From 852389fb30a21472aaccf36ed7e969cc967471a2 Mon Sep 17 00:00:00 2001 From: Christoph Date: Wed, 26 Oct 2022 18:15:40 +0200 Subject: [PATCH] Add script 'update_clamav-unofficial-sigs.sh'. --- update_clamav-unofficial-sigs.sh | 1344 ++++++++++++++++++++++++++++++ 1 file changed, 1344 insertions(+) create mode 100755 update_clamav-unofficial-sigs.sh diff --git a/update_clamav-unofficial-sigs.sh b/update_clamav-unofficial-sigs.sh new file mode 100755 index 0000000..cba3b53 --- /dev/null +++ b/update_clamav-unofficial-sigs.sh @@ -0,0 +1,1344 @@ +#!/usr/bin/env bash + + +script_dir="$(realpath $(dirname $0))" +script_name="$(basename "$0")" + +conf_file="${script_dir}/conf/install_amavis.conf" + +backup_date="$(date +%Y-%m-%d-%H%M)" +crontab_backup_file="${script_dir}/crontab-root-${backup_date}" + +log_file=$(mktemp) + +# ------------- +# --- Some functions +# ------------- +clean_up() { + + if [[ -f "$crontab_backup_file" ]]; then + + if $terminal ; then + echo " Reenable previously saved crontab from file:"ยง + echo -en " \033[1m$crontab_backup_file\033[m .." + fi + crontab $crontab_backup_file > $log_file 2>&1 + + if [[ $? -eq 0 ]]; then + echo_ok + else + echo_failed + if [[ -n "$log_file" ]] ; then + error "For more informations see log output at '$log_file'." + fi + fi + + fi + + # Perform program exit housekeeping + rm -f $log_file + blank_line + exit $1 +} + +echononl(){ + if $terminal ; then + + echo X\\c > /tmp/shprompt$$ + if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then + echo -e -n "$*\\c" 1>&2 + else + echo -e -n "$*" 1>&2 + fi + rm /tmp/shprompt$$ + + fi +} + +fatal(){ + echo "" + if $terminal ; then + echo -e " [ \033[31m\033[1mFatal\033[m ] $*" + else + echo -e " [ Fatal ] $*" + fi + echo "" + if $terminal ; then + echo -e " \033[1mScript terminated\033[m.." + else + echo -e " Script terminated.." + fi + echo "" + clean_up 1 +} + +error(){ + echo "" + if $terminal ; then + echo -e " [ \033[31m\033[1mError\033[m ] $*" + else + echo " [ Error ] $*" + fi + echo "" +} + +warn (){ + if $terminal ; then + echo "" + echo -e " [ \033[33m\033[1mWarning\033[m ]: $*" + echo "" + fi +} + +info (){ + if $terminal ; then + echo "" + echo -e " [ \033[32m\033[1mInfo\033[m ]: $*" + echo "" + fi +} + +echo_done() { + if $terminal ; then + echo -e "\033[80G[ \033[32mdone\033[m ]" + fi +} +echo_ok() { + if $terminal ; then + echo -e "\033[80G[ \033[32mok\033[m ]" + fi +} +echo_warning() { + if $terminal ; then + echo -e "\033[80G[ \033[33m\033[1mwarn\033[m ]" + fi +} +echo_failed(){ + if $terminal ; then + echo -e "\033[80G[ \033[1;31mfailed\033[m ]" + fi +} +echo_skipped() { + if $terminal ; then + echo -e "\033[80G[ \033[33m\033[1mskipped\033[m ]" + fi +} + +detect_os_1 () { + + if $(which lsb_release > /dev/null 2>&1) ; then + + os_dist="$(lsb_release -i | awk '{print tolower($3)}')" + os_version="$(lsb_release -r | awk '{print tolower($2)}')" + os_codename="$(lsb_release -c | awk '{print tolower($2)}')" + + if [[ "$os_dist" = "debian" ]]; then + if $(echo "$os_version" | grep -q '\.') ; then + os_version=$(echo "$os_version" | cut --delimiter='.' -f1) + fi + fi + + elif [[ -e "/etc/os-release" ]]; then + + . /etc/os-release + + os_dist=$ID + os_version=${VERSION_ID} + + fi + + # remove whitespace from os_dist and os_version + os_dist="${os_dist// /}" + os_version="${os_version// /}" + +} + +blank_line() { + if $terminal ; then + echo "" + fi +} + +# ---------- +# - Jobhandling +# ---------- + +# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM +# - +trap