New mcafee-autoupdate
Julian Field
mailscanner at ecs.soton.ac.uk
Fri Aug 22 16:07:52 IST 2003
To be compatible with the current beta releases and future releases of
MailScanner, you need to change the
PREFIX=/opt/uvscan
line right near the top to
if [ -z "$1" ]; then
PREFIX=/usr/local/uvscan
else
PREFIX=$1
shift
fi
as the autoupdate scripts are now run with their first command-line
parameter specifying the installation directory. This gets all installation
details out of the -wrapper and -autoupdate scripts and back into
configuration files.
At 15:22 22/08/2003, you wrote:
>This is my current version. It includes a couple of important fixes:
>It now uses HTTP, since the FTP server melted down this week.
>There's also better error handling if the download of the tarball
>fails -- in the past it could have left behind an empty directory
>that confuses subsequent runs of the script. I've tested on Solaris,
>so it should work OK for everyone it is supposed to.
>
>I have an item on my todo list to get EXTRA.DAT updates working,
>but I need to do more investigation first.
>
>Tony.
>--
>f.a.n.finch <dot at dotat.at> http://dotat.at/
>DOVER WIGHT: SOUTHWEST 5 OR 6 BECOMING VARIABLE 3. FAIR. MODERATE OR GOOD.
>
>
>
>#!/bin/sh -e
>#
># Update the McAfee data files.
>#
># $Cambridge: hermes/build/bin/uvscan-update,v 1.35 2003/08/22 13:59:59
>fanf2 Exp $
>
># $PREFIX is the directory where the uvscan binary is (NOT a symlink to
># the binary), which is where it looks for its dat files. You may run
># uvscan via a symlink to this place (e.g. from /usr/local/bin/uvscan)
># and it will still look for the dat files here. If uvscan's library
># dependencies can be found in a standard place (e.g. /usr/local/lib)
># then you don't need a wrapper script to set LD_LIBRARY_PATH before
># running it.
>#
># The dat files are installed in a subdirectory of $DATDIR named
># according to their version number, with symlinks from $PREFIX into
># the subdirectory via a current link. The current link is updated
># without locking on the assumption that this is sufficiently unlikely
># to cause a problem.
>#
>PREFIX=/opt/uvscan
>DATDIR=$PREFIX/datfiles
>SUBDIR=datfiles/current
>LINK=$PREFIX/$SUBDIR
>
>FTPDIR=http://download.nai.com/products/datfiles/4.x/nai/
>
># ensure the path is plausible
>PATH=$PREFIX:/usr/local/bin:/usr/bin:/bin
>export PATH
>
># handle the command line
>OPTS="$*"
>option () {
> case $OPTS in
> -*$1*) eval $2=yes
> esac
>}
>case $OPTS in
>[!-]*|*[!-dfrtv]*)
> echo "usage: $0 [-dfrtv]"
> echo " -d delete old files"
> echo " -f force update"
> echo " -r show README"
> echo " -t timestamp output"
> echo " -v verbose"
> exit 1
> ;;
>esac
>option d DELETE
>option f FORCE
>option r README
>option t TIME
>option v VERBOSE
>case $FORCE in
>yes) VERBOSE=yes
>esac
>
># wrapper functions for echo etc.
>timestamp () {
> case $TIME in
> yes) date "+%Y-%m-%d %H:%M:%S "
> esac
>}
>say () {
> case $VERBOSE in
> yes) echo "`timestamp`$*"
> esac
>}
>run () {
> say "> $*"
> "$@"
>}
>say Starting $0
>
>if [ ! -h $LINK ]
>then
> INIT=yes
> VERBOSE=yes
> say Initial setup of $0
> run mkdir -p $DATDIR
>fi
>run cd $DATDIR
>
># version number pattern
>MATCH="[0-9][0-9][0-9][0-9]"
>
># work out latest dat version
>CMD="wget --passive-ftp $FTPDIR/update.ini 2>update.err"
>say "> $CMD"
>if eval "$CMD"
>then
> VERSION=`cat update.ini | sed
> "/^DATVersion=\($MATCH\).$/!d;s//\1/;q"`
>else
> cat update.err
> VERSION=UNKNOWN
>fi
>run rm -f update.*
>
>badversion () {
> VERBOSE=yes
> say "Failed to get McAfee datfile update from $FTPDIR"
> say "FTP version number \"$VERSION\" $*"
> run exit 1
>}
>
># check the format of the version number
>case $VERSION in
>$MATCH) : ok
> ;;
>*) badversion does not match "$MATCH"
> ;;
>esac
>
># already got it?
>if [ -d $VERSION ]
>then
> case $FORCE in
> yes) say Forced removal of $VERSION
> run rm -rf $VERSION
> ;;
> *) say Already have $VERSION
> run exit 0
> ;;
> esac
>fi
>
># work out installed dat version
>PREVIOUS=`(ls -d $MATCH 2>/dev/null || echo 0000) | tail -1`
>
># check new version is actually newer
>if [ $PREVIOUS -gt $VERSION ]
>then
> badversion older than installed $PREVIOUS
>fi
>
>VERBOSE=yes
>
>say Installed dat file is $PREVIOUS
>say Latest dat file is $VERSION
>
># protect against failure
>fail () {
> trap EXIT
> echo "$OUT"
> say Fetch or test failed -- removing bad McAfee data files
> run cd $DATDIR
> run rm -rf $VERSION
> run exit 1
>}
>trap fail EXIT
>
># fetch and extract dat files
>TARFILE=dat-$VERSION.tar
>run mkdir $VERSION
>run cd $VERSION
>run wget --passive-ftp --progress=dot:mega $FTPDIR/$TARFILE
>run tar xvf $TARFILE
>
># verify the contents
>CMD="uvscan --version --dat ."
>say "> $CMD"
>OUT=`$CMD 2>&1`
>case "$OUT" in
>*"Missing or invalid DAT"* | \
>*"Data file not found"* | \
>*"Removal datafile clean.dat not found"* | \
>*"Unable to remove viruses"* )
> fail
>esac
>
># protection not needed now
>trap '' EXIT
>
>echo "$OUT"
>say Update OK
>
># show information on this update?
>case $README in
>yes) run sed 's/[[:cntrl:]]//g
> 1,/^====================/d
> /^====================/,/^NEW VIRUSES DETECTED/d
> /^UNDERSTANDING VIRUS NAMES/,$d
> s/^/# /;/@MM/s/$/ <--/' readme.txt
>esac
># remove some crap
>run rm -f *.diz *.exe *.ini *.lst *.tar *.txt
>
># do remaining part of initial setup
>case $INIT in
>yes) for file in *.dat
> do
> run rm -f $PREFIX/$file
> run ln -s $SUBDIR/$file $PREFIX/$file
> done
>esac
>
># update the current version link
>run rm -f $LINK
>run ln -s $VERSION $LINK
>
># maybe delete old dat files
>case $DELETE in
>yes) run cd $DATDIR
> run rm -rf $PREVIOUS
>esac
>
>say Completed OK
>run exit 0
>
># done
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support
More information about the MailScanner
mailing list