src/rootcheck/check_rc_dev.c

   1 /* @(#) $Id$ */
   2
   3 /* Copyright (C) 2009 Trend Micro Inc.
   4  * All right reserved.
   5  *
   6  * This program is a free software; you can redistribute it
   7  * and/or modify it under the terms of the GNU General Public
   8  * License (version 2) as published by the FSF - Free Software
   9  * Foundation
  10  */
  11
  12
  13 #ifndef WIN32
  14 #include "shared.h"
  15 #include "rootcheck.h"
  16
  17 int _dev_errors;
  18 int _dev_total;
  19
  20 /** Prototypes **/
  21 int read_dev_dir(char *dir_name);
  22
  23 int read_dev_file(char *file_name)
  24 {
  25     struct stat statbuf;
  26
  27     if(lstat(file_name, &statbuf) < 0)
  28     {
  29         return(-1);
  30     }
  31
  32     if(S_ISDIR(statbuf.st_mode))
  33     {
  34         #ifdef DEBUG
  35         verbose("%s: Reading dir: %s\n",ARGV0, file_name);
  36         #endif
  37
  38         return(read_dev_dir(file_name));
  39     }
  40
  41     else if(S_ISREG(statbuf.st_mode))
  42     {
  43         char op_msg[OS_SIZE_1024 +1];
  44
  45         snprintf(op_msg, OS_SIZE_1024, "File '%s' present on /dev."
  46                                     " Possible hidden file.", file_name);
  47         notify_rk(ALERT_SYSTEM_CRIT, op_msg);
  48
  49         _dev_errors++;
  50     }
  51
  52     return(0);
  53 }
  54
  55 /* read_dir v0.1
  56  *
  57  */
  58 int read_dev_dir(char *dir_name)
  59 {
  60     int i;
  61
  62     DIR *dp;
  63
  64         struct dirent *entry;
  65
  66     /* when will these people learn that dev is not
  67      * meant to store log files or other kind of texts..
  68      */
  69     char *(ignore_dev[]) = {"MAKEDEV","README.MAKEDEV",
  70                             "MAKEDEV.README", ".udevdb",
  71                             ".udev.tdb", ".initramfs-tools",
  72                             "MAKEDEV.local", ".udev", ".initramfs",
  73                             "oprofile","fd",
  74     #ifdef SOLARIS
  75                             ".devfsadm_dev.lock",
  76                             ".devlink_db_lock",
  77                             ".devlink_db",
  78                             ".devfsadm_daemon.lock",
  79                             ".devfsadm_deamon.lock",
  80                             ".devfsadm_synch_door",
  81                             ".zone_reg_door",
  82     #endif
  83                             NULL};
  84
  85
  86     /* Full path ignore */
  87     char *(ignore_dev_full_path[]) = {"/dev/shm/sysconfig",
  88                                       "/dev/bus/usb/.usbfs",
  89                                       "/dev/shm",
  90                                       "/dev/gpmctl",
  91                                       NULL};
  92
  93     if((dir_name == NULL)||(strlen(dir_name) > PATH_MAX))
  94     {
  95         merror("%s: Invalid directory given.",ARGV0);
  96         return(-1);
  97     }
  98
  99     /* Opening the directory given */
 100     dp = opendir(dir_name);
 101         if(!dp)
 102     {
 103         return(-1);
 104     }
 105
 106     while((entry = readdir(dp)) != NULL)
 107     {
 108         char f_name[PATH_MAX +2];
 109
 110         /* Just ignore . and ..  */
 111         if((strcmp(entry->d_name,".") == 0) ||
 112            (strcmp(entry->d_name,"..") == 0))
 113             continue;
 114
 115         _dev_total++;
 116
 117         /* Do not look for the ignored files */
 118         for(i = 0;ignore_dev[i] != NULL;i++)
 119         {
 120             if(strcmp(ignore_dev[i], entry->d_name) == 0)
 121                 break;
 122         }
 123
 124         if(ignore_dev[i] != NULL)
 125             continue;
 126
 127         f_name[PATH_MAX +1] = '\0';
 128         snprintf(f_name, PATH_MAX +1, "%s/%s",dir_name, entry->d_name);
 129
 130
 131         /* Do not look for the full ignored files */
 132         for(i = 0;ignore_dev_full_path[i] != NULL;i++)
 133         {
 134             if(strcmp(ignore_dev_full_path[i], f_name) == 0)
 135                 break;
 136         }
 137
 138
 139         /* Checking against the full path. */
 140         if(ignore_dev_full_path[i] != NULL)
 141         {
 142             continue;
 143         }
 144
 145
 146         read_dev_file(f_name);
 147
 148     }
 149
 150     closedir(dp);
 151
 152     return(0);
 153 }
 154
 155
 156 /*  check_rc_dev: v0.1
 157  *
 158  */
 159 void check_rc_dev(char *basedir)
 160 {
 161     char file_path[OS_SIZE_1024 +1];
 162
 163     _dev_total = 0, _dev_errors = 0;
 164
 165     debug1("%s: DEBUG: Starting on check_rc_dev", ARGV0);
 166
 167     snprintf(file_path, OS_SIZE_1024, "%s/dev", basedir);
 168
 169     read_dev_dir(file_path);
 170
 171     if(_dev_errors == 0)
 172     {
 173         char op_msg[OS_SIZE_1024 +1];
 174         snprintf(op_msg, OS_SIZE_1024, "No problem detected on the /dev "
 175                                     "directory. Analyzed %d files",
 176                                     _dev_total);
 177         notify_rk(ALERT_OK, op_msg);
 178     }
 179
 180     return;
 181 }
 182
 183 /* EOF */
 184
 185 #else
 186 /* Windows */
 187 void check_rc_dev(char *basedir)
 188 {
 189     return;
 190 }
 191 #endif