clean_up SIGHUP SIGINT SIGTERM + + +# ---------- +# - Some checks .. +# ---------- + +# - Running in a terminal? +# - +if [[ -t 1 ]] ; then + terminal=true +else + terminal=false +fi + +# - Is this a systemd system? +# - +if [[ "X`which systemd`" = "X" ]]; then + systemd_exists=false +else + systemd_exists=true +fi + +# - Set variable +# - os_dist +# - os_version +# - os_codename +# - +detect_os_1 + +if $terminal ; then + clear + echo "" + echo -e "\033[1m----------\033[m" + echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m" + echo -e "\033[1m----------\033[m" +fi + + + +# ------------- +# --- Some default settings +# ------------- + +DEFAULT_INSTALL_CLAMAV_UNOFFICIAL_SIGS=true + +DEFAULT_MALWARE_PATROL_IN_USE=true +DEFAULT_MALWERE_PATROL_FREE=false +DEFAULT_MP_RECEIPT_NUMBER=106015125438 + +DEFAULT_SECURITE_INFO_IN_USE=true +DEFAULT_SI_AUTHORISATION_SIGNATURE_WF=76ed7ca6670dbee497e1a0397a7e178c4caa25888bc26d7327d1eab0195342a4cfa522dcf10382623d57dbc2a79bd37627b9a52def4d4bfe617d26e35405ce3b +DEFAULT_SI_AUTHORISATION_SIGNATURE_OOPEN=b0b7e94d3fcc8f3b1f128edd5830392361868cf0174723a9924ac25bf8b1b588cb974b50234e1bc1d9839dfe0ca6e1627733d90daf1399347b1046d20c2e3a89 + +DEFAULT_HOSTNAME="$(hostname -f)" + +blank_line +echononl " Read Configuration \033[1m${conf_file}\033[m .." +if [[ -f "$conf_file" ]]; then + source $conf_file > $log_file 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + fatal "$(cat "$log_file")" + else + echo_ok + fi +else + warn "No configuration file '$conf_file' present.\n + Loading default values.." +fi + +if [[ -z "$_HOSTNAME" ]] ; then + _HOSTNAME="$(hostname -f)" + _HOSTNAME_SHORT="$(hostname)" + [[ "$_HOSTNAME" = "$_HOSTNAME_SHORT" ]] && _HOSTNAME="" +fi + +# - Set defaul value for securite signature +# - +if [[ -z "$_SI_AUTHORISATION_SIGNATURE" ]]; then + [[ "$_HOSTNAME" =~ warenform.de$ ]] && _SI_AUTHORISATION_SIGNATURE=$DEFAULT_SI_AUTHORISATION_SIGNATURE_WF + + # - For all this take O.OPEN's Signature + # - + [[ "$_HOSTNAME" =~ oopen.de$ ]] && _SI_AUTHORISATION_SIGNATURE=$DEFAULT_SI_AUTHORISATION_SIGNATURE_OOPEN + [[ "$_HOSTNAME" =~ cadus.org$ ]] && _SI_AUTHORISATION_SIGNATURE=$DEFAULT_SI_AUTHORISATION_SIGNATURE_OOPEN + [[ "$_HOSTNAME" =~ so36.net$ ]] && _SI_AUTHORISATION_SIGNATURE=$DEFAULT_SI_AUTHORISATION_SIGNATURE_OOPEN + [[ "$_HOSTNAME" =~ interventionistische-linke.org$ ]] && _SI_AUTHORISATION_SIGNATURE=$DEFAULT_SI_AUTHORISATION_SIGNATURE_OOPEN + +fi + + +if $terminal ; then + + echo "" + echo -e "\033[32m--\033[m" + echo "" + echo "Load MalwarePatrol Signatures (https://www.malwarepatrol.net)?" + echo "" + echo "Note: You have to sign up for an account. For a free account thats here:" + echo " https://www.malwarepatrol.net/signup-free.shtml" + echo "" + if [[ -z "$_MALWARE_PATROL_IN_USE" ]]; then + echononl "Load MalwarePatrol Singatures (yes/no): " + else + if $_MALWARE_PATROL_IN_USE ; then + echononl "Load MalwarePatrol Singatures [yes]: " + else + echononl "Load MalwarePatrol Singatures [no]: " + fi + fi + read _TMP_LOAD_MP + _TMP_LOAD_MP=${_TMP_LOAD_MP,,} + while [ "X$_TMP_LOAD_MP" != "Xyes" -a "X$_TMP_LOAD_MP" != "Xno" ]; do + if [[ -z "$_MALWARE_PATROL_IN_USE" ]]; then + echononl "Wrong entry! (yes/no): " + read _TMP_LOAD_MP + _TMP_LOAD_MP=${_TMP_LOAD_MP,,} + else + if [ "X$_TMP_LOAD_MP" != "Xyes" -a "X$_TMP_LOAD_MP" != "Xno" ]; then + if [[ "X$_TMP_LOAD_MP" = "X" ]]; then + if $_MALWARE_PATROL_IN_USE ; then + _TMP_LOAD_MP=yes + else + _TMP_LOAD_MP=no + fi + else + if $_MALWARE_PATROL_IN_USE ; then + echononl "Wrong