Prva verzija za buster.

author Ivan Rako <ivan.rako@srce.hr>

Wed, 2 Sep 2020 10:03:23 +0000 (12:03 +0200)

committer Ivan Rako <ivan.rako@srce.hr>

Wed, 2 Sep 2020 10:03:23 +0000 (12:03 +0200)
author Ivan Rako <ivan.rako@srce.hr>
Wed, 2 Sep 2020 10:03:23 +0000 (12:03 +0200)
committer Ivan Rako <ivan.rako@srce.hr>
Wed, 2 Sep 2020 10:03:23 +0000 (12:03 +0200)
diff --git a/clamav-unofficial-sigs b/clamav-unofficial-sigs

index 0e3d239..aa70db1 100755 (executable)
--- a/clamav-unofficial-sigs
+++ b/clamav-unofficial-sigs
@@ -1,6 +1,8 @@
-#!/bin/bash
-# shellcheck disable=SC2154
+#!/usr/bin/env bash
+# shellcheck disable=SC2119
+# shellcheck disable=SC2120
  # shellcheck disable=SC2128
  # shellcheck disable=SC2128
+# shellcheck disable=SC2154
  ################################################################################
  # This is property of eXtremeSHOK.com
  # You are free to use, modify and distribute, however you may not remove this notice.
  ################################################################################
  # This is property of eXtremeSHOK.com
  # You are free to use, modify and distribute, however you may not remove this notice.
@@ -29,70 +31,67 @@
  
  ################################################################################
  
  
  ################################################################################
  
-
  # Detect to make sure the entire script is avilable, fail if the script is missing contents
  # Detect to make sure the entire script is avilable, fail if the script is missing contents
-if [ "$(tail -n 1 "$0" | head -n 1 | cut -c 1-7)" != "exit \$?" ] ; then
-  echo "FATAL ERROR: Script is incomplete, please redownload"
-  exit 1
+if [ "$(tail -n 1 "${0}" | head -n 1 | cut -c 1-7)" != "exit \$?" ] ; then
+       echo "FATAL ERROR: Script is incomplete, please redownload"
+       exit 1
  fi
  
  # Trap the keyboard interrupt (Ctrl + C)
  trap xshok_control_c SIGINT
  fi
  
  # Trap the keyboard interrupt (Ctrl + C)
  trap xshok_control_c SIGINT
-
  ################################################################################
  # HELPER FUNCTIONS
  ################################################################################
  
  # Support user config settings for applying file and directory access permissions.
  ################################################################################
  # HELPER FUNCTIONS
  ################################################################################
  
  # Support user config settings for applying file and directory access permissions.
-function perms () {
-  if [ -n "$clam_user" ] && [ -n "$clam_group" ] ; then
+function perms() {
+  if [ -n "${clam_user}" ] && [ -n "${clam_group}" ] ; then
      "${@:-}"
    fi
  }
  
  # Prompt a user if they should complete an action with Y or N
  # Usage: xshok_prompt_confirm
      "${@:-}"
    fi
  }
  
  # Prompt a user if they should complete an action with Y or N
  # Usage: xshok_prompt_confirm
-# if xshok_prompt_confirm; then
+# if xshok_prompt_confirm ; then
  # xshok_prompt_confirm && echo "accepted"
  # xshok_prompt_confirm && echo "yes" || echo "no"
  # shellcheck disable=SC2120
  # xshok_prompt_confirm && echo "accepted"
  # xshok_prompt_confirm && echo "yes" || echo "no"
  # shellcheck disable=SC2120
-function xshok_prompt_confirm () { # optional_message
+function xshok_prompt_confirm() { # optional_message
    message="${1:-Are you sure?}"
    while true; do
    message="${1:-Are you sure?}"
    while true; do
-    read -r -p "$message [y/N]" response < /dev/tty
-    case "$response" in
+    read -r -p "${message} [y/N]" response < /dev/tty
+    case "${response}" in
        [yY]) return 0 ;;
        [nN]) return 1 ;;
        [yY]) return 0 ;;
        [nN]) return 1 ;;
-      *) printf " \033[31m %s \n\033[0m" "invalid input"
+      *) printf " \\033[31m %s \\n\\033[0m" "invalid input"
      esac
    done
  }
  
  # Create a pid file
      esac
    done
  }
  
  # Create a pid file
-function xshok_create_pid_file () { # pid.file
-  if [ "$1" ] ; then
-    pidfile="$1"
-    echo $$ > "$pidfile"
-    if [ $? -ne 0 ] ; then
-      xshok_pretty_echo_and_log "ERROR: Could not create PID file: $pidfile"
+function xshok_create_pid_file() { # pid.file
+  if [ "${1}" ] ; then
+    pidfile="${1}"
+    if ! echo $$ > "${pidfile}" ; then
+      xshok_pretty_echo_and_log "ERROR: Could not create PID file: ${pidfile}"
        exit 1
      fi
    else
        exit 1
      fi
    else
-    xshok_pretty_echo_and_log "ERROR: Missing value for option" "="
+    xshok_pretty_echo_and_log "ERROR: Missing value for option"
      exit 1
    fi
  }
  
  # Intercept ctrl+c and calls the cleanup function
      exit 1
    fi
  }
  
  # Intercept ctrl+c and calls the cleanup function
-function xshok_control_c () {
+function xshok_control_c() {
    echo
    echo
-  xshok_pretty_echo_and_log "--------------| Exiting ... Please wait |--------------" "-"
+  xshok_pretty_echo_and_log "---------------| Exiting ... Please wait |---------------" "-"
    xshok_cleanup
    exit $?
  }
  
  # Cleanup function
    xshok_cleanup
    exit $?
  }
  
  # Cleanup function
-function xshok_cleanup () {
+function xshok_cleanup() {
    # Wait for all processes to end
    wait
    xshok_pretty_echo_and_log "      Powered By https://eXtremeSHOK.com      " "#"
    # Wait for all processes to end
    wait
    xshok_pretty_echo_and_log "      Powered By https://eXtremeSHOK.com      " "#"
@@ -100,11 +99,11 @@ function xshok_cleanup () {
  }
  
  # Check if the current running user is the root user, otherwise return false
  }
  
  # Check if the current running user is the root user, otherwise return false
-function xshok_is_root () {
+function xshok_is_root() {
    if [ "$(uname -s)" == "SunOS" ] ; then
      id_bin="/usr/xpg4/bin/id"
    else
    if [ "$(uname -s)" == "SunOS" ] ; then
      id_bin="/usr/xpg4/bin/id"
    else
-    id_bin="$(which id 2> /dev/null)"
+    id_bin="$(command -v id 2> /dev/null)"
    fi
    if [ "$($id_bin -u)" == 0 ] ; then
      return 0
    fi
    if [ "$($id_bin -u)" == 0 ] ; then
      return 0
@@ -114,8 +113,8 @@ function xshok_is_root () {
  }
  
  # Check if its a file, otherwise return false
  }
  
  # Check if its a file, otherwise return false
-function xshok_is_file () { # filepath
-  filepath="$1"
+function xshok_is_file() { # filepath
+  filepath="${1}"
    if [ -f "${filepath}" ] ; then
      return 0 ;
    else
    if [ -f "${filepath}" ] ; then
      return 0 ;
    else
@@ -127,7 +126,7 @@ function xshok_is_file () { # filepath
  # Usage: xshok_is_subdir "filepath"
  # xshok_is_subdir "/root/" - false
  # xshok_is_subdir "/usr/local/etc" && echo "yes" - yes
  # Usage: xshok_is_subdir "filepath"
  # xshok_is_subdir "/root/" - false
  # xshok_is_subdir "/usr/local/etc" && echo "yes" - yes
-function xshok_is_subdir () { # filepath
+function xshok_is_subdir() { # filepath
    shopt -s extglob; filepath="${filepath%%+(/)}"
    if [ -d "$filepath" ] ; then
      res="${filepath//[^\/]}"
    shopt -s extglob; filepath="${filepath%%+(/)}"
    if [ -d "$filepath" ] ; then
      res="${filepath//[^\/]}"
@@ -142,16 +141,15 @@ function xshok_is_subdir () { # filepath
  }
  
  # Create a dir and set the ownership
  }
  
  # Create a dir and set the ownership
-function xshok_mkdir_ownership () { # path
-  if [ "$1" ] ; then
-    mkdir -p "$1" 2>/dev/null
-    if [ $? -ne 0 ] ; then
-      xshok_pretty_echo_and_log "ERROR: Could not create directory: $1"
+function xshok_mkdir_ownership() { # path
+  if [ "${1}" ] ; then
+    if ! mkdir -p "${1}" 2>/dev/null ; then
+      xshok_pretty_echo_and_log "ERROR: Could not create directory: ${1}"
        exit 1
      fi
        exit 1
      fi
-    perms chown -f "$clam_user:$clam_group" "$1" > /dev/null 2>&1
+    perms chown -f "${clam_user}:${clam_group}" "${1}" > /dev/null 2>&1
    else
    else
-    xshok_pretty_echo_and_log "ERROR: Missing value for option" "="
+    xshok_pretty_echo_and_log "ERROR: Missing value for option"
      exit 1
    fi
  }
      exit 1
    fi
  }
@@ -160,30 +158,29 @@ function xshok_mkdir_ownership () { # path
  # Usage:
  # xshok_is_subdir "username" && echo "user found" || echo "no"
  # xshok_is_subdir "username" "groupname" && echo "user and group found" || echo "no"
  # Usage:
  # xshok_is_subdir "username" && echo "user found" || echo "no"
  # xshok_is_subdir "username" "groupname" && echo "user and group found" || echo "no"
-function xshok_user_group_exists () { # username groupname
+function xshok_user_group_exists() { # username groupname
    if [ "$(uname -s)" == "SunOS" ] ; then
      id_bin="/usr/xpg4/bin/id"
    else
    if [ "$(uname -s)" == "SunOS" ] ; then
      id_bin="/usr/xpg4/bin/id"
    else
-    id_bin="$(which id 2> /dev/null)"
+    id_bin="$(command -v id 2> /dev/null)"
    fi
  
    fi
  
-  if [ "$2" ] ; then
+  if [ "${2}" ] ; then
      if [ "$(uname -s)" == "Darwin" ] ; then
        #use ruby, as this is the best way. Ruby is always avilable as brew uses ruby
        ruby -e 'require "etc"; puts Etc::getgrnam("_clamav").gid' > /dev/null 2>&1
        ret="$?"
      else
      if [ "$(uname -s)" == "Darwin" ] ; then
        #use ruby, as this is the best way. Ruby is always avilable as brew uses ruby
        ruby -e 'require "etc"; puts Etc::getgrnam("_clamav").gid' > /dev/null 2>&1
        ret="$?"
      else
-      getent_bin="$(which getent 2> /dev/null)"
-      $getent_bin group "$2" >/dev/null 2>&1
+      getent_bin="$(command -v getent 2> /dev/null)"
+      $getent_bin group "${2}" >/dev/null 2>&1
        ret="$?"
      fi
    fi
  
        ret="$?"
      fi
    fi
  
-  if [ "$1" ] ; then
-    $id_bin -u "$1" > /dev/null 2>&1
-    if [ $? -eq 0 ]; then
-      if [ "$2" ] ; then
-        if [ "$ret" -eq 0 ]; then
+  if [ "${1}" ] ; then
+    if $id_bin -u "${1}" > /dev/null 2>&1 ; then
+      if [ "${2}" ] ; then
+        if [ "$ret" -eq 0 ] ; then
            return 0 ; # User and group exists
          else
            return 1 ; # Group does NOT exist
            return 0 ; # User and group exists
          else
            return 1 ; # Group does NOT exist
@@ -195,7 +192,7 @@ function xshok_user_group_exists () { # username groupname
        return 1 ; # User does NOT exist
      fi
    else
        return 1 ; # User does NOT exist
      fi
    else
-    xshok_pretty_echo_and_log "ERROR: Missing value for option" "="
+    xshok_pretty_echo_and_log "ERROR: Missing value for option"
      exit 1
    fi
  }
      exit 1
    fi
  }
@@ -214,146 +211,192 @@ function xshok_user_group_exists () { # username groupname
  # ========
  # pretty_echo_and_log "" "/\" "7"
  # /\/\/\/\/\/\
  # ========
  # pretty_echo_and_log "" "/\" "7"
  # /\/\/\/\/\/\
-# type: e = error, w= warning ""
-function xshok_pretty_echo_and_log () { # "string" "repeating" "count" "type"
-  # Handle comments
-  if [ "$comment_silence" == "no" ] ; then
-    if [ "${#@}" -eq 1 ] ; then
-      echo "$1"
+# type: e = error, w= warning, a = alert, n = notice
+# will auto detect using the first word "error,warning,alert,notice"
+# type e will make a == border
+# type w will make a -- border
+# type a will make a ** border
+# type n will make a ++ border
+function xshok_pretty_echo_and_log() { # "string" "repeating" "count" "type"
+       #detect if running under cron and silence
+       mystring="$1"
+       myrepeating="$2"
+       mycount="$3"
+       mytype="$4"
+       if [ "$comment_silence" != "yes" ] && [ "$force_verbose" != "yes" ]; then
+               if [ ! -t 1 ] ; then
+                       comment_silence="yes"
+               fi
+       fi
+       # always show errors and alerts
+       if [ -z "$mytype" ] ; then
+               shopt -s nocasematch
+               if [[ "$mystring" =~ "ERROR:" ]] || [[ "$mystring" =~ "ERROR " ]] ; then
+                       mytype="e"
+               elif [[ "$mystring" =~ "WARNING:" ]] || [[ "$mystring" =~ "WARNING " ]] ; then
+                       mytype="w"
+               elif [[ "$mystring" =~ "ALERT:" ]] || [[ "$mystring" =~ "ALERT " ]] ; then
+                       mytype="a"
+               elif [[ "$mystring" =~ "NOTICE:" ]] || [[ "$mystring" =~ "NOTICE " ]] ; then
+                       mytype="n"
+               fi
+       fi
+       if [ "$mytype" == "e" ] || [ "$mytype" == "a" ] ; then
+                       comment_silence="no"
+       fi
+       # Handle comments is not silenced or type
+  if [ "$comment_silence" != "yes" ] ; then
+               if [ -z "$myrepeating" ] ; then
+                       if [ "$mytype" == "e" ] ; then
+                               myrepeating="="
+                       elif [ "$mytype" == "w" ] ; then
+                               myrepeating="-"
+                       elif [ "$mytype" == "a" ] ; then
+                               myrepeating="*"
+                       elif [ "$mytype" == "n" ] ; then
+                               myrepeating="+"
+                       fi
+               fi
+    if [ -z "$myrepeating" ] ; then
+      echo "${mystring}"
      else
        myvar=""
      else
        myvar=""
-      if [ -n "$3" ] ; then
-        mycount="$3"
-      else
-        mycount="${#1}"
+      if [ -z "$mycount" ] ; then
+        mycount="${#mystring}"
        fi
        for (( n = 0; n < mycount; n++ )) ; do
        fi
        for (( n = 0; n < mycount; n++ )) ; do
-        myvar="$myvar$2"
+        myvar="${myvar}${myrepeating}"
        done
        done
-      if [ -n "$1" ] ; then
-        echo -e "$myvar\n$1\n$myvar"
+      if [ -n "${mystring}" ] ; then
+        echo -e "${myvar}\\n${1}\\n${myvar}"
        else
        else
-        echo -e "$myvar"
+        echo -e "${myvar}"
        fi
      fi
    fi
        fi
      fi
    fi
-
    # Handle logging
    if [ "$enable_log" == "yes" ] ; then
    # Handle logging
    if [ "$enable_log" == "yes" ] ; then
-    if [ ! -e "$log_file_path/$log_file_name" ] ; then
-      # xshok_mkdir_ownership "$log_file_path"
-      mkdir -p "$log_file_path"
-      touch "$log_file_path/$log_file_name" 2>/dev/null
-      perms chown -f "$clam_user:$clam_group" "$log_file_path/$log_file_name"
-    fi
-    if [ ! -w "$log_file_path/$log_file_name" ] ; then
-      echo "Warning: Logging Disabled, as file not writable: $log_file_path/$log_file_name"
-      enable_log="no"
-    else
-      echo "$(date "+%b %d %T")" "$1" >> "$log_file_path/$log_file_name"
-    fi
+
+               #filter ===, ---
+               mystring=${1//===}
+               mystring=${mystring//---}
+
+               if [ ! -z "$mystring" ] ; then
+           if [ ! -z "$log_pipe_cmd" ] ; then
+             echo "${mystring}" | $log_pipe_cmd
+           else
+             if [ ! -e "${log_file_path}/${log_file_name}" ] ; then
+               # xshok_mkdir_ownership "$log_file_path"
+               mkdir -p "$log_file_path"
+               touch "${log_file_path}/${log_file_name}" 2>/dev/null
+               perms chown -f "${clam_user}:${clam_group}" "${log_file_path}/${log_file_name}"
+             fi
+             if [ ! -w "${log_file_path}/${log_file_name}" ] ; then
+               echo "WARNING: Logging Disabled, as file not writable: ${log_file_path}/${log_file_name}"
+               enable_log="no"
+             else
+               echo "$(date "+%b %d %T")" "${mystring}" >> "${log_file_path}/${log_file_name}"
+             fi
+           fi
+               fi
    fi
  }
  
  # Check if the $2 value is not null and does not start with -
    fi
  }
  
  # Check if the $2 value is not null and does not start with -
-function xshok_check_s2 () { # value1 value2
-  if [ "$1" ] ; then
-    if [[ "$1" =~ ^-.* ]] ; then
-      xshok_pretty_echo_and_log "ERROR: Missing value for option or value begins with -" "="
+function xshok_check_s2() { # value1 value2
+  if [ "${1}" ] ; then
+    if [[ "${1}" =~ ^-.* ]] ; then
+      xshok_pretty_echo_and_log "ERROR: Missing value for option or value begins with -"
        exit 1
      fi
    else
        exit 1
      fi
    else
-    xshok_pretty_echo_and_log "ERROR: Missing value for option" "="
+    xshok_pretty_echo_and_log "ERROR: Missing value for option"
      exit 1
    fi
  }
  
  # Time remaining information function
      exit 1
    fi
  }
  
  # Time remaining information function
-function xshok_draw_time_remaining () { #time_remaining #update_hours #name
-  if [ "$1" ] && [ "$2" ]; then
-    time_remaining="$1"
+function xshok_draw_time_remaining() { #time_remaining #update_hours #name
+  if [ "${1}" ] && [ "${2}" ] ; then
+    time_remaining="${1}"
      hours_left="$((time_remaining / 3600))"
      minutes_left="$((time_remaining % 3600 / 60))"
      hours_left="$((time_remaining / 3600))"
      minutes_left="$((time_remaining % 3600 / 60))"
-    xshok_pretty_echo_and_log "$2 hours have not yet elapsed since the last $3 update check"
+    xshok_pretty_echo_and_log "${2} hours have not yet elapsed since the last ${3} update check"
      xshok_pretty_echo_and_log "No update check was performed at this time" "-"
      xshok_pretty_echo_and_log "No update check was performed at this time" "-"
-    xshok_pretty_echo_and_log "Next check will be performed in approximately $hours_left hour(s), $minutes_left minute(s)"
+    xshok_pretty_echo_and_log "Next check will be performed in approximately ${hours_left} hour(s), ${minutes_left} minute(s)"
    fi
  }
  
  # Download function
    fi
  }
  
  # Download function
-function xshok_file_download () { #outputfile #url
- if [ "$1" ] && [ "$2" ]; then
-  if [ -n "$wget_bin" ] ; then
-    # shellcheck disable=SC2086
-    $wget_bin $wget_proxy_https $wget_proxy_http $wget_insecure $wget_output_level --connect-timeout="$downloader_connect_timeout" --random-wait --tries="$downloader_tries" --timeout="$downloader_max_time" --output-document="$1" "$2"
-    result=$?
-  else
-    # shellcheck disable=SC2086
-    $curl_bin $curl_proxy $curl_insecure $curl_output_level --connect-timeout "$downloader_connect_timeout" --remote-time --location --retry "$downloader_tries" --max-time "$downloader_max_time" --output "$1" "$2"
-    result=$?
-  fi
-  return $result
- fi
-}
-
-# Auto update
-function xshok_auto_update () { # version
-  xshok_pretty_echo_and_log "Performing automatic update..."
-
-  # Download new version
-  echo -n "Downloading latest version..."
-
-    xshok_file_download "$0.tmp" "$UPDATE_BASE/$SELF"
-    result=$?
-
-  if [ "$result" -ne 0 ]; then
-    echo "Failed: Error while trying to get new version!"
-    echo "File requested: $UPDATE_BASE/$SELF"
-    exit 1
-  fi
-  echo "Done."
-
-  # Copy over modes from old version
-  OCTAL_MODE="$(stat -c "%a" "$SELF")"
-  if ! chmod "$OCTAL_MODE" "${0}.tmp" ; then
-    echo "Failed: Error while trying to set mode on ${0}.tmp."
-    exit 1
+function xshok_file_download() { #outputfile #url #notimestamp
+       if [ "$downloader_debug" == "yes" ] ; then
+               xshok_pretty_echo_and_log "url: ${2} >> outputfile: ${1} | ${3}"
+       fi
+  if [ "${1}" ] && [ "${2}" ] ; then
+               if [ -n "$curl_bin" ] ; then
+                       if [ -f "${1}" ] ; then
+                               # shellcheck disable=SC2086
+                               $curl_bin --fail --compressed $curl_proxy $curl_insecure $curl_output_level --connect-timeout "${downloader_connect_timeout}" --remote-time --location --retry "${downloader_tries}" --max-time "${downloader_max_time}" --time-cond "${1}" --output "${1}" "${2}"  2>&11
+                               result=$?
+                       else
+                               # shellcheck disable=SC2086
+                               $curl_bin --fail --compressed $curl_proxy $curl_insecure $curl_output_level --connect-timeout "${downloader_connect_timeout}" --remote-time --location --retry "${downloader_tries}" --max-time "${downloader_max_time}" --output "${1}" "${2}"  2>&11
+                               result=$?
+                       fi
+               else
+                       if [ ! "${3}" ] ; then
+                               # the following is required because wget, cannot do --timestamping and --output-document together
+                               this_dir="$PWD"
+                               output_file="$1"
+                               url="$2"
+                               output_dir="${output_file%/*}"
+                               output_file="${output_file##*/}"
+                               url_file="${url##*/}"
+                               wget_output_link=""
+
+                               cd "${output_dir}" || exit
+                               if [ "$output_file" != "$url_file" ] ; then
+                                       if [ ! -f "$url_file" ] ; then
+                                               if [ ! -f "$output_file" ] ; then
+                                                       touch "$output_file"
+                                               fi
+                                               ln -s  "$output_file" "$url_file"
+                                               wget_output_link="$url_file"
+                                       fi
+                               fi
+             # shellcheck disable=SC2086
+                               $wget_bin $wget_compression $wget_proxy $wget_insecure $wget_output_level --connect-timeout="${downloader_connect_timeout}" --random-wait --tries="${downloader_tries}" --timeout="${downloader_max_time}" --timestamping "${2}" 2>&12
+                               result=$?
+                               if [ ! -n "$wget_output_link" ] ; then
+                                       if [ -L "$wget_output_link" ] ; then
+                                               rm -f "$wget_output_link"
+                                       fi
+                               fi
+                               cd "$this_dir" || exit
+                       else
+                               # shellcheck disable=SC2086
+                               $wget_bin $wget_compression $wget_proxy $wget_insecure $wget_output_level --connect-timeout="${downloader_connect_timeout}" --random-wait --tries="${downloader_tries}" --timeout="${downloader_max_time}" --output-document="${1}" "${2}" 2>&12
+                               result=$?
+                       fi
+    fi
+    return $result
    fi
    fi
-
-  # Generate the update script
-  cat > xshok_update_script.sh << EOF
-#!/bin/bash
-# Overwrite old file with new
-if mv "$0.tmp" "$0"; then
-  echo "Done. Update complete."
-  rm \$0
-else
-  echo "Failed! The update was not completed."
-fi
-EOF
-
-
-  echo -n "Inserting update process..."
-
-  # Replaced with $0, so code will update and then call itself with the same parameters it had
-  #exec /bin/bash xshok_update_script.sh
-  exec "$0" "$@"
  }
  
  # Handle list of database files
  }
  
  # Handle list of database files
-function clamav_files () {
-  echo "$clam_dbs/$db" >> "$current_tmp"
+function clamav_files() {
+  echo "${clam_dbs}/${db}" >> "${current_tmp}"
    if [ "$keep_db_backup" == "yes" ] ; then
    if [ "$keep_db_backup" == "yes" ] ; then
-    echo "$clam_dbs/$db-bak" >> "$current_tmp"
+    echo "${clam_dbs}/${db}-bak" >> "${current_tmp}"
    fi
  }
  
  # Manage the databases and allow multi-dimensions as well as global overrides
  # Since the datbases are basically a multi-dimentional associative arrays in bash
    fi
  }
  
  # Manage the databases and allow multi-dimensions as well as global overrides
  # Since the datbases are basically a multi-dimentional associative arrays in bash
-# ratings: LOW| MEDIUM| HIGH| REQUIRED| LOWONLY| MEDIUMONLY| LOWMEDIUMONLY | MEDIUMHIGHONLY | HIGHONLY| DISABLED
-function xshok_database () { # rating database_array
+# ratings: LOW | MEDIUM | HIGH | REQUIRED | LOWONLY | MEDIUMONLY | LOWMEDIUMONLY | MEDIUMHIGHONLY | HIGHONLY | DISABLED
+function xshok_database() { # rating database_array
    # Assign
    # Assign
-  current_rating="$1"
+  current_rating="${1}"
    declare -a current_dbs=( "${@:2}" )
    # Zero
    declare -a new_dbs=( )
    declare -a current_dbs=( "${@:2}" )
    # Zero
    declare -a new_dbs=( )
@@ -381,18 +424,38 @@ function xshok_database () { # rating database_array
                elif [ "$db_name_rating" == "REQUIRED" ] ; then
                  new_dbs+=( "$db_name" )
                elif [ "$current_rating" == "LOW" ] ; then
                elif [ "$db_name_rating" == "REQUIRED" ] ; then
                  new_dbs+=( "$db_name" )
                elif [ "$current_rating" == "LOW" ] ; then
-                if [ "$db_name_rating" == "LOWONLY" ] || [ "$db_name_rating" == "LOW" ] || [ "$db_name_rating" == "LOWMEDIUM" ] ; then
+                if [ "$db_name_rating" == "LOWONLY" ] || [ "$db_name_rating" == "LOW" ] || [ "$db_name_rating" == "LOWMEDIUMONLY" ] ; then
                    new_dbs+=( "$db_name" )
                  fi
                elif [ "$current_rating" == "MEDIUM" ] ; then
                    new_dbs+=( "$db_name" )
                  fi
                elif [ "$current_rating" == "MEDIUM" ] ; then
-                if [ "$db_name_rating" == "MEDIUMONLY" ] || [ "$db_name_rating" == "MEDIUM" ] || [ "$db_name_rating" == "LOW" ] || [ "$db_name_rating" == "LOWMEDIUM" ] ; then
+                if [ "$db_name_rating" == "MEDIUMONLY" ] || [ "$db_name_rating" == "MEDIUM" ] || [ "$db_name_rating" == "LOW" ] || [ "$db_name_rating" == "LOWMEDIUMONLY" ]  || [ "$db_name_rating" == "MEDIUMHIGHONLY" ] ; then
                    new_dbs+=( "$db_name" )
                  fi
                elif [ "$current_rating" == "HIGH" ] ; then
                    new_dbs+=( "$db_name" )
                  fi
                elif [ "$current_rating" == "HIGH" ] ; then
-                if [ "$db_name_rating" == "HIGH" ] || [ "$db_name_rating" == "MEDIUM" ] || [ "$db_name_rating" == "LOW" ] ; then
+                if [ "$db_name_rating" == "HIGHONLY" ] || [ "$db_name_rating" == "HIGH" ] || [ "$db_name_rating" == "MEDIUM" ] || [ "$db_name_rating" == "LOW" ] || [ "$db_name_rating" == "MEDIUMHIGHONLY" ] ; then
                    new_dbs+=( "$db_name" )
                  fi
                    new_dbs+=( "$db_name" )
                  fi
-              fi
+                                                       elif [ "$current_rating" == "LOWONLY" ] ; then
+                                                               if [ "$db_name_rating" == "LOWONLY" ] || [ "$db_name_rating" == "LOW" ] ; then
+                                                                       new_dbs+=( "$db_name" )
+                                                               fi
+                                                       elif [ "$current_rating" == "MEDIUMONLY" ] ; then
+                                                               if [ "$db_name_rating" == "MEDIUMONLY" ] || [ "$db_name_rating" == "MEDIUM" ] ; then
+                                                                       new_dbs+=( "$db_name" )
+                                                               fi
+                                                       elif [ "$current_rating" == "LOWMEDIUMONLY" ] ; then
+                                                               if [ "$db_name_rating" == "LOWMEDIUMONLY" ] || [ "$db_name_rating" == "LOW" ]  || [ "$db_name_rating" == "MEDIUM" ] ; then
+                                                                       new_dbs+=( "$db_name" )
+                                                               fi
+                                                       elif [ "$current_rating" == "MEDIUMHIGHONLY" ] ; then
+                                                               if [ "$db_name_rating" == "MEDIUMHIGHONLY" ] || [ "$db_name_rating" == "MEDIUM" ] || [ "$db_name_rating" == "HIGH" ] ; then
+                                                                       new_dbs+=( "$db_name" )
+                                                               fi
+                                                       elif [ "$current_rating" == "HIGHONLY" ] ; then
+                                                               if [ "$db_name_rating" == "HIGHONLY" ] || [ "$db_name_rating" == "HIGH" ] ; then
+                                                                       new_dbs+=( "$db_name" )
+                                                               fi
+                                                       fi
              fi
            fi
          fi
              fi
            fi
          fi
@@ -408,45 +471,45 @@ function xshok_database () { # rating database_array
  
  
  # Generates a man config and installs it
  
  
  # Generates a man config and installs it
-function install_man () {
+function install_man() {
  
    if [ -n "$pkg_mgr" ] || [ -n "$pkg_rm" ] ; then
  
    if [ -n "$pkg_mgr" ] || [ -n "$pkg_rm" ] ; then
-    echo "This script (clamav-unofficial-sigs) was installed on the system via '$pkg_mgr'"
+    xshok_pretty_echo_and_log "This script (clamav-unofficial-sigs) was installed on the system via ${pkg_mgr}"
      exit 1
    fi
  
      exit 1
    fi
  
-  echo ""
-  echo "Generating man file for install...."
+  xshok_pretty_echo_and_log ""
+  xshok_pretty_echo_and_log "Generating man file for install...."
  
    # Use defined varibles or attempt to use default varibles
  
  
    # Use defined varibles or attempt to use default varibles
  
-  if [ ! -e "$man_dir/$man_filename" ] ; then
+  if [ ! -e "${man_dir}/${man_filename}" ] ; then
      mkdir -p "$man_dir"
      mkdir -p "$man_dir"
-    touch "$man_dir/$man_filename" 2>/dev/null
+    touch "${man_dir}/${man_filename}" 2>/dev/null
    fi
    fi
-  if [ ! -w "$man_dir/$man_filename" ] ; then
-    echo "ERROR: man install aborted, as file not writable: $man_dir/$man_filename"
+  if [ ! -w "${man_dir}/${man_filename}" ] ; then
+    xshok_pretty_echo_and_log "ERROR: man install aborted, as file not writable: ${man_dir}/${man_filename}"
    else
  
    else
  
-    BOLD="\fB"
+    BOLD="\\fB"
      #REV=""
      #REV=""
-    NORM="\fR"
+    NORM="\\fR"
      manresult="$(help_and_usage "man")"
  
      # Our template..
      manresult="$(help_and_usage "man")"
  
      # Our template..
-    cat << EOF > "$man_dir/$man_filename"
+    cat << EOF > "${man_dir}/${man_filename}"
  
  
-.\" Manual page for eXtremeSHOK.com ClamAV Unofficial Signature Updater
-.TH clamav-unofficial-sigs 8 "$script_version_date" "Version: $script_version" "SCRIPT COMMANDS"
+.\\" Manual page for eXtremeSHOK.com ClamAV Unofficial Signature Updater
+.TH clamav-unofficial-sigs 8 "${script_version_date}" "Version: ${script_version}" "SCRIPT COMMANDS"
  .SH NAME
  .SH NAME
-clamav-unofficial-sigs \- Download, test, and install third-party ClamAV signature databases.
+clamav-unofficial-sigs \\- Download, test, and install third-party ClamAV signature databases.
  .SH SYNOPSIS
  .B clamav-unofficial-sigs
  .RI [ options ]
  .SH DESCRIPTION
  .SH SYNOPSIS
  .B clamav-unofficial-sigs
  .RI [ options ]
  .SH DESCRIPTION
-\fBclamav-unofficial-sigs\fP provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, Yara-Rules Project, etc. It will also generate and install cron, logrotate, and man files.
+\\fBclamav-unofficial-sigs\\fP provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, Yara-Rules Project, etc. It will also generate and install cron, logrotate, and man files.
  .SH UPDATES
  .SH UPDATES
-Script updates can be found at: \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP
+Script updates can be found at: \\fBhttps://github.com/extremeshok/clamav-unofficial-sigs\\fP
  .SH OPTIONS
  This script follows the standard GNU command line syntax.
  .LP
  .SH OPTIONS
  This script follows the standard GNU command line syntax.
  .LP
@@ -461,7 +524,7 @@ You are free to use, modify and distribute, however you may not remove this noti
  .SH LICENSE
  BSD (Berkeley Software Distribution)
  .SH BUGS
  .SH LICENSE
  BSD (Berkeley Software Distribution)
  .SH BUGS
-Report bugs to \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP
+Report bugs to \\fBhttps://github.com/extremeshok/clamav-unofficial-sigs\\fP
  .SH AUTHOR
  Adrian Jon Kriel :: admin@extremeshok.com
  Originially based on Script provide by Bill Landry
  .SH AUTHOR
  Adrian Jon Kriel :: admin@extremeshok.com
  Originially based on Script provide by Bill Landry
@@ -470,43 +533,43 @@ Originially based on Script provide by Bill Landry
  EOF
  
    fi
  EOF
  
    fi
-  echo "Completed: man installed, as file: $man_dir/$man_filename"
+  xshok_pretty_echo_and_log "Completed: man installed, as file: ${man_dir}/${man_filename}"
  }
  
  
  # Generate a logrotate config and install it
  }
  
  
  # Generate a logrotate config and install it
-function install_logrotate () {
+function install_logrotate() {
  
    if [ -n "$pkg_mgr" ] || [ -n "$pkg_rm" ] ; then
  
    if [ -n "$pkg_mgr" ] || [ -n "$pkg_rm" ] ; then
-    echo "This script (clamav-unofficial-sigs) was installed on the system via '$pkg_mgr'"
+    xshok_pretty_echo_and_log "This script (clamav-unofficial-sigs) was installed on the system via ${pkg_mgr}"
      exit 1
    fi
  
      exit 1
    fi
  
-  echo ""
-  echo "Generating logrotate file for install...."
+  xshok_pretty_echo_and_log ""
+  xshok_pretty_echo_and_log "Generating logrotate file for install...."
  
    # Use defined varibles or attempt to use default varibles
  
    if [ -z "$logrotate_user" ] ; then
  
    # Use defined varibles or attempt to use default varibles
  
    if [ -z "$logrotate_user" ] ; then
-    logrotate_user="$clam_user";
+    logrotate_user="${clam_user}";
    fi
    if [ -z "$logrotate_group" ] ; then
    fi
    if [ -z "$logrotate_group" ] ; then
-    logrotate_group="$clam_group";
+    logrotate_group="${clam_group}";
    fi
    if [ -z "$logrotate_log_file_full_path" ] ; then
    fi
    if [ -z "$logrotate_log_file_full_path" ] ; then
-    logrotate_log_file_full_path="$log_file_path/$log_file_name"
+    logrotate_log_file_full_path="${log_file_path}/${log_file_name}"
    fi
  
  
    fi
  
  
-  if [ ! -e "$logrotate_dir/$logrotate_filename" ] ; then
+  if [ ! -e "${logrotate_dir}/${logrotate_filename}" ] ; then
      mkdir -p "$logrotate_dir"
      mkdir -p "$logrotate_dir"
-    touch "$logrotate_dir/$logrotate_filename" 2>/dev/null
+    touch "${logrotate_dir}/${logrotate_filename}" 2>/dev/null
    fi
    fi
-  if [ ! -w "$logrotate_dir/$logrotate_filename" ] ; then
-    echo "ERROR: logrotate install aborted, as file not writable: $logrotate_dir/$logrotate_filename"
+  if [ ! -w "${logrotate_dir}/${logrotate_filename}" ] ; then
+    xshok_pretty_echo_and_log "ERROR: logrotate install aborted, as file not writable: ${logrotate_dir}/${logrotate_filename}"
    else
      # Our template..
    else
      # Our template..
-    cat << EOF > "$logrotate_dir/$logrotate_filename"
+    cat << EOF > "${logrotate_dir}/${logrotate_filename}"
  # https://eXtremeSHOK.com ######################################################
  # This file contains the logrotate settings for clamav-unofficial-sigs.sh
  ###################
  # https://eXtremeSHOK.com ######################################################
  # This file contains the logrotate settings for clamav-unofficial-sigs.sh
  ###################
@@ -537,49 +600,51 @@ $logrotate_log_file_full_path {
    missingok
    notifempty
    compress
    missingok
    notifempty
    compress
-  create 0640 $logrotate_user $logrotate_group
+  create 0640 ${logrotate_user} ${logrotate_group}
  }
  
  EOF
  
    fi
  }
  
  EOF
  
    fi
-  echo "Completed: logrotate installed, as file: $logrotate_dir/$logrotate_filename"
+  xshok_pretty_echo_and_log "Completed: logrotate installed, as file: ${logrotate_dir}/${logrotate_filename}"
  }
  
  # Generate a cron config and install it
  }
  
  # Generate a cron config and install it
-function install_cron () {
+function install_cron() {
  
    if [ -n "$pkg_mgr" ] || [ -n "$pkg_rm" ] ; then
  
    if [ -n "$pkg_mgr" ] || [ -n "$pkg_rm" ] ; then
-    echo "This script (clamav-unofficial-sigs) was installed on the system via '$pkg_mgr'"
+    xshok_pretty_echo_and_log "This script (clamav-unofficial-sigs) was installed on the system via {$pkg_mgr}"
      exit 1
    fi
  
      exit 1
    fi
  
-  echo ""
-  echo "Generating cron file for install...."
+  xshok_pretty_echo_and_log ""
+  xshok_pretty_echo_and_log "Generating cron file for install...."
  
