Sophos/MailScanner
Lisa Wu
lisa.wu at syntricity.com
Thu Oct 12 23:10:18 IST 2006
Martin Hepworth wrote:
> >>> Once in a while the server will fail to download its updates from
> Sophos.
> >>> (The cause being that our T1 line went down). Then the mail log starts
> >>> posting MailScanner error messages every 10 seconds until a successful
> >>> update occurs:
> >>>
> >>> Sep 6 14:06:50 mail MailScanner[30864]: None of the files matched by
> the
> >>> "Monitors For Sophos Updates" patterns exist!
> >>>
> >>> Because of this error the queue starts placing all messages on hold.
> >
> >
> >> Lisa
> >>
> >> how are you updating the virus defs for Sophos?
> >
> >
> > Martin,
> >
> > There is a cron job that runs the Sophos update script running once
> every
> > hour.
> >
> > Thanks,
> > Lisa
> >
> >
>
> Lisa
>
> Can you give a bit more info. Which cron job? is should be
> update_virus_scanners which will do all the scanners you've defined in
> MailScanner.conf.
>
> This script is reasonbly failure proof as it downloads the updates into
> a separate folder and only on success does it move the 'new' to 'live'
> folders as it were.
>
> Also i presume your using the MailScanner Sophos.Install script to
> install your Sophos as well..?? AS mailScanner expects Sophos V4 to be
> in a non-default Sophos Directory.
>
Hi Martin,
Here is the cron job that is running.
21 0-23/2 * * * /usr/local/updates/Sophos/savupd/savupd.sh > /dev/null
I've attached a copy of the script that is being run.
I did not set-up this server, so I don't know if the previous admin used the
MailScanner Sophos.Install script to install Sophos. From how it looks it
doesn't seem so.
>From what you stated in your last e-mail, should I be setting up a cronjob
that uses a preconfigured update_virus_scanners script that was part of the
MailScanner Sophos install?
In my MailScanner.conf file
Virus Scanners = sophossavi
In my virus.scanners.conf file this is the entry for sophossavi
sophossavi /bin/false /tmp
Let me know if there's any other info you need from me.
Thanks,
Lisa
-------------- next part --------------
#!/bin/sh
# savupd.sh - automated updating for UNIX / Linux / FreeBSD
# savupd.sh shell script (savupd.sh)
# email: support at sophos.com
# Phone (UK): +44 (0)1235 559933
# Phone (US): +1 888 767 4679
###############################################################
## DO NOT EDIT THIS FILE ##
###############################################################
version='1.3 {20030528}'
PATH=$PATH:/bin:/sbin:/opt/sfw/bin:/usr/ucb:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib
export PATH LD_LIBRARY_PATH
ld_var()
{
username=`grep -i "name" /etc/savupd.cfg | awk 'BEGIN { FS = "=" } { print $2 }'`
password=`grep -i "passwd" /etc/savupd.cfg | awk 'BEGIN { FS = "=" } { print $2 }'`
log=`grep -i "logging" /etc/savupd.cfg | awk 'BEGIN { FS = "=" } { print $2 }'`
email=`grep -i "mail" /etc/savupd.cfg | awk 'BEGIN { FS = "=" } { print $2 }'`
rcpt=`grep -i "user" /etc/savupd.cfg | awk 'BEGIN { FS = "=" } { print $2}'`
instdir=`grep -i "instdir" /etc/savupd.cfg | awk 'BEGIN {FS = "=" } { print $2 }'`
loglevel=`grep -i "loglevel" /etc/savupd.cfg | awk 'BEGIN { FS = "=" } { print $2 }'`
tab=" "
tmp='/usr/local/updates/Sophos/savupd.tmp'
fsite='http://www.sophos.com/dp/full'
isite='http://www.sophos.com/downloads/ide'
logfile='/var/log/sophos/savupd.log'
templog='/var/log/sophos/savupd.tmp'
msg='/tmp/savupd.msg'
tfile='/var/log/sophos/savupd.time'
tag=`date +%c`
date=`date +%m`
fupd=0
logit
lcd=`pwd`
}
create_cfg()
{
tmpcfg='/tmp/savupd.tmp'
cfg='/etc/savupd.cfg'
pwd=`pwd`
cronfile='/etc/savupd.cron'
echo "+----------------------------------+"
echo "|savupd.sh - automated updating for|"
echo "| Sophos Anti-Virus |"
echo "| on UNIX / Linux / FreeBSD |"
echo "+----------------------------------+"
echo "| Installation script. |"
echo "+----------------------------------+"
echo ""
echo ""
echo "Please enter your Sophos website username:"
read username
echo "name=$username" > $tmpcfg
echo ""
echo "Please enter your Sophos website password:"
read password
echo "passwd=$password" >> $tmpcfg
echo ""
echo "Enable logging [y/n]?"
