~ubuntu-branches/ubuntu/quantal/clamav-unofficial-sigs/quantal
» Revision
8
: clamav-unofficial-sigs.sh
« back to all changes in this revision
Viewing changes to clamav-unofficial-sigs.sh
- browse files at revision 8
- compare with another revision
- download diff
- download tarball
- view history from revision 8
- Committer: Bazaar Package Importer
- Author(s): Paul Wise
- Date: 2011-02-11 18:40:36 UTC
- mfrom: (1.1.4 upstream)
- Revision ID: james.westby@ubuntu.com-20110211184036-cs415am24fkqobvs
Tags: 3.7.1-1
* New upstream release
- Fixes a minor bashism in the sig creation option (Closes: #547743)
- Drops MSRBL signature, no updates since July 2009 (Closes: #612796)
- Supports new uncompressed SecuriteInfo signatures (Closes: #612795)
* Allow sysadmins to easily override default configs (Closes: #566620)
* Package technically complies with policy 3.9.1, bump Standards-Version
- Fixes a minor bashism in the sig creation option (Closes: #547743)
- Drops MSRBL signature, no updates since July 2009 (Closes: #612796)
- Supports new uncompressed SecuriteInfo signatures (Closes: #612795)
* Allow sysadmins to easily override default configs (Closes: #566620)
* Package technically complies with policy 3.9.1, bump Standards-Version
added
removed
clamav-unofficial-sigs.sh
21
21
22
22
default_config="/etc/clamav-unofficial-sigs.conf"
23
23
24
version="v3.6 (updated 2009-08-23)"
24
version="v3.7.1 (updated 2010-06-06)"
25
25
output_ver="
26
26
`basename $0` $version
27
27
"
124
124
echo "$file_sig" | tr -d "\r" >> "$config_dir/monitor-ign.txt"
125
125
if clamscan --quiet -d "$config_dir/local.ign" "$config_dir/scan-test.txt"
126
126
then
127
if rsync -cqt $config_dir/local.ign $clam_dbs
127
if rsync -pcqt $config_dir/local.ign $clam_dbs
128
128
then
129
129
perms chown $clam_user:$clam_group local.ign
130
130
chmod 0644 local.ign "$config_dir/monitor-ign.txt"
307
307
308
308
Example:
309
309
310
=:This signature{-10}contains several(5|6|7)formatted spacing*fields
310
=:This signature{-10}contains several(25|26|27)formatted spacing*fields
311
311
312
312
Encodes to:
313
313
314
54686973207369676e6174757265{-10}636f6e7461696e73207365766572616c(5|6|7)666f726d61747465642073706163696e67*6669656c6473
314
54686973207369676e6174757265{-10}636f6e7461696e73207365766572616c(25|26|27)666f726d61747465642073706163696e67*6669656c6473
315
315
316
316
Use 'full' encoding if you want to encode everything on the line [including {}, (), *] and 'formatted'
317
317
encoding if you want to encode everything on the line except the formatted character spacing fields.
356
356
else
357
357
echo "$line" | perl -pe 's/(.)/sprintf("%02lx", ord $1)/eg' | sed "s/^/$prefix\.$line_num:4:\*:/" >> "$path_file"
358
358
fi
359
echo -ne "Hexadecimal encoding $source_file line: $line_num of $total\r"
359
printf "Hexadecimal encoding $source_file line: $line_num of $total\r"
360
360
line_num=$(($line_num + 1))
361
361
done
362
362
else
379
379
then
380
380
if ! cmp -s "$path_file" "$clam_dbs/$db_file"
381
381
then
382
if rsync -cqt "$path_file" "$clam_dbs"
382
if rsync -pcqt "$path_file" "$clam_dbs"
383
383
then
384
384
perms chown $clam_user:$clam_group "$clam_dbs/$db_file"
385
385
chmod 0644 "$clam_dbs/$db_file"
468
468
echo "File '$input' cannot be found."
469
469
echo "Here is a list of third-party databases that can be clamscan integrity tested:"
470
470
echo ""
471
echo "Sanesecurity $ss_dbs""MSRBL $msrbl_dbs""SecuriteInfo $si_dbs""MalwarePatrol $mbl_dbs"
471
echo "Sanesecurity $ss_dbs""SecuriteInfo $si_dbs""MalwarePatrol $mbl_dbs"
472
472
echo "Check the file name and try again..."