    # Use defined varibles or attempt to use default varibles
    if [ -z "$cron_minute" ] ; then
      cron_minute="$(( ( RANDOM % 59 ) + 1 ))"
    fi
    if [ -z "$cron_user" ] ; then
  
    # Use defined varibles or attempt to use default varibles
    if [ -z "$cron_minute" ] ; then
      cron_minute="$(( ( RANDOM % 59 ) + 1 ))"
    fi
    if [ -z "$cron_user" ] ; then
-    cron_user="$clam_user";
+    cron_user="${clam_user}";
    fi
    if [ -z "$cron_bash" ] ; then
    fi
    if [ -z "$cron_bash" ] ; then
-    cron_bash="$(which bash 2> /dev/null)"
+    cron_bash="$(command -v bash 2> /dev/null)"
    fi
    if [ -z "$cron_script_full_path" ] ; then
      cron_script_full_path="$this_script_full_path"
    fi
    fi
    if [ -z "$cron_script_full_path" ] ; then
      cron_script_full_path="$this_script_full_path"
    fi
-
-  if [ ! -e "$cron_dir/$cron_filename" ] ; then
+  if [ "$cron_sudo" == "yes" ] ; then
+    cron_sudo="sudo -u"
+  fi
+  if [ ! -e "${cron_dir}/${cron_filename}" ] ; then
      mkdir -p "$cron_dir"
      mkdir -p "$cron_dir"
-    touch "$cron_dir/$cron_filename" 2>/dev/null
+    touch "${cron_dir}/${cron_filename}" 2>/dev/null
    fi
    fi
-  if [ ! -w "$cron_dir/$cron_filename" ] ; then
-    echo "ERROR: cron install aborted, as file not writable: $cron_dir/$cron_filename"
+  if [ ! -w "${cron_dir}/${cron_filename}" ] ; then
+    xshok_pretty_echo_and_log "ERROR: cron install aborted, as file not writable: ${cron_dir}/${cron_filename}"
    else
      # Our template..
    else
      # Our template..
-    cat << EOF > "$cron_dir/$cron_filename"
+    cat << EOF > "${cron_dir}/${cron_filename}"
  # https://eXtremeSHOK.com ######################################################
  # This file contains the cron settings for clamav-unofficial-sigs.sh
  ###################
  # https://eXtremeSHOK.com ######################################################
  # This file contains the cron settings for clamav-unofficial-sigs.sh
  ###################
@@ -607,81 +672,209 @@ function install_cron () {
  # script itself is set to randomize the actual execution time between
  # 60 - 600 seconds.  To Adjust the cron values, edit your configs and run
  # bash clamav-unofficial-sigs.sh --install-cron to generate a new file.
  # script itself is set to randomize the actual execution time between
  # 60 - 600 seconds.  To Adjust the cron values, edit your configs and run
  # bash clamav-unofficial-sigs.sh --install-cron to generate a new file.
-
-$cron_minute * * * * $cron_user [ -x $cron_script_full_path ] && $cron_bash $cron_script_full_path > /dev/null
+MAILTO=root
+$cron_minute * * * * ${cron_sudo} ${cron_user} [ -x ${cron_script_full_path} ] && ${cron_bash} ${cron_script_full_path}
  
  # https://eXtremeSHOK.com ######################################################
  
  EOF
  
    fi
  
  # https://eXtremeSHOK.com ######################################################
  
  EOF
  
    fi
-  echo "Completed: cron installed, as file: $cron_dir/$cron_filename"
+  xshok_pretty_echo_and_log "Completed: cron installed, as file: ${cron_dir}/${cron_filename}"
+}
+
+# Auto upgrade the master.conf and the
+function xshok_upgrade() {
+
+       if [ "$allow_upgrades" == "no" ] ; then
+               xshok_pretty_echo_and_log "ERROR: --upgrade has been disabled, allow_upgrades=no"
+               exit 1
+       fi
+       if ! xshok_is_root ; then
+               xshok_pretty_echo_and_log "ERROR: Only root can run the upgrade"
+               exit 1
+       fi
+
+       xshok_pretty_echo_and_log "Checking for updates ..."
+
+       found_upgrade="no"
+       if [ -n "$curl_bin" ] ; then
+               # shellcheck disable=SC2086
+               latest_version="$($curl_bin --compressed $curl_proxy $curl_insecure $curl_output_level --connect-timeout "${downloader_connect_timeout}" --remote-time --location --retry "${downloader_tries}" --max-time "${downloader_max_time}" "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/clamav-unofficial-sigs.sh" 2>&11 | $grep_bin "^script_version=" | head -n1 | cut -d '"' -f 2)"
+               # shellcheck disable=SC2086
+               latest_config_version="$($curl_bin --compressed $curl_proxy $curl_insecure $curl_output_level --connect-timeout "${downloader_connect_timeout}" --remote-time --location --retry "${downloader_tries}" --max-time "${downloader_max_time}" "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/config/master.conf" 2>&11 | $grep_bin "^config_version=" | head -n1 | cut -d '"' -f 2)"
+       else
+               # shellcheck disable=SC2086
+               latest_version="$($wget_bin $wget_compression $wget_proxy $wget_insecure $wget_output_level --connect-timeout="${downloader_connect_timeout}" --random-wait --tries="${downloader_tries}" --timeout="${downloader_max_time}" "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/clamav-unofficial-sigs.sh" -O - 2>&12 | $grep_bin "^script_version=" | head -n1 | cut -d '"' -f 2)"
+               # shellcheck disable=SC2086
+               latest_config_version="$($wget_bin $wget_compression $wget_proxy $wget_insecure $wget_output_level --connect-timeout="${downloader_connect_timeout}" --random-wait --tries="${downloader_tries}" --timeout="${downloader_max_time}" "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/config/master.conf" -O - 2>&12 | $grep_bin "^config_version=" | head -n1 | cut -d '"' -f 2)"
+       fi
+
+  # config_dir/master.conf
+       if [ "$latest_config_version" ] ; then
+               # shellcheck disable=SC2183,SC2086
+               if [ "$(printf "%02d%02d%02d%02d" ${latest_config_version//./ })" -gt "$(printf "%02d%02d%02d%02d" ${config_version//./ })" ] ; then
+                       found_upgrade="yes"
+                       xshok_pretty_echo_and_log "ALERT: Upgrading config from v${config_version} to v${latest_config_version}"
+                       if [ -w "${config_dir}/master.conf" ] && [ -f "${config_dir}/master.conf" ] ; then
+                               echo "Downloading https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/config/master.conf"
+                               xshok_file_download "${work_dir}/master.conf.tmp" "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/config/master.conf" "notimestamp"
+                               ret="$?"
+                               if [ "$ret" -ne 0 ] ; then
+                                       xshok_pretty_echo_and_log "ERROR: Could not download https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/config/master.conf"
+                                       exit 1
+                               fi
+                               if ! $grep_bin -m 1 "config_version" "${work_dir}/master.conf.tmp" > /dev/null 2>&1 ; then
+                                       echo "ERROR: Downloaded master.conf is incomplete, please re-run"
+                                       exit 1
+                               fi
+                               # Copy over permissions from old version
+                         OCTAL_MODE="$(stat -c "%a" "${config_dir}/master.conf")"
+                               xshok_pretty_echo_and_log "Running update process"
+                               if ! mv -f "${work_dir}/master.conf.tmp" "${config_dir}/master.conf" ; then
+                                       xshok_pretty_echo_and_log "ERROR: failed moving ${work_dir}/master.conf.tmp to ${config_dir}/master.conf"
+                                       exit 1
+                               fi
+                               if ! chmod "$OCTAL_MODE" "${config_dir}/master.conf" ; then
+                                        xshok_pretty_echo_and_log "ERROR: unable to set permissions on ${config_dir}/master.conf"
+                                        exit 1
+                               fi
+                               xshok_pretty_echo_and_log "Completed"
+                       else
+                                xshok_pretty_echo_and_log "ERROR: ${config_dir}/master.conf is not a file or is not writable"
+                                exit 1
+                 fi
+               fi
+       fi
+
+       if [ "$latest_version" ] ; then
+               # shellcheck disable=SC2183,SC2086
+               if [ "$(printf "%02d%02d%02d%02d" ${latest_version//./ })" -gt "$(printf "%02d%02d%02d%02d" ${script_version//./ })" ] ; then
+                       found_upgrade="yes"
+           xshok_pretty_echo_and_log "ALERT:  Upgrading script from v${script_version} to v${latest_version}"
+                       if [ -w "${config_dir}/master.conf" ] && [ -f "${config_dir}/master.conf" ] ; then
+                               echo "Downloading https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/clamav-unofficial-sigs.sh"
+                               xshok_file_download "${work_dir}/clamav-unofficial-sigs.sh.tmp" "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/clamav-unofficial-sigs.sh" "notimestamp"
+                         ret=$?
+                               if [ "$ret" -ne 0 ] ; then
+                                       xshok_pretty_echo_and_log "ERROR: Could not download https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/clamav-unofficial-sigs.sh"
+                                       exit 1
+                               fi
+                               # Detect to make sure the entire script is avilable, fail if the script is missing contents
+                               if [ "$(tail -n 1 "${work_dir}/clamav-unofficial-sigs.sh.tmp" | head -n 1 | cut -c 1-7)" != "exit \$?" ] ; then
+                                       echo "ERROR: Downloaded clamav-unofficial-sigs.sh is incomplete, please re-run"
+                                       exit 1
+                               fi
+                               # Copy over permissions from old version
+                         OCTAL_MODE="$(stat -c "%a" "${this_script_full_path}")"
+
+                               xshok_pretty_echo_and_log "Inserting update process..."
+                         # Generate the update script
+                         cat > "${work_dir}/xshok_update_script.sh" << EOF
+#!/usr/bin/env bash
+echo "Running update process"
+# Overwrite old file with new
+if ! mv -f "${work_dir}/clamav-unofficial-sigs.sh.tmp" "${this_script_full_path}" ; then
+  echo  "ERROR: failed moving ${work_dir}/clamav-unofficial-sigs.sh.tmp to ${this_script_full_path}"
+  rm -f \$0
+       exit 1
+fi
+if ! chmod "$OCTAL_MODE" "${this_script_full_path}" ; then
+        echo "ERROR: unable to set permissions on ${this_script_full_path}"
+        rm -f \$0
+        exit 1
+fi
+       echo "Completed"
+       # echo "---------------------"
+       # echo "Optional, run as root: "
+       # echo "clamav-unofficial-sigs.sh --install-all"
+       echo "---------------------"
+       echo "Run once as root: "
+       echo "clamav-unofficial-sigs.sh --force"
+
+       #remove the tmp script before exit
+       rm -f \$0
+EOF
+                 # Replaced with $0, so code will update and then call itself with the same parameters it had
+                       #exec "${0}" "$@"
+                       bash_bin="$(command -v bash 2> /dev/null)"
+                 exec "$bash_bin" "${work_dir}/xshok_update_script.sh"
+                       echo "Running once as root"
+               else
+                        xshok_pretty_echo_and_log "ERROR: ${config_dir}/master.conf is not a file or is not writable"
+                        exit 1
+               fi
+       fi
+fi
+
+if [ "$found_upgrade" == "no" ] ; then
+       xshok_pretty_echo_and_log "No updates available"
+fi
  }
  
  
  # Decode a third-party signature either by signature name
  }
  
  
  # Decode a third-party signature either by signature name
-function decode_third_party_signature_by_signature_name () {
-  echo ""
-  echo "Input a third-party signature name to decode (e.g: Sanesecurity.Junk.15248) or"
-  echo "a hexadecimal encoded data string and press enter (do not include '.UNOFFICIAL'"
-  echo "in the signature name nor add quote marks to any input string):"
+function decode_third_party_signature_by_signature_name() {
+  xshok_pretty_echo_and_log ""
+  xshok_pretty_echo_and_log "Input a third-party signature name to decode (e.g: Sanesecurity.Junk.15248) or"
+  xshok_pretty_echo_and_log "a hexadecimal encoded data string and press enter:"
    read -r input
    read -r input
-  input="$(echo "$input" | tr -d "'" | tr -d '"')"
-  if echo "$input" | $grep_bin "\." > /dev/null ; then
+       # Remove quotes and .UNOFFICIAL from the whitelist input string
+  input="$(echo "${input}" | tr -d "'" | tr -d '"' | tr -d '`')"
+       input=${input/\.UNOFFICIAL/}
+  if echo "${input}" | $grep_bin "\\." > /dev/null ; then
      cd "$clam_dbs" || exit
      cd "$clam_dbs" || exit
-    sig="$($grep_bin "$input:" ./*.ndb)"
+    sig="$($grep_bin "${input}:" ./*.ndb)"
      if [ -n "$sig" ] ; then
        db_file="${sig%:*}"
      if [ -n "$sig" ] ; then
        db_file="${sig%:*}"
-      echo "$input found in: $db_file"
-      echo "$input signature decodes to:"
-      echo "$sig" | cut -d ":" -f 5 | perl -pe 's/([a-fA-F0-9]{2})|(\{[^}]*\}|\([^)]*\))/defined $2 ? $2 : chr(hex $1)/eg'
+      xshok_pretty_echo_and_log "${input} found in: ${db_file}"
+      xshok_pretty_echo_and_log "${input} signature decodes to:"
+      xshok_pretty_echo_and_log "$sig" | cut -d ":" -f 5 | perl -pe 's/([a-fA-F0-9]{2})|(\{[^}]*\}|\([^)]*\))/defined $2 ? $2 : chr(hex $1)/eg'
      else
      else
-      echo "Signature '$input' could not be found."
-      echo "This script will only decode ClamAV 'UNOFFICIAL' third-Party,"
-      echo "non-image based, signatures as found in the *.ndb databases."
+      xshok_pretty_echo_and_log "Signature ${input} could not be found."
+      xshok_pretty_echo_and_log "This script will only decode ClamAV 'UNOFFICIAL' third-Party,"
+      xshok_pretty_echo_and_log "non-image based, signatures as found in the *.ndb databases."
      fi
    else
      fi
    else
-    echo "Here is the decoded hexadecimal input string:"
-    echo "$input" | perl -pe 's/([a-fA-F0-9]{2})|(\{[^}]*\}|\([^)]*\))/defined $2 ? $2 : chr(hex $1)/eg'
+    xshok_pretty_echo_and_log "Here is the decoded hexadecimal input string:"
+    echo "${input}" | perl -pe 's/([a-fA-F0-9]{2})|(\{[^}]*\}|\([^)]*\))/defined $2 ? $2 : chr(hex $1)/eg'
    fi
  }
  
  # Hexadecimal encode an entire input string
    fi
  }
  
  # Hexadecimal encode an entire input string
-function hexadecimal_encode_entire_input_string () {
-  echo ""
-  echo "Input the data string that you want to hexadecimal encode and then press enter.  Do not include"
-  echo "any quotes around the string unless you want them included in the hexadecimal encoded output:"
+function hexadecimal_encode_entire_input_string() {
+  xshok_pretty_echo_and_log ""
+  xshok_pretty_echo_and_log "Input the data string that you want to hexadecimal encode and then press enter.  Do not include"
+  xshok_pretty_echo_and_log "any quotes around the string unless you want them included in the hexadecimal encoded output:"
    read -r input
    read -r input
-  echo "Here is the hexadecimal encoded input string:"
-  echo "$input" | perl -pe 's/(.)/sprintf("%02lx", ord $1)/eg'
+  xshok_pretty_echo_and_log "Here is the hexadecimal encoded input string:"
+  echo "${input}" | perl -pe 's/(.)/sprintf("%02lx", ord $1)/eg'
  }
  
  # Hexadecimal encode a formatted input string
  }
  
  # Hexadecimal encode a formatted input string
-function hexadecimal_encode_formatted_input_string () {
-  echo ""
-  echo "Input a formated data string containing spacing fields '{}, (), *' that you want to hexadecimal"
-  echo "encode, without encoding the spacing fields, and then press enter.  Do not include any quotes"
-  echo "around the string unless you want them included in the hexadecimal encoded output:"
+function hexadecimal_encode_formatted_input_string() {
+  xshok_pretty_echo_and_log ""
+  xshok_pretty_echo_and_log "Input a formated data string containing spacing fields '{}, (), *' that you want to hexadecimal"
+  xshok_pretty_echo_and_log "encode, without encoding the spacing fields, and then press enter.  Do not include any quotes"
+  xshok_pretty_echo_and_log "around the string unless you want them included in the hexadecimal encoded output:"
    read -r input
    read -r input
-  echo "Here is the hexadecimal encoded input string:"
-  echo "$input" | perl -pe 's/(\{[^}]*\}|\([^)]*\)|\*)|(.)/defined $1 ? $1 : sprintf("%02lx", ord $2)/eg'
+  xshok_pretty_echo_and_log "Here is the hexadecimal encoded input string:"
+  echo "${input}" | perl -pe 's/(\{[^}]*\}|\([^)]*\)|\*)|(.)/defined $1 ? $1 : sprintf("%02lx", ord $2)/eg'
  }
  
  # GPG verify a specific Sanesecurity database file
  }
  
  # GPG verify a specific Sanesecurity database file
-function gpg_verify_specific_sanesecurity_database_file () { # databasefile
-  echo ""
+function gpg_verify_specific_sanesecurity_database_file() { # databasefile
+  xshok_pretty_echo_and_log ""
    if [ "$enable_gpg" == "no" ] ; then
    if [ "$enable_gpg" == "no" ] ; then
-    xshok_pretty_echo_and_log "Notice: GnuPG / signature verification disabled" "-"
+    xshok_pretty_echo_and_log "GnuPG / signature verification disabled" "-"
    else
    else
-    if [ "$1" ] ; then
-      db_file="$(echo "$1" | awk -F "/" '{print $NF}')"
-      if [ -r "$work_dir_sanesecurity/$db_file" ] ; then
-        echo "GPG signature testing database file: $work_dir_sanesecurity/$db_file"
-        if [ -r "$work_dir_sanesecurity/$db_file".sig ] ; then
-          "$gpg_bin" -q --trust-model always --no-default-keyring --homedir "$work_dir_gpg" --keyring "$work_dir_gpg"/ss-keyring.gpg --verify "$work_dir_sanesecurity"/"$db_file".sig "$work_dir_sanesecurity"/"$db_file"
-          if [ $? -ne 0 ]; then
-            "$gpg_bin" -q --always-trust --no-default-keyring --homedir "$work_dir_gpg" --keyring "$work_dir_gpg"/ss-keyring.gpg --verify "$work_dir_sanesecurity"/"$db_file".sig "$work_dir_sanesecurity"/"$db_file"
-            if [ $? -eq 0 ]; then
+    if [ "${1}" ] ; then
+      db_file="$(echo "${1}" | awk -F "/" '{print $NF}')"
+      if [ -r "${work_dir_sanesecurity}/${db_file}" ] ; then
+        xshok_pretty_echo_and_log "GPG signature testing database file: ${work_dir_sanesecurity}/${db_file}"
+        if [ -r "${work_dir_sanesecurity}/${db_file}.sig" ] ; then
+          if ! "$gpg_bin" -q --trust-model always --no-default-keyring --homedir "${work_dir_gpg}" --keyring "${work_dir_gpg}/ss-keyring.gpg" --verify "${work_dir_sanesecurity}/${db_file}.sig" "${work_dir_sanesecurity}/${db_file}" ; then
+            if "$gpg_bin" -q --always-trust --no-default-keyring --homedir "${work_dir_gpg}" --keyring "${work_dir_gpg}/ss-keyring.gpg" --verify "${work_dir_sanesecurity}/${db_file}.sig" "${work_dir_sanesecurity}/${db_file}" ; then
                exit 0
              else
                exit 1
                exit 0
              else
                exit 1
@@ -690,15 +883,15 @@ function gpg_verify_specific_sanesecurity_database_file () { # databasefile
              exit 0
            fi
          else
              exit 0
            fi
          else
-          echo "Signature '${db_file}.sig' cannot be found."
+          xshok_pretty_echo_and_log "Signature ${db_file}.sig cannot be found."
          fi
        else
          fi
        else
-        echo "File '$db_file' cannot be found or is not a Sanesecurity database file."
-        echo "Only the following Sanesecurity and OITC databases can be GPG signature tested:"
-        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_sanesecurity"
+        xshok_pretty_echo_and_log "File ${db_file} cannot be found or is not a Sanesecurity database file."
+        xshok_pretty_echo_and_log "Only the following Sanesecurity and OITC databases can be GPG signature tested:"
+        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "${work_dir_sanesecurity}"
        fi
      else
        fi
      else
-      xshok_pretty_echo_and_log "ERROR: Missing value for option" "="
+      xshok_pretty_echo_and_log "ERROR: Missing value for option"
        exit 1
      fi
      exit 1
        exit 1
      fi
      exit 1
@@ -706,52 +899,53 @@ function gpg_verify_specific_sanesecurity_database_file () { # databasefile
  }
  
  # Output system and configuration information
  }
  
  # Output system and configuration information
-function output_system_configuration_information () {
-  echo ""
-  echo "*** SCRIPT VERSION ***"
-  echo "$this_script_name $script_version ($script_version_date)"
-  echo "*** SYSTEM INFORMATION ***"
+function output_system_configuration_information() {
+  xshok_pretty_echo_and_log ""
+  xshok_pretty_echo_and_log "*** SCRIPT INFORMATION ***"
+  xshok_pretty_echo_and_log "${this_script_name} ${script_version} (${script_version_date})"
+       xshok_pretty_echo_and_log "Master.conf Version: ${config_version}"
+       xshok_pretty_echo_and_log "Minimum required config: ${minimum_required_config_version}"
+  xshok_pretty_echo_and_log "*** SYSTEM INFORMATION ***"
    $uname_bin -a
    $uname_bin -a
-  echo "*** CLAMSCAN LOCATION & VERSION ***"
-  echo "$clamscan_bin"
+  xshok_pretty_echo_and_log "*** CLAMSCAN LOCATION & VERSION ***"
+  xshok_pretty_echo_and_log "${clamscan_bin}"
    $clamscan_bin --version | head -1
    $clamscan_bin --version | head -1
-  echo "*** RSYNC LOCATION & VERSION ***"
-  echo "$rsync_bin"
+  xshok_pretty_echo_and_log "*** RSYNC LOCATION & VERSION ***"
+  xshok_pretty_echo_and_log "${rsync_bin}"
    $rsync_bin --version | head -1
    $rsync_bin --version | head -1
-  if [ -n "$wget_bin" ] ; then
-    echo "*** WGET LOCATION & VERSION ***"
-    echo "$wget_bin"
-    $wget_bin --version | head -1
+  if [ -n "$curl_bin" ] ; then
+               xshok_pretty_echo_and_log "*** CURL LOCATION & VERSION ***"
+               xshok_pretty_echo_and_log "${curl_bin}"
+               $curl_bin --version | head -1
    else
    else
-    echo "*** CURL LOCATION & VERSION ***"
-    echo "$curl_bin"
-    $curl_bin --version | head -1
+               xshok_pretty_echo_and_log "*** WGET LOCATION & VERSION ***"
+               xshok_pretty_echo_and_log "${wget_bin}"
+               $wget_bin --version | head -1
    fi
    if [ "$enable_gpg" == "yes" ] ; then
    fi
    if [ "$enable_gpg" == "yes" ] ; then
-    echo "*** GPG LOCATION & VERSION ***"
-    echo "$gpg_bin"
+    xshok_pretty_echo_and_log "*** GPG LOCATION & VERSION ***"
+    xshok_pretty_echo_and_log "${gpg_bin}"
      $gpg_bin --version | head -1
    fi
      $gpg_bin --version | head -1
    fi
-  echo "*** SCRIPT WORKING DIRECTORY INFORMATION ***"
-  echo "$work_dir"
-  echo "*** CLAMAV DIRECTORY INFORMATION ***"
-  echo "$clam_dbs"
-  echo "*** SCRIPT CONFIGURATION SETTINGS ***"
+  xshok_pretty_echo_and_log "*** DIRECTORY INFORMATION ***"
+  xshok_pretty_echo_and_log "Working Directory: ${work_dir}"
+  xshok_pretty_echo_and_log "Clam Database Directory: ${clam_dbs}"
    if [ "$custom_config" != "no" ] ; then
      if [ -d "$custom_config" ] ; then
        # Assign the custom config dir and remove trailing / (removes / and //)
    if [ "$custom_config" != "no" ] ; then
      if [ -d "$custom_config" ] ; then
        # Assign the custom config dir and remove trailing / (removes / and //)
-      echo "Custom Configuration Directory: $config_dir"
+      xshok_pretty_echo_and_log "Custom Configuration Directory: ${custom_config}"
      else
      else
-      echo "Custom Configuration File: $custom_config"
+      xshok_pretty_echo_and_log "Custom Configuration File: ${custom_config}"
      fi
    else
      fi
    else
-    echo "Configuration Directory: $config_dir"
+    xshok_pretty_echo_and_log "Configuration Directory: ${config_dir}"
    fi
    fi
+       xshok_pretty_echo_and_log ""
  }
  
  # Make a signature database from an ascii file
  }
  
  # Make a signature database from an ascii file
-function make_signature_database_from_ascii_file () {
-  echo ""
+function make_signature_database_from_ascii_file() {
+  xshok_pretty_echo_and_log ""
    echo "
    The '-m' script flag provides a way to create a ClamAV hexadecimal signature database (*.ndb) file
    from a list of data strings stored in a clear-text ascii file, with one data string entry per line.
    echo "
    The '-m' script flag provides a way to create a ClamAV hexadecimal signature database (*.ndb) file
    from a list of data strings stored in a clear-text ascii file, with one data string entry per line.
@@ -799,8 +993,8 @@ function make_signature_database_from_ascii_file () {
      if [ -r "$source" ] ; then
        source_file="$(basename "$source")"
  
      if [ -r "$source" ] ; then
        source_file="$(basename "$source")"
  
-      echo "What signature prefix would you like to use?  For example: 'Phish.Domains'"
-      echo "will create signatures that looks like: 'Phish.Domains.1:4:*:HexSigHere'"
+      xshok_pretty_echo_and_log "What signature prefix would you like to use?  For example: 'Phish.Domains'"
+      xshok_pretty_echo_and_log "will create signatures that looks like: 'Phish.Domains.1:4:*:HexSigHere'"
  
        echo -n "Enter signature prefix: "
        read -r prefix
  
        echo -n "Enter signature prefix: "
        read -r prefix
@@ -813,240 +1007,255 @@ function make_signature_database_from_ascii_file () {
        while read -r line ; do
          line_prefix="$(echo "$line" | awk -F ":" '{print $1}')"
          if [ "$line_prefix" == "-" ] ; then
        while read -r line ; do
          line_prefix="$(echo "$line" | awk -F ":" '{print $1}')"
          if [ "$line_prefix" == "-" ] ; then
-          echo "$line" | cut -d ":" -f 2- | perl -pe 's/(.)/sprintf("%02lx", ord $1)/eg' | command sed "s/^/$prefix\.$line_num:4:\*:/" >> "$path_file"
+          echo "$line" | cut -d ":" -f 2- | perl -pe 's/(.)/sprintf("%02lx", ord $1)/eg' | command sed "s/^/$prefix\\.$line_num:4:\\*:/" >> "$path_file"
          elif [ "$line_prefix" == "=" ] ; then
          elif [ "$line_prefix" == "=" ] ; then
-          echo "$line" | cut -d ":" -f 2- | perl -pe 's/(\{[^}]*\}|\([^)]*\)|\*)|(.)/defined $1 ? $1 : sprintf("%02lx", ord $2)/eg' | command sed "s/^/$prefix\.$line_num:4:\*:/" >> "$path_file"
+          echo "$line" | cut -d ":" -f 2- | perl -pe 's/(\{[^}]*\}|\([^)]*\)|\*)|(.)/defined $1 ? $1 : sprintf("%02lx", ord $2)/eg' | command sed "s/^/$prefix\\.$line_num:4:\\*:/" >> "$path_file"
          else
          else
-          echo "$line" | perl -pe 's/(.)/sprintf("%02lx", ord $1)/eg' | command sed "s/^/$prefix\.$line_num:4:\*:/" >> "$path_file"
+          echo "$line" | perl -pe 's/(.)/sprintf("%02lx", ord $1)/eg' | command sed "s/^/$prefix\\.$line_num:4:\\*:/" >> "$path_file"
          fi
          fi
-        echo "Hexadecimal encoding $source_file line: $line_num of $total"
+        xshok_pretty_echo_and_log "Hexadecimal encoding ${source_file} line: ${line_num} of ${total}"
          line_num="$((line_num + 1))"
        done < "$source"
      else
          line_num="$((line_num + 1))"
        done < "$source"
      else
-      echo "Source file not found, exiting..."
+      xshok_pretty_echo_and_log "Source file not found, exiting..."
        exit
      fi
  
  
        exit
      fi
  
  
-    echo "Signature database file created at: $path_file"
-    if $clamscan_bin --quiet -d "$path_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null ; then
+    xshok_pretty_echo_and_log "Signature database file created at: ${path_file}"
+    if $clamscan_bin --quiet -d "$path_file" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
  
  
-      echo "Clamscan reports database integrity tested good."
+      xshok_pretty_echo_and_log "Clamscan reports database integrity tested good."
  
  
-      echo -n "Would you like to move '$db_file' into '$clam_dbs' and reload databases?"
+      echo -n "Would you like to move '${db_file}' into '${clam_dbs}' and reload databases?"
        if xshok_prompt_confirm ; then
        if xshok_prompt_confirm ; then
-        if ! cmp -s "$path_file" "$clam_dbs/$db_file" ; then
+        if ! cmp -s "$path_file" "${clam_dbs}/${db_file}" ; then
            if $rsync_bin -pcqt "$path_file" "$clam_dbs" ; then
            if $rsync_bin -pcqt "$path_file" "$clam_dbs" ; then
-            perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
+            perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
              perms chmod -f 0644 "$clam_dbs"/"$db_file"
              if [ "$selinux_fixes" == "yes" ] ; then
              perms chmod -f 0644 "$clam_dbs"/"$db_file"
              if [ "$selinux_fixes" == "yes" ] ; then
-              restorecon "$clam_dbs/$db_file"
+              restorecon "${clam_dbs}/${db_file}"
              fi
              $clamd_restart_opt
  
              fi
              $clamd_restart_opt
  
-            echo "Signature database '$db_file' was successfully implemented and ClamD databases reloaded."
+            xshok_pretty_echo_and_log "Signature database '${db_file}' was successfully implemented and ClamD databases reloading."
            else
  
            else
  
-            echo "Failed to add/update '$db_file', ClamD database not reloaded."
+            xshok_pretty_echo_and_log "Failed to add/update '${db_file}', ClamD database not reloading."
            fi
          else
  
            fi
          else
  
-          echo "Database '$db_file' has not changed - skipping"
+          xshok_pretty_echo_and_log "Database '${db_file}' has not changed - skipping"
          fi
        else
  
          fi
        else
  
-        echo "No action taken."
+        xshok_pretty_echo_and_log "No action taken."
        fi
      else
  
        fi
      else
  
-      echo "Clamscan reports that '$db_file' signature database integrity tested bad."
+      xshok_pretty_echo_and_log "Clamscan reports that '${db_file}' signature database integrity tested bad."
      fi
    fi
  }
  
  # Remove the clamav-unofficial-sigs script
      fi
    fi
  }
  
  # Remove the clamav-unofficial-sigs script
-function remove_script () {
-  echo ""
+function remove_script() {
+  xshok_pretty_echo_and_log ""
    if [ -n "$pkg_mgr" ] || [ -n "$pkg_rm" ] ; then
    if [ -n "$pkg_mgr" ] || [ -n "$pkg_rm" ] ; then
-    echo "This script (clamav-unofficial-sigs) was installed on the system via '$pkg_mgr'"
-    echo "use '$pkg_rm' to remove the script and all of its associated files and databases from the system."
+    xshok_pretty_echo_and_log "This script (clamav-unofficial-sigs) was installed on the system via '${pkg_mgr}'"
+    xshok_pretty_echo_and_log "use '${pkg_rm}' to remove the script and all of its associated files and databases from the system."
  
    else
  
    else
-    cron_file_full_path="$cron_dir/$cron_filename"
-    logrotate_file_full_path="$logrotate_dir/$logrotate_filename"
-    man_file_full_path="$man_dir/$man_filename"
+    cron_file_full_path="${cron_dir}/${cron_filename}"
+    logrotate_file_full_path="${logrotate_dir}/${logrotate_filename}"
+    man_file_full_path="${man_dir}/${man_filename}"
  
  
-    echo "This will remove the workdir ($work_dir), logrotate file ($logrotate_file_full_path), cron file ($cron_file_full_path), man file ($man_file_full_path)"
-    echo "Are you sure you want to remove the clamav-unofficial-sigs script and all of its associated files, third-party databases, and work directory from the system?"
+    xshok_pretty_echo_and_log "This will remove the workdir (${work_dir}), logrotate file (${logrotate_file_full_path}), cron file (${cron_file_full_path}), man file (${man_file_full_path})"
+    xshok_pretty_echo_and_log "Are you sure you want to remove the clamav-unofficial-sigs script and all of its associated files, third-party databases, and work directory from the system?"
      if xshok_prompt_confirm ; then
      if xshok_prompt_confirm ; then
-      echo "This can not be undone are you sure ?"
+      xshok_pretty_echo_and_log "This can not be undone are you sure ?"
        if xshok_prompt_confirm ; then
        if xshok_prompt_confirm ; then
-        if [ -r "$work_dir_work_configs/purge.txt" ] ; then
+        if [ -r "${work_dir_work_configs}/purge.txt" ] ; then
  
            while read -r file ; do
              xshok_is_file "$file" && rm -f -- "$file"
  
            while read -r file ; do
              xshok_is_file "$file" && rm -f -- "$file"
-            echo "     Removed file: $file"
-          done < "$work_dir_work_configs"/purge.txt
+            xshok_pretty_echo_and_log "     Removed file: ${file}"
+          done < "${work_dir_work_configs}/purge.txt"
            if [ -r "$cron_file_full_path" ] ; then
              xshok_is_file "$cron_file_full_path" && rm -f "$cron_file_full_path"
            if [ -r "$cron_file_full_path" ] ; then
              xshok_is_file "$cron_file_full_path" && rm -f "$cron_file_full_path"
-            echo "     Removed file: $cron_file_full_path"
+            xshok_pretty_echo_and_log "     Removed file: ${cron_file_full_path}"
            fi
            if [ -r "$logrotate_file_full_path" ] ; then
              xshok_is_file "$logrotate_file_full_path" && rm -f "$logrotate_file_full_path"
            fi
            if [ -r "$logrotate_file_full_path" ] ; then
              xshok_is_file "$logrotate_file_full_path" && rm -f "$logrotate_file_full_path"
-            echo "     Removed file: $logrotate_file_full_path"
+            xshok_pretty_echo_and_log "     Removed file: ${logrotate_file_full_path}"
            fi
            if [ -r "$man_file_full_path" ] ; then
              xshok_is_file "$man_file_full_path" && rm -f "$man_file_full_path"
            fi
            if [ -r "$man_file_full_path" ] ; then
              xshok_is_file "$man_file_full_path" && rm -f "$man_file_full_path"
-            echo "     Removed file: $man_file_full_path"
+            xshok_pretty_echo_and_log "     Removed file: ${man_file_full_path}"
            fi
  
            # Rather keep the configs
            #rm -f -- "$default_config" && echo "     Removed file: $default_config"
            fi
  
            # Rather keep the configs
            #rm -f -- "$default_config" && echo "     Removed file: $default_config"
-          #rm -f -- "$0" && echo "     Removed file: $0"
-          xshok_is_subdir "$work_dir" && rm -rf -- "${work_dir:?}" && echo "     Removed script working directories: $work_dir"
+          #rm -f -- "${0}" && echo "     Removed file: $0"
+          xshok_is_subdir "$work_dir" && rm -rf -- "${work_dir:?}" && echo "     Removed script working directories: ${work_dir}"
  
  
-          echo "  The clamav-unofficial-sigs script and all of its associated files, third-party"
-          echo "  databases, and work directories have been successfully removed from the system."
+          xshok_pretty_echo_and_log "  The clamav-unofficial-sigs script and all of its associated files, third-party"
+          xshok_pretty_echo_and_log "  databases, and work directories have been successfully removed from the system."
  
          else
  
          else
-          echo "  Cannot locate 'purge.txt' file in $work_dir_work_configs."
-          echo "  Files and signature database will need to be removed manually."
+          xshok_pretty_echo_and_log "  Cannot locate 'purge.txt' file in ${work_dir_work_configs}."
+          xshok_pretty_echo_and_log "  Files and signature database will need to be removed manually."
          fi
        else
          fi
        else
-        echo "Aborted"
+        xshok_pretty_echo_and_log "Aborted"
        fi
      else
        fi
      else
-      echo "Aborted"
+      xshok_pretty_echo_and_log "Aborted"
      fi
    fi
  }
  
  # Clamscan integrity test a specific database file
      fi
    fi
  }
  
  # Clamscan integrity test a specific database file
-function clamscan_integrity_test_specific_database_file () { # databasefile
-  echo ""
-  if [ "$1" ] ; then
-    input="$(echo "$1" | awk -F "/" '{print $NF}')"
+function clamscan_integrity_test_specific_database_file() { # databasefile
+  xshok_pretty_echo_and_log ""
+  if [ "${1}" ] ; then
+    input="$(echo "${1}" | awk -F "/" '{print $NF}')"
      db_file="$(find "$work_dir" -name "$input")"
      if [ -r "$db_file" ] ; then
      db_file="$(find "$work_dir" -name "$input")"
      if [ -r "$db_file" ] ; then
-      echo "Clamscan integrity testing: $db_file"
-
-      $clamscan_bin --quiet -d "$db_file" "$work_dir_work_configs/scan-test.txt"
-      if [ $? -eq 0 ]; then
-        echo "Clamscan reports that '$input' database integrity tested GOOD"
+      xshok_pretty_echo_and_log "Clamscan integrity testing: ${db_file}"
+      if $clamscan_bin --quiet -d "$db_file" "${work_dir_work_configs}/scan-test.txt" ; then
+        xshok_pretty_echo_and_log "Clamscan reports that '${input}' database integrity tested GOOD"
          exit 0
        else
          exit 0
        else
-        echo "Clamscan reports that '$input' database integrity tested BAD"
+        xshok_pretty_echo_and_log "Clamscan reports that '${input}' database integrity tested BAD"
          exit 1
        fi
      else
          exit 1
        fi
      else
-      echo "File '$input' cannot be found."
-      echo "Here is a list of third-party databases that can be clamscan integrity tested:"
+      xshok_pretty_echo_and_log "File '${input}' cannot be found."
+      xshok_pretty_echo_and_log "Here is a list of third-party databases that can be clamscan integrity tested:"
  
  
-      echo "=== Sanesecurity ==="
+      xshok_pretty_echo_and_log "=== Sanesecurity ==="
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_sanesecurity"
  
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_sanesecurity"
  
-      echo "=== SecuriteInfo ==="
+      xshok_pretty_echo_and_log "=== SecuriteInfo ==="
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_securiteinfo"
  
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_securiteinfo"
  
-      echo "=== MalwarePatrol ==="
+      xshok_pretty_echo_and_log "=== MalwarePatrol ==="
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_malwarepatrol"
  
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_malwarepatrol"
  
-      echo "=== Linux Malware Detect ==="
+      xshok_pretty_echo_and_log "=== Linux Malware Detect ==="
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_linuxmalwaredetect"
  
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_linuxmalwaredetect"
  
-      echo "=== Linux Malware Detect ==="
+      xshok_pretty_echo_and_log "=== Linux Malware Detect ==="
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_yararulesproject"
  
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_yararulesproject"
  
-      echo "=== User Defined Databases ==="
+      xshok_pretty_echo_and_log "=== User Defined Databases ==="
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_add"
  
        ls --ignore "*.sig" --ignore "*.md5" --ignore "*.ign2" "$work_dir_add"
  
-      echo "Check the file name and try again..."
+      xshok_pretty_echo_and_log "Check the file name and try again..."
      fi
    else
      fi
    else
-    xshok_pretty_echo_and_log "ERROR: Missing value for option" "="
+    xshok_pretty_echo_and_log "ERROR: Missing value for option"
      exit 1
    fi
  }
  
  # Output names of any third-party signatures that triggered during the HAM directory scan
      exit 1
    fi
  }
  
  # Output names of any third-party signatures that triggered during the HAM directory scan
-function output_signatures_triggered_during_ham_directory_scan () {
-  echo ""
+function output_signatures_triggered_during_ham_directory_scan() {
+  xshok_pretty_echo_and_log ""
    if [ -n "$ham_dir" ] ; then
    if [ -n "$ham_dir" ] ; then
-    if [ -r "$work_dir_work_configs/whitelist.hex" ] ; then
-      echo "The following third-party signatures triggered hits during the HAM Directory scan:"
+    if [ -r "${work_dir_work_configs}/whitelist.hex" ] ; then
+      xshok_pretty_echo_and_log "The following third-party signatures triggered hits during the HAM Directory scan:"
  
  
-      $grep_bin -h -f "$work_dir_work_configs/whitelist.hex" "$work_dir"/*/*.ndb | cut -d ":" -f 1
+      $grep_bin -h -f "${work_dir_work_configs}/whitelist.hex" "$work_dir"/*/*.ndb | cut -d ":" -f 1
+      $grep_bin -h -f "${work_dir_work_configs}/whitelist.hex" "$work_dir"/*/*.db | cut -d "=" -f 1
      else
      else
-      echo "No third-party signatures have triggered hits during the HAM Directory scan."
+      xshok_pretty_echo_and_log "No third-party signatures have triggered hits during the HAM Directory scan."
      fi
    else
      fi
    else
-    echo "Ham directory scanning is not currently enabled in the script's configuration file."
+    xshok_pretty_echo_and_log "Ham directory scanning is not currently enabled in the script's configuration file."
    fi
  }
  
  # Adds a signature whitelist entry in the newer ClamAV IGN2 format
    fi
  }
  
  # Adds a signature whitelist entry in the newer ClamAV IGN2 format
-function add_signature_whitelist_entry () {
-  echo ""
-  echo "Input a third-party signature name that you wish to whitelist due to false-positives"
-  echo "and press enter (do not include '.UNOFFICIAL' in the signature name nor add quote"
-  echo "marks to the input string):"
-
-  read -r input
+function add_signature_whitelist_entry() { #signature
+  xshok_pretty_echo_and_log "Signature Whitelist" "="
+       if [ -n "$1" ] ; then
+               input="$1"
+       else
+               xshok_pretty_echo_and_log "Input a third-party signature name that you wish to whitelist and press enter"
+               read -r input
+       fi
    if [ -n "$input" ] ; then
    if [ -n "$input" ] ; then
+               xshok_pretty_echo_and_log "Processing: ${input}"
      cd "$clam_dbs" || exit
      cd "$clam_dbs" || exit
-    input="$(echo "$input" | tr -d "'" | tr -d '"')"
-    sig_full="$($grep_bin -H "$input" ./*.*db)"
-    sig_name="$(echo "$sig_full" | cut -d ":" -f 2)"
+               # Remove quotes and .UNOFFICIAL from the string
+               input="$(echo "${input}" | tr -d "'" | tr -d '"' | tr -d '`"')"
+               input=${input/\.UNOFFICIAL/}
+
+    sig_full="$($grep_bin -H -m 1 "$input" ./*.*db)"
+               sig_extension=${sig_full%%\:*}
+               sig_extension=${sig_extension##*\.}
+               shopt -s nocasematch
+               if [ "$sig_extension" == "hdb" ] || [ "$sig_extension" == "hsb" ] || [ "$sig_extension" == "hdu " ] || [ "$sig_extension" == "hsu" ] || [ "$sig_extension" == "mdb" ] || [ "$sig_extension" == "msb" ] || [ "$sig_extension" == "mdu" ] || [ "$sig_extension" == "msu" ] ; then
+                       # Hash-based Signature Database
+                       position="4"
+               else
+                       position="2"
+               fi
+    sig_name="$(echo "$sig_full" | cut -d ":" -f $position | cut -d "=" -f 1)"
+
      if [ -n "$sig_name" ] ; then
      if [ -n "$sig_name" ] ; then
-      if ! $grep_bin "$sig_name" my-whitelist.ign2 > /dev/null 2>&1 ; then
-        cp -f my-whitelist.ign2 "$work_dir_work_configs" 2>/dev/null
-        echo "$sig_name" >> "$work_dir_work_configs/my-whitelist.ign2"
-        echo "$sig_full" >> "$work_dir_work_configs/tracker.txt"
-        if $clamscan_bin --quiet -d "$work_dir_work_configs/my-whitelist.ign2" "$work_dir_work_configs/scan-test.txt" ; then
-          if $rsync_bin -pcqt "$work_dir_work_configs/my-whitelist.ign2" "$clam_dbs" ; then
-            perms chown -f "$clam_user:$clam_group" my-whitelist.ign2
-
-            if [ ! -s "$work_dir_work_configs/monitor-ign.txt" ] ; then
+      if ! $grep_bin -m 1 "$sig_name" my-whitelist.ign2 > /dev/null 2>&1 ; then
+        cp -f -p my-whitelist.ign2 "$work_dir_work_configs" 2>/dev/null
+        echo "$sig_name" >> "${work_dir_work_configs}/my-whitelist.ign2"
+        echo "$sig_full" >> "${work_dir_work_configs}/tracker.txt"
+        if $clamscan_bin --quiet -d "${work_dir_work_configs}/my-whitelist.ign2" "${work_dir_work_configs}/scan-test.txt" ; then
+          if $rsync_bin -pcqt "${work_dir_work_configs}/my-whitelist.ign2" "$clam_dbs" ; then
+            perms chown -f "${clam_user}:${clam_group}" my-whitelist.ign2
+
+            if [ ! -s "${work_dir_work_configs}/monitor-ign.txt" ] ; then
                # Create "monitor-ign.txt" file for clamscan database integrity testing.
                # Create "monitor-ign.txt" file for clamscan database integrity testing.
-              echo "This is the monitor ignore file..." > "$work_dir_work_configs/monitor-ign.txt"
+              echo "This is the monitor ignore file..." > "${work_dir_work_configs}/monitor-ign.txt"
              fi
  
              fi
  
-            perms chmod -f 0644 my-whitelist.ign2 "$work_dir_work_configs/monitor-ign.txt"
+            perms chmod -f 0644 my-whitelist.ign2 "${work_dir_work_configs}/monitor-ign.txt"
              if [ "$selinux_fixes" == "yes" ] ; then
              if [ "$selinux_fixes" == "yes" ] ; then
-              restorecon "$clam_dbs/local.ign"
+              restorecon "${clam_dbs}/local.ign"
              fi
              fi
+                                               do_clamd_reload="4"
              clamscan_reload_dbs
  
              clamscan_reload_dbs
  
-            echo "Signature '$input' has been added to my-whitelist.ign2 and"
-            echo "all databases have been reloaded.  The script will track any changes"
-            echo "to the offending signature and will automatically remove it if the"
-            echo "signature is modified or removed from the third-party database."
+            xshok_pretty_echo_and_log "Signature '${input}' has been added to my-whitelist.ign2 and"
+            xshok_pretty_echo_and_log "all databases have been reloaded.  The script will track any changes"
+            xshok_pretty_echo_and_log "to the offending signature and will automatically remove it if the"
+            xshok_pretty_echo_and_log "signature is modified or removed from the third-party database."
            else
  
            else
  
-            echo "Failed to successfully update my-whitelist.ign2 file - SKIPPING."
+            xshok_pretty_echo_and_log "Failed to successfully update my-whitelist.ign2 file - SKIPPING."
            fi
          else
  
            fi
          else
  
-          echo "Clamscan reports my-whitelist.ign2 database integrity is bad - SKIPPING."
+          xshok_pretty_echo_and_log "Clamscan reports my-whitelist.ign2 database integrity is bad - SKIPPING."
          fi
        else
  
          fi
        else
  
-        echo "Signature '$input' already exists in my-whitelist.ign2 - no action taken."
+        xshok_pretty_echo_and_log "Signature '${input}' already exists in my-whitelist.ign2 - no action taken."
        fi
      else
  
        fi
      else
  
-      echo "Signature '$input' could not be found."
+      xshok_pretty_echo_and_log "Signature '${input}' could not be found."
  
