Bill Landry wrote the following on 3/6/2007 8:05 AM -0800:
Dennis Davis wrote the following on 3/6/2007 6:14 AM -0800:
On Mon, 5 Mar 2007, Bill Landry wrote:
From: Bill Landry <[EMAIL PROTECTED]>
To: ClamAV users ML <clamav-users@lists.clamav.net>,
[EMAIL PROTECTED]
Date: Mon, 05 Mar 2007 23:39:58 -0800
Subject: Re: [Clamav-users] msrbl sigs: rsync
...
# Check for MSRBL IMAGE database update
rsync -a rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-Images.hdb \
$rsync_dir/MSRBL-Images.ndb
cp $rsync_dir/MSRBL-Images.ndb $tmp_dir
Shouldn't that read "MSRBL-Images.hdb" in the last two lines above?
Yes, you are correct, thanks for catching that (damn keyboard
viruses!) ;-)
Bill
Here is my latest script iteration, which now includes testing for newer
files before copying the file to the temp working directory for testing,
and when copying is done due to a newer file being found, the original
timestamps will be now preserved on the copied files.
==========
#!/bin/bash
# Either set and export PATH
PATH=/bin:/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH
# or set individual program paths
#clamd="/usr/local/sbin/clamd"
#clamscan="/usr/local/bin/clamscan"
#curl="/usr/local/bin/curl"
#gunzip="/bin/gunzip"
#service="/sbin/service"
#test="/usr/bin/test"
# Set working directory paths
tmp_dir="/var/tmp/clamdb"
rsync_dir="/var/tmp/rsync"
# Change shell to ClamAV database directory
cd /var/lib/clamav
# Check for SaneSecurity SCAM database update
curl -R -s -S -z scam.ndb.gz -o $tmp_dir/scam.ndb.gz \
http://www.sanesecurity.com/clamav/scam.ndb.gz
test -s $tmp_dir/scam.ndb.gz && \
gunzip -cdf $tmp_dir/scam.ndb.gz > $tmp_dir/scam.ndb && \
mv -f $tmp_dir/scam.ndb.gz . && \
clamscan --quiet -d $tmp_dir/scam.ndb - < /dev/null && \
cp --reply=yes scam.ndb scam.ndb-bak && \
mv -f $tmp_dir/scam.ndb .
# Check for SaneSecurity PHISH database update
curl -R -s -S -z phish.ndb.gz -o $tmp_dir/phish.ndb.gz \
http://www.sanesecurity.com/clamav/phish.ndb.gz
test -s $tmp_dir/phish.ndb.gz && \
gunzip -cdf $tmp_dir/phish.ndb.gz > $tmp_dir/phish.ndb && \
mv -f $tmp_dir/phish.ndb.gz . && \
clamscan --quiet -d $tmp_dir/phish.ndb - < /dev/null && \
cp --reply=yes phish.ndb phish.ndb-bak && \
mv -f $tmp_dir/phish.ndb .
# Check for MSRBL SPAM database update
rsync -a rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-SPAM.ndb \
$rsync_dir/MSRBL-SPAM.ndb
test $rsync_dir/MSRBL-SPAM.ndb -nt MSRBL-SPAM.ndb && \
cp -p $rsync_dir/MSRBL-SPAM.ndb $tmp_dir && \
test -s $tmp_dir/MSRBL-SPAM.ndb && \
clamscan --quiet -d $tmp_dir/MSRBL-SPAM.ndb - < /dev/null && \
cp --reply=yes MSRBL-SPAM.ndb MSRBL-SPAM.ndb-bak && \
mv -u $tmp_dir/MSRBL-SPAM.ndb .
# Check for MSRBL IMAGE database update
rsync -a rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-Images.hdb \
$rsync_dir/MSRBL-Images.hdb
test $rsync_dir/MSRBL-Images.hdb -nt MSRBL-Images.hdb && \
cp -p $rsync_dir/MSRBL-Images.hdb $tmp_dir && \
test -s $tmp_dir/MSRBL-Images.hdb && \
clamscan --quiet -d $tmp_dir/MSRBL-Images.hdb - < /dev/null && \
cp --reply=yes MSRBL-Images.hdb MSRBL-Images.hdb-bak && \
mv -u $tmp_dir/MSRBL-Images.hdb .
# Set appropriate file permission (should be whatever user account
# ClamD is running under)
chown -R clamav:clamav /var/lib/clamav
# Remove any leftover files in the $tmp_dir working directory
# (should only happen when a corrupted database is detected)
rm -f /var/tmp/clamdb/*
# Reload databases (should not be necessary if you have "SelfCheck"
# enabled in clamd.conf and/or "NotifyClamd" enabled in freshclam.conf)
#service clamd reload
==========
Bill
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
