#!/usr/bin/env bash script_dir="$(realpath $(dirname $0))" script_name="$(basename "$0")" conf_file="${script_dir}/conf/install_amavis.conf" backup_date="$(date +%Y-%m-%d-%H%M)" crontab_backup_file="${script_dir}/crontab-root-${backup_date}" log_file=$(mktemp) # ------------- # --- Some functions # ------------- clean_up() { if [[ -f "$crontab_backup_file" ]]; then if $terminal ; then echo " Reenable previously saved crontab from file:"ยง echo -en " \033[1m$crontab_backup_file\033[m .." fi crontab $crontab_backup_file > $log_file 2>&1 if [[ $? -eq 0 ]]; then echo_ok else echo_failed if [[ -n "$log_file" ]] ; then error "For more informations see log output at '$log_file'." fi fi fi # Perform program exit housekeeping rm -f $log_file blank_line exit $1 } echononl(){ if $terminal ; then echo X\\c > /tmp/shprompt$$ if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then echo -e -n "$*\\c" 1>&2 else echo -e -n "$*" 1>&2 fi rm /tmp/shprompt$$ fi } fatal(){ echo "" if $terminal ; then echo -e " [ \033[31m\033[1mFatal\033[m ] $*" else echo -e " [ Fatal ] $*" fi echo "" if $terminal ; then echo -e " \033[1mScript terminated\033[m.." else echo -e " Script terminated.." fi echo "" clean_up 1 } error(){ echo "" if $terminal ; then echo -e " [ \033[31m\033[1mError\033[m ] $*" else echo " [ Error ] $*" fi echo "" } warn (){ if $terminal ; then echo "" echo -e " [ \033[33m\033[1mWarning\033[m ]: $*" echo "" fi } info (){ if $terminal ; then echo "" echo -e " [ \033[32m\033[1mInfo\033[m ]: $*" echo "" fi } echo_done() { if $terminal ; then echo -e "\033[80G[ \033[32mdone\033[m ]" fi } echo_ok() { if $terminal ; then echo -e "\033[80G[ \033[32mok\033[m ]" fi } echo_warning() { if $terminal ; then echo -e "\033[80G[ \033[33m\033[1mwarn\033[m ]" fi } echo_failed(){ if $terminal ; then echo -e "\033[80G[ \033[1;31mfailed\033[m ]" fi } echo_skipped() { if $terminal ; then echo -e "\033[80G[ \033[33m\033[1mskipped\033[m ]" fi } detect_os_1 () { if $(which lsb_release > /dev/null 2>&1) ; then os_dist="$(lsb_release -i | awk '{print tolower($3)}')" os_version="$(lsb_release -r | awk '{print tolower($2)}')" os_codename="$(lsb_release -c | awk '{print tolower($2)}')" if [[ "$os_dist" = "debian" ]]; then if $(echo "$os_version" | grep -q '\.') ; then os_version=$(echo "$os_version" | cut --delimiter='.' -f1) fi fi elif [[ -e "/etc/os-release" ]]; then . /etc/os-release os_dist=$ID os_version=${VERSION_ID} fi # remove whitespace from os_dist and os_version os_dist="${os_dist// /}" os_version="${os_version// /}" } blank_line() { if $terminal ; then echo "" fi } # ---------- # - Jobhandling # ---------- # - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM # - trap clean_up SIGHUP SIGINT SIGTERM # ---------- # - Some checks .. # ---------- # - Running in a terminal? # - if [[ -t 1 ]] ; then terminal=true else terminal=false fi # - Is this a systemd system? # - if [[ "X`which systemd`" = "X" ]]; then systemd_exists=false else systemd_exists=true fi # - Set variable # - os_dist # - os_version # - os_codename # - detect_os_1 if $terminal ; then clear echo "" echo -e "\033[1m----------\033[m" echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m" echo -e "\033[1m----------\033[m" fi # ------------- # --- Some default settings # ------------- DEFAULT_INSTALL_CLAMAV_UNOFFICIAL_SIGS=true DEFAULT_MALWARE_PATROL_IN_USE=true DEFAULT_MALWERE_PATROL_FREE=false DEFAULT_MP_RECEIPT_NUMBER=106015125438 DEFAULT_SECURITE_INFO_IN_USE=true DEFAULT_SI_AUTHORISATION_SIGNATURE_WF=76ed7ca6670dbee497e1a0397a7e178c4caa25888bc26d7327d1eab0195342a4cfa522dcf10382623d57dbc2a79bd37627b9a52def4d4bfe617d26e35405ce3b DEFAULT_SI_AUTHORISATION_SIGNATURE_OOPEN=b0b7e94d3fcc8f3b1f128edd5830392361868cf0174723a9924ac25bf8b1b588cb974b50234e1bc1d9839dfe0ca6e1627733d90daf1399347b1046d20c2e3a89 DEFAULT_HOSTNAME="$(hostname -f)" blank_line echononl " Read Configuration \033[1m${conf_file}\033[m .." if [[ -f "$conf_file" ]]; then source $conf_file > $log_file 2>&1 if [[ $? -ne 0 ]]; then echo_failed fatal "$(cat "$log_file")" else echo_ok fi else warn "No configuration file '$conf_file' present.\n Loading default values.." fi if [[ -z "$_HOSTNAME" ]] ; then _HOSTNAME="$(hostname -f)" _HOSTNAME_SHORT="$(hostname)" [[ "$_HOSTNAME" = "$_HOSTNAME_SHORT" ]] && _HOSTNAME="" fi # - Set defaul value for securite signature # - if [[ -z "$_SI_AUTHORISATION_SIGNATURE" ]]; then [[ "$_HOSTNAME" =~ warenform.de$ ]] && _SI_AUTHORISATION_SIGNATURE=$DEFAULT_SI_AUTHORISATION_SIGNATURE_WF # - For all this take O.OPEN's Signature # - [[ "$_HOSTNAME" =~ oopen.de$ ]] && _SI_AUTHORISATION_SIGNATURE=$DEFAULT_SI_AUTHORISATION_SIGNATURE_OOPEN [[ "$_HOSTNAME" =~ cadus.org$ ]] && _SI_AUTHORISATION_SIGNATURE=$DEFAULT_SI_AUTHORISATION_SIGNATURE_OOPEN [[ "$_HOSTNAME" =~ so36.net$ ]] && _SI_AUTHORISATION_SIGNATURE=$DEFAULT_SI_AUTHORISATION_SIGNATURE_OOPEN [[ "$_HOSTNAME" =~ interventionistische-linke.org$ ]] && _SI_AUTHORISATION_SIGNATURE=$DEFAULT_SI_AUTHORISATION_SIGNATURE_OOPEN fi if $terminal ; then echo "" echo -e "\033[32m--\033[m" echo "" echo "Load MalwarePatrol Signatures (https://www.malwarepatrol.net)?" echo "" echo "Note: You have to sign up for an account. For a free account thats here:" echo " https://www.malwarepatrol.net/signup-free.shtml" echo "" if [[ -z "$_MALWARE_PATROL_IN_USE" ]]; then echononl "Load MalwarePatrol Singatures (yes/no): " else if $_MALWARE_PATROL_IN_USE ; then echononl "Load MalwarePatrol Singatures [yes]: " else echononl "Load MalwarePatrol Singatures [no]: " fi fi read _TMP_LOAD_MP _TMP_LOAD_MP=${_TMP_LOAD_MP,,} while [ "X$_TMP_LOAD_MP" != "Xyes" -a "X$_TMP_LOAD_MP" != "Xno" ]; do if [[ -z "$_MALWARE_PATROL_IN_USE" ]]; then echononl "Wrong entry! (yes/no): " read _TMP_LOAD_MP _TMP_LOAD_MP=${_TMP_LOAD_MP,,} else if [ "X$_TMP_LOAD_MP" != "Xyes" -a "X$_TMP_LOAD_MP" != "Xno" ]; then if [[ "X$_TMP_LOAD_MP" = "X" ]]; then if $_MALWARE_PATROL_IN_USE ; then _TMP_LOAD_MP=yes else _TMP_LOAD_MP=no fi else if $_MALWARE_PATROL_IN_USE ; then echononl "Wrong entry! [yes]: " else echononl "Wrong entry! [no]: " fi read _TMP_LOAD_MP fi fi fi done if [[ "$_TMP_LOAD_MP" = "yes" ]] ; then MALWARE_PATROL_IN_USE=true else MALWARE_PATROL_IN_USE=false fi if $MALWARE_PATROL_IN_USE ; then echo "" echo "" echo "Are you using a free account from MalwarePatrol?" echo "" echo "" if [[ -z "$_MALWERE_PATROL_FREE" ]] ; then echononl " Using fgree acount from MalwarePatrol? (yes/no): " else if $_MALWERE_PATROL_FREE ; then echononl "Using