#!/bin/bash
./stopExecguard.sh

/usr/bin/echo "Dumping contents of Database to file..."
/usr/bin/sudo /usr/bin/sqlite3 /etc/execguard/system.db "SELECT path FROM allowed;" > my_bins_apps.txt
if [ $? -eq 0 ]; then
   /usr/bin/echo "Done dumping execs to file..."
else
   /usr/bin/echo "Error dumping execs to file...!"
   exit 1
fi

/usr/bin/echo "Setting up log permissions..."
/usr/bin/sudo /usr/bin/touch /var/log/exescans.log
/usr/bin/sudo /usr/bin/chown root:adm /var/log/exescans.log
/usr/bin/sudo /usr/bin/chmod 640 /var/log/exescans.log
if [ ! -d /var/log/clamav ]; then
    /usr/bin/sudo /usr/bin/mkdir -p /var/log/clamav
    /usr/bin/sudo /usr/bin/chown clamav:clamav /var/log/clamav
    /usr/bin/sudo /usr/bin/chmod 755 /var/log/clamav
fi
/usr/bin/sudo /usr/bin/touch /var/log/clamav/results.log
/usr/bin/sudo /usr/bin/chown clamav:clamav /var/log/clamav/results.log
/usr/bin/sudo /usr/bin/chmod 640 /var/log/exescans.log

echo "Configuring rsyslog for exescans..."
cat << EOF | sudo tee /etc/rsyslog.d/exescans.conf
# Send exescans logs (facility local0) to a dedicated file
local0.*    /var/log/exescans.log
EOF

/usr/bin/echo "Setting up log rotation..."
cat << EOF | sudo tee /etc/logrotate.d/exescans
/var/log/exescans.log {
    weekly
    missingok
    rotate 4
    compress
    delaycompress
    notifempty
    create 640 root adm
    su root root
}
EOF
cat << EOF | sudo tee /etc/logrotate.d/exeguard
/var/log/exeguard.log {
    weekly
    missingok
    rotate 4
    compress
    delaycompress
    notifempty
    create 640 root root
    su root root
}
EOF
cat << EOF | sudo tee /etc/logrotate.d/clamresults
/var/log/clamav/results.log {
    weekly
    missingok
    rotate 4
    compress
    delaycompress
    notifempty
    create 640 clamav adm
}
EOF

echo "Restarting rsyslog..."
sudo systemctl restart rsyslog

/usr/bin/echo "Running clamScan...this will take some time!"
/usr/bin/sudo /usr/bin/clamscan -v --move=/var/lib/clamav/quarantine --file-list=my_bins_apps.txt 2>/dev/null --log=/var/log/clamav/results.log
case $? in
    0)
        /usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - All Okay..."
        /usr/bin/echo "All is well!!! No Viruses found..."
        ;;
    1)
        /usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - Visus Found!!! Check /var/lib/clamav/quarantine"
        /usr/bin/echo "Oh, No!! Virus Found!! Check /var/lib/clamav/quarantine"
        ;;
    2)
        /usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - Some Errors occurred...but should be Virus Free."
        /usr/bin/echo "All done...some errors found...but should be Virus Free."
        ;;
    *)
        /usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - in a Unknown Status..."
        /usr/bin/echo "All done unknown state..."
        ;;
esac
#/usr/bin/echo "Rotating logs..."
#/usr/bin/sudo /usr/sbin/logrotate -vf /etc/logrotate.d/exescans

/usr/bin/echo "Done -- you may: \$ rm my_bins_apps"
/usr/bin/echo "If you want to: \$ service execguard start"