Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 14th February 2007, 05:37
rbartz rbartz is offline
Member
 
Join Date: Apr 2006
Posts: 80
Thanks: 9
Thanked 6 Times in 5 Posts
Default ClamAV update to 0.90 made easy?

In the Developers Forum, there is a script written by George Vieira and modified by djtremors for ISPC that would update CLAMAV definitions automatically (when run regularly by a cron job) and even upgrade the clamav program if there is a new one.

http://www.howtoforge.com/forums/showthread.php?t=7937

I wanted to update my clamav installation to the newest one today, so I tried the script. I had to make a few minor changes for my OS, but it worked fine and upgraded my clamav installation in ispconfig from 0.88.7 to 0.90.

Here is the original script:

Code:
#!/bin/bash
# Version 1.01 by George Vieira

# place your ISPC admin email address here.
ADMIN="admin@wvis1.net"

# place your preferred mirror server here.
MIRROR="http://optusnet.dl.sourceforge.net/sourceforge/clamav"

# -- Nothing to change under this line -----------------------------
LOG="/var/log/clamav-prog-update.log"
APPLICATION_NAME=ispconfig
COMPILE_DIR=`pwd`

error()
{
        if [ "$ADMIN" ]; then
                echo "Subject:CLAMUPDATE: $1" | sendmail "$ADMIN"
        else
                echo "Subject:CLAMUPDATE: $1" | sendmail root
        fi
}

findversion()
{
        VERSION="`host -t txt current.cvd.clamav.net | sed -e 's/"//g' |cut -d ' ' -f 4|cut -d : -f 1`"
        [ "$?" != 0 ] && ( echo "Error with finding new version off clamav.net site. URL may have changed!";exit 1;)

        echo "DETECTED VERSION -> $VERSION" >>$LOG 2>&1

}

if [ ! -f /var/log/clam-update.log ]; then
        touch /var/log/clam-update.log
        chown admispconfig /var/log/clam-update.log
        chmod 660 /var/log/clam-update.log
fi

STATUS="`/home/admispconfig/ispconfig/tools/clamav/bin/freshclam --log=/var/log/clam-update.log 2>&1`"

NEW="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $7'}`"
OLD="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $4'}`";
NEWUPDATE="`echo \"$STATUS\" |grep \"Current functionality level\"`"

[ "$NEWUPDATE" ] && NEW="`findversion`"

# If there's a NEW one, updated it.
if [ "$NEW" ]; then
        mkdir /root/ispc.updates 2>/dev/null
        cd /root/ispc.updates

        if [ -d "clamav-$OLD" ]; then
                rm -fr "clamav-$OLD"
        fi

        webget -c $MIRROR/clamav-$NEW.tar.gz >>$LOG 2>&1
        RESULT=$?

        if [ $RESULT = 0 ]; then
                tar xvfz clamav-$NEW.tar.gz >/dev/null 2>&1
                cd "clamav-$NEW"

                ./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav
                        --sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc
                        --with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME}
                        --disable-clamav --disable-bzip2 >>$LOG 2>&1 || error "Could not configure ClamAV"
                make || error "Could not make ClamAV"
                make install || error "Could not install ClamAV"
                cp -f COPYING /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/
                cd ${COMPILE_DIR}
                cp -f clamav.conf /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/clamav.conf
                cp -f freshclam.conf /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/freshclam.conf
                rm -f /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/clamd.conf
                cd /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/
                ln -s clamav.conf clamd.conf
                cd ${COMPILE_DIR}

                # Bit of a shame we have to restart ALL the ISPC services and not only freshclam
                /etc/rc.d/init.d/ispconfig_server restart

                error "Updated from OLD=$OLD -> NEW=$NEW"
        else
                error "Cannot fetch new CLAMAV version, check mirror address"
        fi
fi
In order for this to work on my Fedora Core 4 server, I had to change the sendmail on lines 18 and 20 to "/usr/sbin/sendmail" and to change "webget" on line 56 to "wget". I also had to create a "clamav" user and "clamav" group.

