McAfee VirusScan 6.00.0 for Unix is now out
Jethro R Binks
jethro.binks at strath.ac.uk
Tue Nov 24 22:49:47 GMT 2009
On Fri, 20 Nov 2009, Jethro R Binks wrote:
> > If I get a chance next week, I'll have a look at the mcafee-autoupdate
> > script to see what changes are needed.
>
> In addition to Phil's subsequent patch which I didn't keep to respond to,
> I also suggest passing the "-o" option to unzip:
...
Attached is a diff which brings in more robust additional support for the
new VirusScan CLI 6 and V2 DAT files. It also tidies up some aspects of
the original script, including making it a little less verbose in normal
operation (I think). The logic is slightly more convoluted now it
potentially has to deal with two versions of the DATS, but I see this as
an interim measure: in theory, after McAfee stop publishing V1 DATs after
March 2010, the support can be removed for those versions and it all
tidied up again.
I have not looked at any changes required to SweepViruses.pl etc. I have
found that the new McAfee is now so slow on startup that it is probably
even more unuseable than ever here, but I supply this patch for the
benefit of anyone else who is sticking with it!
Jethro.
. . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK
-------------- next part --------------
--- mcafee-autoupdate.1.52 2009-03-18 18:20:37.000000000 +0000
+++ mcafee-autoupdate 2009-11-24 22:46:08.000000000 +0000
@@ -2,6 +2,8 @@
#
# Update the McAfee data files.
#
+# based on:
+#
# $Cambridge: hermes/conf/build/bin/uvscan-update,v 1.52 2004/08/18 19:12:02 fanf2 Exp $
# $PREFIX is the directory where the uvscan binary is (NOT a symlink to
@@ -17,13 +19,38 @@
# the subdirectory via a current link. The current link is updated
# without locking on the assumption that this is sufficiently unlikely
# to cause a problem.
+#
+
+# As of Apr 2010, McAfee will no longer publish V1 DATs, and will only
+# publish V2 DATs:
+#
+# https://kc.mcafee.com/corporate/index?page=content&id=KB60404
+# https://kc.mcafee.com/corporate/index?page=content&id=KB60772
+#
+# Version 6 of McAfee VirusScan Command Line Scanner for Unix is able to
+# use V2 DATs.
+#
+# If this script detects taht we are running VirusScan CLI version 6, we
+# extract the DATs from the V2 DAT zip archive (avvdat-XXXX.zip).
+# Otherwise, we stick with the previous V1 tar archive (dat-XXXX.tar).
+#
+# In theory, after Apr 2010, support for the V1 DATs could be removed,
+# however no doubt there will be some people who will continue to run the
+# old version of VirusScan CLI even though it no longer receives DAT
+# updates ... but then this script is redundant anyway!
# defaults
OPTS="-d"
PREFIX=/opt/uvscan
-FTPDIR=http://download.nai.com/products/datfiles/4.x/nai
+FTPDIR=http://download.nai.com/products/commonupdater
RETRIES=1
INTERVAL=300
+CLIVERSION=6
+
+wgetverbosity="--no-verbose"
+tarverbosity=""
+unzipverbosity="-q"
+unzipopts="-o"
# handle the command line
usage () {
@@ -61,7 +88,7 @@
;;
/*) PREFIX=$arg
;;
- http:) ftp_proxy=$arg
+ http://*) ftp_proxy=$arg
http_proxy=$arg
export ftp_proxy
export http_proxy
@@ -90,9 +117,12 @@
option v VERBOSE
case $FORCE in
yes) VERBOSE=yes
+ wgetverbosity=""
+ tarverbosity="v"
+ unzipverbosity=""
esac
-# look for binaries and libraris in plausible places
+# look for binaries and libraries in plausible places
PATH=$PREFIX:/usr/local/bin:/usr/bin:/bin
# this is only necessary for broken setups
LD_LIBRARY_PATH=$PREFIX
@@ -100,7 +130,12 @@
# where this script finds things
DATDIR=$PREFIX/datfiles
-DATFILES="clean.dat extra.dat internet.dat names.dat scan.dat"
+# These are for CLI pre-v6:
+DATFILES5="clean.dat extra.dat internet.dat names.dat scan.dat"
+# These are for CLI v6+:
+# Note that runtime.dat is not distributed; it is generated by uvscan the
+# first time it runs (including with "uvscan --version").
+DATFILES6="avvclean.dat avvnames.dat avvscan.dat runtime.dat extra.dat"
LINKNAME=current
LINKREL=datfiles/$LINKNAME
@@ -143,7 +178,11 @@
say PREFIX=$PREFIX
# check directory setup is correct
-for link in $LINKREL $DATFILES
+# At this point we do not know whether this is a CLI version 6 or version 5
+# installation, and more particularly what the filenames for the DAT files
+# are.