473
473
fi
474
474
echo ""
575
575
grep -h -v -f "$config_dir/whitelist.hex" "$db_file" > "$db_file-tmp"
576
576
mv -f "$db_file-tmp" "$db_file"
577
577
if clamscan --quiet -d "$db_file" "$config_dir/scan-test.txt" 2>/dev/null ; then
578
if rsync -cqt $db_file $clam_dbs ; then
578
if rsync -pcqt $db_file $clam_dbs ; then
579
579
perms chown $clam_user:$clam_group $clam_dbs/$db_file
580
580
do_clamd_reload=1
581
581
fi
600
600
601
601
# Check to see if the working directories have been created.
602
602
# If not, create them. Otherwise, ignore and proceed with script.
603
mkdir -p "$work_dir" "$ss_dir" "$msrbl_dir" "$si_dir" "$mbl_dir" "$config_dir" "$gpg_dir" "$add_dir"
603
mkdir -p "$work_dir" "$ss_dir" "$si_dir" "$mbl_dir" "$config_dir" "$gpg_dir" "$add_dir"
604
604
605
605
# Set secured access permissions to the GPG directory
606
606
chmod 0700 "$gpg_dir"
683
683
684
684
# Unofficial ClamAV database provider URLs
685
685
ss_url="rsync.sanesecurity.net"
686
msrbl_url="rsync.mirror.msrbl.com"
687
686
si_url="clamav.securiteinfo.com"
688
687
mbl_url="www.malwarepatrol.net"
689
688
697
696
done
698
697
fi
699
698
700
# Create the MSRBL rsync "include" file (defines which files to download).
701
msrbl_include_dbs="$config_dir/msrbl-include-dbs.txt"
702
if [ -n "$msrbl_dbs" ] ; then
703
rm -f -- "$msrbl_include_dbs"
704
for db_name in $msrbl_dbs ; do
705
echo "$db_name" >> "$msrbl_include_dbs"
706
done
707
fi
708
709
699
# If rsync proxy is defined in the config file, then export it for use.
710
700
if [ -n "$rsync_proxy" ]; then
711
701
RSYNC_PROXY="$rsync_proxy"
741
731
if [ -n "$si_dbs" ] ; then
742
732
for db in $si_dbs ; do
743
733
echo "$si_dir/$db" >> "$current_tmp"
744
echo "$si_dir/$db.gz" >> "$current_tmp"
745
734
clamav_files
746
735
done
747
736
fi
963
952
comment "======================================================================"
964
953
comment "Sanesecurity Database & GPG Signature File Updates"
965
954
comment "======================================================================"
966
ss_mirror_ips=`dig +tcp +short $ss_url`
955
ss_mirror_ips=`dig +ignore +short $ss_url`
967
956
for ss_mirror_ip in $ss_mirror_ips ; do
968
ss_mirror_name=`host $ss_mirror_ip | awk '{print $NF}' | cut -d "(" -f2 | sed 's/\(.*\)./\1/'`
957
ss_mirror_name=`dig +short -x $ss_mirror_ip | sed 's/\.$//'`
969
958
ss_mirror_site_info="$ss_mirror_name $ss_mirror_ip"
970
959
comment ""
971
960
comment "Sanesecurity mirror site used: $ss_mirror_site_info"
1006
995
log "WARNING - Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING" ; false
1007
996
fi && \
1008
997
(test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak 2>/dev/null ; true) && \
1009
if rsync -cqt $ss_dir/$db_file $clam_dbs
998
if rsync -pcqt $ss_dir/$db_file $clam_dbs
1010
999
then
1011
1000
perms chown $clam_user:$clam_group $clam_dbs/$db_file
1012
1001
comment "Successfully updated Sanesecurity production database file: $db_file"
1034
1023
log "WARNING - Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING" ; false
1035
1024
fi && \
1036
1025
(test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak 2>/dev/null ; true) && \
1037
if rsync -cqt $test_dir/$db_file $clam_dbs
1026
if rsync -pcqt $test_dir/$db_file $clam_dbs
1038
1027
then
1039
1028
perms chown $clam_user:$clam_group $clam_dbs/$db_file
1040
1029
comment "Successfully updated Sanesecurity production database file: $db_file"
1072
1061
fi
1073
1062
fi
1074
1063
1075
#########################################
1076
# Check for MSRBL database file updates #
1077
#########################################
1078
if [ -n "$msrbl_dbs" ] ; then
1079
db_file=""
1080
comment ""
1081
comment "======================================================================"
1082
comment "MSRBL Database File Updates"
1083
comment "======================================================================"
1084
msrbl_mirror_ips=`dig +tcp +short $msrbl_url`
1085
for msrbl_mirror_ip in $msrbl_mirror_ips ; do
