setec-web/clamav.py

# ClamAV antivirus management commands
# Each function returns a bash command string that app.py executes via ssh_run()


def status_cmd():
    """Return bash cmd to check ClamAV install and service status."""
    return (
        "echo '=== ClamAV Installation ===' && "
        "dpkg -l | grep clamav | awk '{print $2, $3}' 2>/dev/null || echo 'ClamAV not installed' && "
        "echo '' && echo '=== Service Status ===' && "
        "systemctl is-active clamav-daemon 2>/dev/null && echo 'clamd: running' || echo 'clamd: not running' && "
        "systemctl is-active clamav-freshclam 2>/dev/null && echo 'freshclam: running' || echo 'freshclam: not running' && "
        "echo '' && echo '=== Virus DB ===' && "
        "if [ -f /var/lib/clamav/daily.cld ] || [ -f /var/lib/clamav/daily.cvd ]; then "
        "  ls -lh /var/lib/clamav/*.{cld,cvd} 2>/dev/null; "
        "  sigtool --info /var/lib/clamav/daily.cld 2>/dev/null | grep -E 'Version|Sigs|Build' || "
        "  sigtool --info /var/lib/clamav/daily.cvd 2>/dev/null | grep -E 'Version|Sigs|Build'; "
        "else "
        "  echo 'No virus database found'; "
        "fi && "
        "echo '' && echo '=== ClamAV Version ===' && "
        "clamscan --version 2>/dev/null || echo 'clamscan not found'"
    )


def install_cmd():
    """Return bash cmd to install ClamAV and enable services."""
    return (
        "DEBIAN_FRONTEND=noninteractive apt-get update -qq && "
        "DEBIAN_FRONTEND=noninteractive apt-get install -y clamav clamav-daemon clamav-freshclam 2>&1 && "
        "systemctl stop clamav-freshclam 2>/dev/null; "
        "freshclam 2>&1; "
        "systemctl enable clamav-daemon clamav-freshclam 2>&1 && "
        "systemctl start clamav-freshclam 2>&1 && "
        "systemctl start clamav-daemon 2>&1 && "
        "echo 'ClamAV installed and services started'"
    )


def update_defs_cmd():
    """Return bash cmd to update virus definitions."""
    return (
        "systemctl stop clamav-freshclam 2>/dev/null; "
        "freshclam 2>&1; "
        "systemctl start clamav-freshclam 2>&1 && "
        "echo '' && echo '=== Updated DB Info ===' && "
        "ls -lh /var/lib/clamav/*.{cld,cvd} 2>/dev/null"
    )


def scan_cmd(path, recursive=True):
    """Return bash cmd to scan a path with clamscan."""
    flags = "-ri" if recursive else "-i"
    return (
        f"echo '=== Scanning: {path} ===' && "
        f"echo 'Started: '$(date) && "
        f"clamscan {flags} --no-summary '{path}' 2>&1; "
        f"clamscan {flags} '{path}' 2>&1 | tail -8 && "
        f"echo 'Finished: '$(date)"
    )


def scan_quick_cmd():
    """Return bash cmd for a quick scan of common attack targets."""
    return (
        "echo '=== Quick Scan: /tmp /var/tmp /dev/shm /var/www /home ===' && "
        "echo 'Started: '$(date) && "
        "clamscan -ri --no-summary /tmp /var/tmp /dev/shm /var/www /home 2>&1; "
        "clamscan -ri /tmp /var/tmp /dev/shm /var/www /home 2>&1 | tail -10 && "
        "echo 'Finished: '$(date)"
    )


def scan_full_cmd():
    """Return bash cmd for full system scan (excludes /proc /sys /dev)."""
    return (
        "echo '=== Full System Scan ===' && "
        "echo 'Started: '$(date) && "
        "clamscan -ri --exclude-dir='^/proc' --exclude-dir='^/sys' "
        "--exclude-dir='^/dev' --exclude-dir='^/run' "
        "--log=/var/log/clamav/lastscan.log / 2>&1 | tail -15 && "
        "echo 'Finished: '$(date)"
    )


def log_cmd(lines=50):
    """Return bash cmd to view ClamAV scan logs."""
    return (
        "echo '=== Last Scan Log ===' && "
        f"tail -{lines} /var/log/clamav/lastscan.log 2>/dev/null || echo 'No scan log found' && "
        "echo '' && echo '=== Freshclam Log ===' && "
        f"tail -20 /var/log/clamav/freshclam.log 2>/dev/null || echo 'No freshclam log found'"
    )