entry! [yes]: " + else + echononl "Wrong entry! [no]: " + fi + read _TMP_LOAD_MP + fi + + fi + fi + done + if [[ "$_TMP_LOAD_MP" = "yes" ]] ; then + MALWARE_PATROL_IN_USE=true + else + MALWARE_PATROL_IN_USE=false + fi + + if $MALWARE_PATROL_IN_USE ; then + + echo "" + echo "" + echo "Are you using a free account from MalwarePatrol?" + echo "" + echo "" + + if [[ -z "$_MALWERE_PATROL_FREE" ]] ; then + echononl " Using fgree acount from MalwarePatrol? (yes/no): " + else + if $_MALWERE_PATROL_FREE ; then + echononl "Using free acount from MalwarePatrol? [yes]: " + else + echononl "Using free acount from MalwarePatrol? [no]: " + fi + fi + read _TMP_FREE_MP + _TMP_FREE_MP=${_TMP_FREE_MP,,} + while [ "X$_TMP_FREE_MP" != "Xyes" -a "X$_TMP_FREE_MP" != "Xno" ]; do + if [[ -z "$_MALWERE_PATROL_FREE" ]]; then + echononl "Wrong entry! (yes/no): " + read _TMP_FREE_MP + _TMP_FREE_MP=${_TMP_FREE_MP,,} + else + if [ "X$_TMP_FREE_MP" != "Xyes" -a "X$_TMP_FREE_MP" != "Xno" ]; then + if [[ "X$_TMP_FREE_MP" = "X" ]]; then + if $_MALWERE_PATROL_FREE ; then + _TMP_FREE_MP=yes + else + _TMP_FREE_MP=no + fi + else + if $_MALWERE_PATROL_FREE ; then + echononl "Wrong entry! [yes]: " + else + echononl "Wrong entry! [no]: " + fi + read _TMP_FREE_MP + fi + fi + fi + done + if [[ "$_TMP_FREE_MP" = "yes" ]] ; then + MALWERE_PATROL_FREE=true + else + MALWERE_PATROL_FREE=false + fi + + # - Set default Value for Malware Patrol serial number (if non free account in use) + # - + if ! $MALWERE_PATROL_FREE ; then + [[ -z "$_MP_RECEIPT_NUMBER" ]] && _MP_RECEIPT_NUMBER="$DEFAULT_MP_RECEIPT_NUMBER" + fi + + # - Set default Value for Malware Patrol serial number (if non free account in use) + # - + if ! $MALWERE_PATROL_FREE ; then + [[ -z "$_MP_RECEIPT_NUMBER" ]] && _MP_RECEIPT_NUMBER="$DEFAULT_MP_RECEIPT_NUMBER" + fi + + echo "" + echo -e "\033[32m--\033[m" + echo "" + echo "Insert receipt number for MalwarePatrol Account" + echo "" + echo "" + MP_RECEIPT_NUMBER= + if [[ -n "$_MP_RECEIPT_NUMBER" ]] ; then + while [[ "X$MP_RECEIPT_NUMBER" = "X" ]]; do + echononl "MalwarePatrol receipt number [$_MP_RECEIPT_NUMBER]: " + read MP_RECEIPT_NUMBER + if [[ "X$MP_RECEIPT_NUMBER" = "X" ]]; then + MP_RECEIPT_NUMBER=$_MP_RECEIPT_NUMBER + fi + done + else + + while [[ "X$MP_RECEIPT_NUMBER" = "X" ]]; do + echononl "MalwarePatrol receipt number: " + read MP_RECEIPT_NUMBER + if [[ "X$MP_RECEIPT_NUMBER" = "X" ]]; then + echo -e "\n\t\033[33m\033[1mMalwarePatrol receipt number is reqired\033[m\n" + fi + done + fi + + + fi + + + echo "" + echo -e "\033[32m--\033[m" + echo "" + echo "Load SecuriteInfo Signatures (https://www.securiteinfo.com)?" + echo "" + echo "Note: You have to sign up for an account. For a free account thats here:" + echo " https://www.securiteinfo.com/clients/customers/signup" + echo "" + if [[ -z "$_SECURITE_INFO_IN_USE" ]]; then + echononl "Load SecuriteInfo Singatures (yes/no): " + else + if $_SECURITE_INFO_IN_USE ; then + echononl "Load SecuriteInfo Singatures [yes]: " + else + echononl "Load SecuriteInfo Singatures [no]: " + fi + fi + read _TMP_LOAD_SI + _TMP_LOAD_SI=${_TMP_LOAD_SI,,} + while [ "X$_TMP_LOAD_SI" != "Xyes" -a "X$_TMP_LOAD_SI" != "Xno" ]; do + if [[ -z "$_SECURITE_INFO_IN_USE" ]]; then + echononl "Wrong entry! (yes/no): " + read _TMP_LOAD_SI + _TMP_LOAD_SI=${_TMP_LOAD_SI,,} + else + if [ "X$_TMP_LOAD_SI" != "Xyes" -a "X$_TMP_LOAD_SI" != "Xno" ]; then + if [[ "X$_TMP_LOAD_SI" = "X" ]]; then + if $_SECURITE_INFO_IN_USE ; then + _TMP_LOAD_SI=yes + else + _TMP_LOAD_SI=no + fi + else + if $_SECURITE_INFO_IN_USE ; then + echononl "Wrong entry! [yes]: " + else + echononl "Wrong entry! [no]: " + fi + read _TMP_LOAD_SI + fi + fi + fi + done + if [[ "$_TMP_LOAD_SI" = "yes" ]] ; then + SECURITE_INFO_IN_USE=true + else + SECURITE_INFO_IN_USE=false + fi + + if $SECURITE_INFO_IN_USE ; then + echo "" + echo -e "\033[32m--\033[m" + echo "" + echo "Insert SecuriteInfo Authorisation Signature" + echo "" + echo "" + SI_AUTHORISATION_SIGNATURE= + if [[ -n "$_SI_AUTHORISATION_SIGNATURE" ]] ; then + while [[ "X$SI_AUTHORISATION_SIGNATURE" = "X" ]]; do + echononl "SecuriteInfo Authorisation Signature [$(echo ${_SI_AUTHORISATION_SIGNATURE:0:4})..$(echo ${_SI_AUTHORISATION_SIGNATURE: -4})]: " + read SI_AUTHORISATION_SIGNATURE + if [[ "X$SI_AUTHORISATION_SIGNATURE" = "X" ]]; then + SI_AUTHORISATION_SIGNATURE=$_SI_AUTHORISATION_SIGNATURE + fi + done + else + + while [[ "X$SI_AUTHORISATION_SIGNATURE" = "X" ]]; do + echononl "SecuriteInfo Authorisation Signature: " + read SI_AUTHORISATION_SIGNATURE + if [[ "X$SI_AUTHORISATION_SIGNATURE" = "X" ]]; then + echo -e "\n\t\033[33m\033[1mSecuriteInfo Authorisation Signature is reqired\033[m\n" + fi + done + fi + fi + + echo "" + echo "" + echo -e " Start script \033[32m\033[1m${script_name}\033[mi with settings:" + echo "" + + echo -e " Install Signatures from MalwarePatrol..: $MALWARE_PATROL_IN_USE" + if $MALWARE_PATROL_IN_USE ; then + echo -e " Free MalwarePatrol account..........: $MALWERE_PATROL_FREE" + echo -e " MalwarePatrol receipt number........: $MP_RECEIPT_NUMBER" + fi + echo "" + echo -e " Install Signatures from SecuriteInfo...: $SECURITE_INFO_IN_USE" + if $SECURITE_INFO_IN_USE ; then + echo -e " SecuriteInfo auth signature.........: $(echo ${SI_AUTHORISATION_SIGNATURE:0:4})..$(echo ${SI_AUTHORISATION_SIGNATURE: -4})" + fi + + echo "" + echononl "Continue with this parameters? [\033[1myes/no\033[m]: " + read OK + while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do + echononl "\033[33mWrong entry!\033[m [\033[1myes/no\033[m]: " + read OK + done + [[ "${OK,,}" = "yes" ]] || fatal "Canceled by user input." + +else + + if [[ -z "$_MALWARE_PATROL_IN_USE" ]] ; then + MALWARE_PATROL_IN_USE=$DEFAULT_MALWARE_PATROL_IN_USE + else + MALWARE_PATROL_IN_USE=$_MALWARE_PATROL_IN_USE + fi + if [[ -z "$_MALWERE_PATROL_FREE" ]] ;then + MALWERE_PATROL_FREE=$DEFAULT_MALWERE_PATROL_FREE + else + MALWERE_PATROL_FREE=$_MALWERE_PATROL_FREE + fi + + if ! $MALWERE_PATROL_FREE ; then + if [[ -z "$_MP_RECEIPT_NUMBER" ]] ; then + MP_RECEIPT_NUMBER="$DEFAULT_MP_RECEIPT_NUMBER" + else + MP_RECEIPT_NUMBER=$_MP_RECEIPT_NUMBER + fi + fi + + + if [[ -z "$_SECURITE_INFO_IN_USE" ]]; then + if $DEFAULT_SECURITE_INFO_IN_USE ; then + SECURITE_INFO_IN_USE=true + else + SECURITE_INFO_IN_USE=false + fi + else + SECURITE_INFO_IN_USE=$_SECURITE_INFO_IN_USE + + fi + + if $SECURITE_INFO_IN_USE ; then + if [[ -z "${_SI_AUTHORISATION_SIGNATURE}" ]]; then + fatal "SecuriteInfo Signatures should be used but an authorization code is not available!" + else + SI_AUTHORISATION_SIGNATURE="${_SI_AUTHORISATION_SIGNATURE}" + fi + fi + + #echo "" + #echo "MALWARE_PATROL_IN_USE: $MALWARE_PATROL_IN_USE" + #echo "MALWERE_PATROL_FREE: $MALWERE_PATROL_FREE" + #echo "MP_RECEIPT_NUMBER: $MP_RECEIPT_NUMBER" + #echo "" + #echo "SECURITE_INFO_IN_USE: $SECURITE_INFO_IN_USE" + #echo "SI_AUTHORISATION_SIGNATURE: $SI_AUTHORISATION_SIGNATURE" + #echo "" +fi + + +if $terminal ; then + echo + echo -e "\033[37m\033[1mSome pre-installation tasks..