This bash routine will scan for viruses using the clamav antivirus scanner software already running on the sme server.
This routine will place the scanned results in a file on the server where it can be viewed from a web browser.
http://yourserver/serverstatus/clamscandaily.txtIf this bash file is run as is, then you need to disable(turn off) the daily and weekly virus scanning from inside the sme server-manager panel.
This program can be easily edited to:
Make no log entries to the clamscandaily.txt file by commenting out one line and making the variable logit="/dev/null".
This bash routine will only check files for viruses that are less than 73 days old or have access times less than 73 days old for daily scan and
scan all files on Sunday.
The 73 days can be changed to another number but i would get to extreme with a large number of days.
A lot of operating systems are now turning off the date last accessed files attributes.
This can be a problem when scanning for virus in files with by using a date delimiter.
I will likely be changing this bash routine where it can also run a full virus scan in the evening, but not sure how I want to do that.
Anybody using this program should already know how long it takes to run a full virus scan on their servers. If not, it is time to find out.
But for me it is a long intensive process to run a full virus scan on the equipment I have.
If you have a great newer processor and lots of memory, maybe you do not even need a routine like this.
This routine on daily scans, places the names and directory of files into a temporary file, then clamscan is run against the files listed in the temporary file.
The temporary file holding the file list is deleted after the routine completes it job. This program also deletes(cleans) older temporary files with a similar name in the case the routine is does not finish.
If i am not mistaken, if you want to send an email to the admin and do not want the information logged another way.
The procedure would be to make the variable logit="/dev/null", by editing out the comment character and then
removing the ">> $logit" and removing the option "--no-summary" from the lines where clamscan is run.
From my testing, I think you will only get an email if this bash routine is run by the server in an automatic fashion when
the bash file is placed in the /etc/cron.daily folder. If you manually run the bash files from a console, you will likely not
get a email going to the root account.
#!/bin/bash
# routine created on 03-11-2013 19:13
# routine scans for viruses in files using clamscan
# on sunday days, it does a full scan
# on days not being sunday, only files less than filesxdaysold days old are scanned
# WARNING!!!
# REVIEW THE VIRUS SCANNING SCHEDULE IN THE SERVER MANAGER PANEL
# YOU SHOULD NOT HAVE THE SERVER SET TO DO DAILY VIRUS SCANS
# IF YOU SET THE SCHEDULE TO DO A VIRUS SCAN ONCE A WEEK, ON SUNDAYS
# YOU SHOULD COMMENT OUT THE IF BLOCK BELOW IF SCANNNG WEEKLY, ON SUNDAYS
routinename="clamscandaily"
filesxdaysold="73"
/usr/bin/renice 19 -p $$ > /dev/null
# create a uuid in lower case
uuidtext="$(echo $(uuidgen) | tr '[A-Z]' '[a-z]')"
uuidtext=$(echo ${uuidtext//[-._]/})
locationoflogfile="/home/e-smith/files/ibays/Primary/html/serverstatus"
logfilename="clamscandaily.txt"
logit="$locationoflogfile/$logfilename"
mkdir -p $locationoflogfile
chmod 755 $locationoflogfile
# REMOVE THE COMMENT ON THE NEXT LINE TO FORCE NO OUTPUT TO THE LOG FILE
#logit="/dev/null"
tempdirectory="/tmp"
mkdir -p $tempdirectory
chmod 777 $tempdirectory
#delete any old temporary files that might exist
find $tempdirectory/ -name "$routinename*.tmp" -type f -mtime +3 -delete
filewithlisttoscan=$routinename'_'$uuidtext".tmp"
listoffilestoscan="$tempdirectory/$filewithlisttoscan"
# the next line will delete the log file for testing purposes
#rm -f $logit > /dev/null
TODAY=$(date +"%Y%m%d %T")
echo "$TODAY $routinename started" >> $logit
DAYOFWEEK=$(date +"%w")
# THIS IF BLOCK WILL DO VIRUS SCANS ON NON SUNDAYS AND ONLY FILES X DAYS OLD
if [ "$DAYOFWEEK" != "0" ]
then
echo "$TODAY finding files < $filesxdaysold days" >> $logit
/bin/nice -n 19 /usr/bin/ionice -c3 -n7 /usr/bin/find /home/e-smith/files/ -name "*" -type f -mtime -$filesxdaysold -ctime -$filesxdaysold > $listoffilestoscan
TODAY=$(date +"%Y%m%d %T")
echo "$TODAY scanning files found" >> $logit
/bin/nice -n 19 /usr/bin/ionice -c3 -n7 /usr/bin/clamscan --no-summary --infected -f $listoffilestoscan >> $logit
rm -f $listoffilestoscan > /dev/null
fi
# THIS IF BLOCK WILL DO VIRUS SCANS ON SUNDAYS
# COMMENT THIS SECTION OUT IF YOU ARE DOING FULL VIRUS SCANS WEEKLY
# FOUND IN THE VIRUS SECTION OF THE SME SERVER MANAGER PANEL
if [ "$DAYOFWEEK" == "0" ]
then
cd /home/e-smith/files
TODAY=$(date +"%Y%m%d %T")
echo "$TODAY scanning all files" >> $logit
/bin/nice -n 19 /usr/bin/ionice -c3 -n7 /usr/bin/clamscan --no-summary --infected -r >> $logit
fi
TODAY=$(date +"%Y%m%d %T")
echo "$TODAY $routinename ended" >> $logit
echo '----------------------------------' >> $logit
exit 0
this routine is found on my server under the freebies sub url as mentioned in a previous post today.
This script will be changed in the future to something better. I am thinking about how I want to do that.
As a side note, I want to mention that originally altered the clamscanemails bash script that was posted.
It actually ran faster using clamdscan rather than clamscan on my system the way I was scanning emails.
The server's CPU resources where much lower using clamdscan than clamscan.
I decided to used clamscan for now only because the summary clamscan can produce and the more simplicity
of having the a emailed report if the bash file is edited. Also I wanted others to be able to monitor their server's resources
as compared to the way clamscan is being used on a sme server with the regular daily or weekly virus scanning.
I more or less just listen to my server's fan that tells me the CPU is getting a heavy work out and I visually watch the
console with the "top" command.
For those wanting to run a bash routine in the background while at the console, just add a space and a ampersand sign to end of your command line
like "/directory/command &" or "./command &" if you are at the current directory of the bash routine.