read log
case "$log" in
N | n)
echo "logging=NO" >> $tmpcfg
;;
Y | y)
echo "logging=YES" >> $tmpcfg
;;
*)
echo "Unknown option."
create_cfg
exit
esac
if [ $log = y ]; then
echo ""
echo "Enable emailing of logfile [y/n]?"
read email
case "$email" in
N | n)
echo "mail=NO" >> $tmpcfg
;;
Y | y)
echo "mail=YES" >> $tmpcfg
;;
*)
echo "Unknown option."
create_cfg
esac
if [ $email = y ]; then
echo ""
echo "Full logfiles will be available in '/var/log/sophos/'"
echo "What reporting level would you like to be emailed?"
echo "(1) Errors only (2) Monthly update only"
echo "(3) Everything"
read llvl
case "$llvl" in
1)
echo "loglevel=1" >> $tmpcfg
lvl="Errors only."
;;
2)
echo "loglevel=2" >> $tmpcfg
lvl="Monthly update only."
;;
3)
echo "loglevel=3" >> $tmpcfg
lvl="Everything."
;;
*)
echo "Unknown option."
create_cfg
esac
echo ""
echo "Enter the email address of the log recipient:"
read rcpt
echo "user=$rcpt" >> $tmpcfg
fi
fi
echo ""
echo "By default Sophos will be installed to /usr/local"
echo "Would you like to set a non-default installation path [y/n]?"
read defpath
case "$defpath" in
N | n)
echo "instdir=/usr/local" >>$tmpcfg
instpath='/usr/local'
;;
Y | y)
echo "Please enter the path to the base directory."
echo "Sophos will be installed in directories relative to the base directory."
echo "e.g. if base directory is /home/sophos then binaries will be installed in"
echo "/home/sophos/bin and libraries installed in /home/sophos/lib etc..."
echo ""
echo "Do not include the trailing '/' in the path."
read instpath
echo "instdir=$instpath" >>$tmpcfg
;;
*)
echo "Unknown option."
create_cfg
esac
echo ""
echo "*****************************"
echo "The current configuration is:"
echo "Username: $username"
echo "Password: $password"
echo "Logging: $log"
echo "Email: $email"
echo "Email logging level: $lvl"
echo "Recipient: $rcpt"
echo "Installation directory: $instpath"
echo "*****************************"
echo ""
echo "Are these details correct? [y/n]"
read answer
case "$answer" in
N | n)
create_cfg
;;
Y | y)
cat $tmpcfg > $cfg
echo ""
echo "$cfg created."
echo ""
rm -rf $tmpcfg
;;
*)
echo "Unknown option."
echo "Are these details correct? [y/n]"
read aswr
case "$aswr" in
N | n)
create_cfg
;;
Y | y)
cat $tmpcfg > $cfg
echo ""
echo "$cfg created."
echo ""
rm -rf $tmpcfg
;;
*)
echo "Unknown option."
create_cfg
esac
esac
}
create_cron()
{
echo ""
echo "Would you like to schedule savupd.sh to run automatically using 'cron' [y/n]?"
echo ""
echo "WARNING: If root already has a crontab setup, answer NO and set the crontab manually."
read schdl
case "$schdl" in
N | n)
touch $cronfile
return
;;
Y | y)
cfg_cron
;;
*)
create_cron
esac
}
cfg_cron()
{
echo "PATH=$lcd" > $cronfile
echo "HOME=$lcd" >> $cronfile
echo ""
echo "How often would you would you like to check for updates?"