def quarantine_list_cmd():
    """Return bash cmd to list quarantined files."""
    return (
        "echo '=== Quarantine ===' && "
        "if [ -d /var/lib/clamav/quarantine ]; then "
        "  ls -lhR /var/lib/clamav/quarantine 2>/dev/null; "
        "  echo '' && echo \"Total: $(find /var/lib/clamav/quarantine -type f | wc -l) files\"; "
        "else "
        "  echo 'No quarantine directory (clean system)'; "
        "fi"
    )


def quarantine_scan_cmd(path, recursive=True):
    """Return bash cmd to scan and move infected files to quarantine."""
    flags = "-ri" if recursive else "-i"
    return (
        "mkdir -p /var/lib/clamav/quarantine && "
        f"echo '=== Scan + Quarantine: {path} ===' && "
        f"clamscan {flags} --move=/var/lib/clamav/quarantine "
        f"--log=/var/log/clamav/lastscan.log '{path}' 2>&1 | tail -15"
    )


def quarantine_delete_cmd():
    """Return bash cmd to purge all quarantined files."""
    return (
        "if [ -d /var/lib/clamav/quarantine ]; then "
        "  count=$(find /var/lib/clamav/quarantine -type f | wc -l) && "
        "  rm -rf /var/lib/clamav/quarantine/* && "
        "  echo \"Purged $count quarantined files\"; "
        "else "
        "  echo 'No quarantine directory'; "
        "fi"
    )


def schedule_cmd(schedule="daily", paths="/"):
    """Return bash cmd to set up a cron job for scheduled scanning."""
    if schedule == "daily":
        cron_time = "0 3 * * *"
    elif schedule == "weekly":
        cron_time = "0 3 * * 0"
    elif schedule == "monthly":
        cron_time = "0 3 1 * *"
    else:
        cron_time = "0 3 * * *"
    return (
        f"(crontab -l 2>/dev/null | grep -v 'setec-clamscan'; "
        f"echo '{cron_time} clamscan -ri --exclude-dir=\"^/proc\" --exclude-dir=\"^/sys\" "
        f"--exclude-dir=\"^/dev\" --exclude-dir=\"^/run\" "
        f"--move=/var/lib/clamav/quarantine --log=/var/log/clamav/lastscan.log "
        f"{paths} # setec-clamscan') | crontab - 2>&1 && "
        f"echo 'Scheduled {schedule} scan of {paths}' && "
        f"crontab -l | grep setec-clamscan"
    )


def schedule_status_cmd():
    """Return bash cmd to show current scan schedule."""
    return (
        "echo '=== Scan Schedule ===' && "
        "crontab -l 2>/dev/null | grep setec-clamscan || echo 'No scheduled scan'"
    )


def schedule_remove_cmd():
    """Return bash cmd to remove scheduled scan."""
    return (
        "(crontab -l 2>/dev/null | grep -v 'setec-clamscan') | crontab - 2>&1 && "
        "echo 'Scheduled scan removed'"
    )


def config_cmd():
    """Return bash cmd to show ClamAV config."""
    return (
        "echo '=== clamd.conf ===' && "
        "cat /etc/clamav/clamd.conf 2>/dev/null || echo 'Not found' && "
        "echo '' && echo '=== freshclam.conf ===' && "
        "cat /etc/clamav/freshclam.conf 2>/dev/null || echo 'Not found'"
    )


def uninstall_cmd():
    """Return bash cmd to remove ClamAV."""
    return (
        "systemctl stop clamav-daemon clamav-freshclam 2>/dev/null; "
        "DEBIAN_FRONTEND=noninteractive apt-get remove --purge -y clamav clamav-daemon clamav-freshclam 2>&1 && "
        "apt-get autoremove -y 2>&1 && "
        "echo 'ClamAV uninstalled'"
    )
Initial commit — SETEC LABS Manager (Setec_CDM) Flask-based VPS management panel with SSH remote command execution. Includes E2E encrypted SSH tunnel (AES-256-GCM + Go agent), setup wizard, security hardening tools, DNS management, firewall configs, monitoring, backup, and .sec patch update system. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-03-13 12:39:02 -07:00			`# ClamAV antivirus management commands`
			`# Each function returns a bash command string that app.py executes via ssh_run()`