  
-      echo "This script will only create a whitelise entry in my-whitelist.ign2 for ClamAV"
-      echo "'UNOFFICIAL' third-Party signatures as found in the *.ndb *.hdb *.db databases."
+      xshok_pretty_echo_and_log "This script will only create a whitelise entry in my-whitelist.ign2 for ClamAV"
+      xshok_pretty_echo_and_log "'UNOFFICIAL' third-Party signatures as found in the *.ndb *.hdb *.db databases."
      fi
    else
      fi
    else
-    echo "No input detected - no action taken."
+    xshok_pretty_echo_and_log "No input detected - no action taken."
    fi
  }
  
  # Clamscan reload database
    fi
  }
  
  # Clamscan reload database
-function clamscan_reload_dbs () {
+function clamscan_reload_dbs() {
    # Reload all clamd databases if updates detected and $reload_dbs" is set to "yes"
    if [ "$reload_dbs" == "yes" ] ; then
      if [ "$do_clamd_reload" != "0" ] ; then
    # Reload all clamd databases if updates detected and $reload_dbs" is set to "yes"
    if [ "$reload_dbs" == "yes" ] ; then
      if [ "$do_clamd_reload" != "0" ] ; then
@@ -1063,19 +1272,18 @@ function clamscan_reload_dbs () {
        fi
  
        if [[ "$($clamd_reload_opt 2>&1)" = *"ERROR"* ]] ; then
        fi
  
        if [[ "$($clamd_reload_opt 2>&1)" = *"ERROR"* ]] ; then
-        xshok_pretty_echo_and_log "ERROR: Failed to reload, trying again" "-"
+        xshok_pretty_echo_and_log "ERROR: Failed to reload, trying again"
          if [ -r "$clamd_pid" ] ; then
            mypid="$(cat "$clamd_pid")"
          if [ -r "$clamd_pid" ] ; then
            mypid="$(cat "$clamd_pid")"
-          kill -USR2 "$mypid"
-          if [ $? -eq 0 ] ; then
-            xshok_pretty_echo_and_log "ClamAV databases Reloaded" "="
+
+          if kill -USR2 "$mypid" ; then
+            xshok_pretty_echo_and_log "ClamAV databases reloading" "="
            else
            else
-            xshok_pretty_echo_and_log "ERROR: Failed to reload, forcing clamd to restart" "-"
+            xshok_pretty_echo_and_log "ERROR: Failed to reload, forcing clamd to restart"
              if [ -z "$clamd_restart_opt" ] ; then
              if [ -z "$clamd_restart_opt" ] ; then
-              xshok_pretty_echo_and_log "WARNING: Check the script's configuration file, 'reload_dbs' enabled but no 'clamd_restart_opt'" "*"
+              xshok_pretty_echo_and_log "WARNING: Check the script's configuration file, 'reload_dbs' enabled but no 'clamd_restart_opt'"
              else
              else
-              $clamd_restart_opt > /dev/null
-              if [ $? -eq 0 ] ; then
+              if $clamd_restart_opt > /dev/null ; then
                  xshok_pretty_echo_and_log "ClamAV Restarted" "="
                else
                  xshok_pretty_echo_and_log "ClamAV NOT Restarted" "-"
                  xshok_pretty_echo_and_log "ClamAV Restarted" "="
                else
                  xshok_pretty_echo_and_log "ClamAV NOT Restarted" "-"
@@ -1083,12 +1291,11 @@ function clamscan_reload_dbs () {
              fi
            fi
          else
              fi
            fi
          else
-          xshok_pretty_echo_and_log "ERROR: Failed to reload, forcing clamd to restart" "-"
+          xshok_pretty_echo_and_log "ERROR: Failed to reload, forcing clamd to restart"
            if [ -z "$clamd_restart_opt" ] ; then
            if [ -z "$clamd_restart_opt" ] ; then
-            xshok_pretty_echo_and_log "WARNING: Check the script's configuration file, 'reload_dbs' enabled but no 'clamd_restart_opt'" "*"
+            xshok_pretty_echo_and_log "WARNING: Check the script's configuration file, 'reload_dbs' enabled but no 'clamd_restart_opt'"
            else
            else
-            $clamd_restart_opt > /dev/null
-            if [ $? -eq 0 ] ; then
+            if $clamd_restart_opt > /dev/null ; then
                xshok_pretty_echo_and_log "ClamAV Restarted" "="
              else
                xshok_pretty_echo_and_log "ClamAV NOT Restarted" "-"
                xshok_pretty_echo_and_log "ClamAV Restarted" "="
              else
                xshok_pretty_echo_and_log "ClamAV NOT Restarted" "-"
@@ -1096,7 +1303,7 @@ function clamscan_reload_dbs () {
            fi
          fi
        else
            fi
          fi
        else
-        xshok_pretty_echo_and_log "ClamAV databases Reloaded" "="
+        xshok_pretty_echo_and_log "ClamAV databases reloading" "="
        fi
      else
        xshok_pretty_echo_and_log "No updates detected, ClamAV databases were not reloaded" "="
        fi
      else
        xshok_pretty_echo_and_log "No updates detected, ClamAV databases were not reloaded" "="
@@ -1110,7 +1317,7 @@ function clamscan_reload_dbs () {
  # If ClamD status check is enabled ("clamd_socket" variable is uncommented
  # and the socket path is correctly specified in "User Edit" section above),
  # then test to see if clamd is running or not.
  # If ClamD status check is enabled ("clamd_socket" variable is uncommented
  # and the socket path is correctly specified in "User Edit" section above),
  # then test to see if clamd is running or not.
-function check_clamav () {
+function check_clamav() {
    if [ -n "$clamd_socket" ] ; then
      if [ -S "$clamd_socket" ] ; then
        if [ "$(perl -e 'use IO::Socket::UNIX; print $IO::Socket::UNIX::VERSION,"\n"' 2>/dev/null)" ] ; then
    if [ -n "$clamd_socket" ] ; then
      if [ -S "$clamd_socket" ] ; then
        if [ "$(perl -e 'use IO::Socket::UNIX; print $IO::Socket::UNIX::VERSION,"\n"' 2>/dev/null)" ] ; then
@@ -1120,7 +1327,7 @@ function check_clamav () {
            xshok_pretty_echo_and_log "ClamD is running" "="
          fi
        else
            xshok_pretty_echo_and_log "ClamD is running" "="
          fi
        else
-        socat="$(which socat 2>/dev/null)"
+        socat="$(command -v socat 2>/dev/null)"
          if [ -n "$socat" ] && [ -x "$socat" ] ; then
            socket_cat1="1"
            if [ "$( (echo "PING"; sleep 1;) | socat - "$clamd_socket" 2>/dev/null)" == "PONG" ] ; then
          if [ -n "$socat" ] && [ -x "$socat" ] ; then
            socket_cat1="1"
            if [ "$( (echo "PING"; sleep 1;) | socat - "$clamd_socket" 2>/dev/null)" == "PONG" ] ; then
@@ -1130,11 +1337,11 @@ function check_clamav () {
          fi
        fi
        if [ -z "$io_socket1" ] && [ -z "$socket_cat1" ] ; then
          fi
        fi
        if [ -z "$io_socket1" ] && [ -z "$socket_cat1" ] ; then
-        xshok_pretty_echo_and_log "WARNING: socat or perl module 'IO::Socket::UNIX' not found, cannot test if ClamD is running" "*"
+        xshok_pretty_echo_and_log "WARNING: socat or perl module 'IO::Socket::UNIX' not found, cannot test if ClamD is running"
        else
          if [ -z "$io_socket2" ] && [ -z "$socket_cat2" ] ; then
  
        else
          if [ -z "$io_socket2" ] && [ -z "$socket_cat2" ] ; then
  
-          xshok_pretty_echo_and_log "ALERT: CLAMD IS NOT RUNNING!" "="
+          xshok_pretty_echo_and_log "ALERT: CLAMD IS NOT RUNNING!"
            if [ -n "$clamd_restart_opt" ] ; then
              xshok_pretty_echo_and_log "Attempting to start ClamD..." "-"
              if [ -n "$io_socket1" ] ; then
            if [ -n "$clamd_restart_opt" ] ; then
              xshok_pretty_echo_and_log "Attempting to start ClamD..." "-"
              if [ -n "$io_socket1" ] ; then
@@ -1142,7 +1349,7 @@ function check_clamav () {
                if [ "$(perl -MIO::Socket::UNIX -we '$s = IO::Socket::UNIX->new(shift); $s->print("PING"); print $s->getline; $s->close' "$clamd_socket" 2>/dev/null)" = "PONG" ] ; then
                  xshok_pretty_echo_and_log "ClamD was successfully started" "="
                else
                if [ "$(perl -MIO::Socket::UNIX -we '$s = IO::Socket::UNIX->new(shift); $s->print("PING"); print $s->getline; $s->close' "$clamd_socket" 2>/dev/null)" = "PONG" ] ; then
                  xshok_pretty_echo_and_log "ClamD was successfully started" "="
                else
-                xshok_pretty_echo_and_log "ERROR: CLAMD FAILED TO START" "="
+                xshok_pretty_echo_and_log "ERROR: CLAMD FAILED TO START"
                  exit 1
                fi
              else
                  exit 1
                fi
              else
@@ -1151,7 +1358,7 @@ function check_clamav () {
                  if [ "$( (echo "PING"; sleep 1;) | socat - "$clamd_socket" 2>/dev/null)" == "PONG" ] ; then
                    xshok_pretty_echo_and_log "ClamD was successfully started" "="
                  else
                  if [ "$( (echo "PING"; sleep 1;) | socat - "$clamd_socket" 2>/dev/null)" == "PONG" ] ; then
                    xshok_pretty_echo_and_log "ClamD was successfully started" "="
                  else
-                  xshok_pretty_echo_and_log "ERROR: CLAMD FAILED TO START" "="
+                  xshok_pretty_echo_and_log "ERROR: CLAMD FAILED TO START"
                    exit 1
                  fi
                fi
                    exit 1
                  fi
                fi
@@ -1160,56 +1367,60 @@ function check_clamav () {
          fi
        fi
      else
          fi
        fi
      else
-      xshok_pretty_echo_and_log "WARNING: $clamd_socket is not a usable socket" "*"
+      xshok_pretty_echo_and_log "WARNING: ${clamd_socket} is not a usable socket"
      fi
    else
      fi
    else
-    xshok_pretty_echo_and_log "WARNING: clamd_socket is not defined in the configuration file" "*"
+    xshok_pretty_echo_and_log "WARNING: clamd_socket is not defined in the configuration file"
    fi
  }
  
  # Check for a new version
    fi
  }
  
  # Check for a new version
-function check_new_version () {
-  if [ -n "$wget_bin" ] ; then
-    # shellcheck disable=SC2086
-    latest_version="$($wget_bin $wget_proxy_https $wget_proxy_http $wget_insecure $wget_output_level --connect-timeout="$downloader_connect_timeout" --random-wait --tries="$downloader_tries" --timeout="$downloader_max_time" https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/clamav-unofficial-sigs.sh -O - 2> /dev/null | $grep_bin "script""_version=" | cut -d '"' -f 2)"
-  else
-    # shellcheck disable=SC2086
-    latest_version="$($curl_bin $curl_proxy $curl_insecure $curl_output_level --connect-timeout "$downloader_connect_timeout" --remote-time --location --retry "$downloader_tries" --max-time "$downloader_max_time" https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/clamav-unofficial-sigs.sh 2> /dev/null | $grep_bin "script""_version=" | cut -d '"' -f 2)"
-  fi
+function check_new_version() {
+       found_upgrade="no"
+  if [ -n "$curl_bin" ] ; then
+               # shellcheck disable=SC2086
+               latest_version="$($curl_bin --compressed $curl_proxy $curl_insecure $curl_output_level --connect-timeout "${downloader_connect_timeout}" --remote-time --location --retry "${downloader_tries}" --max-time "${downloader_max_time}" "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/clamav-unofficial-sigs.sh" 2>&11 | $grep_bin "^script_version=" | head -n1 | cut -d '"' -f 2)"
+               # shellcheck disable=SC2086
+               latest_config_version="$($curl_bin --compressed $curl_proxy $curl_insecure $curl_output_level --connect-timeout "${downloader_connect_timeout}" --remote-time --location --retry "${downloader_tries}" --max-time "${downloader_max_time}" "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/config/master.conf" 2>&11 | $grep_bin "^config_version=" | head -n1 | cut -d '"' -f 2)"
+       else
+               # shellcheck disable=SC2086
+               latest_version="$($wget_bin $wget_compression $wget_proxy $wget_insecure $wget_output_level --connect-timeout="${downloader_connect_timeout}" --random-wait --tries="${downloader_tries}" --timeout="${downloader_max_time}" "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/clamav-unofficial-sigs.sh" -O - 2>&12 | $grep_bin "^script_version=" | head -n1 | cut -d '"' -f 2)"
+               # shellcheck disable=SC2086
+               latest_config_version="$($wget_bin $wget_compression $wget_proxy $wget_insecure $wget_output_level --connect-timeout="${downloader_connect_timeout}" --random-wait --tries="${downloader_tries}" --timeout="${downloader_max_time}" "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/${git_branch}/config/master.conf" -O - 2>&12 | $grep_bin "^config_version=" | head -n1 | cut -d '"' -f 2)"
+       fi
    if [ "$latest_version" ] ; then
    if [ "$latest_version" ] ; then
-    if [ "$latest_version" != "$script_version" ] ; then
-      xshok_pretty_echo_and_log "New version : v$latest_version @ https://github.com/extremeshok/clamav-unofficial-sigs" "-"
+               # shellcheck disable=SC2183,SC2086
+               if [ "$(printf "%02d%02d%02d%02d" ${latest_version//./ })" -gt "$(printf "%02d%02d%02d%02d" ${script_version//./ })" ] ; then
+      xshok_pretty_echo_and_log "ALERT: New version : v${latest_version} @ https://github.com/extremeshok/clamav-unofficial-sigs"
+                       found_upgrade="yes"
      fi
    fi
      fi
    fi
-}
-
-# Check for a new version
-function check_new_config_version () {
-  if [ -n "$wget_bin" ] ; then
-    # shellcheck disable=SC2086
-    latest_config_version="$($wget_bin $wget_proxy_https $wget_proxy_http $wget_insecure $wget_output_level --connect-timeout="$downloader_connect_timeout" --random-wait --tries="$downloader_tries" --timeout="$downloader_max_time" https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/master.conf -O - 2> /dev/null | $grep_bin "config_version=" | cut -d '"' -f 2)"
-  else
-    # shellcheck disable=SC2086
-    latest_config_version="$($curl_bin $curl_proxy $curl_insecure $curl_output_level --connect-timeout "$downloader_connect_timeout" --remote-time --location --retry "$downloader_tries" --max-time "$downloader_max_time" https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/master.conf 2> /dev/null | $grep_bin "config_version=" | cut -d '"' -f 2)"
-  fi
    if [ "$latest_config_version" ] ; then
    if [ "$latest_config_version" ] ; then
-    if [ "$latest_config_version" != "$config_version" ] ; then
-      xshok_pretty_echo_and_log "New configversion : v${latest_config_version} @ https://github.com/extremeshok/clamav-unofficial-sigs" "-"
+               # shellcheck disable=SC2183,SC2086
+               if [ "$(printf "%02d%02d%02d%02d" ${latest_config_version//./ })" -gt "$(printf "%02d%02d%02d%02d" ${config_version//./ })" ] ; then
+      xshok_pretty_echo_and_log "ALERT: New config version : v${latest_config_version} @ https://github.com/extremeshok/clamav-unofficial-sigs"
+                       found_upgrade="yes"
      fi
    fi
      fi
    fi
+
+if [ "$found_upgrade" == "yes" ] && [ "$allow_upgrades" == "yes" ] ; then
+       xshok_pretty_echo_and_log "Quickly upgrade, run the following command as root:"
+       xshok_pretty_echo_and_log "${this_script_name} --upgrade"
+fi
+
  }
  
  # Display help and usage
  # Usage:
  # help_and_usage "1" - enables the man output formatting
  # help_and_usage - normal help output formatting
  }
  
  # Display help and usage
  # Usage:
  # help_and_usage "1" - enables the man output formatting
  # help_and_usage - normal help output formatting
-function help_and_usage () {
+function help_and_usage() {
  
  
-  if [ "$1" ] ; then
+  if [ "${1}" ] ; then
      # option_format_start
      # option_format_start
-    ofs="\fB"
+    ofs="\\fB"
      # option_format_end
      # option_format_end
-    ofe="\fR"
+    ofe="\\fR"
      # option_format_blankline
      ofb=".TP"
      # option_format_tab_line
      # option_format_blankline
      ofb=".TP"
      # option_format_tab_line
@@ -1218,137 +1429,223 @@ function help_and_usage () {
      # option_format_start
      ofs="${BOLD}"
      # option_format_end
      # option_format_start
      ofs="${BOLD}"
      # option_format_end
-    ofe="${NORM}\t"
+    ofe="${NORM}\\t"
      # option_format_blankline
      # option_format_blankline
-    ofb="\n"
+    ofb="\\n"
      # option_format_tab_line
      # option_format_tab_line
-    oft="\n\t"
+    oft="\\n\\t"
    fi
  
    helpcontents="$(cat << EOF
    fi
  
    helpcontents="$(cat << EOF
-$ofs Usage: $(basename "$0") $ofe [OPTION] [PATH|FILE]
-$ofb
-$ofs -c, --config $ofe Use a specific configuration file or directory $oft eg: '-c /your/dir' or ' -c /your/file.name'  $oft Note: If a directory is specified the directory must contain atleast:  $oft master.conf, os.conf or user.conf $oft Default Directory: $config_dir
-$ofb
-$ofs -F, --force $ofe Force all databases to be downloaded, could cause ip to be blocked
-$ofb
-$ofs -h, --help $ofe Display this script's help and usage information
-$ofb
-$ofs -V, --version $ofe Output script version and date information
-$ofb
-$ofs -v, --verbose $ofe Be verbose, enabled when not run under cron
-$ofb
-$ofs -s, --silence $ofe Only output error messages, enabled when run under cron
-$ofb
-$ofs -d, --decode-sig $ofe Decode a third-party signature either by signature name $oft (eg: Sanesecurity.Junk.15248) or hexadecimal string. $oft This flag will 'NOT' decode image signatures
-$ofb
-$ofs -e, --encode-string $ofe Hexadecimal encode an entire input string that can $oft be used in any '*.ndb' signature database file
-$ofb
-$ofs -f, --encode-formatted $ofe Hexadecimal encode a formatted input string containing $oft signature spacing fields '{}, (), *', without encoding $oft the spacing fields, so that the encoded signature $oft can be used in any '*.ndb' signature database file
-$ofb
-$ofs -g, --gpg-verify $ofe GPG verify a specific Sanesecurity database file $oft eg: '-g filename.ext' (do not include file path)
-$ofb
-$ofs -i, --information $ofe Output system and configuration information for $oft viewing or possible debugging purposes
-$ofb
-$ofs -m, --make-database $ofe Make a signature database from an ascii file containing $oft data strings, with one data string per line.  Additional $oft information is provided when using this flag
-$ofb
-$ofs -t, --test-database $ofe Clamscan integrity test a specific database file $oft eg: '-t filename.ext' (do not include file path)
-$ofb
-$ofs -o, --output-triggered $ofe If HAM directory scanning is enabled in the script's $oft configuration file, then output names of any third-party $oft signatures that triggered during the HAM directory scan
-$ofb
-$ofs -w, --whitelist $ofe Adds a signature whitelist entry in the newer ClamAV IGN2 $oft format to 'my-whitelist.ign2' in order to temporarily resolve $oft a false-positive issue with a specific third-party signature. $oft Script added whitelist entries will automatically be removed $oft if the original signature is either modified or removed from $oft the third-party signature database
-$ofb
-$ofs --check-clamav $ofe If ClamD status check is enabled and the socket path is correctly $oft specifiedthen test to see if clamd is running or not
-$ofb
-$ofs --install-all $ofe Install and generate the cron, logroate and man files, autodetects the values $oft based on your config files
-$ofb
-$ofs --install-cron $ofe Install and generate the cron file, autodetects the values $oft based on your config files
-$ofb
-$ofs --install-logrotate $ofe Install and generate the logrotate file, autodetects the $oft values based on your config files
-$ofb
-$ofs --install-man $ofe Install and generate the man file, autodetects the $oft values based on your config files
-$ofb
-$ofs --remove-script $ofe Remove the clamav-unofficial-sigs script and all of $oft its associated files and databases from the system
-$ofb
+${ofs} Usage: $(basename "$0") ${ofe} [OPTION] [PATH|FILE]
+${ofb}
+${ofs} -c, --config ${ofe} Use a specific configuration file or directory ${oft} eg: '-c /your/dir' or ' -c /your/file.name'  ${oft} Note: If a directory is specified the directory must contain atleast:  ${oft} master.conf, os.conf or user.conf ${oft} Default Directory: ${config_dir}
+${ofb}
+${ofs} -F, --force ${ofe} Force all databases to be downloaded, could cause ip to be blocked
+${ofb}
+${ofs} -h, --help ${ofe} Display this script's help and usage information
+${ofb}
+${ofs} -V, --version ${ofe} Output script version and date information
+${ofb}
+${ofs} -v, --verbose ${ofe} Be verbose, enabled when not run under cron
+${ofb}
+${ofs} -s, --silence ${ofe} Only output error messages, enabled when run under cron
+${ofb}
+${ofs} -d, --decode-sig ${ofe} Decode a third-party signature either by signature name ${oft} (eg: Sanesecurity.Junk.15248) or hexadecimal string. ${oft} This flag will 'NOT' decode image signatures
+${ofb}
+${ofs} -e, --encode-string ${ofe} Hexadecimal encode an entire input string that can ${oft} be used in any '*.ndb' signature database file
+${ofb}
+${ofs} -f, --encode-formatted ${ofe} Hexadecimal encode a formatted input string containing ${oft} signature spacing fields '{}, (), *', without encoding ${oft} the spacing fields, so that the encoded signature ${oft} can be used in any '*.ndb' signature database file
+${ofb}
+${ofs} -g, --gpg-verify ${ofe} GPG verify a specific Sanesecurity database file ${oft} eg: '-g filename.ext' (do not include file path)
+${ofb}
+${ofs} -i, --information ${ofe} Output system and configuration information for ${oft} viewing or possible debugging purposes
+${ofb}
+${ofs} -m, --make-database ${ofe} Make a signature database from an ascii file containing ${oft} data strings, with one data string per line.  Additional ${oft} information is provided when using this flag
+${ofb}
+${ofs} -t, --test-database ${ofe} Clamscan integrity test a specific database file ${oft} eg: '-t filename.ext' (do not include file path)
+${ofb}
+${ofs} -o, --output-triggered ${ofe} If HAM directory scanning is enabled in the script's ${oft} configuration file, then output names of any third-party ${oft} signatures that triggered during the HAM directory scan
+${ofb}
+${ofs} -w, --whitelist <signature-name> ${ofe} Adds a signature whitelist entry in the newer ClamAV IGN2 ${oft} format to 'my-whitelist.ign2' in order to temporarily resolve ${oft} a false-positive issue with a specific third-party signature. ${oft} Script added whitelist entries will automatically be removed ${oft} if the original signature is either modified or removed from ${oft} the third-party signature database
+${ofb}
+${ofs} --check-clamav ${ofe} If ClamD status check is enabled and the socket path is correctly ${oft} specifiedthen test to see if clamd is running or not
+${ofb}
+${ofs} --upgrade ${ofe} Upgrades this script and master.conf to the latest available version
+${ofb}
+${ofs} --install-all ${ofe} Install and generate the cron, logroate and man files, autodetects the values ${oft} based on your config files
+${ofb}
+${ofs} --install-cron ${ofe} Install and generate the cron file, autodetects the values ${oft} based on your config files
+${ofb}
+${ofs} --install-logrotate ${ofe} Install and generate the logrotate file, autodetects the ${oft} values based on your config files
+${ofb}
+${ofs} --install-man ${ofe} Install and generate the man file, autodetects the ${oft} values based on your config files
+${ofb}
+${ofs} --remove-script ${ofe} Remove the clamav-unofficial-sigs script and all of ${oft} its associated files and databases from the system
+${ofb}
  EOF
    )" # This is very important
  EOF
    )" # This is very important
-if [ "$1" ] ; then
-  echo "${helpcontents//-/\\-}"
-else
+  if [ "${1}" ] ; then
+    echo "${helpcontents//-/\\-}"
+  else
      echo -e "$helpcontents"
    fi
  }
      echo -e "$helpcontents"
    fi
  }
-
  ################################################################################
  # MAIN PROGRAM
  ################################################################################
  
  # Script Info
  ################################################################################
  # MAIN PROGRAM
  ################################################################################
  
  # Script Info
-script_version="5.6.2"
-script_version_date="2017-03-19"
-minimum_required_config_version="72"
-minimum_yara_clamav_version="0.99"
+script_version="7.0.1"
+script_version_date="2020-01-25"
+minimum_required_config_version="91"
+minimum_yara_clamav_version="0.100"
+
+# Discover script: name, full_path and path
+this_script_full_path="${BASH_SOURCE[0]}"
+# follow the symlinks
+while [ -h "$this_script_full_path" ]; do
+  this_script_path="$( cd -P "$( dirname "$this_script_full_path" )" >/dev/null 2>&1 && pwd )"
+  this_script_full_path="$(readlink "$this_script_full_path")"
+       # if relative symlink, then resolve the path
+  if [[ $this_script_full_path != /* ]] ; then
+    this_script_full_path="$this_script_path/$this_script_full_path"
+  fi
+done
+this_script_path="$( cd -P "$( dirname "$this_script_full_path" )" >/dev/null 2>&1 && pwd )"
+this_script_name="$(basename "$this_script_full_path")"
  
  
-# Default config files
-config_dir="/etc/clamav-unofficial-sigs"
-config_files=( "$config_dir/master.conf" "$config_dir/os.conf" "$config_dir/user.conf" )
+if [ -z "$this_script_full_path" ] || [ -z "$this_script_path" ] || [ -z "$this_script_name" ] ; then
+       echo "ERROR: could not determin script name and fullpath"
+       exit 1
+fi
+
+#allow for other negatives besides no.
+#disabled_values_array=("0 no No NO false False FALSE off Off OFF disable Disable DISABLE disabled Disabled DISABLED")
+# if [[ " ${disabled_values_array[@]} " =~ " ${value} " ]]; then
+#     # whatever you want to do when arr contains value
+# fi
+#
+# if [[ ! " ${disabled_values_array[@]} " =~ " ${value} " ]]; then
+#     # whatever you want to do when arr doesn't contain value
+# fi
  
  # Initialise
  config_version="0"
  do_clamd_reload="0"
  comment_silence="no"
  
  # Initialise
  config_version="0"
  do_clamd_reload="0"
  comment_silence="no"
+force_verbose="no"
  logging_enabled="no"
  force_updates="no"
  logging_enabled="no"
  force_updates="no"
+force_wget="no"
  enable_log="no"
  custom_config="no"
  we_have_a_config="0"
  
  enable_log="no"
  custom_config="no"
  we_have_a_config="0"
  
-# Solaris which function returns garbage when the program is not found
-# only define the new which function if running under Solaris
+
+# Attempt to scan for a valid config dir
+if [ -f "/etc/clamav-unofficial-sigs/master.conf" ] ; then
+  config_dir="/etc/clamav-unofficial-sigs"
+elif [ -f "/usr/local/etc/clamav-unofficial-sigs/master.conf" ] ; then
+  config_dir="/usr/local/etc/clamav-unofficial-sigs/"
+elif [ -f "/opt/zimbra/conf/clamav-unofficial-sigs/master.conf" ] ; then
+  config_dir="/opt/zimbra/conf/clamav-unofficial-sigs/"
+else
+  xshok_pretty_echo_and_log "ERROR: config_dir (/etc/clamav-unofficial-sigs/master.conf) could not be found"
+  exit 1
+fi
+# Default config files
+if [ -r "${config_dir}/master.conf" ] ; then
+       config_files+=( "${config_dir}/master.conf" )
+else
+       xshok_pretty_echo_and_log "ERROR: ${config_dir}/master.conf is not readable"
+       exit 1
+fi
+if [ -r "${config_dir}/os.conf" ] ; then
+       config_files+=( "${config_dir}/os.conf" )
+else
+       #find the a suitable os.*.conf file
+       os_config_number=$(find "$config_dir" -type f -iname "os.*.conf" | wc -l)
+       if [ "$os_config_number" == "0" ] ; then
+               xshok_pretty_echo_and_log "WARNING: no os.conf or os.*.conf found"
+       elif [ "$os_config_number" == "1" ] ; then
+               config_file="$(find "$config_dir" -type f -iname "os.*.conf" | head -n1)"
+               if [ -r "${config_file}" ]; then
+                       config_files+=( "${config_file}" )
+               else
+                       xshok_pretty_echo_and_log "WARNING: ${config_file} is not readable"
+               fi
+       else
+               xshok_pretty_echo_and_log "WARNING: Too many os.*.conf configs found"
+       fi
+fi
+if [ -r "${config_dir}/user.conf" ] ; then
+       config_files+=( "${config_dir}/user.conf" )
+else
+       xshok_pretty_echo_and_log "WARNING: ${config_dir}/user.conf is not readable"
+fi
+
+# Solaris command -v function returns garbage when the program is not found
+# only define the new command -v function if running under Solaris
  if [ "$(uname -s)" == "SunOS" ] ; then
  if [ "$(uname -s)" == "SunOS" ] ; then
-  which () {
+  function which() {
      # Use the switch -p to ignore ksh internal commands
      ksh whence -p "$@"
    }
  fi
  
  # Default Binaries & Commands
      # Use the switch -p to ignore ksh internal commands
      ksh whence -p "$@"
    }
  fi
  
  # Default Binaries & Commands
-uname_bin="$(which uname 2> /dev/null)"
-clamscan_bin="$(which clamscan 2> /dev/null)"
-rsync_bin="$(which rsync 2> /dev/null)"
-# Detect support for wget
-if [ -x /usr/sfw/bin/wget ] ; then
-  wget_bin="/usr/sfw/bin/wget"
+uname_bin="$(command -v uname 2> /dev/null)"
+clamscan_bin="$(command -v clamscan 2> /dev/null)"
+rsync_bin="$(command -v rsync 2> /dev/null)"
+
+# Detect supprot for gnu grep
+if [ -x /usr/gnu/bin/grep ] ; then
+  grep_bin="/usr/gnu/bin/grep"
  else
  else
-  wget_bin="$(which wget 2> /dev/null)"
+  grep_bin="$(command -v grep 2> /dev/null)"
+fi
+# Detect support for tar
+if [ -z "$tar_bin" ]; then
+       tar_bin="$(command -v tar 2> /dev/null)"
  fi
  fi
-if [ -z "$wget_bin" ] ; then
-  curl_bin="$(which curl 2> /dev/null)"
+# Detect support for curl
+if [ -z "$curl_bin" ]; then
+       curl_bin="$(command -v curl 2> /dev/null)"
+fi
+# Detect support for wget
+if [ -z "$wget_bin" ]; then
+       if [ -x /usr/sfw/bin/wget ] ; then
+         wget_bin="/usr/sfw/bin/wget"
+       else
+         wget_bin="$(command -v wget 2> /dev/null)"
+       fi
+fi
+if [ -z "$wget_bin" ] && [ -z "$curl_bin" ]; then
+  curl_bin="$(command -v curl 2> /dev/null)"
    if [ -z "$curl_bin" ] ; then
    if [ -z "$curl_bin" ] ; then
-    xshok_pretty_echo_and_log "ERROR: both wget and curl commands are missing, One of them is required" "="
+    xshok_pretty_echo_and_log "ERROR: both wget and curl commands are missing, One of them is required"
      exit 1
    fi
  fi
  
      exit 1
    fi
  fi
  
-# Detect supprot for gnu grep
-if [ -x /usr/gnu/bin/grep ] ; then
-  grep_bin="/usr/gnu/bin/grep"
-else
-  grep_bin="$(which grep 2> /dev/null)"
+if [ ! -z "$wget_bin" ] ; then
+  # wget compression support
+  if $wget_bin --help | $grep_bin -q "compression=TYPE" ; then
+    wget_compression="--compression=auto"
+  else
+    wget_compression=""
+  fi
  fi
  fi
-
-dig_bin="$(which dig 2> /dev/null)"
+# Detect support for dig or host
+dig_bin="$(command -v dig 2> /dev/null)"
  if [ -z "$dig_bin" ] ; then
  if [ -z "$dig_bin" ] ; then
-  host_bin="$(which host 2> /dev/null)"
+  host_bin="$(command -v host 2> /dev/null)"
    if [ -z "$host_bin" ] ; then
    if [ -z "$host_bin" ] ; then
-    xshok_pretty_echo_and_log "ERROR: both dig and host commands are missing, One of them is required" "="
+    xshok_pretty_echo_and_log "ERROR: both dig and host commands are missing, One of them is required"
      exit 1
    fi
  fi
      exit 1
    fi
  fi
-
-
-
-
  # Detect if terminal
  if [ -t 1 ] ; then
    # Set fonts
  # Detect if terminal
  if [ -t 1 ] ; then
    # Set fonts
@@ -1370,8 +1667,8 @@ fi
  
  # Generic command line options
  while true ; do
  
  # Generic command line options
  while true ; do
-  case "$1" in
-    -c|--config) xshok_check_s2 "$2"; custom_config="$2"; shift 2; break ;;
+  case "${1}" in
+    -c|--config) xshok_check_s2 "${2}"; custom_config="${2}"; shift 2; break ;;
      -F|--force) force_updates="yes"; shift 1; break ;;
      -v|--verbose) force_verbose="yes"; shift 1; break ;;
      -s|--silence) force_verbose="no"; shift 1; break ;;
      -F|--force) force_updates="yes"; shift 1; break ;;
      -v|--verbose) force_verbose="yes"; shift 1; break ;;
      -s|--silence) force_verbose="no"; shift 1; break ;;
@@ -1396,14 +1693,14 @@ fi
  
  xshok_pretty_echo_and_log "" "#" "80"
  xshok_pretty_echo_and_log " eXtremeSHOK.com ClamAV Unofficial Signature Updater"
  
  xshok_pretty_echo_and_log "" "#" "80"
  xshok_pretty_echo_and_log " eXtremeSHOK.com ClamAV Unofficial Signature Updater"
-xshok_pretty_echo_and_log " Version: v$script_version ($script_version_date)"
-xshok_pretty_echo_and_log " Required Configuration Version: v$minimum_required_config_version"
+xshok_pretty_echo_and_log " Version: v${script_version} (${script_version_date})"
+xshok_pretty_echo_and_log " Required Configuration Version: v${minimum_required_config_version}"
  xshok_pretty_echo_and_log " Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com"
  xshok_pretty_echo_and_log "" "#" "80"
  
  # Generic command line options
  while true ; do
  xshok_pretty_echo_and_log " Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com"
  xshok_pretty_echo_and_log "" "#" "80"
  
  # Generic command line options
  while true ; do
-  case "$1" in
+  case "${1}" in
      -h|--help) help_and_usage; exit ;;
      -V|--version) exit ;;
      *) break ;;
      -h|--help) help_and_usage; exit ;;
      -V|--version) exit ;;
      *) break ;;
@@ -1414,8 +1711,25 @@ done
  if [ "$custom_config" != "no" ] ; then
    if [ -d "$custom_config" ] ; then
      # Assign the custom config dir and remove trailing / (removes / and //)
  if [ "$custom_config" != "no" ] ; then
    if [ -d "$custom_config" ] ; then
      # Assign the custom config dir and remove trailing / (removes / and //)
-    shopt -s extglob; custom_config="${custom_config%%+(/)}"
-    config_files=( "$config_dir/master.conf" "$config_dir/os.conf" "$config_dir/user.conf" )
+    shopt -s extglob; config_dir="${custom_config%%+(/)}"
+               config_files=()
+               if [ -r "${config_dir}/master.conf" ] ; then
+                       config_files+=( "${config_dir}/master.conf" )
+               else
+                       xshok_pretty_echo_and_log "WARNING: ${config_dir}/master.conf not found"
+               fi
+               #find the a suitable os.conf or os.*.conf file
+               config_file="$(find "$config_dir" -type f -iname "os.conf" -o -iname "os.*.conf" | tail -n1)"
+               if [ -r "${config_file}" ] ; then
+                       config_files+=( "${config_file}" )
+               else
+                       xshok_pretty_echo_and_log "WARNING: ${config_dir}/os.conf not found"
+               fi
+               if [ -r "${config_dir}/user.conf" ] ; then
+                       config_files+=( "${config_dir}/user.conf" )
+               else
+                       xshok_pretty_echo_and_log "WARNING: ${config_dir}/user.conf not found"
+               fi
    else
      config_files=( "$custom_config" )
    fi
    else
      config_files=( "$custom_config" )
    fi
@@ -1425,9 +1739,7 @@ for config_file in "${config_files[@]}" ; do
    if [ -r "$config_file" ] ; then # Exists and readable
      we_have_a_config="1"
      # Config stripping
    if [ -r "$config_file" ] ; then # Exists and readable
      we_have_a_config="1"
      # Config stripping
-    xshok_pretty_echo_and_log "Loading config: $config_file" "="
-
-
+    xshok_pretty_echo_and_log "Loading config: ${config_file}"
  
      if [ "$(uname -s)" == "SunOS" ] ; then
        # Solaris FIXES only, i had issues with running with a single command..
  
      if [ "$(uname -s)" == "SunOS" ] ; then
        # Solaris FIXES only, i had issues with running with a single command..
@@ -1465,7 +1777,7 @@ for config_file in "${config_files[@]}" ; do
      # Check "" are an even number
      config_check="${clean_config//[^\"]}"
      if [ "$(( ${#config_check} % 2 ))" -eq 1 ] ; then
      # Check "" are an even number
      config_check="${clean_config//[^\"]}"
      if [ "$(( ${#config_check} % 2 ))" -eq 1 ] ; then
-      xshok_pretty_echo_and_log "ERROR: Your configuration has errors, every \" requires a closing \"" "="
+      xshok_pretty_echo_and_log "ERROR: Your configuration has errors, every \" requires a closing \""
        exit 1
      fi
  
        exit 1
      fi
  
@@ -1473,7 +1785,7 @@ for config_file in "${config_files[@]}" ; do
      config_check_vars="$(echo "$clean_config" | $grep_bin -c '=\s*\"' )"
  
      if [ $(( ${#config_check} / 2 )) -ne "$config_check_vars" ] ; then
      config_check_vars="$(echo "$clean_config" | $grep_bin -c '=\s*\"' )"
  
      if [ $(( ${#config_check} / 2 )) -ne "$config_check_vars" ] ; then
-      xshok_pretty_echo_and_log "ERROR: Your configuration has errors, every = requires a pair of \"\"" "="
+      xshok_pretty_echo_and_log "ERROR: Your configuration has errors, every = requires a pair of \"\""
        exit 1
      fi
  
        exit 1
      fi
  
@@ -1497,27 +1809,27 @@ fi
  
  # Make sure we have a readable config file
  if [ "$we_have_a_config" == "0" ] ; then
  
  # Make sure we have a readable config file
  if [ "$we_have_a_config" == "0" ] ; then
-  xshok_pretty_echo_and_log "ERROR: Config file/s could NOT be read/loaded" "="
-  xshok_pretty_echo_and_log "Note: Possible fix would be to checkl the config dir $config_dir exists and contains config files"
+  xshok_pretty_echo_and_log "ERROR: Config file/s could NOT be read/loaded"
+  xshok_pretty_echo_and_log "Note: Possible fix would be to checkl the config dir ${config_dir} exists and contains config files"
    exit 1
  fi
  
  # Prevent some issues with an incomplete or only a user.conf being loaded
  if [ "$config_version" == "0" ] ; then
    exit 1
  fi
  
  # Prevent some issues with an incomplete or only a user.conf being loaded
  if [ "$config_version" == "0" ] ; then
-  xshok_pretty_echo_and_log "ERROR: Config file/s are missing important contents" "="
+  xshok_pretty_echo_and_log "ERROR: Config file/s are missing important contents"
    xshok_pretty_echo_and_log "Note: Possible fix would be to point the script to the dir with the configs"
    exit 1
  fi
  
  # Config version validation
  if [ "$config_version" -lt "$minimum_required_config_version" ] ; then
    xshok_pretty_echo_and_log "Note: Possible fix would be to point the script to the dir with the configs"
    exit 1
  fi
  
  # Config version validation
  if [ "$config_version" -lt "$minimum_required_config_version" ] ; then
-  xshok_pretty_echo_and_log "ERROR: Your config version $config_version is not compatible with the min required version $minimum_required_config_version" "="
+  xshok_pretty_echo_and_log "ERROR: Your config version ${config_version} is not compatible with the min required version ${minimum_required_config_version}"
    exit 1
  fi
  
  # Check to see if the script's "USER CONFIGURATION FILE" has been completed.
  if [ "$user_configuration_complete" != "yes" ] ; then
    exit 1
  fi
  
  # Check to see if the script's "USER CONFIGURATION FILE" has been completed.
  if [ "$user_configuration_complete" != "yes" ] ; then
-  xshok_pretty_echo_and_log "WARNING: SCRIPT CONFIGURATION HAS NOT BEEN COMPLETED" "*"
+  xshok_pretty_echo_and_log "WARNING: SCRIPT CONFIGURATION HAS NOT BEEN COMPLETED"
    xshok_pretty_echo_and_log "Please review the script configuration files"
    xshok_pretty_echo_and_log "and uncomment the following line in user.conf"
    xshok_pretty_echo_and_log "#user_configuration_complete=\"yes\""
    xshok_pretty_echo_and_log "Please review the script configuration files"
    xshok_pretty_echo_and_log "and uncomment the following line in user.conf"
    xshok_pretty_echo_and_log "#user_configuration_complete=\"yes\""
@@ -1529,48 +1841,53 @@ shopt -s extglob; work_dir="${work_dir%%+(/)}"
  
  # Allow overriding of all the individual workdirs, this is mainly to aid package maintainers
  if [ -z "$work_dir_sanesecurity" ] ; then
  
  # Allow overriding of all the individual workdirs, this is mainly to aid package maintainers
  if [ -z "$work_dir_sanesecurity" ] ; then
-  work_dir_sanesecurity="$(echo "$work_dir/$sanesecurity_dir" | sed 's:/*$::')"
+  work_dir_sanesecurity="$(echo "${work_dir}/${sanesecurity_dir}" | sed 's:/*$::')"
  else
    shopt -s extglob; work_dir_sanesecurity="${work_dir_sanesecurity%%+(/)}"
  fi
  if [ -z "$work_dir_securiteinfo" ] ; then
  else
    shopt -s extglob; work_dir_sanesecurity="${work_dir_sanesecurity%%+(/)}"
  fi
  if [ -z "$work_dir_securiteinfo" ] ; then
-  work_dir_securiteinfo="$(echo "$work_dir/$securiteinfo_dir" | sed 's:/*$::')"
+  work_dir_securiteinfo="$(echo "${work_dir}/${securiteinfo_dir}" | sed 's:/*$::')"
  else
    shopt -s extglob; work_dir_securiteinfo="${work_dir_securiteinfo%%+(/)}"
  fi
  if [ -z "$work_dir_linuxmalwaredetect" ] ; then
  else
    shopt -s extglob; work_dir_securiteinfo="${work_dir_securiteinfo%%+(/)}"
  fi
  if [ -z "$work_dir_linuxmalwaredetect" ] ; then
-  work_dir_linuxmalwaredetect="$(echo "$work_dir/$linuxmalwaredetect_dir" | sed 's:/*$::')"
+  work_dir_linuxmalwaredetect="$(echo "${work_dir}/${linuxmalwaredetect_dir}" | sed 's:/*$::')"
  else
    shopt -s extglob; work_dir_malwarepatrol="${work_dir_malwarepatrol%%+(/)}"
  fi
  if [ -z "$work_dir_malwarepatrol" ] ; then
  else
    shopt -s extglob; work_dir_malwarepatrol="${work_dir_malwarepatrol%%+(/)}"
  fi
  if [ -z "$work_dir_malwarepatrol" ] ; then
-  work_dir_malwarepatrol="$(echo "$work_dir/$malwarepatrol_dir" | sed 's:/*$::')"
+  work_dir_malwarepatrol="$(echo "${work_dir}/${malwarepatrol_dir}" | sed 's:/*$::')"
  else
    shopt -s extglob; work_dir_malwarepatrol="${work_dir_malwarepatrol%%+(/)}"
  fi
  else
    shopt -s extglob; work_dir_malwarepatrol="${work_dir_malwarepatrol%%+(/)}"
  fi
+if [ -z "$work_dir_urlhaust" ] ; then
+  work_dir_urlhaus="$(echo "${work_dir}/${urlhaus_dir}" | sed 's:/*$::')"
+else
+  shopt -s extglob; work_dir_urlhaus="${work_dir_urlhaus%%+(/)}"
+fi
  if [ -z "$work_dir_yararulesproject" ] ; then
  if [ -z "$work_dir_yararulesproject" ] ; then
-  work_dir_yararulesproject="$(echo "$work_dir/$yararulesproject_dir" | sed 's:/*$::')"
+  work_dir_yararulesproject="$(echo "${work_dir}/${yararulesproject_dir}" | sed 's:/*$::')"
  else
    shopt -s extglob; work_dir_yararulesproject="${work_dir_yararulesproject%%+(/)}"
  fi
  if [ -z "$work_dir_add" ] ; then
  else
    shopt -s extglob; work_dir_yararulesproject="${work_dir_yararulesproject%%+(/)}"
  fi
  if [ -z "$work_dir_add" ] ; then
-  work_dir_add="$(echo "$work_dir/$add_dir" | sed 's:/*$::')"
+  work_dir_add="$(echo "${work_dir}/${add_dir}" | sed 's:/*$::')"
  else
    shopt -s extglob; work_dir_add="${work_dir_add%%+(/)}"
  fi
  if [ -z "$work_dir_work_configs" ] ; then
  else
    shopt -s extglob; work_dir_add="${work_dir_add%%+(/)}"
  fi
  if [ -z "$work_dir_work_configs" ] ; then
-  work_dir_work_configs="$(echo "$work_dir/$work_dir_configs" | sed 's:/*$::')"
+  work_dir_work_configs="$(echo "${work_dir}/${work_dir_configs}" | sed 's:/*$::')"
  else
    shopt -s extglob; work_dir_work_configs="${work_dir_work_configs%%+(/)}"
  fi
  else
    shopt -s extglob; work_dir_work_configs="${work_dir_work_configs%%+(/)}"
  fi
-if [ -z "$work_dir_gpg" ] ; then
-  work_dir_gpg="$(echo "$work_dir/$gpg_dir" | sed 's:/*$::')"
+if [ -z "${work_dir_gpg}" ] ; then
+  work_dir_gpg="$(echo "${work_dir}/${gpg_dir}" | sed 's:/*$::')"
  else
    shopt -s extglob; work_dir_gpg="${work_dir_gpg%%+(/)}"
  fi
  
  if [ -z "$work_dir_pid" ] ; then
  else
    shopt -s extglob; work_dir_gpg="${work_dir_gpg%%+(/)}"
  fi
  
  if [ -z "$work_dir_pid" ] ; then
-  work_dir_pid="$(echo "$work_dir/$pid_dir" | sed 's:/*$::')"
+  work_dir_pid="$(echo "${work_dir}/${pid_dir}" | sed 's:/*$::')"
  else
    shopt -s extglob; work_dir_pid="${work_dir_pid%%+(/)}"
  fi
  else
    shopt -s extglob; work_dir_pid="${work_dir_pid%%+(/)}"
  fi
@@ -1598,34 +1915,42 @@ if [ -z "$man_filename" ] ; then
    man_filename="clamav-unofficial-sigs.8"
  fi
  if [ -z "$man_log_file_full_path" ] ; then
    man_filename="clamav-unofficial-sigs.8"
  fi
  if [ -z "$man_log_file_full_path" ] ; then
-  man_log_file_full_path="$log_file_path/$log_file_name"
+  man_log_file_full_path="${log_file_path}/${log_file_name}"
  fi
  # dont assign , but remove trailing /
  shopt -s extglob; clam_dbs="${clam_dbs%%+(/)}"
  
  fi
  # dont assign , but remove trailing /
  shopt -s extglob; clam_dbs="${clam_dbs%%+(/)}"
  
