NOJ - Initial flight checks

Checking for age of clamav virus definition file
bechampion · Jun 25, 2024 · f76fb15 · f76fb15
1 parent 462d8cc
commit f76fb15
Show file tree

Hide file tree

Showing 3 changed files with 83 additions and 3 deletions.
diff --git a/systemd/checks.go b/systemd/checks.go
@@ -1,9 +1,13 @@
 package systemd
 
 import (
+	"bytes"
 	"errors"
 	"fmt"
 	"os"
+	"os/exec"
+	"regexp"
+	"strings"
 	"time"
 )
 
@@ -18,10 +22,16 @@ type ClamavDbFile struct {
 }
 
 func DefaultDbAgeCheck() error {
-	return DbAgeCheck(clamavDbFile)
+	details, clamavError := GetClamConfDetails()
+
+	if clamavError != nil {
+		return clamavError
+	}
+
+	return DbConfigAgeCheck(details)
 }
 
-func DbAgeCheck(clamavDbFile ClamavDbFile) error {
+func DbFileAgeCheck(clamavDbFile ClamavDbFile) error {
 	hoursInWeek := 24 * 7
 
 	fi, err := os.Stat(clamavDbFile.path)
@@ -40,3 +50,50 @@ func DbAgeCheck(clamavDbFile ClamavDbFile) error {
 		return nil
 	}
 }
+
+func DbConfigAgeCheck(details ClamConfDetails) error {
+	weekAgo := time.Now().Add(-time.Hour * 24 * 7)
+
+	tooOld := details.DailyCld.Before(weekAgo)
+
+	if tooOld {
+		return errors.New(fmt.Sprintf("virus definition is more than 7 days old: %s", details.DailyCld.String()))
+	}
+
+	return nil
+}
+
+type ClamConfDetails struct {
+	version  string
+	sigs     string
+	DailyCld time.Time
+}
+
+func GetClamConfDetails() (ClamConfDetails, error) {
+	cmd := exec.Command("clamconf")
+	var out bytes.Buffer
+	cmd.Stdout = &out
+	err := cmd.Run()
+	if err != nil {
+		return ClamConfDetails{}, errors.New(fmt.Sprintf("aaa"))
+	}
+
+	const layout = "Mon Jan 02 15:04:05 2006"
+	lines := strings.Split(out.String(), "\n")
+	re := regexp.MustCompile(`^daily.cld: version (.*), sigs: (.*), built on (.*)`)
+
+	for i := range lines {
+		line := lines[i]
+		finds := re.FindStringSubmatch(line)
+
+		if len(finds) > 0 {
+			cd := ClamConfDetails{}
+			cd.DailyCld, _ = time.Parse(layout, finds[3])
+			cd.version = finds[1]
+			cd.sigs = finds[2]
+			return cd, nil
+		}
+	}
+
+	return ClamConfDetails{}, errors.New(fmt.Sprintf("bbb"))
+}
diff --git a/systemd/checks_test.go b/systemd/checks_test.go
@@ -14,6 +14,28 @@ func TestFileIs7DaysOld(t *testing.T) {
 	}
 }
 
+func TestDbConfigIsAlmost7DaysOld(t *testing.T) {
+	weekAgo := time.Now().Add(-time.Hour*24*7 + time.Hour)
+	details := ClamConfDetails{version: "1.0", sigs: "2.0", DailyCld: weekAgo}
+
+	err := DbConfigAgeCheck(details)
+
+	if err != nil {
+		t.Errorf("DailyCld should have been recent enough: \n%v", err)
+	}
+}
+
+func TestDbConfigIsOver7DaysOld(t *testing.T) {
+	weekAgo := time.Now().Add(-time.Hour*24*7 - time.Hour)
+	details := ClamConfDetails{version: "1.0", sigs: "2.0", DailyCld: weekAgo}
+
+	err := DbConfigAgeCheck(details)
+
+	if err == nil {
+		t.Errorf("DailyCld should have been too old")
+	}
+}
+
 func TestFileIsAlmost7DaysOld(t *testing.T) {
 	clamavError := fileErrorCheck(t, time.Now().Add(-time.Hour*24*7+time.Hour))
 
@@ -46,5 +68,5 @@ func fileErrorCheck(t *testing.T, when time.Time) error {
 
 	clamavDbFile := ClamavDbFile{path: nowFilePath}
 
-	return DbAgeCheck(clamavDbFile)
+	return DbFileAgeCheck(clamavDbFile)
 }
diff --git a/systemd/systemd.go b/systemd/systemd.go
@@ -49,6 +49,7 @@ func GetClamDetails() (ClamDetails, error) {
 	cd.Year = strings.Split(cleanout, " ")[5][:4]
 	return cd, nil
 }
+
 func FindClamdProcess() ctypes.Prod {
 	cmd := exec.Command("ps", "aux")
 	var out bytes.Buffer