[clamav-users] Using a file to list exclusions for on-demand search?B

Kees Theunissen C.J.Theunissen at differ.nl
Fri Jan 5 05:50:52 UTC 2018


On Thu, 4 Jan 2018, Paul B. wrote:

>Hi,
>I just installed ClamAv on a desktop Linux machine. I would like to
>set it up using aliases in the bashrc file, so I can do various kinds
>of file and directory scans from the command line. Rather than an
>unwieldy string of exclusions in the alias' command line, I would like
>to have a file that lists exclusions, which Clam would reference. I've
>seen mention of this ability, but not enough info to get me started. I
>do not have the daemon installed, just ClamAv, and FreshClam for
>updates.

Hi Paul,

This can be done with a litle bit of shell scripting.

Create an exclusion file like this:

#####################################################################
#
# file: /home/kees/scan_excludes
#
# Parsing rules:
# -- leading and trailing white space will be removed
# -- empty lines -after space removal- will be ignored
# -- lines starting with a '#' -after space removal- will be ignored
# -- lines starting with 'file:' define file exclusions
# -- lines starting with 'dir:' define directory exclusions
# -- lines must contain exactly one exclusion expression

# Exclude some files
file:expression_to_exclude_some_files
file:exclude_more_files

# Exclude a directory
dir:some_directory

#####################################################################


And define aliases like below:

alias parse_exclude_file="sed -r \
   -e 's/^[[:space:]]+//' -e 's/[[:space:]]+$//' -e '/^(#|$)/d' \
   -e 's/^file:/--exclude=/' -e 's/^dir:/--exclude-dir=/'"

alias scan_home_dirs="clamscan -r --suppress-ok-results --bell \
   \$( parse_exclude_file /home/kees/scan_excludes ) \
   /home"


For testing/debugging first run 'set -x' and then 'scan_home_dirs'.
With the x flag set the shell will show all commands with options
and parameters that are executed during the alias expansion.
'+' signs at the start of a line indicate the nesting depth of
the shown command. Run 'set +x' to reset the flag.

Let's try:

kees at ithmar:~$ set -x
kees at ithmar:~$ scan_home_dirs
++ sed -r -e 's/^[[:space:]]+//' -e 's/[[:space:]]+$//' -e '/^(#|$)/d' -e 's/^file:/--exclude=/' -e 's/^dir:/--exclude-dir=/' /home/kees/scan_excludes
+ clamscan -r --suppress-ok-results --bell --exclude=expression_to_exclude_some_files --exclude=exclude_more_files --exclude-dir=some_directory /home
^C (scan aborted, it takes way too much time)
kees at ithmar:~$ set +x
+ set +x



Regards,


Kees Theunissen.

-- 
Kees Theunissen,  System and network manager,   Tel: +31 (0)40-3334724
Dutch Institute For Fundamental Energy Research (DIFFER)
email address:    C.J.Theunissen at differ.nl
postal address:   PO Box 6336, 5600 HH, Eindhoven, the Netherlands
visitors address: De Zaale 20, 5612 AJ, Eindhoven, the Netherlands




More information about the clamav-users mailing list