free acount from MalwarePatrol? [yes]: " else echononl "Using free acount from MalwarePatrol? [no]: " fi fi read _TMP_FREE_MP _TMP_FREE_MP=${_TMP_FREE_MP,,} while [ "X$_TMP_FREE_MP" != "Xyes" -a "X$_TMP_FREE_MP" != "Xno" ]; do if [[ -z "$_MALWERE_PATROL_FREE" ]]; then echononl "Wrong entry! (yes/no): " read _TMP_FREE_MP _TMP_FREE_MP=${_TMP_FREE_MP,,} else if [ "X$_TMP_FREE_MP" != "Xyes" -a "X$_TMP_FREE_MP" != "Xno" ]; then if [[ "X$_TMP_FREE_MP" = "X" ]]; then if $_MALWERE_PATROL_FREE ; then _TMP_FREE_MP=yes else _TMP_FREE_MP=no fi else if $_MALWERE_PATROL_FREE ; then echononl "Wrong entry! [yes]: " else echononl "Wrong entry! [no]: " fi read _TMP_FREE_MP fi fi fi done if [[ "$_TMP_FREE_MP" = "yes" ]] ; then MALWERE_PATROL_FREE=true else MALWERE_PATROL_FREE=false fi # - Set default Value for Malware Patrol serial number (if non free account in use) # - if ! $MALWERE_PATROL_FREE ; then [[ -z "$_MP_RECEIPT_NUMBER" ]] && _MP_RECEIPT_NUMBER="$DEFAULT_MP_RECEIPT_NUMBER" fi # - Set default Value for Malware Patrol serial number (if non free account in use) # - if ! $MALWERE_PATROL_FREE ; then [[ -z "$_MP_RECEIPT_NUMBER" ]] && _MP_RECEIPT_NUMBER="$DEFAULT_MP_RECEIPT_NUMBER" fi echo "" echo -e "\033[32m--\033[m" echo "" echo "Insert receipt number for MalwarePatrol Account" echo "" echo "" MP_RECEIPT_NUMBER= if [[ -n "$_MP_RECEIPT_NUMBER" ]] ; then while [[ "X$MP_RECEIPT_NUMBER" = "X" ]]; do echononl "MalwarePatrol receipt number [$_MP_RECEIPT_NUMBER]: " read MP_RECEIPT_NUMBER if [[ "X$MP_RECEIPT_NUMBER" = "X" ]]; then MP_RECEIPT_NUMBER=$_MP_RECEIPT_NUMBER fi done else while [[ "X$MP_RECEIPT_NUMBER" = "X" ]]; do echononl "MalwarePatrol receipt number: " read MP_RECEIPT_NUMBER if [[ "X$MP_RECEIPT_NUMBER" = "X" ]]; then echo -e "\n\t\033[33m\033[1mMalwarePatrol receipt number is reqired\033[m\n" fi done fi fi echo "" echo -e "\033[32m--\033[m" echo "" echo "Load SecuriteInfo Signatures (https://www.securiteinfo.com)?" echo "" echo "Note: You have to sign up for an account. For a free account thats here:" echo " https://www.securiteinfo.com/clients/customers/signup" echo "" if [[ -z "$_SECURITE_INFO_IN_USE" ]]; then echononl "Load SecuriteInfo Singatures (yes/no): " else if $_SECURITE_INFO_IN_USE ; then echononl "Load SecuriteInfo Singatures [yes]: " else echononl "Load SecuriteInfo Singatures [no]: " fi fi read _TMP_LOAD_SI _TMP_LOAD_SI=${_TMP_LOAD_SI,,} while [ "X$_TMP_LOAD_SI" != "Xyes" -a "X$_TMP_LOAD_SI" != "Xno" ]; do if [[ -z "$_SECURITE_INFO_IN_USE" ]]; then echononl "Wrong entry! (yes/no): " read _TMP_LOAD_SI _TMP_LOAD_SI=${_TMP_LOAD_SI,,} else if [ "X$_TMP_LOAD_SI" != "Xyes" -a "X$_TMP_LOAD_SI" != "Xno" ]; then if [[ "X$_TMP_LOAD_SI" = "X" ]]; then if $_SECURITE_INFO_IN_USE ; then _TMP_LOAD_SI=yes else _TMP_LOAD_SI=no fi else if $_SECURITE_INFO_IN_USE ; then echononl "Wrong entry! [yes]: " else echononl "Wrong entry! [no]: " fi read _TMP_LOAD_SI fi fi fi done if [[ "$_TMP_LOAD_SI" = "yes" ]] ; then SECURITE_INFO_IN_USE=true else SECURITE_INFO_IN_USE=false fi if $SECURITE_INFO_IN_USE ; then echo "" echo -e "\033[32m--\033[m" echo "" echo "Insert SecuriteInfo Authorisation Signature" echo "" echo "" SI_AUTHORISATION_SIGNATURE= if [[ -n "$_SI_AUTHORISATION_SIGNATURE" ]] ; then while [[ "X$SI_AUTHORISATION_SIGNATURE" = "X" ]]; do echononl "SecuriteInfo Authorisation Signature [$(echo ${_SI_AUTHORISATION_SIGNATURE:0:4})..