1 /* @(#) $Id: rootcheck_control.c,v 1.5 2009/06/24 18:53:09 dcid Exp $ */
3 /* Copyright (C) 2009 Trend Micro Inc.
6 * This program is a free software; you can redistribute it
7 * and/or modify it under the terms of the GNU General Public
8 * License (version 3) as published by the FSF - Free Software
13 #include "addagent/manage_agents.h"
18 #define ARGV0 "rootcheck_control"
24 printf("\nOSSEC HIDS %s: Manages the policy and auditing database.\n",
26 printf("Available options:\n");
27 printf("\t-h This help message.\n");
28 printf("\t-l List available (active or not) agents.\n");
29 printf("\t-lc List only active agents.\n");
30 printf("\t-u <id> Updates (clear) the database for the agent.\n");
31 printf("\t-u all Updates (clear) the database for all agents.\n");
32 printf("\t-i <id> Prints database for the agent.\n");
33 printf("\t-r Used with -i, prints all the resolved issues.\n");
34 printf("\t-q Used with -i, prints all the outstanding issues.\n");
35 printf("\t-L Used with -i, prints the last scan.\n");
36 printf("\t-s Changes the output to CSV (comma delimited).\n");
42 int main(int argc, char **argv)
44 char *dir = DEFAULTDIR;
45 char *group = GROUPGLOBAL;
47 char *agent_id = NULL;
51 int c = 0, info_agent = 0, update_rootcheck = 0,
52 list_agents = 0, show_last = 0,
54 int active_only = 0, csv_output = 0;
60 /* Setting the name */
71 while((c = getopt(argc, argv, "VhqrDdLlcsu:i:")) != -1)
105 merror("%s: -u needs an argument",ARGV0);
113 merror("%s: -u needs an argument",ARGV0);
117 update_rootcheck = 1;
127 /* Getting the group name */
128 gid = Privsep_GetGroup(group);
129 uid = Privsep_GetUser(user);
132 ErrorExit(USER_ERROR, ARGV0, user, group);
136 /* Setting the group */
137 if(Privsep_SetGroup(gid) < 0)
139 ErrorExit(SETGID_ERROR,ARGV0, group);
143 /* Chrooting to the default directory */
144 if(Privsep_Chroot(dir) < 0)
146 ErrorExit(CHROOT_ERROR, ARGV0, dir);
150 /* Inside chroot now */
154 /* Setting the user */
155 if(Privsep_SetUser(uid) < 0)
157 ErrorExit(SETUID_ERROR, ARGV0, user);
162 /* Getting servers hostname */
163 memset(shost, '\0', 512);
164 if(gethostname(shost, 512 -1) != 0)
166 strncpy(shost, "localhost", 32);
172 /* Listing available agents. */
177 printf("\nOSSEC HIDS %s. List of available agents:",
179 printf("\n ID: 000, Name: %s (server), IP: 127.0.0.1, "
180 "Active/Local\n", shost);
184 printf("000,%s (server),127.0.0.1,Active/Local,\n", shost);
186 print_agents(1, active_only, csv_output);
193 /* Update rootcheck database. */
196 /* Cleaning all agents (and server) db. */
197 if(strcmp(agent_id, "all") == 0)
200 struct dirent *entry;
202 sys_dir = opendir(ROOTCHECK_DIR);
205 ErrorExit("%s: Unable to open: '%s'", ARGV0, ROOTCHECK_DIR);
208 while((entry = readdir(sys_dir)) != NULL)
211 char full_path[OS_MAXSTR +1];
213 /* Do not even attempt to delete . and .. :) */
214 if((strcmp(entry->d_name,".") == 0)||
215 (strcmp(entry->d_name,"..") == 0))
220 snprintf(full_path, OS_MAXSTR,"%s/%s", ROOTCHECK_DIR,
223 fp = fopen(full_path, "w");
228 if(entry->d_name[0] == '.')
235 printf("\n** Policy and auditing database updated.\n\n");
239 else if((strcmp(agent_id, "000") == 0) ||
240 (strcmp(agent_id, "local") == 0))
242 char final_dir[1024];
244 snprintf(final_dir, 1020, "/%s/rootcheck", ROOTCHECK_DIR);
246 fp = fopen(final_dir, "w");
252 printf("\n** Policy and auditing database updated.\n\n");
256 /* Database from remote agents. */
264 i = OS_IsAllowedID(&keys, agent_id);
267 printf("\n** Invalid agent id '%s'.\n", agent_id);
271 /* Deleting syscheck */
272 delete_rootcheck(keys.keyentries[i]->name,
273 keys.keyentries[i]->ip->ip, 0);
275 printf("\n** Policy and auditing database updated.\n\n");
281 /* Printing information from an agent. */
285 char final_ip[128 +1];
286 char final_mask[128 +1];
290 if((strcmp(agent_id, "000") == 0) ||
291 (strcmp(agent_id, "local") == 0))
294 printf("\nPolicy and auditing events for local system '%s - %s':\n",
297 print_rootcheck(NULL,
298 NULL, NULL, resolved_only, csv_output, show_last);
305 i = OS_IsAllowedID(&keys, agent_id);
308 printf("\n** Invalid agent id '%s'.\n", agent_id);
312 /* Getting netmask from ip. */
313 final_ip[128] = '\0';
314 final_mask[128] = '\0';
315 getNetmask(keys.keyentries[i]->ip->netmask,
317 snprintf(final_ip, 128, "%s%s",keys.keyentries[i]->ip->ip,
321 printf("\nPolicy and auditing events for agent "
323 keys.keyentries[i]->name, keys.keyentries[i]->id,
326 print_rootcheck(keys.keyentries[i]->name,
327 keys.keyentries[i]->ip->ip, NULL,
328 resolved_only, csv_output, show_last);
337 printf("\n** Invalid argument combination.\n");