Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 14th February 2007, 06:37
rbartz rbartz is offline
Member
 
Join Date: Apr 2006
Posts: 80
Thanks: 9
Thanked 6 Times in 5 Posts
Default ClamAV update to 0.90 made easy?

In the Developers Forum, there is a script written by George Vieira and modified by djtremors for ISPC that would update CLAMAV definitions automatically (when run regularly by a cron job) and even upgrade the clamav program if there is a new one.

http://www.howtoforge.com/forums/showthread.php?t=7937

I wanted to update my clamav installation to the newest one today, so I tried the script. I had to make a few minor changes for my OS, but it worked fine and upgraded my clamav installation in ispconfig from 0.88.7 to 0.90.

Here is the original script:

Code:
#!/bin/bash
# Version 1.01 by George Vieira

# place your ISPC admin email address here.
ADMIN="admin@wvis1.net"

# place your preferred mirror server here.
MIRROR="http://optusnet.dl.sourceforge.net/sourceforge/clamav"

# -- Nothing to change under this line -----------------------------
LOG="/var/log/clamav-prog-update.log"
APPLICATION_NAME=ispconfig
COMPILE_DIR=`pwd`

error()
{
        if [ "$ADMIN" ]; then
                echo "Subject:CLAMUPDATE: $1" | sendmail "$ADMIN"
        else
                echo "Subject:CLAMUPDATE: $1" | sendmail root
        fi
}

findversion()
{
        VERSION="`host -t txt current.cvd.clamav.net | sed -e 's/"//g' |cut -d ' ' -f 4|cut -d : -f 1`"
        [ "$?" != 0 ] && ( echo "Error with finding new version off clamav.net site. URL may have changed!";exit 1;)

        echo "DETECTED VERSION -> $VERSION" >>$LOG 2>&1

}

if [ ! -f /var/log/clam-update.log ]; then
        touch /var/log/clam-update.log
        chown admispconfig /var/log/clam-update.log
        chmod 660 /var/log/clam-update.log
fi

STATUS="`/home/admispconfig/ispconfig/tools/clamav/bin/freshclam --log=/var/log/clam-update.log 2>&1`"

NEW="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $7'}`"
OLD="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $4'}`";
NEWUPDATE="`echo \"$STATUS\" |grep \"Current functionality level\"`"

[ "$NEWUPDATE" ] && NEW="`findversion`"

# If there's a NEW one, updated it.
if [ "$NEW" ]; then
        mkdir /root/ispc.updates 2>/dev/null
        cd /root/ispc.updates

        if [ -d "clamav-$OLD" ]; then
                rm -fr "clamav-$OLD"
        fi

        webget -c $MIRROR/clamav-$NEW.tar.gz >>$LOG 2>&1
        RESULT=$?

        if [ $RESULT = 0 ]; then
                tar xvfz clamav-$NEW.tar.gz >/dev/null 2>&1
                cd "clamav-$NEW"

                ./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav
                        --sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc
                        --with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME}
                        --disable-clamav --disable-bzip2 >>$LOG 2>&1 || error "Could not configure ClamAV"
                make || error "Could not make ClamAV"
                make install || error "Could not install ClamAV"
                cp -f COPYING /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/
                cd ${COMPILE_DIR}
                cp -f clamav.conf /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/clamav.conf
                cp -f freshclam.conf /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/freshclam.conf
                rm -f /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/clamd.conf
                cd /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/
                ln -s clamav.conf clamd.conf
                cd ${COMPILE_DIR}

                # Bit of a shame we have to restart ALL the ISPC services and not only freshclam
                /etc/rc.d/init.d/ispconfig_server restart

                error "Updated from OLD=$OLD -> NEW=$NEW"
        else
                error "Cannot fetch new CLAMAV version, check mirror address"
        fi
fi
In order for this to work on my Fedora Core 4 server, I had to change the sendmail on lines 18 and 20 to "/usr/sbin/sendmail" and to change "webget" on line 56 to "wget". I also had to create a "clamav" user and "clamav" group.

All you do from there is to save the file on your server (I named it "getfreshclam"), chmod it 0755, and run it while you are root.

It checked my old version, checked for newest one, went and got the new install tar and installed it. THANKS GEORGE and DJTREMORS.... I no longer need to wait for an ispconfig update to freshen my clamav installation!