$(echo ${_SI_AUTHORISATION_SIGNATURE: -4})]: " read SI_AUTHORISATION_SIGNATURE if [[ "X$SI_AUTHORISATION_SIGNATURE" = "X" ]]; then SI_AUTHORISATION_SIGNATURE=$_SI_AUTHORISATION_SIGNATURE fi done else while [[ "X$SI_AUTHORISATION_SIGNATURE" = "X" ]]; do echononl "SecuriteInfo Authorisation Signature: " read SI_AUTHORISATION_SIGNATURE if [[ "X$SI_AUTHORISATION_SIGNATURE" = "X" ]]; then echo -e "\n\t\033[33m\033[1mSecuriteInfo Authorisation Signature is reqired\033[m\n" fi done fi fi echo "" echo "" echo -e " Start script \033[32m\033[1m${script_name}\033[mi with settings:" echo "" echo -e " Install Signatures from MalwarePatrol..: $MALWARE_PATROL_IN_USE" if $MALWARE_PATROL_IN_USE ; then echo -e " Free MalwarePatrol account..........: $MALWERE_PATROL_FREE" echo -e " MalwarePatrol receipt number........: $MP_RECEIPT_NUMBER" fi echo "" echo -e " Install Signatures from SecuriteInfo...: $SECURITE_INFO_IN_USE" if $SECURITE_INFO_IN_USE ; then echo -e " SecuriteInfo auth signature.........: $(echo ${SI_AUTHORISATION_SIGNATURE:0:4})..$(echo ${SI_AUTHORISATION_SIGNATURE: -4})" fi echo "" echononl "Continue with this parameters? [\033[1myes/no\033[m]: " read OK while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do echononl "\033[33mWrong entry!\033[m [\033[1myes/no\033[m]: " read OK done [[ "${OK,,}" = "yes" ]] || fatal "Canceled by user input." else if [[ -z "$_MALWARE_PATROL_IN_USE" ]] ; then MALWARE_PATROL_IN_USE=$DEFAULT_MALWARE_PATROL_IN_USE else MALWARE_PATROL_IN_USE=$_MALWARE_PATROL_IN_USE fi if [[ -z "$_MALWERE_PATROL_FREE" ]] ;then MALWERE_PATROL_FREE=$DEFAULT_MALWERE_PATROL_FREE else MALWERE_PATROL_FREE=$_MALWERE_PATROL_FREE fi if ! $MALWERE_PATROL_FREE ; then if [[ -z "$_MP_RECEIPT_NUMBER" ]] ; then MP_RECEIPT_NUMBER="$DEFAULT_MP_RECEIPT_NUMBER" else MP_RECEIPT_NUMBER=$_MP_RECEIPT_NUMBER fi fi if [[ -z "$_SECURITE_INFO_IN_USE" ]]; then if $DEFAULT_SECURITE_INFO_IN_USE ; then SECURITE_INFO_IN_USE=true else SECURITE_INFO_IN_USE=false fi else SECURITE_INFO_IN_USE=$_SECURITE_INFO_IN_USE fi if $SECURITE_INFO_IN_USE ; then if [[ -z "${_SI_AUTHORISATION_SIGNATURE}" ]]; then fatal "SecuriteInfo Signatures should be used but an authorization code is not available!" else SI_AUTHORISATION_SIGNATURE="${_SI_AUTHORISATION_SIGNATURE}" fi fi #echo "" #echo "MALWARE_PATROL_IN_USE: $MALWARE_PATROL_IN_USE" #echo "MALWERE_PATROL_FREE: $MALWERE_PATROL_FREE" #echo "MP_RECEIPT_NUMBER: $MP_RECEIPT_NUMBER" #echo "" #echo "SECURITE_INFO_IN_USE: $SECURITE_INFO_IN_USE" #echo "SI_AUTHORISATION_SIGNATURE: $SI_AUTHORISATION_SIGNATURE" #echo "" fi if $terminal ; then echo echo -e "\033[37m\033[1mSome pre-installation tasks..