File: /var/lib/dpkg/info/clamav-freshclam.postinst
#! /bin/sh
# postinst script for clamav-freshclam
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
#
# quoting from the policy:
# Any necessary prompting should almost always be confined to the
# post-installation script, and should be protected with a conditional
# so that unnecessary prompting doesn't happen if a package's
# installation fails and the `postinst' is called with `abort-upgrade',
# `abort-remove' or `abort-deconfigure'.
#loading debconf module
. /usr/share/debconf/confmodule
to_lower()
{
word="$1"
lcword=$(echo "$word" | tr A-Z a-z)
echo "$lcword"
}
is_true()
{
var="$1"
lcvar=$(to_lower "$var")
[ 'true' = "$lcvar" ] || [ 'yes' = "$lcvar" ] || [ 1 = "$lcvar" ]
return $?
}
is_false()
{
var="$1"
lcvar=$(to_lower "$var")
[ 'false' = "$lcvar" ] || [ 'no' = "$lcvar" ] || [ 0 = "$lcvar" ]
return $?
}
ucf_cleanup()
{
# This only does something if I've fucked up before
# Not entirely impossible :(
configfile=$1
if [ `grep "$configfile" /var/lib/ucf/hashfile | wc -l` -gt 1 ]; then
grep -v "$configfile" /var/lib/ucf/hashfile > /var/lib/ucf/hashfile.tmp
grep "$configfile" /var/lib/ucf/hashfile | tail -n 1 >> /var/lib/ucf/hashfile.tmp
mv /var/lib/ucf/hashfile.tmp /var/lib/ucf/hashfile
fi
}
add_to_ucf()
{
configfile=$1
ucffile=$2
if ! grep -q "$configfile" /var/lib/ucf/hashfile; then
md5sum $configfile >> /var/lib/ucf/hashfile
cp $configfile $ucffile
fi
}
ucf_upgrade_check()
{
configfile=$1
sourcefile=$2
ucffile=$3
if [ -f "$configfile" ]; then
add_to_ucf $configfile $ucffile
ucf --three-way --debconf-ok "$sourcefile" "$configfile"
else
[ -d /var/lib/ucf/cache ] || mkdir -p /var/lib/ucf/cache
pathfind restorecon && restorecon /var/lib/ucf/cache
cp $sourcefile $configfile
add_to_ucf $configfile $ucffile
fi
}
slurp_config()
{
CLAMAVCONF="$1"
if [ -e "$CLAMAVCONF" ]; then
for variable in `egrep -a -v '^[[:space:]]*(#|$)' "$CLAMAVCONF" | awk '{print $1}'`; do
case "$variable" in
DatabaseMirror)
if [ -z "$DatabaseMirror" ]; then
for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
value="$value $i"
done
else
continue
fi
;;
DatabaseCustomURL)
if [ -z "$DatabaseCustomURL" ]; then
for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
value="$value $i"
done
else
continue
fi
;;
IncludePUA)
if [ -z "$IncludePUA" ]; then
for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
value="$i $value"
done
else
continue
fi
;;
ExcludePUA)
if [ -z "$ExcludePUA" ]; then
for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
value="$i $value"
done
else
continue
fi
;;
ExtraDatabase)
if [ -z "$ExtraDatabase" ]; then
for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do
value="$value $i"
done
else
continue
