1 /* @(#) $Id: ./src/util/rootcheck_control.c, 2011/09/08 dcid Exp $
4 /* Copyright (C) 2009 Trend Micro Inc.
7 * This program is a free software; you can redistribute it
8 * and/or modify it under the terms of the GNU General Public
9 * License (version 2) as published by the FSF - Free Software
14 #include "addagent/manage_agents.h"
19 #define ARGV0 "rootcheck_control"
25 printf("\nOSSEC HIDS %s: Manages the policy and auditing database.\n",
27 printf("Available options:\n");
28 printf("\t-h This help message.\n");
29 printf("\t-l List available (active or not) agents.\n");
30 printf("\t-lc List only active agents.\n");
31 printf("\t-u <id> Updates (clear) the database for the agent.\n");
32 printf("\t-u all Updates (clear) the database for all agents.\n");
33 printf("\t-i <id> Prints database for the agent.\n");
34 printf("\t-r Used with -i, prints all the resolved issues.\n");
35 printf("\t-q Used with -i, prints all the outstanding issues.\n");
36 printf("\t-L Used with -i, prints the last scan.\n");
37 printf("\t-s Changes the output to CSV (comma delimited).\n");
43 int main(int argc, char **argv)
45 char *dir = DEFAULTDIR;
46 char *group = GROUPGLOBAL;
48 char *agent_id = NULL;
52 int c = 0, info_agent = 0, update_rootcheck = 0,
53 list_agents = 0, show_last = 0,
55 int active_only = 0, csv_output = 0;
61 /* Setting the name */
72 while((c = getopt(argc, argv, "VhqrDdLlcsu:i:")) != -1)
106 merror("%s: -u needs an argument",ARGV0);
114 merror("%s: -u needs an argument",ARGV0);
118 update_rootcheck = 1;
128 /* Getting the group name */
129 gid = Privsep_GetGroup(group);
130 uid = Privsep_GetUser(user);
133 ErrorExit(USER_ERROR, ARGV0, user, group);
137 /* Setting the group */
138 if(Privsep_SetGroup(gid) < 0)
140 ErrorExit(SETGID_ERROR,ARGV0, group);
144 /* Chrooting to the default directory */
145 if(Privsep_Chroot(dir) < 0)
147 ErrorExit(CHROOT_ERROR, ARGV0, dir);
151 /* Inside chroot now */
155 /* Setting the user */
156 if(Privsep_SetUser(uid) < 0)
158 ErrorExit(SETUID_ERROR, ARGV0, user);
163 /* Getting servers hostname */
164 memset(shost, '\0', 512);
165 if(gethostname(shost, 512 -1) != 0)
167 strncpy(shost, "localhost", 32);
173 /* Listing available agents. */
178 printf("\nOSSEC HIDS %s. List of available agents:",
180 printf("\n ID: 000, Name: %s (server), IP: 127.0.0.1, "
181 "Active/Local\n", shost);
185 printf("000,%s (server),127.0.0.1,Active/Local,\n", shost);
187 print_agents(1, active_only, csv_output);
194 /* Update rootcheck database. */
197 /* Cleaning all agents (and server) db. */
198 if(strcmp(agent_id, "all") == 0)
201 struct dirent *entry;
203 sys_dir = opendir(ROOTCHECK_DIR);
206 ErrorExit("%s: Unable to open: '%s'", ARGV0, ROOTCHECK_DIR);
209 while((entry = readdir(sys_dir)) != NULL)
212 char full_path[OS_MAXSTR +1];
214 /* Do not even attempt to delete . and .. :) */
215 if((strcmp(entry->d_name,".") == 0)||
216 (strcmp(entry->d_name,"..") == 0))
221 snprintf(full_path, OS_MAXSTR,"%s/%s", ROOTCHECK_DIR,
224 fp = fopen(full_path, "w");
229 if(entry->d_name[0] == '.')
236 printf("\n** Policy and auditing database updated.\n\n");
240 else if((strcmp(agent_id, "000") == 0) ||
241 (strcmp(agent_id, "local") == 0))
243 char final_dir[1024];
245 snprintf(final_dir, 1020, "/%s/rootcheck", ROOTCHECK_DIR);
247 fp = fopen(final_dir, "w");
253 printf("\n** Policy and auditing database updated.\n\n");
257 /* Database from remote agents. */
265 i = OS_IsAllowedID(&keys, agent_id);
268 printf("\n** Invalid agent id '%s'.\n", agent_id);
272 /* Deleting syscheck */
273 delete_rootcheck(keys.keyentries[i]->name,
274 keys.keyentries[i]->ip->ip, 0);
276 printf("\n** Policy and auditing database updated.\n\n");
282 /* Printing information from an agent. */
286 char final_ip[128 +1];
287 char final_mask[128 +1];
291 if((strcmp(agent_id, "000") == 0) ||
292 (strcmp(agent_id, "local") == 0))
295 printf("\nPolicy and auditing events for local system '%s - %s':\n",
298 print_rootcheck(NULL,
299 NULL, NULL, resolved_only, csv_output, show_last);
306 i = OS_IsAllowedID(&keys, agent_id);
309 printf("\n** Invalid agent id '%s'.\n", agent_id);
313 /* Getting netmask from ip. */
314 final_ip[128] = '\0';
315 final_mask[128] = '\0';
316 getNetmask(keys.keyentries[i]->ip->netmask,
318 snprintf(final_ip, 128, "%s%s",keys.keyentries[i]->ip->ip,
322 printf("\nPolicy and auditing events for agent "
324 keys.keyentries[i]->name, keys.keyentries[i]->id,
327 print_rootcheck(keys.keyentries[i]->name,
328 keys.keyentries[i]->ip->ip, NULL,
329 resolved_only, csv_output, show_last);
338 printf("\n** Invalid argument combination.\n");