+# Force wget over curl.
+if [ ! -z "$wget_bin" ] && [ "$force_wget" == "yes" ] ; then
+               xshok_pretty_echo_and_log "NOTICE: Forcing wget"
+         curl_bin=""
+fi
+
  # SANITY checks
  # Check default Binaries & Commands are defined
  if [ "$reload_dbs" == "yes" ] ; then
    if [ -z "$clamd_reload_opt" ] ; then
  # SANITY checks
  # Check default Binaries & Commands are defined
  if [ "$reload_dbs" == "yes" ] ; then
    if [ -z "$clamd_reload_opt" ] ; then
-    xshok_pretty_echo_and_log "ERROR: Missing clamd_reload_opt" "="
+    xshok_pretty_echo_and_log "ERROR: Missing clamd_reload_opt"
      exit 1
    fi
  fi
  if [ -z "$uname_bin" ] ; then
      exit 1
    fi
  fi
  if [ -z "$uname_bin" ] ; then
-  xshok_pretty_echo_and_log "ERROR: uname (uname_bin) not found" "="
+  xshok_pretty_echo_and_log "ERROR: uname (uname_bin) not found"
    exit 1
  fi
  if [ -z "$clamscan_bin" ] ; then
    exit 1
  fi
  if [ -z "$clamscan_bin" ] ; then
-  xshok_pretty_echo_and_log "ERROR: clamscan binary (clamscan_bin) not found" "="
+       if [ "${1}" != "--remove-script" ] ; then
+       xshok_pretty_echo_and_log "ERROR: clamscan binary (clamscan_bin) not found"
+       fi
    exit 1
  fi
  if [ -z "$rsync_bin" ] ; then
    exit 1
  fi
  if [ -z "$rsync_bin" ] ; then
-  xshok_pretty_echo_and_log "ERROR: rsync binary (rsync_bin) not found" "="
+  xshok_pretty_echo_and_log "ERROR: rsync binary (rsync_bin) not found"
    exit 1
  fi
    exit 1
  fi
-if [ -z "$wget_bin" ] ; then
-  if [ -z "$curl_bin" ] ; then
-    xshok_pretty_echo_and_log "ERROR: wget and curl binaries not found, script requires either wget or curl" "="
+if [ -z "$curl_bin" ] ; then
+  if [ -z "$wget_bin" ] ; then
+    xshok_pretty_echo_and_log "ERROR: wget and curl binaries not found, script requires either wget or curl"
      exit 1
    fi
  fi
      exit 1
    fi
  fi
@@ -1635,10 +1960,10 @@ if [ "$enable_gpg" == "yes" ] ; then
      if [ -x /opt/csw/bin/gpg ] ; then
        gpg_bin="/opt/csw/bin/gpg"
      else
      if [ -x /opt/csw/bin/gpg ] ; then
        gpg_bin="/opt/csw/bin/gpg"
      else
-      gpg_bin="$(which gpg 2> /dev/null)"
+      gpg_bin="$(command -v gpg 2> /dev/null)"
      fi
      if [ -z "$gpg_bin" ] ; then
      fi
      if [ -z "$gpg_bin" ] ; then
-      gpg_bin="$(which gpg2 2> /dev/null)"
+      gpg_bin="$(command -v gpg2 2> /dev/null)"
      fi
    fi
    if [ -z "$gpg_bin" ] ; then
      fi
    fi
    if [ -z "$gpg_bin" ] ; then
@@ -1649,32 +1974,32 @@ if [ "$enable_gpg" == "yes" ] ; then
    fi
  fi
  if [ "$enable_gpg" != "yes" ] ; then
    fi
  fi
  if [ "$enable_gpg" != "yes" ] ; then
-  xshok_pretty_echo_and_log "Notice: GnuPG / signature verification disabled" "-"
+  xshok_pretty_echo_and_log "NOTICE: GnuPG / signature verification disabled"
  fi
  # Check default directories are defined
  if [ -z "$work_dir" ] ; then
  fi
  # Check default directories are defined
  if [ -z "$work_dir" ] ; then
-  xshok_pretty_echo_and_log "ERROR: working directory (work_dir) not defined" "="
+  xshok_pretty_echo_and_log "ERROR: working directory (work_dir) not defined"
    exit 1
  fi
  if [ -z "$clam_dbs" ] ; then
    exit 1
  fi
  if [ -z "$clam_dbs" ] ; then
-  xshok_pretty_echo_and_log "ERROR: clam database directory (clam_dbs) not defined" "="
+  xshok_pretty_echo_and_log "ERROR: clam database directory (clam_dbs) not defined"
    exit 1
  fi
  # Check default directories are writable
  if [ -e "$work_dir" ] ; then
    if [ ! -w "$work_dir" ] ; then
    exit 1
  fi
  # Check default directories are writable
  if [ -e "$work_dir" ] ; then
    if [ ! -w "$work_dir" ] ; then
-    xshok_pretty_echo_and_log "ERROR: working directory (work_dir) not writable $work_dir" "="
+    xshok_pretty_echo_and_log "ERROR: working directory (work_dir) not writable ${work_dir}"
      exit 1
    fi
  fi
  if [ ! -w "$clam_dbs" ] ; then
      exit 1
    fi
  fi
  if [ ! -w "$clam_dbs" ] ; then
-  xshok_pretty_echo_and_log "ERROR: clam database directory (clam_dbs) not writable $clam_dbs" "="
+  xshok_pretty_echo_and_log "ERROR: clam database directory (clam_dbs) not writable ${clam_dbs}"
    exit 1
  fi
  
  # Reset the update timers to force a full update.
  if [ "$force_updates" == "yes" ] ; then
    exit 1
  fi
  
  # Reset the update timers to force a full update.
  if [ "$force_updates" == "yes" ] ; then
-  xshok_pretty_echo_and_log "Force Updates: enabled"
+  xshok_pretty_echo_and_log "NOTICE: forcing updates"
    sanesecurity_update_hours="0"
    securiteinfo_update_hours="0"
    linuxmalwaredetect_update_hours="0"
    sanesecurity_update_hours="0"
    securiteinfo_update_hours="0"
    linuxmalwaredetect_update_hours="0"
@@ -1690,9 +2015,8 @@ if [ "$enable_locking" == "yes" ] ; then
    pid_file_fullpath="$work_dir_pid/clamav-unofficial-sigs.pid"
    if [ -f "$pid_file_fullpath" ] ; then
      pid_file_pid="$(cat "$pid_file_fullpath")"
    pid_file_fullpath="$work_dir_pid/clamav-unofficial-sigs.pid"
    if [ -f "$pid_file_fullpath" ] ; then
      pid_file_pid="$(cat "$pid_file_fullpath")"
-    ps -p "$pid_file_pid" > /dev/null 2>&1
-    if [ $? -eq 0 ] ; then
-      xshok_pretty_echo_and_log "ERROR: Only one instance can run at the same time." "="
+    if ps -p "$pid_file_pid" > /dev/null 2>&1 ; then
+      xshok_pretty_echo_and_log "ERROR: Only one instance can run at the same time."
        exit 1
      else
        xshok_create_pid_file "$pid_file_fullpath"
        exit 1
      else
        xshok_create_pid_file "$pid_file_fullpath"
@@ -1705,18 +2029,11 @@ if [ "$enable_locking" == "yes" ] ; then
  fi
  
  # Verify the clam_user and clam_group actually exists on the system
  fi
  
  # Verify the clam_user and clam_group actually exists on the system
-if ! xshok_user_group_exists "$clam_user" "$clam_group" ; then
-  xshok_pretty_echo_and_log "ERROR: Either the user: $clam_user and/or group: $clam_group does not exist on the system." "="
+if ! xshok_user_group_exists "${clam_user}" "${clam_group}" ; then
+  xshok_pretty_echo_and_log "ERROR: Either the user: ${clam_user} and/or group: ${clam_group} does not exist on the system."
    exit 1
  fi
  
    exit 1
  fi
  
-# Silence rsync output and only report errors - useful if script is run via cron.
-if [ "$rsync_silence" == "yes" ] ; then
-  rsync_output_level="--quiet"
-else
-  rsync_output_level="--progress"
-fi
-
  # If the local rsync client supports the "--no-motd" flag, then enable it.
  if $rsync_bin --help | $grep_bin -q "no-motd" > /dev/null ; then
    no_motd="--no-motd"
  # If the local rsync client supports the "--no-motd" flag, then enable it.
  if $rsync_bin --help | $grep_bin -q "no-motd" > /dev/null ; then
    no_motd="--no-motd"
@@ -1724,18 +2041,57 @@ fi
  
  # If the local rsync client supports the "--contimeout" flag, then enable it.
  if $rsync_bin --help | $grep_bin -q "contimeout" > /dev/null ; then
  
  # If the local rsync client supports the "--contimeout" flag, then enable it.
  if $rsync_bin --help | $grep_bin -q "contimeout" > /dev/null ; then
-  connect_timeout="--contimeout=$rsync_connect_timeout"
+  connect_timeout="--contimeout=${rsync_connect_timeout}"
+fi
+
+if [ "$debug" == "yes" ] ; then
+        downloader_debug="yes"
+        clamscan_debug="yes"
+        curl_debug="yes"
+        wget_debug="yes"
+        rsync_debug="yes"
+fi
+# Show clamscan errors
+if [ "$clamscan_debug" == "yes" ] ; then
+       exec 10>&2
+else
+       exec 10>/dev/null
+fi
+# Show curl errors
+if [ "$curl_debug" == "yes" ] ; then
+       exec 11>&2
+else
+       exec 11>/dev/null
+fi
+# Show wget errors
+if [ "$wget_debug" == "yes" ] ; then
+       exec 12>&2
+else
+       exec 12>/dev/null
+fi
+# Show rsync errors
+if [ "$rsync_debug" == "yes" ] ; then
+       exec 13>&2
+else
+       exec 13>/dev/null
  fi
  
  # Silence wget output and only report errors - useful if script is run via cron.
  fi
  
  # Silence wget output and only report errors - useful if script is run via cron.
-if [ "$downloader_silence" == "yes" ] ; then
-  wget_output_level="--quiet" #--quiet
+if [ "$downloader_silence" == "yes" ] && [ "$downloader_debug" != "yes" ]  ; then
+  wget_output_level="--quiet"
    curl_output_level="--silent --show-error"
  else
    wget_output_level="--no-verbose"
    curl_output_level=""
  fi
  
    curl_output_level="--silent --show-error"
  else
    wget_output_level="--no-verbose"
    curl_output_level=""
  fi
  
+# Silence rsync output and only report errors - useful if script is run via cron.
+if [ "$rsync_silence" == "yes" ] && [ "$rsync_debug" != "yes" ] ; then
+  rsync_output_level="--quiet"
+else
+  rsync_output_level="--progress"
+fi
+
  # Suppress ssl warnings
  if [ "$downloader_ignore_ssl" == "yes" ] ; then
    wget_insecure="--no-check-certificate"
  # Suppress ssl warnings
  if [ "$downloader_ignore_ssl" == "yes" ] ; then
    wget_insecure="--no-check-certificate"
@@ -1745,40 +2101,35 @@ else
    curl_insecure=""
  fi
  
    curl_insecure=""
  fi
  
-# This scripts name and path
-this_script_name="$(basename "$0")"
-this_script_path="$( cd "$(dirname "$0")" || exit ; pwd -P )"
-this_script_full_path="$this_script_path/$this_script_name"
-
  # Set the script to 755 permissions
  if xshok_is_root ; then
    if [ "$setmode" == "yes" ] ; then
  # Set the script to 755 permissions
  if xshok_is_root ; then
    if [ "$setmode" == "yes" ] ; then
-    if [ ! -x "$this_script_path/$this_script_name" ] ; then
-      chmod 755 "$this_script_path/$this_script_name"
-      xshok_pretty_echo_and_log "Fixing permission on $this_script_path/$this_script_name" "="
+    if [ ! -x "${this_script_path}/${this_script_name}" ] ; then
+      chmod 755 "${this_script_path}/${this_script_name}"
+      xshok_pretty_echo_and_log "Fixing permission on ${this_script_path}/${this_script_name}" "="
      fi
    fi
  else
    # Disable setmode
    setmode="no"
  fi
      fi
    fi
  else
    # Disable setmode
    setmode="no"
  fi
-
  ################################################################################
  # MAIN LOGIC
  ################################################################################
  
  while true; do
  ################################################################################
  # MAIN LOGIC
  ################################################################################
  
  while true; do
-  case "$1" in
+  case "${1}" in
      -d|--decode-sig) decode_third_party_signature_by_signature_name; exit ;;
      -e|--encode-string) hexadecimal_encode_entire_input_string; exit ;;
      -f|--encode-formatted) hexadecimal_encode_formatted_input_string; exit ;;
      -d|--decode-sig) decode_third_party_signature_by_signature_name; exit ;;
      -e|--encode-string) hexadecimal_encode_entire_input_string; exit ;;
      -f|--encode-formatted) hexadecimal_encode_formatted_input_string; exit ;;
-    -g|--gpg-verify) xshok_check_s2 "$2"; gpg_verify_specific_sanesecurity_database_file "$2"; exit ;;
+    -g|--gpg-verify) xshok_check_s2 "${2}"; gpg_verify_specific_sanesecurity_database_file "${2}"; exit ;;
      -i|--information) output_system_configuration_information; exit ;;
      -m|--make-database) make_signature_database_from_ascii_file; exit ;;
      -i|--information) output_system_configuration_information; exit ;;
      -m|--make-database) make_signature_database_from_ascii_file; exit ;;
-    -t|--test-database) xshok_check_s2 "$2"; clamscan_integrity_test_specific_database_file "$2"; exit ;;
+    -t|--test-database) xshok_check_s2 "${2}"; clamscan_integrity_test_specific_database_file "${2}"; exit ;;
      -o|--output-triggered) output_signatures_triggered_during_ham_directory_scan; exit ;;
      -o|--output-triggered) output_signatures_triggered_during_ham_directory_scan; exit ;;
-    -w|--whitelist) add_signature_whitelist_entry; exit ;;
+    -w|--whitelist) add_signature_whitelist_entry "${2}"; exit ;;
      --check-clamav) check_clamav; exit ;;
      --check-clamav) check_clamav; exit ;;
+    --upgrade) xshok_upgrade; exit ;;
      --install-all) install_cron; install_logrotate; install_man; exit ;;
      --install-cron) install_cron; exit ;;
      --install-logrotate) install_logrotate; exit ;;
      --install-all) install_cron; install_logrotate; install_man; exit ;;
      --install-cron) install_cron; exit ;;
      --install-logrotate) install_logrotate; exit ;;
@@ -1795,10 +2146,10 @@ if [ "$enable_yararules" == "yes" ] ; then
    current_clamav_version="$($clamscan_bin -V | cut -d " " -f 2 | cut -d "/" -f 1 | awk -F "." '{ printf("%d%03d%03d%03d\n", $1,$2,$3,$4); }')"
    minimum_yara_clamav_version="$(echo "$minimum_yara_clamav_version" | awk -F "." '{ printf("%d%03d%03d%03d\n", $1,$2,$3,$4); }')"
    # Check current clamav version against the minimum required version for yara support
    current_clamav_version="$($clamscan_bin -V | cut -d " " -f 2 | cut -d "/" -f 1 | awk -F "." '{ printf("%d%03d%03d%03d\n", $1,$2,$3,$4); }')"
    minimum_yara_clamav_version="$(echo "$minimum_yara_clamav_version" | awk -F "." '{ printf("%d%03d%03d%03d\n", $1,$2,$3,$4); }')"
    # Check current clamav version against the minimum required version for yara support
-  if [ "$current_clamav_version" -le "$minimum_yara_clamav_version" ] ; then # Older
+  if [ "$current_clamav_version" -lt "$minimum_yara_clamav_version" ] ; then # Older
      yararulesproject_enabled="no"
      enable_yararules="no"
      yararulesproject_enabled="no"
      enable_yararules="no"
-    xshok_pretty_echo_and_log "Notice: Yararules Disabled due to clamav being older than the minimum required version"
+    xshok_pretty_echo_and_log "Yararules Disabled due to clamav being older than the minimum required version"
    fi
  else
    yararulesproject_enabled="no"
    fi
  else
    yararulesproject_enabled="no"
@@ -1814,7 +2165,8 @@ if [ "$sanesecurity_enabled" == "yes" ] ; then
        temp_db="$(xshok_database "$default_dbs_rating" "${sanesecurity_dbs[@]}")"
      fi
      sanesecurity_dbs=( )
        temp_db="$(xshok_database "$default_dbs_rating" "${sanesecurity_dbs[@]}")"
      fi
      sanesecurity_dbs=( )
-    sanesecurity_dbs=( $temp_db )
+    #sanesecurity_dbs=( $temp_db )
+    read -r -a sanesecurity_dbs <<< "$temp_db"
    fi
  fi
  if [ "$securiteinfo_enabled" == "yes" ] ; then
    fi
  fi
  if [ "$securiteinfo_enabled" == "yes" ] ; then
@@ -1825,7 +2177,8 @@ if [ "$securiteinfo_enabled" == "yes" ] ; then
        temp_db="$(xshok_database "$default_dbs_rating" "${securiteinfo_dbs[@]}")"
      fi
      securiteinfo_dbs=( )
        temp_db="$(xshok_database "$default_dbs_rating" "${securiteinfo_dbs[@]}")"
      fi
      securiteinfo_dbs=( )
-    securiteinfo_dbs=( $temp_db )
+    #securiteinfo_dbs=( $temp_db )
+    read -r -a securiteinfo_dbs <<< "$temp_db"
    fi
  fi
  if [ "$linuxmalwaredetect_enabled" == "yes" ] ; then
    fi
  fi
  if [ "$linuxmalwaredetect_enabled" == "yes" ] ; then
@@ -1836,7 +2189,8 @@ if [ "$linuxmalwaredetect_enabled" == "yes" ] ; then
        temp_db="$(xshok_database "$default_dbs_rating" "${linuxmalwaredetect_dbs[@]}")"
      fi
      linuxmalwaredetect_dbs=( )
        temp_db="$(xshok_database "$default_dbs_rating" "${linuxmalwaredetect_dbs[@]}")"
      fi
      linuxmalwaredetect_dbs=( )
-    linuxmalwaredetect_dbs=( $temp_db )
+    #linuxmalwaredetect_dbs=( $temp_db )
+    read -r -a linuxmalwaredetect_dbs <<< "$temp_db"
    fi
  fi
  if [ "$yararulesproject_enabled" == "yes" ] ; then
    fi
  fi
  if [ "$yararulesproject_enabled" == "yes" ] ; then
@@ -1847,11 +2201,27 @@ if [ "$yararulesproject_enabled" == "yes" ] ; then
        temp_db="$(xshok_database "$default_dbs_rating" "${yararulesproject_dbs[@]}")"
      fi
      yararulesproject_dbs=( )
        temp_db="$(xshok_database "$default_dbs_rating" "${yararulesproject_dbs[@]}")"
      fi
      yararulesproject_dbs=( )
-    yararulesproject_dbs=( $temp_db )
+    #yararulesproject_dbs=( $temp_db )
+    read -r -a yararulesproject_dbs <<< "$temp_db"
+  fi
+fi
+if [ "$urlhaus_enabled" == "yes" ] ; then
+  if [ -n "$urlhaus_dbs" ] ; then
+    if [ -n "$urlhaus_dbs_rating" ] ; then
+      temp_db="$(xshok_database "$urlhaus_dbs_rating" "${urlhaus_dbs[@]}")"
+    else
+      temp_db="$(xshok_database "$default_dbs_rating" "${urlhaus_dbs[@]}")"
+    fi
+    urlhaus_dbs=( )
+    #urlhaus_dbs=( $temp_db )
+    read -r -a urlhaus_dbs <<< "$temp_db"
    fi
  fi
    fi
  fi
-
  # Set the variables for MalwarePatrol
  # Set the variables for MalwarePatrol
+if [ "$malwarepatrol_product_code" != "8" ] ; then
+       # assumption, free product code is always 8 (non-free product code is never 8)
+       malwarepatrol_free="no"
+fi
  if [ "$malwarepatrol_free" == "yes" ] ; then
    malwarepatrol_product_code="8"
    malwarepatrol_list="clamav_basic"
  if [ "$malwarepatrol_free" == "yes" ] ; then
    malwarepatrol_product_code="8"
    malwarepatrol_list="clamav_basic"
@@ -1864,43 +2234,46 @@ else
      malwarepatrol_product_code=8
    fi
  fi
      malwarepatrol_product_code=8
    fi
  fi
+
  if [ $malwarepatrol_list == "clamav_basic" ] ; then
    malwarepatrol_db="malwarepatrol.db"
  else
    malwarepatrol_db="malwarepatrol.ndb"
  fi
  if [ $malwarepatrol_list == "clamav_basic" ] ; then
    malwarepatrol_db="malwarepatrol.db"
  else
    malwarepatrol_db="malwarepatrol.ndb"
  fi
-malwarepatrol_url="$malwarepatrol_url?product=$malwarepatrol_product_code&list=$malwarepatrol_list"
+malwarepatrol_url="${malwarepatrol_url}?receipt=${malwarepatrol_receipt_code}&product=${malwarepatrol_product_code}&list=${malwarepatrol_list}"
  
  # If "ham_dir" variable is set, then create initial whitelist files (skipped if first-time script run).
  test_dir="$work_dir/test"
  if [ -n "$ham_dir" ] && [ -d "$work_dir" ] && [ ! -d "$test_dir" ] ; then
    if [ -d "$ham_dir" ] ; then
      xshok_mkdir_ownership "$test_dir"
  
  # If "ham_dir" variable is set, then create initial whitelist files (skipped if first-time script run).
  test_dir="$work_dir/test"
  if [ -n "$ham_dir" ] && [ -d "$work_dir" ] && [ ! -d "$test_dir" ] ; then
    if [ -d "$ham_dir" ] ; then
      xshok_mkdir_ownership "$test_dir"
-    cp -f "$work_dir"/*/*.ndb "$test_dir"
-    $clamscan_bin --infected --no-summary -d "$test_dir" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' >> "$work_dir_work_configs/whitelist.txt"
-    $grep_bin -h -f "$work_dir_work_configs/whitelist.txt" "$test_dir"/* | cut -d "*" -f 2 | sort | uniq > "$work_dir_work_configs/whitelist.hex"
+    cp -f -p "$work_dir"/*/*.ndb "$test_dir"
+    cp -f -p "$work_dir"/*/*.db "$test_dir"
+    $clamscan_bin --infected --no-summary -d "$test_dir" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' >> "${work_dir_work_configs}/whitelist.txt"
+    $grep_bin -h -f "${work_dir_work_configs}/whitelist.txt" "${test_dir}/*.ndb" | cut -d "*" -f 2 | sort | uniq > "${work_dir_work_configs}/whitelist.hex"
+    $grep_bin -h -f "${work_dir_work_configs}/whitelist.txt" "${test_dir}/*.db" | cut -d "=" -f 2 | awk '{ printf("=%s\n", $1);}' | sort | uniq >> "${work_dir_work_configs}/whitelist.hex"
      cd "$test_dir" || exit
      for db_file in * ; do
      cd "$test_dir" || exit
      for db_file in * ; do
-      [[ -e $db_file ]] || break # Handle the case of no files
-      $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$db_file" > "$db_file-tmp"
+      [[ -e ${db_file} ]] || break # Handle the case of no files
+      $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "$db_file" > "$db_file-tmp"
        mv -f "$db_file-tmp" "$db_file"
        mv -f "$db_file-tmp" "$db_file"
-      if $clamscan_bin --quiet -d "$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null ; then
+      if $clamscan_bin --quiet -d "$db_file" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
          if $rsync_bin -pcqt "$db_file" "$clam_dbs" ; then
          if $rsync_bin -pcqt "$db_file" "$clam_dbs" ; then
-          perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
+          perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
            if [ "$selinux_fixes" == "yes" ] ; then
            if [ "$selinux_fixes" == "yes" ] ; then
-            restorecon "$clam_dbs/$db_file"
+            restorecon "${clam_dbs}/${db_file}"
            fi
            do_clamd_reload=1
          fi
        fi
      done
            fi
            do_clamd_reload=1
          fi
        fi
      done
-    if [ -r "$work_dir_work_configs/whitelist.hex" ] ; then
-      xshok_pretty_echo_and_log "Initial HAM directory scan whitelist file created in $work_dir_work_configs"
+    if [ -r "${work_dir_work_configs}/whitelist.hex" ] ; then
+      xshok_pretty_echo_and_log "Initial HAM directory scan whitelist file created in ${work_dir_work_configs}"
      else
        xshok_pretty_echo_and_log "No false-positives detected in initial HAM directory scan"
      fi
    else
      else
        xshok_pretty_echo_and_log "No false-positives detected in initial HAM directory scan"
      fi
    else
-    xshok_pretty_echo_and_log "WARNING: Cannot locate HAM directory: $ham_dir"
+    xshok_pretty_echo_and_log "WARNING: Cannot locate HAM directory: ${ham_dir}"
      xshok_pretty_echo_and_log "Skipping initial whitelist file creation. Fix 'ham_dir' path in config file"
    fi
  fi
      xshok_pretty_echo_and_log "Skipping initial whitelist file creation. Fix 'ham_dir' path in config file"
    fi
  fi
@@ -1913,41 +2286,40 @@ xshok_mkdir_ownership "$work_dir_linuxmalwaredetect"
  xshok_mkdir_ownership "$work_dir_sanesecurity"
  xshok_mkdir_ownership "$work_dir_yararulesproject"
  xshok_mkdir_ownership "$work_dir_work_configs"
  xshok_mkdir_ownership "$work_dir_sanesecurity"
  xshok_mkdir_ownership "$work_dir_yararulesproject"
  xshok_mkdir_ownership "$work_dir_work_configs"
-xshok_mkdir_ownership "$work_dir_gpg"
+xshok_mkdir_ownership "${work_dir_gpg}"
  xshok_mkdir_ownership "$work_dir_add"
  
  # Set secured access permissions to the GPG directory
  xshok_mkdir_ownership "$work_dir_add"
  
  # Set secured access permissions to the GPG directory
-perms chmod -f 0700 "$work_dir_gpg"
+perms chmod -f 0700 "${work_dir_gpg}"
  
  if [ "$enable_gpg" == "yes" ] ; then
    # If we haven't done so yet, download Sanesecurity public GPG key and import to custom keyring.
  
  if [ "$enable_gpg" == "yes" ] ; then
    # If we haven't done so yet, download Sanesecurity public GPG key and import to custom keyring.
-  if [ ! -s "$work_dir_gpg/publickey.gpg" ] ; then
-    xshok_file_download "$work_dir_gpg/publickey.gpg" "$sanesecurity_gpg_url"
+  if [ ! -s "${work_dir_gpg}/publickey.gpg" ] ; then
+    xshok_file_download "${work_dir_gpg}/publickey.gpg" "$sanesecurity_gpg_url"
      ret="$?"
      if [ "$ret" -ne 0 ] ; then
      ret="$?"
      if [ "$ret" -ne 0 ] ; then
-      xshok_pretty_echo_and_log "ALERT: Could not download Sanesecurity public GPG key" "*"
+      xshok_pretty_echo_and_log "ALERT: Could not download Sanesecurity public GPG key"
        exit 1
      else
        xshok_pretty_echo_and_log "Sanesecurity public GPG key successfully downloaded"
        exit 1
      else
        xshok_pretty_echo_and_log "Sanesecurity public GPG key successfully downloaded"
-      rm -f -- "$work_dir_gpg/ss-keyring.gp*"
-      if ! $gpg_bin -q --no-options --no-default-keyring --homedir "$work_dir_gpg" --keyring "$work_dir_gpg/ss-keyring.gpg" --import "$work_dir_gpg/publickey.gpg" 2>/dev/null ; then
-        xshok_pretty_echo_and_log "ALERT: could not import Sanesecurity public GPG key to custom keyring" "*"
+      rm -f -- "${work_dir_gpg}/ss-keyring.gp*"
+      if ! $gpg_bin -q --no-options --no-default-keyring --homedir "${work_dir_gpg}" --keyring "${work_dir_gpg}/ss-keyring.gpg" --import "${work_dir_gpg}/publickey.gpg" 2>/dev/null ; then
+        xshok_pretty_echo_and_log "ALERT: could not import Sanesecurity public GPG key to custom keyring"
          exit 1
        else
          exit 1
        else
-        chmod -f 0644 "$work_dir_gpg/*.*"
+        chmod -f 0644 "${work_dir_gpg}/*.*"
          xshok_pretty_echo_and_log "Sanesecurity public GPG key successfully imported to custom keyring"
        fi
      fi
    fi
          xshok_pretty_echo_and_log "Sanesecurity public GPG key successfully imported to custom keyring"
        fi
      fi
    fi
-
    # If custom keyring is missing, try to re-import Sanesecurity public GPG key.
    # If custom keyring is missing, try to re-import Sanesecurity public GPG key.
-  if [ ! -s "$work_dir_gpg/ss-keyring.gpg" ] ; then
-    rm -f -- "$work_dir_gpg/ss-keyring.gp*"
-    if ! $gpg_bin -q --no-options --no-default-keyring --homedir "$work_dir_gpg" --keyring "$work_dir_gpg/ss-keyring.gpg" --import "$work_dir_gpg/publickey.gpg" 2>/dev/null ; then
-      xshok_pretty_echo_and_log "ALERT: Custom keyring MISSING or CORRUPT!  Could not import Sanesecurity public GPG key to custom keyring" "*"
+  if [ ! -s "${work_dir_gpg}/ss-keyring.gpg" ] ; then
+    rm -f -- "${work_dir_gpg}/ss-keyring.gp*"
+    if ! $gpg_bin -q --no-options --no-default-keyring --homedir "${work_dir_gpg}" --keyring "${work_dir_gpg}/ss-keyring.gpg" --import "${work_dir_gpg}/publickey.gpg" 2>/dev/null ; then
+      xshok_pretty_echo_and_log "ALERT: Custom keyring MISSING or CORRUPT!  Could not import Sanesecurity public GPG key to custom keyring"
        exit 1
      else
        exit 1
      else
-      chmod -f 0644 "$work_dir_gpg/*.*"
+      chmod -f 0644 "${work_dir_gpg}/*.*"
        xshok_pretty_echo_and_log "Sanesecurity custom keyring MISSING!  GPG key successfully re-imported to custom keyring"
      fi
    fi
        xshok_pretty_echo_and_log "Sanesecurity custom keyring MISSING!  GPG key successfully re-imported to custom keyring"
      fi
    fi
@@ -1972,8 +2344,12 @@ if [ "$enable_random" == "yes" ] ; then
  fi
  
  # Create "scan-test.txt" file for clamscan database integrity testing.
  fi
  
  # Create "scan-test.txt" file for clamscan database integrity testing.
-if [ ! -s "$work_dir_work_configs/scan-test.txt" ] ; then
-  echo "This is the clamscan test file..." > "$work_dir_work_configs/scan-test.txt"
+if [ ! -s "${work_dir_work_configs}/scan-test.txt" ] ; then
+  echo "This is the clamscan test file..." > "${work_dir_work_configs}/scan-test.txt"
+fi
+
+if [ -z "$git_branch" ] ; then
+       git_branch="master"
  fi
  
  # If rsync proxy is defined in the config file, then export it for use.
  fi
  
  # If rsync proxy is defined in the config file, then export it for use.
@@ -1984,20 +2360,20 @@ fi
  
  # Create $current_dbsfiles containing lists of current and previously active 3rd-party databases
  # so that databases and/or backup files that are no longer being used can be removed.
  
  # Create $current_dbsfiles containing lists of current and previously active 3rd-party databases
  # so that databases and/or backup files that are no longer being used can be removed.
-current_tmp="$work_dir_work_configs/current-dbs.tmp"
+current_tmp="${work_dir_work_configs}/current-dbs.tmp"
  
  
-current_dbs_file="$work_dir_work_configs/current-dbs.txt"
+current_dbs_file="${work_dir_work_configs}/current-dbs.txt"
  
  if [ "$sanesecurity_enabled" == "yes" ] ; then
  
  if [ "$sanesecurity_enabled" == "yes" ] ; then
-  # Create the Sanesecurity rsync "include" file (defines which files to download).
-  sanesecurity_include_dbs="$work_dir_work_configs/ss-include-dbs.txt"
+  # Create the Sanesecurity rsync "include" file (defines command -v files to download).
+  sanesecurity_include_dbs="${work_dir_work_configs}/ss-include-dbs.txt"
    if [ -n "${sanesecurity_dbs[0]}" ] ; then
    if [ -n "${sanesecurity_dbs[0]}" ] ; then
-    rm -f -- "$sanesecurity_include_dbs" "$work_dir_sanesecurity/*.sha256"
+    rm -f -- "${sanesecurity_include_dbs}" "${work_dir_sanesecurity}/*.sha256"
      for db_file in "${sanesecurity_dbs[@]}" ; do
      for db_file in "${sanesecurity_dbs[@]}" ; do
-      echo "$db_file" >> "$sanesecurity_include_dbs"
-      echo "$db_file.sig" >> "$sanesecurity_include_dbs"
-      echo "$work_dir_sanesecurity/$db_file" >> "$current_tmp"
-      echo "$work_dir_sanesecurity/$db_file.sig" >> "$current_tmp"
+      echo "$db_file" >> "${sanesecurity_include_dbs}"
+      echo "${db_file}.sig" >> "${sanesecurity_include_dbs}"
+      echo "${work_dir_sanesecurity}/${db_file}" >> "${current_tmp}"
+      echo "${work_dir_sanesecurity}/${db_file}.sig" >> "${current_tmp}"
        clamav_files
      done
    fi
        clamav_files
      done
    fi
@@ -2005,7 +2381,7 @@ fi
  if [ "$securiteinfo_enabled" == "yes" ] ; then
    if [ -n "${securiteinfo_dbs[0]}" ] ; then
      for db in "${securiteinfo_dbs[@]}" ; do
  if [ "$securiteinfo_enabled" == "yes" ] ; then
    if [ -n "${securiteinfo_dbs[0]}" ] ; then
      for db in "${securiteinfo_dbs[@]}" ; do
-      echo "$work_dir_securiteinfo/$db" >> "$current_tmp"
+      echo "${work_dir_securiteinfo}/${db}" >> "${current_tmp}"
        clamav_files
      done
    fi
        clamav_files
      done
    fi
@@ -2013,24 +2389,24 @@ fi
  if [ "$linuxmalwaredetect_enabled" == "yes" ] ; then
    if [ -n "${linuxmalwaredetect_dbs[0]}" ] ; then
      for db in "${linuxmalwaredetect_dbs[@]}" ; do
  if [ "$linuxmalwaredetect_enabled" == "yes" ] ; then
    if [ -n "${linuxmalwaredetect_dbs[0]}" ] ; then
      for db in "${linuxmalwaredetect_dbs[@]}" ; do
-      echo "$work_dir_linuxmalwaredetect/$db" >> "$current_tmp"
+      echo "${work_dir_linuxmalwaredetect}/${db}" >> "${current_tmp}"
        clamav_files
      done
    fi
  fi
  if [ "$malwarepatrol_enabled" == "yes" ] ; then
    if [ -n "$malwarepatrol_db" ] ; then
        clamav_files
      done
    fi
  fi
  if [ "$malwarepatrol_enabled" == "yes" ] ; then
    if [ -n "$malwarepatrol_db" ] ; then
-    echo "$work_dir_malwarepatrol/$malwarepatrol_db" >> "$current_tmp"
+    echo "${work_dir_malwarepatrol}/${malwarepatrol_db}" >> "${current_tmp}"
      clamav_files
    fi
  fi
  if [ "$yararulesproject_enabled" == "yes" ] ; then
    if [ -n "${yararulesproject_dbs[0]}" ] ; then
      for db in "${yararulesproject_dbs[@]}" ; do
      clamav_files
    fi
  fi
  if [ "$yararulesproject_enabled" == "yes" ] ; then
    if [ -n "${yararulesproject_dbs[0]}" ] ; then
      for db in "${yararulesproject_dbs[@]}" ; do
-      if echo "$db" | $grep_bin -q "/"; then
+      if echo "$db" | $grep_bin -q "/" ; then
          db="$(echo "$db" | cut -d "/" -f 2)"
        fi
          db="$(echo "$db" | cut -d "/" -f 2)"
        fi
-      echo "$work_dir_yararulesproject/$db" >> "$current_tmp"
+      echo "${work_dir_yararulesproject}/${db}" >> "${current_tmp}"
        clamav_files
      done
    fi
        clamav_files
      done
    fi
@@ -2038,24 +2414,24 @@ fi
  if [ "$additional_enabled" == "yes" ] ; then
    if [ -n "$additional_dbs" ] ; then
      for db in "${additional_dbs[@]}" ; do
  if [ "$additional_enabled" == "yes" ] ; then
    if [ -n "$additional_dbs" ] ; then
      for db in "${additional_dbs[@]}" ; do
-      echo "$work_dir_add/$db" >> "$current_tmp"
+      echo "${work_dir_add}/${db}" >> "${current_tmp}"
        clamav_files
      done
    fi
  fi
        clamav_files
      done
    fi
  fi
-sort "$current_tmp" > "$current_dbs_file" 2>/dev/null
-rm -f "$current_tmp"
+sort "${current_tmp}" > "$current_dbs_file" 2>/dev/null
+rm -f "${current_tmp}"
  
  # Remove 3rd-party databases and/or backup files that are no longer being used.
  if [ "$remove_disabled_databases" == "yes" ] ; then
  
  # Remove 3rd-party databases and/or backup files that are no longer being used.
  if [ "$remove_disabled_databases" == "yes" ] ; then
-  previous_dbs="$work_dir_work_configs/previous-dbs.txt"
+  previous_dbs="${work_dir_work_configs}/previous-dbs.txt"
    sort "$current_dbs_file" > "$previous_dbs" 2>/dev/null
    # Do not remove the current_dbs_file
    #rm -f "$current_dbs_file"
  
    sort "$current_dbs_file" > "$previous_dbs" 2>/dev/null
    # Do not remove the current_dbs_file
    #rm -f "$current_dbs_file"
  
-  db_changes="$work_dir_work_configs/db-changes.txt"
+  db_changes="${work_dir_work_configs}/db-changes.txt"
    if [ ! -s "$previous_dbs" ] ; then
    if [ ! -s "$previous_dbs" ] ; then
-    cp -f "$current_dbs_file" "$previous_dbs" 2>/dev/null
+    cp -f -p "$current_dbs_file" "$previous_dbs" 2>/dev/null
    fi
    diff "$current_dbs_file" "$previous_dbs" 2>/dev/null | $grep_bin ">" | awk '{print $2}' > "$db_changes"
    if [ -r "$db_changes" ] ; then
    fi
    diff "$current_dbs_file" "$previous_dbs" 2>/dev/null | $grep_bin ">" | awk '{print $2}' > "$db_changes"
    if [ -r "$db_changes" ] ; then
@@ -2064,33 +2440,33 @@ if [ "$remove_disabled_databases" == "yes" ] ; then
      fi
      while read -r file ; do
        rm -f -- "$file"
      fi
      while read -r file ; do
        rm -f -- "$file"
-      xshok_pretty_echo_and_log "Unused/Disabled file removed: $file"
+      xshok_pretty_echo_and_log "Unused/Disabled file removed: ${file}"
      done < "$db_changes"
    fi
  fi
  
  # Create "purge.txt" file for package maintainers to support package uninstall.
      done < "$db_changes"
    fi
  fi
  
  # Create "purge.txt" file for package maintainers to support package uninstall.
-purge="$work_dir_work_configs/purge.txt"
-cp -f "$current_dbs_file" "$purge"
+purge="${work_dir_work_configs}/purge.txt"
+cp -f -p "$current_dbs_file" "$purge"
  {
  {
-  echo "$work_dir_work_configs/current-dbs.txt"
-  echo "$work_dir_work_configs/db-changes.txt"
-  echo "$work_dir_work_configs/last-mbl-update.txt"
-  echo "$work_dir_work_configs/last-si-update.txt"
-  echo "$work_dir_work_configs/local.ign"
-  echo "$work_dir_work_configs/monitor-ign.txt"
-  echo "$work_dir_work_configs/my-whitelist.ign2"
-  echo "$work_dir_work_configs/tracker.txt"
-  echo "$work_dir_work_configs/previous-dbs.txt"
-  echo "$work_dir_work_configs/scan-test.txt"
-  echo "$work_dir_work_configs/ss-include-dbs.txt"
-  echo "$work_dir_work_configs/whitelist.hex"
-  echo "$work_dir_gpg/publickey.gpg"
+  echo "${work_dir_work_configs}/current-dbs.txt"
+  echo "${work_dir_work_configs}/db-changes.txt"
+  echo "${work_dir_work_configs}/last-mbl-update.txt"
+  echo "${work_dir_work_configs}/last-si-update.txt"
+  echo "${work_dir_work_configs}/local.ign"
+  echo "${work_dir_work_configs}/monitor-ign.txt"
+  echo "${work_dir_work_configs}/my-whitelist.ign2"
+  echo "${work_dir_work_configs}/tracker.txt"
+  echo "${work_dir_work_configs}/previous-dbs.txt"
+  echo "${work_dir_work_configs}/scan-test.txt"
+  echo "${work_dir_work_configs}/ss-include-dbs.txt"
+  echo "${work_dir_work_configs}/whitelist.hex"
+  echo "${work_dir_gpg}/publickey.gpg"
    echo "$work_dir_gpg/secring.gpg"
    echo "$work_dir_gpg/secring.gpg"
-  echo "$work_dir_gpg/ss-keyring.gpg*"
+  echo "${work_dir_gpg}/ss-keyring.gpg*"
    echo "$work_dir_gpg/trustdb.gpg"
    echo "$work_dir_gpg/trustdb.gpg"
-  echo "$log_file_path/$log_file_name*"
-  echo "$work_dir_work_configs/purge.txt"
+  echo "${log_file_path}/${log_file_name}*"
+  echo "${work_dir_work_configs}/purge.txt"
  } >> "$purge"
  