\033[m" echo fi # - Synchronise package index files with the repository # - echononl " Synchronise package index files with the repository.." apt-get update > "$log_file" 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" fi echononl " Install (debian package) socat" _pkg=socat if aptitude search " $_pkg " | grep " $_pkg " | grep -e "^i" > /dev/null 2>&1 ; then echo_skipped else DEBIAN_FRONTEND=noninteractive apt-get -y install $_pkg > /dev/null 2> $log_file if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi fi echononl " Install CPAN Module IO::Socket::UNIX" _module="IO::Socket::UNIX" cpanm -q --skip-installed $_module > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file) command was: cpanm -q --skip-installed $_module" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi echononl " Backup crontab" crontab -u root -l > $crontab_backup_file 2> $log_file if [[ "$?" = "0" ]]; then echo_ok else echo_failed error "$(cat $log_file)" fi echononl " Disable crontab for user root" crontab -r -u root > $log_file 2>&1 if [[ "$?" = "0" ]]; then echo_ok else echo_failed error "$(cat $log_file)" fi echononl " Backup directory '/etc/clamav-unofficial-sigs' .." if [[ -d "/etc/clamav-unofficial-sigs" ]]; then mv "/etc/clamav-unofficial-sigs" "/etc/clamav-unofficial-sigs.BAK.${backup_date}" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi else echo_skipped fi if $terminal ; then echo "" echo -e " \033[37m\033[1mUpdate / Install (Update) ClamAV Unofficial Signatures..\033[m" fi echononl " Cloning repository \"clamav-unofficial-sigs.git\".." installation_failed=false if [[ -d "/tmp/clamav-unofficial-sigs" ]]; then rm -rf "/tmp/clamav-unofficial-sigs" > $log_file 2>&1 if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi fi git clone https://github.com/extremeshok/clamav-unofficial-sigs.git /tmp/clamav-unofficial-sigs > $log_file 2>&1 if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi if ! $installation_failed ; then echo_ok fi echononl " Copy \"clamav-unofficial-sigs.sh\" to /usr/local/sbin/" cp -a /tmp/clamav-unofficial-sigs/clamav-unofficial-sigs.sh /usr/local/sbin/ > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi echononl " Make /usr/local/sbin/clamav-unofficial-sigs.sh executable" chmod 755 /usr/local/sbin/clamav-unofficial-sigs.sh > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi echononl " Check if working directory for 'urlhaus' will be created if not exists.." _clamav_script="/usr/local/sbin/clamav-unofficial-sigs.sh" if ! $(grep -q -E "^\s*xshok_mkdir_ownership\s+\"\\\$work_dir_urlhaus\"" "${_clamav_script}" 2> /dev/null) ; then if $(grep -q -E "^\s*xshok_mkdir_ownership\s+\"\\\$work_dir\"" "${_clamav_script}" 2> /dev/null) ; then perl -i -n -p \ -e "s#(\s*xshok_mkdir_ownership\s+)(\"\\\$work_dir\")#\1\2\n\1\"\\\$work_dir_urlhaus\"#" \ "${_clamav_script}" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi else echo_skipped fi else echo_skipped fi _create_dirs="/var/log/clamav-unofficial-sigs /etc/clamav-unofficial-sigs" for _create_dir in $_create_dirs ; do echononl " Create directory \"${_create_dir}\"" if [[ -d "$_create_dir" ]]; then echo_skipped else mkdir "$_create_dir" > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi fi done echononl " Copy Configuration files to /etc/clamav-unofficial-sigs" cp -a /tmp/clamav-unofficial-sigs/config/* /etc/clamav-unofficial-sigs > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi echononl " Copy readme file 'INSTALL' into '/etc/clamav-unofficial-sigs/'.." if [[ -f "/tmp/clamav-unofficial-sigs/INSTALL" ]]; then cp -a /tmp/clamav-unofficial-sigs/INSTALL /etc/clamav-unofficial-sigs/INSTALL > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi elif [[ -f "/tmp/clamav-unofficial-sigs/INSTALL.md" ]]; then cp -a /tmp/clamav-unofficial-sigs/INSTALL.md /etc/clamav-unofficial-sigs/INSTALL.md > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi else echo_skipped fi if [[ "${os_dist,,}" = "debian" ]] ; then ## - For Debian Jessie (Debian 8) // Stretch (Debian 9) // Buster (Debian 10) // Bullseye (Debian 11) ## - _failed=false echononl " At directory /etc/clamav-unofficial-sigs copy os.debian${os_version}.conf to os.conf" if [[ ! -f /etc/clamav-unofficial-sigs/os/os.debian${os_version}.conf ]] ; then _tmp_version=$(expr $os_version - 1) if [[ -f "/etc/clamav-unofficial-sigs/os/os.debian${_tmp_version}.systemd.conf" ]] ; then cp "/etc/clamav-unofficial-sigs/os/os.debian${_tmp_version}.systemd.conf" \ "/etc/clamav-unofficial-sigs/os.conf" > $log_file 2>&1 if [[ $? -ne 0 ]]; then echo "Error copying /etc/clamav-unofficial-sigs/os.debian${os_version}.systemd.conf" >> $log_file _failed=true fi else if [[ -f "/etc/clamav-unofficial-sigs/os/os.debian.conf" ]] ; then cp "/etc/clamav-unofficial-sigs/os/os.debian.conf" \ "/etc/clamav-unofficial-sigs/os.conf" > $log_file 2>&1 if [[ $? -ne 0 ]]; then _failed=true fi else _failed=true fi fi else cp "/etc/clamav-unofficial-sigs/os/os.debian${os_version}.conf" \ "/etc/clamav-unofficial-sigs/os.conf" > $log_file 2>&1 if [[ $? -ne 0 ]]; then _failed=true fi fi if ! $_failed ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi ## - Edit /etc/clamav-unofficial-sigs/os.conf and make changes if needed ## - ## - Maybe the following changes are needed: ## - clam_user="clamav" ## - clam_group="clamav" ## - ## - clamd_pid="/var/run/clamav/clamd.pid" ## - ## - clamd_restart_opt="systemctl restart clamav-daemon" ## - clamd_reload_opt="systemctl reload clamav-daemon" ## - or if debian 7 ## - clamd_restart_opt="service clamav-daemon restart" ## - clamd_reload_opt="service clamav-daemon reload" ## - ## - clamd_socket="/var/run/clamav/clamd.ctl" ## - echononl " Adjust /etc/clamav-unofficial-sigs/os.conf" installation_failed=false perl -i -n -p -e "s#^([ ]*\ *)(clam_user=.*)#\#\#\1\2\nclam_user=\"clamav\"#" \ /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi perl -i -n -p -e "s#^([ ]*\ *)(clam_group=.*)#\#\#\1\2\nclam_group=\"clamav\"#" \ /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi if [[ "${os_dist,,}" = "debian" ]] && [[ "$os_version" -ge 10 ]]; then perl -i -n -p -e "s#^([ ]*\ *)(clamd_pid=.*)#\#\#\1\2\nclamd_pid=\"/run/clamav/clamd.pid\"#" \ /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 else perl -i -n -p -e "s#^([ ]*\ *)(clamd_pid=.*)#\#\#\1\2\nclamd_pid=\"/var/run/clamav/clamd.pid\"#" \ /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 fi if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi if $systemd_exists ; then perl -i -n -p -e "s#^([ ]*\#?\ *)(clamd_restart_opt=.*)#\#\#\1\2\nclamd_restart_opt=\"systemctl restart clamav-daemon\"\nclamd_reload_opt=\"systemctl reload clamav-daemon\"#" \ /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi else perl -i -n -p -e "s#^([ ]*\#?\ *)(clamd_restart_opt=.*)#\#\#\1\2\nclamd_restart_opt=\"service clamav-daemon restart\"\nclamd_reload_opt=\"service clamav-daemon reload\"#" \ /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi fi if [[ "${os_dist,,}" = "debian" ]] && [[ "$os_version" -ge 10 ]]; then perl -i -n -p -e "s#^([ ]*\#?