34 lines
1018 B
Bash
34 lines
1018 B
Bash
#!/bin/bash
|
|
set -euo pipefail
|
|
source "$(dirname "${BASH_SOURCE[0]}")/../../lib/logging.sh"
|
|
|
|
log "Installing anti-malware tools (clamav, clamtk, rkhunter)..."
|
|
sudo pacman -S --noconfirm --needed \
|
|
clamav clamtk rkhunter
|
|
|
|
log "Installing chkrootkit (AUR)..."
|
|
yay -S --aur --noconfirm --needed chkrootkit
|
|
|
|
# initialise ClamAV database (first run)
|
|
if [[ ! -f /var/lib/clamav/main.cvd ]] && [[ ! -f /var/lib/clamav/main.cld ]]; then
|
|
log "Running initial freshclam (virus database update)..."
|
|
sudo freshclam
|
|
else
|
|
skip "ClamAV database already present."
|
|
fi
|
|
|
|
# cron job: update virus definitions twice a day
|
|
CRON_FILE=/etc/cron.d/freshclam
|
|
if [[ ! -f "$CRON_FILE" ]]; then
|
|
log "Installing freshclam cron job (twice daily)..."
|
|
sudo tee "$CRON_FILE" > /dev/null <<'EOF'
|
|
# Update ClamAV virus definitions twice a day
|
|
0 */12 * * * root /usr/bin/freshclam --quiet 2>/dev/null
|
|
EOF
|
|
sudo chmod 644 "$CRON_FILE"
|
|
else
|
|
skip "freshclam cron job already configured."
|
|
fi
|
|
|
|
log "Anti-malware tools installed."
|