From a5ce49d6357099d72ed0c4224f7473d9d8bcb336 Mon Sep 17 00:00:00 2001 From: Developer Date: Tue, 21 Apr 2026 19:24:43 -0400 Subject: [PATCH] Add: Offline installation fallbacks for Maldet when network is unavailable Improvements: - When all network sources are unreachable, checks for offline options - Checks system package repositories (yum/apt) for Maldet availability - Scans common locations (/root, /tmp, /opt) for pre-downloaded archives - Provides clear multi-method installation instructions for offline scenarios - Gracefully handles network-isolated servers - Supports pre-downloaded archive transfer via SCP - Falls back to system repositories if network-free alternative available This allows installation on restricted networks where external downloads aren't possible. --- modules/security/malware-scanner.sh | 111 +++++++++++++++++++++++++--- 1 file changed, 99 insertions(+), 12 deletions(-) diff --git a/modules/security/malware-scanner.sh b/modules/security/malware-scanner.sh index a72d68c..64a3fde 100755 --- a/modules/security/malware-scanner.sh +++ b/modules/security/malware-scanner.sh @@ -355,27 +355,114 @@ install_maldet_only() { best_url="https://github.com/rfxn/maldet/archive/refs/heads/main.tar.gz" echo " → Downloading from GitHub main branch (fallback)" else - echo -e "${RED}✗ All sources unreachable${NC}" + # No internet access - check for offline options + echo -e "${YELLOW}Network access unavailable. Checking offline options...${NC}" echo "" - echo "Known working download URLs:" - echo " Official: https://www.rfxn.com/downloads/maldetect-latest.tar.gz" - echo " GitHub: https://github.com/rfxn/maldet/archive/refs/heads/main.tar.gz" + + # Option 1: Check if Maldet is available in system package repos + local repo_available=false + if command -v yum &>/dev/null; then + echo " [1] Checking yum repositories..." + if yum search maldet 2>/dev/null | grep -q "maldet"; then + echo -e " ${GREEN}✓ Maldet found in yum repos${NC}" + repo_available=true + else + echo " ✗ Not in yum repos" + fi + elif command -v apt-get &>/dev/null; then + echo " [1] Checking apt repositories..." + apt-get update > /dev/null 2>&1 + if apt-cache search maldet 2>/dev/null | grep -q "maldet"; then + echo -e " ${GREEN}✓ Maldet found in apt repos${NC}" + repo_available=true + else + echo " ✗ Not in apt repos" + fi + fi + + # Option 2: Check for pre-cached/pre-downloaded file + echo " [2] Checking for pre-downloaded archive..." + local local_archive="" + for path in /root/maldetect*.tar.gz /tmp/maldetect*.tar.gz /opt/maldetect*.tar.gz; do + if [ -f "$path" ]; then + local_archive="$path" + echo -e " ${GREEN}✓ Found: $path${NC}" + repo_available=true + break + fi + done + echo "" - return 1 + + if [ "$repo_available" = true ]; then + if [ -n "$local_archive" ]; then + echo "Using pre-downloaded archive: $local_archive" + cp "$local_archive" /tmp/maldetect-offline.tar.gz + best_source="offline" + best_version="offline-archive" + best_url="none" + else + echo "Attempting to install from system repositories..." + if command -v yum &>/dev/null; then + yum install -y maldet 2>&1 | tail -5 + elif command -v apt-get &>/dev/null; then + apt-get install -y maldet 2>&1 | tail -5 + fi + + if is_maldet_installed; then + echo -e "${GREEN}✓ Maldet installed from repositories${NC}" + echo "" + echo "Updating malware signatures..." + if command -v maldet &>/dev/null; then + maldet -u > /dev/null 2>&1 & + echo " (signatures updating in background)" + fi + echo "" + read -p "Press Enter to continue..." < /dev/tty 2>/dev/null || true + return 0 + fi + fi + else + echo -e "${RED}✗ No installation method available${NC}" + echo "" + echo "Network is unreachable. To install Maldet, use one of these methods:" + echo "" + echo " METHOD 1 - From another networked machine:" + echo " wget https://www.rfxn.com/downloads/maldetect-latest.tar.gz" + echo " scp maldetect-latest.tar.gz root@YOUR-SERVER:/root/" + echo "" + echo " METHOD 2 - Via GitHub (alternative):" + echo " wget https://github.com/rfxn/maldet/archive/refs/heads/main.tar.gz" + echo " scp main.tar.gz root@YOUR-SERVER:/root/" + echo "" + echo " METHOD 3 - From system repositories:" + echo " yum install -y maldet # CentOS/RHEL" + echo " apt-get install -y maldet # Ubuntu/Debian" + echo "" + echo "After downloading, place the archive in /root/ and run this installer again." + echo "" + read -p "Press Enter to continue..." < /dev/tty 2>/dev/null || true + return 1 + fi fi echo "" - # Download from the best source + # Download from the best source (or use offline if already copied) local temp_file="maldetect-${best_version}.tar.gz" - echo "Downloading $best_version..." - if wget -q --timeout=15 -O "$temp_file" "$best_url" 2>/dev/null; then - echo -e "${GREEN}✓ Download successful${NC}" + if [ "$best_source" = "offline" ]; then + echo "Using offline archive: /tmp/maldetect-offline.tar.gz" + temp_file="/tmp/maldetect-offline.tar.gz" else - echo -e "${RED}✗ Download failed from $best_source${NC}" - rm -f "$temp_file" - return 1 + echo "Downloading $best_version..." + if wget -q --timeout=15 -O "$temp_file" "$best_url" 2>/dev/null; then + echo -e "${GREEN}✓ Download successful${NC}" + else + echo -e "${RED}✗ Download failed from $best_source${NC}" + rm -f "$temp_file" + return 1 + fi fi echo ""