Merge pull request #111 from extremeshok/dev

5.2
extremeshok · May 7, 2016 · c451daf · c451daf
2 parents fc3386d + 5cdce31
commit c451daf
Show file tree

Hide file tree

Showing 20 changed files with 2,360 additions and 1,989 deletions.
diff --git a/.codeclimate.yml b/.codeclimate.yml
@@ -7,4 +7,7 @@ engines:
 ratings:
   paths: []
 exclude_paths:
-  - .travis/
+  - .travis/
+checks:
+  SC2001:
+    enabled: false
diff --git a/.travis.yml b/.travis.yml
@@ -23,6 +23,8 @@ dist: trusty
 before_install:
   - "sudo apt-get update -qq"
   - "sudo apt-get install clamav-daemon -qq"
+  - "sudo apt-get install ca-certificates -qq"
+  - "sudo apt-get install wget rsync -qq"
   # - "sudo mkdir -p tmp/cache/"
   # - "ls -laFh tmp/cache/clamav-dbs"
   # - "sudo rsync -rlptDv tmp/cache/  /var/lib/clamav/"
@@ -41,6 +43,7 @@ install:
   - "sudo cp -f config/master.conf /etc/clamav-unofficial-sigs/master.conf"
   - "sudo cp -f config/os.ubuntu.conf /etc/clamav-unofficial-sigs/os.conf"
   - "sudo cp -f .travis/tests/user.conf /etc/clamav-unofficial-sigs/user.conf"
+  - "sudo cp -f clamav-unofficial-sigs.sh /usr/sbin/clamav-unofficial-sigs"
 
 script:
   - sudo sh -e .travis/ci-test.sh

diff --git a/.travis/ci-test.sh b/.travis/ci-test.sh
@@ -4,15 +4,35 @@ export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/lo
 
 pwd
 
-if bash clamav-unofficial-sigs.sh ; then
+echo "running script as root"
+sudo bash /usr/sbin/clamav-unofficial-sigs
+if [ "$?" -eq "0" ] ; then
 	echo .. OK
 else
  	echo .. ERROR
   exit 1
 fi
 
-#check cron file generation
-if bash clamav-unofficial-sigs.sh --install-cron ; then
+echo "running script as clamav"
+sudo -u clamav  [ -x /usr/sbin/clamav-unofficial-sigs ] && bash /usr/sbin/clamav-unofficial-sigs --force
+if [ "$?" -eq "0" ] ; then
+	echo .. OK
+else
+ 	echo .. ERROR
+  exit 1
+fi
+
+echo "check gpg file was downloaded"
+if [ -e "/var/lib/clamav-unofficial-sigs/gpg-key/publickey.gpg" ] ; then
+	echo .. OK	
+else
+	echo .. ERROR
+  exit 1
+fi
+
+echo "check cron file generation"
+bash clamav-unofficial-sigs.sh --install-cron
+if [ "$?" -eq "0" ] ; then
 	if [ -e "/etc/cron.d/clamav-unofficial-sigs" ] ; then
 		echo .. OK	
 	else
@@ -24,8 +44,9 @@ else
   exit 1
 fi
 
-#check logrotate file generation
-if bash clamav-unofficial-sigs.sh --install-logrotate  ; then
+echo "check logrotate file generation"
+bash clamav-unofficial-sigs.sh --install-logrotate
+if [ "$?" -eq "0" ] ; then
 	if [ -e "/etc/logrotate.d/clamav-unofficial-sigs" ] ; then
 		echo .. OK	
 	else
@@ -37,8 +58,9 @@ else
   exit 1
 fi
 
-#check man file generation
-if bash clamav-unofficial-sigs.sh --install-man  ; then
+echo "check man file generation"
+bash clamav-unofficial-sigs.sh --install-man
+if [ "$?" -eq "0" ] ; then
 	if [ -e "/usr/share/man/man8/clamav-unofficial-sigs.8" ] ; then
 		echo .. OK	
 	else
@@ -48,4 +70,4 @@ if bash clamav-unofficial-sigs.sh --install-man  ; then
 else
  	echo .. ERROR
   exit 1
-fi
+fi
diff --git a/.travis/tests/user.conf b/.travis/tests/user.conf
@@ -14,33 +14,16 @@ linuxmalwaredetect_enabled="yes"
 
 yararules_enabled="no"
 
