aboutsummaryrefslogtreecommitdiffstats
path: root/cron-sh
diff options
context:
space:
mode:
authorAndreas Hasenack <andreas@mandriva.com>2008-01-10 19:30:27 +0000
committerAndreas Hasenack <andreas@mandriva.com>2008-01-10 19:30:27 +0000
commitb07d29fb97227bbea07da04422ca0e9451660d14 (patch)
tree2a07d573daa8538e88fb4037e2bafe49b2240c38 /cron-sh
parent757b7d782a7124a08fb1869eeca7ed3a927b0982 (diff)
downloadmsec-b07d29fb97227bbea07da04422ca0e9451660d14.tar
msec-b07d29fb97227bbea07da04422ca0e9451660d14.tar.gz
msec-b07d29fb97227bbea07da04422ca0e9451660d14.tar.bz2
msec-b07d29fb97227bbea07da04422ca0e9451660d14.tar.xz
msec-b07d29fb97227bbea07da04422ca0e9451660d14.zip
- include chkrootkit diff report (#21369)
Diffstat (limited to 'cron-sh')
-rwxr-xr-xcron-sh/diff_check.sh18
-rwxr-xr-xcron-sh/security.sh1
2 files changed, 19 insertions, 0 deletions
diff --git a/cron-sh/diff_check.sh b/cron-sh/diff_check.sh
index 2512a13..3c0fc27 100755
--- a/cron-sh/diff_check.sh
+++ b/cron-sh/diff_check.sh
@@ -184,6 +184,24 @@ if [[ ${RPM_CHECK} == yes ]]; then
fi
fi
+### Changed chkrootkit
+if [[ ${CHKROOTKIT_CHECK} == yes ]]; then
+
+ if [[ -f ${CHKROOTKIT_YESTERDAY} ]]; then
+ diff -u ${CHKROOTKIT_YESTERDAY} ${CHKROOTKIT_TODAY} 1> ${CHKROOTKIT_DIFF}
+ if [ -s ${CHKROOTKIT_DIFF} ]; then
+ printf "\nSecurity Warning: There are modifications for chkrootkit results :\n" >> ${TMP}
+ grep '^+' ${CHKROOTKIT_DIFF} | grep -vw "^+++ " | sed 's|^.||'|sed -e 's/%/%%/g' | while read file; do
+ printf "\t\t- Added : ${file}\n"
+ done >> ${TMP}
+ grep '^-' ${CHKROOTKIT_DIFF} | grep -vw "^--- " | sed 's|^.||'|sed -e 's/%/%%/g' | while read file; do
+ printf "\t\t- Removed : ${file}\n"
+ done >> ${TMP}
+ fi
+ fi
+fi
+
+
######## Report ######
date=`date`
hostname=`hostname`
diff --git a/cron-sh/security.sh b/cron-sh/security.sh
index 30c1434..e0671de 100755
--- a/cron-sh/security.sh
+++ b/cron-sh/security.sh
@@ -69,6 +69,7 @@ RPM_QA_YESTERDAY="/var/log/security/rpm-qa.yesterday"
RPM_QA_DIFF="/var/log/security/rpm-qa.diff"
export CHKROOTKIT_TODAY="/var/log/security/chkrootkit.today"
CHKROOTKIT_YESTERDAY="/var/log/security/chkrootkit.yesterday"
+CHKROOTKIT_DIFF="/var/log/security/chkrootkit.diff"
export EXCLUDE_REGEXP
# Modified filters coming from debian security scripts.