blob: 4690b7a79fcce1e0f269b0020c4054e40e578dc7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
#!/bin/bash
CLAMD=${CLAMD:-auto}
CLAMDSOCK="${CLAMDSOCK:-/run/clamav/clamd.sock}"
if [ -f /etc/conf.d/av-scan ] ; then
set -o allexport
. /etc/conf.d/av-scan
set +o allexport
fi
if [ $$ == 1 ]; then
echo "Running in private namespace."
echo
echo "Umounting by request..."
umount -nrl ${UNMOUNT}
echo
echo "Remounting devices with noatime..."
grep '^/dev/' /proc/mounts | cut -d ' ' -f 2 | xargs -n1 mount -n -o remount,noatime
echo
echo "Unmounting non-device file systems..."
grep -v '\(^/dev/\|/run \)' /proc/mounts | cut -d ' ' -f 2 | sort -ru | xargs umount -nrl
echo
df -Th --total
echo
grep -vw noatime /proc/mounts | column -t
echo
declare -a EXCL
declare -A M
EXCL=(
/dev
${EXCLUDE}
$(find /var/lib/machines/ -maxdepth 2 -name dev -type d)
$(portageq distdir)
$(portageq pkgdir)
$(portageq get_repo_path / $(portageq get_repos /))
$(mount | grep -v ^/dev/ | sort -u -k3,3 | cut -d ' ' -f 3 | sort -u)
$(mount | grep ^/dev | while read dev on path type fs opts ; do
devhash=${dev//\//_}
if [ ${M[$devhash]} ] ; then
echo $path
else
M[$devhash]=$path
fi
done)
)
echo "Excluding:"
echo ${EXCL[@]}
echo
EXCLARGS=("${EXCL[@]/#/-x }")
if [ -S ${CLAMDSOCK} -a ${CLAMD} != "no" ] ; then
echo "Using clamd"
clamdscan -i --fdpass -f <(simplifind -r / ${EXCLARGS[@]}) -m -l /var/log/av-scan.log
else
echo "Using clamscan"
simplifind -r / ${EXCLARGS[@]} | xargs nice clamscan -ri -l /var/log/av-scan.log
fi
exit
fi
if [ ! -S ${CLAMDSOCK} -a ${CLAMD} = "yes" ] ; then
echo "Starting clamd..."
systemctl start clamd
CLAMD="started"
fi
unshare --pid --mount --mount-proc --fork $0
if [ -S ${CLAMDSOCK} -a ${CLAMD} = "started" ] ; then
echo "Stopping clamd..."
systemctl stop clamd
fi
|