diff --git a/modules/security/malware-scanner.sh b/modules/security/malware-scanner.sh index 4e65d81..e3f15d4 100755 --- a/modules/security/malware-scanner.sh +++ b/modules/security/malware-scanner.sh @@ -136,8 +136,8 @@ is_imunify_installed() { is_clamav_installed() { command -v clamscan &>/dev/null || \ [ -f "/usr/local/cpanel/3rdparty/bin/clamscan" ] || \ - (command -v rpm &>/dev/null && rpm -qa 2>/dev/null | grep -q "cpanel-clamav") || \ - (command -v dpkg &>/dev/null && dpkg -l 2>/dev/null | grep -q "^ii.*clamav") + (command -v rpm &>/dev/null && rpm -qa 2>/dev/null | grep -q "cpanel-clamav" || true) || \ + (command -v dpkg &>/dev/null && dpkg -l 2>/dev/null | grep -q "^ii.*clamav" || true) } is_maldet_installed() { @@ -591,7 +591,7 @@ install_all_scanners() { # Try control panel-specific methods first if [ -f "/usr/local/cpanel/cpanel" ]; then # cPanel method - use cPanel's package management only - if rpm -qa 2>/dev/null | grep -q "cpanel-clamav"; then + if rpm -qa 2>/dev/null | grep -q "cpanel-clamav" || true; then echo -e "${GREEN}✓ ClamAV already installed (cPanel)${NC}" else echo " → Installing via cPanel package manager..." @@ -653,7 +653,7 @@ install_all_scanners() { # Update virus signatures immediately if [ -n "$freshclam_bin" ]; then echo " → Updating virus signatures (timeout 60s)..." - if timeout 60 "$freshclam_bin" 2>&1 | grep -qE "updated|Downloaded|up-to-date"; then + if timeout 60 "$freshclam_bin" 2>&1 | grep -qE "updated|Downloaded|up-to-date" || true; then echo -e " ${GREEN}✓${NC} Signatures updated" else echo -e " ${YELLOW}⚠${NC} Signature update inconclusive (may still be current)" @@ -749,7 +749,7 @@ install_all_scanners() { # Update malware signatures immediately with timeout echo " → Updating malware signatures..." if [ -n "$maldet_bin" ]; then - if timeout 120 "$maldet_bin" -u 2>&1 | grep -qE "update completed|signatures"; then + if timeout 120 "$maldet_bin" -u 2>&1 | grep -qE "update completed|signatures" || true; then echo -e " ${GREEN}✓${NC} Signatures updated" else echo -e " ${YELLOW}⚠${NC} Signature update inconclusive (continuing with current definitions)" @@ -876,14 +876,14 @@ install_all_scanners() { local deploy_log="/tmp/imav-deploy-$$.log" if timeout 300 bash imav-deploy.sh > "$deploy_log" 2>&1; then # Check if any actual installation happened - if grep -qiE "installed|complete|success" "$deploy_log"; then + if grep -qiE "installed|complete|success" "$deploy_log" || true; then echo " → Deployment script executed" else echo " → Deployment script ran (check for errors below)" fi # Show any errors from deployment - if grep -qi "error\|failed\|conflict" "$deploy_log"; then + if grep -qi "error\|failed\|conflict" "$deploy_log" || true; then echo -e " ${YELLOW}⚠ Warnings detected:${NC}" grep -iE "error|failed|conflict" "$deploy_log" | sed 's/^/ /' | head -3 fi @@ -913,7 +913,7 @@ install_all_scanners() { # Update malware signatures immediately if [ -n "$imunify_bin" ]; then echo " → Updating malware signatures..." - if timeout 60 "$imunify_bin" update 2>&1 | grep -qiE "updated|Success|completed"; then + if timeout 60 "$imunify_bin" update 2>&1 | grep -qiE "updated|Success|completed" || true; then echo -e " ${GREEN}✓${NC} Signatures updated" else echo -e " ${YELLOW}⚠${NC} Signature update inconclusive (continuing with current definitions)" @@ -956,7 +956,7 @@ install_all_scanners() { # Ensure repo is enabled (OS-specific) if command -v dnf &>/dev/null; then # CentOS 8+, RHEL 8+, Fedora - use dnf as primary package manager - if ! rpm -qa 2>/dev/null | grep -q epel-release; then + if ! (rpm -qa 2>/dev/null | grep -q epel-release || false); then echo " → Installing EPEL repository..." dnf install -y epel-release 2>&1 | grep -E "Installing|Installed|already installed" || echo " (repo may already be enabled)" fi @@ -964,7 +964,7 @@ install_all_scanners() { dnf install -y rkhunter 2>&1 | grep -E "Installing|Installed|already installed" || echo " (installation may already be complete)" elif command -v yum &>/dev/null; then # CentOS 7, RHEL 7 - use yum - if ! rpm -qa 2>/dev/null | grep -q epel-release; then + if ! (rpm -qa 2>/dev/null | grep -q epel-release || false); then echo " → Installing EPEL repository..." yum install -y epel-release 2>&1 | grep -E "Installing|Installed|already installed" || echo " (repo may already be enabled)" fi @@ -987,7 +987,7 @@ install_all_scanners() { # Update definitions echo " → Updating rootkit definitions..." - if timeout 120 rkhunter --update 2>&1 | grep -qE "updated|downloaded"; then + if timeout 120 rkhunter --update 2>&1 | grep -qE "updated|downloaded" || true; then echo -e " ${GREEN}✓${NC} Definitions updated" else echo -e " ${YELLOW}⚠${NC} Definitions update inconclusive (continuing)" @@ -3061,7 +3061,7 @@ maldet_update_signatures() { echo "(This may take a few moments)" echo "" - if timeout 120 "$maldet_bin" -u 2>&1 | tee /tmp/maldet-update.log | grep -E "updated|completed|signatures"; then + if timeout 120 "$maldet_bin" -u 2>&1 | tee /tmp/maldet-update.log | grep -E "updated|completed|signatures" || true; then echo "" echo -e "${GREEN}✓ Signatures updated successfully${NC}" else