echo "(1) Every hour (2) Every 3 hours"
echo "(3) Every 6 hours (4) Every 12 hours"
echo "(5) Every 24 hours "
echo ""
echo "e.g. Type '1' for hourly checks, '2' for 3 hourly checks etc..."
read frequency
case "$frequency" in
1)
echo "0 0-23 * * * $pwd/savupd.sh" >>$cronfile
;;
2)
echo "0 0-23/3 * * * $pwd/savupd.sh" >>$cronfile
;;
3)
echo "0 0-23/6 * * * $pwd/savupd.sh" >>$cronfile
;;
4)
echo "0 0,12 * * * $pwd/savupd.sh" >>$cronfile
;;
5)
echo "0 0 * * * $pwd/savupd.sh" >>$cronfile
;;
*)
cfg_cron
esac
echo "Configuring root's crontab..."
crontab -u root $cronfile >/dev/null 2>&1 && echo "Crontab configured. To re-configure the schedule, remove '/etc/savupd.cron' and run 'savupd.sh'" || error_cron
echo ""
echo "savupd will now download and update your Sophos Anti Virus installation."
echo "If this is the first time savupd has run, this may take several minutes..."
sleep 2
}
chk_sysfile()
{
echo "Checking for required commands." >> $templog
for c in awk cat mkdir mv ps rm grep sleep tar wget unzip mail; do
which $c >/dev/null || error_sysfile
done
echo "All required commands OK." >> $templog
}
chk_tfile()
{
echo "Checking last download date." >>$templog
if [ -f "$tfile" ]; then
echo "Timestamp detected." >>$templog
lastdate=`cat $tfile`
if [ "$lastdate" -eq "$date" ]; then
echo "Updating IDEs only." >>$templog
flag=1
else
echo "Updating full version." >>$templog
flag=0
fi
else
echo "No timestamp detected. Updating full version." >>$templog
flag=0
fi
}
which_file()
{
if [ "$flag" -eq "1" ]; then
downloadfile='ides.zip'
else
case "`uname -s`,`uname -m`" in
OSF1,alpha)
platform=digitalunix
downloadfile='digitalunix.tar.Z'
;;
SunOS,sun4*)
platform=solaris.sparc
downloadfile='solaris.sparc.tar.Z'
;;
SunOS,i86pc)
platform=solaris.intel
downloadfile='solaris.intel.tar.Z'
;;
Linux,*86)
platform=linux.intel
test -e /lib/libc.so.5 && downloadfile='linux.intel.libc5.tar.Z'
test -e /lib/libc.so.6 && downloadfile='linux.intel.libc6.tar.Z'
islinux=yes
;;
Linux,alpha)
platform=linux.alpha
downloadfile='linux.alpha.tar.Z'
islinux=yes
;;
Linux,ppc*)
platform=linux.ppc
downloadfile=''
;;
FreeBSD,i386)
platform=freebsd
product_name="FreeBSD/Intel"
freebsd_ver=`uname -r | cut -c1`
;;
AIX,*)
platform=aix
downloadfile='aix.tar.Z'
;;
SCO_SV,i386)
platform=scoopenserver
downloadfile='scoopenserver.tar.Z'
;;
UnixWare,i386)
platform=scounixware
downloadfile='scounixware.tar.Z'
;;
HP-UX,9000*)
platform=hpux
downloadfile='hptux.tar.Z'
;;
*)
error_host
esac
if [ $platform = freebsd ]; then
if [ $freebsd_ver -eq 2 ]; then
downloadfile='freebsd.aout.tar.Z'
else
downloadfile='freebsd.elf.tar.Z'
fi
fi
echo "Platform detected: $platform" >> $templog
echo "File to be downloaded: $downloadfile" >> $templog
fi
}
mktmp()
{
echo "Creating temporary directory." >>$templog
if [ -d $tmp ]; then
rm -rf $tmp || error_temp
mkdir $tmp || error_temp
else
mkdir $tmp || error_temp
fi
echo "Temporary directory created." >>$templog
}
dload()
{
if [ $flag -eq 0 ]; then
echo "Downloading $downloadfile" >> $templog
wget $fsite/$downloadfile --http-user='$username' --http-passwd='$password' --directory-prefix=$tmp -t3 || error_download