\ *)(clamd_socket=.*)#\#\#\1\2\nclamd_socket=\"/run/clamav/clamd.ctl\"#" \ /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 else perl -i -n -p -e "s#^([ ]*\#?\ *)(clamd_socket=.*)#\#\#\1\2\nclamd_socket=\"/var/run/clamav/clamd.ctl\"#" \ /etc/clamav-unofficial-sigs/os.conf > $log_file 2>&1 fi if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi if ! $installation_failed ; then echo_ok fi else error "Cannot create file 'os.conf' (No Linux Distribution detected) See file /etc/clamav-unofficial-sigs/INSTALL to create it manually" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi # if [[ "${os_dist,,}" = "debian" ]] echononl " Adjust /etc/clamav-unofficial-sigs/user.conf" cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file # -------------------------------------- # --- Begin: User specific modifications # --- Inserted by install-script "$(basename "$0")" at $(date +"%Y-%m-%d %H:%M") EOF if $MALWARE_PATROL_IN_USE || $SECURITE_INFO_IN_USE ; then if $MALWARE_PATROL_IN_USE ; then cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file malwarepatrol_receipt_code="$MP_RECEIPT_NUMBER" malwarepatrol_list="clamav_basic" EOF if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi if $MALWERE_PATROL_FREE ; then cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file malwarepatrol_product_code="8" malwarepatrol_free="yes" EOF if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi else cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file malwarepatrol_product_code="15" malwarepatrol_free="no" EOF if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi fi fi # if $MALWARE_PATROL_IN_USE if $SECURITE_INFO_IN_USE ; then cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file # - SecuriteInfo # - # - type: basic # - account: ckubu@oopen.de # - signatur: abb4ec6b..46b59a4e # - # - type: professional # - account: oo@oopen.de # - signatur: b0b7e94d..0c2e3a89 # - securiteinfo_authorisation_signature="$SI_AUTHORISATION_SIGNATURE" EOF if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi fi # if $SECURITE_INFO_IN_USE fi #if $MALWARE_PATROL_IN_USE || $SECURITE_INFO_IN_USE cat << EOF >> /etc/clamav-unofficial-sigs/user.conf 2> $log_file # - Disable Yara-Rule set, because (some?) pgp mails where blocked. # - yararulesproject_enabled="no" user_configuration_complete="yes" # --- End: User specific modifications" # ------------------------------------- EOF if [[ "$?" -ne 0 ]] ; then installation_failed=true error "$(cat $log_file)" fi if ! $installation_failed ; then echo_ok else echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi echononl " Copy Systemd Configurations to /etc/systemd/system" cp /tmp/clamav-unofficial-sigs/systemd/* /etc/systemd/system/ > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi echononl " Adjust /etc/systemd/system/clamav-unofficial-sigs.service" perl -i -n -p -e "s#^([ ]*\ *)(ExecStart=.