Custom Search

Saturday, October 31, 2009

ClamAv Update on OpenBSD Box

Updated my ClamAv today from version 0.95.2 to 0.95.3
and luckily read the warning about needing to patch it
on the download page at:

Clam AntiVirus

There’s a link there to download the diff. I downloaded
everything, then ran gpg against the file and signature
file to verify:

gpg –verify clamav-0.95.3.tar.gz.sig clamav-0.95.3.tar.gz

gpg: Signature made Wed Oct 28 10:59:38 2009 CDT using DSA key ID 985A444B
gpg: Good signature from “Tomasz Kojm ”
gpg: aka “Tomasz Kojm ”
gpg: aka “Tomasz Kojm ”
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0DCA 5A08 407D 5288 279D B434 5482 2DC8 985A 444B


After that, cd /usr/ports/mystuff/ and do:

sudo tar xzvf /path/to/clamav-0.95.3.tar.gz

Next, I needed to uninstall the old version, but first I
had to stop the daemon running:
ps auxw grep clamd
sudo kill PID#


Then:

cd clamav-0.95.2
sudo ./configure
sudo make uninstall


There’s a warning in the docs about old librairies
and file versions on your system:

Caveats:

1) Make sure that you haven’t got old libraries (libclamav.so)
lying around your filesystem. You can verify it using:

$ ldd `which freshclam`
/usr/local/bin/freshclam:
Start          End            Type  Open  Ref  GrpRef  Name
1c000000  3c011000  exe     1           0       0              /usr/local/bin/freshclam
0470f000  24744000   rlib     0           1       0              /usr/local/lib/libclamav.so.6.5
022d7000  222db000  rlib    0           2       0              /usr/local/lib/libbz2.so.10.4
07d8b000  27d93000  rlib    0           2       0              /usr/lib/libz.so.4.1
0cd94000  2cd9d000  rlib    0           1       0              /usr/lib/libpthread.so.11.0
0c104000  2c13a000   rlib     0           1       0              /usr/lib/libc.so.48.0
05e7e000  05e7e000   rtld    0           1       0              /usr/libexec/ld.so


With my previous version of Clamav I had the file
/usr/local/lib/libclamav.so.6.4 but the uninstall
removed it okay.

More warnings:

2) Also make sure there is only one version of ClamAv
     on your system.

3) whereis freshclam

4) whereis clamscan


In case anything went wrong I saved my old configuration
files in /usr/local/etc renaming them. Then:

cd /usr/ports/mystuff/clamav-0.95.3/
cp /path/to/patch-0.95.3-bug1737.diff .
sudo patch -p1


After everything built and installed successfully, all that
was left to do was go back into /usr/local/etc and configure
clamd.conf and freshclam.conf, then restart the daemon:

sudo /usr/local/sbin/clamd

I want to stress like always that it pays to read
documentation. Where you want your TemporaryDirectory,
where you want your LocalSocket and DatabaseDirectory
and so on. Same goes for your freshclam settings.
READ THE DOCS!

If you’re going to go through all the above to have
Clamav on your system, then you’re probably going
to want to start it when your system boots. I’ve got
the following in /etc/rc.local:

if [ -x /bin/mkdir ]; then
/bin/mkdir /tmp/clamd && chown clamav:clamav /tmp/clamd
fi

if [ -x /usr/local/sbin/clamd ]; then
/usr/local/sbin/clamd
fi


I do the above mkdir along with the ownership thing
since my sytem cleans out /tmp on reboot. It’s set in
/etc/rc.conf.local:

clear_tmp_enable=”YES”     # clear /tmp on reboot

Cheers!

Labels: , , ,

Tracking Network Usage With a Shell Script

Every morning the daily output is waiting there for
me in my email. Part of the normal output under Ipkts
and Opkts shows what went through the interface:

Ipkts            Opkts
2999812      2509494

I don’t reboot very often but when I do, it seems the system
zeros this out and it starts all over again. I put together
a script that runs periodically from a cronjob:

#!/bin/sh
# Filename: netusage.sh

cd $HOME/bin
if grep ‘daily output’ $HOME/Mail/root/new/*; then
cat `grep -l ‘daily output’ ~/Mail/root/new/*` | \
grep xl0 |tail -1 |awk ‘{print $5}’ > ibytes.out
cat `grep -l ‘daily output’ ~/Mail/root/new/*` | \
grep xl0 |tail -1 |awk ‘{print $7}’ > obytes.out

else
echo “No daily output yet” > /dev/null 2>&1
fi
cd

At the end of the month I run another script to total
the network usage:

