#!/bin/bash

DAYSDIFF="60"
DATABASEFILE="/var/lib/clamav/daily.cvd"

if ! [ -e /var/lib/clamav-data/warn-on-old-databases ]; then
  exit 0
fi

if ! [ -e "$DATABASEFILE" ]; then
  echo >&2 "ERR: $DATABASEFILE does not exist."
  echo >&2 "     This should not happen since that file is part of the"
  echo >&2 "     clamav-data package."
  exit 1
fi

FILEDATE="$(sigtool --stdout --info=$DATABASEFILE |\
            sed -n '/^Build time:/{s/Build time: //;s/-/ /;s/-/:/;p}')"
DBDATE="`date --date="$FILEDATE" +%s`"

REFDATE="`date --date="$DAYSDIFF days ago" +%s`"

if [ $DBDATE -lt $REFDATE ]; then
  cat >&2 <<EOF
The clamav-data package that is installed does contain databases older
than $DAYSDIFF days. This can give you a false sense of security since
your clamav scanner will not detect any malicious code that has been found
since then.

Please update your clamav-data package at your earliest convenience. On a
host with good Internet connectivity, you can install the package
clamav-freshclam, which will pull current clamav databases from the Internet
on a regular basis. Or you can run clamav-getfiles from the clamav-getfiles
package to create an up-to-date clamav-data package.

If you do not want to receive these e-mails any more, please run
dpkg-reconfigure clamav-data and turn off the reminder e-mails.
EOF
fi

# end of file
