Hi Folks,
I posted a new release of the clamav-unofficial-sigs script to the
download site. There are many changes, so please reference the
CHANGELOG, manual page and '-h' (help & usage info) flag for details.
Of note, the tarball now also includes logrotate and cron files. This
completes the requested additions to support package and port maintainers.
The script now includes the ability to hexadecimal encode a data string
(-e) and output the encode string that can then be used in any *.ndb
signature database (with the addition of the user required information
fields, that is).
The script's '-d" flag has also been modified to not only decode
signature names (e.g.: Sanesecurity.Junk.15248), but can also now decode
input of hexadecimal encoded strings, and WILL now skip decoding the
non-hex encoded spacing characters like {-50}, so they are presented to
the user intact.
Here is what has changed with this update (from the CHANGELOG):
Version 3.0 (updated 2009-05-10)
- Added a couple of missing stderr redirects. Reported by Paul Wise.
- Updated the manual page and README and INSTALL documentation.
- Added cron and logrotate files to the tarball.
- Added a '-r' (remove script) flag that will allow the script user
to easily remove the script and all of its associated files and
databases and work directories from the system.
- Provided two variables that package and port maintainers can use in
order to prevent the script from removing itself with the '-r' flag
if the script was installed via a package manager like yum, apt, pkg,
etc. The script will instead provide feedback to the user about how
to uninstall the package.
- Added the ability to disable execution of "chown" (the setting of
user and group permissions on files and directories) if either the
"clam_user" or "clam_group" or both variables are commented in the
config file. Requested by Micha Lenk
- The script will now decode input from both third-party signature
names (e.g.: Sanesecurity.Junk.15248) and hexadecimal encoded strings.
- The script now supports decoding of third-party signatures that
include spacing information within the hexadecimal string (e.g.:
{-50}) and will now output the decode string with the spacing
information intact.
- Added the '-e' (encode) flag that will hexadecimal encode any input
string and output a hexadecimal string that can be used in any *.ndb
type signature database.
- The script will now do a database reload if it detects that signature
databases have been removed from the configuration file and deleted
from the system. It will also report this information via cron email,
if enabled, and will also write this information to the log file, if
logging is enabled.
No changes have been made to the config file.
The updated tarball can be downloaded from:
http://www.inetmsg.com/pub/clamav-unofficial-sigs.tar.gz
As usual, let me know if there are any issues, suggestions, or feature
requests.
Bill
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
