X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=src%2Futil%2Fsyscheck_update.c;h=dbd117b479f9592a0a6b96f8203ee31d2aaec360;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=e39e3c88a83d94dc52a35cbe8cda0afd31fff5af;hpb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;p=ossec-hids.git diff --git a/src/util/syscheck_update.c b/src/util/syscheck_update.c old mode 100755 new mode 100644 index e39e3c8..dbd117b --- a/src/util/syscheck_update.c +++ b/src/util/syscheck_update.c @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/util/syscheck_update.c, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All right reserved. * @@ -10,16 +7,17 @@ * Foundation */ - #include "addagent/manage_agents.h" #include "sec.h" #undef ARGV0 #define ARGV0 "syscheck_update" +/* Prototypes */ +static void helpmsg(void) __attribute__((noreturn)); + -/** help **/ -void helpmsg() +static void helpmsg() { printf("\nOSSEC HIDS %s: Updates (clears) the integrity check database.\n", ARGV0); printf("Available options:\n"); @@ -31,112 +29,87 @@ void helpmsg() exit(1); } -/** main **/ int main(int argc, char **argv) { - char *dir = DEFAULTDIR; - char *group = GROUPGLOBAL; - char *user = USER; - int gid; - int uid; + const char *dir = DEFAULTDIR; + const char *group = GROUPGLOBAL; + const char *user = USER; + gid_t gid; + uid_t uid; - - /* Setting the name */ + /* Set the name */ OS_SetName(ARGV0); - - /* user arguments */ - if(argc < 2) - { + /* User arguments */ + if (argc < 2) { helpmsg(); } - /* Getting the group name */ + /* Get the group name */ gid = Privsep_GetGroup(group); uid = Privsep_GetUser(user); - if(gid < 0) - { - ErrorExit(USER_ERROR, ARGV0, user, group); + if (uid == (uid_t) - 1 || gid == (gid_t) - 1) { + ErrorExit(USER_ERROR, ARGV0, user, group); } - - /* Setting the group */ - if(Privsep_SetGroup(gid) < 0) - { - ErrorExit(SETGID_ERROR,ARGV0, group); + /* Set the group */ + if (Privsep_SetGroup(gid) < 0) { + ErrorExit(SETGID_ERROR, ARGV0, group, errno, strerror(errno)); } - - /* Chrooting to the default directory */ - if(Privsep_Chroot(dir) < 0) - { - ErrorExit(CHROOT_ERROR, ARGV0, dir); + /* Chroot to the default directory */ + if (Privsep_Chroot(dir) < 0) { + ErrorExit(CHROOT_ERROR, ARGV0, dir, errno, strerror(errno)); } - /* Inside chroot now */ nowChroot(); - - /* Setting the user */ - if(Privsep_SetUser(uid) < 0) - { - ErrorExit(SETUID_ERROR, ARGV0, user); + /* Set the user */ + if (Privsep_SetUser(uid) < 0) { + ErrorExit(SETUID_ERROR, ARGV0, user, errno, strerror(errno)); } /* User options */ - if(strcmp(argv[1], "-h") == 0) - { + if (strcmp(argv[1], "-h") == 0) { helpmsg(); - } - else if(strcmp(argv[1], "-l") == 0) - { + } else if (strcmp(argv[1], "-l") == 0) { printf("\nOSSEC HIDS %s: Updates the integrity check database.", - ARGV0); - print_agents(0, 0, 0); + ARGV0); + print_agents(0, 0, 0, 0); printf("\n"); exit(0); - } - else if(strcmp(argv[1], "-u") == 0) - { - if(argc != 3) - { + } else if (strcmp(argv[1], "-u") == 0) { + if (argc != 3) { printf("\n** Option -u requires an extra argument\n"); helpmsg(); } - } - else if(strcmp(argv[1], "-a") == 0) - { + } else if (strcmp(argv[1], "-a") == 0) { DIR *sys_dir; struct dirent *entry; sys_dir = opendir(SYSCHECK_DIR); - if(!sys_dir) - { + if (!sys_dir) { ErrorExit("%s: Unable to open: '%s'", ARGV0, SYSCHECK_DIR); } - while((entry = readdir(sys_dir)) != NULL) - { + while ((entry = readdir(sys_dir)) != NULL) { FILE *fp; - char full_path[OS_MAXSTR +1]; + char full_path[OS_MAXSTR + 1]; /* Do not even attempt to delete . and .. :) */ - if((strcmp(entry->d_name,".") == 0)|| - (strcmp(entry->d_name,"..") == 0)) - { + if ((strcmp(entry->d_name, ".") == 0) || + (strcmp(entry->d_name, "..") == 0)) { continue; } - snprintf(full_path, OS_MAXSTR,"%s/%s", SYSCHECK_DIR, entry->d_name); + snprintf(full_path, OS_MAXSTR, "%s/%s", SYSCHECK_DIR, entry->d_name); fp = fopen(full_path, "w"); - if(fp) - { + if (fp) { fclose(fp); } - if(entry->d_name[0] == '.') - { + if (entry->d_name[0] == '.') { unlink(full_path); } } @@ -144,62 +117,51 @@ int main(int argc, char **argv) closedir(sys_dir); printf("\n** Integrity check database updated.\n\n"); exit(0); - } - else - { + } else { printf("\n** Invalid option '%s'.\n", argv[1]); helpmsg(); } - - /* local */ - if(strcmp(argv[2],"local") == 0) - { + /* Local */ + if (strcmp(argv[2], "local") == 0) { char final_dir[1024]; FILE *fp; snprintf(final_dir, 1020, "/%s/syscheck", SYSCHECK_DIR); fp = fopen(final_dir, "w"); - if(fp) - { + if (fp) { fclose(fp); } unlink(final_dir); - - /* Deleting cpt file */ + /* Delete cpt file */ snprintf(final_dir, 1020, "/%s/.syscheck.cpt", SYSCHECK_DIR); fp = fopen(final_dir, "w"); - if(fp) - { + if (fp) { fclose(fp); } /* unlink(final_dir); */ } - /* external agents */ - else - { + /* External agents */ + else { int i; keystore keys; OS_ReadKeys(&keys); i = OS_IsAllowedID(&keys, argv[2]); - if(i < 0) - { + if (i < 0) { printf("\n** Invalid agent id '%s'.\n", argv[2]); helpmsg(); } - /* Deleting syscheck */ - delete_syscheck(keys.keyentries[i]->name,keys.keyentries[i]->ip->ip,0); + /* Delete syscheck */ + delete_syscheck(keys.keyentries[i]->name, keys.keyentries[i]->ip->ip, 0); } printf("\n** Integrity check database updated.\n\n"); - return(0); + return (0); } - -/* EOF */