Developer
2eda47a480
CRITICAL FIXES: - ClamAV installation: Add graceful fallback to yum if cPanel scripts missing (fixes exit code 127 on systems without /scripts/check_cpanel_rpms) - Double-scanning: Replace build_reference_database() with db_ensure_fresh() (eliminates unnecessary cache rebuilds, saves 20-30s per module launch) ENHANCEMENTS: - Add individual scanner installation functions: * install_maldet_only() - Install just Maldet * install_clamav_only() - Install just ClamAV * install_rkhunter_only() - Install just RKHunter - Update Maldet submenu: * Show installation status (✓ Installed / ✗ NOT installed) * Add option 8: Install Maldet - Update main Configuration menu: * Option 10: Install Maldet (individual) * Option 11: Install ClamAV (individual) * Option 12: Install RKHunter (individual) * Option 13: Install ALL scanners (batch) Documentation: Added SCANNER_INSTALLATION_IMPROVEMENTS.md with implementation details
13 KiB
13 KiB
Scanner Installation Issues & Fixes
Date: 2026-04-21
Reported Issues:
- ClamAV installation fails with "No such file or directory: /scripts/check_cpanel_rpms"
- No way to install individual scanners from dedicated menus (e.g., Maldet submenu)
Issue 1: ClamAV Installation Failure
Current Behavior
[1/4] Installing ClamAV...
→ Installing via cPanel package manager...
/root/linux-server-management-toolkit/modules/security/malware-scanner.sh: line 294: /scripts/check_cpanel_rpms: No such file or directory
✗ Exited with code: 127
Root Cause
The script tries to use /scripts/check_cpanel_rpms which:
- May not exist on all cPanel installations
- May have been removed/changed in newer cPanel versions
- May require specific permissions or cPanel configuration
Location: /root/server-toolkit-beta/modules/security/malware-scanner.sh lines 223-226
Current Code (PROBLEMATIC)
if [ -f "/usr/local/cpanel/cpanel" ]; then
# cPanel method - use cPanel's package management only
if rpm -qa 2>/dev/null | grep -q "cpanel-clamav"; then
echo -e "${GREEN}✓ ClamAV already installed (cPanel)${NC}"
else
echo " → Installing via cPanel package manager..."
/scripts/update_local_rpm_versions --edit target_settings.clamav installed 2>/dev/null || true
/scripts/check_cpanel_rpms --fix --targets=clamav 2>&1 | tail -3 # ← FAILS HERE
fi
# IMPORTANT: Don't fall through to standard yum - cPanel packages conflict!
The Fix
Strategy: If cPanel scripts don't work, fall back to standard package managers with error handling
Updated Code:
if [ -f "/usr/local/cpanel/cpanel" ]; then
# cPanel method - use cPanel's package management
if rpm -qa 2>/dev/null | grep -q "cpanel-clamav"; then
echo -e "${GREEN}✓ ClamAV already installed (cPanel)${NC}"
else
echo " → Installing via cPanel package manager..."
# Try cPanel scripts, but fall back to standard package manager if they fail
if [ -f "/scripts/check_cpanel_rpms" ] && [ -f "/scripts/update_local_rpm_versions" ]; then
/scripts/update_local_rpm_versions --edit target_settings.clamav installed 2>/dev/null || true
if /scripts/check_cpanel_rpms --fix --targets=clamav 2>&1 | tail -3; then
: # Success, continue
else
# cPanel scripts failed, try standard yum
echo " → cPanel scripts unavailable, trying standard package manager..."
yum install -y clamav clamav-update 2>&1 | grep -E "Installing|Installed|already" || echo " (installation in progress)"
fi
else
# Scripts don't exist, use standard package manager
echo " → cPanel tools not available, using standard package manager..."
yum install -y clamav clamav-update 2>&1 | grep -E "Installing|Installed|already" || echo " (installation in progress)"
fi
fi
# Don't fall through - we've handled installation above
elif command -v yum &>/dev/null; then
# Non-cPanel RHEL/CentOS systems
echo " → Installing via yum..."
