src/misc-progs/tripwirectrl.c

   1 #include <stdio.h>
   2 #include <string.h>
   3 #include <stdlib.h>
   4 #include <unistd.h>
   5 #include <sys/types.h>
   6 #include <fcntl.h>
   7 #include "setuid.h"
   8
   9 #define BUFFER_SIZE 1024
  10
  11 char command[BUFFER_SIZE];
  12
  13 int main(int argc, char *argv[])
  14 {
  15
  16 if (!(initsetuid()))
  17  exit(1);
  18
  19 // Check what command is asked
  20 if (argc==1)
  21 {
  22 fprintf (stderr, "Missing tripwirectrl command!\n");
  23 return 1;
  24 }
  25
  26 if (strcmp(argv[1], "tripwirelog")==0)
  27 {
  28 snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twprint -m r --cfgfile /var/ipfire/tripwire/tw.cfg --twrfile /var/ipfire/tripwire/report/%s", argv[2]);
  29 safe_system(command);
  30 return 0;
  31 }
  32
  33 if (strcmp(argv[1], "generatereport")==0)
  34 {
  35 safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol  >/dev/null 2>&1");
  36 return 0;
  37 }
  38
  39 if (strcmp(argv[1], "deletereport")==0)
  40 {
  41 sprintf(command, "rm -f /var/ipfire/tripwire/report/%s", argv[2]);
  42 safe_system(command);
  43 return 0;
  44 }
  45
  46 if (strcmp(argv[1], "updatedatabase")==0)
  47 {
  48 snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s --twrfile %s  >/dev/null 2>&1", argv[2], argv[3]);
  49 safe_system(command);
  50 return 0;
  51 }
  52
  53 if (strcmp(argv[1], "keys")==0)
  54 {
  55 snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s >/dev/null 2>&1 && chmod 640 /var/ipfire/tripwire/site.key", argv[2]);
  56 safe_system(command);
  57 snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase %s >/dev/null 2>&1 && chmod 640 /var/ipfire/tripwire/local.key", argv[3]);
  58 safe_system(command);
  59 snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt >/dev/null 2>&1 && chmod 640 /var/ipfire/tripwire/tw.cfg", argv[2]);
  60 safe_system(command);
  61 snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt >/dev/null 2>&1 && chmod 640 /var/ipfire/tripwire/tw.pol", argv[2]);
  62 safe_system(command);
  63 snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s  >/dev/null 2>&1", argv[3]);
  64 safe_system(command);
  65 return 0;
  66 }
  67
  68 if (strcmp(argv[1], "generatepolicy")==0)
  69 {
  70 printf("Generating Policy File<br />");
  71 snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt  >/dev/null 2>&1", argv[2]);
  72 safe_system(command);
  73 printf("Initialising - This may take a while depending on your Policy<br />");
  74 snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --local-passphrase %s  >/dev/null 2>&1", argv[3]);
  75 safe_system(command);
  76 return 0;
  77 }
  78
  79 if (strcmp(argv[1], "resetpolicy")==0)
  80 {
  81 snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default  >/dev/null 2>&1", argv[2]);
  82 safe_system(command);
  83 snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --local-passphrase %s  >/dev/null 2>&1", argv[3]);
  84 safe_system(command);
  85 return 0;
  86 }
  87
  88 if (strcmp(argv[1], "readconfig")==0)
  89 {
  90 safe_system("/bin/chown nobody:nobody /var/ipfire/tripwire/twcfg.txt");
  91 return 0;
  92 }
  93
  94 if (strcmp(argv[1], "lockconfig")==0)
  95 {
  96 safe_system("/bin/chown root:root /var/ipfire/tripwire/twcfg.txt");
  97 return 0;
  98 }
  99 return 0;
 100 }