]>
git.ipfire.org Git - ipfire-2.x.git/blob - src/misc-progs/tripwirectrl.c
9 #define BUFFER_SIZE 1024
11 char command
[BUFFER_SIZE
];
13 int main(int argc
, char *argv
[])
19 // Check what command is asked
22 fprintf (stderr
, "Missing tripwirectrl command!\n");
26 if (strcmp(argv
[1], "tripwirelog")==0)
28 snprintf(command
, BUFFER_SIZE
-1, "/usr/sbin/twprint -m r --cfgfile /var/ipfire/tripwire/tw.cfg --twrfile /var/ipfire/tripwire/report/%s", argv
[2]);
33 if (strcmp(argv
[1], "generatereport")==0)
35 safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol");
39 if (strcmp(argv
[1], "deletereport")==0)
41 sprintf(command
, "rm -f /var/ipfire/tripwire/report/%s", argv
[2]);
46 if (strcmp(argv
[1], "updatedatabase")==0)
48 snprintf(command
, BUFFER_SIZE
-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s --twrfile %s", argv
[2], argv
[3]);
53 if (strcmp(argv
[1], "keys")==0)
55 snprintf(command
, BUFFER_SIZE
-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s && chmod 640 /var/ipfire/tripwire/site.key", argv
[2]);
57 snprintf(command
, BUFFER_SIZE
-1, "rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase %s && chmod 640 /var/ipfire/tripwire/local.key", argv
[3]);
59 snprintf(command
, BUFFER_SIZE
-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg", argv
[2]);
61 snprintf(command
, BUFFER_SIZE
-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol", argv
[2]);
63 snprintf(command
, BUFFER_SIZE
-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv
[3]);
68 if (strcmp(argv
[1], "generatepolicy")==0)
70 snprintf(command
, BUFFER_SIZE
-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt", argv
[2]);
72 snprintf(command
, BUFFER_SIZE
-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv
[3]);
77 if (strcmp(argv
[1], "resetpolicy")==0)
79 snprintf(command
, BUFFER_SIZE
-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default", argv
[2]);
81 snprintf(command
, BUFFER_SIZE
-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv
[3]);
86 if (strcmp(argv
[1], "readconfig")==0)
88 safe_system("/bin/chown nobody:nobody /var/ipfire/tripwire/twcfg.txt");
92 if (strcmp(argv
[1], "lockconfig")==0)
94 safe_system("/bin/chown root:root /var/ipfire/tripwire/twcfg.txt");
98 if (strcmp(argv
[1], "enable")==0)
100 safe_system("touch /var/ipfire/tripwire/enable");
101 safe_system("rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase ipfire && chmod 640 /var/ipfire/tripwire/site.key");
102 safe_system("rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase ipfire && chmod 640 /var/ipfire/tripwire/local.key");
103 safe_system("rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase ipfire /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg");
104 safe_system("rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase ipfire /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol");
105 safe_system("/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase ipfire");
106 safe_system("cat /usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol > /etc/fcron.daily/tripwire0600");
107 safe_system("chmod 755 /etc/fcron.daily/tripwire0600");
108 safe_system("touch -t 01010600 /etc/fcron.daily/tripwire0600");
112 if (strcmp(argv
[1], "disable")==0)
114 safe_system("unlink /var/ipfire/tripwire/enable");
115 safe_system("unlink /etc/fcron.daily/tripwire*");
116 safe_system("rm -rf /var/ipfire/tripwire/site.key");
117 safe_system("rm -rf /var/ipfire/tripwire/local.key");
118 safe_system("rm -rf /var/ipfire/tripwire/tw.cfg*");
119 safe_system("rm -rf /var/ipfire/tripwire/tw.pol*");
120 safe_system("rm -rf /var/ipfire/tripwire/*.twd*");
121 safe_system("rm -rf /var/ipfire/tripwire/report/*");
125 if (strcmp(argv
[1], "addcron")==0)
127 snprintf(command
, BUFFER_SIZE
-1, "echo \"/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol\" > /etc/fcron.daily/tripwire%s%s", argv
[2], argv
[3]);
128 safe_system(command
);
129 snprintf(command
, BUFFER_SIZE
-1, "chmod 755 /etc/fcron.daily/tripwire%s%s", argv
[2], argv
[3]);
130 safe_system(command
);
131 snprintf(command
, BUFFER_SIZE
-1, "touch -t 0101%s%s /etc/fcron.daily/tripwire%s%s", argv
[2], argv
[3], argv
[2], argv
[3]);
132 safe_system(command
);
135 if (strcmp(argv
[1], "disablecron")==0)
137 snprintf(command
, BUFFER_SIZE
-1, "unlink /etc/fcron.daily/tripwire%s", argv
[2]);
138 safe_system(command
);