# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
-# This file is sourced as a shell script
-# It's only purpose is to exclude user defined
-# file types and directories from the clamscan
-# process triggered by
-# /etc/cron.daily/clamav
+# This file is executed by the /etc/cron/daily/clamav shell script
+# It is used to exclude specified file types and directories from the virus scan.
#
-# FINDFILEFILTER. This parameter should be defined as an array of "find" file filter arguments
-# See "man find" for help on file filters for the "find" command
+# FIND_FILE_FILTER_ARRAY:
+# This parameter should be defined as an array of "find" file filter arguments, useful
+# for specifying file types that should be ignored
+# See "man find" for help on file filters for the "find" command
#
-# FINDPRUNEFILTER. This parameter should be defined as an array of "find" path prune filter arguments
-# See "man find" for help on pruning paths for the "find" command
+# FIND_PRUNE_FILTER_ARRAY:
+# This parameter should be defined as an array of "find" path prune filter arguments, useful
+# for specifying directory trees that should be ignored
+# See "man find" for help on pruning paths for the "find" command
#
# EXAMPLES:
# FIND_FILE_FILTER_ARRAY=(! -iname '*.vdi' ! -iname '*.mp4' ! -name 'Hello World*')
then
echo "$DATE: clamav is not installed or is incorrectly installed." >> $ERRORLOG
notify-send-user -i /usr/share/pixmaps/clamtk.png -u critical "clamav: software not installed correctly"
+ chmod a+r $ERRORLOG
exit 1
fi
if [ ! -f $SCANEXC ]
then
echo "$DATE: File $SCANEXC does not exist." >> $ERRORLOG
+ chmod a+r $ERRORLOG
notify-send-user -i /usr/share/pixmaps/clamtk.png -u critical "clamav: File $SCANEXC not found"
exit 2
fi
# Read and set up the path and file excludes
. $SCANEXC >/dev/null 2>&1
-# File permissions for file creations
-umask 0027
-
# Create the scan log file if it doesn't exist
if [ -f $SCANLOG ]
then
# Compress the previous scan log
- TIMESTAMP=`date +"%s"`
+ TIMESTAMP=`date +"%Y-%m-%d_%T"`
gzip -9 -c $SCANLOG > ${SCANLOG}-${TIMESTAMP}.gz
else
touch -t 000001010000 $SCANLOG
mkdir -p $SCANQNT
ionice -c 3 nice /usr/bin/clamscan --file-list=$SCANFIL --log=$SCANLOG --infected --copy=$SCANQNT >/dev/null 2>&1
-DATE=`date -u`
echo "Finish time: $DATE" >> $SCANLOG
+chmod a+r $SCANLOG
+
# Check if any viruses were found
-INFECTED_FILE_COUNT=`grep '^Infected files: ' /var/log/clamav/scan.log | sed 's/^Infected files: //'`
+INFECTED_FILE_COUNT=`grep '^Infected files: ' /var/log/clamav/scan.log | sed 's/^Infected files: //'`
if [ "$INFECTED_FILE_COUNT" -gt "0" ]
then
notify-send-user -i /usr/share/pixmaps/clamtk.png -u critical "clamav: $INFECTED_FILE_COUNT infected files found" "see $SCANLOG for details"
fi
rm -f $SCANFIL
+
exit 0
--- /dev/null
+#! /bin/bash
+
+if [[ $EUID -ne 0 ]]; then
+ echo "This script must be run as root"
+ exit 1
+fi
+
+cp etc/cron.daily/clamav /etc/cron.daily
+cp etc/clamav/clamscan_excludes.conf /etc/clamav
Code Review / infra / tools.git / commitdiff