yum install -y clamav clamav-update 2>&1 | grep -E "Installing|Installed|already" || echo " (installation in progress)"
# ... rest of OS detection
Benefits:
- ✅ Gracefully falls back if cPanel scripts missing
- ✅ Still tries cPanel first if available
- ✅ Provides user feedback on what's happening
- ✅ Doesn't crash with exit code 127
Issue 2: No Individual Scanner Installation
Current Behavior
In Maldet Submenu:
Select scan type:
1. Scan entire server
2. Scan all user accounts
3. Scan specific user account
4. Scan specific domain
5. Scan custom path
6. Update Maldet signatures
7. View Maldet results
0. Back to main menu
No install option. If Maldet isn't installed:
- User tries to scan
- Script detects Maldet missing
- Script asks "Install Maldet now? (yes/no)"
- Calls
install_all_scannerswhich installs ALL scanners - Overkill and wastes time if user only wants Maldet
The Fix
Add individual scanner installation functions:
install_maldet_only() {
echo ""
print_banner "Installing Maldet (Linux Malware Detection)"
echo ""
if command -v maldet &>/dev/null || [ -f "/usr/local/sbin/maldet" ]; then
echo -e "${GREEN}✓ Maldet is already installed${NC}"
echo ""
read -p "Press Enter to continue..."
return 0
fi
echo "Maldet is a fast, Linux-specific malware scanner"
echo "Repository: https://github.com/rfxn/maldet"
echo ""
echo "Installing via wget..."
echo ""
cd /tmp || return 1
if wget -q https://www.rfxn.com/downloads/maldetect-latest.tar.gz; then
tar xzf maldetect-latest.tar.gz
cd maldetect-*
if bash install.sh > /tmp/maldet-install.log 2>&1; then
echo -e "${GREEN}✓ Maldet installed successfully${NC}"
# Update signatures
echo ""
echo "Updating malware signatures..."
if command -v maldet &>/dev/null; then
maldet -u > /dev/null 2>&1 &
echo " (signatures updating in background)"
fi
else
echo -e "${RED}✗ Installation failed. Check /tmp/maldet-install.log${NC}"
fi
cd /tmp
rm -rf maldetect-*
else
echo -e "${RED}✗ Failed to download Maldet${NC}"
echo "Try: wget https://www.rfxn.com/downloads/maldetect-latest.tar.gz"
fi
echo ""
read -p "Press Enter to continue..."
}
install_clamav_only() {
echo ""
print_banner "Installing ClamAV (Open Source Antivirus)"
echo ""
if command -v clamscan &>/dev/null; then
echo -e "${GREEN}✓ ClamAV is already installed${NC}"
echo ""
read -p "Press Enter to continue..."
return 0
fi
echo "Installing ClamAV..."
if command -v yum &>/dev/null; then
yum install -y clamav clamav-daemon clamav-update 2>&1 | tail -5
elif command -v apt-get &>/dev/null; then
apt-get update > /dev/null 2>&1
apt-get install -y clamav clamav-daemon 2>&1 | tail -5
else
echo -e "${RED}✗ No compatible package manager found${NC}"
return 1
fi
if command -v clamscan &>/dev/null; then
echo -e "${GREEN}✓ ClamAV installed successfully${NC}"
# Update signatures
echo ""
echo "Updating virus signatures..."
if command -v freshclam &>/dev/null; then
freshclam > /dev/null 2>&1 &
echo " (signatures updating in background)"
fi
else
echo -e "${RED}✗ Installation may have failed${NC}"
fi
echo ""
read -p "Press Enter to continue..."
}
install_rkhunter_only() {
echo ""
print_banner "Installing RKHunter (Rootkit Detection)"
echo ""
if command -v rkhunter &>/dev/null; then
echo -e "${GREEN}✓ RKHunter is already installed${NC}"
echo ""
read -p "Press Enter to continue..."
return 0
fi
echo "Installing RKHunter..."
if command -v yum &>/dev/null; then
yum install -y rkhunter 2>&1 | tail -3
elif command -v apt-get &>/dev/null; then
apt-get install -y rkhunter 2>&1 | tail -3
else
echo -e "${RED}✗ No compatible package manager found${NC}"
return 1
fi
if command -v rkhunter &>/dev/null; then
echo -e "${GREEN}✓ RKHunter installed successfully${NC}"
else
echo -e "${RED}✗ Installation may have failed${NC}"
fi
echo ""
read -p "Press Enter to continue..."