1086
msrbl_mirror_name=`host $msrbl_mirror_ip | awk '{print $NF}' | cut -d "(" -f2 | sed 's/\(.*\)./\1/'`
1087
msrbl_mirror_site_info="$msrbl_mirror_name $msrbl_mirror_ip"
1088
comment ""
1089
comment "MSRBL mirror site used: $msrbl_mirror_site_info"
1090
log "INFO - MSRBL mirror site used: $msrbl_mirror_site_info"
1091
if rsync $rsync_output_level $no_motd --files-from=$msrbl_include_dbs -ctuz --stats \
1092
$contimeout --timeout=30 rsync://$msrbl_mirror_ip/msrbl $msrbl_dir 2>/dev/null
1093
then
1094
msrbl_rsync_success="1"
1095
for db_file in $msrbl_dbs ; do
1096
if ! cmp -s $msrbl_dir/$db_file $clam_dbs/$db_file ; then
1097
comment ""
1098
comment "Testing updated MSRBL database file: $db_file"
1099
log "INFO - Testing updated MSRBL database file: $db_file"
1100
if [ "$?" = "0" ] ; then
1101
db_ext=`echo $db_file | cut -d "." -f2`
1102
if [ -z "$ham_dir" -o "$db_ext" != "ndb" ]
1103
then
1104
if clamscan --quiet -d "$msrbl_dir/$db_file" "$config_dir/scan-test.txt" 2>/dev/null
1105
then
1106
comment "Clamscan reports Sanesecurity $db_file database integrity tested good"
1107
log "INFO - Clamscan reports Sanesecurity $db_file database integrity tested good" ; true
1108
else
1109
echo "Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING"
1110
log "WARNING - Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING" ; false
1111
fi && \
1112
(test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak 2>/dev/null ; true) && \
1113
if rsync -cqt $msrbl_dir/$db_file $clam_dbs
1114
then
1115
perms chown $clam_user:$clam_group $clam_dbs/$db_file
1116
comment "Successfully updated MSRBL production database file: $db_file"
1117
log "INFO - Successfully updated MSRBL production database file: $db_file"
1118
msrbl_update=1
1119
do_clamd_reload=1
1120
else
1121
echo "Failed to successfully update MSRBL production database file: $db_file - SKIPPING"
1122
log "WARNING - Failed to successfully update MSRBL production database file: $db_file - SKIPPING"
1123
fi
1124
else
1125
grep -h -v -f "$config_dir/whitelist.hex" "$msrbl_dir/$db_file" > "$test_dir/$db_file"
1126
clamscan --infected --no-summary -d "$test_dir/$db_file" "$ham_dir"/* | \
1127
sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "$config_dir/whitelist.txt"
1128
grep -h -f "$config_dir/whitelist.txt" "$test_dir/$db_file" | \
1129
cut -d "*" -f2 | sort | uniq >> "$config_dir/whitelist.hex"
1130
grep -h -v -f "$config_dir/whitelist.hex" "$test_dir/$db_file" > "$test_dir/$db_file-tmp"
1131
mv -f "$test_dir/$db_file-tmp" "$test_dir/$db_file"
1132
if clamscan --quiet -d "$test_dir/$db_file" "$config_dir/scan-test.txt" 2>/dev/null
1133
then
1134
comment "Clamscan reports Sanesecurity $db_file database integrity tested good"
1135
log "INFO - Clamscan reports Sanesecurity $db_file database integrity tested good" ; true
1136
else
1137
echo "Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING"
1138
log "WARNING - Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING" ; false
1139
fi && \
1140
(test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak 2>/dev/null ; true) && \
1141
if rsync -cqt $test_dir/$db_file $clam_dbs
1142
then
1143
perms chown $clam_user:$clam_group $clam_dbs/$db_file
1144
comment "Successfully updated MSRBL production database file: $db_file"
1145
log "INFO - Successfully updated MSRBL production database file: $db_file"
1146
msrbl_update=1
1147
do_clamd_reload=1
1148
else
1149
echo "Failed to successfully update MSRBL production database file: $db_file - SKIPPING"
1150
log "WARNING - Failed to successfully update MSRBL production database file: $db_file - SKIPPING"
1151
fi
1152
fi
1153
fi
1154
fi
1155
done
1156
if [ "$msrbl_update" != "1" ]
1157
then
1158
comment ""
1159
comment "No MSRBL database file updates found"
1160
log "INFO - No MSRBL database file updates found"
1161
break
1162
else
1163
break
1164
fi
1165
else
1166
comment "Connection to $msrbl_mirror_site_info failed - Trying next mirror site..."
