[clamav-users] Using a file to list exclusions for on-demand search?B

Paul B. pbpublic at gmail.com
Sat Jan 13 03:05:20 UTC 2018


Hi Kees,

Wanted to let you know that I've now got this working. I had never
scripted in Linux before, but I set up your examples, then played with
the exclusion syntax (to find it is indeed regex) while watching the
results. Even as I ran the tests the duration kept getting smaller and
smaller.

I think the way I'll strategize about this is to create several
aliases for the most common scans I anticipate doing, with appropriate
command line inclusions in each one (one folder has a bunch of Windows
stuff in it).

In any case, this is what I was looking for, and I thank you again for
taking the time to get me started up. Much appreciated!

Paul

On Fri, Jan 5, 2018 at 12:50 AM, Kees Theunissen
<C.J.Theunissen at differ.nl> wrote:
> On Thu, 4 Jan 2018, Paul B. wrote:
>
>>Hi,
>>I just installed ClamAv on a desktop Linux machine. I would like to
>>set it up using aliases in the bashrc file, so I can do various kinds
>>of file and directory scans from the command line. Rather than an
>>unwieldy string of exclusions in the alias' command line, I would like
>>to have a file that lists exclusions, which Clam would reference. I've
>>seen mention of this ability, but not enough info to get me started. I
>>do not have the daemon installed, just ClamAv, and FreshClam for
>>updates.
>
> Hi Paul,
>
> This can be done with a litle bit of shell scripting.
>
> Create an exclusion file like this:
>
> #####################################################################
> #
> # file: /home/kees/scan_excludes
> #
> # Parsing rules:
> # -- leading and trailing white space will be removed
> # -- empty lines -after space removal- will be ignored
> # -- lines starting with a '#' -after space removal- will be ignored
> # -- lines starting with 'file:' define file exclusions
> # -- lines starting with 'dir:' define directory exclusions
> # -- lines must contain exactly one exclusion expression
>
> # Exclude some files
> file:expression_to_exclude_some_files
> file:exclude_more_files
>
> # Exclude a directory
> dir:some_directory
>
> #####################################################################
>
>
> And define aliases like below:
>
> alias parse_exclude_file="sed -r \
>    -e 's/^[[:space:]]+//' -e 's/[[:space:]]+$//' -e '/^(#|$)/d' \
>    -e 's/^file:/--exclude=/' -e 's/^dir:/--exclude-dir=/'"
>
> alias scan_home_dirs="clamscan -r --suppress-ok-results --bell \
>    \$( parse_exclude_file /home/kees/scan_excludes ) \
>    /home"
>
>
> For testing/debugging first run 'set -x' and then 'scan_home_dirs'.
> With the x flag set the shell will show all commands with options
> and parameters that are executed during the alias expansion.
> '+' signs at the start of a line indicate the nesting depth of
> the shown command. Run 'set +x' to reset the flag.
>
> Let's try:
>
> kees at ithmar:~$ set -x
> kees at ithmar:~$ scan_home_dirs
> ++ sed -r -e 's/^[[:space:]]+//' -e 's/[[:space:]]+$//' -e '/^(#|$)/d' -e 's/^file:/--exclude=/' -e 's/^dir:/--exclude-dir=/' /home/kees/scan_excludes
> + clamscan -r --suppress-ok-results --bell --exclude=expression_to_exclude_some_files --exclude=exclude_more_files --exclude-dir=some_directory /home
> ^C (scan aborted, it takes way too much time)
> kees at ithmar:~$ set +x
> + set +x
>
>
>
> Regards,
>
>
> Kees Theunissen.
>
> --
> Kees Theunissen,  System and network manager,   Tel: +31 (0)40-3334724
> Dutch Institute For Fundamental Energy Research (DIFFER)
> email address:    C.J.Theunissen at differ.nl
> postal address:   PO Box 6336, 5600 HH, Eindhoven, the Netherlands
> visitors address: De Zaale 20, 5612 AJ, Eindhoven, the Netherlands
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml



More information about the clamav-users mailing list