*)#\#\#\1\2\nExecStart=/usr/local/sbin/clamav-unofficial-sigs.sh#" \ /etc/systemd/system/clamav-unofficial-sigs.service > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" fi echononl " Install Cron configs" /usr/local/sbin/clamav-unofficial-sigs.sh --install-cron > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed if $terminal ; then error " $(cat $log_file) command was: /usr/local/sbin/clamav-unofficial-sigs.sh --install-cron" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" blank_line blank_line else error "Installing cron configuration FAILED! $(cat $log_file) command was: /usr/local/sbin/clamav-unofficial-sigs.sh --install-cron" fi fi echononl " Install logrotate configuration" /usr/local/sbin/clamav-unofficial-sigs.sh --install-logrotate > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed if $terminal ; then error " $(cat $log_file) command was: /usr/local/sbin/clamav-unofficial-sigs.sh --install-logrotate" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" blank_line blank_line else error "Installing logrotate configuration FAILED! $(cat $log_file) command was: /usr/local/sbin/clamav-unofficial-sigs.sh --install-logrotate" fi fi echononl " Install man (help) file" /usr/local/sbin/clamav-unofficial-sigs.sh --install-man > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed if $terminal ; then error " $(cat $log_file) command was: /usr/local/sbin/clamav-unofficial-sigs.sh --install-man" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" blank_line blank_line else error "Installing man (help) FAILED! $(cat $log_file) command was: /usr/local/sbin/clamav-unofficial-sigs.sh --install-man" fi fi echononl " Whitelist signature 'MBL_27966083'.." echo "MBL_27966083" >> /var/lib/clamav/my_whitelist.ign2 2> $log_file if [[ $? -eq 0 ]] ; then echo_ok else echo_failed if $terminal ; then error " $(cat $log_file) command was: echo \"MBL_27966083\" >> /var/lib/clamav/my_whitelist.ign2" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" blank_line blank_line else error "Whitelisting signature 'MBL_27966083' FAILED! $(cat $log_file) command was: echo \"MBL_27966083\" >> /var/lib/clamav/my_whitelist.ign2" fi fi if $terminal ; then echo " First Usage to initialise ClamAV unofficial sigs" echo -n " see /var/log/clamav-unofficial-sigs/clamav-unofficial-sigs.log" fi /usr/local/sbin/clamav-unofficial-sigs.sh > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed if $terminal ; then error " $(cat $log_file) command was: /usr/local/sbin/clamav-unofficial-sigs.sh" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" blank_line blank_line else error "First Usage to initialise ClamAV unofficial sigs FAILED! $(cat $log_file) command was: /usr/local/sbin/clamav-unofficial-sigs.sh" fi fi echononl " Remove git repository /tmp/clamav-unofficial-sigs" rm -rf /tmp/clamav-unofficial-sigs > $log_file 2>&1 if [[ $? -eq 0 ]] ; then echo_ok else echo_failed if $terminal ; then error "$(cat $log_file)" echononl "continue anyway [yes/no]: " read OK OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do echononl "Wrong entry! - repeat [yes/nno]: " read OK done [[ $OK = "yes" ]] || fatal "Abbruch durch User" blank_line blank_line else error "Removing git repository /tmp/clamav-unofficial-sigs FAILED! $(cat $log_file) command was: rm -rf /tmp/clamav-unofficial-sigs" fi fi if $terminal ; then echo echo -e "\033[37m\033[1mSome post-update / post-installation tasks..\033[m" echo fi clean_up 0