/* @(#) $Id: syscheck_update.c,v 1.9 2007/04/07 02:28:58 dcid Exp $ */ /* Copyright (C) 2005,2006 Daniel B. Cid * All right reserved. * * This program is a free software; you can redistribute it * and/or modify it under the terms of the GNU General Public * License (version 2) as published by the FSF - Free Software * Foundation */ #include "addagent/manage_agents.h" #include "sec.h" #undef ARGV0 #define ARGV0 "syscheck_update" /** help **/ void helpmsg() { printf("\nOSSEC HIDS %s: Updates the integrity check database.\n", ARGV0); printf("Available options:\n"); printf("\t-h This help message.\n"); printf("\t-l List available agents.\n"); printf("\t-a Update syscheck database for all agents.\n"); printf("\t-u Update syscheck database for a specific agent.\n"); printf("\t-u local Update syscheck database locally.\n\n"); exit(1); } /** main **/ int main(int argc, char **argv) { char *dir = DEFAULTDIR; char *group = GROUPGLOBAL; char *user = USER; int gid; int uid; /* Setting the name */ OS_SetName(ARGV0); /* user arguments */ if(argc < 2) { helpmsg(); } /* Getting the group name */ gid = Privsep_GetGroup(group); uid = Privsep_GetUser(user); if(gid < 0) { ErrorExit(USER_ERROR,user,group); } /* Setting the group */ if(Privsep_SetGroup(gid) < 0) { ErrorExit(SETGID_ERROR,ARGV0, group); } /* Chrooting to the default directory */ if(Privsep_Chroot(dir) < 0) { ErrorExit(CHROOT_ERROR, ARGV0, dir); } /* Inside chroot now */ nowChroot(); /* Setting the user */ if(Privsep_SetUser(uid) < 0) { ErrorExit(SETUID_ERROR, ARGV0, user); } /* User options */ if(strcmp(argv[1], "-h") == 0) { helpmsg(); } else if(strcmp(argv[1], "-l") == 0) { printf("\nOSSEC HIDS %s: Updates the integrity check database.", ARGV0); print_agents(); printf("\n"); exit(0); } else if(strcmp(argv[1], "-u") == 0) { if(argc != 3) { printf("\n** Option -u requires an extra argument\n"); helpmsg(); } } else if(strcmp(argv[1], "-a") == 0) { DIR *sys_dir; struct dirent *entry; sys_dir = opendir("/queue/syscheck"); if(!sys_dir) { ErrorExit("%s: Unable to open: '%s'", ARGV0, "/queue/syscheck"); } while((entry = readdir(sys_dir)) != NULL) { FILE *fp; char full_path[OS_MAXSTR +1]; /* Do not even attempt to delete . and .. :) */ if((strcmp(entry->d_name,".") == 0)|| (strcmp(entry->d_name,"..") == 0)) { continue; } snprintf(full_path, OS_MAXSTR,"/queue/syscheck/%s",entry->d_name); fp = fopen(full_path, "w"); if(fp) { fclose(fp); } if(entry->d_name[0] == '.') { unlink(full_path); } } closedir(sys_dir); printf("\n** Integrity check database updated.\n\n"); exit(0); } else { printf("\n** Invalid option '%s'.\n", argv[1]); helpmsg(); } /* local */ if(strcmp(argv[2],"local") == 0) { char final_dir[1024]; FILE *fp; snprintf(final_dir, 1020, "/%s/syscheck", "queue/syscheck"); fp = fopen(final_dir, "w"); if(fp) { fclose(fp); } unlink(final_dir); /* Deleting cpt file */ snprintf(final_dir, 1020, "/%s/.syscheck.cpt", "queue/syscheck"); fp = fopen(final_dir, "w"); if(fp) { fclose(fp); } /* unlink(final_dir); */ } /* external agents */ else { int i; keystruct keys; ReadKeys(&keys, 1); i = IsAllowedID(&keys, argv[2]); if(i < 0) { printf("\n** Invalid agent id '%s'.\n", argv[2]); helpmsg(); } /* Deleting syscheck */ delete_syscheck(keys.name[i], keys.ips[i]->ip, 0); } printf("\n** Integrity check database updated.\n\n"); return(0); } /* EOF */