were created. # If not, create them. Otherwise, ignore and proceed with script. mkdir -p $ss_dir $msrbl_dir $si_dir $mbl_dir $config_dir $gpg_dir $temp_dir # Move any existing SecuriteInfo source *.gz files from the clam_dbs # directory to the si_dir directory. for gz_file in `ls $clam_dbs/*.?db.gz 2> /dev/null` ; do mv -f $gz_file $si_dir done # Move any existing SecuriteInfo & MalwarePatrol timestamp files from # the clam_dbs directory to the config_dir directory. for txt_file in `ls $clam_dbs/last-*-update.txt 2> /dev/null` ; do mv -f $txt_file $config_dir done # Create "scan-test.txt" file for clamscan database integrity testing. if [ ! -s "$config_dir/scan-test.txt" ] ; then echo "This is the clamscan test file..." > $config_dir/scan-test.txt fi # Create the SaneSecurity rsync "include" file (defines which files to download). ss_include_dbs="$config_dir/ss-include-dbs.txt" if [ -n "$ss_dbs" ] ; then rm -f $ss_include_dbs for db_name in $ss_dbs ; do echo "$db_name*" >> $ss_include_dbs done fi # Create the MSRBL rsync "include" file (defines which files to download). msrbl_include_dbs="$config_dir/msrbl-include-dbs.txt" if [ -n "$msrbl_dbs" ] ; then rm -f $msrbl_include_dbs for db_name in $msrbl_dbs ; do echo "$db_name" >> $msrbl_include_dbs done fi # Unofficial signature database provider URLs ss_url="rsync.sanesecurity.net" msrbl_url="rsync.mirror.msrbl.com" si_url="clamav.securiteinfo.com" mbl_url="www.malware.com.br/cgi/submit?action=list_clamav" # Download SaneSecurity GPG Key and import to keyring. if [ ! -s "$gpg_dir/publickey.gpg" ] ; then curl -s -S --connect-timeout 15 --max-time 60 -L -R http://www.sanesecurity.net/publickey.gpg -o $gpg_dir/publickey.gpg && \ test -s $gpg_dir/publickey.gpg && \ gpg --import $gpg_dir/publickey.gpg && \ echo "GPG Key Successfully Imported To Local Keyring" echo "" fi # Silence curl output and only report errors - useful if script is run via cron. if [ "$curl_silence" = "yes" ] ; then curl_output_level="-s -S" fi # Silence rsync output and only report errors - useful if script is run via cron. if [ "$rsync_silence" = "yes" ] ; then rsync_output_level="-q" fi # If ClamD status check is enabled ("clamd_socket" variable is uncommented # and the socket path is correctly specified in "User Edit" section above), # then test to see if clamd is running or not. if [ -n "$clamd_socket" ] then socat="`which socat 2> /dev/null`" if [ -n "$socat" -a -x "$socat" ] then socket_cat1=1 if [ "`echo PING | socat - "$clamd_socket" 2> /dev/null`" = "PONG" ] then socket_cat2=1 echo "====================" echo "= ClamD is running =" echo "====================" fi else if [ "`perl -e 'use IO::Socket::UNIX; print $IO::Socket::UNIX::VERSION,"\n"' 2> /dev/null`" ] then io_socket1=1 if [ "`perl -MIO::Socket::UNIX -we '$s = IO::Socket::UNIX->new(shift); $s->print("PING"); \ print $s->getline; $s->close' "$clamd_socket" 2> /dev/null`" = "PONG" ] then io_socket2=1 echo "====================" echo "= ClamD is running =" echo "====================" fi fi fi if [ -z "$socket_cat1" -a -z "$io_socket1" ] then echo "" echo " --- WARNING ---" echo " It appears that neither 'SOcket CAT' (socat) nor the perl module" echo " 'IO::Socket::UNIX' are installed on the system. In order to run" echo " the ClamD socket test to determine whether ClamD is running or" echo " or not, either 'socat' or 'IO::Socket::UNIX' must be installed." echo "" echo " You can silence this warning by either installing 'socat' or the" echo " 'IO::Socket::UNIX' perl module, or by simply commenting out the" echo " 'clamd_socket' variable in the 'USER EDIT SECTION' of the script." else if [ -z "$socket_cat2" -a -z "$io_socket2" ] then echo "" echo " *************************" echo " * !!! ALERT !!! *" echo " * CLAMD IS NOT RUNNING! *" echo " *************************" echo "" if [ -n "$start_clamd" ] then echo " Attempting to start ClamD..." echo "" if [ -n "$socket_cat1" ] then [ "`rm -f $clamd_lock 2> /dev/null`" -a "`$start_clamd 2> /dev/null`" -a "`sleep 5`" ] if [ "`echo PING | socat - "$clamd_socket" 2> /dev/null`" = "PONG" ] then echo "====================================" echo "= ClamD was successfully restarted =" echo "====================================" else