src/misc-progs/tripwirectrl.c

   1 #include <stdio.h>
   2 #include <string.h>
   3 #include <stdlib.h>
   4 #include <unistd.h>
   5 #include <sys/types.h>
   6 #include <fcntl.h>
   7 #include "setuid.h"
   8
   9 #define BUFFER_SIZE 1024
  10
  11 char command[BUFFER_SIZE];
  12
  13 int main(int argc, char *argv[])
  14 {
  15
  16         if (!(initsetuid()))
  17                 exit(1);
  18
  19         // Check what command is asked
  20         if (argc==1)
  21         {
  22             fprintf (stderr, "Missing tripwirectrl command!\n");
  23             return 1;
  24         }
  25
  26         if (strcmp(argv[1], "tripwirelog")==0)
  27         {
  28             snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twprint -m r --cfgfile /var/ipfire/tripwire/tw.cfg --twrfile /var/ipfire/tripwire/report/%s", argv[2]);
  29             safe_system(command);
  30             return 0;
  31         }
  32
  33         if (strcmp(argv[1], "generatereport")==0)
  34         {
  35             safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol");
  36             return 0;
  37         }
  38
  39         if (strcmp(argv[1], "updatedatabase")==0)
  40         {
  41             snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s --twrfile %s", argv[2], argv[3]);
  42             safe_system(command);
  43             return 0;
  44         }
  45
  46         if (strcmp(argv[1], "keys")==0)
  47         {
  48             printf("\nGenerating Site-Key");
  49             snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s && chmod 640 /var/ipfire/tripwire/site.key", argv[2]);
  50             safe_system(command);
  51             printf("\nGenerating Local-Key");
  52             snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase %s && chmod 640 /var/ipfire/tripwire/local.key", argv[3]);
  53             safe_system(command);
  54             printf("\nGenerating Config File");
  55             snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg", argv[2]);
  56             safe_system(command);
  57             printf("\nGenerating Policy File");
  58             snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol", argv[2]);
  59             safe_system(command);
  60             printf("\nInitialising - This may take a while depending on your Policy");
  61             snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv[3]);
  62             safe_system(command);
  63             return 0;
  64         }
  65
  66         if (strcmp(argv[1], "generatepolicy")==0)
  67         {
  68             printf("\nGenerating Policy File");
  69             snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt", argv[2]);
  70             safe_system(command);
  71             printf("\nInitialising - This may take a while depending on your Policy");
  72             snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init -c /var/ipfire/tripwire/tw.cfg -p /var/ipfire/tripwire/tw.cfg --local-passphrase %s", argv[3]);
  73             safe_system(command);
  74             return 0;
  75         }
  76
  77         if (strcmp(argv[1], "resetpolicy")==0)
  78         {
  79             printf("\nGenerating Policy File");
  80             snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default", argv[2]);
  81             safe_system(command);
  82             printf("\nInitialising - This may take a while depending on your Policy");
  83             snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init -c /var/ipfire/tripwire/tw.cfg -p /var/ipfire/tripwire/tw.cfg --local-passphrase %s", argv[3]);
  84             safe_system(command);
  85             return 0;
  86         }
  87
  88         if (strcmp(argv[1], "readconfig")==0)
  89         {
  90             safe_system("/bin/chown nobody:nobody /var/ipfire/tripwire/twcfg.txt");
  91             return 0;
  92         }
  93
  94         if (strcmp(argv[1], "lockconfig")==0)
  95         {
  96             safe_system("/bin/chown root:root /var/ipfire/tripwire/twcfg.txt");
  97             return 0;
  98         }
  99 return 0;
 100 }