Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The reason the clamscan -r /home >> /home/user/clamscanresults.log didn't work is that >> redirects to an existing file, it doesn't create one if it doesn't exist. To get an empty file, use
Code:
touch /home/user/clamscanresults.log
But that won't work on your system either, because you have to replace 'user' with your username.
Code:
/home/alex/clamscanresults.log
There should be no user named user on the system. Anytime you see that in an example, you're expected to substitute your own username.
The reason the clamscan -r /home >> /home/user/clamscanresults.log didn't work is that >> redirects to an existing file, it doesn't create one if it doesn't exist. To get an empty file, use
Code:
touch /home/user/clamscanresults.log
But that won't work on your system either, because you have to replace 'user' with your username.
Code:
/home/alex/clamscanresults.log
There should be no user named user on the system. Anytime you see that in an example, you're expected to substitute your own username.
So, you mean - I have to create an empty file xxx.log and place it into that folder?
clamav must be run as root, so either log in as root or use sudo.
If you want to scan the entire drive, use
Code:
clamscan -r /
Scanning the entire disk will take a looooooonnnggg time, so set the cronjob to run while you're in bed sleeping, not while you're trying to do work on the computer.
You don't run !bin/bash in a terminal, you put it into a text file as the first line. Linux runs almost entirely on text files. Open your favorite text editor, put the suggested lines into it, and save the file. From a terminal I like nano, but there are others. I can't remember what Gnome uses for a text editor, but it should be easy enough to find.
OK, It took over two hours... I didn't realize that it will also scan my external devices (two hard disks and one SD 512GB.... I was doing other things while this was running... A big part of the time was spent on checking the Evolution database...
Anyway, below is a screen shot of the end message. How can I find out what are the 70 infected files?
I can see now - why NOT to ever run this again, but then the question is - what Folders should I run?
Cheers
Alex
----------- SCAN SUMMARY -----------
Known viruses: 8468537
Engine version: 0.102.4
Scanned directories: 78046
Scanned files: 563668
Infected files: 70
Total errors: 90793
Data scanned: 56575.53 MB
Data read: 90301.40 MB (ratio 0.63:1)
Time: 7454.258 sec (124 m 14 s)
In that folder, I found two log files
clamav.log and freshclam.log
I have no idea what to look for?
Not sure, should I load those files back to this message?
Cheers
Alex
I ran chkrootkit, the only thing it found is the following. SHould I do anything about this?
Searching for suspicious files and dirs, it may take a while... The following suspicious files and directories were found:
/usr/lib/debug/.build-id /usr/lib/modules/5.4.0-26-generic/vdso/.build-id /usr/lib/modules/5.4.0-42-generic/vdso/.build-id
/usr/lib/debug/.build-id /usr/lib/modules/5.4.0-26-generic/vdso/.build-id /usr/lib/modules/5.4.0-42-generic/vdso/.build-id
You're on the right track, because you (already) installed ClamAV.
If you need something to be done in Linux on a regular basis, it is done by a so-called crontab command. This is a list in which you can tell the system what things to do every x amount of time. There are some desktop tools that can do the same however they mostly rely on crontab. And because crontab is found on every Linux installation and always works well, it is nice to use and rely on.
There is a system crontab list you can edit that works with superuser privileges, and every user on the system has its own crontab list to perform tasks with the privileges of that user.
For a tutorial on how to use crontab, take a look at one of the following (there are many more):
You can run commands in the crontab. However for me the best thing to do is to
Make a shell script (this is like a Windows / MS-DOS batch file)
Make an entry in the crontab pointing to the shell script
This way you can easily change, modify or extend the command. There are a lot of tutorials about how to write a shell script. The most simple script to run clamav would be something like this:
The first line of code is necessary (I don't know why) and can also be !/bin/bash, if your system runs BASH as well.
The second line of code is the clamscan command you want to issue. The output that normally would be sent to the terminal is now routed to a file called "clamscanresults.log" (you can pick any name). Because I used >> any existing log file is appended, not replaced.
If you save this text file as eg "scancommand.sh" you have a shell script. PLEASE do not forget to enable execution for the shell script - you can do it through the file manager or by issuing a command like
Code:
chmod +x scancommand.sh
Next, you can modify the crontab. If you want to have all users in /home scanned, you might use the systemwide crontab. So you fire up the crontab editor using the following command
Code:
sudo crontab -e
Then you just have to put in the code for the timing of your shellscript and of course, the name and path of your script. If you wanted to edit your user's crontab you could use the following command
Code:
crontab -e
Hope I got you started!
OK, I am back... Fantastic tutorial, thanks again. Still fails on executing !/bin/sh or !/bin/bash but it seems I can continue without it. The tutorial I looked at is : https://www.cyberciti.biz/faq/how-do...-or-unix-oses/
I generally speaking, opt for written tutorials, not YT video clips, but that's just me. From that tutorial, I gather that cron is a batch file executor of a script, kind of what I used to do with .bat files in the DOS days.
