On Wed, 2005-12-28 at 15:31 -0200, Rodrigo Barbosa wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wed, Dec 28, 2005 at 11:13:08AM -0600, rado wrote:
> > > Something like this:
> > >
> > > find / -mtime -1 -type f --exec clanscan -l \
> > > /var/log/camav/clanscan-bu-daily.log \
> > > $clanexcludes -r --no-summary "{}" \; | \
> > > cut -d: -f1 > /usr/local/bin/changedfilelog
> > > NOTOK=`cat /var/log/clamav/clamscan-bu-daily.log | sed -n -e '/FOUND/p;/ERROR/p'`
> > >
> > > if [ "${NOTOK}" != "" ]; then
> > > ....
> > >
> > > I can't actually test this here, since I don't use clanscan, but it is
> > > supposed to do what you want.
> > >
> > kk this was/is the find following the paths I originally used w/new
> > mods:
> > find / -path /sys/bus/pci/drivers -prune -o -path /proc -prune -o -type
> > f -mtime -1 | xargs clamscan -l /var/log/clamav/clamscan-bu-daily.log
> > $clamexcludes -r --no-summary | cut -d: -f1
> > > /usr/local/bin/changedfilelog
> > ---------------------------------
> > kk this performs pretty well now...avg time to run is about 3-4
> > minutes...and logging about 6-7000 files to be rsynced and also clamav
> > produces no "ERROR" or "FOUND" messages.
> >
> > this is the find statement you kinda suggested using "-exec":
> > find / -type f -mtime -1 -exec clamscan -l /var/log/clamav/clamscan-
> > bu-daily.log $clamexcludes -r --no-summary "{}" \; | cut -d: -f1
> > > /usr/local/bin/changedfilelog
> >
> > although I did enjoy playing w/this as I had never any experience w/the
> > "-exec" command...well, it produced about the same amt of files to send
> > to rsync w/no clamscan errors that would stop it but it took approx 1 hr
> > to complete.
> >
> > I am msging bout this just FYI and out of respect that you did indeed
> > try to help solve this problem...and, of course, if others might find
> > this of any use.
>
> The main different is that -exec will execute clanscan once for
> each file, while your solution using xargs will provide the
> whole list of files as a parameter. Just be cause because the
> way you are doing it, you have 3 possible risks:
> 1) The command line will get too long, and the command won't execute
> 2) The command line will get too long, will be truncated, and you can
> get a different result
> 3) Filenames with special character, even a space, can give you small
> headaches
>
Rodrigo...
... earlier in the year, say may or even round april...I recall having
this working somewhat...and experiencing the files w/spaces thing. then
moving and then katrina hit us pretty good and knocked me out of power
for a month and then getting back to this discovering that the whole
backup system needed rewriting. Now, granted, I am not pleased w/the way
that "-prune" acts and in clamav "--exclude" ...guess puzzled bout it is
the word. yep still have it not solved there yet BUT, I feel I gotta go
the way I am because of the time factor...3-4 mins vs 1 hr +-2-3mins.
Although I want to move past this find deal I would rather know exactly
what and why every detail works or doesn't. lol I'm in it too deep not
to!!! hahaha but it's a whatever deal
thx
John Rose
>
> Both solutions are valid, and both have positive and negative aspects.
> Choosing between them should be done on a case by case basis.
>
> - --