\033[m" + echo +fi + +# - Synchronise package index files with the repository +# - +echononl " Synchronise package index files with the repository.." +apt-get update > "$log_file" 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + error "$(cat $log_file)" +fi + + +echononl " Install (debian package) socat" +_pkg=socat +if aptitude search " $_pkg " | grep " $_pkg " | grep -e "^i" > /dev/null 2>&1 ; then + echo_skipped +else + DEBIAN_FRONTEND=noninteractive apt-get -y install $_pkg > /dev/null 2> $log_file + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + fi +fi + +echononl " Install CPAN Module IO::Socket::UNIX" +_module="IO::Socket::UNIX" +cpanm -q --skip-installed $_module > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + error "$(cat $log_file) + + command was: + cpanm -q --skip-installed $_module" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" +fi + + +echononl " Backup crontab" +crontab -u root -l > $crontab_backup_file 2> $log_file +if [[ "$?" = "0" ]]; then + echo_ok +else + echo_failed + error "$(cat $log_file)" +fi + +echononl " Disable crontab for user root" +crontab -r -u root > $log_file 2>&1 +if [[ "$?" = "0" ]]; then + echo_ok +else + echo_failed + error "$(cat $log_file)" +fi + +echononl " Backup directory '/etc/clamav-unofficial-sigs' .." +if [[ -d "/etc/clamav-unofficial-sigs" ]]; then + mv "/etc/clamav-unofficial-sigs" "/etc/clamav-unofficial-sigs.BAK.${backup_date}" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + fi +else + echo_skipped +fi + + +if $terminal ; then + echo "" + echo -e " \033[37m\033[1mUpdate / Install (Update) ClamAV Unofficial Signatures..\033[m" +fi + + +echononl " Cloning repository \"clamav-unofficial-sigs.git\".." +installation_failed=false +if [[ -d "/tmp/clamav-unofficial-sigs" ]]; then + rm -rf "/tmp/clamav-unofficial-sigs" > $log_file 2>&1 + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + fi +fi +git clone https://github.com/extremeshok/clamav-unofficial-sigs.git /tmp/clamav-unofficial-sigs > $log_file 2>&1 +if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" +fi +if ! $installation_failed ; then + echo_ok +fi + +echononl " Copy \"clamav-unofficial-sigs.sh\" to /usr/local/sbin/" +cp -a /tmp/clamav-unofficial-sigs/clamav-unofficial-sigs.sh /usr/local/sbin/ > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" +fi + +echononl " Make /usr/local/sbin/clamav-unofficial-sigs.sh executable" +chmod 755 /usr/local/sbin/clamav-unofficial-sigs.sh > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" +fi + + +echononl " Check if working directory for 'urlhaus' will be created if not exists.." +_clamav_script="/usr/local/sbin/clamav-unofficial-sigs.sh" +if ! $(grep -q -E "^\s*xshok_mkdir_ownership\s+\"\\\$work_dir_urlhaus\"" "${_clamav_script}" 2> /dev/null) ; then + + if $(grep -q -E "^\s*xshok_mkdir_ownership\s+\"\\\$work_dir\"" "${_clamav_script}" 2> /dev/null) ; then + + perl -i -n -p \ + -e "s#(\s*xshok_mkdir_ownership\s+)(\"\\\$work_dir\")#\1\2\n\1\"\\\$work_dir_urlhaus\"#" \ + "${_clamav_script}" > $log_file 2>&1 + + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + fi + + else + echo_skipped + fi +else + echo_skipped +fi + +_create_dirs="/var/log/clamav-unofficial-sigs /etc/clamav-unofficial-sigs" +for _create_dir in $_create_dirs ; do + echononl " Create directory \"${_create_dir}\"" + if [[ -d "$_create_dir" ]]; then + echo_skipped + else + mkdir "$_create_dir" > $log_file 2>&1 + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + fi + fi +done + +echononl " Copy Configuration files to /etc/clamav-unofficial-sigs" +cp -a /tmp/clamav-unofficial-sigs/config/* /etc/clamav-unofficial-sigs > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" +fi + +echononl " Copy readme file 'INSTALL' into '/etc/clamav-unofficial-sigs/'.." +if [[ -f "/tmp/clamav-unofficial-sigs/INSTALL" ]]; then + cp -a /tmp/clamav-unofficial-sigs/INSTALL /etc/clamav-unofficial-sigs/INSTALL > $log_file 2>&1 + + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + fi + +elif [[ -f "/tmp/clamav-unofficial-sigs/INSTALL.md" ]]; then + cp -a /tmp/clamav-unofficial-sigs/INSTALL.md /etc/clamav-unofficial-sigs/INSTALL.md > $log_file 2>&1 + + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + fi + +else + echo_skipped +fi + + + +if [[ "${os_dist,,}" = "debian" ]] ; then + + ## - For Debian Jessie (Debian 8) // Stretch (Debian 9) // Buster (Debian 10) // Bullseye (Debian 11) + ## - + _failed=false + echononl " At directory /etc/clamav-unofficial-sigs copy os.debian${os_version}.conf to os.conf" + if [[ ! -f /etc/clamav-unofficial-sigs/os/os.debian${os_version}.conf ]] ; then + _tmp_version=$(expr $os_version - 1) + if [[ -f "/etc/clamav-unofficial-sigs/os/os.debian${_tmp_version}.systemd.conf" ]] ; then + cp "/etc/clamav-unofficial-sigs/os/os.debian${_tmp_version}.systemd.conf" \ + "/etc/clamav-unofficial-sigs/os.conf" > $log_file 2>&1 + if [[ $? -ne 0 ]]; then + echo "Error copying /etc/clamav-unofficial-sigs/os.debian${os_version}.systemd.conf" >> $log_file + _failed=true + fi + else + if [[ -f "/etc/clamav-unofficial-sigs/os/os.debian.conf" ]] ; then + cp "/etc/clamav-unofficial-sigs/os/os.debian.conf" \ + "/etc/clamav-unofficial-sigs/os.conf" > $log_file 2>&1 + if [[ $? -ne 0 ]]; then + _failed=true + fi + else + _failed=true + fi + fi + else + cp "/etc/clamav-unofficial-sigs/os/os.debian${os_version}.conf" \ + "/etc/clamav-unofficial-sigs/os.conf" > $log_file 2>&1 + if [[ $? -ne 0 ]]; then + _failed=true + fi + fi + if ! $_failed ; then + echo_ok + else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + fi + + ## - Edit /etc/clamav-unofficial-sigs/os.conf and make changes if needed + ## - + ## - Maybe the following changes are needed: + ## - clam_user="clamav" + ## - clam_group="clamav" + ## - + ## - clamd_pid="/var/run/clamav/clamd.pid" + ## - + ## - clamd_restart_opt="systemctl restart clamav-daemon" + ## - clamd_reload_opt="systemctl reload clamav-daemon" + ## - or if debian 7 + ## - clamd_restart_opt="service clamav-daemon restart" + ## - clamd_reload_opt="service clamav-daemon reload" + ## - + ## - clamd_socket="/var/run/clamav/clamd.ctl" + ## - + echononl " Adjust /etc/clamav-unofficial-sigs/os.conf" + installation_failed=false + perl -i -n -p -e "s#^([ ]*\ *)(clam_user=.*)#\#\#\1\2\nclam_user=\"clamav\"#" \ + /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + fi + perl -i -n -p -e "s#^([ ]*\ *)(clam_group=.*)#\#\#\1\2\nclam_group=\"clamav\"#" \ + /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + fi + + if [[ "${os_dist,,}" = "debian" ]] && [[ "$os_version" -ge 10 ]]; then + perl -i -n -p -e "s#^([ ]*\ *)(clamd_pid=.*)#\#\#\1\2\nclamd_pid=\"/run/clamav/clamd.pid\"#" \ + /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 + else + perl -i -n -p -e "s#^([ ]*\ *)(clamd_pid=.*)#\#\#\1\2\nclamd_pid=\"/var/run/clamav/clamd.pid\"#" \ + /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 + fi + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + fi + + if $systemd_exists ; then + perl -i -n -p -e "s#^([ ]*\#?\ *)(clamd_restart_opt=.