linux-malware-detect icon indicating copy to clipboard operation
linux-malware-detect copied to clipboard

Published 20 hours ago verified publisher icon rfxn

[bug] Need return status code to handle error. Return code always become 0 when syntax is invalid.

Open arafatx opened this issue 4 years ago • 1 comments

I'm writing a custom script for cronjob for maldet. Currently I found out that if return status = 2, the infected is found. Is there any other return status to handle exception like syntax error, file access error etc.. ? Currently when a syntax error occurred the return status is always 0. So, I also need to check if the status code of clean scan. TQ.

arafatx avatar Aug 03 '20 07:08 arafatx

Was trying to continue my old script and coming back to ask the same question (did not realize that my question here has not been answered). When malware is detected, the return code is 2, when there is no malware, the return code is 0. What about the return code of 1? Any list of well-documented return codes like what the clamscan provided?

When I do this:

maldet --scan-ll /opt; echo $?

notice the syntax --scan-ll is not valid but the output and return code is 0 which is not correct. So my script will have trouble distinguishing between success scan without malware or syntax errors when using this return code:

Linux Malware Detect v1.6.4
            (C) 2002-2019, R-fx Networks <[email protected]>
            (C) 2019, Ryan MacDonald <[email protected]>
This program may be freely redistributed under the terms of the GNU GPL v2

signature set: 202211193704367
usage maldet [-h|--help] [-a|--scan-all PATH] [-r|--scan-recent PATH DAYS]
      [-f|--file-list PATH] [-i|--include-regex] [-x|--exclude-regex]
      [-b|--background] [-m|--monitor] [-k|--kill-monitor] [-c|--checkout]
      [-q|--quarantine] [-s|--restore] [-n|--clean] [-l|--log] [-e|--report]
      [-u|--update-sigs] [-d|--update-ver]
Linux Malware Detect v1.6.4
            (C) 2002-2019, R-fx Networks <[email protected]>
            (C) 2019, Ryan MacDonald <[email protected]>
This program may be freely redistributed under the terms of the GNU GPL v2

signature set: 202211193704367
usage maldet [-h|--help] [-a|--scan-all PATH] [-r|--scan-recent PATH DAYS]
      [-f|--file-list PATH] [-i|--include-regex] [-x|--exclude-regex]
      [-b|--background] [-m|--monitor] [-k|--kill-monitor] [-c|--checkout]
      [-q|--quarantine] [-s|--restore] [-n|--clean] [-l|--log] [-e|--report]
      [-u|--update-sigs] [-d|--update-ver]
0

The last output above shouldn't be 0, it should be something else.

arafatx avatar Nov 21 '22 16:11 arafatx