  # Check and save current system time since epoch for time related database downloads.
  } >> "$purge"
  
  # Check and save current system time since epoch for time related database downloads.
@@ -2103,23 +2479,21 @@ if [ -n "${securiteinfo_dbs[0]}" ] || [ -n "$malwarepatrol_db" ] ; then
      current_time="$(perl -le print+time 2> /dev/null)"
    fi
    if [ "$current_time" -le 0 ] ; then
      current_time="$(perl -le print+time 2> /dev/null)"
    fi
    if [ "$current_time" -le 0 ] ; then
-    xshok_pretty_echo_and_log "WARNING: No support for 'date +%s' or 'perl' was not found , SecuriteInfo and MalwarePatrol updates bypassed" "="
+    xshok_pretty_echo_and_log "WARNING: No support for 'date +%s' or 'perl' was not found , SecuriteInfo and MalwarePatrol updates bypassed"
      securiteinfo_dbs=()
      malwarepatrol_db=()
    fi
  fi
      securiteinfo_dbs=()
      malwarepatrol_db=()
    fi
  fi
-
  ################################################################
  # Check for Sanesecurity database & GPG signature file updates #
  ################################################################
  ################################################################
  # Check for Sanesecurity database & GPG signature file updates #
  ################################################################
-
  if [ "$sanesecurity_enabled" == "yes" ] ; then
    if [ -n "${sanesecurity_dbs[0]}" ] ; then
      if [ ${#sanesecurity_dbs} -lt 1 ] ; then
        xshok_pretty_echo_and_log "Failed sanesecurity_dbs config is invalid or not defined - SKIPPING"
      else
  if [ "$sanesecurity_enabled" == "yes" ] ; then
    if [ -n "${sanesecurity_dbs[0]}" ] ; then
      if [ ${#sanesecurity_dbs} -lt 1 ] ; then
        xshok_pretty_echo_and_log "Failed sanesecurity_dbs config is invalid or not defined - SKIPPING"
      else
-      if [ -r "$work_dir_work_configs/last-ss-update.txt" ] ; then
-        last_sanesecurity_update="$(cat "$work_dir_work_configs/last-ss-update.txt")"
+      if [ -r "${work_dir_work_configs}/last-ss-update.txt" ] ; then
+        last_sanesecurity_update="$(cat "${work_dir_work_configs}/last-ss-update.txt")"
        else
          last_sanesecurity_update="0"
        fi
        else
          last_sanesecurity_update="0"
        fi
@@ -2127,98 +2501,102 @@ if [ "$sanesecurity_enabled" == "yes" ] ; then
        update_interval="$((sanesecurity_update_hours * 3600))"
        time_interval="$((current_time - last_sanesecurity_update))"
        if [ "$time_interval" -ge $((update_interval - 600)) ] ; then
        update_interval="$((sanesecurity_update_hours * 3600))"
        time_interval="$((current_time - last_sanesecurity_update))"
        if [ "$time_interval" -ge $((update_interval - 600)) ] ; then
-        echo "$current_time" > "$work_dir_work_configs/last-ss-update.txt"
+        echo "$current_time" > "${work_dir_work_configs}/last-ss-update.txt"
          xshok_pretty_echo_and_log "Sanesecurity Database & GPG Signature File Updates" "="
          xshok_pretty_echo_and_log "Checking for Sanesecurity updates..."
          xshok_pretty_echo_and_log "Sanesecurity Database & GPG Signature File Updates" "="
          xshok_pretty_echo_and_log "Checking for Sanesecurity updates..."
-
-        sanesecurity_mirror_ips="$(dig +ignore +short "$sanesecurity_url")"
+                               # shellcheck disable=SC2086
+        sanesecurity_mirror_ips="$(dig $dig_proxy +ignore +short "$sanesecurity_url")"
          # Add fallback to host if dig returns no records
          if [ ${#sanesecurity_mirror_ips} -lt 1 ] ; then
          # Add fallback to host if dig returns no records
          if [ ${#sanesecurity_mirror_ips} -lt 1 ] ; then
-          sanesecurity_mirror_ips="$(host -t A "$sanesecurity_url" | sed -n '/has address/{s/.*address \([^ ]*\).*/\1/;p;}')"
+                                       # shellcheck disable=SC2086
+          sanesecurity_mirror_ips="$(host $host_proxy -t A "$sanesecurity_url" | sed -n '/has address/{s/.*address \([^ ]*\).*/\1/;p;}')"
          fi
  
          if [ ${#sanesecurity_mirror_ips} -ge 1 ] ; then
            for sanesecurity_mirror_ip in $sanesecurity_mirror_ips ; do
              sanesecurity_mirror_name=""
          fi
  
          if [ ${#sanesecurity_mirror_ips} -ge 1 ] ; then
            for sanesecurity_mirror_ip in $sanesecurity_mirror_ips ; do
              sanesecurity_mirror_name=""
-            sanesecurity_mirror_name="$(dig +short -x "$sanesecurity_mirror_ip" | command sed 's/\.$//')"
+                                               # shellcheck disable=SC2086
+            sanesecurity_mirror_name="$(dig $dig_proxy +short -x "$sanesecurity_mirror_ip" | command sed 's/\.$//')"
              # Add fallback to host if dig returns no records
              if [ -z "$sanesecurity_mirror_name" ] ; then
              # Add fallback to host if dig returns no records
              if [ -z "$sanesecurity_mirror_name" ] ; then
-              sanesecurity_mirror_name="$(host "$sanesecurity_mirror_ip" | sed -n '/name pointer/{s/.*pointer \([^ ]*\).*\.$/\1/;p;}')"
+                                                       # shellcheck disable=SC2086
+              sanesecurity_mirror_name="$(host $host_proxy "$sanesecurity_mirror_ip" | sed -n '/name pointer/{s/.*pointer \([^ ]*\).*\.$/\1/;p;}')"
              fi
              sanesecurity_mirror_site_info="$sanesecurity_mirror_name $sanesecurity_mirror_ip"
              fi
              sanesecurity_mirror_site_info="$sanesecurity_mirror_name $sanesecurity_mirror_ip"
-            xshok_pretty_echo_and_log "Sanesecurity mirror site used: $sanesecurity_mirror_site_info"
+            xshok_pretty_echo_and_log "Sanesecurity mirror site used: ${sanesecurity_mirror_site_info}"
              # shellcheck disable=SC2086
              # shellcheck disable=SC2086
-            $rsync_bin $rsync_output_level $no_motd --files-from="$sanesecurity_include_dbs" -ctuz $connect_timeout --timeout="$rsync_max_time" "rsync://$sanesecurity_mirror_ip/sanesecurity" "$work_dir_sanesecurity" 2>/dev/null
+            $rsync_bin $rsync_output_level $no_motd --files-from="${sanesecurity_include_dbs}" -ctuz $connect_timeout --timeout="$rsync_max_time" "rsync://${sanesecurity_mirror_ip}/sanesecurity" "$work_dir_sanesecurity" 2>&13
              ret="$?"
              if [ "$ret" -eq 0 ] || [ "$ret" -eq 23 ] ; then # The correct way, 23 is some files were not transfered, can be ignored and we can assume a success
                sanesecurity_rsync_success="1"
                for db_file in "${sanesecurity_dbs[@]}" ; do
              ret="$?"
              if [ "$ret" -eq 0 ] || [ "$ret" -eq 23 ] ; then # The correct way, 23 is some files were not transfered, can be ignored and we can assume a success
                sanesecurity_rsync_success="1"
                for db_file in "${sanesecurity_dbs[@]}" ; do
-                if ! cmp -s "$work_dir_sanesecurity/$db_file" "$clam_dbs/$db_file" ; then
-                  xshok_pretty_echo_and_log "Testing updated Sanesecurity database file: $db_file"
+                if ! cmp -s "${work_dir_sanesecurity}/${db_file}" "${clam_dbs}/${db_file}" ; then
+                  xshok_pretty_echo_and_log "Testing updated Sanesecurity database file: ${db_file}"
  
                    if [ "$enable_gpg" == "yes" ] ; then
  
                    if [ "$enable_gpg" == "yes" ] ; then
-                    if ! $gpg_bin --trust-model always -q --no-default-keyring --homedir "$work_dir_gpg" --keyring "$work_dir_gpg/ss-keyring.gpg" --verify "$work_dir_sanesecurity/$db_file.sig" "$work_dir_sanesecurity/$db_file" 2>/dev/null ; then
-                      $gpg_bin --always-trust -q --no-default-keyring --homedir "$work_dir_gpg" --keyring "$work_dir_gpg/ss-keyring.gpg" --verify "$work_dir_sanesecurity/$db_file.sig" "$work_dir_sanesecurity/$db_file" 2>/dev/null
+                    if ! $gpg_bin --trust-model always -q --no-default-keyring --homedir "${work_dir_gpg}" --keyring "${work_dir_gpg}/ss-keyring.gpg" --verify "${work_dir_sanesecurity}/${db_file}.sig" "${work_dir_sanesecurity}/${db_file}" 2>/dev/null ; then
+                      $gpg_bin --always-trust -q --no-default-keyring --homedir "${work_dir_gpg}" --keyring "${work_dir_gpg}/ss-keyring.gpg" --verify "${work_dir_sanesecurity}/${db_file}.sig" "${work_dir_sanesecurity}/${db_file}" 2>/dev/null
                        ret="$?"
                      else
                        ret="0"
                      fi
                      if [ "$ret" -eq 0 ] ; then
                        ret="$?"
                      else
                        ret="0"
                      fi
                      if [ "$ret" -eq 0 ] ; then
-                      test "$gpg_silence" = "no" && xshok_pretty_echo_and_log "Sanesecurity GPG Signature tested good on $db_file database"
+                      test "$gpg_silence" = "no" && xshok_pretty_echo_and_log "Sanesecurity GPG Signature tested good on ${db_file} database"
                      else
                      else
-                      xshok_pretty_echo_and_log "Sanesecurity GPG Signature test FAILED on $db_file database - SKIPPING"
+                      xshok_pretty_echo_and_log "Sanesecurity GPG Signature test FAILED on ${db_file} database - SKIPPING"
                      fi
                    fi
                    if [ "$ret" -eq 0 ] ; then
                      db_ext="${db_file#*.}"
                      if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
                      fi
                    fi
                    if [ "$ret" -eq 0 ] ; then
                      db_ext="${db_file#*.}"
                      if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
-                      if $clamscan_bin --quiet -d "$work_dir_sanesecurity/$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null ; then
-                        xshok_pretty_echo_and_log "Clamscan reports Sanesecurity $db_file database integrity tested good"
+                      if $clamscan_bin --quiet -d "${work_dir_sanesecurity}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                        xshok_pretty_echo_and_log "Clamscan reports Sanesecurity ${db_file} database integrity tested good"
                          true
                        else
                          true
                        else
-                        xshok_pretty_echo_and_log "Clamscan reports Sanesecurity $db_file database integrity tested BAD"
+                        xshok_pretty_echo_and_log "Clamscan reports Sanesecurity ${db_file} database integrity tested BAD"
                          if [ "$remove_bad_database" == "yes" ] ; then
                          if [ "$remove_bad_database" == "yes" ] ; then
-                          if rm -f "$work_dir_sanesecurity/$db_file" ; then
-                            xshok_pretty_echo_and_log "Removed invalid database: $work_dir_sanesecurity/$db_file"
+                          if rm -f "${work_dir_sanesecurity}/${db_file}" ; then
+                            xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_sanesecurity}/${db_file}"
                            fi
                          fi
                          false
                            fi
                          fi
                          false
-                        fi && (test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$db_file" "$clam_dbs/$db_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "$work_dir_sanesecurity/$db_file" "$clam_dbs" 2>/dev/null ; then
-                        perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
+                        fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${work_dir_sanesecurity}/${db_file}" "$clam_dbs" 2>&13 ; then
+                        perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
                          if [ "$selinux_fixes" == "yes" ] ; then
                          if [ "$selinux_fixes" == "yes" ] ; then
-                          restorecon "$clam_dbs/$db_file"
+                          restorecon "${clam_dbs}/${db_file}"
                          fi
  
                          fi
  
-                        xshok_pretty_echo_and_log "Successfully updated Sanesecurity production database file: $db_file"
+                        xshok_pretty_echo_and_log "Successfully updated Sanesecurity production database file: ${db_file}"
                          sanesecurity_update=1
                          do_clamd_reload=1
                        else
                          sanesecurity_update=1
                          do_clamd_reload=1
                        else
-                        xshok_pretty_echo_and_log "Failed to successfully update Sanesecurity production database file: $db_file - SKIPPING"
+                        xshok_pretty_echo_and_log "Failed to successfully update Sanesecurity production database file: ${db_file} - SKIPPING"
                          false
                        fi
                      else
                          false
                        fi
                      else
-                      $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$work_dir_sanesecurity/$db_file" > "$test_dir/$db_file"
-                      $clamscan_bin --infected --no-summary -d "$test_dir/$db_file" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "$work_dir_work_configs/whitelist.txt"
-                      $grep_bin -h -f "$work_dir_work_configs/whitelist.txt" "$test_dir/$db_file" | cut -d "*" -f 2 | sort | uniq >> "$work_dir_work_configs/whitelist.hex"
-                      $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$test_dir/$db_file" > "$test_dir/$db_file-tmp"
-                      mv -f "$test_dir/$db_file-tmp" "$test_dir/$db_file"
-                      if $clamscan_bin --quiet -d "$test_dir/$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null ; then
-                        xshok_pretty_echo_and_log "Clamscan reports Sanesecurity $db_file database integrity tested good"
+                      $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${work_dir_sanesecurity}/${db_file}" > "${test_dir}/${db_file}"
+                      $clamscan_bin --infected --no-summary -d "${test_dir}/${db_file}" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "${work_dir_work_configs}/whitelist.txt"
+                      $grep_bin -h -f "${work_dir_work_configs}/whitelist.hex" "${test_dir}/${db_file}" | cut -d "*" -f 2 | sort | uniq >> "${work_dir_work_configs}/whitelist.hex-tmp"
+                      mv -f "${work_dir_work_configs}/whitelist.hex-tmp" "${work_dir_work_configs}/whitelist.hex"
+                      $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${test_dir}/${db_file}" > "${test_dir}/${db_file}-tmp"
+                      mv -f "${test_dir}/${db_file}-tmp" "${test_dir}/${db_file}"
+                      if $clamscan_bin --quiet -d "${test_dir}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                        xshok_pretty_echo_and_log "Clamscan reports Sanesecurity ${db_file} database integrity tested good"
                          true
                        else
                          true
                        else
-                        xshok_pretty_echo_and_log "Clamscan reports Sanesecurity $db_file database integrity tested BAD"
+                        xshok_pretty_echo_and_log "Clamscan reports Sanesecurity ${db_file} database integrity tested BAD"
                          # DO NOT KILL THIS DB
                          false
                          # DO NOT KILL THIS DB
                          false
-                        fi && (test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$db_file" "$clam_dbs/$db_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "$test_dir/$db_file" "$clam_dbs" 2>/dev/null ; then
-                        perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
+                        fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${test_dir}/${db_file}" "$clam_dbs" 2>&13 ; then
+                        perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
                          if [ "$selinux_fixes" == "yes" ] ; then
                          if [ "$selinux_fixes" == "yes" ] ; then
-                          restorecon "$clam_dbs/$db_file"
+                          restorecon "${clam_dbs}/${db_file}"
                          fi
                          fi
-                        xshok_pretty_echo_and_log "Successfully updated Sanesecurity production database file: $db_file"
+                        xshok_pretty_echo_and_log "Successfully updated Sanesecurity production database file: ${db_file}"
                          sanesecurity_update=1
                          do_clamd_reload=1
                        else
                          sanesecurity_update=1
                          do_clamd_reload=1
                        else
-                        xshok_pretty_echo_and_log "Failed to successfully update Sanesecurity production database file: $db_file - SKIPPING"
+                        xshok_pretty_echo_and_log "Failed to successfully update Sanesecurity production database file: ${db_file} - SKIPPING"
                        fi
                      fi
                    fi
                        fi
                      fi
                    fi
@@ -2231,7 +2609,7 @@ if [ "$sanesecurity_enabled" == "yes" ] ; then
                  break
                fi
              else
                  break
                fi
              else
-              xshok_pretty_echo_and_log "Connection to $sanesecurity_mirror_site_info failed - Trying next mirror site..."
+              xshok_pretty_echo_and_log "Connection to ${sanesecurity_mirror_site_info} failed - Trying next mirror site..."
              fi
            done
            if [ ! "$sanesecurity_rsync_success" == "1" ] ; then
              fi
            done
            if [ ! "$sanesecurity_rsync_success" == "1" ] ; then
@@ -2243,7 +2621,7 @@ if [ "$sanesecurity_enabled" == "yes" ] ; then
          fi
        else
          xshok_pretty_echo_and_log "Sanesecurity Database File Updates" "="
          fi
        else
          xshok_pretty_echo_and_log "Sanesecurity Database File Updates" "="
-        xshok_draw_time_remaining "$((update_interval - time_interval))" "$sanesecurity_update_hours" "sanesecurity"
+        xshok_draw_time_remaining "$((update_interval - time_interval))" "$sanesecurity_update_hours" "Sanesecurity"
        fi
      fi
    fi
        fi
      fi
    fi
@@ -2252,17 +2630,17 @@ else
      if [ "$remove_disabled_databases" == "yes" ] ; then
        xshok_pretty_echo_and_log "Removing disabled Sanesecurity Database files"
        for db_file in "${sanesecurity_dbs[@]}" ; do
      if [ "$remove_disabled_databases" == "yes" ] ; then
        xshok_pretty_echo_and_log "Removing disabled Sanesecurity Database files"
        for db_file in "${sanesecurity_dbs[@]}" ; do
-        if echo "$db_file" | $grep_bin -q "|"; then
+        if echo "$db_file" | $grep_bin -q "|" ; then
            db_file="${db_file%|*}"
          fi
            db_file="${db_file%|*}"
          fi
-        if [ -r "$work_dir_sanesecurity/$db_file" ] ; then
-          xshok_pretty_echo_and_log "Removing $work_dir_sanesecurity/$db_file"
-          rm -f "$work_dir_sanesecurity/$db_file"
+        if [ -r "${work_dir_sanesecurity}/${db_file}" ] ; then
+          xshok_pretty_echo_and_log "Removing ${work_dir_sanesecurity}/${db_file}"
+          rm -f "${work_dir_sanesecurity}/${db_file}"
            do_clamd_reload=1
          fi
            do_clamd_reload=1
          fi
-        if [ -r "$clam_dbs/$db_file" ] ; then
-          xshok_pretty_echo_and_log "Removing $clam_dbs/$db_file"
-          rm -f "$clam_dbs/$db_file"
+        if [ -r "${clam_dbs}/${db_file}" ] ; then
+          xshok_pretty_echo_and_log "Removing ${clam_dbs}/${db_file}"
+          rm -f "${clam_dbs}/${db_file}"
            do_clamd_reload=1
          fi
        done
            do_clamd_reload=1
          fi
        done
@@ -2275,13 +2653,13 @@ fi
  ##############################################################################################################################################
  if [ "$securiteinfo_enabled" == "yes" ] ; then
    if [ "$securiteinfo_authorisation_signature" != "YOUR-SIGNATURE-NUMBER" ] ; then
  ##############################################################################################################################################
  if [ "$securiteinfo_enabled" == "yes" ] ; then
    if [ "$securiteinfo_authorisation_signature" != "YOUR-SIGNATURE-NUMBER" ] ; then
-    if [ -n "$securiteinfo_dbs" ] ; then
+    if [ -n "${securiteinfo_dbs[0]}" ] ; then
        if [ ${#securiteinfo_dbs} -lt 1 ] ; then
          xshok_pretty_echo_and_log "Failed securiteinfo_dbs config is invalid or not defined - SKIPPING"
        else
        if [ ${#securiteinfo_dbs} -lt 1 ] ; then
          xshok_pretty_echo_and_log "Failed securiteinfo_dbs config is invalid or not defined - SKIPPING"
        else
-        rm -f "$work_dir_securiteinfo/*.gz"
-        if [ -r "$work_dir_work_configs/last-si-update.txt" ] ; then
-          last_securiteinfo_update="$(cat "$work_dir_work_configs/last-si-update.txt")"
+        rm -f "${work_dir_securiteinfo}/*.gz"
+        if [ -r "${work_dir_work_configs}/last-si-update.txt" ] ; then
+          last_securiteinfo_update="$(cat "${work_dir_work_configs}/last-si-update.txt")"
          else
            last_securiteinfo_update="0"
          fi
          else
            last_securiteinfo_update="0"
          fi
@@ -2290,7 +2668,7 @@ if [ "$securiteinfo_enabled" == "yes" ] ; then
          update_interval="$((securiteinfo_update_hours * 3600))"
          time_interval="$((current_time - last_securiteinfo_update))"
          if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
          update_interval="$((securiteinfo_update_hours * 3600))"
          time_interval="$((current_time - last_securiteinfo_update))"
          if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
-          echo "$current_time" > "$work_dir_work_configs/last-si-update.txt"
+          echo "$current_time" > "${work_dir_work_configs}/last-si-update.txt"
            xshok_pretty_echo_and_log "SecuriteInfo Database File Updates" "="
            xshok_pretty_echo_and_log "Checking for SecuriteInfo updates..."
            securiteinfo_updates="0"
            xshok_pretty_echo_and_log "SecuriteInfo Database File Updates" "="
            xshok_pretty_echo_and_log "Checking for SecuriteInfo updates..."
            securiteinfo_updates="0"
@@ -2298,82 +2676,77 @@ if [ "$securiteinfo_enabled" == "yes" ] ; then
              if [ "$loop" == "1" ] ; then
                xshok_pretty_echo_and_log "---"
              fi
              if [ "$loop" == "1" ] ; then
                xshok_pretty_echo_and_log "---"
              fi
-            xshok_pretty_echo_and_log "Checking for updated SecuriteInfo database file: $db_file"
+            xshok_pretty_echo_and_log "Checking for updated SecuriteInfo database file: ${db_file}"
              securiteinfo_db_update="0"
              securiteinfo_db_update="0"
-            xshok_file_download "$work_dir_securiteinfo/$db_file" "$securiteinfo_url/$securiteinfo_authorisation_signature/$db_file"
+            xshok_file_download "${work_dir_securiteinfo}/${db_file}" "${securiteinfo_url}/${securiteinfo_authorisation_signature}/${db_file}"
              ret="$?"
              if [ "$ret" -eq 0 ] ; then
                loop="1"
              ret="$?"
              if [ "$ret" -eq 0 ] ; then
                loop="1"
-              if ! cmp -s "$work_dir_securiteinfo/$db_file" "$clam_dbs/$db_file" ; then
-                if [ $? -eq 0 ] ; then
-                  db_ext="${db_file#*.}"
-
-                  xshok_pretty_echo_and_log "Testing updated SecuriteInfo database file: $db_file"
-                  if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ]
-                  then
-                    if $clamscan_bin --quiet -d "$work_dir_securiteinfo/$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null
-                    then
-                      xshok_pretty_echo_and_log "Clamscan reports SecuriteInfo $db_file database integrity tested good"
-                      true
-                    else
-                      xshok_pretty_echo_and_log "Clamscan reports SecuriteInfo $db_file database integrity tested BAD"
-                      if [ "$remove_bad_database" == "yes" ] ; then
-                        if rm -f "$work_dir_securiteinfo/$db_file" ; then
-                          xshok_pretty_echo_and_log "Removed invalid database: $work_dir_securiteinfo/$db_file"
-                        fi
-                      fi
-                      false
-                      fi && (test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$db_file" "$clam_dbs/$db_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "$work_dir_securiteinfo/$db_file" "$clam_dbs" 2>/dev/null ; then
-                      perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
-                      if [ "$selinux_fixes" == "yes" ] ; then
-                        restorecon "$clam_dbs/$db_file"
+              if ! cmp -s "${work_dir_securiteinfo}/${db_file}" "${clam_dbs}/${db_file}" ; then
+                db_ext="${db_file#*.}"
+
+                xshok_pretty_echo_and_log "Testing updated SecuriteInfo database file: ${db_file}"
+                if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
+                  if $clamscan_bin --quiet -d "${work_dir_securiteinfo}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                    xshok_pretty_echo_and_log "Clamscan reports SecuriteInfo ${db_file} database integrity tested good"
+                    true
+                  else
+                    xshok_pretty_echo_and_log "Clamscan reports SecuriteInfo ${db_file} database integrity tested BAD"
+                    if [ "$remove_bad_database" == "yes" ] ; then
+                      if rm -f "${work_dir_securiteinfo}/${db_file}" ; then
+                        xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_securiteinfo}/${db_file}"
                        fi
                        fi
-                      xshok_pretty_echo_and_log "Successfully updated SecuriteInfo production database file: $db_file"
-                      securiteinfo_updates=1
-                      securiteinfo_db_update=1
-                      do_clamd_reload=1
-                    else
-                      xshok_pretty_echo_and_log "Failed to successfully update SecuriteInfo production database file: $db_file - SKIPPING"
                      fi
                      fi
+                    false
+                    fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${work_dir_securiteinfo}/${db_file}" "$clam_dbs" 2>&13 ; then
+                    perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
+                    if [ "$selinux_fixes" == "yes" ] ; then
+                      restorecon "${clam_dbs}/${db_file}"
+                    fi
+                    xshok_pretty_echo_and_log "Successfully updated SecuriteInfo production database file: ${db_file}"
+                    securiteinfo_updates=1
+                    securiteinfo_db_update=1
+                    do_clamd_reload=1
                    else
                    else
-                    $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$work_dir_securiteinfo/$db_file" > "$test_dir/$db_file"
-                    $clamscan_bin --infected --no-summary -d "$test_dir/$db_file" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "$work_dir_work_configs/whitelist.txt"
-                    $grep_bin -h -f "$work_dir_work_configs/whitelist.txt" "$test_dir/$db_file" | cut -d "*" -f 2 | sort | uniq >> "$work_dir_work_configs/whitelist.hex"
-                    $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$test_dir/$db_file" > "$test_dir/$db_file-tmp"
-                    mv -f "$test_dir/$db_file-tmp" "$test_dir/$db_file"
-                    if $clamscan_bin --quiet -d "$test_dir/$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null
-                    then
-                      xshok_pretty_echo_and_log "Clamscan reports SecuriteInfo $db_file database integrity tested good"
-                      true
-                    else
-                      xshok_pretty_echo_and_log "Clamscan reports SecuriteInfo $db_file database integrity tested BAD"
-                      rm -f "$work_dir_securiteinfo/$db_file"
-                      if [ "$remove_bad_database" == "yes" ] ; then
-                        if rm -f "$work_dir_securiteinfo/$db_file" ; then
-                          xshok_pretty_echo_and_log "Removed invalid database: $work_dir_securiteinfo/$db_file"
-                        fi
-                      fi
-                      false
-                      fi && (test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$db_file" "$clam_dbs/$db_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "$test_dir/$db_file" "$clam_dbs" 2>/dev/null ; then
-                      perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
-                      if [ "$selinux_fixes" == "yes" ] ; then
-                        restorecon "$clam_dbs/$db_file"
+                    xshok_pretty_echo_and_log "Failed to successfully update SecuriteInfo production database file: ${db_file} - SKIPPING"
+                  fi
+                else
+                  $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${work_dir_securiteinfo}/${db_file}" > "${test_dir}/${db_file}"
+                  $clamscan_bin --infected --no-summary -d "${test_dir}/${db_file}" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "${work_dir_work_configs}/whitelist.txt"
+                  $grep_bin -h -f "${work_dir_work_configs}/whitelist.txt" "${test_dir}/${db_file}" | cut -d "*" -f 2 | sort | uniq >> "${work_dir_work_configs}/whitelist.hex"
+                  $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${test_dir}/${db_file}" > "${test_dir}/${db_file}-tmp"
+                  mv -f "${test_dir}/${db_file}-tmp" "${test_dir}/${db_file}"
+                  if $clamscan_bin --quiet -d "${test_dir}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                    xshok_pretty_echo_and_log "Clamscan reports SecuriteInfo ${db_file} database integrity tested good"
+                    true
+                  else
+                    xshok_pretty_echo_and_log "Clamscan reports SecuriteInfo ${db_file} database integrity tested BAD"
+                    rm -f "${work_dir_securiteinfo}/${db_file}"
+                    if [ "$remove_bad_database" == "yes" ] ; then
+                      if rm -f "${work_dir_securiteinfo}/${db_file}" ; then
+                        xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_securiteinfo}/${db_file}"
                        fi
                        fi
-                      xshok_pretty_echo_and_log "Successfully updated SecuriteInfo production database file: $db_file"
-                      securiteinfo_updates=1
-                      securiteinfo_db_update=1
-                      do_clamd_reload=1
-                    else
-                      xshok_pretty_echo_and_log "Failed to successfully update SecuriteInfo production database file: $db_file - SKIPPING"
                      fi
                      fi
+                    false
+                    fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${test_dir}/${db_file}" "$clam_dbs" 2>&13 ; then
+                    perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
+                    if [ "$selinux_fixes" == "yes" ] ; then
+                      restorecon "${clam_dbs}/${db_file}"
+                    fi
+                    xshok_pretty_echo_and_log "Successfully updated SecuriteInfo production database file: ${db_file}"
+                    securiteinfo_updates=1
+                    securiteinfo_db_update=1
+                    do_clamd_reload=1
+                  else
+                    xshok_pretty_echo_and_log "Failed to successfully update SecuriteInfo production database file: ${db_file} - SKIPPING"
                    fi
                  fi
                fi
              else
                    fi
                  fi
                fi
              else
-              xshok_pretty_echo_and_log "Failed connection to $securiteinfo_url - SKIPPED SecuriteInfo $db_file update"
+              xshok_pretty_echo_and_log "Failed connection to ${securiteinfo_url} - SKIPPED SecuriteInfo ${db_file} update"
              fi
              if [ "$securiteinfo_db_update" != "1" ] ; then
              fi
              if [ "$securiteinfo_db_update" != "1" ] ; then
-              xshok_pretty_echo_and_log "No updated SecuriteInfo $db_file database file found" "-"
+              xshok_pretty_echo_and_log "No updated SecuriteInfo ${db_file} database file found" "-"
              fi
            done
            if [ "$securiteinfo_updates" != "1" ] ; then
              fi
            done
            if [ "$securiteinfo_updates" != "1" ] ; then
@@ -2391,17 +2764,17 @@ else
      if [ "$remove_disabled_databases" == "yes" ] ; then
        xshok_pretty_echo_and_log "Removing disabled SecuriteInfo Database files"
        for db_file in "${securiteinfo_dbs[@]}" ; do
      if [ "$remove_disabled_databases" == "yes" ] ; then
        xshok_pretty_echo_and_log "Removing disabled SecuriteInfo Database files"
        for db_file in "${securiteinfo_dbs[@]}" ; do
-        if echo "$db_file" | $grep_bin -q "|"; then
+        if echo "$db_file" | $grep_bin -q "|" ; then
            db_file="${db_file%|*}"
          fi
            db_file="${db_file%|*}"
          fi
-        if [ -r "$work_dir_securiteinfo/$db_file" ] ; then
-          xshok_pretty_echo_and_log "Removing $work_dir_securiteinfo/$db_file"
-          rm -f "$work_dir_securiteinfo/$db_file"
+        if [ -r "${work_dir_securiteinfo}/${db_file}" ] ; then
+          xshok_pretty_echo_and_log "Removing ${work_dir_securiteinfo}/${db_file}"
+          rm -f "${work_dir_securiteinfo}/${db_file}"
            do_clamd_reload=1
          fi
            do_clamd_reload=1
          fi
-        if [ -r "$clam_dbs/$db_file" ] ; then
-          xshok_pretty_echo_and_log "Removing $clam_dbs/$db_file"
-          rm -f "$clam_dbs/$db_file"
+        if [ -r "${clam_dbs}/${db_file}" ] ; then
+          xshok_pretty_echo_and_log "Removing ${clam_dbs}/${db_file}"
+          rm -f "${clam_dbs}/${db_file}"
            do_clamd_reload=1
          fi
        done
            do_clamd_reload=1
          fi
        done
@@ -2409,18 +2782,17 @@ else
    fi
  fi
  
    fi
  fi
  
-
  ##############################################################################################################################################
  ##############################################################################################################################################
-# Check for updated linuxmalwaredetect database files every set number of hours as defined in the "USER CONFIGURATION" section of this script
+# Check for updated LinuxMalwareDetect database files every set number of hours as defined in the "USER CONFIGURATION" section of this script
  ##############################################################################################################################################
  if [ "$linuxmalwaredetect_enabled" == "yes" ] ; then
    if [ -n "${linuxmalwaredetect_dbs[0]}" ] ; then
      if [ ${#linuxmalwaredetect_dbs} -lt 1 ] ; then
        xshok_pretty_echo_and_log "Failed linuxmalwaredetect_dbs config is invalid or not defined - SKIPPING"
      else
  ##############################################################################################################################################
  if [ "$linuxmalwaredetect_enabled" == "yes" ] ; then
    if [ -n "${linuxmalwaredetect_dbs[0]}" ] ; then
      if [ ${#linuxmalwaredetect_dbs} -lt 1 ] ; then
        xshok_pretty_echo_and_log "Failed linuxmalwaredetect_dbs config is invalid or not defined - SKIPPING"
      else
-      rm -f "$work_dir_linuxmalwaredetect/*.gz"
-      if [ -r "$work_dir_work_configs/last-linuxmalwaredetect-update.txt" ] ; then
-        last_linuxmalwaredetect_update="$(cat "$work_dir_work_configs/last-linuxmalwaredetect-update.txt")"
+      rm -f "${work_dir_linuxmalwaredetect}/*.gz"
+      if [ -r "${work_dir_work_configs}/last-linuxmalwaredetect-update.txt" ] ; then
+        last_linuxmalwaredetect_update="$(cat "${work_dir_work_configs}/last-linuxmalwaredetect-update.txt")"
        else
          last_linuxmalwaredetect_update="0"
        fi
        else
          last_linuxmalwaredetect_update="0"
        fi
@@ -2429,96 +2801,113 @@ if [ "$linuxmalwaredetect_enabled" == "yes" ] ; then
        update_interval="$((linuxmalwaredetect_update_hours * 3600))"
        time_interval="$((current_time - last_linuxmalwaredetect_update))"
        if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
        update_interval="$((linuxmalwaredetect_update_hours * 3600))"
        time_interval="$((current_time - last_linuxmalwaredetect_update))"
        if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
-        echo "$current_time" > "$work_dir_work_configs/last-linuxmalwaredetect-update.txt"
+        echo "$current_time" > "${work_dir_work_configs}/last-linuxmalwaredetect-update.txt"
  
  
-        xshok_pretty_echo_and_log "linuxmalwaredetect Database File Updates" "="
-        xshok_pretty_echo_and_log "Checking for linuxmalwaredetect updates..."
-        linuxmalwaredetect_updates="0"
-        for db_file in "${linuxmalwaredetect_dbs[@]}" ; do
-          if [ "$loop" == "1" ] ; then
-            xshok_pretty_echo_and_log "---"
+        xshok_pretty_echo_and_log "LinuxMalwareDetect Database File Updates" "="
+        xshok_pretty_echo_and_log "Checking for LinuxMalwareDetect updates..."
+
+        # Check for a new version
+        found_upgrade="no"
+        if [ -n "$curl_bin" ] ; then
+          # shellcheck disable=SC2086
+          latest_linuxmalwaredetect_version="$($curl_bin --compressed $curl_proxy $curl_insecure $curl_output_level --connect-timeout "${downloader_connect_timeout}" --remote-time --location --retry "${downloader_tries}" --max-time "${downloader_max_time}" "$linuxmalwaredetect_version_url" 2>&11 | head -n1 | xargs)"
+        else
+          # shellcheck disable=SC2086
+          latest_linuxmalwaredetect_version="$($wget_bin $wget_compression $wget_proxy $wget_insecure $wget_output_level --connect-timeout="${downloader_connect_timeout}" --random-wait --tries="${downloader_tries}" --timeout="${downloader_max_time}" "$linuxmalwaredetect_version_url" -O - 2>&12 | $grep_bin "^script_version=" | head -n1 | xargs)"
+        fi
+
+        if [ "$latest_linuxmalwaredetect_version" ] ; then
+          # shellcheck disable=SC2183,SC2086
+          if [ -f "${work_dir_linuxmalwaredetect}/current_linuxmalwaredetect_version" ] ; then
+            current_linuxmalwaredetect_version="$(head -n1 "${work_dir_linuxmalwaredetect}/current_linuxmalwaredetect_version" | xargs)"
+          else
+            current_linuxmalwaredetect_version="-1"
+          fi
+          if [ "$latest_linuxmalwaredetect_version" != "$current_linuxmalwaredetect_version" ] ; then
+            xshok_pretty_echo_and_log "LinuxMalwareDetect Database File Updates" "="
+            found_upgrade="yes"
            fi
            fi
-          xshok_pretty_echo_and_log "Checking for updated linuxmalwaredetect database file: $db_file"
-          linuxmalwaredetect_db_update="0"
-          xshok_file_download "$work_dir_linuxmalwaredetect/$db_file" "$linuxmalwaredetect_url/$db_file"
+        fi
+
+        if [ "$found_upgrade" == "yes" ] ; then
+          xshok_file_download "${work_dir_linuxmalwaredetect}/sigpack.tgz" "${linuxmalwaredetect_sigpack_url}"
            ret="$?"
            if [ "$ret" -eq 0 ] ; then
            ret="$?"
            if [ "$ret" -eq 0 ] ; then
-            loop="1"
-            if ! cmp -s "$work_dir_linuxmalwaredetect/$db_file" "$clam_dbs/$db_file" ; then
-              if [ $? -eq 0 ] ; then
+                                               # shellcheck disable=SC2035
+            $tar_bin --strip-components=1 --wildcards --overwrite -xzf "${work_dir_linuxmalwaredetect}/sigpack.tgz" --directory "${work_dir_linuxmalwaredetect}" */rfxn.*
+            for db_file in "${linuxmalwaredetect_dbs[@]}" ; do
+              if [ "$loop" == "1" ] ; then
+                xshok_pretty_echo_and_log "---"
+              fi
+              loop="1"
+              if ! cmp -s "${work_dir_linuxmalwaredetect}/${db_file}" "${clam_dbs}/${db_file}" ; then
                  db_ext="${db_file#*.}"
  
                  db_ext="${db_file#*.}"
  
-                xshok_pretty_echo_and_log "Testing updated linuxmalwaredetect database file: $db_file"
+                xshok_pretty_echo_and_log "Testing updated LinuxMalwareDetect database file: ${db_file}"
                  if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
                  if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
-                  if $clamscan_bin --quiet -d "$work_dir_linuxmalwaredetect/$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null
-                  then
-                    xshok_pretty_echo_and_log "Clamscan reports linuxmalwaredetect $db_file database integrity tested good"
+                  if $clamscan_bin --quiet -d "${work_dir_linuxmalwaredetect}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                    xshok_pretty_echo_and_log "Clamscan reports LinuxMalwareDetect ${db_file} database integrity tested good"
                      true
                    else
                      true
                    else
-                    xshok_pretty_echo_and_log "Clamscan reports linuxmalwaredetect $db_file database integrity tested BAD"
+                    xshok_pretty_echo_and_log "Clamscan reports LinuxMalwareDetect ${db_file} database integrity tested BAD"
                      if [ "$remove_bad_database" == "yes" ] ; then
                      if [ "$remove_bad_database" == "yes" ] ; then
-                      if rm -f "$work_dir_linuxmalwaredetect/$db_file" ; then
-                        xshok_pretty_echo_and_log "Removed invalid database: $work_dir_linuxmalwaredetect/$db_file"
+                      if rm -f "${work_dir_linuxmalwaredetect}/${db_file}" ; then
+                        xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_linuxmalwaredetect}/${db_file}"
                        fi
                      fi
                      false
                        fi
                      fi
                      false
-                    fi && (test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$db_file" "$clam_dbs/$db_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "$work_dir_linuxmalwaredetect/$db_file" "$clam_dbs" 2>/dev/null ; then
-                    perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
+                    fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${work_dir_linuxmalwaredetect}/${db_file}" "$clam_dbs" 2>&13 ; then
+                    perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
                      if [ "$selinux_fixes" == "yes" ] ; then
                      if [ "$selinux_fixes" == "yes" ] ; then
-                      restorecon "$clam_dbs/local.ign"
+                      restorecon "${clam_dbs}/local.ign"
                      fi
                      fi
-                    xshok_pretty_echo_and_log "Successfully updated linuxmalwaredetect production database file: $db_file"
-                    linuxmalwaredetect_updates=1
-                    linuxmalwaredetect_db_update=1
+                    xshok_pretty_echo_and_log "Successfully updated LinuxMalwareDetect production database file: ${db_file}"
                      do_clamd_reload=1
                    else
                      do_clamd_reload=1
                    else
-                    xshok_pretty_echo_and_log "Failed to successfully update linuxmalwaredetect production database file: $db_file - SKIPPING"
+                    xshok_pretty_echo_and_log "Failed to successfully update LinuxMalwareDetect production database file: ${db_file} - SKIPPING"
                    fi
                  else
                    fi
                  else
-                  $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$work_dir_linuxmalwaredetect/$db_file" > "$test_dir/$db_file"
-                  $clamscan_bin --infected --no-summary -d "$test_dir/$db_file" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "$work_dir_work_configs/whitelist.txt"
-                  $grep_bin -h -f "$work_dir_work_configs/whitelist.txt" "$test_dir/$db_file" | cut -d "*" -f 2 | sort | uniq >> "$work_dir_work_configs/whitelist.hex"
-                  $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$test_dir/$db_file" > "$test_dir/$db_file-tmp"
-                  mv -f "$test_dir/$db_file-tmp" "$test_dir/$db_file"
-                  if $clamscan_bin --quiet -d "$test_dir/$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null ; then
-                    xshok_pretty_echo_and_log "Clamscan reports linuxmalwaredetect $db_file database integrity tested good"
+                  $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${work_dir_linuxmalwaredetect}/${db_file}" > "${test_dir}/${db_file}"
+                  $clamscan_bin --infected --no-summary -d "${test_dir}/${db_file}" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "${work_dir_work_configs}/whitelist.txt"
+                  $grep_bin -h -f "${work_dir_work_configs}/whitelist.txt" "${test_dir}/${db_file}" | cut -d "*" -f 2 | sort | uniq >> "${work_dir_work_configs}/whitelist.hex"
+                  $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${test_dir}/${db_file}" > "${test_dir}/${db_file}-tmp"
+                  mv -f "${test_dir}/${db_file}-tmp" "${test_dir}/${db_file}"
+                  if $clamscan_bin --quiet -d "${test_dir}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                    xshok_pretty_echo_and_log "Clamscan reports LinuxMalwareDetect ${db_file} database integrity tested good"
                      true
                    else
                      true
                    else
-                    xshok_pretty_echo_and_log "Clamscan reports linuxmalwaredetect $db_file database integrity tested BAD"
+                    xshok_pretty_echo_and_log "Clamscan reports LinuxMalwareDetect ${db_file} database integrity tested BAD"
                      if [ "$remove_bad_database" == "yes" ] ; then
                      if [ "$remove_bad_database" == "yes" ] ; then
-                      if rm -f "$work_dir_linuxmalwaredetect/$db_file" ; then
-                        xshok_pretty_echo_and_log "Removed invalid database: $work_dir_linuxmalwaredetect/$db_file"
+                      if rm -f "${work_dir_linuxmalwaredetect}/${db_file}" ; then
+                        xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_linuxmalwaredetect}/${db_file}"
                        fi
                      fi
                      false
                        fi
                      fi
                      false
-                    fi && (test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$db_file" "$clam_dbs/$db_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "$test_dir/$db_file" "$clam_dbs" 2>/dev/null ; then
-                    perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
+                    fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${test_dir}/${db_file}" "$clam_dbs" 2>&13 ; then
+                    perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
                      if [ "$selinux_fixes" == "yes" ] ; then
                      if [ "$selinux_fixes" == "yes" ] ; then
-                      restorecon "$clam_dbs/$db_file"
+                      restorecon "${clam_dbs}/${db_file}"
                      fi
                      fi
-                    xshok_pretty_echo_and_log "Successfully updated linuxmalwaredetect production database file: $db_file"
-                    linuxmalwaredetect_updates=1
-                    linuxmalwaredetect_db_update=1
+                    xshok_pretty_echo_and_log "Successfully updated LinuxMalwareDetect production database file: ${db_file}"
                      do_clamd_reload=1
                    else
                      do_clamd_reload=1
                    else
-                    xshok_pretty_echo_and_log "Failed to successfully update linuxmalwaredetect production database file: $db_file - SKIPPING"
+                    xshok_pretty_echo_and_log "Failed to successfully update LinuxMalwareDetect production database file: ${db_file} - SKIPPING"
                    fi
                  fi
                fi
                    fi
                  fi
                fi
-            fi
-          else
-            xshok_pretty_echo_and_log "WARNING: Failed connection to $linuxmalwaredetect_url - SKIPPED linuxmalwaredetect $db_file update"
-          fi
-          if [ "$linuxmalwaredetect_db_update" != "1" ] ; then
  