*)#\#\#\1\2\nclamd_restart_opt=\"systemctl restart clamav-daemon\"\nclamd_reload_opt=\"systemctl reload clamav-daemon\"#" \ + /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + fi + else + perl -i -n -p -e "s#^([ ]*\#?\ *)(clamd_restart_opt=.*)#\#\#\1\2\nclamd_restart_opt=\"service clamav-daemon restart\"\nclamd_reload_opt=\"service clamav-daemon reload\"#" \ + /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + fi + fi + if [[ "${os_dist,,}" = "debian" ]] && [[ "$os_version" -ge 10 ]]; then + perl -i -n -p -e "s#^([ ]*\#?\ *)(clamd_socket=.*)#\#\#\1\2\nclamd_socket=\"/run/clamav/clamd.ctl\"#" \ + /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 + else + perl -i -n -p -e "s#^([ ]*\#?\ *)(clamd_socket=.*)#\#\#\1\2\nclamd_socket=\"/var/run/clamav/clamd.ctl\"#" \ + /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 + fi + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + fi + if ! $installation_failed ; then + echo_ok + fi + +else + + error "Cannot create file 'os.conf' (No Linux Distribution detected) + See file /etc/clamav-unofficial-sigs/INSTALL to create it manually" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + +fi # if [[ "${os_dist,,}" = "debian" ]] + + +echononl " Adjust /etc/clamav-unofficial-sigs/user.conf" + +cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file + +# -------------------------------------- +# --- Begin: User specific modifications +# --- Inserted by install-script "$(basename "$0")" at $(date +"%Y-%m-%d %H:%M") +EOF + +if $MALWARE_PATROL_IN_USE || $SECURITE_INFO_IN_USE ; then + + if $MALWARE_PATROL_IN_USE ; then + + cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file + +malwarepatrol_receipt_code="$MP_RECEIPT_NUMBER" +malwarepatrol_list="clamav_basic" +EOF + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + fi + + + if $MALWERE_PATROL_FREE ; then + cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file +malwarepatrol_product_code="8" +malwarepatrol_free="yes" +EOF + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + fi + else + cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file +malwarepatrol_product_code="15" +malwarepatrol_free="no" +EOF + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + fi + fi + fi # if $MALWARE_PATROL_IN_USE + + if $SECURITE_INFO_IN_USE ; then + cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file +# - SecuriteInfo +# - +# - type: basic +# - account: ckubu@oopen.de +# - signatur: abb4ec6b..46b59a4e +# - +# - type: professional +# - account: oo@oopen.de +# - signatur: b0b7e94d..0c2e3a89 +# - +securiteinfo_authorisation_signature="$SI_AUTHORISATION_SIGNATURE" +EOF + if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" + fi + fi # if $SECURITE_INFO_IN_USE +fi #if $MALWARE_PATROL_IN_USE || $SECURITE_INFO_IN_USE +cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file + +# - Disable Yara-Rule set, because (some?) pgp mails where blocked. +# - +yararulesproject_enabled="no" + +user_configuration_complete="yes" + +# --- End: User specific modifications" +# ------------------------------------- +EOF +if [[ "$?" -ne 0 ]] ; then + installation_failed=true + error "$(cat $log_file)" +fi +if ! $installation_failed ; then + echo_ok +else + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + +fi + + +echononl " Copy Systemd Configurations to /etc/systemd/system" +cp /tmp/clamav-unofficial-sigs/systemd/* /etc/systemd/system/ > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" +fi + +echononl " Adjust /etc/systemd/system/clamav-unofficial-sigs.service" +perl -i -n -p -e "s#^([ ]*\ *)(ExecStart=.