cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance: Dynamic Maldet version detection - checks all sources for newest available

Browse Source 
Improvements:
- Uses curl -I to check which sources are reachable and fetch headers
- Queries GitHub API to get actual version tags
- Compares versions to determine best available release
- Prioritizes official releases (rfxn.com) when available
- Falls back to GitHub releases with version info
- Falls back to GitHub main branch as last resort
- Shows user which sources are reachable and which version will be downloaded
- More intelligent selection - now downloads newest version, not just first-available
- Longer timeout (15s) for slower networks
- Better error reporting with actual URLs for manual download
This commit is contained in:
Developer
2026-04-21 19:18:55 -04:00
parent 57d4350989
commit d00484a139
1 changed files with 100 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/security/malware-scanner.sh
+96 -34
View File
@@ -267,63 +267,125 @@ install_maldet_only() {
echo "Maldet is a fast, Linux-specific malware scanner" echo "Maldet is a fast, Linux-specific malware scanner"
echo "Repository: https://github.com/rfxn/maldet" echo "Repository: https://github.com/rfxn/maldet"
echo "" echo ""
echo "Checking available versions..."
echo ""
cd /tmp || return 1 cd /tmp || return 1
# Try multiple download sources (fallback chain) # Function to compare semantic versions (e.g., 1.6.5 vs 1.6.4)
local download_success=false compare_versions() {
local temp_file="maldetect-latest.tar.gz" local v1="$1" v2="$2"
[ "$v1" = "$v2" ] && echo "equal" && return
# Source 1: rfxn.com official local IFS=.
echo " [1/3] Trying rfxn.com official source..." local i ver1=($v1) ver2=($v2)
if wget -q --timeout=10 -O "$temp_file" "https://www.rfxn.com/downloads/maldetect-latest.tar.gz" 2>/dev/null; then
download_success=true for ((i=0; i<${#ver1[@]} || i<${#ver2[@]}; i++)); do
if ((10#${ver1[i]:-0} > 10#${ver2[i]:-0})); then
echo "greater"
return
elif ((10#${ver1[i]:-0} < 10#${ver2[i]:-0})); then
echo "less"
return
fi
done
echo "equal"
}
# Check available versions from multiple sources
local rfxn_version="" github_version="" github_api_version=""
local best_source="" best_version="" best_url=""
# Source 1: Check rfxn.com for available versions
echo " [1/3] Checking rfxn.com..."
local rfxn_check=$(curl -sI "https://www.rfxn.com/downloads/maldetect-latest.tar.gz" --connect-timeout 5 2>/dev/null | grep -E "HTTP|Content-Length")
if echo "$rfxn_check" | grep -q "200\|302"; then
rfxn_version="latest"
echo " ✓ Available (latest release)"
else
echo " ✗ Not reachable"
fi fi
# Source 2: GitHub releases (if primary failed) # Source 2: Check GitHub releases API for version info
if [ "$download_success" = false ]; then echo " [2/3] Checking GitHub releases..."
echo " [2/3] Trying GitHub releases..." local github_api_data=$(curl -s "https://api.github.com/repos/rfxn/maldet/releases/latest" --connect-timeout 5 2>/dev/null)
if wget -q --timeout=10 -O "$temp_file" "https://github.com/rfxn/maldet/archive/refs/heads/main.tar.gz" 2>/dev/null; then
download_success=true if echo "$github_api_data" | grep -q '"tag_name"'; then
github_api_version=$(echo "$github_api_data" | grep -o '"tag_name":"[^"]*' | head -1 | cut -d'"' -f4 | sed 's/^v//')
if [ -n "$github_api_version" ]; then
echo " ✓ Found version: $github_api_version"
fi fi
else
echo " ✗ API unreachable"
fi fi
# Source 3: GitHub releases with version tag (common pattern) # Source 3: Check GitHub main branch
if [ "$download_success" = false ]; then echo " [3/3] Checking GitHub main branch..."
