我有这段代码位于/etc/cron.hourly/hourlyclamscan。
#!/usr/bin/bash # Create Hourly Cron Job With Clamscan # Directories to scan SCAN_DIR=/home/transmission/Downloads # Temporary file LIST_FILE=`mktemp /tmp/clamscan.XXXXXX` # Location of log file LOG_FILE=/var/log/clamav/hourly_clamscan.log # Make list of new files /usr/bin/find "$SCAN_DIR" -type f -mmin -60 -fprint ${LIST_FILE} # Scan files and remove infected /usr/bin/clamscan -i -f ${LIST_FILE} --remove > $LOG_FILE # If there were infected files detected, send email alert if [ `cat ${LOG_FILE} | grep Infected | grep -v 0 | wc -l` != 0 ] then echo "$(egrep "FOUND" $LOG_FILE)" | /bin/mail -s "VIRUS PROBLEM" -r [email protected] #####@#####.## fi exit 当我从terminal运行它,它不会有错误。
但是,当cron运行脚本时,它会向根邮箱发送错误:错误: – 文件列表:无法打开文件/tmp/clamscan.MLXep5
该文件由查找创build并由root拥有(权限600)。 cron作业也以root身份运行,所以我认为权限不应该是问题(或者是?)。
原来是SElinux的问题。
audit2allow -a
收益:
#============= antivirus_t ============== #!!!! This avc can be allowed using the boolean 'antivirus_can_scan_system' allow antivirus_t home_root_t:dir read;
并通过input解决:
setsebool -P antivirus_can_scan_system 1
除了你的脚本已经坏了,我build议你写下如下内容。
不要使用大写的variables名称。 只有环境variables是按照惯例大写的。
不要使用绝对pathfind, mail等二进制文件
#!/usr/bin/bash # Create Hourly Cron Job With Clamscan # Directories to scan scan_dir="/home/transmission/Downloads" # Temporary file list_file=$(mktemp /tmp/clamscan.XXXXXX) # Location of log file log_file="/var/log/clamav/hourly_clamscan.log" # Make list of new files find "$scan_dir" -type f -mmin -60 -fprint "$list_file" # Scan files and remove infected clamscan -i -f "$list_file" --remove > "$log_file" # If there were infected files detected, send email alert grep -q "Infected" "$log_file" && mail -s "VIRUS PROBLEM" -r [email protected] exit