			`def status_cmd():`
			`"""Return bash cmd to check ClamAV install and service status."""`
			`return (`
			`"echo '=== ClamAV Installation ===' && "`
			`"dpkg -l \| grep clamav \| awk '{print $2, $3}' 2>/dev/null \|\| echo 'ClamAV not installed' && "`
			`"echo '' && echo '=== Service Status ===' && "`
			`"systemctl is-active clamav-daemon 2>/dev/null && echo 'clamd: running' \|\| echo 'clamd: not running' && "`
			`"systemctl is-active clamav-freshclam 2>/dev/null && echo 'freshclam: running' \|\| echo 'freshclam: not running' && "`
			`"echo '' && echo '=== Virus DB ===' && "`
			`"if [ -f /var/lib/clamav/daily.cld ] \|\| [ -f /var/lib/clamav/daily.cvd ]; then "`
			`" ls -lh /var/lib/clamav/*.{cld,cvd} 2>/dev/null; "`
			`" sigtool --info /var/lib/clamav/daily.cld 2>/dev/null \| grep -E 'Version\|Sigs\|Build' \|\| "`
			`" sigtool --info /var/lib/clamav/daily.cvd 2>/dev/null \| grep -E 'Version\|Sigs\|Build'; "`
			`"else "`
			`" echo 'No virus database found'; "`
			`"fi && "`
			`"echo '' && echo '=== ClamAV Version ===' && "`
			`"clamscan --version 2>/dev/null \|\| echo 'clamscan not found'"`
			`)`


			`def install_cmd():`
			`"""Return bash cmd to install ClamAV and enable services."""`
			`return (`
			`"DEBIAN_FRONTEND=noninteractive apt-get update -qq && "`
			`"DEBIAN_FRONTEND=noninteractive apt-get install -y clamav clamav-daemon clamav-freshclam 2>&1 && "`
			`"systemctl stop clamav-freshclam 2>/dev/null; "`
			`"freshclam 2>&1; "`
			`"systemctl enable clamav-daemon clamav-freshclam 2>&1 && "`
			`"systemctl start clamav-freshclam 2>&1 && "`
			`"systemctl start clamav-daemon 2>&1 && "`
			`"echo 'ClamAV installed and services started'"`
			`)`


			`def update_defs_cmd():`
			`"""Return bash cmd to update virus definitions."""`
			`return (`
			`"systemctl stop clamav-freshclam 2>/dev/null; "`
			`"freshclam 2>&1; "`
			`"systemctl start clamav-freshclam 2>&1 && "`
			`"echo '' && echo '=== Updated DB Info ===' && "`
			`"ls -lh /var/lib/clamav/*.{cld,cvd} 2>/dev/null"`
			`)`


			`def scan_cmd(path, recursive=True):`
			`"""Return bash cmd to scan a path with clamscan."""`
			`flags = "-ri" if recursive else "-i"`
			`return (`
			`f"echo '=== Scanning: {path} ===' && "`
			`f"echo 'Started: '$(date) && "`
			`f"clamscan {flags} --no-summary '{path}' 2>&1; "`
			`f"clamscan {flags} '{path}' 2>&1 \| tail -8 && "`
			`f"echo 'Finished: '$(date)"`
			`)`


			`def scan_quick_cmd():`
			`"""Return bash cmd for a quick scan of common attack targets."""`
			`return (`
			`"echo '=== Quick Scan: /tmp /var/tmp /dev/shm /var/www /home ===' && "`
			`"echo 'Started: '$(date) && "`
			`"clamscan -ri --no-summary /tmp /var/tmp /dev/shm /var/www /home 2>&1; "`
			`"clamscan -ri /tmp /var/tmp /dev/shm /var/www /home 2>&1 \| tail -10 && "`
			`"echo 'Finished: '$(date)"`
			`)`


			`def scan_full_cmd():`
			`"""Return bash cmd for full system scan (excludes /proc /sys /dev)."""`
			`return (`
			`"echo '=== Full System Scan ===' && "`
			`"echo 'Started: '$(date) && "`
			`"clamscan -ri --exclude-dir='^/proc' --exclude-dir='^/sys' "`
			`"--exclude-dir='^/dev' --exclude-dir='^/run' "`
			`"--log=/var/log/clamav/lastscan.log / 2>&1 \| tail -15 && "`
			`"echo 'Finished: '$(date)"`
			`)`


			`def log_cmd(lines=50):`
			`"""Return bash cmd to view ClamAV scan logs."""`
			`return (`
			`"echo '=== Last Scan Log ===' && "`
			`f"tail -{lines} /var/log/clamav/lastscan.log 2>/dev/null \|\| echo 'No scan log found' && "`
			`"echo '' && echo '=== Freshclam Log ===' && "`
			`f"tail -20 /var/log/clamav/freshclam.log 2>/dev/null \|\| echo 'No freshclam log found'"`
			`)`


