From 93d3fba73877273864e35e61b9856e41f908f48a Mon Sep 17 00:00:00 2001
From: cschantz <admin@server.local>
Date: Tue, 11 Nov 2025 19:25:11 -0500
Subject: [PATCH] Fix scanner detection and installation logic

Scanner Detection Improvements:
- Created dedicated detection functions for each scanner
- is_imunify_installed(): Checks command and /usr/bin location
- is_clamav_installed(): Checks command, cPanel path, and RPM
- is_maldet_installed(): Checks command and /usr/local/sbin

ClamAV Fixes:
- Now detects cPanel-installed ClamAV correctly
- Checks for cpanel-clamav RPM package
- Finds clamscan in /usr/local/cpanel/3rdparty/bin/
- Handles already-installed cPanel ClamAV gracefully
- Dynamically finds freshclam binary for updates

ImunifyAV Improvements:
- Better installation detection
- Finds binary dynamically for updates
- Handles various installation paths

Benefits:
- Scanners installed via cPanel are now detected
- No false "not installed" errors
- Better handling of non-standard install paths
- More robust binary finding for updates

User feedback addressed: Detection was failing for cPanel-installed
scanners that weren't in standard PATH locations.
---
 modules/security/malware-scanner.sh | 69 ++++++++++++++++++++---------
 1 file changed, 48 insertions(+), 21 deletions(-)

diff --git a/modules/security/malware-scanner.sh b/modules/security/malware-scanner.sh
index a993e02..9c614e3 100755
--- a/modules/security/malware-scanner.sh
+++ b/modules/security/malware-scanner.sh
@@ -19,19 +19,34 @@ declare -a sanitized_docroot
 declare -a remove_docroot
 declare -a available_scanners
 
+# Individual scanner detection functions
+is_imunify_installed() {
+    command -v imunify-antivirus &>/dev/null || [ -f "/usr/bin/imunify-antivirus" ]
+}
+
+is_clamav_installed() {
+    command -v clamscan &>/dev/null || \
+    [ -f "/usr/local/cpanel/3rdparty/bin/clamscan" ] || \
+    rpm -qa | grep -q "cpanel-clamav"
+}
+
+is_maldet_installed() {
+    command -v maldet &>/dev/null || [ -f "/usr/local/sbin/maldet" ]
+}
+
 # Scanner detection
 detect_scanners() {
     available_scanners=()
 
-    if command -v imunify-antivirus &>/dev/null; then
+    if is_imunify_installed; then
         available_scanners+=("imunify")
     fi
 
-    if command -v clamscan &>/dev/null; then
+    if is_clamav_installed; then
         available_scanners+=("clamav")
     fi
 
-    if command -v maldet &>/dev/null; then
+    if is_maldet_installed; then
         available_scanners+=("maldet")
     fi
 
@@ -51,7 +66,7 @@ show_scanner_installation_guide() {
     echo ""
 
     # Check ImunifyAV
-    if ! command -v imunify-antivirus &>/dev/null; then
+    if ! is_imunify_installed; then
         echo -e "${CYAN}ImunifyAV${NC} - FREE real-time malware scanner"
         echo "  Status: Not installed"
         echo "  Installation (cPanel):"
@@ -69,7 +84,7 @@ show_scanner_installation_guide() {
     fi
 
     # Check ClamAV
-    if ! command -v clamscan &>/dev/null; then
+    if ! is_clamav_installed; then
         echo -e "${CYAN}ClamAV${NC} - Open source antivirus engine"
         echo "  Status: Not installed"
         echo "  Installation (cPanel):"
@@ -86,7 +101,7 @@ show_scanner_installation_guide() {
     fi
 
     # Check Maldet
-    if ! command -v maldet &>/dev/null; then
+    if ! is_maldet_installed; then
         echo -e "${CYAN}Maldet (LMD)${NC} - Linux Malware Detect"
         echo "  Status: Not installed"
         echo "  Installation:"
@@ -134,26 +149,33 @@ install_all_scanners() {
     echo ""
 