+#for link in $LINKREL $DATFILES
+for link in $LINKREL
do
if ! is -h $PREFIX/$link
then
@@ -185,8 +224,8 @@
try=$RETRIES
while :
do getver "wget --tries=$try --waitretry=$INTERVAL --passive-ftp $FTPDIR/update.ini" update.ini "DATVersion="
- VERSION=$VER
- case $VERSION in
+ NEWVER=$VER
+ case $NEWVER in
UNKNOWN)
if ! try=`expr $try - 1`
then break
@@ -201,40 +240,62 @@
done
# work out installed dat version
-getver "uvscan --version" version.err "Virus data file v"
+# CLI v6 is noticeably slower, so we check for it first:
+getver "uvscan --version" version.err "Dat set version: "
+if is $VER = UNKNOWN
+then
+ # Must be CLI pre-v6:
+ getver "uvscan --version" version.err "Virus data file v"
+ CLIVERSION=5
+fi
PREVIOUS=$VER
case $FORCE in
yes) say Forced update from $PREVIOUS
PREVIOUS=0000
;;
-*) if is $VERSION -eq $PREVIOUS
- then say Already have $VERSION
+*) if is $NEWVER -eq $PREVIOUS
+ then say Already have $NEWVER
run exit 0
fi
esac
+# select appropriate archive name and DAT filenames
+# if this is CLI v6, we use V2 DAT archive
+if is ! $CLIVERSION 6
+then
+ DISTARC=dat-$NEWVER.tar
+ DATFILES="$DATFILES5"
+else
+ DISTARC=avvdat-$NEWVER.zip
+ DATFILES="$DATFILES6"
+fi
+
VERBOSE=yes
+# We are performing an update, so be chatty (as opposed to explicitly
+# verbose as requested)
+CHATTY=yes
+
say Installed dat file is $PREVIOUS
-say Latest dat file is $VERSION
+say Latest dat file is $NEWVER
-if is $VERSION = UNKNOWN
+if is $NEWVER = UNKNOWN
then say Problem with McAfee datfile update from $FTPDIR
run exit 1
-elif is $VERSION -lt $PREVIOUS
+elif is $NEWVER -lt $PREVIOUS
then say Remote version $VERSION older than installed version $PREVIOUS
run exit 1
-elif is -d $VERSION
-then say Cleaning away $VERSION directory
- run rm -rf $VERSION
+elif is -d $NEWVER
+then say Cleaning away $NEWVER directory
+ run rm -rf $NEWVER
fi
retry () {
echo "$OUT"
say Fetch or test failed -- removing bad McAfee data files
run cd $DATDIR
- run rm -rf $VERSION
+ run rm -rf $NEWVER
if ! try=`expr $try - 1`
then say Giving up
run exit 1
@@ -248,18 +309,23 @@
while :
do
# fetch and extract dat files
- TARFILE=dat-$VERSION.tar
- run mkdir $VERSION
- run cd $VERSION
+ run mkdir $NEWVER
+ run cd $NEWVER
run chmod 700 .
- if ! run wget --tries=$try --waitretry=$INTERVAL --passive-ftp --progress=dot:mega $FTPDIR/$TARFILE
+ if ! run wget $wgetverbosity --tries=$try --waitretry=$INTERVAL --passive-ftp --progress=dot:mega $FTPDIR/$DISTARC
then retry
fi
- run tar xvf $TARFILE
+ if is ! $CLIVERSION 6
+ then
+ run tar x${tarverbosity}f $DISTARC
+ else
+ run unzip $unzipverbosity $unzipopts $DISTARC
+ fi
run chmod 644 *
run chmod 755 .
# verify the contents
+ # this will create runtime.dat too
CMD="uvscan --version --dat ."
say "> $CMD"
if ! OUT=`$CMD 2>&1`
@@ -280,21 +346,19 @@
s/^/# /;/@MM/s/$/ <--/' readme.txt
esac
# remove some crap
-run rm -f *.diz *.exe *.ini *.lst *.tar *.txt
+run rm -f *.diz *.exe *.ini *.lst *.tar *.txt *.zip
-# do remaining part of initial setup
-case $INIT in
-yes) for file in $DATFILES
- do
- run rm -f $PREFIX/$file
- run ln -s $LINKREL/$file $PREFIX/$file
- done
-esac
+# Make sure symlinks are in place
+for file in $DATFILES
+do
+ run rm -f $PREFIX/$file
+ run ln -s $LINKREL/$file $PREFIX/$file
+done
# update the current version link
run cd $DATDIR
-run ln -s $VERSION $VERSION/$LINKNAME
-run mv $VERSION/$LINKNAME .
+run ln -s $NEWVER $NEWVER/$LINKNAME
+run mv $NEWVER/$LINKNAME .
# maybe delete old dat files
case $DELETE in
More information about the MailScanner
mailing list