On Sun, 2005-12-25 at 00:06 -0200, Rodrigo Barbosa wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Sat, Dec 24, 2005 at 10:49:25AM -0600, rado wrote:
> > find is giving me fits!
> >
> > this command is really the heart of a backup script I am trying to get
> > going.
> >
> > here's the line:
> >
> > if find / -mtime -1 -type f | xargs clamscan -
> > l /var/log/clamav/clamscan-bu-daily.log $clamexcludes -r --no-summary |
> > cut -d: -f1 > /usr/local/bin/changedfilelog; then
> >
> > and the clamexcludes:
> > clamexcludes="--exclude=/sys/bus/pci/drivers --exclude=/proc --
> > exclude=/sys/class/scsi_host --exclude=/usr/share/doc/clamav-0.87 --
> > exclude=/usr/lib/mailman/tests/msgs "
> >
> > kk ...when it's all over...I have to have /var/log/clamav/clamscan-bu-
> > daily.log to be w/out FOUND or ERROR words anywhere. if either of these
> > words are in that file, the system will not back up but instead, email
> > me.
> >
> > the immediate problem is...no matter what I try, the find command does
> > not perform as I want.
> >
> > the file seems to load up like 280,000 files which seems like the total
> > system etc.
>
> There are actually easier ways to do it, you know. You can first
> run clanscan, then check the logfile with either grep or sed to make
> sure it is what you want it to be, and based on that result decide
> what to do with an if statement.
>
> Something like this:
>
> find / -mtime -1 -type f --exec clanscan -l \
> /var/log/camav/clanscan-bu-daily.log \
> $clanexcludes -r --no-summary "{}" \; | \
> cut -d: -f1 > /usr/local/bin/changedfilelog
> NOTOK=`cat /var/log/clamav/clamscan-bu-daily.log | sed -n -e '/FOUND/p;/ERROR/p'`
>
> if [ "${NOTOK}" != "" ]; then
> ....
>
> I can't actually test this here, since I don't use clanscan, but it is
> supposed to do what you want.
>
> []s
>
Rodrigo,
kk...for the last days, when I had a few mins, I kept testing different
things w/this find stuff:
kk this was/is the find following the paths I originally used w/new
mods:
find / -path /sys/bus/pci/drivers -prune -o -path /proc -prune -o -type
f -mtime -1 | xargs clamscan -l /var/log/clamav/clamscan-bu-daily.log
$clamexcludes -r --no-summary | cut -d: -f1
> /usr/local/bin/changedfilelog
---------------------------------
kk this performs pretty well now...avg time to run is about 3-4
minutes...and logging about 6-7000 files to be rsynced and also clamav
produces no "ERROR" or "FOUND" messages.
this is the find statement you kinda suggested using "-exec":
find / -type f -mtime -1 -exec clamscan -l /var/log/clamav/clamscan-
bu-daily.log $clamexcludes -r --no-summary "{}" \; | cut -d: -f1
> /usr/local/bin/changedfilelog
although I did enjoy playing w/this as I had never any experience w/the
"-exec" command...well, it produced about the same amt of files to send
to rsync w/no clamscan errors that would stop it but it took approx 1 hr
to complete.
I am msging bout this just FYI and out of respect that you did indeed
try to help solve this problem...and, of course, if others might find
this of any use.
also, it seems that no matter what I tried I cannot get find to stop
looking in /proc lol
oh well at least I have the statement to a state where it produces no
errors to block the back up for taking place.
thx for the comments
John Rose