[people/teissler/ipfire-2.x.git] / src / misc-progs / tripwirectrl.c

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <fcntl.h>
#include "setuid.h"

#define BUFFER_SIZE 1024

char command[BUFFER_SIZE]; 

int main(int argc, char *argv[])
{

        if (!(initsetuid()))
                exit(1);

        // Check what command is asked
        if (argc==1)
        {
            fprintf (stderr, "Missing tripwirectrl command!\n");
            return 1;
        }

        if (strcmp(argv[1], "tripwirelog")==0)
        {
        char log; 
            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twprint -m r --twrfile /var/ipfire/tripwire/report/%s", argv[2]);
            log=safe_system(command);
            printf(command);
            return(log);
        }

        if (strcmp(argv[1], "generatereport")==0)
        {
            safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg");
            printf(command);
            return 0;
        }

        if (strcmp(argv[1], "updatedatabase")==0)
        {
        char file; 
            file=safe_system("ls -S | tail -1");
            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --local-passphrase %s --twrfile %s", argv[2], file);
            safe_system(command);
            printf(command);
            return 0;
        }

        if (strcmp(argv[1], "keys")==0)
        {
            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s && chmod 640 /var/ipfire/tripwire/site.key", argv[2]);
            safe_system(command);
            printf(command);
            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/$(HOSTNAME)-local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/$(HOSTNAME)-local.key --local-passphrase %s && chmod 640 /var/ipfire/tripwire/$(HOSTNAME)-local.key", argv[3]);
            safe_system(command);
            printf(command);
            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg", argv[2]);
            safe_system(command);
            printf(command);
            snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol", argv[2]);
            safe_system(command);
            printf(command);
            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --site-passphrase %s", argv[2]);
            safe_system(command);
            printf(command);
            return 0;
        }

        if (strcmp(argv[1], "generatepolicy")==0)
        {
            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --generate-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt", argv[2]);
            safe_system(command);
            printf(command);
            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init -c /var/ipfire/tripwire/tw.cfg -p /var/ipfire/tripwire/tw.cfg --site-passphrase %s", argv[2]);
            safe_system(command);
            printf(command);
            return 0;
        }

        if (strcmp(argv[1], "resetpolicy")==0)
        {
            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --generate-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default", argv[2]);
            safe_system(command);
            printf(command);
            snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init -c /var/ipfire/tripwire/tw.cfg -p /var/ipfire/tripwire/tw.cfg --site-passphrase %s", argv[2]);
            safe_system(command);
            printf(command);
            return 0;
        }

        if (strcmp(argv[1], "readconfig")==0)
        {
            safe_system("/bin/chown nobody:nobody /var/ipfire/tripwire/twcfg.txt");
            printf(command);
            return 0;
        }

        if (strcmp(argv[1], "lockconfig")==0)
        {
            safe_system("/bin/chown root:root /var/ipfire/tripwire/twcfg.txt");
            printf(command);
            return 0;
        }
}
Commit	Line	Data
92004c61 CS	1	#include <stdio.h>
	2	#include <string.h>
	3	#include <stdlib.h>
	4	#include <unistd.h>
	5	#include <sys/types.h>
	6	#include <fcntl.h>
	7	#include "setuid.h"
	8
	9	#define BUFFER_SIZE 1024
	10
	11	char command[BUFFER_SIZE];
	12
	13	int main(int argc, char *argv[])
	14	{
	15
	16	if (!(initsetuid()))
	17	exit(1);
	18
	19	// Check what command is asked
	20	if (argc==1)
	21	{
	22	fprintf (stderr, "Missing tripwirectrl command!\n");
	23	return 1;
	24	}
	25
	26	if (strcmp(argv[1], "tripwirelog")==0)
	27	{
	28	char log;
	29	snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twprint -m r --twrfile /var/ipfire/tripwire/report/%s", argv[2]);
	30	log=safe_system(command);
	31	printf(command);
	32	return(log);
	33	}
	34
	35	if (strcmp(argv[1], "generatereport")==0)
	36	{
	37	safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg");
	38	printf(command);
	39	return 0;
	40	}
	41
	42	if (strcmp(argv[1], "updatedatabase")==0)
	43	{
	44	char file;
	45	file=safe_system("ls -S \| tail -1");
	46	snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --local-passphrase %s --twrfile %s", argv[2], file);
	47	safe_system(command);
	48	printf(command);
	49	return 0;
	50	}
	51
	52	if (strcmp(argv[1], "keys")==0)
	53	{
	54	snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s && chmod 640 /var/ipfire/tripwire/site.key", argv[2]);
	55	safe_system(command);
	56	printf(command);
	57	snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/$(HOSTNAME)-local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/$(HOSTNAME)-local.key --local-passphrase %s && chmod 640 /var/ipfire/tripwire/$(HOSTNAME)-local.key", argv[3]);
	58	safe_system(command);
	59	printf(command);
	60	snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg", argv[2]);
	61	safe_system(command);
	62	printf(command);
	63	snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol", argv[2]);
	64	safe_system(command);
65	printf(command);
66	snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.cfg --site-passphrase %s", argv[2]);
67	safe_system(command);
68	printf(command);
69	return 0;
70	}
71
72	if (strcmp(argv[1], "generatepolicy")==0)
73	{
74	snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --generate-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt", argv[2]);
75	safe_system(command);
76	printf(command);
77	snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init -c /var/ipfire/tripwire/tw.cfg -p /var/ipfire/tripwire/tw.cfg --site-passphrase %s", argv[2]);
78	safe_system(command);
79	printf(command);
80	return 0;
81	}
82
83	if (strcmp(argv[1], "resetpolicy")==0)
84	{
85	snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --generate-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default", argv[2]);
86	safe_system(command);
87	printf(command);
88	snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init -c /var/ipfire/tripwire/tw.cfg -p /var/ipfire/tripwire/tw.cfg --site-passphrase %s", argv[2]);
89	safe_system(command);
90	printf(command);
91	return 0;
92	}
93
94	if (strcmp(argv[1], "readconfig")==0)
95	{
96	safe_system("/bin/chown nobody:nobody /var/ipfire/tripwire/twcfg.txt");
97	printf(command);
98	return 0;
99	}
100
101	if (strcmp(argv[1], "lockconfig")==0)
102	{
103	safe_system("/bin/chown root:root /var/ipfire/tripwire/twcfg.txt");
104	printf(command);
105	return 0;
106	}
107	}