1167
log "WARNING - Connection to $msrbl_mirror_site_info failed - Trying next mirror site..."
1168
fi
1169
done
1170
if [ "$msrbl_rsync_success" != "1" ] ; then
1171
echo ""
1172
echo "Access to all MSRBL mirror sites failed - Check for connectivity issues or"
1173
echo "signature database name(s) misspelled in the script's configuration file."
1174
log "WARNING - Access to all MSRBL mirror sites failed - Check for connectivity issues or"
1175
log "WARNING - signature database name(s) misspelled in the script's configuration file."
1176
fi
1177
fi
1178
1179
1064
#######################################################################
1180
1065
# Check for updated SecuriteInfo database files every set number of #
1181
1066
# hours as defined in the "USER CONFIGURATION" section of this script #
1182
1067
#######################################################################
1183
1068
if [ -n "$si_dbs" ] ; then
1069
rm -f "$si_dir/*.gz"
1184
1070
if [ -s "$config_dir/last-si-update.txt" ]
1185
1071
then
1186
1072
last_si_update=`cat $config_dir/last-si-update.txt`
1201
1087
log "INFO - Checking for SecuriteInfo updates..."
1202
1088
si_updates="0"
1203
1089
for db_file in $si_dbs ; do
1204
z_opt="" DT1="" DT2=""
1205
test -s $si_dir/$db_file.gz && DT1=`ls -l $si_dir/$db_file.gz | awk '{print $6,$7}'` && z_opt="-z $si_dir/$db_file.gz"
1206
1090
if [ "$loop" = "1" ]
1207
1091
then
1208
1092
comment "---"
1212
1096
comment "Checking for updated SecuriteInfo database file: $db_file"
1213
1097
comment ""
1214
1098
si_db_update="0"
1099
if [ -s "$si_dir/$db_file" ]
1100
then
1101
z_opt="-z $si_dir/$db_file"
1102
else
1103
z_opt=""
1104
fi
1215
1105
if curl $curl_proxy $curl_output_level --connect-timeout 15 --max-time 60 \
1216
-L -R $z_opt -o $si_dir/$db_file.gz http://$si_url/$db_file.gz
1106
-L -R $z_opt -o $si_dir/$db_file http://$si_url/$db_file
1217
1107
then
1218
1108
loop="1"
1219
test -s $si_dir/$db_file.gz && DT2=`ls -l $si_dir/$db_file.gz | awk '{print $6,$7}'` && \
1220
test "$DT1" != "$DT2" -o ! -s "$si_dir/$db_file" && gunzip -cdfq $si_dir/$db_file.gz > $si_dir/$db_file
1221
1109
if ! cmp -s $si_dir/$db_file $clam_dbs/$db_file ; then
1222
comment ""
1223
comment "Testing updated SecuriteInfo database file: $db_file"
1224
log "INFO - Testing updated SecuriteInfo database file: $db_file"
1225
1110
if [ "$?" = "0" ] ; then
1226
1111
db_ext=`echo $db_file | cut -d "." -f2`
1112
comment ""
1113
comment "Testing updated SecuriteInfo database file: $db_file"
1114
log "INFO - Testing updated SecuriteInfo database file: $db_file"
1227
1115
if [ -z "$ham_dir" -o "$db_ext" != "ndb" ]
1228
1116
then
1229
1117
if clamscan --quiet -d "$si_dir/$db_file" "$config_dir/scan-test.txt" 2>/dev/null
1233
1121
else
1234
1122
echo "Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING"
1235
1123
log "WARNING - Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING" ; false
1124
rm -f "$si_dir/$db_file"
1236
1125
fi && \
1237
1126
(test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak 2>/dev/null ; true) && \
1238
if rsync -cqt $si_dir/$db_file $clam_dbs
1127
if rsync -pcqt $si_dir/$db_file $clam_dbs
1239
1128
then
1240
1129
perms chown $clam_user:$clam_group $clam_dbs/$db_file
1241
1130
comment "Successfully updated SecuriteInfo production database file: $db_file"
1262
1151
else
1263
1152
echo "Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING"
1264
1153
log "WARNING - Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING" ; false
1154
