ClamAV copy checked non infected files

295 Views Asked by architekt At 12 April 2025 at 18:47

I´m currently writing a script that checks USB Sticks for malicious files that runs on a Raspberry Pi.

For AV Checking I´m using clamscan like this:

clamscan --infected --allmatch --detect-pua --block-macros --recursive --block-encrypted $start_directory

where $start_directory is the mount point of the USB-Drive.

clamscan has a --move option for infected files. But how can I automatically copy files that clamscan tests as OK to a desired directory?

Original Q&A

There are 1 best solutions below

sjsam On 28 August 2016 at 15:40 BEST ANSWER

I don't think there is a negate option clamscan so you could do something like

declare -a infectedlist=( $(clamscan --infected --allmatch --detect-pua --block-macros --recursive --block-encrypted "$start_directory") )
shopt -s globstar
for i in "$start_directory"/**
do
[[ ! -f "$i" ]] && continue # If not a file then next item !!
 found=0
 for j in "${infectedlist[@]}"
 do
  [[ "$i" = "$j" ]] && found=1
 done
 [ "$found" -eq 0 ] && mv "$i" /desired/directory
done
shopt -u globstar #unset globstar

^{As a sidenote doublequote the variables ie do "$start_directory" to avoid word splitting.}

ClamAV copy checked non infected files

There are 1 best solutions below

Related Questions in BASH

Related Questions in RASPBIAN

Related Questions in CLAM

Trending Questions

Popular # Hahtags

Popular Questions