-sanesecurity_dbs="
-sanesecurity.ftm 
-sigwhitelist.ign2 
-junk.ndb 
-jurlbl.ndb 
-phish.ndb 
-rogue.hdb 
-scam.ndb 
-spamimg.hdb 
-spamattach.hdb 
-blurl.ndb 
-malwarehash.hsb 
-winnow.attachments.hdb 
-winnow_malware.hdb 
-winnow_malware_links.ndb 
-winnow_extended_malware.hdb 
-winnow_bad_cw.hdb 
-bofhland_cracked_URL.ndb 
-bofhland_malware_URL.ndb 
-bofhland_phishing_URL.ndb 
-bofhland_malware_attach.hdb 
-hackingteam.hsb 
-crdfam.clamav.hdb 
-porcupine.ndb 
-phishtank.ndb 
-porcupine.hsb 
-" # END SANESECURITY DATABASES
-
+# Default dbs rating 
+# valid rating: LOW, MEDIUM, HIGH
+default_dbs_rating="LOW"
+
+# Per Database 
+# These ratings will override the global rating for the specific database
+# valid rating: LOW, MEDIUM, HIGH, DISABLE
+sanesecurity_dbs_rating="HIGH"
+#securiteinfo_dbs_rating=""
+#linuxmalwaredetect_dbs_rating=""
+#yararulesproject_dbs_rating=""
 
 user_configuration_complete="yes"
diff --git a/README.md b/README.md
@@ -1,8 +1,10 @@
-# clamav-unofficial-sigs [![Build Status](https://travis-ci.org/extremeshok/clamav-unofficial-sigs.svg?branch=master)](https://travis-ci.org/extremeshok/clamav-unofficial-sigs)
+# clamav-unofficial-sigs [![Build Status](https://travis-ci.org/extremeshok/clamav-unofficial-sigs.svg?branch=master)](https://travis-ci.org/extremeshok/clamav-unofficial-sigs) [![GitHub Release](https://img.shields.io/github/release/extremeshok/clamav-unofficial-sigs.svg?label=Latest)](https://github.com/extremeshok/clamav-unofficial-sigs/releases/latest)
+
 [![Code Climate](https://codeclimate.com/github/extremeshok/clamav-unofficial-sigs/badges/gpa.svg)](https://codeclimate.com/github/extremeshok/clamav-unofficial-sigs)
 [![Test Coverage](https://codeclimate.com/github/extremeshok/clamav-unofficial-sigs/badges/coverage.svg)](https://codeclimate.com/github/extremeshok/clamav-unofficial-sigs/coverage)
 [![Issue Count](https://codeclimate.com/github/extremeshok/clamav-unofficial-sigs/badges/issue_count.svg)](https://codeclimate.com/github/extremeshok/clamav-unofficial-sigs)
 
+
 ClamAV Unofficial Signatures Updater
 
 Github fork of the sourceforge hosted and non maintained utility.
@@ -19,6 +21,10 @@ Please post them on the issue tracker : https://github.com/extremeshok/clamav-un
 
 ### Submit Patches / Pull requests to the "Dev" Branch
 
+### Required Ports / Firewall Exceptions
+* rsync: TCP port 873
+* wget/curl : TCP port 443
+
 ### Quick Install Guide
 * Download the files to /tmp/
 * Copy clamav-unofficial-sigs.sh to /usr/local/bin/
@@ -89,7 +95,36 @@ Usage of free Linux Malware Detect clamav signatures: https://www.rfxn.com/proje
  - Enabled by default, no configuration required
 
 ## Change Log
-### Version 5.2.2 (updated 2016-04-18)
+
+### Version 5.3.0 (updated 2016-05-07)
+ - eXtremeSHOK.com Maintenance
+ - Major change: Updated to use new database structure, now allows all low/medium/high databases to be enabled or disabled.
+ - Major change: curl replaced with wget (will fallback to curl is wget is not installed)
+ - Major change: script now functions correctly as the clamav user when started under cron
+ - Added fallback to curl if wget is not available
+ - Added locking (Enable pid file to prevent issues with multiple instances)
+ - Added retries to fetching downloads
+ - Code refactor: if wget repaced with if $? -ne 0
+ - Enhancement: Verify the clam_user and clam_group actually exists on the system
+ - Added function : xshok_user_group_exists, to check if a specific user and group exists
+ - Bug Fix: setmode only if is root
+ - Bug Fix: eval not working on certain systems
+ - Bug fix: rsync output not correctly silenced
+ - Code refactor: remove legacy `..` with $(...)
+ - Code refactor: replace [ ... -a ... ] with [ ... ] && [ ... ]
+ - Code refactor: replace [ ... -o ... ] with [ ... ] || [ ... ]
+ - Code refactor: replace cat "..." with done < ... from loops
+ - Code refactor: convert for loops using files to while loops
+ - Code refactor: read replaced with read -r
+ - Code refactor: added cd ... || exit , to handle a failed cd
+ - Code refactor: double quoted all varibles
+ - Code refactor: refactor all "ls" iterations to use globs
+ - Defined missing uname_bin variable
+ - Added function xshok_database
+ - Set minimum config required to 65
+ - Bump config to 65
+
+### Version 5.2.2
  - eXtremeSHOK.com Maintenance
  - Added --install-all Install and generate the cron, logroate and man files, autodetects the values $oft based on your config files
  - Added functions: xshok_prompt_confirm, xshok_is_file, xshok_is_subdir