1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189
|
#!/usr/bin/perl
use Sys::Syslog;
$SophosRoot = shift;
#
# Update V5 first, then V4
#
$LockFile = shift || "/var/spool/MailScanner/incoming/Locks/sophosBusy.lock";
$LOCK_SH = 1;
$LOCK_EX = 2;
$LOCK_NB = 4;
$LOCK_UN = 8;
eval { Sys::Syslog::setlogsock('unix'); }; # This may fail!
Sys::Syslog::openlog("Sophos-autoupdate", 'pid, nowait', 'mail');
$V5Root = $SophosRoot || '/opt/sophos-av';
if (-d $V5Root && -x "$V5Root/bin/savupdate") {
# Timeout prevention
$SIG{ALRM} = sub { die "timeout"};
&LockSophos();
eval {
alarm 300;
$Command = "$V5Root/bin/savupdate -v 0";
$retval = &UpdateSophos($Command);
&UnlockSophos();
alarm 0;
};
if ($@) {
if ($@ =~ /timeout/) {
# We timed out!
&UnlockSophos();
Sys::Syslog::syslog('err', "WARNING Sophos V5 update timed out");
alarm 0;
}
} else {
alarm 0;
if ($retval == 0 ) {
Sys::Syslog::syslog('info', "Sophos V5 updated");
} else {
Sys::Syslog::syslog('err', "Sophos V5 updater failed");
}
}
Sys::Syslog::closelog();
exit 0;
}
#
#
# Sophos Version 4 and earlier
#
#
$SophosRoot = "/usr/local/Sophos" unless $SophosRoot;
$IDELink = "$SophosRoot/ide";
$VDLDir = "../sav";
#$Lynx = "/usr/local/bin/lynx -dump";
$Lynx = "/usr/bin/wget -q -O-"; # On Linux use this
$Unzip = "/usr/bin/unzip -joqq";
$rm = "/bin/rm";
Sys::Syslog::openlog("Sophos-autoupdate", 'pid, nowait', 'mail');
# Work out the current VDL (and hence Sophos Sweep) version number
unless (chdir "$SophosRoot/bin/$VDLDir") {
&BailOut("Could not find directory \"$SophosRoot/bin/$VDLDir\"");
}
opendir(LIBDIR, ".") || &BailOut("Cannot open Sophos/lib directory");
foreach $vdlname (sort readdir(LIBDIR)) {
next unless $vdlname =~ /^vdl-(\d+)\.(\d+)([a-zA-Z]*)\.dat$/;
$MajorVer = $1;
$MinorVer = $2;
$NSVFlag = $3;
}
closedir(LIBDIR);
&BailOut("Could not calculate Sophos version number")
unless defined($MajorVer) && defined($MinorVer);
$SophosVersion = "$MajorVer$MinorVer";
$VDLVersion = "$MajorVer.$MinorVer";
# Derive other variables, filenames and URLs from the version numbers
$ZipName = $SophosVersion . "_ides.zip";
$URL = "http://www.sophos.com/downloads/ide/$ZipName";
($min,$hour,$date,$month,$year) = (localtime)[1,2,3,4,5];
$month++;
$year+=1900;
$IDEDir = "$SophosRoot/$SophosVersion." . sprintf("%04d%02d%02d%02d%02d", $year, $month, $date, $hour, $min);
# If the directory already exists, then we have already done the update
# for today, so quietly exit.
Sys::Syslog::syslog('info', "Sophos already up-to-date"),exit 0 if -d $IDEDir;
# Create the IDE files directory
umask 0022;
mkdir $IDEDir, 0755;
chdir $IDEDir or &BailOut("Cannot cd $IDEDir, $!");
# Fetch and unpack the IDE zip file from Sophos
#print STDERR "URL is $URL\n";
$result = system("$Lynx $URL > $ZipName");
if (($result>>8)==1) {
Sys::Syslog::syslog('err', "Your Sophos installation may be too old. Please install the latest release of Sophos");
print STDERR "Your Sophos installation may be too old. Please install the latest release of Sophos";
}
&BailOut("Lynx failed with error return " . ($result>>8) . "\n") if $result>>8;
$result = system("$Unzip $ZipName");
if ($result>>8) {
Sys::Syslog::syslog('err', "Unzipping the new Sophos IDE files failed. This may well be because your Sophos installation is too old. Please install the latest release of Sophos");
print STDERR "Unzipping the new Sophos IDE files failed. This may well be because your Sophos installation is too old. Please install the latest release of Sophos";
&BailOut("Unzip failed with error return " . ($result>>8) . "\n");
}
symlink("$VDLDir/vdl-$VDLVersion$NSVFlag.dat", "vdl.dat");
# Add the new vdl*.vdb files if they are there
foreach $vdlsus ("vdl", "sus", "xvdl") {
foreach $number (1..99) {
$string = $vdlsus . sprintf("%02d", $number) . ".vdb";
symlink("$VDLDir/$string", $string) if -f "$VDLDir/$string";
}
}
# Add the new swpmess.dat and svext.dat files too
symlink("$VDLDir/swpmess.dat", "swpmess.dat") if -f "$VDLDir/swpmess.dat";
symlink("$VDLDir/svext.dat", "svext.dat") if -f "$VDLDir/svext.dat";
# Link in this new directory to Sophos
chdir $SophosRoot or &BailOut("Cannot cd $SophosRoot, $!");
$OldLinkTarget = readlink $IDELink;
&LockSophos();
unlink $IDELink if -l $IDELink;
symlink $IDEDir, $IDELink;
&UnlockSophos();
system("$rm -rf $OldLinkTarget") if defined $OldLinkTarget && -e $OldLinkTarget;
Sys::Syslog::syslog('info', "Sophos successfully updated in $IDEDir");
Sys::Syslog::closelog();
exit 0;
# Used for V4
sub BailOut {
Sys::Syslog::syslog('err', @_);
Sys::Syslog::closelog();
warn "@_, $!";
chdir $SophosRoot or die "Cannot cd $SophosRoot, $!";
system("$rm -rf $IDEDir") if -d $IDEDir;
exit 1;
}
# Used for V4 and V5
sub LockSophos {
open(LOCK, ">$LockFile") or return;
flock(LOCK, $LOCK_EX);
print LOCK "Locked for updating Sophos IDE files by $$\n";
}
# Used for V4 and V5
sub UnlockSophos {
print LOCK "Unlocked after updating Sophos IDE files by $$\n";
flock(LOCK, $LOCK_UN);
close LOCK;
}
# Used for V5
sub UpdateSophos {
my($cmd) = @_;
open(CMD, "$cmd 2>&1 |") or return $?;
while(<CMD>) {
chomp;
Sys::Syslog::syslog('err', "Sophos update warning: $_")
if /warning|error|fatal/i;
}
close CMD;
return $?>>8;
}
|