I hope that I will be able to create a .sh (I assume this is a shell script) from the examples on the above tutorial to execute my automated clamav daily scan.
alex@alex-NUC8i7HNK:~$ !/bin/sh
bash: !/bin/sh: event not found
alex@alex-NUC8i7HNK:~$ !/bin/bash
bash: !/bin/bash: event not found
alex@alex-NUC8i7HNK:~$
That was a misprint on hermani's part. They meant to say #!/bin/sh. This is called a hashbang and indicates to the script what program is required to run it (in this case the system shell).
But ! by itself has a special meaning in Linux shells. It means "Go back to when I last used this command and repeat it exactly, with the same arguments". That can be a useful and quick way of repeating an operation, but obviously it doesn't work if you haven't used the command before. Hence the message "event not found".
That was a misprint on hermani's part. They meant to say #!/bin/sh. This is called a hashbang and indicates to the script what program is required to run it (in this case the system shell).
But ! by itself has a special meaning in Linux shells. It means "Go back to when I last used this command and repeat it exactly, with the same arguments". That can be a useful and quick way of repeating an operation, but obviously it doesn't work if you haven't used the command before. Hence the message "event not found".
A script can't be run directly on the cpu because it's text, not machine code. So a program that can interpret the script must be loaded first and the script passed to it for interpretation and execution. That is why the first non-comment line of a script is always the hashbang (or shebang). This tells the kernel what program to load. /bin/sh is a symbolic link to the system shell (usually either /bin/bash or /bin/dash). They are very similar, so it doesn't usually matter which one is run. If it does matter, for example if your script contains a bit of syntax that only bash supports, you can use the hashbang #!/bin/bash.
Perl and Python scripts work in exactly the same way.
Have corrected my previous post, and I am sorry I did not tell about the touch part.
I am sorry, Hazel and Alex I am still a bit of a n00b too, but I recently have had to figure this all out as well.
Hi Hermani,
I am a 75 years "Young" retired guy, continue building websites. I have learned a lot in my journey, by making mistakes, you only make them if you do things....
From that tutorial, I gather that cron is a batch file executor of a script, kind of what I used to do with .bat files in the DOS days.
You could say
a shell script (.sh file) is about the same as a MS-DOS batch file (.bat)
the crontab is a special file that executes programs / commands / shell scripts on a regular basis.
The reason I recommended using a shell script is because I find it is more easy to modify, and I can put extra commands in that can add extra information in a log file, for instance the date and time of an event.
When you get the hang of it, it is quite easy if you have programmed MS-DOS batch files before.
For instance, I use a backup server that I programmed to make a backup copy of my main server on a daily basis. It works fully autonomous and I have zero interaction with it (next to the infrequent check-up and update/upgrade). Also I programmed a small SBC (single board computer) as a secondary backup-server that also makes a daily backup of the most important data, also with zero interaction. Next to that, I have programmed my main server to make a backup of an online Nextcloud server. It all works flawlessly, and I can tell because I have the shell scripts make log files I can read.
a shell script (.sh file) is about the same as a MS-DOS batch file (.bat)
the crontab is a special file that executes programs / commands / shell scripts on a regular basis.
The reason I recommended using a shell script is because I find it is more easy to modify, and I can put extra commands in that can add extra information in a log file, for instance the date and time of an event.
When you get the hang of it, it is quite easy if you have programmed MS-DOS batch files before.
For instance, I use a backup server that I programmed to make a backup copy of my main server on a daily basis. It works fully autonomous and I have zero interaction with it (next to the infrequent check-up and update/upgrade). Also I programmed a small SBC (single board computer) as a secondary backup-server that also makes a daily backup of the most important data, also with zero interaction. Next to that, I have programmed my main server to make a backup of an online Nextcloud server. It all works flawlessly, and I can tell because I have the shell scripts make log files I can read.
Hello again,
I am a retired guy, working at home on building websites as a voluntary occupation, not for money. Since you mentioned backup, I will use that.
1) I have only ONE single computer
2) I only want to backup a list of selected folders to a single exteranal stotrage device (SSD). Each source folder to be copied into a target folder with the same name.
3) I do NOT want to backup to the cloud or anything else
4) I want to do it say, once a day - at 2:00 pm every day
5) I want the backup to be simple copy, not compressed
Is there a way to specify how many "Versions" to keep so that the external storage device doen't fill up?
I want to backup the following folders, for example - folder1, folder2, folder 3
So, what will the script.sh look like?
All of the above again, for virus check using clamav - How do I "know" which folders I need to check? How will an .sh script look for this?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.