}
Update Maldet Submenu to include install option:
maldet_scan_submenu() {
while true; do
echo ""
print_header "Maldet Scanner - Linux Malware Detection"
echo "Fast, efficient, Linux-specific malware detection"
echo ""
if is_maldet_installed; then
echo -e "${GREEN}✓ Maldet is installed${NC}"
else
echo -e "${RED}✗ Maldet is NOT installed${NC}"
fi
echo ""
echo "Select option:"
echo -e " ${CYAN}1.${NC} Scan entire server (fastest comprehensive scan)"
echo -e " ${CYAN}2.${NC} Scan all user accounts"
echo -e " ${CYAN}3.${NC} Scan specific user account"
echo -e " ${CYAN}4.${NC} Scan specific domain"
echo -e " ${CYAN}5.${NC} Scan custom path"
echo ""
echo -e " ${CYAN}6.${NC} Update Maldet signatures"
echo -e " ${CYAN}7.${NC} View Maldet results"
echo -e " ${CYAN}8.${NC} Install Maldet (if not installed)" # ← NEW
echo ""
echo -e " ${RED}0.${NC} Back to main menu"
echo ""
while true; do
read -p "Select option (0-8): " choice
if ! [[ "$choice" =~ ^[0-8]$ ]]; then
echo -e "${RED}Invalid option${NC}"
sleep 1
continue
fi
case $choice in
1)
if is_maldet_installed; then
maldet_launch_scan "server"
else
echo -e "${RED}Maldet not installed. Install first (option 8).${NC}"
sleep 2
fi
break
;;
2) maldet_launch_scan "all_users"; break ;;
3) maldet_launch_scan "user"; break ;;
4) maldet_launch_scan "domain"; break ;;
5) maldet_launch_scan "custom"; break ;;
6) maldet_update_signatures; break ;;
7) maldet_view_results; break ;;
8) install_maldet_only; break ;; # ← NEW
0) return 0 ;;
esac
done
done
}
Also add a Scanner Install Submenu:
scanner_install_submenu() {
while true; do
echo ""
print_banner "Install Individual Scanners"
echo ""
echo "Available Scanners:"
echo -e " ${CYAN}1.${NC} Maldet (Fast, Linux-specific)"
[ ! -f "/usr/bin/imunify-antivirus" ] && echo " Status: NOT installed"
[ -f "/usr/bin/imunify-antivirus" ] && echo " Status: ✓ Installed"
echo -e " ${CYAN}2.${NC} ClamAV (Free, open source)"
command -v clamscan &>/dev/null && echo " Status: ✓ Installed" || echo " Status: NOT installed"
echo -e " ${CYAN}3.${NC} RKHunter (Rootkit detection)"
command -v rkhunter &>/dev/null && echo " Status: ✓ Installed" || echo " Status: NOT installed"
echo ""
echo -e " ${CYAN}4.${NC} Install ALL scanners (Maldet + ClamAV + RKHunter + ImunifyAV)"
echo -e " ${RED}0.${NC} Back"
echo ""
read -p "Select option: " choice
case "$choice" in
1) install_maldet_only; break ;;
2) install_clamav_only; break ;;
3) install_rkhunter_only; break ;;
4) install_all_scanners; break ;;
0) return 0 ;;
*) echo "Invalid option"; sleep 1 ;;
esac
done
}
Update main menu to show install submenu:
# In Configuration section of main menu:
echo -e " ${CYAN}10.${NC} Install individual scanners"
echo -e " ${CYAN}11.${NC} Install all scanners (recommended first time)"
echo -e " ${CYAN}12.${NC} Scanner settings"
Implementation Plan
Phase 1: Fix ClamAV Installation (10 minutes)
- Edit
/root/server-toolkit-beta/modules/security/malware-scanner.shlines 223-235 - Add fallback logic for missing cPanel scripts
- Test: Run "Install all scanners" again, should not fail on ClamAV
Phase 2: Add Individual Scanner Install (30 minutes)
- Add
install_maldet_only()function - Add
install_clamav_only()function - Add
install_rkhunter_only()function - Update Maldet submenu to include option 8 "Install Maldet"
- Update main menu with new install submenu
- Test each individual installer
Phase 3: Copy to Production (5 minutes)
- Copy fixed
/root/server-toolkit-beta/modules/security/malware-scanner.shto production - Test production version
Testing Checklist
- ClamAV installs even if
/scripts/check_cpanel_rpmsmissing - Maldet can be installed from Maldet submenu (option 8)
- Individual scanners can be installed one at a time
- "Install all scanners" still works
- Scanner status shows as "✓ Installed" after installation
- Installation functions handle already-installed cases gracefully
- No exit code 127 errors
Expected Behavior After Fix
Scenario 1: User wants to install Maldet only
bash launcher.sh → Security → Malware Scanner → Maldet menu
→ Select "8. Install Maldet"
→ Maldet installs (just Maldet, nothing else)
→ User can immediately scan with Maldet
Scenario 2: User's cPanel scripts are missing
bash launcher.sh → Security → Malware Scanner → Install all scanners
→ ClamAV installation tries cPanel scripts
→ Scripts missing, gracefully falls back to yum
→ ClamAV installs successfully
→ Installation continues with other scanners