Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
cPanel ClamAV Cron Job
#!/bin/sh
# cPanel ClamAV Cron Job
for i in `awk '!/nobody/{print $2 | "sort | uniq"}' /etc/userdomains | sort | uniq`; do
SUBJECT="cPanel ClamAV scan report for account ${i}"
DIRTOSCAN=$(getent passwd ${i} | cut -d: -f6)
# Log location
LOG="/var/log/clamav/${i}-scan.log"
# Quarantine location
QUARANTINE="${DIRTOSCAN}/quarantine/"
# make a directory for our log and quarantine if one does not exist
mkdir -p $QUARANTINE
chown -R ${i}:${i} $QUARANTINE
mkdir -p "/var/log/clamav/"
chown -R clamav:clamav "/var/log/clamav/"
# remove old log
rm $LOG &>/dev/null
# ready a new log
touch $LOG
chown clamav:clamav $LOG
check_scan () {
# Check if our "Infected" count is 0 and send an email if its not.
if [ `tail -n 12 ${LOG} | grep Infected | grep -v 0 | wc -l` != 0 ];
then
EMAILMESSAGE=`mktemp /tmp/virus-alert-${i}`
echo `tail -n 100 ${LOG}`} >> {$EMAILMESSAGE}
## cat $EMAILMESSAGE | mail -a $LOG -s "$SUBJECT" -r "Cron Daemon<root>" root
echo $EMAILMESSAGE | mail -a $LOG -s "$SUBJECT" -r "Cron Daemon<root>" root < {$EMAILMESSAGE}
fi
}
/usr/local/cpanel/3rdparty/bin/clamscan -i -r ${DIRTOSCAN} --exclude-dir={sys,dev,virtfs} --exclude=${QUARANTINE} --quiet --infected --log=${LOG} --move=${QUARANTINE};
check_scan
## done >> ${LOG}&
done >> /root/infections&
#!/bin/sh
# Purge Quarantined Viruses
for i in `awk '!/nobody/{print $2 | "sort | uniq"}' /etc/userdomains | sort | uniq`; do
DIRTOSCAN=$(getent passwd ${i} | cut -d: -f6)
QUARANTINE="${DIRTOSCAN}/quarantine/"
rm -rf $QUARANTINE &>/dev/null
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.