Yiannis128 · February 17, 2025 20:02
diff --git a/virus-event.sh b/virus-event.sh
 #!/usr/bin/env bash

 # VirusEvent made by Yiannis Charalambous that exposes GUI actions to be taken against found
 # signatures.
 #
 # Original Code: https://github.com/Cisco-Talos/clamav/issues/1062#issuecomment-1771546865

 PATH=/usr/bin
 APP_NAME="ClamAV"

 function user_log() {
    echo "$USERNAME ($USERID): $@"
 }

 function run_sudo() {
    /usr/bin/sudo -u "#$USERID" DBUS_SESSION_BUS_ADDRESS="unix:path=$ADDRESS/bus" PATH="${PATH}" "$@"
 }


 function show_alert() {
    RESULT=$(run_sudo /usr/bin/notify-send -a "$APP_NAME" -t 4000 -u critical -i dialog-window --action="copy_sig=Copy Signature" --action="copy_path=Copy Path" --action="delete_file=Delete File" "OnAccessScan Signature Detected" "$CLAM_VIRUSEVENT_VIRUSNAME in $CLAM_VIRUSEVENT_FILENAME")

    if [[ "$RESULT" == "copy_sig" ]]; then
 	run_sudo /usr/bin/wl-copy "$CLAM_VIRUSEVENT_VIRUSNAME"
 	show_alert
 	return
    elif [[ "$RESULT" == "copy_path" ]]; then
 	run_sudo /usr/bin/wl-copy "$CLAM_VIRUSEVENT_FILENAME"
 	show_alert
 	return
    elif [[ "$RESULT" == "delete_file" ]]; then
        RESULT=$(run_sudo rm "$CLAM_VIRUSEVENT_FILENAME")
        if [[ "$?" == 0 ]]; then
            user_log "Deleted infected file: $CLAM_VIRUSEVENT_FILENAME"
            run_sudo /usr/bin/notify-send -a "$APP_NAME" -t 2000 -u low -i dialog-window "OnAccessScan Operation Success" "Deleted infected file: $CLAM_VIRUSEVENT_FILENAME"
        else
            user_log "Failed to delete file: $CLAM_VIRUSEVENT_FILENAME: $RESULT"
            run_sudo /usr/bin/notify-send -a "$APP_NAME" -t 4000 -u critical -i dialog-window "OnAccessScan Operation Failed" "Failed to delete file: $CLAM_VIRUSEVENT_FILENAME: $RESULT"
        fi
    fi
 }

 # Send an alert to all graphical users.
 for ADDRESS in /run/user/*; do
    USERID=${ADDRESS#/run/user/}
    USERNAME=$(/usr/bin/id -nu $USERID)
    show_alert&
 done
	#!/usr/bin/env bash

	# VirusEvent made by Yiannis Charalambous that exposes GUI actions to be taken against found
	# signatures.
	#
	# Original Code: https://github.com/Cisco-Talos/clamav/issues/1062#issuecomment-1771546865

	PATH=/usr/bin
	APP_NAME="ClamAV"

	function user_log() {
	echo "$USERNAME ($USERID): $@"
	}

	function run_sudo() {
	/usr/bin/sudo -u "#$USERID" DBUS_SESSION_BUS_ADDRESS="unix:path=$ADDRESS/bus" PATH="${PATH}" "$@"
	}


	function show_alert() {
	RESULT=$(run_sudo /usr/bin/notify-send -a "$APP_NAME" -t 4000 -u critical -i dialog-window --action="copy_sig=Copy Signature" --action="copy_path=Copy Path" --action="delete_file=Delete File" "OnAccessScan Signature Detected" "$CLAM_VIRUSEVENT_VIRUSNAME in $CLAM_VIRUSEVENT_FILENAME")

	if [[ "$RESULT" == "copy_sig" ]]; then
	run_sudo /usr/bin/wl-copy "$CLAM_VIRUSEVENT_VIRUSNAME"
	show_alert
	return
	elif [[ "$RESULT" == "copy_path" ]]; then
	run_sudo /usr/bin/wl-copy "$CLAM_VIRUSEVENT_FILENAME"
	show_alert
	return
	elif [[ "$RESULT" == "delete_file" ]]; then
	RESULT=$(run_sudo rm "$CLAM_VIRUSEVENT_FILENAME")
	if [[ "$?" == 0 ]]; then
	user_log "Deleted infected file: $CLAM_VIRUSEVENT_FILENAME"
	run_sudo /usr/bin/notify-send -a "$APP_NAME" -t 2000 -u low -i dialog-window "OnAccessScan Operation Success" "Deleted infected file: $CLAM_VIRUSEVENT_FILENAME"
	else
	user_log "Failed to delete file: $CLAM_VIRUSEVENT_FILENAME: $RESULT"
	run_sudo /usr/bin/notify-send -a "$APP_NAME" -t 4000 -u critical -i dialog-window "OnAccessScan Operation Failed" "Failed to delete file: $CLAM_VIRUSEVENT_FILENAME: $RESULT"
	fi
	fi
	}

	# Send an alert to all graphical users.
	for ADDRESS in /run/user/*; do
	USERID=${ADDRESS#/run/user/}
	USERNAME=$(/usr/bin/id -nu $USERID)
	show_alert&
	done