56 lines
1.4 KiB
Django/Jinja
56 lines
1.4 KiB
Django/Jinja
#!/bin/bash
|
|
#
|
|
# This script updates Clamav definitions with data from URLhaus (https://urlhaus.abuse.ch/api/#clamav)
|
|
#
|
|
# The original script lives at https://github.com/abusech/urlhaus/blob/master/clamav.sh
|
|
#
|
|
|
|
CLAMDIR="{{ clamav_signatures_db_dir }}"
|
|
CLAMUSER="{{ clamav_clamd_user }}"
|
|
CLAMGROUP="{{ clamav_clamd_user }}"
|
|
|
|
tmpdir=/var/tmp
|
|
tmp_urlhaus="$tmpdir/urlhaus"
|
|
|
|
current_user=$( id -u -n )
|
|
if [ "$current_user" != "$CLAMUSER" ] ; then
|
|
logger "urlhaus-signatures: must run as user $CLAMUSER"
|
|
echo "Must run as user $CLAMUSER"
|
|
exit 1
|
|
fi
|
|
|
|
RELOAD=0
|
|
|
|
lockfile -r 0 /tmp/local.the.lock 2>/dev/null || exit 1
|
|
|
|
rm -rf $tmp_urlhaus
|
|
mkdir $tmp_urlhaus
|
|
|
|
curl -s https://urlhaus.abuse.ch/downloads/urlhaus.ndb -o $tmp_urlhaus/urlhaus.ndb
|
|
|
|
if [ $? -eq 0 ]; then
|
|
clamscan --quiet -d $tmp_urlhaus $tmp_urlhaus 2>&1 >/dev/null
|
|
if [ $? -eq 0 ]; then
|
|
if [ -f "$CLAMDIR"/urlhaus.ndb ]; then
|
|
MD5old=`md5sum "$CLAMDIR"/urlhaus.ndb`
|
|
MD5new=`md5sum $tmp_urlhaus/urlhaus.ndb`
|
|
if ! [ "$MD5old" = "$MD5new" ]; then
|
|
# Updated file
|
|
cp $tmp_urlhaus/urlhaus.ndb $CLAMDIR
|
|
RELOAD=1
|
|
fi
|
|
else
|
|
# Looks like it's the first run
|
|
cp $tmp_urlhaus/urlhaus.ndb $CLAMDIR
|
|
chown $CLAMUSER.$CLAMGROUP "$CLAMDIR"/urlhaus.ndb
|
|
RELOAD=1
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if [ $RELOAD -eq 1 ]; then
|
|
clamdscan --reload
|
|
fi
|
|
|
|
rm -rf $tmp_urlhaus
|
|
rm -f /tmp/local.the.lock |