1 /* Copyright (C) 2009 Trend Micro Inc.
4 * This program is a free software; you can redistribute it
5 * and/or modify it under the terms of the GNU General Public
6 * License (version 2) as published by the FSF - Free Software
12 #include "config/config.h"
15 static char *SYSCHECK_EMPTY[] = { NULL };
19 int Read_Syscheck_Config(const char *cfgfile)
25 syscheck.rootcheck = 0;
26 syscheck.disabled = 0;
27 syscheck.skip_nfs = 0;
28 syscheck.scan_on_start = 1;
29 syscheck.time = SYSCHECK_WAIT * 2;
30 syscheck.ignore = NULL;
31 syscheck.ignore_regex = NULL;
32 syscheck.nodiff = NULL;
33 syscheck.nodiff_regex = NULL;
34 syscheck.scan_day = NULL;
35 syscheck.scan_time = NULL;
38 syscheck.realtime = NULL;
40 syscheck.registry = NULL;
41 syscheck.reg_fp = NULL;
43 syscheck.prefilter_cmd = NULL;
45 debug2("%s: Reading Configuration [%s]", "syscheckd", cfgfile);
48 if (ReadConfig(modules, cfgfile, &syscheck, NULL) < 0) {
53 debug2("%s: Reading Client Configuration [%s]", "syscheckd", cfgfile);
55 /* Read shared config */
56 modules |= CAGENT_CONFIG;
57 ReadConfig(modules, AGENTCONFIG, &syscheck, NULL);
61 /* We must have at least one directory to check */
62 if (!syscheck.dir || syscheck.dir[0] == NULL) {
66 /* We must have at least one directory or registry key to check. Since
67 it's possible on Windows to have syscheck enabled but only monitoring
68 either the filesystem or the registry, both lists must be valid,
72 syscheck.dir = SYSCHECK_EMPTY;
74 if (!syscheck.registry) {
75 syscheck.registry = SYSCHECK_EMPTY;
77 if ((syscheck.dir[0] == NULL) && (syscheck.registry[0] == NULL)) {