echo " *************************" echo " * !!! PANIC !!! *" echo " * CLAMD FAILED TO START *" echo " *************************" echo "" echo "Check to confirm that the clamd start process defined for" echo "the 'start_clamd' variable in the 'USER EDIT SECTION' is" echo "set correctly for your particular distro. If it is, then" echo "check your logs to determine why clamd failed to start." echo "" exit 1 fi else if [ -n "$io_socket1" ] then [ "`rm -f $clamd_lock 2> /dev/null`" -a "`$start_clamd 2> /dev/null`" -a "`sleep 5`" ] if [ "`perl -MIO::Socket::UNIX -we '$s = IO::Socket::UNIX->new(shift); \ $s->print("PING"); print $s->getline; $s->close' "$clamd_socket" \ 2> /dev/null`" = "PONG" ] then echo "====================================" echo "= ClamD was successfully restarted =" echo "====================================" else echo " *************************" echo " * !!! PANIC !!! *" echo " * CLAMD FAILED TO START *" echo " *************************" echo "" echo "Check to confirm that the clamd start process defined for" echo "the 'start_clamd' variable in the 'USER EDIT SECTION' is" echo "set correctly for your particular distro. If it is, then" echo "check your logs to determine why clamd failed to start." echo "" exit 1 fi fi fi fi fi fi fi # Database update check, time randomization section. This script now # provides support for both bash and non-bash enabled system shells. if [ "$enable_random" = "yes" ] ; then if [ -n "$RANDOM" 2> /dev/null ] then sleep_time=$(($RANDOM * $(($max_sleep_time - $min_sleep_time)) / 32767 + $min_sleep_time)) else sleep_time=0 while [ "$sleep_time" -lt "$min_sleep_time" -o "$sleep_time" -gt "$max_sleep_time" ] ; do sleep_time=`head -1 /dev/urandom | cksum | awk '{print $2}'` done fi if [ ! -t 0 ] then echo "" echo "`date` - Pausing database file updates for $sleep_time seconds..." sleep $sleep_time echo "" echo "`date` - Pause complete, checking for new database files..." else echo "" echo -n "Running script manually, do you want to pause execution (y/n)?: " read response while [ "$response" != "y" -a "$response" != "n" ] ; do echo -n "Expecting either 'y' or 'n', do you want to pause script execution (y/n)?: " read response done if [ "$response" = "y" ] then seconds=$sleep_time echo "Starting unofficial ClamAV database updates on `date`" echo "" while [ "$sleep_time" -ne 0 ] ; do echo -ne "Pausing database updates for $seconds seconds. Time remaining: $sleep_time \r" sleep 1 sleep_time=$(($sleep_time - 1)) done echo "" echo "Pause complete, `date`, checking for new database files..." else echo "Running unofficial ClamAV database updates..." fi fi fi # Check and save current system time since epoch for time related database downloads. # However, if unsuccessful, issue a warning that we cannot calculate times since epoch. if [ -n "$si_dbs" -o -n "mbl_dbs" ] then if [ `date +%s` -gt 0 2> /dev/null ] then current_time=`date +%s` else if [ `perl -le print+time 2> /dev/null` ] then current_time=`perl -le print+time` fi fi else echo "" echo " --- WARNING ---" echo "The system's date function does not appear to support 'date +%s', nor was 'perl' found" echo "on the system. The SecuriteInfo and MalwarePatrol updates were bypassed at this time." echo "" echo "You can silence this warning by either commenting out the 'si_dbs' and 'mbl_dbs'" echo "variables in the 'USER CONFIGURATION' section of the script, or by installing perl or" echo "the GNU date utility, either of which can calculate the needed seconds since epoch." si_dbs="" mbl_dbs="" fi # Check to see if "last-si-update.txt" file exists, if not set "last_si_update" variable to "0" if [ -n "$si_dbs" ] ; then if [ -s "$config_dir/last-si-update.txt" ] then last_si_update=`cat $config_dir/last-si-update.txt` else last_si_update="0" fi fi # Check to see if "last-mbl-update.txt" file exists, if not set "last_mbl_update" variable to "0" if [ -n "$mbl_dbs" ] ; then if [ -s "$config_dir/last-mbl-update.txt" ] then last_mbl_update=`cat $config_dir/last-mbl-update.txt` else last_mbl_update="0" fi fi # Check for SaneSecurity database & signature file updates. if [ -n "$ss_dbs" ] ; then db_file="" ss_mirror_ip=`host $ss_url | head -1 | awk '{print $NF}'` ss_mirror_name=`host $ss_mirror_ip | awk '{print $NF}' | sed 's/\(.