ClamAV update to 0.90 made easy?

[rbartz]

In the Developers Forum, there is a script written by George Vieira and modified by djtremors for ISPC that would update CLAMAV definitions automatically (when run regularly by a cron job) and even upgrade the clamav program if there is a new one.

http://www.howtoforge.com/forums/showthread.php?t=7937

I wanted to update my clamav installation to the newest one today, so I tried the script. I had to make a few minor changes for my OS, but it worked fine and upgraded my clamav installation in ispconfig from 0.88.7 to 0.90.

Here is the original script:

Code:

#!/bin/bash
# Version 1.01 by George Vieira

# place your ISPC admin email address here.
ADMIN="admin@wvis1.net"

# place your preferred mirror server here.
MIRROR="http://optusnet.dl.sourceforge.net/sourceforge/clamav"

# -- Nothing to change under this line -----------------------------
LOG="/var/log/clamav-prog-update.log"
APPLICATION_NAME=ispconfig
COMPILE_DIR=`pwd`

error()
{
        if [ "$ADMIN" ]; then
                echo "Subject:CLAMUPDATE: $1" | sendmail "$ADMIN"
        else
                echo "Subject:CLAMUPDATE: $1" | sendmail root
        fi
}

findversion()
{
        VERSION="`host -t txt current.cvd.clamav.net | sed -e 's/"//g' |cut -d ' ' -f 4|cut -d : -f 1`"
        [ "$?" != 0 ] && ( echo "Error with finding new version off clamav.net site. URL may have changed!";exit 1;)

        echo "DETECTED VERSION -> $VERSION" >>$LOG 2>&1

}

if [ ! -f /var/log/clam-update.log ]; then
        touch /var/log/clam-update.log
        chown admispconfig /var/log/clam-update.log
        chmod 660 /var/log/clam-update.log
fi

STATUS="`/home/admispconfig/ispconfig/tools/clamav/bin/freshclam --log=/var/log/clam-update.log 2>&1`"

NEW="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $7'}`"
OLD="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $4'}`";
NEWUPDATE="`echo \"$STATUS\" |grep \"Current functionality level\"`"

[ "$NEWUPDATE" ] && NEW="`findversion`"

# If there's a NEW one, updated it.
if [ "$NEW" ]; then
        mkdir /root/ispc.updates 2>/dev/null
        cd /root/ispc.updates

        if [ -d "clamav-$OLD" ]; then
                rm -fr "clamav-$OLD"
        fi

        webget -c $MIRROR/clamav-$NEW.tar.gz >>$LOG 2>&1
        RESULT=$?

        if [ $RESULT = 0 ]; then
                tar xvfz clamav-$NEW.tar.gz >/dev/null 2>&1
                cd "clamav-$NEW"

                ./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav
                        --sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc
                        --with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME}
                        --disable-clamav --disable-bzip2 >>$LOG 2>&1 || error "Could not configure ClamAV"
                make || error "Could not make ClamAV"
                make install || error "Could not install ClamAV"
                cp -f COPYING /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/
                cd ${COMPILE_DIR}
                cp -f clamav.conf /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/clamav.conf
                cp -f freshclam.conf /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/freshclam.conf
                rm -f /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/clamd.conf
                cd /home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc/
                ln -s clamav.conf clamd.conf
                cd ${COMPILE_DIR}

                # Bit of a shame we have to restart ALL the ISPC services and not only freshclam
                /etc/rc.d/init.d/ispconfig_server restart

                error "Updated from OLD=$OLD -> NEW=$NEW"
        else
                error "Cannot fetch new CLAMAV version, check mirror address"
        fi
fi

In order for this to work on my Fedora Core 4 server, I had to change the sendmail on lines 18 and 20 to "/usr/sbin/sendmail" and to change "webget" on line 56 to "wget". I also had to create a "clamav" user and "clamav" group.

All you do from there is to save the file on your server (I named it "getfreshclam"), chmod it 0755, and run it while you are root.

It checked my old version, checked for newest one, went and got the new install tar and installed it. THANKS GEORGE and DJTREMORS.... I no longer need to wait for an ispconfig update to freshen my clamav installation!

NOTE that on my Fedora Core 3 server, I did not get the same value for $VERSION. I had to change "|cut -d ' ' -f 4" to "|cut -d ' ' -f 3" to get the version number. Even then, the line [ "$NEWUPDATE" ] && NEW="`findversion`" failed to reassign $NEW so the script fails on FC3. In other words, the script may not work on your OS... you may need to adjust a few things! Use it at your own risk!

Cheers,

RDB

[smartcall]

Thanks.

Very nice how-to. I use FC6, I tried the script, but unfortunately the line

Code:

[ "$NEWUPDATE" ] && NEW="`findversion`"

does not work for me.