NOTE that on my Fedora Core 3 server, I did not get the same value for $VERSION. I had to change "|cut -d ' ' -f 4" to "|cut -d ' ' -f 3" to get the version number. Even then, the line [ "$NEWUPDATE" ] && NEW="`findversion`" failed to reassign $NEW so the script fails on FC3. In other words, the script may not work on your OS... you may need to adjust a few things! Use it at your own risk!

Cheers,

RDB

Last edited by rbartz; 14th February 2007 at 14:01.
Reply With Quote
Sponsored Links
  #2  
Old 14th February 2007, 21:40
smartcall smartcall is offline
Senior Member
 
Join Date: Nov 2006
Posts: 116
Thanks: 10
Thanked 7 Times in 3 Posts
Default

Thanks.

Very nice how-to. I use FC6, I tried the script, but unfortunately the line
Code:
[ "$NEWUPDATE" ] && NEW="`findversion`"
does not work for me.

I updated

Code:
NEW="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $7'}`"
OLD="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $4'}`";
NEWUPDATE="`echo \"$STATUS\" |grep \"Current functionality level\"`"
to
Code:
NEW="`echo "$STATUS" | grep "WARNING: Local version" | awk {'print $7'}`"
OLD="`echo "$STATUS" | grep "WARNING: Local version" | awk {'print $4'}`";
NEWUPDATE="`echo "$STATUS" | grep "Current functionality level"`"
Because it wasn't working at all.
After that it was able to do it to the point of
Code:
[ "$NEWUPDATE" ] && NEW="`findversion`"
and nothing more happend

If you have any Idea why, I would appreciate it very much.

Regards
Reply With Quote
  #3  
Old 15th February 2007, 04:47
rbartz rbartz is offline
Member
 
Join Date: Apr 2006
Posts: 80
Thanks: 9
Thanked 6 Times in 5 Posts
Default Better findversion...

The problem may be in the 'findversion' function

Try changing the VERSION= line to

Code:
VERSION="`host -t txt current.cvd.clamav.net |cut -d '\"' -f 2 |cut -d : -f 1`"
That seems to return the current version more reliably, at least on my RH7.2 FC3 and FC4 boxes.

As I stated above, the script might not work "out of the box" for all OS. Even the output of "host -t txt current.cvd.clamav.net" was different between my FC3 and FC4 boxes... weird! Thus the change in the function to better determine the current version available.

Check /var/log/clam-update.log and /var/log/clamav-prog-update.log to see what is happening when you run the script as well. You can add lines like

echo "OLD VERSION -> $OLD" >>$LOG 2>&1
echo "NEW VERSION -> $NEW" >>$LOG 2>&1

or

echo "NEWUPDATE-> $NEWUPDATE" >>$LOG 2>&1

to to the script after the lines that assign the values. Then you can see what kind of output you are getting when the script runs in the logs. If you get past the [ "$NEWUPDATE" ] && NEW="`findversion`" line, and a new version is avaliable, it will update your installation. You will see the progress on screen...

Cheers,

RDB
Reply With Quote
  #4  
Old 5th March 2007, 14:53
djtremors djtremors is offline
Senior Member
 
Join Date: Apr 2006
Location: Sydney
Posts: 278
Thanks: 0
Thanked 13 Times in 11 Posts
Default

Hey all, I just noticed this long post which I didn't realise how many were actually using it.

Yeah I noticed there were some bugs and possibly differences in distros which could cause problems. I use bash and Fedora so I don't know how many others would have issues.

btw, George Vieira and djtremors are the same person

The reason for the way the script was originally written the way it was is because I detected the pattern and version changes during a virus pattern update when it returns a
PHP Code:
WARNINGLocal version X.XX....... 
so I acted on it to get an update.

Problem later came when I noticed it wasn't working at all properly and found that a major release was on the internet but the WARNING message didn't trigger it so the only way was to get on the site itself.

Now instead of waiting for major downloads each time, i tried to get minor release builds in 1 method and do major builds in another... and ended up with a patchy bit og shell script scratched up at 1am..lol

I've been thinking of redoing it in PHP as PHP has a (works on any Linux) ability and text manipulation to make it always work (unless the mirror fail or the url data returned is changed, etc.etc..)

