You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
96 lines
3.0 KiB
96 lines
3.0 KiB
#!/bin/bash
|
|
./stopExecguard.sh
|
|
|
|
/usr/bin/echo "Dumping contents of Database to file..."
|
|
/usr/bin/sudo /usr/bin/sqlite3 /etc/execguard/system.db "SELECT path FROM allowed;" > my_bins_apps.txt
|
|
if [ $? -eq 0 ]; then
|
|
/usr/bin/echo "Done dumping execs to file..."
|
|
else
|
|
/usr/bin/echo "Error dumping execs to file...!"
|
|
exit 1
|
|
fi
|
|
|
|
/usr/bin/echo "Setting up log permissions..."
|
|
/usr/bin/sudo /usr/bin/touch /var/log/exescans.log
|
|
/usr/bin/sudo /usr/bin/chown root:adm /var/log/exescans.log
|
|
/usr/bin/sudo /usr/bin/chmod 640 /var/log/exescans.log
|
|
if [ ! -d /var/log/clamav ]; then
|
|
/usr/bin/sudo /usr/bin/mkdir -p /var/log/clamav
|
|
/usr/bin/sudo /usr/bin/chown clamav:clamav /var/log/clamav
|
|
/usr/bin/sudo /usr/bin/chmod 755 /var/log/clamav
|
|
fi
|
|
/usr/bin/sudo /usr/bin/touch /var/log/clamav/results.log
|
|
/usr/bin/sudo /usr/bin/chown clamav:clamav /var/log/clamav/results.log
|
|
/usr/bin/sudo /usr/bin/chmod 640 /var/log/exescans.log
|
|
|
|
echo "Configuring rsyslog for exescans..."
|
|
cat << EOF | sudo tee /etc/rsyslog.d/exescans.conf
|
|
# Send exescans logs (facility local0) to a dedicated file
|
|
local0.* /var/log/exescans.log
|
|
EOF
|
|
|
|
/usr/bin/echo "Setting up log rotation..."
|
|
cat << EOF | sudo tee /etc/logrotate.d/exescans
|
|
/var/log/exescans.log {
|
|
weekly
|
|
missingok
|
|
rotate 4
|
|
compress
|
|
delaycompress
|
|
notifempty
|
|
create 640 root adm
|
|
su root root
|
|
}
|
|
EOF
|
|
cat << EOF | sudo tee /etc/logrotate.d/exeguard
|
|
/var/log/exeguard.log {
|
|
weekly
|
|
missingok
|
|
rotate 4
|
|
compress
|
|
delaycompress
|
|
notifempty
|
|
create 640 root root
|
|
su root root
|
|
}
|
|
EOF
|
|
cat << EOF | sudo tee /etc/logrotate.d/clamresults
|
|
/var/log/clamav/results.log {
|
|
weekly
|
|
missingok
|
|
rotate 4
|
|
compress
|
|
delaycompress
|
|
notifempty
|
|
create 640 clamav adm
|
|
}
|
|
EOF
|
|
|
|
echo "Restarting rsyslog..."
|
|
sudo systemctl restart rsyslog
|
|
|
|
/usr/bin/echo "Running clamScan...this will take some time!"
|
|
/usr/bin/sudo /usr/bin/clamscan -v --move=/var/lib/clamav/quarantine --file-list=my_bins_apps.txt 2>/dev/null --log=/var/log/clamav/results.log
|
|
case $? in
|
|
0)
|
|
/usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - All Okay..."
|
|
/usr/bin/echo "All is well!!! No Viruses found..."
|
|
;;
|
|
1)
|
|
/usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - Visus Found!!! Check /var/lib/clamav/quarantine"
|
|
/usr/bin/echo "Oh, No!! Virus Found!! Check /var/lib/clamav/quarantine"
|
|
;;
|
|
2)
|
|
/usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - Some Errors occurred...but should be Virus Free."
|
|
/usr/bin/echo "All done...some errors found...but should be Virus Free."
|
|
;;
|
|
*)
|
|
/usr/bin/logger -t exescans -p local0.info "System Bin clamscan Complete - in a Unknown Status..."
|
|
/usr/bin/echo "All done unknown state..."
|
|
;;
|
|
esac
|
|
#/usr/bin/echo "Rotating logs..."
|
|
#/usr/bin/sudo /usr/sbin/logrotate -vf /etc/logrotate.d/exescans
|
|
|
|
/usr/bin/echo "Done -- you may: \$ rm my_bins_apps"
|
|
/usr/bin/echo "If you want to: \$ service execguard start"
|
|
|