]> git.ipfire.org Git - people/teissler/ipfire-2.x.git/blame - src/misc-progs/tripwirectrl.c
Merge branch 'master' of git://git.ipfire.org/ipfire-2.x
[people/teissler/ipfire-2.x.git] / src / misc-progs / tripwirectrl.c
CommitLineData
92004c61
CS
1#include <stdio.h>
2#include <string.h>
3#include <stdlib.h>
4#include <unistd.h>
5#include <sys/types.h>
6#include <fcntl.h>
7#include "setuid.h"
8
9#define BUFFER_SIZE 1024
10
498f4839 11char command[BUFFER_SIZE];
92004c61
CS
12
13int main(int argc, char *argv[])
14{
15
71dfc4b7
CS
16if (!(initsetuid()))
17 exit(1);
92004c61 18
71dfc4b7
CS
19// Check what command is asked
20if (argc==1)
21{
22fprintf (stderr, "Missing tripwirectrl command!\n");
23return 1;
24}
92004c61 25
71dfc4b7
CS
26if (strcmp(argv[1], "tripwirelog")==0)
27{
28snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twprint -m r --cfgfile /var/ipfire/tripwire/tw.cfg --twrfile /var/ipfire/tripwire/report/%s", argv[2]);
29safe_system(command);
30return 0;
31}
92004c61 32
71dfc4b7
CS
33if (strcmp(argv[1], "generatereport")==0)
34{
88932936 35safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol");
71dfc4b7
CS
36return 0;
37}
1465b127 38
71dfc4b7
CS
39if (strcmp(argv[1], "deletereport")==0)
40{
41sprintf(command, "rm -f /var/ipfire/tripwire/report/%s", argv[2]);
42safe_system(command);
43return 0;
44}
92004c61 45
71dfc4b7
CS
46if (strcmp(argv[1], "updatedatabase")==0)
47{
88932936 48snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s --twrfile %s", argv[2], argv[3]);
71dfc4b7
CS
49safe_system(command);
50return 0;
51}
92004c61 52
71dfc4b7
CS
53if (strcmp(argv[1], "keys")==0)
54{
88932936 55snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s && chmod 640 /var/ipfire/tripwire/site.key", argv[2]);
71dfc4b7 56safe_system(command);
88932936 57snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase %s && chmod 640 /var/ipfire/tripwire/local.key", argv[3]);
71dfc4b7 58safe_system(command);
88932936 59snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg", argv[2]);
71dfc4b7 60safe_system(command);
88932936 61snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol", argv[2]);
71dfc4b7 62safe_system(command);
88932936 63snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv[3]);
71dfc4b7
CS
64safe_system(command);
65return 0;
66}
92004c61 67
71dfc4b7
CS
68if (strcmp(argv[1], "generatepolicy")==0)
69{
8f55c54e 70snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt", argv[2]);
71dfc4b7 71safe_system(command);
88932936 72snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv[3]);
71dfc4b7
CS
73safe_system(command);
74return 0;
75}
92004c61 76
71dfc4b7
CS
77if (strcmp(argv[1], "resetpolicy")==0)
78{
88932936 79snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default", argv[2]);
71dfc4b7 80safe_system(command);
88932936 81snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv[3]);
71dfc4b7
CS
82safe_system(command);
83return 0;
84}
92004c61 85
71dfc4b7
CS
86if (strcmp(argv[1], "readconfig")==0)
87{
88safe_system("/bin/chown nobody:nobody /var/ipfire/tripwire/twcfg.txt");
89return 0;
90}
92004c61 91
71dfc4b7
CS
92if (strcmp(argv[1], "lockconfig")==0)
93{
94safe_system("/bin/chown root:root /var/ipfire/tripwire/twcfg.txt");
1cdddb12 95return 0;
1465b127 96}
88932936
CS
97
98if (strcmp(argv[1], "enable")==0)
99{
100safe_system("touch /var/ipfire/tripwire/enable");
101safe_system("rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase ipfire && chmod 640 /var/ipfire/tripwire/site.key");
102safe_system("rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase ipfire && chmod 640 /var/ipfire/tripwire/local.key");
103safe_system("rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase ipfire /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg");
104safe_system("rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase ipfire /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol");
105safe_system("/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase ipfire");
106safe_system("cat /usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol > /etc/fcron.daily/tripwire0600");
107safe_system("chmod 755 /etc/fcron.daily/tripwire0600");
108safe_system("touch -t 01010600 /etc/fcron.daily/tripwire0600");
109return 0;
110}
111
112if (strcmp(argv[1], "disable")==0)
113{
114safe_system("unlink /var/ipfire/tripwire/enable");
115safe_system("unlink /etc/fcron.daily/tripwire*");
116safe_system("rm -rf /var/ipfire/tripwire/site.key");
117safe_system("rm -rf /var/ipfire/tripwire/local.key");
118safe_system("rm -rf /var/ipfire/tripwire/tw.cfg*");
119safe_system("rm -rf /var/ipfire/tripwire/tw.pol*");
120safe_system("rm -rf /var/ipfire/tripwire/*.twd*");
121safe_system("rm -rf /var/ipfire/tripwire/report/*");
122return 0;
123}
124
125if (strcmp(argv[1], "addcron")==0)
126{
498f4839 127snprintf(command, BUFFER_SIZE-1, "echo \"/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol\" > /etc/fcron.daily/tripwire%s%s", argv[2], argv[3]);
88932936
CS
128safe_system(command);
129snprintf(command, BUFFER_SIZE-1, "chmod 755 /etc/fcron.daily/tripwire%s%s", argv[2], argv[3]);
130safe_system(command);
131snprintf(command, BUFFER_SIZE-1, "touch -t 0101%s%s /etc/fcron.daily/tripwire%s%s", argv[2], argv[3], argv[2], argv[3]);
132safe_system(command);
133return 0;
134}
135if (strcmp(argv[1], "disablecron")==0)
136{
137snprintf(command, BUFFER_SIZE-1, "unlink /etc/fcron.daily/tripwire%s", argv[2]);
138safe_system(command);
139return 0;
140}
71dfc4b7 141return 0;
8f55c54e 142}