AVG has a linux version that is freely downloadable: http://free.avg.com/us-en/download.prd-alf
I installed the debian package. All files end up in /opt/, except for /etc/init.d/avgd and some sym links they create under /usr/bin to their binaries.
A few notes, AVG has a lot of daemon stuff that can scan on-access with a special kernel, scan stuff coming over the net, scan emails, etc. I specifically wanted to disable all of that, just do a weekly filesystem scan and keep the daemons turned off. So here are the steps I did to enable that.
- First, set some system parameters using their avgcfgctl command. These will make sure all the real time scanning is disabled:
- Code: Select all
avgcfgctl -w Default.setup.daemonize=false
avgcfgctl -w Default.setup.features.antispam=false
avgcfgctl -w Default.setup.features.oad=false
avgcfgctl -w Default.setup.features.scheduler=false
avgcfgctl -w Default.setup.features.tcpd=false
- something should be done about /etc/init.d/avgd, but I'm not sure yet. Just mentioning it. I don't want their daemon running except when the scan is to be run(its required for that). I will not use their scheduler either, just cron
- You can manually run the command to get virus updates with this:
- Code: Select all
avgupdate
- You can run the scan with the following command. Check their man page for the list of options and see my script below:
- Code: Select all
avgscan
- I created the following script which will start up the needed daemon, do the virus update, do a scan on the desired dirs, then shutdown all the daemons. Note also that the avg programs do a lot of shenanegans with the terminal, so its best if you rediret stdout to /dev/null. I wrote a wrapper script for that(see below) and added some niceness. Here is the main scan script, which I will schedule weekly in cron:
- Code: Select all
# a few bash things
set +e
set +u
# list of dirs to scan
# NOTE - we should read these from a file later. Also SCANOPTS from file
DIRS="/c/raid"
SCANOPT="--arc --heur --media --paranoid "
LOGDIR="/c/var/avg"
#==========================================================
# this cleanup function will be called on exit to clean
# up stuff, we'll use it to stop AVG daemons
#==========================================================
function on_exit()
{
avgctl --stop=WD
}
# set the traps for kill, exit, ctrl-c
# not sure if I need INT and TERM or not. I'm reading conflicting info
#trap exit INT TERM
trap on_exit EXIT
#=============================================================
# set some variables to make sure nothing extra gets started, just to be sure
#=============================================================
avgcfgctl -w Default.setup.daemonize=false
avgcfgctl -w Default.setup.features.antispam=false
avgcfgctl -w Default.setup.features.oad=false
avgcfgctl -w Default.setup.features.scheduler=false
avgcfgctl -w Default.setup.features.tcpd=false
#=============================================================
# start the main avg daemon
#=============================================================
avgctl --start=WD
#=============================================================
# update virus definitions
#=============================================================
NOW=`date "+%y%m%d%H%M%S"`
avgupdate --no-backup > /c/var/avg/avgupdate.$NOW.log
#=============================================================
# run the scan on each dir
#=============================================================
for dir in "$DIRS"
do
NOW=`date "+%y%m%d%H%M%S"`
echo "Scanning $dir on $NOW"
avgscan $SCANOPT --report ${LOGDIR}/avg.${NOW}.log $dir
done
wrapper script for getting rid of stdout to /dev/null- Code: Select all
AVG=./runavg
nice -n 19 $AVG 2>>/c/var/avg/runavg.err.log 1> /dev/null &
it seems to be working for me. I still have to decide what to do with their init.d file because I don't want the deamon to start on boot but their system might need to call the init.d file, so I leave that to you to decide for yourself. Also I want to update my script to read the list of dirs to scan and scan options from config files instead of hard coded in the script. Also, AVG has some sophisticated logging which can send the results to syslog, but I need to figure that out. And finally I want to update my script so that it will email me if it finds any virus. Maybe I'll package this up as an addon someday after all that. But I don't know when I will have time.
Hope this helps someone.