fi
;;
VirusEvent|OnUpdateExecute|OnErrorExecute|RejectMsg)
value=`grep -a ^$variable $CLAMAVCONF | head -n1 | sed -e s/$variable\ //`
;;
*)
value=`grep -a "^$variable[[:space:]]" $CLAMAVCONF | head -n1 | awk '{print $2}'`
;;
esac
if [ -z "$value" ]; then
export "$variable"="true"
elif [ "$value" != "$variable" ]; then
export "$variable"="$value"
else
export "$variable"="true"
fi
unset value
done
fi
}
pathfind() {
OLDIFS="$IFS"
IFS=:
for p in $PATH; do
if [ -x "$p/$*" ]; then
IFS="$OLDIFS"
return 0
fi
done
IFS="$OLDIFS"
return 1
}
set_debconf_value()
{
prog=$1
name=$2
eval variable="\$${name}"
if [ -n "$variable" ]; then
db_set clamav-$prog/$name "$variable" || true
fi
}
make_dir()
{
DIR=$1
if [ -d "$DIR" ]; then
return 0;
fi
[ -n "$User" ] || User=clamav
mkdir -p -m 0755 "$DIR"
chown "$User" "$DIR"
pathfind restorecon && restorecon "$DIR"
}
# Debconf Functions
isdigit ()
{
case $1 in
[[:digit:]]*)
ISDIGIT=1
;;
*)
ISDIGIT=0
;;
esac
}
inputdigit ()
{
ISDIGIT=0
while [ "$ISDIGIT" = '0' ]; do
db_input "$1" "$2" || true
if ! db_go; then
return 30
fi
db_get $2 || true
isdigit $RET
if [ "$ISDIGIT" = '0' ]; then
db_input critical clamav-base/numinfo || true
db_go
fi
done
return 0
}
StateGeneric()
{
PRIO=$1
QUESTION=$2
NEXT=$3
LAST=$4
db_input $PRIO $QUESTION || true
if db_go; then
STATE=$NEXT
else
STATE=$LAST
fi
}
StateGenericDigit()
{
PRIO=$1
QUESTION=$2
NEXT=$3
LAST=$4
inputdigit $PRIO $QUESTION || true
if db_go; then
STATE=$NEXT
else
STATE=$LAST
fi
}
FRESHCLAMCONFFILE=/etc/clamav/freshclam.conf
FRESHCLAMLOGFILE=/var/log/clamav/freshclam.log
DEBCONFFILE=/var/lib/clamav/freshclam.conf
LOGROTFILE=/etc/logrotate.d/clamav-freshclam
DEBROTFILE=/var/lib/clamav/clamav-freshclam
DO_RUN_AS_EVALUATION=0
case "$1" in
configure)
# Configure the hardcoded stuff
dbowner=clamav
udlogfile="$FRESHCLAMLOGFILE"
maxatt=5
# Read the configuration file
slurp_config "$FRESHCLAMCONFFILE"
# Get the debconf answers
db_get clamav-freshclam/local_mirror || true
[ "$RET" = "" ] || rawmirrors="$RET"
if echo "$rawmirrors" | egrep -q '(\(|\))'; then
mirrors=`echo "$rawmirrors" | awk '{print $1}'`
else
mirrors="$rawmirrors"
fi
db_get clamav-freshclam/autoupdate_freshclam || true
runas="$RET"
if [ "$runas" = "ifup.d" ]; then
db_get clamav-freshclam/internet_interface || true
if [ "$RET" != "" ]; then
iface="$RET"
else
# Like the template promised
runas="daemon"
fi
fi
if [ "$runas" = "ifup.d" ] || [ "$runas" = "daemon" ] || [ "$runas" = "cron" ]; then
db_get clamav-freshclam/update_interval || true
if [ "$RET" != "" ]; then
if [ "$runas" != "cron" ]; then
checks="$RET"
else
if [ "$RET" -ge 24 ]; then
echo "To check for updates more often than hourly, please run freshclam as a daemon."
