McAfee VirusScan 6.00.0 for Unix is now out

Jethro R Binks jethro.binks at strath.ac.uk
Tue Nov 24 22:49:47 GMT 2009


On Fri, 20 Nov 2009, Jethro R Binks wrote:

> > If I get a chance next week, I'll have a look at the mcafee-autoupdate 
> > script to see what changes are needed.
> 
> In addition to Phil's subsequent patch which I didn't keep to respond to, 
> I also suggest passing the "-o" option to unzip:
...

Attached is a diff which brings in more robust additional support for the 
new VirusScan CLI 6 and V2 DAT files.  It also tidies up some aspects of 
the original script, including making it a little less verbose in normal 
operation (I think).  The logic is slightly more convoluted now it 
potentially has to deal with two versions of the DATS, but I see this as 
an interim measure: in theory, after McAfee stop publishing V1 DATs after 
March 2010, the support can be removed for those versions and it all 
tidied up again.

I have not looked at any changes required to SweepViruses.pl etc.  I have 
found that the new McAfee is now so slow on startup that it is probably 
even more unuseable than ever here, but I supply this patch for the 
benefit of anyone else who is sticking with it!

Jethro.

.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
Jethro R Binks
Computing Officer, IT Services, University Of Strathclyde, Glasgow, UK
-------------- next part --------------
--- mcafee-autoupdate.1.52	2009-03-18 18:20:37.000000000 +0000
+++ mcafee-autoupdate	2009-11-24 22:46:08.000000000 +0000
@@ -2,6 +2,8 @@
 #
 # Update the McAfee data files.
 #
+# based on:
+#
 # $Cambridge: hermes/conf/build/bin/uvscan-update,v 1.52 2004/08/18 19:12:02 fanf2 Exp $
 
 # $PREFIX is the directory where the uvscan binary is (NOT a symlink to
@@ -17,13 +19,38 @@
 # the subdirectory via a current link. The current link is updated
 # without locking on the assumption that this is sufficiently unlikely
 # to cause a problem.
+#
+
+# As of Apr 2010, McAfee will no longer publish V1 DATs, and will only
+# publish V2 DATs:
+#
+#   https://kc.mcafee.com/corporate/index?page=content&id=KB60404
+#   https://kc.mcafee.com/corporate/index?page=content&id=KB60772
+#
+# Version 6 of McAfee VirusScan Command Line Scanner for Unix is able to
+# use V2 DATs.
+#
+# If this script detects taht we are running VirusScan CLI version 6, we
+# extract the DATs from the V2 DAT zip archive (avvdat-XXXX.zip).
+# Otherwise, we stick with the previous V1 tar archive (dat-XXXX.tar).
+#
+# In theory, after Apr 2010, support for the V1 DATs could be removed,
+# however no doubt there will be some people who will continue to run the
+# old version of VirusScan CLI even though it no longer receives DAT
+# updates ... but then this script is redundant anyway!
 
 # defaults
 OPTS="-d"
 PREFIX=/opt/uvscan
-FTPDIR=http://download.nai.com/products/datfiles/4.x/nai
+FTPDIR=http://download.nai.com/products/commonupdater 
 RETRIES=1
 INTERVAL=300
+CLIVERSION=6
+
+wgetverbosity="--no-verbose"
+tarverbosity=""
+unzipverbosity="-q"
+unzipopts="-o"
 
 # handle the command line
 usage () {
@@ -61,7 +88,7 @@
 		;;
         /*)     PREFIX=$arg
                 ;;
-        http:)  ftp_proxy=$arg
+        http://*)  ftp_proxy=$arg
                 http_proxy=$arg
                 export ftp_proxy
                 export http_proxy
@@ -90,9 +117,12 @@
 option v VERBOSE
 case $FORCE in
 yes)    VERBOSE=yes
+	wgetverbosity=""
+	tarverbosity="v"
+	unzipverbosity=""
 esac
 
-# look for binaries and libraris in plausible places
+# look for binaries and libraries in plausible places
 PATH=$PREFIX:/usr/local/bin:/usr/bin:/bin
 # this is only necessary for broken setups
 LD_LIBRARY_PATH=$PREFIX
@@ -100,7 +130,12 @@
 
 # where this script finds things
 DATDIR=$PREFIX/datfiles
-DATFILES="clean.dat extra.dat internet.dat names.dat scan.dat"
+# These are for CLI pre-v6:
+DATFILES5="clean.dat extra.dat internet.dat names.dat scan.dat"
+# These are for CLI v6+:
+# Note that runtime.dat is not distributed; it is generated by uvscan the
+# first time it runs (including with "uvscan --version").
+DATFILES6="avvclean.dat avvnames.dat avvscan.dat runtime.dat extra.dat" 
 LINKNAME=current
 LINKREL=datfiles/$LINKNAME
 
