Dennis Peterson wrote:
Any tool anyone can suggest comes with the
implication that some local effort is going to be required. Nobody has
yet written the magic.sh script that can run autonomously, scan your
network, and decide on it's own what needs to be done.
Sticking to talking about a "magic.sh" that installs the latest version
of an anti-virus engine ...
There is in fact such a tool for Sophos (through mailscanner).
mailscanner comes with sophos-autoupdate (which is the same idea as
freshclam)... but then there's an add on called MajorSophos.sh, which
downloads and installs the current engine.
I have it run against my test server a 10 days before I have it run on
my production servers. It throws out any warnings, I get 10 days to
hear if anyone else has a problem with the new version (20 really, since
they tend to come out on the 1st, and cron runs the script on the 10th).
And at any time I can stop the update from running on the production
servers.
And that's basically the setup I want to have with ClamAV. I want a
"MajorFreshclam" that has:
A) exploration mode (to be run on a test server, via cron)
1) check on the state of what the current version of clamav is,
2) if there's a new stable release: shut down the current one,
download it, config it, build it, try to reconcile config files (take
known settings from the old config file and put them into the new config
file, report on new/unexpected config file items), install it on the
test servers
3) optionally forcibly re-installs (from downloading to local, or via
CPAN) the current/newest perl module
4) run tests
5) mail me the output of 1-4
B) blessing mode (to be run on the test server, manually)
- have a command line option for pushing the new executables and
config files into whatever my central distribution mechanism is. A
single step "'install' from build location to repository".
C) production mode (run on production servers, via cfengine or cron)
1) looks in a local distribution point for a new version
2) halts the old version, installs the new version, starts the new
version
3) optionally forcibly re-installs the current/newest perl module
(from local distribution point, or from CPAN -- configurable)
D) a less safe mode that basically combines A and C, and skips B. But
include lots of warnings about using this mode.
And, I'm happy to _write_ such a beast. I'm not just requesting it from
someone else. I'm just saying, that's what the OP's request brings to
my mind. The main thing that keeps me from writing it is: that lack of
a "-current" copy of the download archive.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