  
-            xshok_pretty_echo_and_log "No updated linuxmalwaredetect $db_file database file found"
+            done
+            #save the current version
+            echo "$latest_linuxmalwaredetect_version" > "${work_dir_linuxmalwaredetect}/current_linuxmalwaredetect_version"
+
+          else
+            xshok_pretty_echo_and_log "WARNING: Failed connection to ${linuxmalwaredetect_sigpack_url} - SKIPPED LinuxMalwareDetect update"
            fi
            fi
-        done
-        if [ "$linuxmalwaredetect_updates" != "1" ] ; then
-          xshok_pretty_echo_and_log "No linuxmalwaredetect database file updates found" "-"
+        else
+          xshok_pretty_echo_and_log "No LinuxMalwareDetect database file updates found" "-"
          fi
        else
          fi
        else
-        xshok_pretty_echo_and_log "linuxmalwaredetect Database File Updates" "="
+        xshok_pretty_echo_and_log "LinuxMalwareDetect Database File Updates" "="
          xshok_draw_time_remaining "$((update_interval - time_interval))" "$linuxmalwaredetect_update_hours" "linuxmalwaredetect"
        fi
      fi
          xshok_draw_time_remaining "$((update_interval - time_interval))" "$linuxmalwaredetect_update_hours" "linuxmalwaredetect"
        fi
      fi
@@ -2526,19 +2915,27 @@ if [ "$linuxmalwaredetect_enabled" == "yes" ] ; then
  else
    if [ -n "${linuxmalwaredetect_dbs[0]}" ] ; then
      if [ "$remove_disabled_databases" == "yes" ] ; then
  else
    if [ -n "${linuxmalwaredetect_dbs[0]}" ] ; then
      if [ "$remove_disabled_databases" == "yes" ] ; then
-      xshok_pretty_echo_and_log "Removing disabled linuxmalwaredetect Database files"
+      xshok_pretty_echo_and_log "Removing disabled LinuxMalwareDetect Database files"
+
+      if [ -f "${work_dir_linuxmalwaredetect}/current_linuxmalwaredetect_version" ] ; then
+        rm -f "${work_dir_linuxmalwaredetect}/current_linuxmalwaredetect_version"
+      fi
+      if [ -f "${work_dir_linuxmalwaredetect}/sigpack.tgz" ] ; then
+        rm -f "${work_dir_linuxmalwaredetect}/sigpack.tgz"
+      fi
+
        for db_file in "${linuxmalwaredetect_dbs[@]}" ; do
        for db_file in "${linuxmalwaredetect_dbs[@]}" ; do
-        if echo "$db_file" | $grep_bin -q "|"; then
+        if echo "$db_file" | $grep_bin -q "|" ; then
            db_file="${db_file%|*}"
          fi
            db_file="${db_file%|*}"
          fi
-        if [ -r "$work_dir_linuxmalwaredetect/$db_file" ] ; then
-          xshok_pretty_echo_and_log "Removing $work_dir_linuxmalwaredetect/$db_file"
-          rm -f "$work_dir_linuxmalwaredetect/$db_file"
+        if [ -r "${work_dir_linuxmalwaredetect}/${db_file}" ] ; then
+          xshok_pretty_echo_and_log "Removing ${work_dir_linuxmalwaredetect}/${db_file}"
+          rm -f "${work_dir_linuxmalwaredetect}/${db_file}"
            do_clamd_reload=1
          fi
            do_clamd_reload=1
          fi
-        if [ -r "$clam_dbs/$db_file" ] ; then
-          xshok_pretty_echo_and_log "Removing $clam_dbs/$db_file"
-          rm -f "$clam_dbs/$db_file"
+        if [ -r "${clam_dbs}/${db_file}" ] ; then
+          xshok_pretty_echo_and_log "Removing ${clam_dbs}/${db_file}"
+          rm -f "${clam_dbs}/${db_file}"
            do_clamd_reload=1
          fi
        done
            do_clamd_reload=1
          fi
        done
@@ -2547,624 +2944,748 @@ else
  fi
  
  
  fi
  
  
-##########################################################################################################################################
+#########################################################################################################################################
  # Download MalwarePatrol database file every set number of hours as defined in the "USER CONFIGURATION" section of this script.          #
  ##########################################################################################################################################
  if [ "$malwarepatrol_enabled" == "yes" ] ; then
    if [ "$malwarepatrol_receipt_code" != "YOUR-RECEIPT-NUMBER" ] ; then
  # Download MalwarePatrol database file every set number of hours as defined in the "USER CONFIGURATION" section of this script.          #
  ##########################################################################################################################################
  if [ "$malwarepatrol_enabled" == "yes" ] ; then
    if [ "$malwarepatrol_receipt_code" != "YOUR-RECEIPT-NUMBER" ] ; then
-    if [ -n "$malwarepatrol_db" ] ; then
-      if [ -r "$work_dir_work_configs/last-mbl-update.txt" ] ; then
-        last_malwarepatrol_update="$(cat "$work_dir_work_configs/last-mbl-update.txt")"
-      else
-        last_malwarepatrol_update="0"
-      fi
-      db_file=""
-      update_interval="$((malwarepatrol_update_hours * 3600))"
-      time_interval="$((current_time - last_malwarepatrol_update))"
-      if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
-        echo "$current_time" > "$work_dir_work_configs"/last-mbl-update.txt
-        xshok_pretty_echo_and_log "Checking for MalwarePatrol updates..."
-        # Delete the old MBL (mbl.db) database file if it exists and start using the newer
-        # format (mbl.ndb) database file instead.
-        # test -e $clam_dbs/$malwarepatrol_db -o -e $clam_dbs/$malwarepatrol_db-bak && rm -f -- "$clam_dbs/mbl.d*"
-
-        # Remove the .db is the new format if ndb and
-        # symetrically
-        if [ "$malwarepatrol_db" == "malwarepatrol.db" ] && [ -f "$clam_dbs/malwarepatrol.ndb" ] ; then
-          rm "$clam_dbs/malwarepatrol.ndb";
+    if [ -n "${malwarepatrol_db}" ] ; then
+        rm -f "${work_dir_malwarepatrol}/*.gz"
+        if [ -r "${work_dir_work_configs}/last-mbl-update.txt" ] ; then
+          last_malwarepatrol_update="$(cat "${work_dir_work_configs}/last-mbl-update.txt")"
+        else
+          last_malwarepatrol_update="0"
          fi
          fi
+        loop=""
+        update_interval="$((malwarepatrol_update_hours * 3600))"
+        time_interval="$((current_time - last_malwarepatrol_update))"
+        if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
+          echo "$current_time" > "${work_dir_work_configs}/last-mbl-update.txt"
+          xshok_pretty_echo_and_log "MalwarePatrol Database File Updates" "="
+          xshok_pretty_echo_and_log "Checking for MalwarePatrol updates..."
+          malwarepatrol_updates="0"
+
+          # Cleanup any not required database files
+          if [ "$malwarepatrol_db" == "malwarepatrol.db" ] && [ -f "${clam_dbs}/malwarepatrol.ndb" ] ; then
+            rm -f "${clam_dbs}/malwarepatrol.ndb";
+          fi
+          if [ "$malwarepatrol_db" == "malwarepatrol.ndb" ] && [ -f "${clam_dbs}/malwarepatrol.db" ] ; then
+            rm -f "${clam_dbs}/malwarepatrol.db";
+          fi
  
  
-        if [ "$malwarepatrol_db" == "malwarepatrol.ndb" ] && [ -f "$clam_dbs/malwarepatrol.db" ] ; then
-          rm "$clam_dbs/malwarepatrol.db";
-        fi
+            if [ "$loop" == "1" ] ; then
+              xshok_pretty_echo_and_log "---"
+            fi
+            xshok_pretty_echo_and_log "Checking for updated MalwarePatrol database file: ${malwarepatrol_db}"
+            malwarepatrol_db_update="0"
  
  
-        xshok_pretty_echo_and_log "MalwarePatrol $db_file Database File Update" "="
+            xshok_file_download "${work_dir_malwarepatrol}/${malwarepatrol_db}" "${malwarepatrol_url}&receipt=${malwarepatrol_receipt_code}"
  
  
-        malwarepatrol_reloaded=0
-        if [ "$malwarepatrol_free" == "yes" ] ; then
-          xshok_file_download "$work_dir_malwarepatrol/$malwarepatrol_db" "$malwarepatrol_url&receipt=$malwarepatrol_receipt_code"
-          ret="$?"
-          if [ "$ret" -eq 0 ] ; then
-            if ! cmp -s "$work_dir_malwarepatrol/$malwarepatrol_db" "$clam_dbs/$malwarepatrol_db" ; then
-              if [ $? -eq 0 ] ; then
-                malwarepatrol_reloaded=1
-              else
-                malwarepatrol_reloaded=2
-              fi
-            fi
-          else # Wget failed
-            malwarepatrol_reloaded=-1
-          fi
-        else # The not free branch
-          xshok_file_download "$work_dir_malwarepatrol/$malwarepatrol_db.md5" "$malwarepatrol_url&receipt=$malwarepatrol_receipt_code&hash=1"
-          ret="$?"
-          if [ "$ret" -eq 0 ] ; then
-            if [ -f "$clam_dbs/$malwarepatrol_db" ] ; then
-              malwarepatrol_md5="$(openssl md5 -r "$clam_dbs/$malwarepatrol_db" 2>/dev/null | cut -d " " -f 1)"
-              if [ ! "$malwarepatrol_md5" ] ; then
-                # Fallback for missing -r option
-                malwarepatrol_md5="$(openssl md5 "$clam_dbs/$malwarepatrol_db" 2>/dev/null | cut -d " " -f 2)"
-              fi
-            fi
-            malwarepatrol_md5_new="$(cat "$work_dir_malwarepatrol/$malwarepatrol_db.md5")"
-            if [ -n "$malwarepatrol_md5_new" ] && [ "$malwarepatrol_md5" != "$malwarepatrol_md5_new" ] ; then
-              xshok_file_download "$work_dir_malwarepatrol/$malwarepatrol_db" "$malwarepatrol_url&receipt=$malwarepatrol_receipt_code"
-              ret="$?"
-              if [ "$ret" -eq 0 ] ; then
-                malwarepatrol_reloaded="1"
-              else # Wget DB fail
-                malwarepatrol_reloaded="-1"
-              fi # Wget DB
-            fi # MD5 not equal
-          else # Wget MD5 fail
-            malwarepatrol_reloaded="-1"
-          fi # Wget MD5
-        fi
+            ret="$?"
+            if [ "$ret" -eq 0 ] ; then
+              loop="1"
+              if ! cmp -s "${work_dir_malwarepatrol}/${malwarepatrol_db}" "${clam_dbs}/${malwarepatrol_db}" ; then
+                db_ext="${malwarepatrol_db#*.}"
  
  
-        case "$malwarepatrol_reloaded" in
-          1) # Database was updated, need test and reload
-            xshok_pretty_echo_and_log "Testing updated MalwarePatrol database file: $malwarepatrol_db"
-            if $clamscan_bin --quiet -d "$work_dir_malwarepatrol/$malwarepatrol_db" "$work_dir_work_configs/scan-test.txt" 2>/dev/null ; then
-              xshok_pretty_echo_and_log "Clamscan reports MalwarePatrol $malwarepatrol_db database integrity tested good"
-              true
-            else
-              xshok_pretty_echo_and_log "Clamscan reports MalwarePatrol $malwarepatrol_db database integrity tested BAD"
-              if [ "$remove_bad_database" == "yes" ] ; then
-                if rm -f "$work_dir_malwarepatrol/$malwarepatrol_db" ; then
-                  xshok_pretty_echo_and_log "Removed invalid database: $work_dir_malwarepatrol/$malwarepatrol_db"
-                fi
-              fi
-              false
-            fi \
-              && (
-              test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$malwarepatrol_db" "$clam_dbs/$malwarepatrol_db-bak" 2>/dev/null
-              true
-              ) \
-              && if $rsync_bin -pcqt "$work_dir_malwarepatrol/$malwarepatrol_db" "$clam_dbs" 2>/dev/null ; then
-                  perms chown -f "$clam_user:$clam_group" "$clam_dbs/$malwarepatrol_db"
-                  if [ "$selinux_fixes" == "yes" ] ; then
-                    restorecon "$clam_dbs/$malwarepatrol_db"
-                  fi
-                  xshok_pretty_echo_and_log "Successfully updated MalwarePatrol production database file: $malwarepatrol_db"
-                  do_clamd_reload=1
-                else
-                  xshok_pretty_echo_and_log "Failed to successfully update MalwarePatrol production database file: $malwarepatrol_db - SKIPPING"
-                fi
-                ;; # The strange case when $? != 0 in the original
-              2)
-                $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$work_dir_malwarepatrol/$malwarepatrol_db" > "$test_dir/$malwarepatrol_db"
-                $clamscan_bin --infected --no-summary -d "$test_dir/$malwarepatrol_db" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "$work_dir_work_configs/whitelist.txt"
-                $grep_bin -h -f "$work_dir_work_configs/whitelist.txt" "$test_dir/$malwarepatrol_db" | cut -d "*" -f 2 | sort | uniq >> "$work_dir_work_configs/whitelist.hex"
-                $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$test_dir/$malwarepatrol_db" > "$test_dir/$malwarepatrol_db-tmp"
-                mv -f "$test_dir/$malwarepatrol_db-tmp" "$test_dir/$malwarepatrol_db"
-                if $clamscan_bin --quiet -d "$test_dir/$malwarepatrol_db" "$work_dir_work_configs/scan-test.txt" 2>/dev/null ; then
-                  xshok_pretty_echo_and_log "Clamscan reports MalwarePatrol $malwarepatrol_db database integrity tested good"
-                  true
-                else
-                  xshok_pretty_echo_and_log "Clamscan reports MalwarePatrol $malwarepatrol_db database integrity tested BAD"
-                  if [ "$remove_bad_database" == "yes" ] ; then
-                    if rm -f "$test_dir/$malwarepatrol_db" ; then
-                      xshok_pretty_echo_and_log "Removed invalid database: $test_dir/$malwarepatrol_db"
+                xshok_pretty_echo_and_log "Testing updated MalwarePatrol database file: ${malwarepatrol_db}"
+                if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
+                  if $clamscan_bin --quiet -d "${work_dir_malwarepatrol}/${malwarepatrol_db}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                    xshok_pretty_echo_and_log "Clamscan reports MalwarePatrol ${malwarepatrol_db} database integrity tested good"
+                    true
+                  else
+                    xshok_pretty_echo_and_log "Clamscan reports MalwarePatrol ${malwarepatrol_db} database integrity tested BAD"
+                    if [ "$remove_bad_database" == "yes" ] ; then
+                      if rm -f "${work_dir_malwarepatrol}/${malwarepatrol_db}" ; then
+                        xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_malwarepatrol}/${malwarepatrol_db}"
+                      fi
+                    fi
+                    false
+                    fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${malwarepatrol_db}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${work_dir_malwarepatrol}/${malwarepatrol_db}" "$clam_dbs" 2>&13 ; then
+                    perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${malwarepatrol_db}"
+                    if [ "$selinux_fixes" == "yes" ] ; then
+                      restorecon "${clam_dbs}/${malwarepatrol_db}"
                      fi
                      fi
+                    xshok_pretty_echo_and_log "Successfully updated MalwarePatrol production database file: ${malwarepatrol_db}"
+                    malwarepatrol_updates=1
+                    malwarepatrol_db_update=1
+                    do_clamd_reload=1
+                  else
+                    xshok_pretty_echo_and_log "Failed to successfully update MalwarePatrol production database file: ${malwarepatrol_db} - SKIPPING"
                    fi
                    fi
-                  false
-                fi \
-              && (
-                  test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$malwarepatrol_db" "$clam_dbs/$malwarepatrol_db-bak" 2>/dev/null
-                  true
-                  ) \
-              && if $rsync_bin -pcqt "$test_dir/$malwarepatrol_db" "$clam_dbs" 2>/dev/null ; then
-                      perms chown -f "$clam_user:$clam_group" "$clam_dbs/$malwarepatrol_db"
-                      if [ "$selinux_fixes" == "yes" ] ; then
-                        restorecon "$clam_dbs/$malwarepatrol_db"
+                else
+                  $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${work_dir_malwarepatrol}/${malwarepatrol_db}" > "${test_dir}/${malwarepatrol_db}"
+                  $clamscan_bin --infected --no-summary -d "${test_dir}/${malwarepatrol_db}" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "${work_dir_work_configs}/whitelist.txt"
+                  $grep_bin -h -f "${work_dir_work_configs}/whitelist.txt" "${test_dir}/${malwarepatrol_db}" | cut -d "*" -f 2 | sort | uniq >> "${work_dir_work_configs}/whitelist.hex"
+                  $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${test_dir}/${malwarepatrol_db}" > "${test_dir}/${malwarepatrol_db}-tmp"
+                  mv -f "${test_dir}/${malwarepatrol_db}-tmp" "${test_dir}/${malwarepatrol_db}"
+                  if $clamscan_bin --quiet -d "${test_dir}/${malwarepatrol_db}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                    xshok_pretty_echo_and_log "Clamscan reports MalwarePatrol ${malwarepatrol_db} database integrity tested good"
+                    true
+                  else
+                    xshok_pretty_echo_and_log "Clamscan reports MalwarePatrol ${malwarepatrol_db} database integrity tested BAD"
+                    rm -f "${work_dir_malwarepatrol}/${malwarepatrol_db}"
+                    if [ "$remove_bad_database" == "yes" ] ; then
+                      if rm -f "${work_dir_malwarepatrol}/${malwarepatrol_db}" ; then
+                        xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_malwarepatrol}/${malwarepatrol_db}"
                        fi
                        fi
-                      xshok_pretty_echo_and_log "Successfully updated MalwarePatrol production database file: $malwarepatrol_db"
-                      do_clamd_reload=1
-                    else
-                      xshok_pretty_echo_and_log "Failed to successfully update MalwarePatrol production database file: $malwarepatrol_db - SKIPPING"
                      fi
                      fi
-                    ;;
-                  0) # The database did not update
-                    xshok_pretty_echo_and_log "MalwarePatrol signature database ($malwarepatrol_db) did not change - skipping"
-                    ;;
-                  -1) # Wget failed
-                    xshok_pretty_echo_and_log "WARNING - Failed connection to $malwarepatrol_url - SKIPPED MalwarePatrol $malwarepatrol_db update"
-                    ;;
-            esac
-
-          else
-            xshok_pretty_echo_and_log "MalwarePatrol Database File Update" "="
-            xshok_draw_time_remaining "$((update_interval - time_interval))" "$malwarepatrol_update_hours" "MalwarePatrol"
-          fi
+                    false
+                    fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${malwarepatrol_db}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${test_dir}/${malwarepatrol_db}" "$clam_dbs" 2>&13 ; then
+                    perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${malwarepatrol_db}"
+                    if [ "$selinux_fixes" == "yes" ] ; then
+                      restorecon "${clam_dbs}/${malwarepatrol_db}"
+                    fi
+                    xshok_pretty_echo_and_log "Successfully updated MalwarePatrol production database file: ${malwarepatrol_db}"
+                    malwarepatrol_updates=1
+                    malwarepatrol_db_update=1
+                    do_clamd_reload=1
+                  else
+                    xshok_pretty_echo_and_log "Failed to successfully update MalwarePatrol production database file: ${malwarepatrol_db} - SKIPPING"
+                  fi
+                fi
+              fi
+            else
+              xshok_pretty_echo_and_log "Failed connection to ${malwarepatrol_url} - SKIPPED MalwarePatrol ${malwarepatrol_db} update"
+            fi
+            if [ "$malwarepatrol_db_update" != "1" ] ; then
+              xshok_pretty_echo_and_log "No updated MalwarePatrol ${malwarepatrol_db} database file found" "-"
+            fi
+          if [ "$malwarepatrol_updates" != "1" ] ; then
+            xshok_pretty_echo_and_log "No MalwarePatrol database file updates found" "-"
+          fi
+        else
+          xshok_pretty_echo_and_log "MalwarePatrol Database File Updates" "="
+          xshok_draw_time_remaining "$((update_interval - time_interval))" "$malwarepatrol_update_hours" "malwarepatrol"
          fi
        fi
          fi
        fi
+    fi
+else
+  if [ -n "$malwarepatrol_dbs" ] ; then
+    if [ "$remove_disabled_databases" == "yes" ] ; then
+      xshok_pretty_echo_and_log "Removing disabled MalwarePatrol Database files"
+        if [ -r "${work_dir_malwarepatrol}/${malwarepatrol_db}" ] ; then
+          xshok_pretty_echo_and_log "Removing ${work_dir_malwarepatrol}/${malwarepatrol_db}"
+          rm -f "${work_dir_malwarepatrol}/${malwarepatrol_db}"
+          do_clamd_reload=1
+        fi
+        if [ -r "${clam_dbs}/${malwarepatrol_db}" ] ; then
+          xshok_pretty_echo_and_log "Removing ${clam_dbs}/${malwarepatrol_db}"
+          rm -f "${clam_dbs}/${malwarepatrol_db}"
+          do_clamd_reload=1
+        fi
+    fi
+  fi
+fi
+
+##############################################################################################################################################
+# Check for updated urlhaus database files every set number of hours as defined in the "USER CONFIGURATION" section of this script
+##############################################################################################################################################
+if [ "$urlhaus_enabled" == "yes" ] ; then
+  if [ -n "${urlhaus_dbs[0]}" ] ; then
+    if [ ${#urlhaus_dbs} -lt 1 ] ; then
+      xshok_pretty_echo_and_log "Failed urlhaus_dbs config is invalid or not defined - SKIPPING"
      else
      else
-      if [ -n "$malwarepatrol_db" ] ; then
-        if [ "$remove_disabled_databases" == "yes" ] ; then
-          xshok_pretty_echo_and_log "Removing disabled MalwarePatrol Database file"
-          if [ -r "$work_dir_malwarepatrol/$malwarepatrol_db" ] ; then
-            rm -f "$work_dir_malwarepatrol/$malwarepatrol_db"
-            do_clamd_reload=1
+      rm -f "${work_dir_urlhaus}/*.gz"
+      if [ -r "${work_dir_work_configs}/last-urlhaus-update.txt" ] ; then
+        last_urlhaus_update="$(cat "${work_dir_work_configs}/last-urlhaus-update.txt")"
+      else
+        last_urlhaus_update="0"
+      fi
+      db_file=""
+      loop=""
+      update_interval="$((urlhaus_update_hours * 3600))"
+      time_interval="$((current_time - last_urlhaus_update))"
+      if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
+        echo "$current_time" > "${work_dir_work_configs}/last-urlhaus-update.txt"
+
+        xshok_pretty_echo_and_log "Yara-Rules Database File Updates" "="
+        xshok_pretty_echo_and_log "Checking for urlhaus updates..."
+        urlhaus_updates="0"
+        for db_file in "${urlhaus_dbs[@]}" ; do
+          if echo "$db_file" | $grep_bin -q "/" ; then
+            yr_dir="/$(echo "$db_file" | cut -d "/" -f 1)"
+            db_file="$(echo "$db_file" | cut -d "/" -f 2)"
+          else yr_dir=""
            fi
            fi
-          if [ -r "$clam_dbs/$malwarepatrol_db" ] ; then
-            rm -f "$clam_dbs/$malwarepatrol_db"
-            do_clamd_reload=1
+          if [ "$loop" == "1" ] ; then
+            xshok_pretty_echo_and_log "---"
            fi
            fi
+          xshok_pretty_echo_and_log "Checking for updated urlhaus database file: ${db_file}"
+          urlhaus_db_update="0"
+          if xshok_file_download "${work_dir_urlhaus}/${db_file}" "${urlhaus_url}/${db_file}" ; then
+            loop="1"
+            if ! cmp -s "${work_dir_urlhaus}/${db_file}" "${clam_dbs}/${db_file}" ; then
+              db_ext="${db_file#*.}"
+              xshok_pretty_echo_and_log "Testing updated urlhaus database file: ${db_file}"
+              if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
+                if $clamscan_bin --quiet -d "${work_dir_urlhaus}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                  xshok_pretty_echo_and_log "Clamscan reports urlhaus ${db_file} database integrity tested good"
+                  true
+                else
+                  xshok_pretty_echo_and_log "Clamscan reports urlhaus ${db_file} database integrity tested BAD"
+                  if [ "$remove_bad_database" == "yes" ] ; then
+                    if rm -f "${work_dir_urlhaus}/${db_file}" ; then
+                      xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_urlhaus}/${db_file}"
+                    fi
+                  fi
+                  false
+                  fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${work_dir_urlhaus}/${db_file}" "$clam_dbs" 2>&13 ; then
+                  perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
+                  if [ "$selinux_fixes" == "yes" ] ; then
+                    restorecon "${clam_dbs}/${db_file}"
+                  fi
+                  xshok_pretty_echo_and_log "Successfully updated urlhaus production database file: ${db_file}"
+                  urlhaus_updates=1
+                  urlhaus_db_update=1
+                  do_clamd_reload=1
+                else
+                  xshok_pretty_echo_and_log "Failed to successfully update urlhaus production database file: ${db_file} - SKIPPING"
+                fi
+              else
+                $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${work_dir_urlhaus}/${db_file}" > "${test_dir}/${db_file}"
+                $clamscan_bin --infected --no-summary -d "${test_dir}/${db_file}" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "${work_dir_work_configs}/whitelist.txt"
+                $grep_bin -h -f "${work_dir_work_configs}/whitelist.txt" "${test_dir}/${db_file}" | cut -d "*" -f 2 | sort | uniq >> "${work_dir_work_configs}/whitelist.hex"
+                $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${test_dir}/${db_file}" > "${test_dir}/${db_file}-tmp"
+                mv -f "${test_dir}/${db_file}-tmp" "${test_dir}/${db_file}"
+                if $clamscan_bin --quiet -d "${test_dir}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                  xshok_pretty_echo_and_log "Clamscan reports urlhaus ${db_file} database integrity tested good"
+                  true
+                else
+                  xshok_pretty_echo_and_log "Clamscan reports urlhaus ${db_file} database integrity tested BAD"
+                  if [ "$remove_bad_database" == "yes" ] ; then
+                    if rm -f "${work_dir_urlhaus}/${db_file}" ; then
+                      xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_urlhaus}/${db_file}"
+                    fi
+                  fi
+                  false
+                  fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${test_dir}/${db_file}" "$clam_dbs" 2>&13 ; then
+                  perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
+                  if [ "$selinux_fixes" == "yes" ] ; then
+                    restorecon "${clam_dbs}/${db_file}"
+                  fi
+                  xshok_pretty_echo_and_log "Successfully updated urlhaus production database file: ${db_file}"
+                  urlhaus_updates=1
+                  urlhaus_db_update=1
+                  do_clamd_reload=1
+                else
+                  xshok_pretty_echo_and_log "Failed to successfully update urlhaus production database file: ${db_file} - SKIPPING"
+                fi
+              fi
+
+            fi
+          else
+            xshok_pretty_echo_and_log "WARNING: Failed connection to $urlhaus_url - SKIPPED urlhaus ${db_file} update"
+          fi
+          if [ "$urlhaus_db_update" != "1" ] ; then
+            xshok_pretty_echo_and_log "No updated urlhaus ${db_file} database file found"
+          fi
+        done
+        if [ "$urlhaus_updates" != "1" ] ; then
+          xshok_pretty_echo_and_log "No urlhaus database file updates found" "-"
          fi
          fi
+      else
+
+        xshok_pretty_echo_and_log "Yara-Rules Database File Updates" "="
+        xshok_draw_time_remaining "$((update_interval - time_interval))" "$urlhaus_update_hours" "urlhaus"
        fi
      fi
        fi
      fi
+  fi
+else
+  if [ -n "${urlhaus_dbs[0]}" ] ; then
+    if [ "$remove_disabled_databases" == "yes" ] ; then
+      xshok_pretty_echo_and_log "Removing disabled urlhaus Database files"
+      for db_file in "${urlhaus_dbs[@]}" ; do
+        if echo "$db_file" | $grep_bin -q "/" ; then
+          db_file="$(echo "$db_file" | cut -d "/" -f 2)"
+        fi
+        if echo "$db_file" | $grep_bin -q "|" ; then
+          db_file="${db_file%|*}"
+        fi
+        if [ -r "${work_dir_urlhaus}/${db_file}" ] ; then
+          rm -f "${work_dir_urlhaus}/${db_file}"
+          do_clamd_reload="1"
+        fi
+        if [ -r "${clam_dbs}/${db_file}" ] ; then
+          rm -f "${clam_dbs}/${db_file}"
+          do_clamd_reload=1
+        fi
+      done
+    fi
+  fi
+fi
  
  
-    ##############################################################################################################################################
-    # Check for updated yararulesproject database files every set number of hours as defined in the "USER CONFIGURATION" section of this script
-    ##############################################################################################################################################
-    if [ "$yararulesproject_enabled" == "yes" ] ; then
-      if [ -n "${yararulesproject_dbs[0]}" ] ; then
-        if [ ${#yararulesproject_dbs} -lt 1 ] ; then
-          xshok_pretty_echo_and_log "Failed yararulesproject_dbs config is invalid or not defined - SKIPPING"
-        else
-          rm -f "$work_dir_yararulesproject/*.gz"
-          if [ -r "$work_dir_work_configs/last-yararulesproject-update.txt" ] ; then
-            last_yararulesproject_update="$(cat "$work_dir_work_configs/last-yararulesproject-update.txt")"
-          else
-            last_yararulesproject_update="0"
+##############################################################################################################################################
+# Check for updated yararulesproject database files every set number of hours as defined in the "USER CONFIGURATION" section of this script
+##############################################################################################################################################
+if [ "$yararulesproject_enabled" == "yes" ] ; then
+  if [ -n "${yararulesproject_dbs[0]}" ] ; then
+    if [ ${#yararulesproject_dbs} -lt 1 ] ; then
+      xshok_pretty_echo_and_log "Failed yararulesproject_dbs config is invalid or not defined - SKIPPING"
+    else
+      rm -f "${work_dir_yararulesproject}/*.gz"
+      if [ -r "${work_dir_work_configs}/last-yararulesproject-update.txt" ] ; then
+        last_yararulesproject_update="$(cat "${work_dir_work_configs}/last-yararulesproject-update.txt")"
+      else
+        last_yararulesproject_update="0"
+      fi
+      db_file=""
+      loop=""
+      update_interval="$((yararulesproject_update_hours * 3600))"
+      time_interval="$((current_time - last_yararulesproject_update))"
+      if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
+        echo "$current_time" > "${work_dir_work_configs}/last-yararulesproject-update.txt"
+
+        xshok_pretty_echo_and_log "Yara-Rules Database File Updates" "="
+        xshok_pretty_echo_and_log "Checking for yararulesproject updates..."
+        yararulesproject_updates="0"
+        for db_file in "${yararulesproject_dbs[@]}" ; do
+          if echo "$db_file" | $grep_bin -q "/" ; then
+            yr_dir="/$(echo "$db_file" | cut -d "/" -f 1)"
+            db_file="$(echo "$db_file" | cut -d "/" -f 2)"
+          else yr_dir=""
            fi
            fi
-          db_file=""
-          loop=""
-          update_interval="$((yararulesproject_update_hours * 3600))"
-          time_interval="$((current_time - last_yararulesproject_update))"
-          if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
-            echo "$current_time" > "$work_dir_work_configs/last-yararulesproject-update.txt"
-
-            xshok_pretty_echo_and_log "Yara-Rules Database File Updates" "="
-            xshok_pretty_echo_and_log "Checking for yararulesproject updates..."
-            yararulesproject_updates="0"
-            for db_file in "${yararulesproject_dbs[@]}" ; do
-              if echo "$db_file" | $grep_bin -q "/"; then
-                yr_dir="/$(echo "$db_file" | cut -d "/" -f 1)"
-                db_file="$(echo "$db_file" | cut -d "/" -f 2)"
-              else yr_dir=""
-              fi
-              if [ "$loop" == "1" ] ; then
-                xshok_pretty_echo_and_log "---"
-              fi
-              xshok_pretty_echo_and_log "Checking for updated yararulesproject database file: $db_file"
-              yararulesproject_db_update="0"
-              xshok_file_download "$work_dir_yararulesproject/$db_file" "$yararulesproject_url/$yr_dir/$db_file"
-              ret="$?"
-              if [ "$ret" -eq 0 ] ; then
-                loop="1"
-                if ! cmp -s "$work_dir_yararulesproject/$db_file" "$clam_dbs/$db_file" ; then
-                  if [ $? -eq 0 ] ; then
-                    db_ext="${db_file#*.}"
-
-                    xshok_pretty_echo_and_log "Testing updated yararulesproject database file: $db_file"
-                    if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
-                      if $clamscan_bin --quiet -d "$work_dir_yararulesproject/$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null
-                      then
-                        xshok_pretty_echo_and_log "Clamscan reports yararulesproject $db_file database integrity tested good"
-                        true
-                      else
-                        xshok_pretty_echo_and_log "Clamscan reports yararulesproject $db_file database integrity tested BAD"
-                        if [ "$remove_bad_database" == "yes" ] ; then
-                          if rm -f "$work_dir_yararulesproject/$db_file" ; then
-                            xshok_pretty_echo_and_log "Removed invalid database: $work_dir_yararulesproject/$db_file"
-                          fi
-                        fi
-                        false
-                        fi && (test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$db_file" "$clam_dbs/$db_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "$work_dir_yararulesproject/$db_file" "$clam_dbs" 2>/dev/null ; then
-                        perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
-                        if [ "$selinux_fixes" == "yes" ] ; then
-                          restorecon "$clam_dbs/$db_file"
-                        fi
-                        xshok_pretty_echo_and_log "Successfully updated yararulesproject production database file: $db_file"
-                        yararulesproject_updates=1
-                        yararulesproject_db_update=1
-                        do_clamd_reload=1
-                      else
-                        xshok_pretty_echo_and_log "Failed to successfully update yararulesproject production database file: $db_file - SKIPPING"
-                      fi
-                    else
-                      $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$work_dir_yararulesproject/$db_file" > "$test_dir/$db_file"
-                      $clamscan_bin --infected --no-summary -d "$test_dir/$db_file" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "$work_dir_work_configs/whitelist.txt"
-                      $grep_bin -h -f "$work_dir_work_configs/whitelist.txt" "$test_dir/$db_file" | cut -d "*" -f 2 | sort | uniq >> "$work_dir_work_configs/whitelist.hex"
-                      $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$test_dir/$db_file" > "$test_dir/$db_file-tmp"
-                      mv -f "$test_dir/$db_file-tmp" "$test_dir/$db_file"
-                      if $clamscan_bin --quiet -d "$test_dir/$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null ; then
-                        xshok_pretty_echo_and_log "Clamscan reports yararulesproject $db_file database integrity tested good"
-                        true
-                      else
-                        xshok_pretty_echo_and_log "Clamscan reports yararulesproject $db_file database integrity tested BAD"
-                        if [ "$remove_bad_database" == "yes" ] ; then
-                          if rm -f "$work_dir_yararulesproject/$db_file" ; then
-                            xshok_pretty_echo_and_log "Removed invalid database: $work_dir_yararulesproject/$db_file"
-                          fi
-                        fi
-                        false
-                        fi && (test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$db_file" "$clam_dbs/$db_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "$test_dir/$db_file" "$clam_dbs" 2>/dev/null ; then
-                        perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
-                        if [ "$selinux_fixes" == "yes" ] ; then
-                          restorecon "$clam_dbs/$db_file"
-                        fi
-                        xshok_pretty_echo_and_log "Successfully updated yararulesproject production database file: $db_file"
-                        yararulesproject_updates=1
-                        yararulesproject_db_update=1
-                        do_clamd_reload=1
-                      else
-                        xshok_pretty_echo_and_log "Failed to successfully update yararulesproject production database file: $db_file - SKIPPING"
-                      fi
+          if [ "$loop" == "1" ] ; then
+            xshok_pretty_echo_and_log "---"
+          fi
+          xshok_pretty_echo_and_log "Checking for updated yararulesproject database file: ${db_file}"
+          yararulesproject_db_update="0"
+          if xshok_file_download "${work_dir_yararulesproject}/${db_file}" "$yararulesproject_url/$yr_dir/${db_file}" ; then
+            loop="1"
+            if ! cmp -s "${work_dir_yararulesproject}/${db_file}" "${clam_dbs}/${db_file}" ; then
+              db_ext="${db_file#*.}"
+              xshok_pretty_echo_and_log "Testing updated yararulesproject database file: ${db_file}"
+              if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
+                if $clamscan_bin --quiet -d "${work_dir_yararulesproject}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                  xshok_pretty_echo_and_log "Clamscan reports yararulesproject ${db_file} database integrity tested good"
+                  true
+                else
+                  xshok_pretty_echo_and_log "Clamscan reports yararulesproject ${db_file} database integrity tested BAD"
+                  if [ "$remove_bad_database" == "yes" ] ; then
+                    if rm -f "${work_dir_yararulesproject}/${db_file}" ; then
+                      xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_yararulesproject}/${db_file}"
                      fi
                    fi
                      fi
                    fi
+                  false
+                  fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${work_dir_yararulesproject}/${db_file}" "$clam_dbs" 2>&13 ; then
+                  perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
+                  if [ "$selinux_fixes" == "yes" ] ; then
+                    restorecon "${clam_dbs}/${db_file}"
+                  fi
+                  xshok_pretty_echo_and_log "Successfully updated yararulesproject production database file: ${db_file}"
+                  yararulesproject_updates=1
+                  yararulesproject_db_update=1
+                  do_clamd_reload=1
+                else
+                  xshok_pretty_echo_and_log "Failed to successfully update yararulesproject production database file: ${db_file} - SKIPPING"
                  fi
                else
                  fi
                else
-                xshok_pretty_echo_and_log "WARNING: Failed connection to $yararulesproject_url - SKIPPED yararulesproject $db_file update"
-              fi
-              if [ "$yararulesproject_db_update" != "1" ] ; then
-                xshok_pretty_echo_and_log "No updated yararulesproject $db_file database file found"
+                $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${work_dir_yararulesproject}/${db_file}" > "${test_dir}/${db_file}"
+                $clamscan_bin --infected --no-summary -d "${test_dir}/${db_file}" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "${work_dir_work_configs}/whitelist.txt"
+                $grep_bin -h -f "${work_dir_work_configs}/whitelist.txt" "${test_dir}/${db_file}" | cut -d "*" -f 2 | sort | uniq >> "${work_dir_work_configs}/whitelist.hex"
+                $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${test_dir}/${db_file}" > "${test_dir}/${db_file}-tmp"
+                mv -f "${test_dir}/${db_file}-tmp" "${test_dir}/${db_file}"
+                if $clamscan_bin --quiet -d "${test_dir}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                  xshok_pretty_echo_and_log "Clamscan reports yararulesproject ${db_file} database integrity tested good"
+                  true
+                else
+                  xshok_pretty_echo_and_log "Clamscan reports yararulesproject ${db_file} database integrity tested BAD"
+                  if [ "$remove_bad_database" == "yes" ] ; then
+                    if rm -f "${work_dir_yararulesproject}/${db_file}" ; then
+                      xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_yararulesproject}/${db_file}"
+                    fi
+                  fi
+                  false
+                  fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${test_dir}/${db_file}" "$clam_dbs" 2>&13 ; then
+                  perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
+                  if [ "$selinux_fixes" == "yes" ] ; then
+                    restorecon "${clam_dbs}/${db_file}"
+                  fi
+                  xshok_pretty_echo_and_log "Successfully updated yararulesproject production database file: ${db_file}"
+                  yararulesproject_updates=1
+                  yararulesproject_db_update=1
+                  do_clamd_reload=1
+                else
+                  xshok_pretty_echo_and_log "Failed to successfully update yararulesproject production database file: ${db_file} - SKIPPING"
+                fi
                fi
                fi
-            done
-            if [ "$yararulesproject_updates" != "1" ] ; then
-              xshok_pretty_echo_and_log "No yararulesproject database file updates found" "-"
+
              fi
            else
              fi
            else
-
-            xshok_pretty_echo_and_log "Yara-Rules Database File Updates" "="
-            xshok_draw_time_remaining "$((update_interval - time_interval))" "$yararulesproject_update_hours" "yararulesproject"
+            xshok_pretty_echo_and_log "WARNING: Failed connection to $yararulesproject_url - SKIPPED yararulesproject ${db_file} update"
+          fi
+          if [ "$yararulesproject_db_update" != "1" ] ; then
+            xshok_pretty_echo_and_log "No updated yararulesproject ${db_file} database file found"
            fi
            fi
+        done
+        if [ "$yararulesproject_updates" != "1" ] ; then
+          xshok_pretty_echo_and_log "No yararulesproject database file updates found" "-"
          fi
          fi
+      else
+
+        xshok_pretty_echo_and_log "Yara-Rules Database File Updates" "="
+        xshok_draw_time_remaining "$((update_interval - time_interval))" "$yararulesproject_update_hours" "yararulesproject"
        fi
        fi
-    else
-      if [ -n "${yararulesproject_dbs[0]}" ] ; then
-        if [ "$remove_disabled_databases" == "yes" ] ; then
-          xshok_pretty_echo_and_log "Removing disabled yararulesproject Database files"
-          for db_file in "${yararulesproject_dbs[@]}" ; do
-            if echo "$db_file" | $grep_bin -q "/"; then
-              db_file="$(echo "$db_file" | cut -d "/" -f 2)"
-            fi
-            if echo "$db_file" | $grep_bin -q "|"; then
-              db_file="${db_file%|*}"
-            fi
-            if [ -r "$work_dir_yararulesproject/$db_file" ] ; then
-              rm -f "$work_dir_yararulesproject/$db_file"
-              do_clamd_reload="1"
-            fi
-            if [ -r "$clam_dbs/$db_file" ] ; then
-              rm -f "$clam_dbs/$db_file"
-              do_clamd_reload=1
-            fi
-          done
+    fi
+  fi
+else
+  if [ -n "${yararulesproject_dbs[0]}" ] ; then
+    if [ "$remove_disabled_databases" == "yes" ] ; then
+      xshok_pretty_echo_and_log "Removing disabled yararulesproject Database files"
+      for db_file in "${yararulesproject_dbs[@]}" ; do
+        if echo "$db_file" | $grep_bin -q "/" ; then
+          db_file="$(echo "$db_file" | cut -d "/" -f 2)"
          fi
          fi
-      fi
+        if echo "$db_file" | $grep_bin -q "|" ; then
+          db_file="${db_file%|*}"
+        fi
+        if [ -r "${work_dir_yararulesproject}/${db_file}" ] ; then
+          rm -f "${work_dir_yararulesproject}/${db_file}"
+          do_clamd_reload="1"
+        fi
+        if [ -r "${clam_dbs}/${db_file}" ] ; then
+          rm -f "${clam_dbs}/${db_file}"
+          do_clamd_reload=1
+        fi
+      done
      fi
      fi
+  fi
+fi
  
  
-    ##############################################################################################################################################
-    # Check for updated additional database files every set number of hours as defined in the "USER CONFIGURATION" section of this script
-    ##############################################################################################################################################
-    if [ "$additional_enabled" == "yes" ] ; then
-      if [ -n "$additional_dbs" ] ; then
-        if [ ${#additional_dbs} -lt 1 ] ; then
-          xshok_pretty_echo_and_log "Failed additional_dbs config is invalid or not defined - SKIPPING"
-        else
-          rm -f "$work_dir_add/*.gz"
-          if [ -r "$work_dir_work_configs/last-additional-update.txt" ] ; then
-            last_additional_update="$(cat "$work_dir_work_configs/last-additional-update.txt")"
-          else
-            last_additional_update="0"
-          fi
-          db_file=""
-          loop=""
-          update_interval="$((additional_update_hours * 3600))"
-          time_interval="$((current_time - last_additional_update))"
-          if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
-            echo "$current_time" > "$work_dir_work_configs/last-additional-update.txt"
-
-            xshok_pretty_echo_and_log "Additional Database File Updates" "="
-            xshok_pretty_echo_and_log "Checking for additional updates..."
-            additional_updates="0"
-            for db_url in "${additional_dbs[@]}" ; do
-              # Left for future dir manipulation
-              # if echo "$db_file" | $grep_bin -q "/"; then
-              #   add_dir="/$(echo "$db_file" | cut -d "/" -f 1)"
-              #   db_file="$(echo "$db_file" | cut -d "/" -f 2)"
-              # else
-              #   add_dir=""
-              # fi
-
-              #cleanup any leading and trailing whitespace.
-              db_url="$(echo -e "$db_url" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')"
-
-              db_file="$(basename "$db_url")"
+##############################################################################################################################################
+# Check for updated additional database files every set number of hours as defined in the "USER CONFIGURATION" section of this script
+##############################################################################################################################################
+if [ "$additional_enabled" == "yes" ] ; then
+  if [ -n "$additional_dbs" ] ; then
+    if [ ${#additional_dbs} -lt 1 ] ; then
+      xshok_pretty_echo_and_log "Failed additional_dbs config is invalid or not defined - SKIPPING"
+    else
+      rm -f "${work_dir_add}/*.gz"
+      if [ -r "${work_dir_work_configs}/last-additional-update.txt" ] ; then
+        last_additional_update="$(cat "${work_dir_work_configs}/last-additional-update.txt")"
+      else
+        last_additional_update="0"
+      fi
+      db_file=""
+      loop=""
+      update_interval="$((additional_update_hours * 3600))"
+      time_interval="$((current_time - last_additional_update))"
+      if [ "$time_interval" -ge "$((update_interval - 600))" ] ; then
+        echo "$current_time" > "${work_dir_work_configs}/last-additional-update.txt"
  
  
-              if [ "$loop" == "1" ] ; then
-                xshok_pretty_echo_and_log "---"
-              fi
-              xshok_pretty_echo_and_log "Checking for updated additional database file: $db_file"
+        xshok_pretty_echo_and_log "Additional Database File Updates" "="
+        xshok_pretty_echo_and_log "Checking for additional updates..."
+        additional_updates="0"
+        for db_url in "${additional_dbs[@]}" ; do
+          # Left for future dir manipulation
+          # if echo "$db_file" | $grep_bin -q "/" ; then
+          #   add_dir="/$(echo "$db_file" | cut -d "/" -f 1)"
+          #   db_file="$(echo "$db_file" | cut -d "/" -f 2)"
+          # else
+          #   add_dir=""
+          # fi
  