cronhour=1
else
cronhour="`expr 24 / $RET`"
fi
fi
fi
fi
db_get clamav-freshclam/http_proxy || true
if [ "$RET" != "" ]; then
url="`echo "$RET" | sed -e 's,^http://,,g' | sed -e 's,/$,,g'`"
phost="`echo "$url" | cut -d':' -f 1`"
pport="`echo "$url" | cut -d':' -f 2`"
if [ "$pport" = "$phost" ]; then
pport=""
fi
fullurl="$RET"
db_metaget clamav-freshclam/proxy_user value || true
if [ "$RET" != "" ]; then
fulluser="$RET"
puser="`echo "$RET" | cut -d':' -f 1`"
ppass="`echo "$RET" | cut -d':' -f 2`"
fi
fi
db_get clamav-freshclam/NotifyClamd || true
[ "$RET" = "true" ] && notify="/etc/clamav/clamd.conf"
db_get clamav-freshclam/Bytecode || true
Bytecode="$RET"
db_get clamav-freshclam/LogRotate || true
LogRotate="$RET"
db_get clamav-freshclam/PrivateMirror || true
PrivateMirror="$RET"
# Make sure user changes to unasked questions remain intact
[ -n "$DatabaseOwner" ] && [ "$DatabaseOwner" != "$dbowner" ] && dbowner="$DatabaseOwner"
[ -n "$UpdateLogFile" ] && [ "$UpdateLogFile" != "$udlogfile" ] && udlogfile="$UpdateLogFile"
[ -n "$MaxAttempts" ] && [ "$MaxAttempts" != "$maxatt" ] && maxatt="$MaxAttempts"
if [ -n "$udlogfile" ]; then
if echo "$udlogfile" | grep -q '^/dev/'; then
make_logrotate=false
else
if [ "$LogRotate" = "true" ]; then
make_logrotate=true
else
make_logrotate=false
fi
fi
[ -z "$User" ] && User=clamav
if [ "$make_logrotate" = 'true' ]; then
# update the logrotate file
echo "$udlogfile {" > $DEBROTFILE
echo " rotate 12" >> $DEBROTFILE
echo " weekly" >> $DEBROTFILE
echo " compress" >> $DEBROTFILE
echo " delaycompress" >> $DEBROTFILE
echo " missingok" >> $DEBROTFILE
echo " create 640 $User adm" >> $DEBROTFILE
echo " postrotate" >> $DEBROTFILE
echo " if [ -d /run/systemd/system ]; then" >> $DEBROTFILE
echo " systemctl -q is-active clamav-freshclam && systemctl kill --signal=SIGHUP clamav-freshclam || true" >> $DEBROTFILE
echo " else" >> $DEBROTFILE
echo " invoke-rc.d clamav-freshclam reload-log > /dev/null || true" >> $DEBROTFILE
echo " fi" >> $DEBROTFILE
echo " endscript" >> $DEBROTFILE
echo " }" >> $DEBROTFILE
touch "$udlogfile"
if [ -f "$udlogfile" ] && [ ! -L "$udlogfile" ]; then
chown "$User":adm "$udlogfile"
chmod 0640 "$udlogfile"
fi
ucf_cleanup "$LOGROTFILE"
ucf_upgrade_check "$LOGROTFILE" "$DEBROTFILE" /var/lib/ucf/cache/:etc:logrotate.d:clamav-freshclam
rm -f $DEBROTFILE
else
if [ -e "$LOGROTFILE" ]; then
echo "Disabling old logrotate script for clamav-freshclam"
mv "$LOGROTFILE" "$CLAMAVROTATEFILE".dpkg-old
ucf -p "$LOGROTFILE"
fi
fi
else
if [ -e "$LOGROTFILE" ]; then
echo "Disabling old logrotate script for clamav-freshclam"
mv "$LOGROTFILE" "$CLAMAVROTATEFILE".dpkg-old
ucf -p "$LOGROTFILE"
fi
fi
# Set up cron method
if [ "$runas" = cron ]; then
min=$(( `od -A n -N 2 -l < /dev/urandom` % 3600 / 60 ))
# min=`perl -e 'print int(rand(60))'`
FRESHCLAMCRON=/etc/cron.d/clamav-freshclam
FRESHCLAMTEMP=/var/lib/clamav/freshclam.cron
echo "$min */$cronhour * * * $dbowner [ -x /usr/bin/freshclam ] && /usr/bin/freshclam --quiet >/dev/null" > "$FRESHCLAMTEMP"
ucf_cleanup "$FRESHCLAMCRON"