#!/bin/sh
# Filename: netusemonthly.sh
cd $HOME/bin
date > `date +”%Y%m%d”`_endofmonthnetuse.log
echo “” >> `date +”%Y%m%d”`_endofmonthnetuse.log
echo “Monthly Ibytes” >> `date +”%Y%m%d”`_endofmonthnetuse.log
cat *ibytes.out |awk ‘{ SUM += $1 } END { print SUM }’ >> \
`date +”%Y%m%d”`_endofmonthnetuse.log
echo “” >> `date +”%Y%m%d”`_endofmonthnetuse.log
echo “Monthly Obytes” >> \
`date +”%Y%m%d”`_endofmonthnetuse.log
cat *obytes.out |awk ‘{ SUM += $1 } END { print SUM }’ >> \
`date +”%Y%m%d”`_endofmonthnetuse.log
mv -f *ibytes.out *obytes.out rebytes/
mv -f *endofmonthnetuse.log rebytes/
cd

The file names I used probably look ludicrous and they are all
completely arbitrary. If you try this out you can use whatever
file names and paths suit your needs. The whole thing was done
just to learn more about scripting, awk, and so forth. Also, to keep
the numbers right after a reboot, I added the following to
/etc/rc.shutdown:

netstat -ivn |head -8 |tail -1 |awk ‘{print $5}’ > \
/home/useracct/bin/`date +”%Y%m%d%H:%M:%S”`_reboot_ibytes.out
netstat -ivn |head -8 |tail -1 |awk ‘{print $7}’ > \
/home/useracct/bin/`date +”%Y%m%d%H:%M:%S”`_reboot_obytes.out
chown useracct:useracct /home/useracct/bin/*reboot_*bytes*

Like I said, this was all done just for learning purposes.
Maybe you can find a way to use some variation of the idea
on your own system.

Cheers!

Labels: , , , ,

Saving Tips From Mailing Lists

Besides my constant experimentation towards always
learning more about OpenBSD, one of my other means
of accumulating tips is from the mailing lists I
subscribe to. I put together a script to save messages
from the misc@openbsd mailing list. It finds all the
messages in thread in my mutt subdirectory under Mail
and concatenates all of them to a text file. It’s
interactive and it asks you for a search pattern,
where to search, and where to save the output to.
Here’s what it looks like:

#!/bin/sh
# Filename: obsd2tips.sh – save mailing list problem
# questions and resolutions to my BSD tips folder

echo “Enter your search pattern: ”
read r

echo “Enter your search path: ”
read R

echo “Enter file to save to: ”
read i

cat `grep -l “$r” $HOME/$R/*` | \
sed ‘/Return-Path/,/X-Virus-Checker-Version/d’ >> \
$HOME/bsd/$i.txt

The stuff like Return-Path and X-Virus-Checker-Version
are stuff in my header I don’t want in the saved tip.
If it was just a single message I could strip the entire
header with a sed command, but it doesn’t work when there
is more than one message in the thread. It gets even more
complicated on the script I use to do the same thing with
my freebsd-questions mailing list threads. Here’s that
script and you will see the difference:

#!/bin/sh
# Filename: fbsd2tips.sh – save mailing list problem
# questions and resolutions to my BSD tips folder

echo “Enter your search pattern: ”
read r

echo “Enter your search path: ”
read R

echo “Enter file to save to: ”
read i

cat `grep -l “$r” $HOME/$R/*` | \
sed ‘/Return-Path/,/X-Virus-Checker-Version/d’ | \
sed ‘/freebsd-questions/d’ |sed ‘/unsubscribe/d’ >> \
$HOME/bsd/$i.txt

Depending on your MUA you will have to adjust your
filtering. I’ve been using mutt for years and do not
have any intention of switching to anything else. So,
if you’re using mutt, it will be easy to implement
for you. If you’re using some other MUA YMMV. ;)

Cheers!

Sat Oct 31 14:35:33 CDT 2009
Addendum:

Made the script a bit more interactive and helpful.
Thanks go to my friend Girish for helping me on it,
too. Here’s the new script for searching through my
misc@openbsd mail threads:

#!/bin/sh
# Filename: obsd2tips.sh – save mailing list problem
# resolutions to my BSD tips folder
found=”N”
while [ "$found" = "N" ]; do
echo “Enter your search pattern: ”
read r

echo “Enter your search path: ”
read R

echo “Enter file to save to: ”
read i

if grep $r $HOME/$R/* > /dev/null 2>&1 ;
then
cat `grep -l “$r” $HOME/$R/*` | \
sed ‘/Return-Path/,/X-Virus-Checker-Version/d’ >> \
$HOME/bsd/$i.txt
# XXX finish the program!
found=”foo”
else
echo “Can’t find it! Check your search pattern and path.”
# Rerun the search with new pattern and/or path
found=”N”
fi
done

I’d also like to add something at the end of the script where,
even after it finds what I’m looking for and writes it out to my
tips file, it will still come up and ask me if I’d like to enter
a new search. Anyone have a suggestion, please leave a comment.

Cheers!

Labels: , , ,