  
-              additional_db_update="0"
+          #cleanup any leading and trailing whitespace.
+          db_url="$(echo -e "$db_url" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')"
  
  
-              if [ "${db_url%:*}" == "rsync" ] ; then
-                # shellcheck disable=SC2086
-                $rsync_bin $rsync_output_level $no_motd -ctuz $connect_timeout --timeout="$rsync_max_time" --exclude=*.txt --exclude=*.sha256 --exclude=*.sig --exclude=*.gz "$db_url" "$work_dir_add" 2>/dev/null
-                ret="$?"
-              else
-                xshok_file_download "$work_dir_add/$db_file" "$db_url"
-                ret="$?"
-              fi
+          db_file="$(basename "$db_url")"
  
  
-              # This needs enhancement for rsync, as it will only work with single files...
-              # Maybe better to process each file inside work_dir_add in its own for loop.
-              if [ "$ret" -eq 0 ] ; then
-                loop="1"
-                if ! cmp -s "$work_dir_add/$db_file" "$clam_dbs/$db_file" ; then
-                  if [ $? -eq 0 ] ; then
-                    db_ext="${db_file#*.}"
+          if [ "$loop" == "1" ] ; then
+            xshok_pretty_echo_and_log "---"
+          fi
+          xshok_pretty_echo_and_log "Checking for updated additional database file: ${db_file}"
  
  
-                    xshok_pretty_echo_and_log "Testing updated additional database file: $db_file"
-                    if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
-                      if $clamscan_bin --quiet -d "$work_dir_add/$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null
-                      then
-                        xshok_pretty_echo_and_log "Clamscan reports additional $db_file database integrity tested good"
-                        true
-                      else
-                        xshok_pretty_echo_and_log "Clamscan reports additional $db_file database integrity tested BAD"
-                        if [ "$remove_bad_database" == "yes" ] ; then
-                          if rm -f "$work_dir_add/$db_file" ; then
-                            xshok_pretty_echo_and_log "Removed invalid database: $work_dir_add/$db_file"
-                          fi
-                        fi
-                        false
-                        fi && (test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$db_file" "$clam_dbs/$db_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "$work_dir_add/$db_file" "$clam_dbs" 2>/dev/null ; then
-                        perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
-                        if [ "$selinux_fixes" == "yes" ] ; then
-                          restorecon "$clam_dbs/$db_file"
-                        fi
-                        xshok_pretty_echo_and_log "Successfully updated additional production database file: $db_file"
-                        additional_updates=1
-                        additional_db_update=1
-                        do_clamd_reload=1
-                      else
-                        xshok_pretty_echo_and_log "Failed to successfully update additional production database file: $db_file - SKIPPING"
-                      fi
-                    else
-                      $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$work_dir_add/$db_file" > "$test_dir/$db_file"
-                      $clamscan_bin --infected --no-summary -d "$test_dir/$db_file" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "$work_dir_work_configs/whitelist.txt"
-                      $grep_bin -h -f "$work_dir_work_configs/whitelist.txt" "$test_dir/$db_file" | cut -d "*" -f 2 | sort | uniq >> "$work_dir_work_configs/whitelist.hex"
-                      $grep_bin -h -v -f "$work_dir_work_configs/whitelist.hex" "$test_dir/$db_file" > "$test_dir/$db_file-tmp"
-                      mv -f "$test_dir/$db_file-tmp" "$test_dir/$db_file"
-                      if $clamscan_bin --quiet -d "$test_dir/$db_file" "$work_dir_work_configs/scan-test.txt" 2>/dev/null ; then
-                        xshok_pretty_echo_and_log "Clamscan reports additional $db_file database integrity tested good"
-                        true
-                      else
-                        xshok_pretty_echo_and_log "Clamscan reports additional $db_file database integrity tested BAD"
-                        if [ "$remove_bad_database" == "yes" ] ; then
-                          if rm -f "$work_dir_add/$db_file" ; then
-                            xshok_pretty_echo_and_log "Removed invalid database: $work_dir_add/$db_file"
-                          fi
-                        fi
-                        false
-                        fi && (test "$keep_db_backup" = "yes" && cp -f "$clam_dbs/$db_file" "$clam_dbs/$db_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "$test_dir/$db_file" "$clam_dbs" 2>/dev/null ; then
-                        perms chown -f "$clam_user:$clam_group" "$clam_dbs/$db_file"
-                        if [ "$selinux_fixes" == "yes" ] ; then
-                          restorecon "$clam_dbs/$db_file"
-                        fi
-                        xshok_pretty_echo_and_log "Successfully updated additional production database file: $db_file"
-                        additional_updates=1
-                        additional_db_update=1
-                        do_clamd_reload=1
-                      else
-                        xshok_pretty_echo_and_log "Failed to successfully update additional production database file: $db_file - SKIPPING"
-                      fi
+          additional_db_update="0"
+
+          if [ "${db_url%:*}" == "rsync" ] ; then
+            # shellcheck disable=SC2086
+            $rsync_bin $rsync_output_level $no_motd -ctuz $connect_timeout --timeout="$rsync_max_time" --exclude=*.txt --exclude=*.sha256 --exclude=*.sig --exclude=*.gz "$db_url" "$work_dir_add" 2>&13
+            ret="$?"
+          else
+            xshok_file_download "${work_dir_add}/${db_file}" "$db_url"
+            ret="$?"
+          fi
+
+          # This needs enhancement for rsync, as it will only work with single files...
+          # Maybe better to process each file inside work_dir_add in its own for loop.
+          if [ "$ret" -eq 0 ] ; then
+            loop="1"
+            if ! cmp -s "${work_dir_add}/${db_file}" "${clam_dbs}/${db_file}" ; then
+              db_ext="${db_file#*.}"
+              xshok_pretty_echo_and_log "Testing updated additional database file: ${db_file}"
+              if [ -z "$ham_dir" ] || [ "$db_ext" != "ndb" ] ; then
+                if $clamscan_bin --quiet -d "${work_dir_add}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                  xshok_pretty_echo_and_log "Clamscan reports additional ${db_file} database integrity tested good"
+                  true
+                else
+                  xshok_pretty_echo_and_log "Clamscan reports additional ${db_file} database integrity tested BAD"
+                  if [ "$remove_bad_database" == "yes" ] ; then
+                    if rm -f "${work_dir_add}/${db_file}" ; then
+                      xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_add}/${db_file}"
                      fi
                    fi
                      fi
                    fi
+                  false
+                  fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${work_dir_add}/${db_file}" "$clam_dbs" 2>&13 ; then
+                  perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
+                  if [ "$selinux_fixes" == "yes" ] ; then
+                    restorecon "${clam_dbs}/${db_file}"
+                  fi
+                  xshok_pretty_echo_and_log "Successfully updated additional production database file: ${db_file}"
+                  additional_updates=1
+                  additional_db_update=1
+                  do_clamd_reload=1
+                else
+                  xshok_pretty_echo_and_log "Failed to successfully update additional production database file: ${db_file} - SKIPPING"
                  fi
                else
                  fi
                else
-                xshok_pretty_echo_and_log "WARNING: Failed connection to $db_url - SKIPPED additional $db_file update"
-              fi
-              if [ "$additional_db_update" != "1" ] ; then
-                xshok_pretty_echo_and_log "No updated additional $db_file database file found"
+                $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${work_dir_add}/${db_file}" > "${test_dir}/${db_file}"
+                $clamscan_bin --infected --no-summary -d "${test_dir}/${db_file}" "$ham_dir"/* | command sed 's/\.UNOFFICIAL FOUND//' | awk '{print $NF}' > "${work_dir_work_configs}/whitelist.txt"
+                if [[ "${work_dir_add}/${db_file}" == *.db ]] ; then
+                  $grep_bin -h -f "${work_dir_work_configs}/whitelist.hex" "${test_dir}/${db_file}" | cut -d "=" -f 2 | awk '{ printf("=%s\n", $1);}' |sort | uniq >> "${work_dir_work_configs}/whitelist.hex-tmp"
+                  mv -f "${work_dir_work_configs}/whitelist.hex-tmp" "${work_dir_work_configs}/whitelist.hex"
+                else
+                  $grep_bin -h -f "${work_dir_work_configs}/whitelist.hex" "${test_dir}/${db_file}" | cut -d "=" -f 2 | sort | uniq >> "${work_dir_work_configs}/whitelist.hex-tmp"
+                  mv -f "${work_dir_work_configs}/whitelist.hex-tmp" "${work_dir_work_configs}/whitelist.hex"
+                fi
+                $grep_bin -h -v -f "${work_dir_work_configs}/whitelist.hex" "${test_dir}/${db_file}" > "${test_dir}/${db_file}-tmp"
+                mv -f "${test_dir}/${db_file}-tmp" "${test_dir}/${db_file}"
+                if $clamscan_bin --quiet -d "${test_dir}/${db_file}" "${work_dir_work_configs}/scan-test.txt" 2>&10 ; then
+                  xshok_pretty_echo_and_log "Clamscan reports additional ${db_file} database integrity tested good"
+                  true
+                else
+                  xshok_pretty_echo_and_log "Clamscan reports additional ${db_file} database integrity tested BAD"
+                  if [ "$remove_bad_database" == "yes" ] ; then
+                    if rm -f "${work_dir_add}/${db_file}" ; then
+                      xshok_pretty_echo_and_log "Removed invalid database: ${work_dir_add}/${db_file}"
+                    fi
+                  fi
+                  false
+                  fi && (test "$keep_db_backup" = "yes" && cp -f -p  "${clam_dbs}/${db_file}" "${clam_dbs}/${db}_file-bak" 2>/dev/null ; true) && if $rsync_bin -pcqt "${test_dir}/${db_file}" "$clam_dbs" 2>&13 ; then
+                  perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/${db_file}"
+                  if [ "$selinux_fixes" == "yes" ] ; then
+                    restorecon "${clam_dbs}/${db_file}"
+                  fi
+                  xshok_pretty_echo_and_log "Successfully updated additional production database file: ${db_file}"
+                  additional_updates=1
+                  additional_db_update=1
+                  do_clamd_reload=1
+                else
+                  xshok_pretty_echo_and_log "Failed to successfully update additional production database file: ${db_file} - SKIPPING"
+                fi
                fi
                fi
-            done
-            if [ "$additional_updates" != "1" ] ; then
-              xshok_pretty_echo_and_log "No additional database file updates found" "-"
              fi
            else
              fi
            else
-            xshok_pretty_echo_and_log "Additional Database File Updates" "="
-            xshok_draw_time_remaining "$((update_interval - time_interval))" "$additional_update_hours" "additionaldatabaseupdate"
+            xshok_pretty_echo_and_log "WARNING: Failed connection to ${db_url} - SKIPPED additional ${db_file} update"
+          fi
+          if [ "$additional_db_update" != "1" ] ; then
+            xshok_pretty_echo_and_log "No updated additional ${db_file} database file found"
            fi
            fi
+        done
+        if [ "$additional_updates" != "1" ] ; then
+          xshok_pretty_echo_and_log "No additional database file updates found" "-"
          fi
          fi
+      else
+        xshok_pretty_echo_and_log "Additional Database File Updates" "="
+        xshok_draw_time_remaining "$((update_interval - time_interval))" "$additional_update_hours" "additionaldatabaseupdate"
        fi
        fi
-    else
-      if [ -n "$additional_dbs" ] ; then
-        if [ "$remove_disabled_databases" == "yes" ] ; then
-          xshok_pretty_echo_and_log "Removing disabled additional Database files"
-          for db_file in "${additional_dbs[@]}" ; do
-            if echo "$db_file" | $grep_bin -q "/"; then
-              db_file="$(echo "$db_file" | cut -d "/" -f 2)"
-            fi
-            if [ -r "$work_dir_add/$db_file" ] ; then
-              rm -f "$work_dir_add/$db_file"
-              do_clamd_reload=1
-            fi
-            if [ -r "$clam_dbs/$db_file" ] ; then
-              rm -f "$clam_dbs/$db_file"
-              do_clamd_reload=1
-            fi
-          done
+    fi
+  fi
+else
+  if [ -n "$additional_dbs" ] ; then
+    if [ "$remove_disabled_databases" == "yes" ] ; then
+      xshok_pretty_echo_and_log "Removing disabled additional Database files"
+      for db_file in "${additional_dbs[@]}" ; do
+        if echo "$db_file" | $grep_bin -q "/" ; then
+          db_file="$(echo "$db_file" | cut -d "/" -f 2)"
          fi
          fi
-      fi
+        if [ -r "${work_dir_add}/${db_file}" ] ; then
+          rm -f "${work_dir_add}/${db_file}"
+          do_clamd_reload=1
+        fi
+        if [ -r "${clam_dbs}/${db_file}" ] ; then
+          rm -f "${clam_dbs}/${db_file}"
+          do_clamd_reload=1
+        fi
+      done
      fi
      fi
+  fi
+fi
  
  
-    ###################################################
-    # Generate whitelists
-    ###################################################
-    # Check to see if the local.ign file exists, and if it does, check to see if any of the script
-    # added bypass entries can be removed due to offending signature modifications or removals.
-    if [ -r "$clam_dbs/local.ign" ] && [ -s "$work_dir_work_configs/monitor-ign.txt" ] ; then
-      ign_updated=0
-      cd "$clam_dbs" || exit
-      cp -f local.ign "$work_dir_work_configs/local.ign"
-      cp -f "$work_dir_work_configs/monitor-ign.txt" "$work_dir_work_configs/monitor-ign-old.txt"
-
-      xshok_pretty_echo_and_log "" "=" "80"
-      while read -r entry ; do
-        sig_file="$(echo "$entry" | tr -d "\r" | awk -F ":" '{print $1}')"
-        sig_hex="$(echo "$entry" | tr -d "\r" | awk -F ":" '{print $NF}')"
-        sig_name_old="$(echo "$entry" | tr -d "\r" | awk -F ":" '{print $3}')"
-        sig_ign_old="$($grep_bin ":$sig_name_old" "$work_dir_work_configs/local.ign")"
-        sig_old="$(echo "$entry" | tr -d "\r" | cut -d ":" -f 3-)"
-        sig_new="$($grep_bin -hwF ":$sig_hex" "$sig_file" | tr -d "\r" 2>/dev/null)"
-        sig_mon_new="$($grep_bin -HwF -n ":$sig_hex" "$sig_file" | tr -d "\r")"
-        if [ -n "$sig_new" ] ; then
-          if [ "$sig_old" != "$sig_new" ] || [ "$entry" != "$sig_mon_new" ] ; then
-            sig_name_new="$(echo "$sig_new" | tr -d "\r" | awk -F ":" '{print $1}')"
-            sig_ign_new="$(echo "$sig_mon_new" | cut -d ":" -f 1-3)"
-            perl -i -ne "print unless /$sig_ign_old/" "$work_dir_work_configs/monitor-ign.txt"
-            echo "$sig_mon_new" >> "$work_dir_work_configs/monitor-ign.txt"
-            perl -p -i -e "s/$sig_ign_old/$sig_ign_new/" "$work_dir_work_configs/local.ign"
-            xshok_pretty_echo_and_log "$sig_name_old hexadecimal signature is unchanged, however signature name and/or line placement"
-            xshok_pretty_echo_and_log "in $sig_file has changed to $sig_name_new - updated local.ign to reflect this change."
-            ign_updated=1
-          fi
-        else
-          perl -i -ne "print unless /$sig_ign_old/" "$work_dir_work_configs/monitor-ign.txt" "$work_dir_work_configs/local.ign"
+###################################################
+# Generate whitelists
+###################################################
+# Check to see if the local.ign file exists, and if it does, check to see if any of the script
+# added bypass entries can be removed due to offending signature modifications or removals.
+if [ -r "${clam_dbs}/local.ign" ] && [ -s "${work_dir_work_configs}/monitor-ign.txt" ] ; then
+  ign_updated=0
+  cd "$clam_dbs" || exit
+  cp -f -p local.ign "${work_dir_work_configs}/local.ign"
+  cp -f -p "${work_dir_work_configs}/monitor-ign.txt" "${work_dir_work_configs}/monitor-ign-old.txt"
+
+  xshok_pretty_echo_and_log "" "=" "80"
+  while read -r entry ; do
+    sig_file="$(echo "$entry" | tr -d "\\r" | awk -F ":" '{print $1}')"
+    sig_hex="$(echo "$entry" | tr -d "\\r" | awk -F ":" '{print $NF}')"
+    sig_name_old="$(echo "$entry" | tr -d "\\r" | awk -F ":" '{print $3}')"
+    sig_ign_old="$($grep_bin ":$sig_name_old" "${work_dir_work_configs}/local.ign")"
+    sig_old="$(echo "$entry" | tr -d "\\r" | cut -d ":" -f 3-)"
+    sig_new="$($grep_bin -hwF ":$sig_hex" "$sig_file" | tr -d "\\r" 2>/dev/null)"
+    sig_mon_new="$($grep_bin -HwF -n ":$sig_hex" "$sig_file" | tr -d "\\r")"
+    if [ -n "$sig_new" ] ; then
+      if [ "$sig_old" != "$sig_new" ] || [ "$entry" != "$sig_mon_new" ] ; then
+        sig_name_new="$(echo "$sig_new" | tr -d "\\r" | awk -F ":" '{print $1}')"
+        sig_ign_new="$(echo "$sig_mon_new" | cut -d ":" -f 1-3)"
+        perl -i -ne "print unless /$sig_ign_old/" "${work_dir_work_configs}/monitor-ign.txt"
+        echo "$sig_mon_new" >> "${work_dir_work_configs}/monitor-ign.txt"
+        perl -p -i -e "s/$sig_ign_old/$sig_ign_new/" "${work_dir_work_configs}/local.ign"
+        xshok_pretty_echo_and_log "${sig_name_old} hexadecimal signature is unchanged, however signature name and/or line placement"
+        xshok_pretty_echo_and_log "in ${sig_file} has changed to ${sig_name_new} - updated local.ign to reflect this change."
+        ign_updated=1
+      fi
+    else
+      perl -i -ne "print unless /$sig_ign_old/" "${work_dir_work_configs}/monitor-ign.txt" "${work_dir_work_configs}/local.ign"
  
  
-          xshok_pretty_echo_and_log "$sig_name_old signature has been removed from $sig_file, entry removed from local.ign."
-          ign_updated=1
-        fi
-      done < "$work_dir_work_configs/monitor-ign-old.txt"
-      if [ "$ign_updated" == "1" ] ; then
-        if $clamscan_bin --quiet -d "$work_dir_work_configs/local.ign" "$work_dir_work_configs/scan-test.txt"
-        then
-          if $rsync_bin -pcqt "$work_dir_work_configs/local.ign" "$clam_dbs"
-          then
-            perms chown -f "$clam_user:$clam_group" "$clam_dbs/local.ign"
-            perms chmod -f 0644 "$clam_dbs/local.ign" "$work_dir_work_configs/monitor-ign.txt"
-            if [ "$selinux_fixes" == "yes" ] ; then
-              restorecon "$clam_dbs/local.ign"
-            fi
-            do_clamd_reload=3
-          else
-            xshok_pretty_echo_and_log "Failed to successfully update local.ign file - SKIPPING"
-          fi
-        else
-          xshok_pretty_echo_and_log "Clamscan reports local.ign database integrity is bad - SKIPPING"
+      xshok_pretty_echo_and_log "${sig_name_old} signature has been removed from ${sig_file}, entry removed from local.ign."
+      ign_updated=1
+    fi
+  done < "${work_dir_work_configs}/monitor-ign-old.txt"
+  if [ "$ign_updated" == "1" ] ; then
+    if $clamscan_bin --quiet -d "${work_dir_work_configs}/local.ign" "${work_dir_work_configs}/scan-test.txt" ; then
+      if $rsync_bin -pcqt "${work_dir_work_configs}/local.ign" "$clam_dbs" ; then
+        perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/local.ign"
+        perms chmod -f 0644 "${clam_dbs}/local.ign" "${work_dir_work_configs}/monitor-ign.txt"
+        if [ "$selinux_fixes" == "yes" ] ; then
+          restorecon "${clam_dbs}/local.ign"
          fi
          fi
+        do_clamd_reload=3
        else
        else
-        xshok_pretty_echo_and_log "No whitelist signature changes found in local.ign" "="
+        xshok_pretty_echo_and_log "Failed to successfully update local.ign file - SKIPPING"
        fi
        fi
+    else
+      xshok_pretty_echo_and_log "Clamscan reports local.ign database integrity is bad - SKIPPING"
      fi
      fi
+  else
+    xshok_pretty_echo_and_log "No whitelist signature changes found in local.ign" "="
+  fi
+fi
  
  
-    # Check to see if my-whitelist.ign2 file exists, and if it does, check to see if any of the script
-    # added whitelist entries can be removed due to offending signature modifications or removals.
-    if [ -r "$clam_dbs/my-whitelist.ign2" ] && [ -s "$work_dir_work_configs/tracker.txt" ] ; then
-      ign2_updated=0
-      cd "$clam_dbs" || exit
-      cp -f my-whitelist.ign2 "$work_dir_work_configs/my-whitelist.ign2"
-
-      xshok_pretty_echo_and_log "" "=" "80"
-
-      while read -r entry ; do
-        sig_file="$(echo "$entry" | cut -d ":" -f 1)"
-        sig_full="$(echo "$entry" | cut -d ":" -f 2-)"
-        sig_name="$(echo "$entry" | cut -d ":" -f 2)"
-        if ! $grep_bin -F "$sig_full" "$sig_file" > /dev/null 2>&1 ; then
-          perl -i -ne "print unless /$sig_name$/" "$work_dir_work_configs/my-whitelist.ign2"
-          perl -i -ne "print unless /:$sig_name:/" "$work_dir_work_configs/tracker-tmp.txt"
-
-          xshok_pretty_echo_and_log "$sig_name signature no longer exists in $sig_file, whitelist entry removed from my-whitelist.ign2"
-          ign2_updated="1"
-        fi
-      done < "$work_dir_work_configs/tracker.txt"
-      mv -f "$work_dir_work_configs/tracker-tmp.txt" "$work_dir_work_configs/tracker.txt"
-
-      xshok_pretty_echo_and_log "" "=" "80"
-      if [ "$ign2_updated" == "1" ]
-      then
-        if $clamscan_bin --quiet -d "$work_dir_work_configs/my-whitelist.ign2" "$work_dir_work_configs/scan-test.txt"
-        then
-          if $rsync_bin -pcqt "$work_dir_work_configs/my-whitelist.ign2" "$clam_dbs"
-          then
-            perms chown -f "$clam_user:$clam_group" "$clam_dbs/my-whitelist.ign2"
-            perms chmod -f 0644 "$clam_dbs/my-whitelist.ign2" "$work_dir_work_configs/tracker.txt"
-            if [ "$selinux_fixes" == "yes" ] ; then
-              restorecon "$clam_dbs/my-whitelist.ign2"
-              restorecon "$work_dir_work_configs/tracker.txt"
-            fi
-            do_clamd_reload=4
-          else
-            xshok_pretty_echo_and_log "Failed to successfully update my-whitelist.ign2 file - SKIPPING"
-          fi
-        else
-          xshok_pretty_echo_and_log "Clamscan reports my-whitelist.ign2 database integrity is bad - SKIPPING"
-        fi
-      else
-        xshok_pretty_echo_and_log "No whitelist signature changes found in my-whitelist.ign2"
-      fi
+# Check to see if my-whitelist.ign2 file exists, and if it does, check to see if any of the script
+# added whitelist entries can be removed due to offending signature modifications or removals.
+if [ -r "${clam_dbs}/my-whitelist.ign2" ] && [ -s "${work_dir_work_configs}/tracker.txt" ] ; then
+  ign2_updated=0
+  cd "$clam_dbs" || exit
+  cp -f -p my-whitelist.ign2 "${work_dir_work_configs}/my-whitelist.ign2"
+
+  xshok_pretty_echo_and_log "" "=" "80"
+
+  while read -r entry ; do
+    sig_file="$(echo "$entry" | cut -d ":" -f 1)"
+    sig_full="$(echo "$entry" | cut -d ":" -f 2-)"
+    sig_name="$(echo "$entry" | cut -d ":" -f 2)"
+    if ! $grep_bin -F "$sig_full" "$sig_file" > /dev/null 2>&1 ; then
+      perl -i -ne "print unless /$sig_name$/" "${work_dir_work_configs}/my-whitelist.ign2"
+      perl -i -ne "print unless /:$sig_name:/" "${work_dir_work_configs}/tracker-tmp.txt"
+
+      xshok_pretty_echo_and_log "${sig_name} signature no longer exists in ${sig_file}, whitelist entry removed from my-whitelist.ign2"
+      ign2_updated="1"
      fi
      fi
+  done < "${work_dir_work_configs}/tracker.txt"
+  if [ -f "${work_dir_work_configs}/tracker-tmp.txt" ] ; then
+    mv -f "${work_dir_work_configs}/tracker-tmp.txt" "${work_dir_work_configs}/tracker.txt"
+  fi
  
  
-    # Check for non-matching whitelist.hex signatures and remove them from the whitelist file (signature modified or removed).
-    if [ -n "$ham_dir" ] ; then
-      if [ -r "$work_dir_work_configs/whitelist.hex" ] ; then
-        $grep_bin -h -f "$work_dir_work_configs/whitelist.hex" "$work_dir"/*/*.ndb | cut -d "*" -f 2 | tr -d "\r" | sort | uniq > "$work_dir_work_configs/whitelist.tmp"
-        mv -f "$work_dir_work_configs/whitelist.tmp" "$work_dir_work_configs/whitelist.hex"
-        rm -f "$work_dir_work_configs/whitelist.txt"
-        rm -f "$test_dir"/*.*
-        xshok_pretty_echo_and_log "WARNING: Signature(s) triggered on HAM directory scan - signature(s) removed" "*"
+
+  xshok_pretty_echo_and_log "" "=" "80"
+  if [ "$ign2_updated" == "1" ] ; then
+    if $clamscan_bin --quiet -d "${work_dir_work_configs}/my-whitelist.ign2" "${work_dir_work_configs}/scan-test.txt" ; then
+      if $rsync_bin -pcqt "${work_dir_work_configs}/my-whitelist.ign2" "$clam_dbs" ; then
+        perms chown -f "${clam_user}:${clam_group}" "${clam_dbs}/my-whitelist.ign2"
+        perms chmod -f 0644 "${clam_dbs}/my-whitelist.ign2" "${work_dir_work_configs}/tracker.txt"
+        if [ "$selinux_fixes" == "yes" ] ; then
+          restorecon "${clam_dbs}/my-whitelist.ign2"
+          restorecon "${work_dir_work_configs}/tracker.txt"
+        fi
+        do_clamd_reload=4
        else
        else
-        xshok_pretty_echo_and_log "No signatures triggered on HAM directory scan" "="
+        xshok_pretty_echo_and_log "Failed to successfully update my-whitelist.ign2 file - SKIPPING"
        fi
        fi
+    else
+      xshok_pretty_echo_and_log "Clamscan reports my-whitelist.ign2 database integrity is bad - SKIPPING"
      fi
      fi
+  else
+    xshok_pretty_echo_and_log "No whitelist signature changes found in my-whitelist.ign2"
+  fi
+fi
  
  
-    # Set appropriate directory and file permissions to all production signature files
-    # and set file access mode to 0644 on all working directory files.
+# Check for non-matching whitelist.hex signatures and remove them from the whitelist file (signature modified or removed).
+if [ -n "$ham_dir" ] ; then
+  if [ -r "${work_dir_work_configs}/whitelist.hex" ] ; then
+    $grep_bin -h -f "${work_dir_work_configs}/whitelist.hex" "$work_dir"/*/*.ndb | cut -d "*" -f 2 | tr -d "\\r" | sort | uniq > "${work_dir_work_configs}/whitelist.tmp"
+    $grep_bin -h -f "${work_dir_work_configs}/whitelist.hex" "$work_dir"/*/*.db | cut -d "=" -f 2 | awk '{ printf("=%s\n", $1);}' | sort | uniq >> "${work_dir_work_configs}/whitelist.tmp"
+    mv -f "${work_dir_work_configs}/whitelist.tmp" "${work_dir_work_configs}/whitelist.hex"
+    rm -f "${work_dir_work_configs}/whitelist.txt"
+    rm -f "${test_dir}/*.*"
+    xshok_pretty_echo_and_log "WARNING: Signature(s) triggered on HAM directory scan - signature(s) removed"
+  else
+    xshok_pretty_echo_and_log "No signatures triggered on HAM directory scan" "="
+  fi
+fi
+# Set appropriate directory and file permissions to all production signature files
+# and set file access mode to 0644 on all working directory files.
  
  
-    if [ "$setmode" == "yes" ] ; then
-      xshok_pretty_echo_and_log "Setting permissions and ownership" "="
-      perms chown -f -R "$clam_user:$clam_group" "$work_dir"
-      if ! find "$work_dir" -type f -exec chmod -f 0644 "{}" "+" 2>/dev/null ; then
-        if ! find "$work_dir" -type f -print0 | xargs -0 chmod -f 0644 2>/dev/null ; then
-          find "$work_dir" -type f -exec chmod -f 0644 "{}" ";"
-        fi
-      fi
+if [ "$setmode" == "yes" ] ; then
+  xshok_pretty_echo_and_log "Setting permissions and ownership" "="
+  perms chown -f -R "${clam_user}:${clam_group}" "$work_dir"
+  if ! find "$work_dir" -type f -exec chmod -f 0644 "{}" "+" 2>/dev/null ; then
+    if ! find "$work_dir" -type f -print0 | xargs -0 chmod -f 0644 2>/dev/null ; then
+      find "$work_dir" -type f -exec chmod -f 0644 "{}" ";"
+    fi
+  fi
  
  
-      # If enabled, set file access mode for all production signature database files to 0644.
-      perms chown -f -R "$clam_user:$clam_group" "$clam_dbs"
-      if ! find "$clam_dbs" -type f -exec chmod -f 0644 "{}" "+" 2>/dev/null ; then
-        if ! find "$clam_dbs" -type f -print0 | xargs -0 chmod -f 0644 2>/dev/null ; then
-          find "$clam_dbs" -type f -exec chmod -f 0644 "{}" ";"
-        fi
-      fi
+  # If enabled, set file access mode for all production signature database files to 0644.
+  perms chown -f -R "${clam_user}:${clam_group}" "$clam_dbs"
+  if ! find "$clam_dbs" -type f -exec chmod -f 0644 "{}" "+" 2>/dev/null ; then
+    if ! find "$clam_dbs" -type f -print0 | xargs -0 chmod -f 0644 2>/dev/null ; then
+      find "$clam_dbs" -type f -exec chmod -f 0644 "{}" ";"
      fi
      fi
+  fi
+fi
  
  # Reload all clamd databases
  clamscan_reload_dbs
  
  xshok_pretty_echo_and_log "Issue tracker : https://github.com/extremeshok/clamav-unofficial-sigs/issues" "-"
  
  
  # Reload all clamd databases
  clamscan_reload_dbs
  
  xshok_pretty_echo_and_log "Issue tracker : https://github.com/extremeshok/clamav-unofficial-sigs/issues" "-"
  
-check_new_version
+if [ "$allow_update_checks" != "no" ] ; then
  
  
-check_new_config_version
+       if [ -r "${work_dir_work_configs}/last-version-check.txt" ] ; then
+         last_version_check="$(cat "${work_dir_work_configs}/last-version-check.txt")"
+       else
+         last_version_check="0"
+       fi
+       db_file=""
+       update_check_interval="$((update_check_hours * 3600))"
+       time_interval="$((current_time - last_version_check))"
+       if [ "$time_interval" -ge $((update_check_interval - 600)) ] ; then
+         echo "$current_time" > "${work_dir_work_configs}/last-version-check.txt"
+               check_new_version
+       fi
+
+fi
  
  xshok_cleanup
  
  
  xshok_cleanup
  
+# Set the permission of the log file, to fix any permission errors, this is done to fix cron errors after running the script as root.
+if xshok_is_root ; then
+       if [ "$enable_log" == "yes" ] ; then
+               # check if the file is owned by root (the current user)
+               if [ -O "${log_file_path}/${log_file_name}" ] ; then
+                       # checks the file is writable and a file (not a symlink/link)
+                       if [ -w "${log_file_path}/${log_file_name}" ] && [ -f "${log_file_path}/${log_file_name}" ] ; then
+                               perms chown -f "${clam_user}:${clam_group}" "${log_file_path}/${log_file_name}"
+                       fi
+               fi
+       fi
+fi
+
  # And lastly we exit, Note: the exit is always on the 2nd last line
  exit $?
  # And lastly we exit, Note: the exit is always on the 2nd last line
  exit $?
diff --git a/clamav-unofficial-sigs.8 b/clamav-unofficial-sigs.8

index e22468c..520b00b 100644 (file)
--- a/clamav-unofficial-sigs.8
+++ b/clamav-unofficial-sigs.8
@@ -1,6 +1,6 @@
  
  .\" Manual page for eXtremeSHOK.com ClamAV Unofficial Signature Updater
  
  .\" Manual page for eXtremeSHOK.com ClamAV Unofficial Signature Updater
-.TH clamav-unofficial-sigs 8 "2017-03-19" "Version: 5.6.2" "SCRIPT COMMANDS"
+.TH clamav-unofficial-sigs 8 "2020-01-25" "Version: 7.0.1" "SCRIPT COMMANDS"
  .SH NAME
  clamav-unofficial-sigs \- Download, test, and install third-party ClamAV signature databases.
  .SH SYNOPSIS
  .SH NAME
  clamav-unofficial-sigs \- Download, test, and install third-party ClamAV signature databases.
  .SH SYNOPSIS
@@ -43,10 +43,12 @@ This script follows the standard GNU command line syntax.
  .TP
  \fB \-o, \-\-output\-triggered \fR If HAM directory scanning is enabled in the script's   configuration file, then output names of any third\-party   signatures that triggered during the HAM directory scan
  .TP
  .TP
  \fB \-o, \-\-output\-triggered \fR If HAM directory scanning is enabled in the script's   configuration file, then output names of any third\-party   signatures that triggered during the HAM directory scan
  .TP
-\fB \-w, \-\-whitelist \fR Adds a signature whitelist entry in the newer ClamAV IGN2   format to 'my\-whitelist.ign2' in order to temporarily resolve   a false\-positive issue with a specific third\-party signature.   Script added whitelist entries will automatically be removed   if the original signature is either modified or removed from   the third\-party signature database
+\fB \-w, \-\-whitelist <signature\-name> \fR Adds a signature whitelist entry in the newer ClamAV IGN2   format to 'my\-whitelist.ign2' in order to temporarily resolve   a false\-positive issue with a specific third\-party signature.   Script added whitelist entries will automatically be removed   if the original signature is either modified or removed from   the third\-party signature database
  .TP
  \fB \-\-check\-clamav \fR If ClamD status check is enabled and the socket path is correctly   specifiedthen test to see if clamd is running or not
  .TP
  .TP
  \fB \-\-check\-clamav \fR If ClamD status check is enabled and the socket path is correctly   specifiedthen test to see if clamd is running or not
  .TP
+\fB \-\-upgrade \fR Upgrades this script and master.conf to the latest available version
+.TP
  \fB \-\-install\-all \fR Install and generate the cron, logroate and man files, autodetects the values   based on your config files
  .TP
  \fB \-\-install\-cron \fR Install and generate the cron file, autodetects the values   based on your config files
  \fB \-\-install\-all \fR Install and generate the cron, logroate and man files, autodetects the values   based on your config files
  .TP
  \fB \-\-install\-cron \fR Install and generate the cron file, autodetects the values   based on your config files
diff --git a/debian/changelog b/debian/changelog

index 6737395..674fdae 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+clamav-unofficial-sigs (7.0.1+cn10u1) unstable; urgency=medium
+
+  * Prva verzija za Debian buster
+  * Novi upstream source
+
+ -- Ivan Rako <Ivan.Rako@CARNET.hr>  Wed, 02 Sep 2020 11:58:27 +0200
+
  clamav-unofficial-sigs (5.6.2-1) unstable; urgency=medium
  
    * Prva verzija za Debian stretch
  clamav-unofficial-sigs (5.6.2-1) unstable; urgency=medium
  
    * Prva verzija za Debian stretch
diff --git a/debian/compat b/debian/compat

index ec63514..f599e28 100644 (file)
--- a/debian/compat
+++ b/debian/compat
@@ -1 +1 @@
-9
+10
diff --git a/debian/control b/debian/control

index 7c57ce2..fde49d5 100644 (file)
--- a/debian/control
+++ b/debian/control
@@ -1,15 +1,15 @@
  Source: clamav-unofficial-sigs
  Section: utils
  Priority: optional
  Source: clamav-unofficial-sigs
  Section: utils
  Priority: optional
-Maintainer: Ivan Rako <Ivan.Rako@CARNet.hr>
-Build-Depends: debhelper (>= 9)
+Maintainer: Ivan Rako <Ivan.Rako@CARNET.hr>
+Build-Depends: debhelper (>= 10)
  Standards-Version: 3.9.8
  Homepage: https://github.com/extremeshok/clamav-unofficial-sigs
  
  Package: clamav-unofficial-sigs
  Architecture: all
  Depends: clamav, curl, wget, rsync, dnsutils, gnupg, ${misc:Depends}
  Standards-Version: 3.9.8
  Homepage: https://github.com/extremeshok/clamav-unofficial-sigs
  
  Package: clamav-unofficial-sigs
  Architecture: all
  Depends: clamav, curl, wget, rsync, dnsutils, gnupg, ${misc:Depends}
-Suggests: clamav-daemon (>= 0.99.4)
+Suggests: clamav-daemon (>= 0.102.4)
  Description: update script for 3rd-party clamav signatures
   This package provides a script for updating the following sources of
   3rd-party clamav signatures until freshclamav gains support for such
  Description: update script for 3rd-party clamav signatures
   This package provides a script for updating the following sources of
   3rd-party clamav signatures until freshclamav gains support for such
diff --git a/debian/cron.d b/debian/cron.d

index 037cf3c..93f48f2 100644 (file)
--- a/debian/cron.d
+++ b/debian/cron.d
@@ -14,7 +14,7 @@
  # License: BSD (Berkeley Software Distribution)
  #
  ##################
  # License: BSD (Berkeley Software Distribution)
  #
  ##################
-# Automatically Generated: Tue Jul  3 00:38:36 CEST 2018
+# Automatically Generated: Wed 02 Sep 2020 11:59:22 AM CEST
  ##################
  #
  # This cron file will execute the clamav-unofficial-sigs.sh script that
  ##################
  #
  # This cron file will execute the clamav-unofficial-sigs.sh script that
@@ -26,7 +26,7 @@
  # 60 - 600 seconds.  To Adjust the cron values, edit your configs and run
  # bash clamav-unofficial-sigs.sh --install-cron to generate a new file.
  
  # 60 - 600 seconds.  To Adjust the cron values, edit your configs and run
  # bash clamav-unofficial-sigs.sh --install-cron to generate a new file.
  
-15 * * * * clamav [ -x /usr/sbin/clamav-unofficial-sigs ] && /bin/bash /usr/sbin/clamav-unofficial-sigs > /dev/null
+28 * * * * clamav [ -x /usr/sbin/clamav-unofficial-sigs ] && /bin/bash /usr/sbin/clamav-unofficial-sigs > /dev/null
  
  # https://eXtremeSHOK.com ######################################################
  
  
  # https://eXtremeSHOK.com ######################################################
  
diff --git a/debian/lintian-overrides b/debian/lintian-overrides

index 7e72705..e0e4855 100644 (file)
--- a/debian/lintian-overrides
+++ b/debian/lintian-overrides
@@ -1 +1 @@
-clamav-unofficial-sigs binary: native-package-with-dash-version
+clamav-unofficial-sigs binary: latest-debian-changelog-entry-changed-to-native
diff --git a/debian/logrotate b/debian/logrotate

index 71f12d4..c2f6e08 100644 (file)
--- a/debian/logrotate
+++ b/debian/logrotate
@@ -14,7 +14,7 @@
  # License: BSD (Berkeley Software Distribution)
  #
  ##################
  # License: BSD (Berkeley Software Distribution)
  #
  ##################
-# Automatically Generated: Tue Jul  3 00:38:22 CEST 2018
+# Automatically Generated: Wed 02 Sep 2020 11:56:32 AM CEST
  ##################
  #
  # This logrotate file will rotate the logs generated by the clamav-unofficial-sigs.sh
  ##################
  #
  # This logrotate file will rotate the logs generated by the clamav-unofficial-sigs.sh
diff --git a/debian/source/format b/debian/source/format

new file mode 100644 (file)

index 0000000..d3827e7
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+1.0
diff --git a/master.conf b/master.conf

index 96cd82c..32de383 100644 (file)
--- a/master.conf
+++ b/master.conf
@@ -1,22 +1,18 @@
  # This file contains master configuration settings for clamav-unofficial-sigs.sh
  # This file contains master configuration settings for clamav-unofficial-sigs.sh
-###################
+################################################################################
  # This is property of eXtremeSHOK.com
  # You are free to use, modify and distribute, however you may not remove this notice.
  # Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
  # License: BSD (Berkeley Software Distribution)
  # This is property of eXtremeSHOK.com
  # You are free to use, modify and distribute, however you may not remove this notice.
  # Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
  # License: BSD (Berkeley Software Distribution)
-##################
-#
-# Script updates can be found at: https://github.com/extremeshok/clamav-unofficial-sigs
-#
-##################
+################################################################################
  #
  #
-# NOT COMPATIBLE WITH VERSION 3.XX / 4.XX CONFIG
+# DO NOT EDIT THIS FILE !!  DO NOT EDIT THIS FILE !!  DO NOT EDIT THIS FILE !!
  #
  ################################################################################
  #
  #
  ################################################################################
  #
-# IT IS BETTER TO SET YOUR OPTIONS IN THE user.conf AS THIS MAKES UPDATES EASIER
+# SET YOUR CUSTOM OPTIONS AND SETTINGS IN THE user.conf
  #
  #
-# os.conf AND user.conf OVERRIDES THE OPTIONS IN THIS FILE
+# os.conf (os.***.conf) AND user.conf OVERRIDES THE OPTIONS IN THIS FILE
  #
  ################################################################################
  
  #
  ################################################################################
  
@@ -66,13 +62,15 @@ work_dir="/var/lib/clamav-unofficial-sigs"   #Top level working directory
  logging_enabled="yes"
  log_file_path="/var/log/clamav-unofficial-sigs"
  log_file_name="clamav-unofficial-sigs.log"
  logging_enabled="yes"
  log_file_path="/var/log/clamav-unofficial-sigs"
  log_file_name="clamav-unofficial-sigs.log"
+## Use a program to log messages
+#log_pipe_cmd="/usr/bin/logger -it 'clamav-unofficial-sigs'"
  
  
  # =========================
  # MalwarePatrol : https://www.malwarepatrol.net
  # MalwarePatrol 2016 (free) clamav signatures
  #
  
  
  # =========================
  # MalwarePatrol : https://www.malwarepatrol.net
  # MalwarePatrol 2016 (free) clamav signatures
  #
-# 1. Sign up for an account : https://www.malwarepatrol.net/signup-free.shtml
+# 1. Sign up for an account : https://www.malwarepatrol.net/free-guard-upgrade-option/
  # 2. You will recieve an email containing your password/receipt number
  # 3. Login to your account at malwarePatrol
  # 4. In My Accountpage, choose the ClamAV list you will download. Free subscribers only get ClamAV Basic, commercial subscribers have access to ClamAV Extended. Do not use the agressive lists.
  # 2. You will recieve an email containing your password/receipt number
  # 3. Login to your account at malwarePatrol
  # 4. In My Accountpage, choose the ClamAV list you will download. Free subscribers only get ClamAV Basic, commercial subscribers have access to ClamAV Extended. Do not use the agressive lists.
@@ -81,7 +79,9 @@ log_file_name="clamav-unofficial-sigs.log"
  malwarepatrol_receipt_code="YOUR-RECEIPT-NUMBER"
  malwarepatrol_product_code="8"
  malwarepatrol_list="clamav_basic" # clamav_basic or clamav_ext
  malwarepatrol_receipt_code="YOUR-RECEIPT-NUMBER"
  malwarepatrol_product_code="8"
  malwarepatrol_list="clamav_basic" # clamav_basic or clamav_ext
-# Set to no to enable the commercial subscription url.
+# if the malwarepatrol_product_code is not 8,
+# the malwarepatrol_free is set to no (non-free)
+# set to no to enable the commercial subscription url,
  malwarepatrol_free="yes"
  
  # =========================
  malwarepatrol_free="yes"
  
  # =========================
@@ -100,32 +100,35 @@ malwarepatrol_free="yes"
  # - 6. Enter the authorisation signature into the config securiteinfo_authorisation_signature: replacing YOUR-SIGNATURE-NUMBER with your authorisation signature from the link
  
  securiteinfo_authorisation_signature="YOUR-SIGNATURE-NUMBER"
  # - 6. Enter the authorisation signature into the config securiteinfo_authorisation_signature: replacing YOUR-SIGNATURE-NUMBER with your authorisation signature from the link
  
  securiteinfo_authorisation_signature="YOUR-SIGNATURE-NUMBER"
+securiteinfo_premium="no"
  
  # ========================
  # Database provider update time
  # ========================
  # Since the database files are dynamically created, non default values can cause banning, change with caution
  
  # ========================
  # Database provider update time
  # ========================
  # Since the database files are dynamically created, non default values can cause banning, change with caution
-
-sanesecurity_update_hours="2"   # Default is 2 hours (12 downloads daily).
-securiteinfo_update_hours="4"   # Default is 4 hours (6 downloads daily).
+additional_update_hours="4"   # Default is 4 hours (6 downloads daily).
  linuxmalwaredetect_update_hours="6"   # Default is 6 hours (4 downloads daily).
  malwarepatrol_update_hours="24"   # Default is 24 hours (1 downloads daily).
  linuxmalwaredetect_update_hours="6"   # Default is 6 hours (4 downloads daily).
  malwarepatrol_update_hours="24"   # Default is 24 hours (1 downloads daily).
+sanesecurity_update_hours="2"   # Default is 2 hours (12 downloads daily).
+securiteinfo_update_hours="4"   # Default is 4 hours (6 downloads daily).
+urlhaus_update_hours="0"   # Default is 0 hours (Update constantly).
  yararulesproject_update_hours="24"   # Default is 24 hours (1 downloads daily).
  yararulesproject_update_hours="24"   # Default is 24 hours (1 downloads daily).
-additional_update_hours="4"   # Default is 4 hours (6 downloads daily).
  
