diff options
| -rw-r--r-- | Makefile | 6 | ||||
| -rwxr-xr-x | cron-sh/security.sh | 21 | ||||
| -rwxr-xr-x | cron-sh/security_check.sh | 2 | ||||
| -rw-r--r-- | msec.spec | 21 |
4 files changed, 34 insertions, 16 deletions
@@ -1,4 +1,4 @@ -VERSION = 0.8 +VERSION = 0.9 all: promisc_check @@ -23,7 +23,9 @@ rpm_install: all cp init-sh/grpuser.sh $(RPM_BUILD_ROOT)/etc/security/msec/init-sh cp init-sh/custom.sh $(RPM_BUILD_ROOT)/etc/security/msec/init-sh cp cron-sh/*.sh $(RPM_BUILD_ROOT)/etc/security/msec/cron-sh + mkdir -p $(RPM_BUILD_ROOT)/var/log/security touch $(RPM_BUILD_ROOT)/etc/security/msec/security.conf + touch $(RPM_BUILD_ROOT)/var/log/security.log install -s src/promisc_check/promisc_check $(RPM_BUILD_ROOT)/usr/bin echo "Install complete" @@ -49,6 +51,8 @@ install: (cp init-sh/custom.sh /etc/security/msec/init-sh); (cp init-sh/server.* /etc/security/msec/init-sh) (touch $(RPM_BUILD_ROOT)/etc/security/msec/security.conf) + touch $(RPM_BUILD_ROOT)/var/log/security.log + mkdir -p $(RPM_BUILD_ROOT)/var/log/security (cd src/promisc_check; make install) (cd cron-sh; make install) diff --git a/cron-sh/security.sh b/cron-sh/security.sh index 054a312..10eb54b 100755 --- a/cron-sh/security.sh +++ b/cron-sh/security.sh @@ -30,7 +30,6 @@ UNOWNED_GROUP_YESTERDAY="/var/log/security/unowned_group.yesterday" UNOWNED_GROUP_DIFF="/var/log/security/unowned_group.diff" # Modified filters coming from debian security scripts. - CS_NFSAFS='(nfs|afs|xfs|coda)' CS_TYPES=' type (devpts|auto|proc|msdos|fat|vfat|iso9660|ncpfs|smbfs|'$CS_NFSAFS')' CS_DEVS='^/dev/fd' @@ -38,9 +37,6 @@ CS_DIRS='on /mnt' FILTERS="$CS_TYPES|$CS_DEVS|$CS_DIRS" DIR=`mount | grep -vE "$FILTERS" | cut -d ' ' -f3` PRINT="%h/%f\n" -#PRINT="%8i %5m %3n %-10u %-10g %9s %t %h/%f\n" - - if [[ ! -d /var/log/security ]]; then mkdir /var/log/security @@ -74,20 +70,21 @@ if [[ -s ${SUID_MD5_TODAY} ]]; then mv ${SUID_MD5_TODAY} ${SUID_MD5_YESTERDAY}; fi -netstat -pvlA inet > ${OPEN_PORT_TODAY}; -find ${DIR} -xdev -type f -perm +04000 -user root -printf "${PRINT}" | sort > ${SUID_ROOT_TODAY} -find ${DIR} -xdev -type f -perm +02000 -printf "${PRINT}" | sort > ${SUID_GROUP_TODAY} -find ${DIR} -xdev -type f -perm -2 -printf "${PRINT}" | sort > ${WRITEABLE_TODAY} -find ${DIR} -xdev -nouser -printf "${PRINT}" | sort > ${UNOWNED_USER_TODAY} -find ${DIR} -xdev -nogroup -printf "${PRINT}" | sort > ${UNOWNED_GROUP_TODAY} + +netstat -pvlA inet 2> /dev/null > ${OPEN_PORT_TODAY}; +find ${DIR} -xdev -type f -perm +04000 -user root -printf "${PRINT}" 2> /dev/null | sort > ${SUID_ROOT_TODAY} +find ${DIR} -xdev -type f -perm +02000 -printf "${PRINT}" 2> /dev/null | sort > ${SUID_GROUP_TODAY} +find ${DIR} -xdev -type f -perm -2 -printf "${PRINT}" 2> /dev/null | sort > ${WRITEABLE_TODAY} +find ${DIR} -xdev -nouser -printf "${PRINT}" 2> /dev/null | sort > ${UNOWNED_USER_TODAY} +find ${DIR} -xdev -nogroup -printf "${PRINT}" 2> /dev/null | sort > ${UNOWNED_GROUP_TODAY} cat ${SUID_ROOT_TODAY} | while read line; do md5sum ${line} done > ${SUID_MD5_TODAY} -/etc/security/msec/cron-sh/diff_check.sh -/etc/security/msec/cron-sh/security_check.sh +. /etc/security/msec/cron-sh/diff_check.sh +. /etc/security/msec/cron-sh/security_check.sh diff --git a/cron-sh/security_check.sh b/cron-sh/security_check.sh index 5b961bd..bc0cd62 100755 --- a/cron-sh/security_check.sh +++ b/cron-sh/security_check.sh @@ -197,7 +197,7 @@ fi /bin/mount | /bin/grep -v nosuid | /bin/grep ' nfs ' > ${TMP} if [[ -s ${TMP} ]] ; then printf "\nSecurity Warning: The following NFS mounts haven't got the nosuid option set :\n" >> ${SECURITY} - cat ${TMP} >> ${SECURITY} + cat ${TMP} | awk '{ print "\t\t- "$0 }' >> ${SECURITY} fi ### Files that should not have + signs. @@ -1,10 +1,10 @@ # do not modify Version below, modify it in Makefile (see CVS) -%define version 0.8 +%define version 0.9 Summary: Security Level & Program for the Linux Mandrake distribution Name: msec Version: %{version} -Release: 4mdk +Release: 3mdk Source: %{name}-%{version}.tar.bz2 Copyright: GPL Group: System Environment/Base @@ -36,8 +36,25 @@ rm -rf $RPM_BUILD_ROOT %doc AUTHORS COPYING Makefile README doc/*txt ChangeLog /etc/security/msec /usr/bin/promisc_check +/var/log/security.log +/var/log/security %changelog +* Mon Dec 20 1999 Yoann Vandoorselaere <yoann@mandrakesoft.com> +- fixed a typo / variable pb. + +* Mon Dec 20 1999 Yoann Vandoorselaere <yoann@mandrakesoft.com> +- init-sh/perm.[05]: Oops, /var/spool/mail is 771 not 755. +- init-sh/lib.sh: removed the failsafe for not a tty stdin (not efficient) +- init-sh/lib.sh: rewrote the perl script (now a one-liner :) +- Big cleanup. +- All work properly now. +- msec.spec: modify to take into account the Makefile modifying the .spec +- Makefile (VERSION): make it the same as the .spec + +* Sat Dec 18 1999 Pixel <pixel@mandrakesoft.com> +- init-sh/lib.sh: added failsafe for not a tty stdin + * Sat Dec 18 1999 Pixel <pixel@mandrakesoft.com> - no interactive questions if not a tty |