diff options
| author | Eugeni Dodonov <eugeni@mandriva.org> | 2009-06-25 19:31:42 +0000 |
|---|---|---|
| committer | Eugeni Dodonov <eugeni@mandriva.org> | 2009-06-25 19:31:42 +0000 |
| commit | 51edd0594c34949c7681e695e52961eb5f61ac4e (patch) | |
| tree | fe01f3347899e6f206803c0850ef17622251bd9c /cron-sh/functions.sh | |
| parent | c0fe6aeecc246ef9a514fe34c1095d7fc6ef39a8 (diff) | |
| download | msec-51edd0594c34949c7681e695e52961eb5f61ac4e.tar msec-51edd0594c34949c7681e695e52961eb5f61ac4e.tar.gz msec-51edd0594c34949c7681e695e52961eb5f61ac4e.tar.bz2 msec-51edd0594c34949c7681e695e52961eb5f61ac4e.tar.xz msec-51edd0594c34949c7681e695e52961eb5f61ac4e.zip | |
Redesigned auditing code, added support for plugins and better logging.
Diffstat (limited to 'cron-sh/functions.sh')
| -rw-r--r-- | cron-sh/functions.sh | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/cron-sh/functions.sh b/cron-sh/functions.sh new file mode 100644 index 0000000..e987d91 --- /dev/null +++ b/cron-sh/functions.sh @@ -0,0 +1,99 @@ +#!/bin/bash +# msec: shared function + +. /etc/sysconfig/i18n +if [[ -f /etc/profile.d/10lang.sh ]]; then + . /etc/profile.d/10lang.sh +fi + +if [[ -f /etc/security/msec/security.conf ]]; then + . /etc/security/msec/security.conf +else + echo "/etc/security/msec/security.conf don't exist." + exit 1 +fi + +if [ -r /etc/security/shell ]; then + . /etc/security/shell +fi + +umask ${UMASK_ROOT=077} + +# main security log +SECURITY_LOG="/var/log/security.log" + +# Modified filters coming from debian security scripts. +# rootfs is not listed among excluded types, because +# / is mounted twice, and filtering it would mess with excluded dir list +TYPE_FILTER='(devpts|sysfs|usbfs|tmpfs|binfmt_misc|rpc_pipefs|securityfs|auto|proc|msdos|fat|vfat|iso9660|ncpfs|smbfs|hfs|nfs|afs|coda|cifs|fuse.gvfs-fuse-daemon)' +MOUNTPOINT_FILTER='^\/mnt|^\/media' +DIR=`awk '$3 !~ /'$TYPE_FILTER'/ && $2 !~ /'$MOUNTPOINT_FILTER'/ \ + {print $2}' /proc/mounts | uniq` +PRINT="%h/%f\n" +EXCLUDEDIR=`awk '$3 ~ /'$TYPE_FILTER'/ || $2 ~ /'$MOUNTPOINT_FILTER'/ \ + {print $2}' /proc/mounts | uniq` +export EXCLUDEDIR +FILTER="\(`echo $EXCLUDEDIR | sed -e 's/ /\\\|/g'`\)" + +### Functions ### + +Syslog() { + if [[ ${SYSLOG_WARN} == yes ]]; then + cat ${1} | while read line; do + logger -t msec -- "${line}" + done + fi +} + +Ttylog() { + if [[ ${TTY_WARN} == yes ]]; then + for i in `w | grep -v "load\|TTY" | grep '^root' | awk '{print $2}'` ; do + cat ${1} > /dev/$i + done + fi +} + +Maillog() { + subject=${1} + text=${2} + SOMETHING_TO_SEND= + + if [[ ${MAIL_WARN} == yes ]]; then + # define a mail user + if [[ -z ${MAIL_USER} ]]; then + MAIL_USER="root" + fi + if [[ -x /bin/mail ]]; then + for f in ${text}; do + if [[ -s $f ]]; then + SOMETHING_TO_SEND=1 + break + fi + done + if [[ -z ${SOMETHING_TO_SEND} ]]; then + if [[ ${MAIL_EMPTY_CONTENT} != no ]]; then + /bin/mail -s "${subject}" "${MAIL_USER}" <<EOF +Nothing has changed since the last run. +EOF + fi + else + # remove non-printable characters, + # see http://qa.mandriva.com/show_bug.cgi?id=36848 and https://qa.mandriva.com/show_bug.cgi?id=26773 + cat ${text} | sed -e "s,[[:cntrl:]],,g" | LC_CTYPE=$LC_CTYPE /bin/mail -s "${subject}" "${MAIL_USER}" + fi + fi + fi +} + +Notifylog() { + if [[ ${NOTIFY_WARN} == yes ]]; then + message=${1} + DBUS_SEND=`which dbus-send 2>/dev/null` + if [ -x "$DBUS_SEND" ]; then + $DBUS_SEND --system --type=signal /com/mandriva/user com.mandriva.user.security_notification string:"$message" + fi + fi +} + +################## + |