     # Install ClamAV
-    if ! command -v clamscan &>/dev/null; then
+    if ! is_clamav_installed; then
         echo -e "${CYAN}[1/3] Installing ClamAV...${NC}"
 
         if [ -f "/usr/local/cpanel/cpanel" ]; then
-            # cPanel method
-            /scripts/update_local_rpm_versions --edit target_settings.clamav installed
-            /scripts/check_cpanel_rpms --fix --targets=clamav
+            # cPanel method - check if already installed but not configured
+            if rpm -qa | grep -q "cpanel-clamav"; then
+                echo -e "${GREEN}✓ ClamAV already installed (cPanel)${NC}"
+            else
+                /scripts/update_local_rpm_versions --edit target_settings.clamav installed 2>/dev/null
+                /scripts/check_cpanel_rpms --fix --targets=clamav 2>&1 | grep -E "Installing|Updating|up to date"
+            fi
         elif command -v yum &>/dev/null; then
-            yum install -y clamav clamav-update
+            yum install -y clamav clamav-update 2>&1 | grep -E "Installing|Updating|already installed"
         elif command -v apt-get &>/dev/null; then
             apt-get update && apt-get install -y clamav clamav-daemon
         fi
 
-        if command -v clamscan &>/dev/null; then
+        if is_clamav_installed; then
             echo -e "${GREEN}✓ ClamAV installed${NC}"
 
+            # Find freshclam binary
+            local freshclam_bin=$(command -v freshclam || find /usr -name freshclam 2>/dev/null | head -1)
+
             # Update virus signatures immediately
-            if command -v freshclam &>/dev/null; then
+            if [ -n "$freshclam_bin" ]; then
                 echo "  → Updating virus signatures (this may take a moment)..."
-                freshclam 2>&1 | grep -E "updated|Downloaded|up-to-date" || freshclam &>/dev/null
+                $freshclam_bin 2>&1 | grep -E "updated|Downloaded|up-to-date" || $freshclam_bin &>/dev/null
                 echo -e "  ${GREEN}✓${NC} Signatures updated"
             fi
         else
@@ -166,7 +188,7 @@ install_all_scanners() {
     echo ""
 
     # Install Maldet
-    if ! command -v maldet &>/dev/null; then
+    if ! is_maldet_installed; then
         echo -e "${CYAN}[2/3] Installing Maldet...${NC}"
 
         cd /tmp
@@ -180,7 +202,7 @@ install_all_scanners() {
             rm -rf maldetect-*
         fi
 
-        if command -v maldet &>/dev/null; then
+        if is_maldet_installed; then
             echo -e "${GREEN}✓ Maldet installed${NC}"
 
             # Update malware signatures immediately
@@ -197,7 +219,7 @@ install_all_scanners() {
     echo ""
 
     # Install ImunifyAV (FREE version)
-    if ! command -v imunify-antivirus &>/dev/null; then
+    if ! is_imunify_installed; then
         echo -e "${CYAN}[3/3] Installing ImunifyAV (FREE)...${NC}"
 
         # Try cPanel method first
@@ -218,14 +240,19 @@ install_all_scanners() {
             fi
         fi
 
-        if command -v imunify-antivirus &>/dev/null; then
+        if is_imunify_installed; then
             echo -e "${GREEN}✓ ImunifyAV (FREE) installed${NC}"
             echo "  No license key required - this is the FREE version"
 
+            # Find imunify-antivirus binary
+            local imunify_bin=$(command -v imunify-antivirus || find /usr -name imunify-antivirus 2>/dev/null | head -1)
+
             # Update malware signatures immediately
-            echo "  → Updating malware signatures..."
-            imunify-antivirus update 2>&1 | grep -E "updated|Success|completed" || imunify-antivirus update &>/dev/null
-            echo -e "  ${GREEN}✓${NC} Signatures updated"
+            if [ -n "$imunify_bin" ]; then
+                echo "  → Updating malware signatures..."
+                $imunify_bin update 2>&1 | grep -E "updated|Success|completed" || $imunify_bin update &>/dev/null
+                echo -e "  ${GREEN}✓${NC} Signatures updated"
+            fi
         else
             echo -e "${RED}✗ ImunifyAV installation failed${NC}"
         fi