*\)./\1/'` ss_mirror_site_info="$ss_mirror_name $ss_mirror_ip" echo "" echo "======================================================================" echo "SaneSecurity Database & Signature File Updates" echo "======================================================================" echo "" test "$comment_silence" = "no" && echo "SaneSecurity mirror site used: $ss_mirror_site_info" rsync $rsync_output_level --include-from=$ss_include_dbs --exclude=* --timeout=30 \ -rtz --stats rsync://$ss_mirror_ip/sanesecurity $ss_dir/ | tail -15 for db_file in $ss_dbs ; do if [ -s "$clam_dbs/$db_file" -a "$ss_dir/$db_file" -nt "$clam_dbs/$db_file" ] ; then if [ "`diff -q $ss_dir/$db_file $clam_dbs/$db_file | awk '{print $NF}'`" = "differ" ] then test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo "Testing updated database file: $db_file" else test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo "Testing updated (but unchanged) database file: $db_file" fi if [ "$gpg_silence" = "no" ] then gpg --trust-model always -q --verify $ss_dir/$db_file.sig if [ "$?" = "0" ] then true else echo "SaneSecurity GPG Signature test FAILED on $db_file database - SKIPPING" ; false fi else gpg --trust-model always -q --verify $ss_dir/$db_file.sig 2> /dev/null if [ "$?" = "0" ] then true else echo "SaneSecurity GPG Signature test FAILED on $db_file database - SKIPPING" ; false fi fi && \ clamscan --quiet -d $ss_dir/$db_file $ss_dir/$db_file.sig && \ (test "$comment_silence" = "no" && echo "Clamscan reports $db_file database integrity tested good" ; true) && \ cp -f -p $ss_dir/$db_file $temp_dir && \ chown $clam_user:$clam_group $temp_dir/$db_file && \ chmod 0644 $temp_dir/$db_file && \ (test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak ; true) && \ mv -f $temp_dir/$db_file $clam_dbs && \ do_clamd_reload=1 fi if [ ! -s "$clam_dbs/$db_file" ] ; then test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo "Testing updated database file: $db_file" if [ "$gpg_silence" = "no" ] then gpg --trust-model always -q --verify $ss_dir/$db_file.sig if [ "$?" = "0" ] then true else echo "SaneSecurity GPG Signature test FAILED on $db_file database - SKIPPING" ; false fi else gpg --trust-model always -q --verify $ss_dir/$db_file.sig 2> /dev/null if [ "$?" = "0" ] then true else echo "SaneSecurity GPG Signature test FAILED on $db_file database - SKIPPING" ; false fi fi && \ clamscan --quiet -d $ss_dir/$db_file $ss_dir/$db_file.sig && \ (test "$comment_silence" = "no" && echo "Clamscan reports $db_file database integrity tested good" ; true) && \ cp -f -p $ss_dir/$db_file $temp_dir && \ chown $clam_user:$clam_group $temp_dir/$db_file && \ chmod 0644 $temp_dir/$db_file && \ mv -f $temp_dir/$db_file $clam_dbs && \ do_clamd_reload=1 fi done fi # Check for MSRBL database file updates. if [ -n "$msrbl_dbs" ] ; then db_file="" msrbl_mirror_ip=`host $msrbl_url | head -1 | awk '{print $NF}'` msrbl_mirror_name=`host $msrbl_mirror_ip | awk '{print $NF}' | sed 's/\(.*\)./\1/'` msrbl_mirror_site_info="$msrbl_mirror_name $msrbl_mirror_ip" echo "" echo "======================================================================" echo "MSRBL Database File Updates" echo "======================================================================" echo "" test "$comment_silence" = "no" && echo "MSRBL mirror site used: $msrbl_mirror_site_info" rsync $rsync_output_level --include-from=$msrbl_include_dbs --exclude=* --timeout=30 \ -rtz --stats rsync://$msrbl_mirror_ip/msrbl $msrbl_dir/ | tail -15 for db_file in $msrbl_dbs ; do if [ -s "$clam_dbs/$db_file" -a "$msrbl_dir/$db_file" -nt "$clam_dbs/$db_file" ] ; then test "$comment_silence" = "no" && echo "" if [ "`diff -q $msrbl_dir/$db_file $clam_dbs/$db_file | awk '{print $NF}'`" = "differ" ] then test "$comment_silence" = "no" && echo "Testing updated database file: $db_file" else test "$comment_silence" = "no" && echo "Testing updated (but unchanged) database file: $db_file" fi clamscan --quiet -d $msrbl_dir/$db_file $config_dir/scan-test.txt && \ (test "$comment_silence" = "no" && echo "Clamscan reports $db_file database integrity tested good" ; true) && \ cp -f -p $msrbl_dir/$db_file $temp_dir && \ chown $clam_user:$clam_group $temp_dir/$db_file && \ chmod 0644 $temp_dir/$db_file && \ (test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak ; true) && \ mv -f $temp_dir/$db_file $clam_dbs && \ do_clamd_reload=1 fi if [ ! -s "$clam_dbs/$db_file" ] ; then test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo "Testing updated database file: $db_file" clamscan --quiet -d $msrbl_dir/$db_file $config_dir/scan-test.txt && \ (test "$comment_silence" = "no" && echo "Clamscan reports $db_file database integrity tested good" ; true) && \ cp -f -p $msrbl_dir/$db_file $temp_dir && \ chown $clam_user:$clam_group $temp_dir/$db_file && \ chmod 0644 $temp_dir/$db_file && \ mv -f $temp_dir/$db_file $clam_dbs && \ do_clamd_reload=1 fi done fi # Check for updated SecuriteInfo database files every set number of # hours as defined in the "USER CONFIGURATION" section of this script. if [ -n "$si_dbs" ] ; then db_file="" update_interval=$(($si_update_hours * 3600)) time_interval=$(($current_time - $last_si_update)) if [ "$time_interval" -ge $(($update_interval - 600)) ] then echo "$current_time" > $config_dir/last-si-update.txt for db_file in $si_dbs ; do echo "" echo "======================================================================" echo "SecuriteInfo $db_file Database File Update" echo "======================================================================" echo "" if [ -s "$clam_dbs/$db_file" -a -s "$si_dir/$db_file.gz" ] then curl $curl_output_level --connect-timeout 15 --max-time 60 -L -R -z \ $si_dir/$db_file.gz -o $si_dir/$db_file.gz http://$si_url/$db_file.gz test -s $si_dir/$db_file.gz && \ gunzip -cdf $si_dir/$db_file.gz > $si_dir/$db_file && \ test -s $si_dir/$db_file && \ test -s $clam_dbs/$db_file -a $si_dir/$db_file -nt $clam_dbs/$db_file && \ if [ "`diff -q $si_dir/$db_file $clam_dbs/$db_file | awk '{print $NF}'`" = "differ" ] then test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo "Testing updated database file: $db_file" ; true else test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo "Testing updated (but unchanged) database file: $db_file" ; true fi && \ clamscan --quiet -d $si_dir/$db_file $config_dir/scan-test.txt && \ (test "$comment_silence" = "no" && echo "Clamscan reports $db_file database integrity tested good" ; true) && \ cp -f -p $si_dir/$db_file $temp_dir && \ chown $clam_user:$clam_group $temp_dir/$db_file && \ chmod 0644 $temp_dir/$db_file $si_dir/$db_file.gz && \ (test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak ; true) && \ mv -f $temp_dir/$db_file $clam_dbs && \ do_clamd_reload=1 else curl $curl_output_level --connect-timeout 15 --max-time 60 -L -R -o \ $si_dir/$db_file.gz http://$si_url/$db_file.gz test -s $si_dir/$db_file.gz && \ gunzip -cdf $si_dir/$db_file.gz > $si_dir/$db_file && \ test -s $si_dir/$db_file && \ (test "$comment_silence" = "no" && echo "" ; true) && \ (test "$comment_silence" = "no" && echo "Testing updated database file: $db_file" ; true) && \ clamscan --quiet -d $si_dir/$db_file $config_dir/scan-test.txt && \ (test "$comment_silence" = "no" && echo "Clamscan reports $db_file database integrity tested good" ; true) && \ cp -f -p $si_dir/$db_file $temp_dir && \ chown $clam_user:$clam_group $temp_dir/$db_file && \ chmod 0644 $temp_dir/$db_file $si_dir/$db_file.gz && \ mv -f $temp_dir/$db_file $clam_dbs && \ do_clamd_reload=1 fi done else echo "" echo "======================================================================" echo "SecuriteInfo Database File Update" echo "======================================================================" echo "" time_remaining=$(($update_interval - $time_interval)) hours_left=$(($time_remaining / 3600)) minutes_left=$(($time_remaining % 3600 / 60)) test "$comment_silence" = "no" && echo "$si_update_hours hours have not yet elapsed since the last database update check." test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo " --- No update was performed at this time ---" test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo "Next check will be performed in approximately $hours_left hour(s), $minutes_left minute(s)" fi fi # Download MalwarePatrol database file(s) every set number of hours # as