Anybody want me to write a PHP version to use let me know by PM or va my website below.
__________________
www.emperor-it.com for ISPConfig mods/hacks
Reply With Quote
  #5  
Old 13th May 2007, 21:46
radim_h radim_h is offline
Senior Member
 
Join Date: Jan 2007
Location: Prague, Czech
Posts: 426
Thanks: 34
Thanked 26 Times in 21 Posts
Send a message via ICQ to radim_h
Default update error

I tried your script but it stops on

checking for clamav in /etc/passwd... no
configure: error: User clamav (and/or group clamav) doesn't exist. Please read the documentation !
./freshclam.sh: line 64: --sysconfdir=/home/admispconfig/ispconfig/tools/clamav/etc: No such file or directory
./freshclam.sh: line 65: --with-user=admispconfig: command not found
make: *** No targets specified and no makefile found. Stop.
make: *** No rule to make target `install'. Stop.
cp: cannot stat `clamav.conf': No such file or directory
cp: cannot stat `freshclam.conf': No such file or directory
Shutting down ISPConfig system...
/root/ispconfig/httpd/bin/apachectl stop: httpd stopped
ISPConfig system stopped!
Starting ISPConfig system...

what should i fix ? directory /home/admispconfig/ispconfig/tools/clamav/etc exists on my system...

using FC6

Last edited by radim_h; 13th May 2007 at 22:01.
Reply With Quote
  #6  
Old 14th May 2007, 18:29
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
Default

The command

Quote:
./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav
--sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc
--with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME}
--disable-clamav --disable-bzip2 >>$LOG 2>&1 || error "Could not configure ClamAV"
must go into one line:

Code:
./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav --sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc --with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME} --disable-clamav --disable-bzip2 >>$LOG 2>&1 || error "Could not configure ClamAV"
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 14th May 2007, 19:41
radim_h radim_h is offline
Senior Member
 
Join Date: Jan 2007
Location: Prague, Czech
Posts: 426
Thanks: 34
Thanked 26 Times in 21 Posts
Send a message via ICQ to radim_h
Default thanks!!

at the end it says
cp: cannot stat `clamav.conf': No such file or directory
cp: cannot stat `freshclam.conf': No such file or directory
Shutting down ISPConfig system...

but it seems that Clamav was updated...
Reply With Quote
  #8  
Old 15th May 2007, 10:29
radim_h radim_h is offline
Senior Member
 
Join Date: Jan 2007
Location: Prague, Czech
Posts: 426
Thanks: 34
Thanked 26 Times in 21 Posts
Send a message via ICQ to radim_h
Default

Well,
weird thing is that logwatch is still sending
--------------------- clam-update Begin ------------------------

Last ClamAV update process started at Mon May 14 18:38:27 2007

Last Status:
SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
See the FAQ at http://www.clamav.net/support/faq for an explanation.
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.90.1 Recommended version: 0.90.2
DON'T PANIC! Read http://www.clamav.net/support/faq
main.inc is up to date (version: 43, sigs: 104500, f-level: 14, builder: sven)
daily.inc is up to date (version: 3243, sigs: 11528, f-level: 15, builder: ccordes)

---------------------- clam-update End -------------------------
Reply With Quote
  #9  
Old 15th May 2007, 11:55
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,986
Thanks: 840
Thanked 5,647 Times in 4,457 Posts
Default

This logwatch entry is most likely not from ISPConfig. Please check that you have no clamav pacakge from your linux distribution installed.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #10  
Old 16th May 2007, 11:22
radim_h radim_h is offline
Senior Member
 
Join Date: Jan 2007
Location: Prague, Czech
Posts: 426
Thanks: 34
Thanked 26 Times in 21 Posts
Send a message via ICQ to radim_h
 
Default

it was from ispconfig (IMHO, i have not clamav installation thru yum on the system), but dissapeared after server reboot.
It robably needs postfix reload or some other service restart..
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
High Availability Samba cluster - DRBD + Heartbeat djalex Server Operation 58 25th May 2007 20:38
HotSaNIC domino Tips/Tricks/Mods 23 6th November 2006 06:19
Spamassissin ClamAV with ISPConfig update?? Mounir Installation/Configuration 2 3rd August 2006 00:23
Apache2 and DNS Made Easy browngb Server Operation 4 28th July 2006 15:23
How to update clamAV in ISPConfing? tom Installation/Configuration 3 22nd April 2006 17:31


All times are GMT +2. The time now is 08:19.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.