echo "Download complete. Checking file." >>$templog
if [ -f $tmp/$downloadfile ]; then
echo "Download verified." >>$templog
else
echo "Unable to verify download file." >>$templog
error_download
fi
else
echo "Downloading $downloadfile" >>$templog
wget -P$tmp $isite/$downloadfile || error_download
echo "Download complete. Checking file." >>$templog
if [ -f $tmp/$downloadfile ]; then
echo "Download verified." >>$templog
else
echo "Unable to verify download file." >>$templog
error_download
fi
fi
}
xtract()
{
if [ $flag -eq 0 ]; then
echo "Extracting files from archive." >>$templog
which uncompress >/dev/null && uncomp='yes' || uncomp='no'
if [ $uncomp = no ]; then
echo "'uncompress' not found. Using 'tar -z'" >>$templog
cd $tmp
tar -zxvf $tmp/$downloadfile || error_tar
echo "Files extracted." >>$templog
else
uncompress $tmp/$downloadfile || error_tar
newfile=`ls $tmp`
cd $tmp
tar -xvf $tmp/$newfile || error_tar
echo "Files extracted." >>$templog
fi
else
echo "Extracting IDE files." >>$templog
rm -rf $instdir/sav/*.ide
unzip -o -q $tmp/$downloadfile -d $instdir/sav || error_tar
echo "Files extracted." >>$templog
mmsmtprestart
fi
}
instal()
{
if [ $flag -eq 0 ]; then
if [ -f /var/spool/intercheck/comms/ic.sta ]; then
echo "Starting Installation." >>$templog
echo "Intercheck server will be installed." >>$templog
$tmp/sav-install/install.sh -v -d $instdir || error_install
echo "Installation complete." >>$templog
else
echo "Starting Installation." >>$templog
echo "Intercheck server will not be installed." >>$templog
$tmp/sav-install/install.sh -ni -so -v -d $instdir|| error_install
echo "Installation complete." >>$templog
fi
fi
}
rmtmp()
{
echo "Removing temporary directory." >>$templog
if [ -d $tmp ]; then
cd $lcd
rm -rf $tmp || error_temp2
fi
echo "Temporary directory removed." >>$templog
}
logit()
{
echo "+----------------------------------+" >>$templog
echo "|savupd.sh - automated updating for|" >>$templog
echo "| Sophos Anti-Virus |" >>$templog
echo "| on UNIX / Linux / FreeBSD |" >>$templog
echo "+----------------------------------+" >>$templog
echo "Timestamp: $tag" >>$templog
}
logger()
{
if [ $log = YES ]; then
if [ -f $logfile ]; then
cat $logfile >> $logfile.`date +%B`
fi
cat $templog > $logfile
echo "Logfile $logfile created." >> $logfile
rm -rf $templog
fi
}
mailer()
{
if [ $email = YES ]; then
if [ $loglevel -eq 1 ]; then
grep -i "error" $logfile
if [ $? -eq 0 ]; then
mail -s "Error Report - Sophos Update" $rcpt < $logfile
fi
fi
if [ $loglevel -eq 2 ]; then
if [ $fupd -eq 1 ]; then
mail -s "Monthly update report" $rcpt < $logfile
fi
fi
if [ $loglevel -eq 3 ]; then
mail -s "Sophos Update Report" $rcpt < $logfile
fi
fi
}
tstamp()
{
echo $date > $tfile
}
mmsmtptest()
{
if [ -d /var/log/mmsmtp ]; then
mmsmtpinst=1
else
mmsmtpinst=0
fi
}
mmsmtpstop()
{
if [ "$mmsmtpinst" -eq 1 ]; then
mstat=0
x=0
while [ "$mstat" -eq 0 ];
do
if [ "$platform" = solaris.sparc ]; then
mpid=`cat /etc/mmsmtp.pid`
elif [ "$platform" = linux.intel ]; then
mpid=`cat /var/run/mmsmtp.pid`
fi
x=$[x=x+1]
ps -p $mpid >/dev/null 2>&1
mstat=$?
