| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 |
- #!/bin/bash
- if [[ "${SKIP_CLAMD}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
- echo "SKIP_CLAMD=y, skipping ClamAV..."
- sleep 365d
- exit 0
- fi
- # Prepare log pipes
- mkdir -p /var/log/clamav
- touch /var/log/clamav/clamd.log /var/log/clamav/freshclam.log
- chown -R clamav:clamav /var/log/clamav/
- adduser clamav tty
- chmod g+rw /dev/console
- # Prepare whitelist
- if [[ -s /etc/clamav/whitelist.ign2 ]]; then
- cp /etc/clamav/whitelist.ign2 /var/lib/clamav/whitelist.ign2
- chown clamav:clamav /var/lib/clamav/whitelist.ign2
- fi
- if [[ ! -f /var/lib/clamav/whitelist.ign2 ]]; then
- echo "Example-Signature.Ignore-1" > /var/lib/clamav/whitelist.ign2
- fi
- chown clamav:clamav /var/lib/clamav/whitelist.ign2
- dos2unix /var/lib/clamav/whitelist.ign2
- sed -i '/^\s*$/d' /var/lib/clamav/whitelist.ign2
- BACKGROUND_TASKS=()
- (
- while true; do
- sleep 1m
- freshclam
- sleep 1h
- done
- ) &
- BACKGROUND_TASKS+=($!)
- (
- while true; do
- sleep 2m
- SANE_MIRRORS="$(dig +ignore +short rsync.sanesecurity.net)"
- for sane_mirror in ${SANE_MIRRORS}; do
- rsync -avp --chown=clamav:clamav --timeout=5 rsync://${sane_mirror}/sanesecurity/ \
- --include 'blurl.ndb' \
- --include 'junk.ndb' \
- --include 'jurlbl.ndb' \
- --include 'phish.ndb' \
- --exclude='*' /var/lib/clamav/
- if [ $? -eq 0 ]; then
- echo RELOAD | nc localhost 3310
- break
- fi
- done
- sleep 30h
- done
- ) &
- BACKGROUND_TASKS+=($!)
- clamd &
- BACKGROUND_TASKS+=($!)
- while true; do
- for bg_task in ${BACKGROUND_TASKS[*]}; do
- if ! kill -0 ${bg_task} 1>&2; then
- echo "Worker ${bg_task} died, stopping container waiting for respawn..."
- kill -TERM 1
- fi
- sleep 10
- done
- done
|