*)#\#\#\1\2\nExecStart=/usr/local/sbin/clamav-unofficial-sigs.sh#" \ + /etc/systemd/system/clamav-unofficial-sigs.service > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" +fi + + +echononl " Install Cron configs" +/usr/local/sbin/clamav-unofficial-sigs.sh --install-cron > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + + if $terminal ; then + error " +$(cat $log_file) + + command was: + /usr/local/sbin/clamav-unofficial-sigs.sh --install-cron" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + blank_line + blank_line + else + error "Installing cron configuration FAILED! + +$(cat $log_file) + + command was: + /usr/local/sbin/clamav-unofficial-sigs.sh --install-cron" + + fi +fi + +echononl " Install logrotate configuration" +/usr/local/sbin/clamav-unofficial-sigs.sh --install-logrotate > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + + if $terminal ; then + error " +$(cat $log_file) + + command was: + /usr/local/sbin/clamav-unofficial-sigs.sh --install-logrotate" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + blank_line + blank_line + else + error "Installing logrotate configuration FAILED! + +$(cat $log_file) + + command was: + /usr/local/sbin/clamav-unofficial-sigs.sh --install-logrotate" + + fi +fi + +echononl " Install man (help) file" +/usr/local/sbin/clamav-unofficial-sigs.sh --install-man > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + + if $terminal ; then + error " +$(cat $log_file) + + command was: + /usr/local/sbin/clamav-unofficial-sigs.sh --install-man" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + blank_line + blank_line + else + error "Installing man (help) FAILED! + +$(cat $log_file) + + command was: + /usr/local/sbin/clamav-unofficial-sigs.sh --install-man" + + fi +fi + +echononl " Whitelist signature 'MBL_27966083'.." +echo "MBL_27966083" >> /var/lib/clamav/my_whitelist.ign2 2> $log_file +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + + if $terminal ; then + error " +$(cat $log_file) + + command was: + echo \"MBL_27966083\" >> /var/lib/clamav/my_whitelist.ign2" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + blank_line + blank_line + else + error "Whitelisting signature 'MBL_27966083' FAILED! + +$(cat $log_file) + + command was: + echo \"MBL_27966083\" >> /var/lib/clamav/my_whitelist.ign2" + + fi +fi + + +if $terminal ; then + echo " First Usage to initialise ClamAV unofficial sigs" + echo -n " see /var/log/clamav-unofficial-sigs/clamav-unofficial-sigs.log" +fi +/usr/local/sbin/clamav-unofficial-sigs.sh > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + + if $terminal ; then + error " +$(cat $log_file) + + command was: + /usr/local/sbin/clamav-unofficial-sigs.sh" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + blank_line + blank_line + else + error "First Usage to initialise ClamAV unofficial sigs FAILED! + +$(cat $log_file) + + command was: + /usr/local/sbin/clamav-unofficial-sigs.sh" + + fi +fi + + +echononl " Remove git repository /tmp/clamav-unofficial-sigs" +rm -rf /tmp/clamav-unofficial-sigs > $log_file 2>&1 +if [[ $? -eq 0 ]] ; then + echo_ok +else + echo_failed + + if $terminal ; then + error "$(cat $log_file)" + + echononl "continue anyway [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + blank_line + blank_line + else + error "Removing git repository /tmp/clamav-unofficial-sigs FAILED! + +$(cat $log_file) + + command was: + rm -rf /tmp/clamav-unofficial-sigs" + fi +fi + + +if $terminal ; then + echo + echo -e "\033[37m\033[1mSome post-update / post-installation tasks..\033[m" + echo +fi + +clean_up 0 +