blob: 0617bd8b23cb6c1cb2a2957a57ad9494d5451a67 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
#!/bin/bash
# msec: sectool check
# check if we are run from main script
if [ -z "$MSEC_TMP" -o -z "$INFOS" -o -z "$SECURITY" -o -z "$DIFF" -o -z "$SECURITY_LOG" ]; then
# variables are set in security.sh and propagated to the subscripts
echo "Error: this check should be run by the main msec security check!"
echo " do not run it directly unless you know what you are doing."
return 1
fi
# check for changes in users
SECTOOL_TODAY="/var/log/security/sectool.today"
SECTOOL_YESTERDAY="/var/log/security/sectool.yesterday"
SECTOOL_DIFF="/var/log/security/sectool.diff"
if [[ -f ${SECTOOL_TODAY} ]]; then
mv ${SECTOOL_TODAY} ${SECTOOL_YESTERDAY};
fi
# check for changes in sectool results
if check_is_enabled "${CHECK_SECTOOL}" ; then
if [ -x /usr/sbin/sectool ]; then
if [ ! -z "$CHECK_SECTOOL_LEVEL" ]; then
sectool_params="-L ${CHECK_SECTOOL_LEVEL}"
else
sectool_params="-a"
fi
sectool $sectool_params > ${SECTOOL_TODAY}
Filter ${SECTOOL_TODAY} CHECK_SECTOOL
Diffcheck ${SECTOOL_TODAY} ${SECTOOL_YESTERDAY} ${SECTOOL_DIFF} "sectool results"
else
printf "\nSectool check skipped: sectool not found" >> ${SECURITY}
echo "Sectool check: skipped (sectool not found)" >> ${INFOS}
fi
fi
|