projects / people / teissler / ipfire-2.x.git / blame
| Commit | Line | Data |
|---|---|---|
| 92004c61 CS |
1 | #include <stdio.h> |
| 2 | #include <string.h> | |
| 3 | #include <stdlib.h> | |
| 4 | #include <unistd.h> | |
| 5 | #include <sys/types.h> | |
| 6 | #include <fcntl.h> | |
| 7 | #include "setuid.h" | |
| 8 | ||
| 9 | #define BUFFER_SIZE 1024 | |
| 10 | ||
| 11 | char command[BUFFER_SIZE]; | |
| 12 | ||
| 13 | int main(int argc, char *argv[]) | |
| 14 | { | |
| 15 | ||
| 71dfc4b7 CS |
16 | if (!(initsetuid())) |
| 17 | exit(1); | |
| 92004c61 | 18 | |
| 71dfc4b7 CS |
19 | // Check what command is asked |
| 20 | if (argc==1) | |
| 21 | { | |
| 22 | fprintf (stderr, "Missing tripwirectrl command!\n"); | |
| 23 | return 1; | |
| 24 | } | |
| 92004c61 | 25 | |
| 71dfc4b7 CS |
26 | if (strcmp(argv[1], "tripwirelog")==0) |
| 27 | { | |
| 28 | snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twprint -m r --cfgfile /var/ipfire/tripwire/tw.cfg --twrfile /var/ipfire/tripwire/report/%s", argv[2]); | |
| 29 | safe_system(command); | |
| 30 | return 0; | |
| 31 | } | |
| 92004c61 | 32 | |
| 71dfc4b7 CS |
33 | if (strcmp(argv[1], "generatereport")==0) |
| 34 | { | |
| 35 | safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol >/dev/null 2>&1"); | |
| 36 | return 0; | |
| 37 | } | |
| 1465b127 | 38 | |
| 71dfc4b7 CS |
39 | if (strcmp(argv[1], "deletereport")==0) |
| 40 | { | |
| 41 | sprintf(command, "rm -f /var/ipfire/tripwire/report/%s", argv[2]); | |
| 42 | safe_system(command); | |
| 43 | return 0; | |
| 44 | } | |
| 92004c61 | 45 | |
| 71dfc4b7 CS |
46 | if (strcmp(argv[1], "updatedatabase")==0) |
| 47 | { | |
| 48 | snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s --twrfile %s >/dev/null 2>&1", argv[2], argv[3]); | |
| 49 | safe_system(command); | |
| 50 | return 0; | |
| 51 | } | |
| 92004c61 | 52 | |
| 71dfc4b7 CS |
53 | if (strcmp(argv[1], "keys")==0) |
| 54 | { | |
| 55 | snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s >/dev/null 2>&1 && chmod 640 /var/ipfire/tripwire/site.key", argv[2]); | |
| 56 | safe_system(command); | |
| 57 | snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase %s >/dev/null 2>&1 && chmod 640 /var/ipfire/tripwire/local.key", argv[3]); | |
| 58 | safe_system(command); | |
| 59 | snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt >/dev/null 2>&1 && chmod 640 /var/ipfire/tripwire/tw.cfg", argv[2]); | |
| 60 | safe_system(command); | |
| 61 | snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt >/dev/null 2>&1 && chmod 640 /var/ipfire/tripwire/tw.pol", argv[2]); | |
| 62 | safe_system(command); | |
| 63 | snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s >/dev/null 2>&1", argv[3]); | |
| 64 | safe_system(command); | |
| 65 | return 0; | |
| 66 | } | |
| 92004c61 | 67 | |
| 71dfc4b7 CS |
68 | if (strcmp(argv[1], "generatepolicy")==0) |
| 69 | { | |
| 70 | printf("Generating Policy File<br />"); | |
| 71 | snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt >/dev/null 2>&1", argv[2]); | |
| 72 | safe_system(command); | |
| 73 | printf("Initialising - This may take a while depending on your Policy<br />"); | |
| 74 | snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --local-passphrase %s >/dev/null 2>&1", argv[3]); | |
| 75 | safe_system(command); | |
| 76 | return 0; | |
| 77 | } | |
| 92004c61 | 78 | |
| 71dfc4b7 CS |
79 | if (strcmp(argv[1], "resetpolicy")==0) |
| 80 | { | |
| 81 | snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default >/dev/null 2>&1", argv[2]); | |
| 82 | safe_system(command); | |
| 83 | snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --local-passphrase %s >/dev/null 2>&1", argv[3]); | |
| 84 | safe_system(command); | |
| 85 | return 0; | |
| 86 | } | |
| 92004c61 | 87 | |
| 71dfc4b7 CS |
88 | if (strcmp(argv[1], "readconfig")==0) |
| 89 | { | |
| 90 | safe_system("/bin/chown nobody:nobody /var/ipfire/tripwire/twcfg.txt"); | |
| 91 | return 0; | |
| 92 | } | |
| 92004c61 | 93 | |
| 71dfc4b7 CS |
94 | if (strcmp(argv[1], "lockconfig")==0) |
| 95 | { | |
| 96 | safe_system("/bin/chown root:root /var/ipfire/tripwire/twcfg.txt"); | |
| 1cdddb12 | 97 | return 0; |
| 1465b127 | 98 | } |
| 71dfc4b7 CS |
99 | return 0; |
| 100 | } |