/usr/local/sophos/mmsmtp/bin/mmsmtpd -shutdown >/dev/null 2>&1
# timeout entry
if [ "$x" -gt 100 ]; then
kill -9 $mpid >/dev/null 2>&1
fi
done
echo "MailMonitor daemon has successfully shutdown" >>$templog
fi
}
mmsmtpstart()
{
if [ "$mmsmtpinst" -eq 1 ]; then
mstat=1
x=0
while [ "$mstat" -eq 1 ];
do
if [ "$platform" = solaris.sparc ]; then
mpid=`cat /etc/mmsmtp.pid`
elif [ "$platform" = linux.intel ]; then
mpid=`cat /var/run/mmsmtp.pid`
fi
x=$[x=x+1]
ps -p $mpid >/dev/null 2>&1
mstat=$?
/usr/local/sophos/mmsmtp/bin/mmsmtpd -start >/dev/null 2>&1
# timeout entry
if [ "$x" -gt 100 ]; then
echo "Unable to restart the MailMonitor daemon" >>$templog
return
fi
done
echo "MailMonitor daemon has started successfully (PID: $mpid)" >>$templog
fi
}
mmsmtprestart()
{
if [ "$mmsmtpinst" -eq 1 ]; then
case "`uname -s`,`uname -m`" in
SunOS,sun4*)
platform=solaris.sparc
;;
Linux,*86)
platform=linux.intel
;;
*)
error_host
esac
mmsmtpstop
mmsmtpstart
fi
}
##############
# Error msgs #
##############
error_cron()
{
echo "ERROR:" >>$templog
echo "Unable to configure crontab." >>$templog
echo "This means you will either need to manually run this script to update Sophos," >>$templog
echo "or set your own crontab. See 'man 5 crontab' for details." >>$templog
touch $cronfile
return
}
error_sysfile()
{
echo "ERROR:" >>$templog
echo "Unable to find '$c' in path." >>$templog
echo "Unable to continue." >>$templog
echo "Sophos Anti Virus was NOT updated." >>$templog
logger
mailer
exit 1
}
error_host()
{
echo "ERROR:" >>$templog
echo "Unable to determine platform." >>$templog
echo "Unable to continue." >>$templog
echo "Sophos Anti Virus was NOT updated." >>$templog
logger
mailer
exit 2
}
error_temp()
{
echo "ERROR:" >>$templog
echo "Unable to create temporary directory '$tmp'." >>$templog
echo "Unable to continue." >>$templog
echo "Sophos Anti Virus was NOT updated." >>$templog
logger
mailer
exit 3
}
error_temp2()
{
echo "ERROR:" >>$templog
echo "Unable to remove temporary directory '$tmp'." >>$templog
logger
mailer
exit 3
}
error_download()
{
echo "ERROR:" >>$templog
echo "Unable to download '$downloadfile' ." >>$templog
echo "Unable to continue." >>$templog
echo "Sophos Anti Virus was NOT updated." >>$templog
echo "If you are using a proxy server, ensure that you have the correct entries in 'wgetrc'" >>$templog
logger
mailer
exit 4
}
error_tar()
{
echo "ERROR:" >>$templog
echo "Unable to extract files from '$downloadfile'." >>$templog
echo "Unable to continue." >>$templog
echo "Sophos Anti Virus was NOT updated." >>$templog
logger
mailer
exit 5
}
error_install()
{
errno=`echo $?`
echo "ERROR: $errno" >>$templog
echo "An error occured during installation." >>$templog
echo "Unable to continue." >>$templog
echo "Sophos Anti Virus was NOT updated." >>$templog
logger
mailer
exit 6
}
########
# MAIN #
########
mmsmtptest
if [ ! -d /var/log/sophos ]; then
mkdir /var/log/sophos >/dev/null || error_temp
fi
if [ ! -f /etc/savupd.cfg ]; then
create_cfg
fi
if [ ! -f /etc/savupd.cron ]; then
create_cron
fi
ld_var
chk_sysfile
chk_tfile
which_file
mktmp
dload
xtract
instal
tstamp
#rmtmp
if [ $flag -eq 0 ]; then
fupd=1
flag=1
downloadfile='ides.zip'
dload
xtract
tstamp
# rmtmp
fi
logger
mailer
More information about the MailScanner
mailing list