defined in the "USER CONFIGURATION" section of this script. if [ -n "$mbl_dbs" ] ; then db_file="" update_interval=$(($mbl_update_hours * 3600)) time_interval=$(($current_time - $last_mbl_update)) if [ "$time_interval" -ge $(($update_interval - 600)) ] then echo "$current_time" > $config_dir/last-mbl-update.txt for db_file in $mbl_dbs ; do echo "" echo "======================================================================" echo "MalwarePatrol $db_file Database File Update" echo "======================================================================" echo "" if [ -s "$clam_dbs/$db_file" ] then curl $curl_output_level --connect-timeout 15 --max-time 60 -R -o \ $mbl_dir/$db_file http://$mbl_url test -s $mbl_dir/$db_file && \ if [ "`diff -q $mbl_dir/$db_file $clam_dbs/$db_file | awk '{print $NF}'`" = "differ" ] then test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo "Testing updated database file: $db_file" ; true else test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo "Testing updated (but unchanged) database file: $db_file" ; true fi && \ clamscan --quiet -d $mbl_dir/$db_file $config_dir/scan-test.txt && \ (test "$comment_silence" = "no" && echo "Clamscan reports $db_file database integrity tested good" ; true) && \ cp -f -p $mbl_dir/$db_file $temp_dir && \ chown $clam_user:$clam_group $temp_dir/$db_file && \ chmod 0644 $temp_dir/$db_file && \ (test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak ; true) && \ mv -f $temp_dir/$db_file $clam_dbs && \ do_clamd_reload=1 else curl $curl_output_level --connect-timeout 15 --max-time 60 -R -o \ $mbl_dir/$db_file http://$mbl_url test -s $mbl_dir/$db_file && \ (test "$comment_silence" = "no" && echo "" ; true) && \ (test "$comment_silence" = "no" && echo "Testing updated database file: $db_file" ; true) && \ clamscan --quiet -d $mbl_dir/$db_file $config_dir/scan-test.txt && \ (test "$comment_silence" = "no" && echo "Clamscan reports $db_file database integrity tested good" ; true) && \ cp -f -p $mbl_dir/$db_file $temp_dir && \ chown $clam_user:$clam_group $temp_dir/$db_file && \ chmod 0644 $temp_dir/$db_file && \ mv -f $temp_dir/$db_file $clam_dbs && \ do_clamd_reload=1 fi done else echo "" echo "======================================================================" echo "MalwarePatrol Database File Update" echo "======================================================================" echo "" time_remaining=$(($update_interval - $time_interval)) hours_left=$(($time_remaining / 3600)) minutes_left=$(($time_remaining % 3600 / 60)) test "$comment_silence" = "no" && echo "$mbl_update_hours hours have not yet elapsed since the last database download." test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo " --- No update was performed at this time ---" test "$comment_silence" = "no" && echo "" test "$comment_silence" = "no" && echo "Next download will be performed in approximately $hours_left hour(s), $minutes_left minute(s)" fi fi # Set appropriate file access permissions chown -R $clam_user:$clam_group $clam_dbs chmod u+Xrw $clam_dbs/* # Remove any possible leftover files left in the $temp_dir working directory rm -f $temp_dir/* # Reload all clamd databases if updates detected and $reload_dbs" is # set to "yes", and neither $reload_opt nor $do_clamd_reload are null. if [ "$reload_dbs" = "yes" -a -z "$reload_opt" ] then echo "" echo "*******************************************************************************************" echo "* Check the USER CONFIGURATION section, 'reload_dbs' enabled but no 'reload_opt' selected *" echo "*******************************************************************************************" else if [ "$reload_dbs" = "yes" -a -n "$do_clamd_reload" -a -n "$reload_opt" ] then echo "" echo "==================================================" echo "= Update(s) detected, reloading ClamAV databases =" echo "==================================================" $reload_opt else if [ "$reload_dbs" = "yes" -a -z "$do_clamd_reload" ] then echo "" echo "=========================================================" echo "= No update(s) detected, NOT reloading ClamAV databases =" echo "=========================================================" fi fi fi exit $?