ucf_upgrade_check "$FRESHCLAMCRON" "$FRESHCLAMTEMP" /var/lib/ucf/cache/:etc:cron.d:clamav-freshclam
rm -f "${FRESHCLAMCRON}.ucf-dist"
rm -f "$FRESHCLAMTEMP"
else
if [ -e /etc/cron.d/clamav-freshclam ]; then
echo -n "Disabling old cron script . . . "
mv /etc/cron.d/clamav-freshclam /etc/cron.d/clamav-freshclam.dpkg-old
ucf -p /etc/cron.d/clamav-freshclam > /dev/null 2>&1 || true
echo "done"
fi
fi
# Set up ifup.d method
if [ "$runas" = 'ifup.d' ]; then
[ -n "$iface" ] && echo "$iface" > /var/lib/clamav/interface
else
[ -f /var/lib/clamav/interface ] && rm -f /var/lib/clamav/interface
fi
# Set default values for options not configured via debconf
[ -z "$DatabaseDirectory" ] && DatabaseDirectory='/var/lib/clamav'
[ -z "$LogFileMaxSize" ] && LogFileMaxSize=0
[ -z "$LogTime" ] && LogTime=true
[ -z "$LogVerbose" ] && LogVerbose=false
[ -z "$LogSyslog" ] && LogSyslog=false
[ -z "$LogFacility" ] && LogFacility=LOG_LOCAL6
[ -z "$DNSDatabaseInfo" ] && DNSDatabaseInfo='current.cvd.clamav.net'
[ -z "$ScriptedUpdates" ] && ScriptedUpdates=yes
[ -z "$CompressLocalDatabase" ] && CompressLocalDatabase=no
[ -z "$Foreground" ] && Foreground=false
[ -z "$Debug" ] && Debug=false
[ -z "$ConnectTimeout" ] && ConnectTimeout=30
[ -z "$ReceiveTimeout" ] && ReceiveTimeout=0
[ -z "$TestDatabases" ] && TestDatabases=yes
# Generate config file
cat >> $DEBCONFFILE << EOF
# Automatically created by the clamav-freshclam postinst
# Comments will get lost when you reconfigure the clamav-freshclam package
DatabaseOwner $dbowner
UpdateLogFile $udlogfile
LogVerbose $LogVerbose
LogSyslog $LogSyslog
LogFacility $LogFacility
LogFileMaxSize $LogFileMaxSize
LogRotate $LogRotate
LogTime $LogTime
Foreground $Foreground
Debug $Debug
MaxAttempts $maxatt
DatabaseDirectory $DatabaseDirectory
DNSDatabaseInfo $DNSDatabaseInfo
ConnectTimeout $ConnectTimeout
ReceiveTimeout $ReceiveTimeout
TestDatabases $TestDatabases
ScriptedUpdates $ScriptedUpdates
CompressLocalDatabase $CompressLocalDatabase
Bytecode $Bytecode
EOF
if [ -n "$notify" ] ;then
echo "NotifyClamd $notify" >> $DEBCONFFILE
fi
if [ "$runas" != "cron" ] || [ "$runas" != "manual" ]; then
if [ -n "$checks" ] && [ "$checks" != "true" ]; then
echo "# Check for new database $checks times a day" >> $DEBCONFFILE
echo "Checks $checks" >> $DEBCONFFILE
fi
fi
if [ -n "$mirrors" ]; then
for i in $mirrors; do
echo "DatabaseMirror $i" >> $DEBCONFFILE
done
fi
# the first mirror is managed via debconf (and might have been changed)
DatabaseMirror="`echo $DatabaseMirror | sed 's/^[[:space:]]*[^[:space:]]\+[[:space:]]\*//'`"
DatabaseMirror="$DatabaseMirror database.clamav.net"
for m in $DatabaseMirror; do
grep -q "$m" "$DEBCONFFILE" || echo "DatabaseMirror $m" >> $DEBCONFFILE
done
if [ -n "$phost" ]; then
echo "# Proxy: $fullurl" >> $DEBCONFFILE
echo "HTTPProxyServer $phost" >> $DEBCONFFILE
if [ -n "$pport" ]; then
echo "HTTPProxyPort $pport" >> $DEBCONFFILE
fi
fi
if [ -n "$puser" ] && [ -n "$ppass" ]; then
echo "# Proxy authentication: $fulluser" >> $DEBCONFFILE
echo "HTTPProxyUsername $puser" >> $DEBCONFFILE