All you do from there is to save the file on your server (I named it "getfreshclam"), chmod it 0755, and run it while you are root.

It checked my old version, checked for newest one, went and got the new install tar and installed it. THANKS GEORGE and DJTREMORS.... I no longer need to wait for an ispconfig update to freshen my clamav installation!

NOTE that on my Fedora Core 3 server, I did not get the same value for $VERSION. I had to change "|cut -d ' ' -f 4" to "|cut -d ' ' -f 3" to get the version number. Even then, the line [ "$NEWUPDATE" ] && NEW="`findversion`" failed to reassign $NEW so the script fails on FC3. In other words, the script may not work on your OS... you may need to adjust a few things! Use it at your own risk!

Cheers,

RDB

Last edited by rbartz; 14th February 2007 at 13:01.
Reply With Quote
Sponsored Links
  #2  
Old 14th February 2007, 20:40
smartcall smartcall is offline
Senior Member
 
Join Date: Nov 2006
Posts: 116
Thanks: 10
Thanked 7 Times in 3 Posts
Default

Thanks.

Very nice how-to. I use FC6, I tried the script, but unfortunately the line
Code:
[ "$NEWUPDATE" ] && NEW="`findversion`"
does not work for me.

I updated

Code:
NEW="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $7'}`"
OLD="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $4'}`";
NEWUPDATE="`echo \"$STATUS\" |grep \"Current functionality level\"`"
to
Code:
NEW="`echo "$STATUS" | grep "WARNING: Local version" | awk {'print $7'}`"
OLD="`echo "$STATUS" | grep "WARNING: Local version" | awk {'print $4'}`";
NEWUPDATE="`echo "$STATUS" | grep "Current functionality level"`"
Because it wasn't working at all.
After that it was able to do it to the point of
Code:
[ "$NEWUPDATE" ] && NEW="`findversion`"
and nothing more happend

If you have any Idea why, I would appreciate it very much.

Regards
Reply With Quote
  #3  
Old 15th February 2007, 03:47
rbartz rbartz is offline
Member
 
Join Date: Apr 2006
Posts: 80
Thanks: 9
Thanked 6 Times in 5 Posts
Default Better findversion...

The problem may be in the 'findversion' function

Try changing the VERSION= line to

Code:
VERSION="`host -t txt current.cvd.clamav.net |cut -d '\"' -f 2 |cut -d : -f 1`"
That seems to return the current version more reliably, at least on my RH7.2 FC3 and FC4 boxes.

As I stated above, the script might not work "out of the box" for all OS. Even the output of "host -t txt current.cvd.clamav.net" was different between my FC3 and FC4 boxes... weird! Thus the change in the function to better determine the current version available.

Check /var/log/clam-update.log and /var/log/clamav-prog-update.log to see what is happening when you run the script as well. You can add lines like

echo "OLD VERSION -> $OLD" >>$LOG 2>&1
echo "NEW VERSION -> $NEW" >>$LOG 2>&1

or

echo "NEWUPDATE-> $NEWUPDATE" >>$LOG 2>&1

to to the script after the lines that assign the values. Then you can see what kind of output you are getting when the script runs in the logs. If you get past the [ "$NEWUPDATE" ] && NEW="`findversion`" line, and a new version is avaliable, it will update your installation. You will see the progress on screen...

Cheers,

RDB
Reply With Quote
  #4  
Old 5th March 2007, 13:53
djtremors djtremors is offline
Senior Member
 
Join Date: Apr 2006
Location: Sydney
Posts: 278
Thanks: 0
Thanked 12 Times in 10 Posts
Default

Hey all, I just noticed this long post which I didn't realise how many were actually using it.

