New mcafee-autoupdate

Julian Field mailscanner at ecs.soton.ac.uk
Fri Aug 22 16:07:52 IST 2003


To be compatible with the current beta releases and future releases of
MailScanner, you need to change the
PREFIX=/opt/uvscan
line right near the top to
if [ -z "$1" ]; then
   PREFIX=/usr/local/uvscan
else
   PREFIX=$1
   shift
fi

as the autoupdate scripts are now run with their first command-line
parameter specifying the installation directory. This gets all installation
details out of the -wrapper and -autoupdate scripts and back into
configuration files.

At 15:22 22/08/2003, you wrote:
>This is my current version. It includes a couple of important fixes:
>It now uses HTTP, since the FTP server melted down this week.
>There's also better error handling if the download of the tarball
>fails -- in the past it could have left behind an empty directory
>that confuses subsequent runs of the script. I've tested on Solaris,
>so it should work OK for everyone it is supposed to.
>
>I have an item on my todo list to get EXTRA.DAT updates working,
>but I need to do more investigation first.
>
>Tony.
>--
>f.a.n.finch  <dot at dotat.at>  http://dotat.at/
>DOVER WIGHT: SOUTHWEST 5 OR 6 BECOMING VARIABLE 3. FAIR. MODERATE OR GOOD.
>
>
>
>#!/bin/sh -e
>#
># Update the McAfee data files.
>#
># $Cambridge: hermes/build/bin/uvscan-update,v 1.35 2003/08/22 13:59:59
>fanf2 Exp $
>
># $PREFIX is the directory where the uvscan binary is (NOT a symlink to
># the binary), which is where it looks for its dat files. You may run
># uvscan via a symlink to this place (e.g. from /usr/local/bin/uvscan)
># and it will still look for the dat files here. If uvscan's library
># dependencies can be found in a standard place (e.g. /usr/local/lib)
># then you don't need a wrapper script to set LD_LIBRARY_PATH before
># running it.
>#
># The dat files are installed in a subdirectory of $DATDIR named
># according to their version number, with symlinks from $PREFIX into
># the subdirectory via a current link. The current link is updated
># without locking on the assumption that this is sufficiently unlikely
># to cause a problem.
>#
>PREFIX=/opt/uvscan
>DATDIR=$PREFIX/datfiles
>SUBDIR=datfiles/current
>LINK=$PREFIX/$SUBDIR
>
>FTPDIR=http://download.nai.com/products/datfiles/4.x/nai/
>
># ensure the path is plausible
>PATH=$PREFIX:/usr/local/bin:/usr/bin:/bin
>export PATH
>
># handle the command line
>OPTS="$*"
>option () {
>         case $OPTS in
>         -*$1*)  eval $2=yes
>         esac
>}
>case $OPTS in
>[!-]*|*[!-dfrtv]*)
>         echo "usage: $0 [-dfrtv]"
>         echo "  -d      delete old files"
>         echo "  -f      force update"
>         echo "  -r      show README"
>         echo "  -t      timestamp output"
>         echo "  -v      verbose"
>         exit 1
>         ;;
>esac
>option d DELETE
>option f FORCE
>option r README
>option t TIME
>option v VERBOSE
>case $FORCE in
>yes)    VERBOSE=yes
>esac
>
># wrapper functions for echo etc.
>timestamp () {
>         case $TIME in
>         yes)    date "+%Y-%m-%d %H:%M:%S "
>         esac
>}
>say () {
>         case $VERBOSE in
>         yes)    echo "`timestamp`$*"
>         esac
>}
>run () {
>         say "> $*"
>         "$@"
>}
>say Starting $0
>
>if [ ! -h $LINK ]
>then
>         INIT=yes
>         VERBOSE=yes
>         say Initial setup of $0
>         run mkdir -p $DATDIR
>fi
>run cd $DATDIR
>
># version number pattern
>MATCH="[0-9][0-9][0-9][0-9]"
>
># work out latest dat version
>CMD="wget --passive-ftp $FTPDIR/update.ini 2>update.err"
>say "> $CMD"
>if eval "$CMD"
>then
>         VERSION=`cat update.ini | sed
> "/^DATVersion=\($MATCH\).$/!d;s//\1/;q"`
>else
>         cat update.err
>         VERSION=UNKNOWN
>fi
>run rm -f update.*
>
>badversion () {
>         VERBOSE=yes
>         say "Failed to get McAfee datfile update from $FTPDIR"
>         say "FTP version number \"$VERSION\" $*"
>         run exit 1
>}
>
># check the format of the version number
>case $VERSION in
>$MATCH) : ok
>         ;;
>*)      badversion does not match "$MATCH"
>         ;;
>esac
>
># already got it?
>if [ -d $VERSION ]
>then
>         case $FORCE in
>         yes)    say Forced removal of $VERSION
>                 run rm -rf $VERSION
>                 ;;
>         *)      say Already have $VERSION
>                 run exit 0
>                 ;;
>         esac
>fi
>
># work out installed dat version
>PREVIOUS=`(ls -d $MATCH 2>/dev/null || echo 0000) | tail -1`
>
># check new version is actually newer
>if [ $PREVIOUS -gt $VERSION ]
>then
>         badversion older than installed $PREVIOUS
>fi
>
>VERBOSE=yes
>
>say Installed dat file is $PREVIOUS
>say Latest dat file is $VERSION
>
># protect against failure
>fail () {
>         trap EXIT
>         echo "$OUT"
>         say Fetch or test failed -- removing bad McAfee data files
>         run cd $DATDIR
>         run rm -rf $VERSION
>         run exit 1
>}
>trap fail EXIT
>
># fetch and extract dat files
>TARFILE=dat-$VERSION.tar
>run mkdir $VERSION
>run cd $VERSION
>run wget --passive-ftp --progress=dot:mega $FTPDIR/$TARFILE
>run tar xvf $TARFILE
>
># verify the contents
>CMD="uvscan --version --dat ."
>say "> $CMD"
>OUT=`$CMD 2>&1`
>case "$OUT" in
>*"Missing or invalid DAT"* | \
>*"Data file not found"* | \
>*"Removal datafile clean.dat not found"* | \
>*"Unable to remove viruses"* )
>         fail
>esac
>
># protection not needed now
>trap '' EXIT
>
>echo "$OUT"
>say Update OK
>
># show information on this update?
>case $README in
>yes)    run sed 's/[[:cntrl:]]//g
>                 1,/^====================/d
>                 /^====================/,/^NEW VIRUSES DETECTED/d
>                 /^UNDERSTANDING VIRUS NAMES/,$d
>                 s/^/# /;/@MM/s/$/ <--/' readme.txt
>esac
># remove some crap
>run rm -f *.diz *.exe *.ini *.lst *.tar *.txt
>
># do remaining part of initial setup
>case $INIT in
>yes)    for file in *.dat
>         do
>                 run rm -f $PREFIX/$file
>                 run ln -s $SUBDIR/$file $PREFIX/$file
>         done
>esac
>
># update the current version link
>run rm -f $LINK
>run ln -s $VERSION $LINK
>
># maybe delete old dat files
>case $DELETE in
>yes)    run cd $DATDIR
>         run rm -rf $PREVIOUS
>esac
>
>say Completed OK
>run exit 0
>
># done

--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support



More information about the MailScanner mailing list