echo "HTTPProxyPassword $ppass" >> $DEBCONFFILE
fi
[ -n "$PidFile" ] && echo "PidFile $PidFile" >> $DEBCONFFILE
[ -n "$HTTPUserAgent" ] && echo "HTTPUserAgent $HTTPUserAgent" >> $DEBCONFFILE
[ -n "$OnOutdatedExecute" ] && echo "OnOutdatedExecute $OnOutdatedExecute" >> $DEBCONFFILE
[ -n "$OnUpdateExecute" ] && echo "OnUpdateExecute $OnUpdateExecute" >> $DEBCONFFILE
[ -n "$OnErrorExecute" ] && echo "OnErrorExecute $OnErrorExecute" >> $DEBCONFFILE
[ -n "$LocalIPAddress" ] && echo "LocalIPAddress $LocalIPAddress" >> $DEBCONFFILE
[ -n "$PrivateMirror" ] && echo "PrivateMirror $PrivateMirror" >> $DEBCONFFILE
[ -n "$ExcludeDatabase" ] && echo "ExcludeDatabase $ExcludeDatabase" >> $DEBCONFFILE
if [ -n "$DatabaseCustomURL" ]; then
for i in $DatabaseCustomURL; do
echo "DatabaseCustomURL $i" >> $DEBCONFFILE
done
fi
if [ -n "$ExtraDatabase" ]; then
for i in $ExtraDatabase; do
echo "ExtraDatabase $i" >> $DEBCONFFILE
done
fi
ucf_cleanup "$FRESHCLAMCONFFILE"
ucf_upgrade_check "$FRESHCLAMCONFFILE" "$DEBCONFFILE" /var/lib/ucf/cache/:etc:clamav:freshclam.conf
rm -f "$DEBCONFFILE"
db_stop || true
# Permissions are still fsck'd - repair manually
for script in /etc/network/if-up.d/clamav-freshclam-ifupdown \
/etc/network/if-down.d/clamav-freshclam-ifupdown \
/etc/ppp/ip-down.d/clamav-freshclam-ifupdown \
/etc/ppp/ip-up.d/clamav-freshclam-ifupdown; do
if [ -e "$script" ]; then
[ -x "$script" ] || chmod +x "$script"
fi
done
touch $FRESHCLAMLOGFILE
if [ -f "$FRESHCLAMLOGFILE" ] && [ ! -L "$FRESHCLAMLOGFILE" ]; then
chmod 640 $FRESHCLAMLOGFILE
chown "$dbowner":adm $FRESHCLAMLOGFILE
fi
if [ -f "$FRESHCLAMCONFFILE" ] && [ ! -L "$FRESHCLAMCONFFILE" ]; then
# Tighten the permissions up if it contains a password
if [ -n "$ppass" ]; then
chmod 400 $FRESHCLAMCONFFILE
else
chmod 444 $FRESHCLAMCONFFILE
fi
chown "$dbowner":adm $FRESHCLAMCONFFILE
fi
DO_RUN_AS_EVALUATION=1
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
# Automatically added by dh_apparmor/3.0.4-2ubuntu2.4
if [ "$1" = "configure" ]; then
APP_PROFILE="/etc/apparmor.d/usr.bin.freshclam"
if [ -f "$APP_PROFILE" ]; then
# Add the local/ include
LOCAL_APP_PROFILE="/etc/apparmor.d/local/usr.bin.freshclam"
test -e "$LOCAL_APP_PROFILE" || {
mkdir -p `dirname "$LOCAL_APP_PROFILE"`
install --mode 644 /dev/null "$LOCAL_APP_PROFILE"
}
# Reload the profile, including any abstraction updates
if aa-enabled --quiet 2>/dev/null; then
apparmor_parser -r -T -W "$APP_PROFILE" || true
fi
fi
fi
# End automatically added section
if [ $DO_RUN_AS_EVALUATION -eq 1 ]
then
if [ "$runas" = 'daemon' ]; then
update-rc.d clamav-freshclam defaults >/dev/null
invoke-rc.d clamav-freshclam start
elif [ "$runas" = 'ifup.d' ]; then
for intrface in $iface; do
if route | grep -q "$intrface"; then
IFACE="$intrface" invoke-rc.d clamav-freshclam start || true
break
fi
done
update-rc.d -f clamav-freshclam disable > /dev/null 2>&1 || true
else
echo "Starting database update: "
invoke-rc.d clamav-freshclam no-daemon || true
update-rc.d -f clamav-freshclam disable > /dev/null 2>&1 || true
fi
fi
exit 0