bobs
/
execguard
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Exec Guardian
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20 Commits
1 Branch
0 Tags
787 KiB
 
 
Tag: Branch: Tree: c0cf7c8a03
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c0cf7c8a03'
${ noResults }
execguard/vscan_bins.sh

108 lines
3.5 KiB
Raw Blame History

#!/bin/bash
# Copyright (c) 2025 Robert Strutts <bobs@NewToFaith.com>
# License: MIT
# GIT: https://git.mysnippetsofcode.com/bobs/execguard
./stopExecguard.sh
/usr/bin/echo "Dumping contents of Database to file..."
/usr/bin/sudo /usr/bin/sqlite3 /etc/execguard/system.db "SELECT path FROM allowed;" > my_bins_apps.txt
if [ $? -eq 0 ]; then
/usr/bin/echo "Done dumping execs to file..."
else
/usr/bin/echo "Error dumping execs to file...!"
exit 1
fi
/usr/bin/echo "Setting up log permissions..."
/usr/bin/sudo /usr/bin/touch /var/log/exescans.log
/usr/bin/sudo /usr/bin/chown root:adm /var/log/exescans.log
/usr/bin/sudo /usr/bin/chmod 640 /var/log/exescans.log
if [ ! -d /var/log/clamav ]; then
/usr/bin/sudo /usr/bin/mkdir -p /var/log/clamav
/usr/bin/sudo /usr/bin/chown clamav:clamav /var/log/clamav
/usr/bin/sudo /usr/bin/chmod 755 /var/log/clamav
fi
/usr/bin/sudo /usr/bin/touch /var/log/clamav/results.log
/usr/bin/sudo /usr/bin/chown clamav:clamav /var/log/clamav/results.log
/usr/bin/sudo /usr/bin/chmod 640 /var/log/exescans.log
if [ ! -f /etc/rsyslog.d/exescans.conf ]; then
echo "Configuring rsyslog for exescans..."
cat << EOF | sudo tee /etc/rsyslog.d/exescans.conf
# Send exescans logs (facility local0) to a dedicated file
local0.* /var/log/exescans.log
EOF
fi
if [ ! -f /etc/logrotate.d/exescans ]; then
/usr/bin/echo "Setting up log rotation..."
cat << EOF | sudo tee /etc/logrotate.d/exescans
/var/log/exescans.log {
weekly
missingok
rotate 4
compress
delaycompress
notifempty
create 640 root adm
su root root
}
EOF
fi
if [ ! -f /etc/logrotate.d/exeguard ]; then
cat << EOF | sudo tee /etc/logrotate.d/exeguard
/var/log/exeguard.log {
weekly
missingok
rotate 4
compress
delaycompress
notifempty
create 640 root root
su root root
}
EOF
fi
if [ ! -f /etc/logrotate.d/clamresults ]; then
cat << EOF | sudo tee /etc/logrotate.d/clamresults
/var/log/clamav/results.log {
weekly
missingok
rotate 4
compress
delaycompress
notifempty
create 640 clamav adm
}
EOF
echo "Restarting rsyslog..."
sudo systemctl restart rsyslog
fi
/usr/bin/echo "Updating freshclam..."
/usr/bin/sudo /usr/bin/freshclam
#/usr/bin/sudo /usr/bin/apt update && /usr/bin/sudo /usr/bin/apt upgrade clamav clamav-daemon
/usr/bin/echo "Running clamScan...this will take some time!"
/usr/bin/sudo /usr/bin/clamscan -v --move=/var/lib/clamav/quarantine --file-list=my_bins_apps.txt --log=/var/log/clamav/results.log 2>/dev/null
case $? in
0)
/usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - All Okay..."
/usr/bin/echo "All is well!!! No Viruses found..."
;;
1)
/usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - Visus Found!!! Check /var/lib/clamav/quarantine"
/usr/bin/echo "Oh, No!! Virus Found!! Check /var/lib/clamav/quarantine"
;;
2)
/usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - Some Errors occurred...but should be Virus Free."
/usr/bin/echo "All done...some errors found...but should be Virus Free."
;;
*)
/usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - in a Unknown Status..."
/usr/bin/echo "All done unknown state..."
;;
esac
#/usr/bin/echo "Rotating logs..."
#/usr/bin/sudo /usr/sbin/logrotate -vf /etc/logrotate.d/exescans
/usr/bin/echo "Done -- you may: \$ rm my_bins_apps"
/usr/bin/echo "If you want to: \$ service execguard start"