			`def quarantine_list_cmd():`
			`"""Return bash cmd to list quarantined files."""`
			`return (`
			`"echo '=== Quarantine ===' && "`
			`"if [ -d /var/lib/clamav/quarantine ]; then "`
			`" ls -lhR /var/lib/clamav/quarantine 2>/dev/null; "`
			`" echo '' && echo \"Total: $(find /var/lib/clamav/quarantine -type f \| wc -l) files\"; "`
			`"else "`
			`" echo 'No quarantine directory (clean system)'; "`
			`"fi"`
			`)`


			`def quarantine_scan_cmd(path, recursive=True):`
			`"""Return bash cmd to scan and move infected files to quarantine."""`
			`flags = "-ri" if recursive else "-i"`
			`return (`
			`"mkdir -p /var/lib/clamav/quarantine && "`
			`f"echo '=== Scan + Quarantine: {path} ===' && "`
			`f"clamscan {flags} --move=/var/lib/clamav/quarantine "`
			`f"--log=/var/log/clamav/lastscan.log '{path}' 2>&1 \| tail -15"`
			`)`


			`def quarantine_delete_cmd():`
			`"""Return bash cmd to purge all quarantined files."""`
			`return (`
			`"if [ -d /var/lib/clamav/quarantine ]; then "`
			`" count=$(find /var/lib/clamav/quarantine -type f \| wc -l) && "`
			`" rm -rf /var/lib/clamav/quarantine/* && "`
			`" echo \"Purged $count quarantined files\"; "`
			`"else "`
			`" echo 'No quarantine directory'; "`
			`"fi"`
			`)`


			`def schedule_cmd(schedule="daily", paths="/"):`
			`"""Return bash cmd to set up a cron job for scheduled scanning."""`
			`if schedule == "daily":`
			`cron_time = "0 3 * * *"`
			`elif schedule == "weekly":`
			`cron_time = "0 3 * * 0"`
			`elif schedule == "monthly":`
			`cron_time = "0 3 1 * *"`
			`else:`
			`cron_time = "0 3 * * *"`
			`return (`
			`f"(crontab -l 2>/dev/null \| grep -v 'setec-clamscan'; "`
			`f"echo '{cron_time} clamscan -ri --exclude-dir=\"^/proc\" --exclude-dir=\"^/sys\" "`
			`f"--exclude-dir=\"^/dev\" --exclude-dir=\"^/run\" "`
			`f"--move=/var/lib/clamav/quarantine --log=/var/log/clamav/lastscan.log "`
			`f"{paths} # setec-clamscan') \| crontab - 2>&1 && "`
			`f"echo 'Scheduled {schedule} scan of {paths}' && "`
			`f"crontab -l \| grep setec-clamscan"`
			`)`


			`def schedule_status_cmd():`
			`"""Return bash cmd to show current scan schedule."""`
			`return (`
			`"echo '=== Scan Schedule ===' && "`
			`"crontab -l 2>/dev/null \| grep setec-clamscan \|\| echo 'No scheduled scan'"`
			`)`


			`def schedule_remove_cmd():`
			`"""Return bash cmd to remove scheduled scan."""`
			`return (`
			`"(crontab -l 2>/dev/null \| grep -v 'setec-clamscan') \| crontab - 2>&1 && "`
			`"echo 'Scheduled scan removed'"`
			`)`


			`def config_cmd():`
			`"""Return bash cmd to show ClamAV config."""`
			`return (`
			`"echo '=== clamd.conf ===' && "`
			`"cat /etc/clamav/clamd.conf 2>/dev/null \|\| echo 'Not found' && "`
			`"echo '' && echo '=== freshclam.conf ===' && "`
			`"cat /etc/clamav/freshclam.conf 2>/dev/null \|\| echo 'Not found'"`
			`)`


			`def uninstall_cmd():`
			`"""Return bash cmd to remove ClamAV."""`
			`return (`
			`"systemctl stop clamav-daemon clamav-freshclam 2>/dev/null; "`
			`"DEBIAN_FRONTEND=noninteractive apt-get remove --purge -y clamav clamav-daemon clamav-freshclam 2>&1 && "`
			`"apt-get autoremove -y 2>&1 && "`
			`"echo 'ClamAV uninstalled'"`
			`)`