@@ -143,7 +178,11 @@
 say PREFIX=$PREFIX
 
 # check directory setup is correct
-for link in $LINKREL $DATFILES
+# At this point we do not know whether this is a CLI version 6 or version 5
+# installation, and more particularly what the filenames for the DAT files
+# are.
+#for link in $LINKREL $DATFILES
+for link in $LINKREL
 do
         if ! is -h $PREFIX/$link
         then
@@ -185,8 +224,8 @@
 try=$RETRIES
 while :
 do      getver "wget --tries=$try --waitretry=$INTERVAL --passive-ftp $FTPDIR/update.ini" update.ini "DATVersion="
-        VERSION=$VER
-        case $VERSION in
+	NEWVER=$VER
+        case $NEWVER in
         UNKNOWN)
                 if ! try=`expr $try - 1`
                 then break
@@ -201,40 +240,62 @@
 done
 
 # work out installed dat version
-getver "uvscan --version" version.err "Virus data file v"
+# CLI v6 is noticeably slower, so we check for it first:
+getver "uvscan --version" version.err "Dat set version: "
+if is $VER = UNKNOWN
+then
+	# Must be CLI pre-v6:
+	getver "uvscan --version" version.err "Virus data file v"
+	CLIVERSION=5
+fi
 PREVIOUS=$VER
 
 case $FORCE in
 yes)    say Forced update from $PREVIOUS
         PREVIOUS=0000
         ;;
-*)      if is $VERSION -eq $PREVIOUS
-        then    say Already have $VERSION
+*)      if is $NEWVER -eq $PREVIOUS
+        then    say Already have $NEWVER
                 run exit 0
         fi
 esac
 
+# select appropriate archive name and DAT filenames
+# if this is CLI v6, we use V2 DAT archive
+if is ! $CLIVERSION 6
+then
+	DISTARC=dat-$NEWVER.tar
+	DATFILES="$DATFILES5"
+else
+	DISTARC=avvdat-$NEWVER.zip
+	DATFILES="$DATFILES6"
+fi
+
 VERBOSE=yes
 
+# We are performing an update, so be chatty (as opposed to explicitly
+# verbose as requested)
+CHATTY=yes
+
 say Installed dat file is $PREVIOUS
-say Latest dat file is $VERSION
+say Latest dat file is $NEWVER
 
-if is $VERSION = UNKNOWN
+if is $NEWVER = UNKNOWN
 then    say Problem with McAfee datfile update from $FTPDIR
         run exit 1
-elif is $VERSION -lt $PREVIOUS
+elif is $NEWVER -lt $PREVIOUS
 then    say Remote version $VERSION older than installed version $PREVIOUS
         run exit 1
-elif is -d $VERSION
-then    say Cleaning away $VERSION directory
-        run rm -rf $VERSION
+elif is -d $NEWVER
+then    say Cleaning away $NEWVER directory
+        run rm -rf $NEWVER
 fi
 
 retry () {
         echo "$OUT"
         say Fetch or test failed -- removing bad McAfee data files
         run cd $DATDIR
-        run rm -rf $VERSION
+        run rm -rf $NEWVER
         if ! try=`expr $try - 1`
         then    say Giving up
                 run exit 1
@@ -248,18 +309,23 @@
 while :
 do
         # fetch and extract dat files
-        TARFILE=dat-$VERSION.tar
-        run mkdir $VERSION
-        run cd $VERSION
+        run mkdir $NEWVER
+        run cd $NEWVER
         run chmod 700 .
-        if ! run wget --tries=$try --waitretry=$INTERVAL --passive-ftp --progress=dot:mega $FTPDIR/$TARFILE
+        if ! run wget $wgetverbosity --tries=$try --waitretry=$INTERVAL --passive-ftp --progress=dot:mega $FTPDIR/$DISTARC
         then retry
         fi
-        run tar xvf $TARFILE
+	if is ! $CLIVERSION 6
+	then
+	        run tar x${tarverbosity}f $DISTARC
+	else
+	        run unzip $unzipverbosity $unzipopts $DISTARC
+	fi
         run chmod 644 *
         run chmod 755 .
 
         # verify the contents
+	# this will create runtime.dat too
         CMD="uvscan --version --dat ."
         say "> $CMD"
         if ! OUT=`$CMD 2>&1`
@@ -280,21 +346,19 @@
                 s/^/# /;/@MM/s/$/ <--/' readme.txt
 esac
 # remove some crap
-run rm -f *.diz *.exe *.ini *.lst *.tar *.txt
+run rm -f *.diz *.exe *.ini *.lst *.tar *.txt *.zip
 
-# do remaining part of initial setup
-case $INIT in
-yes)    for file in $DATFILES
-        do
-                run rm -f $PREFIX/$file
-                run ln -s $LINKREL/$file $PREFIX/$file
-        done
-esac
+# Make sure symlinks are in place
+for file in $DATFILES
+do
+	run rm -f $PREFIX/$file
+	run ln -s $LINKREL/$file $PREFIX/$file
+done
 
 # update the current version link
 run cd $DATDIR
-run ln -s $VERSION $VERSION/$LINKNAME
-run mv $VERSION/$LINKNAME .
+run ln -s $NEWVER $NEWVER/$LINKNAME
+run mv $NEWVER/$LINKNAME .
 
 # maybe delete old dat files
 case $DELETE in


More information about the MailScanner mailing list