Yeah I noticed there were some bugs and possibly differences in distros which could cause problems. I use bash and Fedora so I don't know how many others would have issues.

btw, George Vieira and djtremors are the same person

The reason for the way the script was originally written the way it was is because I detected the pattern and version changes during a virus pattern update when it returns a
PHP Code:
WARNINGLocal version X.XX....... 
so I acted on it to get an update.

Problem later came when I noticed it wasn't working at all properly and found that a major release was on the internet but the WARNING message didn't trigger it so the only way was to get on the site itself.

Now instead of waiting for major downloads each time, i tried to get minor release builds in 1 method and do major builds in another... and ended up with a patchy bit og shell script scratched up at 1am..lol

I've been thinking of redoing it in PHP as PHP has a (works on any Linux) ability and text manipulation to make it always work (unless the mirror fail or the url data returned is changed, etc.etc..)

Anybody want me to write a PHP version to use let me know by PM or va my website below.
__________________
www.emperor-it.com for ISPConfig mods/hacks
Reply With Quote
  #5  
Old 13th May 2007, 20:46
radim_h radim_h is offline
Senior Member
 
Join Date: Jan 2007
Location: Prague, Czech
Posts: 420
Thanks: 33
Thanked 24 Times in 19 Posts
Send a message via ICQ to radim_h
Default update error

I tried your script but it stops on

checking for clamav in /etc/passwd... no
configure: error: User clamav (and/or group clamav) doesn't exist. Please read the documentation !
./freshclam.sh: line 64: --sysconfdir=/home/admispconfig/ispconfig/tools/clamav/etc: No such file or directory
./freshclam.sh: line 65: --with-user=admispconfig: command not found
make: *** No targets specified and no makefile found. Stop.
make: *** No rule to make target `install'. Stop.
cp: cannot stat `clamav.conf': No such file or directory
cp: cannot stat `freshclam.conf': No such file or directory
Shutting down ISPConfig system...
/root/ispconfig/httpd/bin/apachectl stop: httpd stopped
ISPConfig system stopped!
Starting ISPConfig system...

what should i fix ? directory /home/admispconfig/ispconfig/tools/clamav/etc exists on my system...

using FC6

Last edited by radim_h; 13th May 2007 at 21:01.
Reply With Quote
  #6  
Old 14th May 2007, 17:29
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

The command

Quote:
./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav
--sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc
--with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME}
--disable-clamav --disable-bzip2 >>$LOG 2>&1 || error "Could not configure ClamAV"
must go into one line:

Code:
./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav --sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc --with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME} --disable-clamav --disable-bzip2 >>$LOG 2>&1 || error "Could not configure ClamAV"
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 1st January 2008, 01:40
davy davy is offline
Member
 
Join Date: Aug 2007
Posts: 43
Thanks: 4
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by rbartz
In the Developers Forum, there is a script written by George Vieira and modified by djtremors for ISPC that would update CLAMAV definitions automatically (when run regularly by a cron job) and even upgrade the clamav program if there is a new one.

http://www.howtoforge.com/forums/showthread.php?t=7937

I wanted to update my clamav installation to the newest one today, so I tried the script. I had to make a few minor changes for my OS, but it worked fine and upgraded my clamav installation in ispconfig from 0.88.7 to 0.90.

Here is the original script:

Code:
#!/bin/bash
# Version 1.01 by George Vieira

# place your ISPC admin email address here.
ADMIN="admin@wvis1.net"

# place your preferred mirror server here.
MIRROR="http://optusnet.dl.sourceforge.net/sourceforge/clamav"

# -- Nothing to change under this line -----------------------------
LOG="/var/log/clamav-prog-update.log"
APPLICATION_NAME=ispconfig
COMPILE_DIR=`pwd`

error()
{
        if [ "$ADMIN" ]; then
                echo "Subject:CLAMUPDATE: $1" | sendmail "$ADMIN"
        else
                echo "Subject:CLAMUPDATE: $1" | sendmail root
        fi
}