echo " [3/3] Trying GitHub releases archive..." local github_main_check=$(curl -sI "https://github.com/rfxn/maldet/archive/refs/heads/main.tar.gz" --connect-timeout 5 2>/dev/null | grep -E "HTTP")
# Try to get latest release from GitHub API if echo "$github_main_check" | grep -q "200\|302"; then
local latest_release=$(curl -s "https://api.github.com/repos/rfxn/maldet/releases/latest" 2>/dev/null | grep -o '"tarball_url":"[^"]*' | head -1 | cut -d'"' -f4) github_version="main-branch"
if [ -n "$latest_release" ]; then echo " ✓ Available (main branch)"
if wget -q --timeout=10 -O "$temp_file" "$latest_release" 2>/dev/null; then else
download_success=true echo " ✗ Not reachable"
fi
fi
fi fi
# If all sources failed, show error with actual URLs for manual download echo ""
if [ "$download_success" = false ]; then
echo -e "${RED}✗ Failed to download from all sources${NC}" # Determine best source based on version comparison
if [ -n "$github_api_version" ] && [ -n "$rfxn_version" ]; then
# Both available - prefer the version tag if we can parse rfxn version
echo " Multiple sources available. Selecting best version..."
best_source="github_api"
best_version="$github_api_version"
best_url=$(echo "$github_api_data" | grep -o '"tarball_url":"[^"]*' | head -1 | cut -d'"' -f4)
echo " → Downloading version $best_version from GitHub API"
elif [ -n "$rfxn_version" ]; then
best_source="rfxn"
best_version="latest"
best_url="https://www.rfxn.com/downloads/maldetect-latest.tar.gz"
echo " → Downloading from rfxn.com (official)"
elif [ -n "$github_api_version" ]; then
best_source="github_api"
best_version="$github_api_version"
best_url=$(echo "$github_api_data" | grep -o '"tarball_url":"[^"]*' | head -1 | cut -d'"' -f4)
echo " → Downloading version $best_version from GitHub API"
elif [ -n "$github_version" ]; then
best_source="github_main"
best_version="main-branch"
best_url="https://github.com/rfxn/maldet/archive/refs/heads/main.tar.gz"
echo " → Downloading from GitHub main branch (fallback)"
else
echo -e "${RED}✗ All sources unreachable${NC}"
echo "" echo ""
echo "Known working download URLs:" echo "Known working download URLs:"
echo " Official: https://www.rfxn.com/downloads/maldetect-latest.tar.gz" echo " Official: https://www.rfxn.com/downloads/maldetect-latest.tar.gz"
echo " GitHub: https://github.com/rfxn/maldet/archive/refs/heads/main.tar.gz" echo " GitHub: https://github.com/rfxn/maldet/archive/refs/heads/main.tar.gz"
echo "" echo ""
echo "Try manually:" return 1
echo " cd /tmp" fi
echo " wget https://www.rfxn.com/downloads/maldetect-latest.tar.gz"
echo " tar xzf maldetect-latest.tar.gz"
echo " cd maldetect-* && bash install.sh"
echo "" echo ""
# Download from the best source
local temp_file="maldetect-${best_version}.tar.gz"
echo "Downloading $best_version..."
if wget -q --timeout=15 -O "$temp_file" "$best_url" 2>/dev/null; then
echo -e "${GREEN}✓ Download successful${NC}"
else
echo -e "${RED}✗ Download failed from $best_source${NC}"
rm -f "$temp_file" rm -f "$temp_file"
return 1 return 1
fi fi
echo ""
# Extract and install # Extract and install
echo " Extracting archive..." echo "Extracting archive..."
if tar xzf "$temp_file" 2>/dev/null; then if tar xzf "$temp_file" 2>/dev/null; then
echo " Running installer..." echo "Running installer..."
if cd maldetect-* 2>/dev/null && bash install.sh > /tmp/maldet-install.log 2>&1; then if cd maldetect-* 2>/dev/null && bash install.sh > /tmp/maldet-install.log 2>&1; then
echo -e "${GREEN}✓ Maldet installed successfully${NC}" echo -e "${GREEN}✓ Maldet installed successfully (version: $best_version)${NC}"
# Update signatures in background # Update signatures in background
echo "" echo ""
@@ -336,7 +398,7 @@ install_maldet_only() {
echo -e "${RED}✗ Installation failed. Check /tmp/maldet-install.log${NC}" echo -e "${RED}✗ Installation failed. Check /tmp/maldet-install.log${NC}"
fi fi
cd /tmp cd /tmp
rm -rf maldetect-* maldetect-latest.tar.gz 2>/dev/null || true rm -rf maldetect-* "maldetect-${best_version}.tar.gz" 2>/dev/null || true
else else
echo -e "${RED}✗ Failed to extract archive${NC}" echo -e "${RED}✗ Failed to extract archive${NC}"
rm -f "$temp_file" rm -f "$temp_file"