Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
2462 Refactor install_clamscan.sh for enhanced readability and mainta…
…inability
- Loading branch information
Showing
1 changed file
with
60 additions
and
35 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,47 +1,72 @@ | ||
#!/bin/sh | ||
# | ||
|
||
######################################################################## | ||
# clamscan setup script | ||
# install_clamscan.sh: ClamAV AutoScan Setup Script | ||
# | ||
# Description: | ||
# This script automates the setup for ClamAV scans by deploying the | ||
# clamscan.sh script, configuring clamscan exclusions, setting up cron jobs for | ||
# weekend scanning, and managing log rotation for ClamAV logs. It ensures the | ||
# necessary directories and log files exist, sets appropriate permissions, and | ||
# deploys the cron jobs and log rotation configurations. | ||
# | ||
# Author: id774 (More info: http://id774.net) | ||
# Source Code: https://github.com/id774/scripts | ||
# License: LGPLv3 (Details: https://www.gnu.org/licenses/lgpl-3.0.html) | ||
# Contact: idnanashi@gmail.com | ||
# | ||
# Version History: | ||
# v1.6 2024-03-17 | ||
# Refactored script for improved readability and maintainability. | ||
# [Further version history truncated for brevity] | ||
# | ||
# Maintainer: id774 <idnanashi@gmail.com> | ||
# Notes: | ||
# - Ensure the SCRIPTS environment variable is set to the directory containing | ||
# the clamscan related scripts and configuration files before running this script. | ||
# | ||
# v1.5 2014-06-07 | ||
# Remove obsolete archive. | ||
# v1.4 2011-06-15 | ||
# Split. | ||
######################################################################## | ||
|
||
# Make Directory | ||
test -d /etc/cron.weekday || sudo mkdir /etc/cron.weekday | ||
test -d /etc/cron.weekend || sudo mkdir /etc/cron.weekend | ||
test -d /var/log/sysadmin || sudo mkdir /var/log/sysadmin | ||
sudo chmod 750 /var/log/sysadmin | ||
sudo chown root:adm /var/log/sysadmin | ||
# Ensure SCRIPTS environment variable is set | ||
if [ -z "$SCRIPTS" ]; then | ||
echo "SCRIPTS environment variable is not set. Please set it to the directory containing the clamscan related files." | ||
exit 1 | ||
fi | ||
|
||
# ClamAV AutoScan | ||
sudo cp $SCRIPTS/cron/bin/clamscan.sh /root/bin/clamscan.sh | ||
# Make Directory if it doesn't exist and set permissions | ||
if [ ! -d /var/log/sysadmin ]; then | ||
sudo mkdir -p /var/log/sysadmin | ||
sudo chmod 750 /var/log/sysadmin | ||
sudo chown root:adm /var/log/sysadmin | ||
fi | ||
|
||
# Deploy clamscan script and exclusion file | ||
sudo cp "$SCRIPTS/cron/bin/clamscan.sh" /root/bin/ | ||
sudo chmod 700 /root/bin/clamscan.sh | ||
sudo chown root:root /root/bin/clamscan.sh | ||
sudo cp $SCRIPTS/cron/etc/clamscan_exclude /root/bin/clamscan_exclude | ||
sudo vi /root/bin/clamscan_exclude | ||
|
||
sudo cp "$SCRIPTS/cron/etc/clamscan_exclude" /root/bin/ | ||
sudo chmod 600 /root/bin/clamscan_exclude | ||
sudo chown root:root /root/bin/clamscan_exclude | ||
sudo cp $SCRIPTS/cron/bin/clamscan /etc/cron.weekend/clamscan | ||
sudo vi /etc/cron.weekend/clamscan | ||
sudo chmod 750 /etc/cron.weekend/clamscan | ||
sudo chown root:adm /etc/cron.weekend/clamscan | ||
sudo touch /var/log/clamav/clamscan.log | ||
sudo chmod 640 /var/log/clamav/clamscan.log | ||
sudo chown clamav:adm /var/log/clamav/clamscan.log | ||
sudo touch /var/log/clamav/clamav.log | ||
sudo chmod 640 /var/log/clamav/clamav.log | ||
sudo chown clamav:adm /var/log/clamav/clamav.log | ||
sudo cp $SCRIPTS/cron/etc/logrotate.d/clamscan /etc/logrotate.d/clamscan | ||
sudo chmod 644 /etc/logrotate.d/clamscan | ||
sudo chown root:root /etc/logrotate.d/clamscan | ||
|
||
# Edit crontab | ||
# 50 23 * * 1-5 root cd / && run-parts --report /etc/cron.weekday | ||
# 55 6 * * 6 root cd / && run-parts --report /etc/cron.weekend | ||
sudo vi /etc/crontab $SCRIPTS/installer/install_clamscan.sh | ||
|
||
# Deploy clamscan cron job | ||
sudo cp "$SCRIPTS/cron/bin/clamscan" /etc/cron.weekly/ | ||
sudo chmod 740 /etc/cron.weekly/clamscan | ||
sudo chown root:adm /etc/cron.weekly/clamscan | ||
|
||
# Set up ClamAV log files and permissions | ||
for log_file in /var/log/clamav/clamscan.log /var/log/clamav/clamav.log; do | ||
if [ ! -f "$log_file" ]; then | ||
sudo touch "$log_file" | ||
sudo chmod 640 "$log_file" | ||
sudo chown clamav:adm "$log_file" | ||
fi | ||
done | ||
|
||
# Deploy log rotation configuration for ClamAV logs | ||
if [ ! -f /etc/logrotate.d/clamscan ]; then | ||
sudo cp "$SCRIPTS/cron/etc/logrotate.d/clamscan" /etc/logrotate.d/ | ||
sudo chmod 640 /etc/logrotate.d/clamscan | ||
sudo chown root:adm /etc/logrotate.d/clamscan | ||
fi | ||
|
||
echo "ClamAV AutoScan setup completed successfully." |