rm -f "$si_dir/$db_file"
1265
1155
fi && \
1266
1156
(test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak 2>/dev/null ; true) && \
1267
if rsync -cqt $test_dir/$db_file $clam_dbs
1157
if rsync -pcqt $test_dir/$db_file $clam_dbs
1268
1158
then
1269
1159
perms chown $clam_user:$clam_group $clam_dbs/$db_file
1270
1160
comment "Successfully updated SecuriteInfo production database file: $db_file"
1340
1230
then
1341
1231
if ! cmp -s $mbl_dir/$db_file $clam_dbs/$db_file
1342
1232
then
1343
comment ""
1344
comment "Testing updated MalwarePatrol database file: $db_file"
1345
log "INFO - Testing updated database file: $db_file"
1346
1233
if [ "$?" = "0" ] ; then
1347
1234
db_ext=`echo $db_file | cut -d "." -f2`
1235
comment ""
1236
comment "Testing updated MalwarePatrol database file: $db_file"
1237
log "INFO - Testing updated database file: $db_file"
1348
1238
if [ -z "$ham_dir" -o "$db_ext" != "ndb" ]
1349
1239
then
1350
1240
if clamscan --quiet -d "$mbl_dir/$db_file" "$config_dir/scan-test.txt" 2>/dev/null
1356
1246
log "WARNING - Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING" ; false
1357
1247
fi && \
1358
1248
(test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak 2>/dev/null ; true) && \
1359
if rsync -cqt $mbl_dir/$db_file $clam_dbs
1249
if rsync -pcqt $mbl_dir/$db_file $clam_dbs
1360
1250
then
1361
1251
perms chown $clam_user:$clam_group $clam_dbs/$db_file
1362
1252
comment "Successfully updated MalwarePatrol production database file: $db_file"
1384
1274
log "WARNING - Clamscan reports Sanesecurity $db_file database integrity tested BAD - SKIPPING" ; false
1385
1275
fi && \
1386
1276
(test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak 2>/dev/null ; true) && \
1387
if rsync -cqt $test_dir/$db_file $clam_dbs
1277
if rsync -pcqt $test_dir/$db_file $clam_dbs
1388
1278
then
1389
1279
perms chown $clam_user:$clam_group $clam_dbs/$db_file
1390
1280
comment "Successfully updated MalwarePatrol production database file: $db_file"
1438
1328
db_file=`basename $db_url`
1439
1329
if [ "`echo $db_url | cut -d ":" -f1`" = "rsync" ]
1440
1330
then
1441
if ! rsync $rsync_output_level $no_motd $contimeout --timeout=30 -ctuz --exclude=*.txt \
1331
if ! rsync $rsync_output_level $no_motd $contimeout --timeout=30 -crtuz --exclude=*.txt \
1442
1332
--stats --exclude=*.sha256 --exclude=*.sig --exclude=*.gz $db_url $add_dir ; then
1443
1333
echo "Failed rsync connection to $base_url - SKIPPED $db_file update"
1444
1334
log "WARNING - Failed rsync connection to $base_url - SKIPPED $db_file update"
1469
1359
log "WARNING - Clamscan reports $db_file database integrity tested BAD - SKIPPING" ; false
1470
1360
fi && \
1471
1361
(test "$keep_db_backup" = "yes" && cp -f $clam_dbs/$db_file $clam_dbs/$db_file-bak 2>/dev/null ; true) && \
1472
if rsync -cqt $add_dir/$db_file $clam_dbs
1362
if rsync -pcqt $add_dir/$db_file $clam_dbs
1473
1363
then
1474
1364
perms chown $clam_user:$clam_group $clam_dbs/$db_file
1475
1365
comment "Successfully updated User-Added production database file: $db_file"
1531
1421
if [ "$ign_updated" = "1" ] ; then
1532
1422
if clamscan --quiet -d "$config_dir/local.ign" "$config_dir/scan-test.txt"
1533
1423
then
1534
if rsync -cqt $config_dir/local.ign $clam_dbs
1424
if rsync -pcqt $config_dir/local.ign $clam_dbs
1535
1425
then
1536
1426
perms chown $clam_user:$clam_group "$clam_dbs/local.ign"
1537
1427
chmod 0644 "$clam_dbs/local.ign" "$config_dir/monitor-ign.txt"
Loggerhead is a web-based interface for Breezy
Version: 2.0.1