findversion()
{
        VERSION="`host -t txt current.cvd.clamav.net | sed -e 's/"//g' |cut -d ' ' -f 4|cut -d : -f 1`"
        [ "$?" != 0 ] && ( echo "Error with finding new version off clamav.net site. URL may have changed!";exit 1;)

        echo "DETECTED VERSION -> $VERSION" >>$LOG 2>&1

}

if [ ! -f /var/log/clam-update.log ]; then
        touch /var/log/clam-update.log
        chown admispconfig /var/log/clam-update.log
        chmod 660 /var/log/clam-update.log
fi

STATUS="`/home/admispconfig/ispconfig/tools/clamav/bin/freshclam --log=/var/log/clam-update.log 2>&1`"

NEW="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $7'}`"
OLD="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $4'}`";
NEWUPDATE="`echo \"$STATUS\" |grep \"Current functionality level\"`"

[ "$NEWUPDATE" ] && NEW="`findversion`"

# If there's a NEW one, updated it.
if [ "$NEW" ]; then
        mkdir /root/ispc.updates 2>/dev/null
        cd /root/ispc.updates

        if [ -d "clamav-$OLD" ]; then
                rm -fr "clamav-$OLD"
        fi

        webget -c $MIRROR/clamav-$NEW.tar.gz >>$LOG 2>&1
        RESULT=$?

        if [ $RESULT = 0 ]; then
                tar xvfz clamav-$NEW.tar.gz >/dev/null 2>&1
                cd "clamav-$NEW"

                ./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav
                        --sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc
                        --with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME}
                        --disable-clamav --disable-bzip2 >>$LOG 2>&1 || error "Could not configure ClamAV"
                make || error "Could not make ClamAV"
                make install || error "Could not install ClamAV"
                cp -f COPYING /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/
                cd ${COMPILE_DIR}
                cp -f clamav.conf /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/clamav.conf
                cp -f freshclam.conf /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/freshclam.conf
                rm -f /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/clamd.conf
                cd /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/
                ln -s clamav.conf clamd.conf
                cd ${COMPILE_DIR}

                # Bit of a shame we have to restart ALL the ISPC services and not only freshclam
                /etc/rc.d/init.d/ispconfig_server restart

                error "Updated from OLD=$OLD -> NEW=$NEW"
        else
                error "Cannot fetch new CLAMAV version, check mirror address"
        fi
fi
In order for this to work on my Fedora Core 4 server, I had to change the sendmail on lines 18 and 20 to "/usr/sbin/sendmail" and to change "webget" on line 56 to "wget". I also had to create a "clamav" user and "clamav" group.

All you do from there is to save the file on your server (I named it "getfreshclam"), chmod it 0755, and run it while you are root.

It checked my old version, checked for newest one, went and got the new install tar and installed it. THANKS GEORGE and DJTREMORS.... I no longer need to wait for an ispconfig update to freshen my clamav installation!

NOTE that on my Fedora Core 3 server, I did not get the same value for $VERSION. I had to change "|cut -d ' ' -f 4" to "|cut -d ' ' -f 3" to get the version number. Even then, the line [ "$NEWUPDATE" ] && NEW="`findversion`" failed to reassign $NEW so the script fails on FC3. In other words, the script may not work on your OS... you may need to adjust a few things! Use it at your own risk!

Cheers,

RDB
I am using CentOS 5.1(86_64).i got an error when i run this script.

[root@server1 ~]# ./clamav_update
./clamav_update: line 62: cd: clamav-0.92: No such file or directory
make: *** No targets specified and no makefile found. Stop.
make: *** No rule to make target `install'. Stop.
cp: cannot stat `COPYING': No such file or directory
cp: cannot stat `clamav.conf': No such file or directory
cp: cannot stat `freshclam.conf': No such file or directory
Shutting down ISPConfig system...
/root/ispconfig/httpd/bin/apachectl stop: httpd stopped
ISPConfig system stopped!
Starting ISPConfig system...
/root/ispconfig/httpd/bin/apachectl startssl: httpd started
ISPConfig system is now up and running!