  # ========================
  # Enabled Databases
  # ========================
  # Set to no to disable an entire database, if the database is empty it will also be disabled.
  
  # ========================
  # Enabled Databases
  # ========================
  # Set to no to disable an entire database, if the database is empty it will also be disabled.
-sanesecurity_enabled="yes"   # Sanesecurity
-securiteinfo_enabled="yes"   # SecuriteInfo
+additional_enabled="yes"   # Additional Databases
  linuxmalwaredetect_enabled="yes"   # Linux Malware Detect
  malwarepatrol_enabled="yes"   # Malware Patrol
  linuxmalwaredetect_enabled="yes"   # Linux Malware Detect
  malwarepatrol_enabled="yes"   # Malware Patrol
-yararulesproject_enabled="yes"   # Yara-Rule Project, automatically disabled if clamav is older than 0.99
-additional_enabled="yes"   # Additional Databases
+sanesecurity_enabled="yes"   # Sanesecurity
+securiteinfo_enabled="yes"   # SecuriteInfo
+urlhaus_enabled="yes"   # urlhaus
+yararulesproject_enabled="no"   # Yara-Rule Project, automatically disabled if clamav is older than 0.100 and enable_yararules is disabled
  
  
-## Disabling this will also cause the yararulesproject to be disabled.
-enable_yararules="yes"   #Enables yararules in the various databases, automatically disabled if clamav is older than 0.99
+# Disabled by default
+## Enabling this will also cause the yararulesproject to be enabled if they are det to enabled.
+enable_yararules="yes"   #Enables yararules in the various databases, automatically disabled if clamav is older than 0.100
  
  # ========================
  # eXtremeSHOK Database format
  
  # ========================
  # eXtremeSHOK Database format
@@ -155,14 +158,15 @@ enable_yararules="yes"   #Enables yararules in the various databases, automatica
  
  # Default dbs rating
  # valid rating: LOW, MEDIUM, HIGH
  
  # Default dbs rating
  # valid rating: LOW, MEDIUM, HIGH
-default_dbs_rating="LOW"
+default_dbs_rating="MEDIUM"
  
  # Per Database
  # These ratings will override the global rating for the specific database
  # valid rating: LOW, MEDIUM, HIGH, DISABLED
  
  # Per Database
  # These ratings will override the global rating for the specific database
  # valid rating: LOW, MEDIUM, HIGH, DISABLED
+#linuxmalwaredetect_dbs_rating=""
  #sanesecurity_dbs_rating=""
  #securiteinfo_dbs_rating=""
  #sanesecurity_dbs_rating=""
  #securiteinfo_dbs_rating=""
-#linuxmalwaredetect_dbs_rating=""
+#urlhaus_dbs_rating=""
  #yararulesproject_dbs_rating=""
  
  # ========================
  #yararulesproject_dbs_rating=""
  
  # ========================
@@ -187,23 +191,23 @@ declare -a sanesecurity_dbs=( # BEGIN SANESECURITY DATABASE
  sanesecurity.ftm|REQUIRED  # Message file types, for best performance
  sigwhitelist.ign2|REQUIRED  # Fast update file to whitelist any problem signatures
  # LOW
  sanesecurity.ftm|REQUIRED  # Message file types, for best performance
  sigwhitelist.ign2|REQUIRED  # Fast update file to whitelist any problem signatures
  # LOW
+blurl.ndb|LOW  # Blacklisted full urls over the last 7 days, covering malware/spam/phishing. URLs added only when main signatures have failed to detect but are known to be "bad"
  junk.ndb|LOW  #  General high hitting junk, containing spam/phishing/lottery/jobs/419s etc
  jurlbl.ndb|LOW  # Junk Url based
  junk.ndb|LOW  #  General high hitting junk, containing spam/phishing/lottery/jobs/419s etc
  jurlbl.ndb|LOW  # Junk Url based
+malwarehash.hsb|LOW  # Malware hashes without known Size
  phish.ndb|LOW  # Phishing and Malware
  rogue.hdb|LOW  # Malware, Rogue anti-virus software and Fake codecs etc.  Updated hourly to cover the latest malware threats
  scam.ndb|LOW  # Spam/scams
  phish.ndb|LOW  # Phishing and Malware
  rogue.hdb|LOW  # Malware, Rogue anti-virus software and Fake codecs etc.  Updated hourly to cover the latest malware threats
  scam.ndb|LOW  # Spam/scams
-spamimg.hdb|LOW  # Spam images
  spamattach.hdb|LOW  # Spam Spammed attachments such as pdf/doc/rtf/zips
  spamattach.hdb|LOW  # Spam Spammed attachments such as pdf/doc/rtf/zips
-blurl.ndb|LOW  # Blacklisted full urls over the last 7 days, covering malware/spam/phishing. URLs added only when main signatures have failed to detect but are known to be "bad"
-malwarehash.hsb|LOW  # Malware hashes without known Size
+spamimg.hdb|LOW  # Spam images
  # MEDIUM
  # MEDIUM
+badmacro.ndb|MEDIUM  # Blocks dangerous macros embedded in Word/Excel/Xml/RTF/JS documents
  jurlbla.ndb|MEDIUM  # Junk Url based autogenerated from various feeds
  lott.ndb|MEDIUM  # Lottery
  jurlbla.ndb|MEDIUM  # Junk Url based autogenerated from various feeds
  lott.ndb|MEDIUM  # Lottery
+shelter.ldb|MEDIUM # Phishing and Malware
  spam.ldb|MEDIUM  # Spam detected using the new Logical Signature type
  spear.ndb|MEDIUM  # Spear phishing email addresses (autogenerated from data here)
  spearl.ndb|MEDIUM  # Spear phishing urls (autogenerated from data here)
  spam.ldb|MEDIUM  # Spam detected using the new Logical Signature type
  spear.ndb|MEDIUM  # Spear phishing email addresses (autogenerated from data here)
  spearl.ndb|MEDIUM  # Spear phishing urls (autogenerated from data here)
-badmacro.ndb|MEDIUM  # Blocks dangerous macros embedded in Word/Excel/Xml/RTF/JS documents
-shelter.ldb|MEDIUM # Phishing and Malware
  
  ### MALWARE.EXPERT https://malware.expert/
  # LOW
  
  ### MALWARE.EXPERT https://malware.expert/
  # LOW
@@ -215,8 +219,8 @@ malware.expert.ndb|MEDIUM  # Generic Hex pattern PHP malware, which can cause fa
  
  ### FOXHOLE http://sanesecurity.com/foxhole-databases/
  # LOW
  
  ### FOXHOLE http://sanesecurity.com/foxhole-databases/
  # LOW
-foxhole_generic.cdb|LOW  # See Foxhole page for more details
  foxhole_filename.cdb|LOW  # See Foxhole page for more details
  foxhole_filename.cdb|LOW  # See Foxhole page for more details
+foxhole_generic.cdb|LOW  # See Foxhole page for more details
  # MEDIUM
  foxhole_js.cdb|MEDIUM  # See Foxhole page for more details
  foxhole_js.ndb|MEDIUM  # See Foxhole page for more details
  # MEDIUM
  foxhole_js.cdb|MEDIUM  # See Foxhole page for more details
  foxhole_js.ndb|MEDIUM  # See Foxhole page for more details
@@ -228,21 +232,21 @@ foxhole_mail.cdb|HIGH # block any mail that contains a possible dangerous attach
  ### OITC http://www.oitc.com/winnow/clamsigs/index.html
  ### Note: the two databases winnow_phish_complete.ndb and winnow_phish_complete_url.ndb should NOT be used together.
  # LOW
  ### OITC http://www.oitc.com/winnow/clamsigs/index.html
  ### Note: the two databases winnow_phish_complete.ndb and winnow_phish_complete_url.ndb should NOT be used together.
  # LOW
-winnow_malware.hdb|LOW  # Current virus, trojan and other malware not yet detected by ClamAV.
-winnow_malware_links.ndb|LOW  # Links to malware
-winnow_extended_malware.hdb|LOW  # contain hand generated signatures for malware
-winnow.attachments.hdb|LOW  # Spammed attachments such as pdf/doc/rtf/zip as well as malware crypted configs
  winnow_bad_cw.hdb|LOW  # md5 hashes of malware attachments acquired directly from a group of botnets
  winnow_bad_cw.hdb|LOW  # md5 hashes of malware attachments acquired directly from a group of botnets
+winnow_extended_malware.hdb|LOW  # contain hand generated signatures for malware
+winnow_malware_links.ndb|LOW  # Links to malware
+winnow_malware.hdb|LOW  # Current virus, trojan and other malware not yet detected by ClamAV.
  winnow_phish_complete_url.ndb|LOWMEDIUMONLY  # Similar to winnow_phish_complete.ndb except that entire urls are used
  winnow_phish_complete_url.ndb|LOWMEDIUMONLY  # Similar to winnow_phish_complete.ndb except that entire urls are used
+winnow.attachments.hdb|LOW  # Spammed attachments such as pdf/doc/rtf/zip as well as malware crypted configs
  # MEDIUM
  # MEDIUM
+winnow_extended_malware_links.ndb|MEDIUM  # contain hand generated signatures for malware links
  winnow_spam_complete.ndb|MEDIUM  # Signatures to detect fraud and other malicious spam
  winnow.complex.patterns.ldb|MEDIUM  # contain hand generated signatures for malware and some egregious fraud
  winnow_spam_complete.ndb|MEDIUM  # Signatures to detect fraud and other malicious spam
  winnow.complex.patterns.ldb|MEDIUM  # contain hand generated signatures for malware and some egregious fraud
-winnow_extended_malware_links.ndb|MEDIUM  # contain hand generated signatures for malware links
  # HIGH
  winnow_phish_complete.ndb|HIGH  # Phishing and other malicious urls and compromised hosts **DO NOT USE WITH winnow_phish_complete_url**
  ### OITC YARA Format rules
  # HIGH
  winnow_phish_complete.ndb|HIGH  # Phishing and other malicious urls and compromised hosts **DO NOT USE WITH winnow_phish_complete_url**
  ### OITC YARA Format rules
-### Note: Yara signatures require ClamAV 0.99 or newer to work
-winnow_malware.yara|LOW  # detect spam
+### Note: Yara signatures require ClamAV 0.100 or newer to work
+##winnow_malware.yara|LOW  # detect spam
  
  ### MiscreantPunch http://malwarefor.me/about/
  ## MEDIUM
  
  ### MiscreantPunch http://malwarefor.me/about/
  ## MEDIUM
@@ -257,9 +261,9 @@ scamnailer.ndb|MEDIUM  # Spear phishing and other phishing emails
  ### BOFHLAND http://clamav.bofhland.org/
  # LOW
  bofhland_cracked_URL.ndb|LOW  # Spam URLs
  ### BOFHLAND http://clamav.bofhland.org/
  # LOW
  bofhland_cracked_URL.ndb|LOW  # Spam URLs
+bofhland_malware_attach.hdb|LOW  # Malware Hashes
  bofhland_malware_URL.ndb|LOW  # Malware URLs
  bofhland_phishing_URL.ndb|LOW  # Phishing URLs
  bofhland_malware_URL.ndb|LOW  # Malware URLs
  bofhland_phishing_URL.ndb|LOW  # Phishing URLs
-bofhland_malware_attach.hdb|LOW  # Malware Hashes
  
  ###  RockSecurity http://rooksecurity.com/
  # LOW
  
  ###  RockSecurity http://rooksecurity.com/
  # LOW
@@ -267,12 +271,12 @@ hackingteam.hsb|LOW  # Hacking Team hashes based on work by rooksecurity.com
  
  ### Porcupine
  # LOW
  
  ### Porcupine
  # LOW
-porcupine.ndb|LOW  # Brazilian e-mail phishing and malware signatures
  phishtank.ndb|LOW  # Online and valid phishing urls from phishtank.com data feed
  porcupine.hsb|LOW  # Sha256 Hashes of VBS and JSE malware, kept for 7 days
  phishtank.ndb|LOW  # Online and valid phishing urls from phishtank.com data feed
  porcupine.hsb|LOW  # Sha256 Hashes of VBS and JSE malware, kept for 7 days
+porcupine.ndb|LOW  # Brazilian e-mail phishing and malware signatures
  
  ### Sanesecurity YARA Format rules
  
  ### Sanesecurity YARA Format rules
-### Note: Yara signatures require ClamAV 0.99 or newer to work
+### Note: Yara signatures require ClamAV 0.100 or newer to work
  Sanesecurity_sigtest.yara|LOW  # Sanesecurity test signatures
  Sanesecurity_spam.yara|LOW  # Detects Spam emails
  
  Sanesecurity_sigtest.yara|LOW  # Sanesecurity test signatures
  Sanesecurity_spam.yara|LOW  # Detects Spam emails
  
@@ -290,30 +294,49 @@ declare -a securiteinfo_dbs=( #START SECURITEINFO DATABASES
  ## REQUIRED, Do NOT disable
  securiteinfo.ign2|REQUIRED # Signature Whitelist
  # LOW
  ## REQUIRED, Do NOT disable
  securiteinfo.ign2|REQUIRED # Signature Whitelist
  # LOW
-securiteinfo.hdb|LOW # Malwares in the Wild
  javascript.ndb|LOW # Malwares Javascript
  javascript.ndb|LOW # Malwares Javascript
-securiteinfohtml.hdb|LOW # Malwares HTML
+securiteinfo.hdb|LOW # Malwares younger than 3 years.
+securiteinfoandroid.hdb|LOW # Malwares Java/Android Dalvik
  securiteinfoascii.hdb|LOW # Text file malwares (Perl or shell scripts, bat files, exploits, ...)
  securiteinfoascii.hdb|LOW # Text file malwares (Perl or shell scripts, bat files, exploits, ...)
+securiteinfohtml.hdb|LOW # Malwares HTML
+securiteinfoold.hdb|LOW # Malwares older than 3 years.
  securiteinfopdf.hdb|LOW # Malwares PDF
  securiteinfopdf.hdb|LOW # Malwares PDF
-securiteinfoandroid.hdb|LOW # Malwares Java/Android Dalvik
  # HIGH
  spam_marketing.ndb|HIGH # Spam Marketing /  spammer blacklist
  ) #END SECURITEINFO DATABASES
  # HIGH
  spam_marketing.ndb|HIGH # Spam Marketing /  spammer blacklist
  ) #END SECURITEINFO DATABASES
+# NON-FREE DATABASES
+declare -a securiteinfo_dbs_premium=( #START SECURITEINFO DATABASES
+securiteinfo.mdb|LOW # 0-day Malwares
+securiteinfo0hour.hdb|LOW # 0-Hour Malwares
+)
  
  # ========================
  
  # ========================
-# Linux Malware Detect Database(s)
+# LinuxMalwareDetect Database(s)
  # ========================
  # Add or remove database file names between quote marks as needed.  To
  # ========================
  # Add or remove database file names between quote marks as needed.  To
-# disable any SecuriteInfo database downloads, remove the appropriate
+# disable any LinuxMalwareDetect database downloads, remove the appropriate
  # lines below.
  declare -a linuxmalwaredetect_dbs=(
  ### Linux Malware Detect https://www.rfxn.com/projects/linux-malware-detect/
  # LOW
  rfxn.ndb|LOW # HEX Malware detection signatures
  # lines below.
  declare -a linuxmalwaredetect_dbs=(
  ### Linux Malware Detect https://www.rfxn.com/projects/linux-malware-detect/
  # LOW
  rfxn.ndb|LOW # HEX Malware detection signatures
-rfxn.hdb|LOW # MD5 malware detection signatures
+rfxn.hdb|LOW # MD5 Malware detection signatures
+rfxn.yara|LOW # Yara Malware detection signatures
  ) #END LINUXMALWAREDETECT DATABASES
  
  # ========================
  ) #END LINUXMALWAREDETECT DATABASES
  
  # ========================
+# urlhaus Database(s)
+# ========================
+# Add or remove database file names between quote marks as needed.  To
+# disable any urlhaus database downloads, remove the appropriate
+# lines below.
+declare -a urlhaus_dbs=(
+### urlhaus https://urlhaus.abuse.ch/browse/
+# LOW
+urlhaus.ndb|LOW #  malicious URLs that are being used for malware distribution
+) #END URLHAUS DATABASES
+
+# ========================
  # Yara Rules Project Database(s)
  # ========================
  # Add or remove database file names between quote marks as needed.  To
  # Yara Rules Project Database(s)
  # ========================
  # Add or remove database file names between quote marks as needed.  To
@@ -325,33 +348,108 @@ declare -a yararulesproject_dbs=(
  # Some rules are now in sub-directories. To reference a file in a sub-directory
  # use subdir/file
  # LOW
  # Some rules are now in sub-directories. To reference a file in a sub-directory
  # use subdir/file
  # LOW
-Antidebug_AntiVM/antidebug_antivm.yar|LOW # anti debug and anti virtualization techniques used by malware
-Exploit-Kits/EK_Angler.yar|LOW # Angler Exploit Kit Redirector
-Exploit-Kits/EK_Blackhole.yar|LOW # BlackHole2 Exploit Kit Detection
-Exploit-Kits/EK_BleedingLife.yar|LOW # BleedingLife2 Exploit Kit Detection
-Exploit-Kits/EK_Crimepack.yar|LOW # CrimePack Exploit Kit Detection
-Exploit-Kits/EK_Eleonore.yar|LOW # Eleonore Exploit Kit Detection
-Exploit-Kits/EK_Fragus.yar|LOW # Fragus Exploit Kit Detection
-Exploit-Kits/EK_Phoenix.yar|LOW # Phoenix Exploit Kit Detection
-Exploit-Kits/EK_Sakura.yar|LOW # Sakura Exploit Kit Detection
-Exploit-Kits/EK_ZeroAcces.yar|LOW # ZeroAccess Exploit Kit Detection
-Exploit-Kits/EK_Zerox88.yar|LOW # 0x88 Exploit Kit Detection
-Exploit-Kits/EK_Zeus.yar|LOW # Zeus Exploit Kit Detection
+# Anti debug and anti virtualization techniques used by malware
+antidebug_antivm/antidebug_antivm.yar|LOW
+# Aimed toward the detection and existence of Exploit Kits.
+#exploit_kits/EK_Angler.yar|LOW # duplicated in rxfn.yara
+#exploit_kits/EK_Blackhole.yar|LOW # duplicated in rxfn.yara
+exploit_kits/EK_BleedingLife.yar|LOW # duplicated in rxfn.yara
+#exploit_kits/EK_Crimepack.yar|LOW # duplicated in rxfn.yara
+#exploit_kits/EK_Eleonore.yar|LOW # duplicated in rxfn.yara
+#exploit_kits/EK_Fragus.yar|LOW # duplicated in rxfn.yara
+#exploit_kits/EK_Phoenix.yar|LOW # duplicated in rxfn.yara
+#exploit_kits/EK_Sakura.yar|LOW # duplicated in rxfn.yara
+#exploit_kits/EK_ZeroAcces.yar|LOW # duplicated in rxfn.yara
+#exploit_kits/EK_Zerox88.yar|LOW # duplicated in rxfn.yara
+#exploit_kits/EK_Zeus.yar|LOW # duplicated in rxfn.yara
+# Identification of well-known webshells
+#webshells/WShell_APT_Laudanum.yar|LOW # duplicated in rxfn.yara
+webshells/WShell_ASPXSpy.yar|LOW
+webshells/WShell_Drupalgeddon2_icos.yar|LOW
+#webshells/WShell_PHP_Anuna.yar|LOW # duplicated in rxfn.yara
+#webshells/WShell_PHP_in_images.yar|LOW # duplicated in rxfn.yara
+#webshells/WShell_THOR_Webshells.yar|LOW # duplicated in rxfn.yara
+#webshells/Wshell_ChineseSpam.yar|LOW # duplicated in rxfn.yara
+#webshells/Wshell_fire2013.yar|LOW # duplicated in rxfn.yara
  # MEDIUM
  # MEDIUM
-Malicious_Documents/maldoc_somerules.yar|MEDIUM # documents with malicious code
-Malicious_Documents/Maldoc_Hidden_PE_file.yar|MEDIUM # Detect a hidden PE file inside a sequence of numbers (comma separated)
-Packers/packer.yar|MEDIUM # well-known sofware packers
-CVE_Rules/CVE-2010-0805.yar|MEDIUM # CVE 2010 0805
-CVE_Rules/CVE-2010-0887.yar|MEDIUM # CVE 2010 0887
-CVE_Rules/CVE-2010-1297.yar|MEDIUM # CVE 2010 1297
-CVE_Rules/CVE-2013-0074.yar|MEDIUM # CVE 2013 0074
-CVE_Rules/CVE-2013-0422.yar|MEDIUM # CVE 2013 0422
-CVE_Rules/CVE-2015-5119.yar|MEDIUM # CVE 2015 5119
+# Identification of specific Common Vulnerabilities and Exposures (CVEs)
+cve_rules/CVE-2010-0805.yar|MEDIUM
+cve_rules/CVE-2010-0887.yar|MEDIUM
+cve_rules/CVE-2010-1297.yar|MEDIUM
+cve_rules/CVE-2012-0158.yar|MEDIUM
+cve_rules/CVE-2013-0074.yar|MEDIUM
+cve_rules/CVE-2013-0422.yar|MEDIUM
+cve_rules/CVE-2015-1701.yar|MEDIUM
+cve_rules/CVE-2015-2426.yar|MEDIUM
+cve_rules/CVE-2015-2545.yar|MEDIUM
+cve_rules/CVE-2015-5119.yar|MEDIUM
+cve_rules/CVE-2016-5195.yar|MEDIUM
+cve_rules/CVE-2017-11882.yar|MEDIUM
+cve_rules/CVE-2018-20250.yar|MEDIUM
+cve_rules/CVE-2018-4878.yar|MEDIUM
+# Identification of malicious e-mails.
+email/bank_rule.yar|MEDIUM
+email/EMAIL_Cryptowall.yar|MEDIUM
+email/Email_fake_it_maintenance_bulletin|MEDIUM
+email/Email_generic_phishing|MEDIUM
+email/Email_quota_limit_warning|MEDIUM
+email/email_Ukraine_BE_powerattack.yar|MEDIUM
+email/scam.yar|MEDIUM
+# Detect well-known software packers, that can be used by malware to hide itself.
+packers/JJencode.yar|MEDIUM
+packers/packer_compiler_signatures.yar|MEDIUM
+packers/packer.yar|MEDIUM
+packers/peid.yar|MEDIUM
  # HIGH
  # HIGH
-Packers/Javascript_exploit_and_obfuscation.yar|HIGH # JavaScript Obfuscation Detection
-Crypto/crypto.yar|HIGH # detect the existence of cryptographic algoritms
+# Used with documents to find if they have been crafted to leverage malicious code.
+maldocs/Maldoc_APT_OLE_JSRat.yar|HIGH
+maldocs/Maldoc_APT10_MenuPass.yar|HIGH
+maldocs/Maldoc_APT19_CVE-2017-1099.yar|HIGH
+maldocs/Maldoc_Contains_VBE_File.yar|HIGH
+maldocs/Maldoc_CVE_2017_11882.yar|HIGH
+maldocs/Maldoc_CVE_2017_8759.yar|HIGH
+maldocs/Maldoc_CVE-2017-0199.yar|HIGH
+maldocs/Maldoc_DDE.yar|HIGH
+maldocs/Maldoc_Dridex.yar|HIGH
+maldocs/Maldoc_hancitor_dropper|HIGH
+maldocs/Maldoc_Hidden_PE_file.yar|HIGH
+maldocs/Maldoc_malrtf_ole2link.yar|HIGH
+maldocs/Maldoc_MIME_ActiveMime_b64.yar|HIGH
+maldocs/Maldoc_PDF.yar|HIGH
+maldocs/Maldoc_PowerPointMouse.yar|HIGH
+maldocs/maldoc_somerules.yar|HIGH
+maldocs/Maldoc_Suspicious_OLE_target.yar|HIGH
+maldocs/Maldoc_UserForm.yar|HIGH
+maldocs/Maldoc_VBA_macro_code.yar|HIGH
+maldocs/Maldoc_Word_2007_XML_Flat_OPC.yar|HIGH
+# Yara Rules aimed to detect well-known software packers, that can be used by malware to hide itself.
+packers/Javascript_exploit_and_obfuscation.yar|HIGH
  ) #END yararulesproject DATABASES
  
  ) #END yararulesproject DATABASES
  
+declare -a yararulesproject_dbs_blacklisted=(
+email/attachment.yar # detects all emails with attachments
+email/image.yar # detects all emails with images
+email/urls.yar # detects all emails with urls
+crypto/crypto_signatures.yar # detects all files which are encrypted
+)
+
+declare -a yararulesproject_dbs_catagories=(
+#LOW
+antidebug_antivm|LOW
+cve_rules|LOW
+exploit_kits|LOW
+malware|LOW
+webshells|LOW
+#MEDIUM
+email|MEDIUM
+maldocs|MEDIUM
+# HIGH
+capabilities|HIGH
+crypto|HIGH
+packers|HIGH
+)
+
+
  # =========================
  # Additional signature databases
  # =========================
  # =========================
  # Additional signature databases
  # =========================
@@ -373,6 +471,29 @@ Crypto/crypto.yar|HIGH # detect the existence of cryptographic algoritms
  #   http://www.example.org/sigs.ldb
  #) #END ADDITIONAL DATABASES
  
  #   http://www.example.org/sigs.ldb
  #) #END ADDITIONAL DATABASES
  
+# ==================================================
+# ==================================================
+# D E B U G   O P T I O N S
+# ==================================================
+# ==================================================
+
+# Enable debugging, will cause all options below to enable
+debug="no"
+
+# Causes the xshok_file_download function to be verbose, used for debugging
+downloader_debug="no"
+
+# Causes clamscan signature test errors to be vebose
+clamscan_debug="no"
+
+# Causes curl errors to be vebose
+curl_debug="no"
+
+# Causes wget errors to be vebose
+wget_debug="no"
+
+# Causes rsync errors to be vebose
+rsync_debug="no"
  
  # ==================================================
  # ==================================================
  
  # ==================================================
  # ==================================================
@@ -380,6 +501,21 @@ Crypto/crypto.yar|HIGH # detect the existence of cryptographic algoritms
  # ==================================================
  # ==================================================
  
  # ==================================================
  # ==================================================
  
+# Branch for update checking, default: master
+git_branch="master"
+
+# Enable support for script and master.conf upgrades
+# enbles the --upgrade command line option
+# packagers, if required please disable or set this option to no in the os.conf
+allow_upgrades="yes"
+
+# Enable support for script and master.conf update checks
+# packagers, if required please disable or set this option to no in the os.conf
+allow_update_checks="yes"
+
+# How often the script should check for updates
+update_check_hours="12"# Default is 12 hours (2 checks  daily).
+
  # Enable or disable download time randomization.  This allows the script to
  # be executed via cron, but the actual database file checking will pause
  # for a random number of seconds between the "min" and "max" time settings
  # Enable or disable download time randomization.  This allows the script to
  # be executed via cron, but the actual database file checking will pause
  # for a random number of seconds between the "min" and "max" time settings
@@ -393,19 +529,23 @@ enable_locking="yes"
  
  # If download time randomization is enabled above (enable_random="yes"),
  # then set the min and max radomization time intervals (in seconds).
  
  # If download time randomization is enabled above (enable_random="yes"),
  # then set the min and max radomization time intervals (in seconds).
-min_sleep_time="60"    # Default minimum is 60 seconds (1 minute).
  max_sleep_time="600"   # Default maximum is 600 seconds (10 minutes).
  max_sleep_time="600"   # Default maximum is 600 seconds (10 minutes).
+min_sleep_time="60"    # Default minimum is 60 seconds (1 minute).
  
  # Command to do a full clamd service stop/start
  #clamd_restart_opt="service clamd restart"
  
  # Custom Command Paths, these are detected with the which command when not set
  
  # Command to do a full clamd service stop/start
  #clamd_restart_opt="service clamd restart"
  
  # Custom Command Paths, these are detected with the which command when not set
-#uname_bin="/usr/bin/uname"
  #clamscan_bin="/usr/bin/clamscan"
  #clamscan_bin="/usr/bin/clamscan"
-#rsync_bin="/usr/bin/rsync"
-#wget_bin="/usr/bin/wget"
  #curl_bin="/usr/bin/curl"
  #gpg_bin="/usr/bin/gpg"
  #curl_bin="/usr/bin/curl"
  #gpg_bin="/usr/bin/gpg"
+#rsync_bin="/usr/bin/rsync"
+#tar_bin="/usr/bin/tar"
+#uname_bin="/usr/bin/uname"
+#wget_bin="/usr/bin/wget"
+
+# force wget, by default curl is used when curl and wget is present.
+force_wget="no"
  
  # GnuPG / Signature verification
  # To disable usage of gpg, set the following variable to "no".
  
  # GnuPG / Signature verification
  # To disable usage of gpg, set the following variable to "no".
@@ -435,24 +575,25 @@ downloader_ignore_ssl="yes" # Default is "yes" ignore ssl errors and warnings
  # The defaults settings here are reasonable, only change if you are
  # experiencing timeout issues.
  downloader_connect_timeout="60"
  # The defaults settings here are reasonable, only change if you are
  # experiencing timeout issues.
  downloader_connect_timeout="60"
-downloader_max_time="180"
+downloader_max_time="1800"
  
  # Set downloader retry count for failed transfers
  
  # Set downloader retry count for failed transfers
-downloader_tries="3"
+downloader_tries="5"
  
  # Set working directory paths (edit to meet your own needs). If these
  # directories do not exist, the script will attempt to create them.
  # Always located inside the work_dir, do not add /
  # Sub-directory names:
  
  # Set working directory paths (edit to meet your own needs). If these
  # directories do not exist, the script will attempt to create them.
  # Always located inside the work_dir, do not add /
  # Sub-directory names:
-sanesecurity_dir="dbs-ss"        # Sanesecurity sub-directory
-securiteinfo_dir="dbs-si"        # SecuriteInfo sub-directory
+add_dir="dbs-add"      # User defined databases sub-directory
+gpg_dir="gpg-key"      # Sanesecurity GPG Key sub-directory
  linuxmalwaredetect_dir="dbs-lmd"      # Linux Malware Detect sub-directory
  malwarepatrol_dir="dbs-mbl"      # MalwarePatrol sub-directory
  linuxmalwaredetect_dir="dbs-lmd"      # Linux Malware Detect sub-directory
  malwarepatrol_dir="dbs-mbl"      # MalwarePatrol sub-directory
-yararulesproject_dir="dbs-yara"      # Yara-Rules sub-directory
-work_dir_configs="configs"   # Script configs sub-directory
-gpg_dir="gpg-key"      # Sanesecurity GPG Key sub-directory
  pid_dir="pid"      # User defined pid sub-directory
  pid_dir="pid"      # User defined pid sub-directory
-add_dir="dbs-add"      # User defined databases sub-directory
+sanesecurity_dir="dbs-ss"        # Sanesecurity sub-directory
+securiteinfo_dir="dbs-si"        # SecuriteInfo sub-directory
+urlhausy_dir="dbs-uh"        # urlhaus sub-directory
+work_dir_configs="configs"   # Script configs sub-directory
+yararulesproject_dir="dbs-yara"      # Yara-Rules sub-directory
  
  # If you would like to make a backup copy of the current running database
  # file before updating, leave the following variable set to "yes" and a
  
  # If you would like to make a backup copy of the current running database
  # file before updating, leave the following variable set to "yes" and a
@@ -472,15 +613,13 @@ remove_disabled_databases="no" # Default is "no" since we are not a database man
  #
  selinux_fixes="no" # Default is "no" ignore ssl errors and warnings
  
  #
  selinux_fixes="no" # Default is "no" ignore ssl errors and warnings
  
-# If necessary to proxy database downloads, define the rsync and/or wget
-# proxy settings here.  For rsync, the proxy must support connections to
-# port 873.  Both wget and rsync proxy setting need to be defined in the
-# format of "hostname:port".  For wget, also note the https and http
-#rsync_proxy=""
-#curl_proxy=""
-#wget_proxy_http="-e http_proxy=http://username:password@proxy_host:proxy_port"
-#wget_proxy_https="-e https_proxy=https://username:password@proxy_host:proxy_port"
-
+# Proxy Support
+# If necessary to proxy database downloads, define the rsync, curl, wget, dig, hosr proxy settings here.
+#rsync_proxy="username:password@proxy_host:proxy_port"
+#curl_proxy="--proxy http://username:password@proxy_host:proxy_port"
+#wget_proxy="-e http_proxy=http://username:password@proxy_host:proxy_port -e https_proxy=https://username:password@proxy_host:proxy_port"
+#dig_proxy="@proxy_host -p proxy_host:proxy_port"
+#host_proxy="@proxy_host" #does not support port
  
  # Custom Cron install settings, these are detected and only used if you want to override
  # the automatic detection and generation of the values when not set, this is mainly to aid package maintainers
  
  # Custom Cron install settings, these are detected and only used if you want to override
  # the automatic detection and generation of the values when not set, this is mainly to aid package maintainers
@@ -488,6 +627,7 @@ selinux_fixes="no" # Default is "no" ignore ssl errors and warnings
  #cron_filename="" #default: clamav-unofficial-sigs
  #cron_minute="" #default: random value between 0-59
  #cron_user="" #default: uses the clam_user
  #cron_filename="" #default: clamav-unofficial-sigs
  #cron_minute="" #default: random value between 0-59
  #cron_user="" #default: uses the clam_user
+#cron_sudo="no" #default no, yes will append sudo -u before the username
  #cron_bash="" #default: detected with the which command
  #cron_script_full_path="" #default: detected to the fullpath of the script
  
  #cron_bash="" #default: detected with the which command
  #cron_script_full_path="" #default: detected to the fullpath of the script
  
@@ -513,15 +653,16 @@ selinux_fixes="no" # Default is "no" ignore ssl errors and warnings
  
  # Custom full working directory paths, these are detected and only used if you want to override
  # the automatic detection and generation of the values when not set, this is mainly to aid package maintainers
  
  # Custom full working directory paths, these are detected and only used if you want to override
  # the automatic detection and generation of the values when not set, this is mainly to aid package maintainers
-#work_dir_sanesecurity="" #default: uses work_dir/sanesecurity_dir
-#work_dir_securiteinfo="" #default: uses work_dir/securiteinfo_dir
-#work_dir_linuxmalwaredetect="" #default: uses work_dir/linuxmalwaredetect_dir
-#work_dir_malwarepatrol="" #default: uses work_dir/malwarepatrol_dir
-#work_dir_yararulesproject="" #default: uses work_dir/yararulesproject_dir
  #work_dir_add="" #default: uses work_dir/add_dir
  #work_dir_add="" #default: uses work_dir/add_dir
-#work_dir_work_configs="" #default: uses work_dir/work_dir_configs
  #work_dir_gpg="" #default: uses work_dir/gpg_dir
  #work_dir_gpg="" #default: uses work_dir/gpg_dir
+#work_dir_linuxmalwaredetect="" #default: uses work_dir/linuxmalwaredetect_dir
+#work_dir_malwarepatrol="" #default: uses work_dir/malwarepatrol_dir
  #work_dir_pid="" #default: uses work_dir/pid_dir
  #work_dir_pid="" #default: uses work_dir/pid_dir
+#work_dir_sanesecurity="" #default: uses work_dir/sanesecurity_dir
+#work_dir_securiteinfo="" #default: uses work_dir/securiteinfo_dir
+#work_dir_urlhaus="" #default: uses work_dir/urlhaus_dir
+#work_dir_work_configs="" #default: uses work_dir/work_dir_configs
+#work_dir_yararulesproject="" #default: uses work_dir/yararulesproject_dir
  
  # ========================
  # After you have completed the configuration of this file, set the value to "yes"
  
  # ========================
  # After you have completed the configuration of this file, set the value to "yes"
@@ -530,15 +671,22 @@ user_configuration_complete="no"
  # ========================
  # DO NOT EDIT !
  # Database provider URLs
  # ========================
  # DO NOT EDIT !
  # Database provider URLs
-sanesecurity_url="rsync.sanesecurity.net"
+linuxmalwaredetect_sigpack_url="https://cdn.rfxn.com/downloads/maldet-sigpack.tgz"
+linuxmalwaredetect_version_url="https://cdn.rfxn.com/downloads/maldet.sigs.ver"
+malwarepatrol_url="https://lists.malwarepatrol.net/cgi/getfile"
  sanesecurity_gpg_url="http://www.sanesecurity.net/publickey.gpg"
  sanesecurity_gpg_url="http://www.sanesecurity.net/publickey.gpg"
+sanesecurity_url="rsync.sanesecurity.net"
  securiteinfo_url="https://www.securiteinfo.com/get/signatures"
  securiteinfo_url="https://www.securiteinfo.com/get/signatures"
-linuxmalwaredetect_url="http://cdn.rfxn.com/downloads"
-malwarepatrol_url="https://lists.malwarepatrol.net/cgi/getfile"
+urlhaus_url="https://urlhaus.abuse.ch/downloads"
  yararulesproject_url="https://raw.githubusercontent.com/Yara-Rules/rules/master"
  
  # ========================
  # DO NOT EDIT !
  yararulesproject_url="https://raw.githubusercontent.com/Yara-Rules/rules/master"
  
  # ========================
  # DO NOT EDIT !
-config_version="73"
+config_version="91"
  
  
+################################################################################
+#
+# DO NOT EDIT THIS FILE !!  DO NOT EDIT THIS FILE !!  DO NOT EDIT THIS FILE !!
+#
+################################################################################
  # https://eXtremeSHOK.com ######################################################
  # https://eXtremeSHOK.com ######################################################
diff --git a/os.conf b/os.conf

index df451d9..cf99926 100644 (file)
--- a/os.conf
+++ b/os.conf
@@ -13,12 +13,12 @@
  # NOT COMPATIBLE WITH VERSION 3.XX / 4.XX CONFIG
  #
  ################################################################################
  # NOT COMPATIBLE WITH VERSION 3.XX / 4.XX CONFIG
  #
  ################################################################################
-# SEE MASTER.CONF FOR CONFIG EXPLAINATIONS
+# SEE MASTER.CONF FOR CONFIG EXPLANATIONS
  ################################################################################
  # Rename to os.conf to enable this file
  ################################################################################
  
  ################################################################################
  # Rename to os.conf to enable this file
  ################################################################################
  
-# Debian 9 (Stretch)
+# Debian 9+ (stretch, buster)
  
  clam_user="clamav"
  clam_group="clamav"
  
  clam_user="clamav"
  clam_group="clamav"
diff --git a/user.conf b/user.conf

index dda1fa0..04bcb69 100644 (file)
--- a/user.conf
+++ b/user.conf
@@ -13,7 +13,7 @@
  # NOT COMPATIBLE WITH VERSION 3.XX / 4.XX CONFIG
  #
  ################################################################################
  # NOT COMPATIBLE WITH VERSION 3.XX / 4.XX CONFIG
  #
  ################################################################################
-# SEE MASTER.CONF FOR CONFIG EXPLAINATIONS
+# SEE MASTER.CONF FOR CONFIG EXPLANATIONS
  ################################################################################
  
  # Values in this file will always override those in the master.conf and os.conf files.
  ################################################################################
  
  # Values in this file will always override those in the master.conf and os.conf files.
@@ -21,24 +21,29 @@
  # Please note, it is your responsibility to manage the contents of this file.
  # Values provided here are just examples, feel free to use any values from the main config file.
  
  # Please note, it is your responsibility to manage the contents of this file.
  # Values provided here are just examples, feel free to use any values from the main config file.
  
-#malwarepatrol_receipt_code="YOUR-RECEIPT-NUMBER"
-#malwarepatrol_product_code="8"
-#malwarepatrol_list="clamav_basic" # clamav_basic or clamav_ext
+# set to no to enable the commercial subscription url
  #malwarepatrol_free="yes"
  #malwarepatrol_free="yes"
+#malwarepatrol_list="clamav_basic" # clamav_basic or clamav_ext
+# if the malwarepatrol_product_code is not 8 the malwarepatrol_free is set to no (non-free)
+#malwarepatrol_product_code="8"
+#malwarepatrol_receipt_code="YOUR-RECEIPT-NUMBER"
  
  #securiteinfo_authorisation_signature="YOUR-SIGNATURE-NUMBER"
  
  #securiteinfo_authorisation_signature="YOUR-SIGNATURE-NUMBER"
+# Enable if you have a commercial/premium/non-free subscription
+#securiteinfo_premium="yes"
  
  
-# Default dbs rating
+# Default dbs rating (Default: MEDIUM)
  # valid rating: LOW, MEDIUM, HIGH
  # valid rating: LOW, MEDIUM, HIGH
-#default_dbs_rating="MEDIUM"
+#default_dbs_rating="HIGH"
  
  # Per Database
  # These ratings will override the global rating for the specific database
  # valid rating: LOW, MEDIUM, HIGH, DISABLE
  
  # Per Database
  # These ratings will override the global rating for the specific database
  # valid rating: LOW, MEDIUM, HIGH, DISABLE
-#sanesecurity_dbs_rating=""
-#securiteinfo_dbs_rating=""
-#linuxmalwaredetect_dbs_rating=""
-#yararulesproject_dbs_rating=""
+#linuxmalwaredetect_dbs_rating="HIGH"
+#sanesecurity_dbs_rating="HIGH"
+#securiteinfo_dbs_rating="HIGH"
+#urlhaus_dbs_rating="HIGH"
+#yararulesproject_dbs_rating="HIGH"
  
  # =========================
  # Additional signature databases
  
  # =========================
  # Additional signature databases
@@ -51,4 +56,12 @@
  # Uncomment the following line to enable the script
  user_configuration_complete="yes"
  
  # Uncomment the following line to enable the script
  user_configuration_complete="yes"
  
+# Proxy Support
+# If necessary to proxy database downloads, define the rsync, curl, wget, dig, hosr proxy settings here.
+#curl_proxy="--proxy http://username:password@proxy_host:proxy_port"
+#dig_proxy="@proxy_host -p proxy_host:proxy_port"
+#host_proxy="@proxy_host" #does not support port
+#rsync_proxy="username:password@proxy_host:proxy_port"
+#wget_proxy="-e http_proxy=http://username:password@proxy_host:proxy_port -e https_proxy=https://username:password@proxy_host:proxy_port"
+
  # https://eXtremeSHOK.com ######################################################
  # https://eXtremeSHOK.com ######################################################
author	Ivan Rako <ivan.rako@srce.hr>
	Wed, 2 Sep 2020 10:03:23 +0000 (12:03 +0200)
committer	Ivan Rako <ivan.rako@srce.hr>
	Wed, 2 Sep 2020 10:03:23 +0000 (12:03 +0200)
clamav-unofficial-sigs		patch \| blob \| history
clamav-unofficial-sigs.8		patch \| blob \| history
debian/changelog		patch \| blob \| history
debian/compat		patch \| blob \| history
debian/control		patch \| blob \| history
debian/cron.d		patch \| blob \| history
debian/lintian-overrides		patch \| blob \| history
debian/logrotate		patch \| blob \| history
debian/source/format	[new file with mode: 0644]	patch \| blob
master.conf		patch \| blob \| history
os.conf		patch \| blob \| history
user.conf		patch \| blob \| history