I updated

Code:

NEW="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $7'}`"
OLD="`echo \"$STATUS\" | grep \"WARNING: Local version\" | awk {'print $4'}`";
NEWUPDATE="`echo \"$STATUS\" |grep \"Current functionality level\"`"

to

Code:

NEW="`echo "$STATUS" | grep "WARNING: Local version" | awk {'print $7'}`"
OLD="`echo "$STATUS" | grep "WARNING: Local version" | awk {'print $4'}`";
NEWUPDATE="`echo "$STATUS" | grep "Current functionality level"`"

Because it wasn't working at all.
After that it was able to do it to the point of

Code:

[ "$NEWUPDATE" ] && NEW="`findversion`"

and nothing more happend

If you have any Idea why, I would appreciate it very much.

Regards

[rbartz]

The problem may be in the 'findversion' function

Try changing the VERSION= line to

Code:

VERSION="`host -t txt current.cvd.clamav.net |cut -d '\"' -f 2 |cut -d : -f 1`"

That seems to return the current version more reliably, at least on my RH7.2 FC3 and FC4 boxes.

As I stated above, the script might not work "out of the box" for all OS. Even the output of "host -t txt current.cvd.clamav.net" was different between my FC3 and FC4 boxes... weird! Thus the change in the function to better determine the current version available.

Check /var/log/clam-update.log and /var/log/clamav-prog-update.log to see what is happening when you run the script as well. You can add lines like

echo "OLD VERSION -> $OLD" >>$LOG 2>&1
echo "NEW VERSION -> $NEW" >>$LOG 2>&1

or

echo "NEWUPDATE-> $NEWUPDATE" >>$LOG 2>&1

to to the script after the lines that assign the values. Then you can see what kind of output you are getting when the script runs in the logs. If you get past the [ "$NEWUPDATE" ] && NEW="`findversion`" line, and a new version is avaliable, it will update your installation. You will see the progress on screen...

Cheers,

RDB

[djtremors]

Hey all, I just noticed this long post which I didn't realise how many were actually using it.

Yeah I noticed there were some bugs and possibly differences in distros which could cause problems. I use bash and Fedora so I don't know how many others would have issues.

btw, George Vieira and djtremors are the same person

The reason for the way the script was originally written the way it was is because I detected the pattern and version changes during a virus pattern update when it returns a

PHP Code:

WARNING: Local version X.XX....... 


so I acted on it to get an update.

Problem later came when I noticed it wasn't working at all properly and found that a major release was on the internet but the WARNING message didn't trigger it so the only way was to get on the site itself.

Now instead of waiting for major downloads each time, i tried to get minor release builds in 1 method and do major builds in another... and ended up with a patchy bit og shell script scratched up at 1am..lol

I've been thinking of redoing it in PHP as PHP has a (works on any Linux) ability and text manipulation to make it always work (unless the mirror fail or the url data returned is changed, etc.etc..)

Anybody want me to write a PHP version to use let me know by PM or va my website below.

[radim_h]

I tried your script but it stops on

checking for clamav in /etc/passwd... no
configure: error: User clamav (and/or group clamav) doesn't exist. Please read the documentation !
./freshclam.sh: line 64: --sysconfdir=/home/admispconfig/ispconfig/tools/clamav/etc: No such file or directory
./freshclam.sh: line 65: --with-user=admispconfig: command not found
make: *** No targets specified and no makefile found. Stop.
make: *** No rule to make target `install'. Stop.
cp: cannot stat `clamav.conf': No such file or directory
cp: cannot stat `freshclam.conf': No such file or directory
Shutting down ISPConfig system...
/root/ispconfig/httpd/bin/apachectl stop: httpd stopped
ISPConfig system stopped!
Starting ISPConfig system...

what should i fix ? directory /home/admispconfig/ispconfig/tools/clamav/etc exists on my system...

using FC6

[falko]

The command

Quote:

./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav
--sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc
--with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME}
--disable-clamav --disable-bzip2 >>$LOG 2>&1 || error "Could not configure ClamAV"

must go into one line:

Code:

./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav --sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc --with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME} --disable-clamav --disable-bzip2 >>$LOG 2>&1 || error "Could not configure ClamAV"

[radim_h]

at the end it says
cp: cannot stat `clamav.conf': No such file or directory
cp: cannot stat `freshclam.conf': No such file or directory
Shutting down ISPConfig system...

but it seems that Clamav was updated...

[radim_h]

Well,
weird thing is that logwatch is still sending
--------------------- clam-update Begin ------------------------

Last ClamAV update process started at Mon May 14 18:38:27 2007

Last Status:
SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
See the FAQ at http://www.clamav.net/support/faq for an explanation.
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.90.1 Recommended version: 0.90.2
DON'T PANIC! Read http://www.clamav.net/support/faq
main.inc is up to date (version: 43, sigs: 104500, f-level: 14, builder: sven)
daily.inc is up to date (version: 3243, sigs: 11528, f-level: 15, builder: ccordes)

---------------------- clam-update End -------------------------

[till]

This logwatch entry is most likely not from ISPConfig. Please check that you have no clamav pacakge from your linux distribution installed.

[radim_h]

it was from ispconfig (IMHO, i have not clamav installation thru yum on the system), but dissapeared after server reboot.
It robably needs postfix reload or some other service restart..