How can i fix it?

Thanks alot.
Reply With Quote
  #8  
Old 1st January 2008, 06:07
djtremors djtremors is offline
Senior Member
 
Join Date: Apr 2006
Location: Sydney
Posts: 278
Thanks: 0
Thanked 12 Times in 10 Posts
Default

That script doesn't do a heck of alot of checking and usually just works out of the box for me.. it was something is quickly created, then modified due to some other clam alerts i wasn't aware of and then got a little messy.

I've written a PHP version which hopefully will just work on every distro so you just need to make sure you have commands like tar installed.
it's not verbose on the command line at the moment but does the job and sends an email on errors or completion.

give it a try and let me know how you go. I did have some code there which could make the script auto update itself incase of fixes/updates but it's not only not used but i later thought people would worry about it's security so I cancelled going further. It was only going to allow to download and alert to change to the new script (not actually call it ever)..

anyhow, give it a try and let me know of problems. My direct email is in the file.

http://www.djtremors.com/downloads/clamavupdate.php.txt (remove .txt after download of course )
md5 0cab5eefc10ace6deead547dce817c95
__________________
www.emperor-it.com for ISPConfig mods/hacks

Last edited by djtremors; 1st January 2008 at 06:09.
Reply With Quote
  #9  
Old 1st January 2008, 14:48
davy davy is offline
Member
 
Join Date: Aug 2007
Posts: 43
Thanks: 4
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by djtremors
That script doesn't do a heck of alot of checking and usually just works out of the box for me.. it was something is quickly created, then modified due to some other clam alerts i wasn't aware of and then got a little messy.

I've written a PHP version which hopefully will just work on every distro so you just need to make sure you have commands like tar installed.
it's not verbose on the command line at the moment but does the job and sends an email on errors or completion.

give it a try and let me know how you go. I did have some code there which could make the script auto update itself incase of fixes/updates but it's not only not used but i later thought people would worry about it's security so I cancelled going further. It was only going to allow to download and alert to change to the new script (not actually call it ever)..

anyhow, give it a try and let me know of problems. My direct email is in the file.

http://www.djtremors.com/downloads/clamavupdate.php.txt (remove .txt after download of course )
md5 0cab5eefc10ace6deead547dce817c95
I did run the above script.the error is below.

[root@server1 ~]# ./clamavupdate.php
./clamavupdate.php: line 1: ?php: No such file or directory
./clamavupdate.php: line 9: [admin]: command not found
./clamavupdate.php: line 12: [mirror][]: command not found
./clamavupdate.php: line 13: [mirror][]: command not found
./clamavupdate.php: line 16: [logfreshclam]: command not found
./clamavupdate.php: line 17: [logupdater]: command not found
./clamavupdate.php: line 18: [application_name]: command not found
./clamavupdate.php: line 19: syntax error near unexpected token `('
./clamavupdate.php: line 19: `$conf['compile_dir'] = getcwd();'
[root@server1 ~]#

Please help.

Thanks alot.
Reply With Quote
  #10  
Old 1st January 2008, 16:08
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Can you post the contents of your clamavupdate.php script?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
High Availability Samba cluster - DRBD + Heartbeat djalex Server Operation 58 25th May 2007 19:38
HotSaNIC domino Tips/Tricks/Mods 23 6th November 2006 05:19
Spamassissin ClamAV with ISPConfig update?? Mounir Installation/Configuration 2 2nd August 2006 23:23
Apache2 and DNS Made Easy browngb Server Operation 4 28th July 2006 14:23
How to update clamAV in ISPConfing? tom Installation/Configuration 3 22nd April 2006 16:31


All times are GMT +2. The time now is 08:31.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.