daily maldet scan uses lock file

jnorell · web-flow · commit 15b940529d78 · 2020-11-10T18:53:09.000-07:00
fixes rfxn#373
diff --git a/cron.daily b/cron.daily
@@ -3,6 +3,8 @@ export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:$PATH
 export LMDCRON=1
 inspath='/usr/local/maldetect'
 intcnf="$inspath/internals/internals.conf"
+CRON_LOCKDIR=/var/lock/subsys
+CRON_LOCKFILE=${CRON_LOCKDIR}/maldet_daily_cron
 
 if [ -f "$intcnf" ]; then
 	source $intcnf
@@ -38,6 +40,10 @@ if [ -z "$cron_prune_days" ]; then
 	cron_prune_days=21
 fi
 
+if [ -z "$cron_lockfile_days" ]; then
+	cron_lockfile_days=3
+fi
+
 if [ "$find" ]; then
 	# prune any quarantine/session/tmp data older than 7 days
 	tmpdirs="$tmpdir $varlibpath/sess $varlibpath/quarantine $varlibpath/pub"
@@ -46,6 +52,7 @@ if [ "$find" ]; then
 	  $find $dir -type f -mtime +${cron_prune_days} -print0 | xargs -0 rm -f >> /dev/null 2>&1
 	 fi
 	done
+	$find ${CRON_LOCKFILE} -type f -mtime +${cron_lockfile_days} -print0 2>/dev/null | xargs -0 rm -f >> /dev/null 2>&1
 fi
 
 if [ "$autoupdate_version" == "1" ] || [ "$autoupdate_signatures" == "1" ]; then
@@ -67,40 +74,52 @@ fi
 if [ "$(ps -A --user root -o "cmd" | grep -E maldetect | grep -E inotifywait)" ]; then
         $inspath/maldet --monitor-report >> /dev/null 2>&1
 elif [ "$cron_daily_scan" == "1" ]; then
+	(
+	pid=$(exec sh -c 'echo "$PPID"');
+	if ! (set -o noclobber; echo "$pid" > "${CRON_LOCKFILE}") 2> /dev/null; then
+		exit
+	fi
+
+	trap 'rm -f "${CRON_LOCKFILE}"; exit $?' INT TERM EXIT
+
 	if [ -d "/home/virtual" ] && [ -d "/usr/lib/opcenter" ]; then
 		# ensim
-	        $inspath/maldet -b -r /home/virtual/?/fst/var/www/html/,/home/virtual/?/fst/home/?/public_html/ $scan_days >> /dev/null 2>&1
+	        $inspath/maldet -r /home/virtual/?/fst/var/www/html/,/home/virtual/?/fst/home/?/public_html/ $scan_days >> /dev/null 2>&1
 	elif [ -d "/etc/psa" ] && [ -d "/var/lib/psa" ]; then
 		# psa
-		$inspath/maldet -b -r /var/www/vhosts/?/ $scan_days >> /dev/null 2>&1
+		$inspath/maldet -r /var/www/vhosts/?/ $scan_days >> /dev/null 2>&1
         elif [ -d "/usr/local/directadmin" ]; then
                 # DirectAdmin
-                $inspath/maldet -b -r /home?/?/domains/?/public_html/,/var/www/html/?/ $scan_days >> /dev/null 2>&1
+                $inspath/maldet -r /home?/?/domains/?/public_html/,/var/www/html/?/ $scan_days >> /dev/null 2>&1
 	elif [ -d "/var/www/clients" ]; then
 		# ISPConfig
-                $inspath/maldet -b -r /var/www/clients/?/web?/web,/var/www/clients/?/web?/subdomains,/var/www $scan_days >> /dev/null 2>&1
+                $inspath/maldet -r /var/www/clients/?/web?/web,/var/www/clients/?/web?/subdomains,/var/www $scan_days >> /dev/null 2>&1
 	elif [ -d "/etc/webmin/virtual-server" ]; then
 		# Virtualmin
-                $inspath/maldet -b -r /home/?/public_html/,/home/?/domains/?/public_html/ $scan_days >> /dev/null 2>&1
+                $inspath/maldet -r /home/?/public_html/,/home/?/domains/?/public_html/ $scan_days >> /dev/null 2>&1
 	elif [ -d "/usr/local/ispmgr" ] || [ -d "/usr/local/mgr5" ]; then
 		# ISPmanager
-		$inspath/maldet -b -r /var/www/?/data/,/home/?/data/ $scan_days >> /dev/null 2>&1
+		$inspath/maldet -r /var/www/?/data/,/home/?/data/ $scan_days >> /dev/null 2>&1
 	elif [ -d "/var/customers/webs" ]; then
 		# froxlor
-		$inspath/maldet -b -r /var/customers/webs/ $scan_days >> /dev/null 2>&1
+		$inspath/maldet -r /var/customers/webs/ $scan_days >> /dev/null 2>&1
         elif [ -d "/usr/local/vesta" ]; then
                 # VestaCP
-                $inspath/maldet -b -r /home/?/web/?/public_html/,/home/?/web/?/public_shtml/,/home/?/tmp/,/home/?/web/?/private/ $scan_days >> /dev/null 2>&1
+                $inspath/maldet -r /home/?/web/?/public_html/,/home/?/web/?/public_shtml/,/home/?/tmp/,/home/?/web/?/private/ $scan_days >> /dev/null 2>&1
         elif [ -d "/usr/share/dtc" ]; then
                 # DTC
                 if [ -f /var/lib/dtc/saved_install_config ]; then
                     . /var/lib/dtc/saved_install_config
                 fi
-                $inspath/maldet -b -r ${conf_hosting_path:-/var/www/sites}/?/?/subdomains/?/html/ $scan_days >> /dev/null 2>&1
+                $inspath/maldet -r ${conf_hosting_path:-/var/www/sites}/?/?/subdomains/?/html/ $scan_days >> /dev/null 2>&1
 	else
 		# cpanel, interworx and other standard home/user/public_html setups
-	        $inspath/maldet -b -r /home?/?/public_html/,/var/www/html/,/usr/local/apache/htdocs/ $scan_days >> /dev/null 2>&1
+	        $inspath/maldet -r /home?/?/public_html/,/var/www/html/,/usr/local/apache/htdocs/ $scan_days >> /dev/null 2>&1
 	fi
+	
+	rm -f "${CRON_LOCKFILE}"
+	trap - INT TERM EXIT
+	) &
 fi
 
 if [ -f "$cron_custom_exec" ]; then
