1 /* Copyright (C) 2009 Trend Micro Inc.
4 * This program is a free software; you can redistribute it
5 * and/or modify it under the terms of the GNU General Public
6 * License (version 2) as published by the FSF - Free Software
10 #include "addagent/manage_agents.h"
14 #define ARGV0 "syscheck_update"
17 static void helpmsg(void) __attribute__((noreturn));
22 printf("\nOSSEC HIDS %s: Updates (clears) the integrity check database.\n", ARGV0);
23 printf("Available options:\n");
24 printf("\t-h This help message.\n");
25 printf("\t-l List available agents.\n");
26 printf("\t-a Update (clear) syscheck database for all agents.\n");
27 printf("\t-u <id> Update (clear) syscheck database for a specific agent.\n");
28 printf("\t-u local Update (clear) syscheck database locally.\n\n");
32 int main(int argc, char **argv)
34 const char *dir = DEFAULTDIR;
35 const char *group = GROUPGLOBAL;
36 const char *user = USER;
48 /* Get the group name */
49 gid = Privsep_GetGroup(group);
50 uid = Privsep_GetUser(user);
51 if (uid == (uid_t) - 1 || gid == (gid_t) - 1) {
52 ErrorExit(USER_ERROR, ARGV0, user, group);
56 if (Privsep_SetGroup(gid) < 0) {
57 ErrorExit(SETGID_ERROR, ARGV0, group, errno, strerror(errno));
60 /* Chroot to the default directory */
61 if (Privsep_Chroot(dir) < 0) {
62 ErrorExit(CHROOT_ERROR, ARGV0, dir, errno, strerror(errno));
65 /* Inside chroot now */
69 if (Privsep_SetUser(uid) < 0) {
70 ErrorExit(SETUID_ERROR, ARGV0, user, errno, strerror(errno));
74 if (strcmp(argv[1], "-h") == 0) {
76 } else if (strcmp(argv[1], "-l") == 0) {
77 printf("\nOSSEC HIDS %s: Updates the integrity check database.",
79 print_agents(0, 0, 0, 0);
82 } else if (strcmp(argv[1], "-u") == 0) {
84 printf("\n** Option -u requires an extra argument\n");
87 } else if (strcmp(argv[1], "-a") == 0) {
91 sys_dir = opendir(SYSCHECK_DIR);
93 ErrorExit("%s: Unable to open: '%s'", ARGV0, SYSCHECK_DIR);
96 while ((entry = readdir(sys_dir)) != NULL) {
98 char full_path[OS_MAXSTR + 1];
100 /* Do not even attempt to delete . and .. :) */
101 if ((strcmp(entry->d_name, ".") == 0) ||
102 (strcmp(entry->d_name, "..") == 0)) {
106 snprintf(full_path, OS_MAXSTR, "%s/%s", SYSCHECK_DIR, entry->d_name);
108 fp = fopen(full_path, "w");
112 if (entry->d_name[0] == '.') {
118 printf("\n** Integrity check database updated.\n\n");
121 printf("\n** Invalid option '%s'.\n", argv[1]);
126 if (strcmp(argv[2], "local") == 0) {
127 char final_dir[1024];
129 snprintf(final_dir, 1020, "/%s/syscheck", SYSCHECK_DIR);
131 fp = fopen(final_dir, "w");
137 /* Delete cpt file */
138 snprintf(final_dir, 1020, "/%s/.syscheck.cpt", SYSCHECK_DIR);
140 fp = fopen(final_dir, "w");
144 /* unlink(final_dir); */
147 /* External agents */
154 i = OS_IsAllowedID(&keys, argv[2]);
156 printf("\n** Invalid agent id '%s'.\n", argv[2]);
160 /* Delete syscheck */
161 delete_syscheck(keys.keyentries[i]->name, keys.keyentries[i]->ip->ip, 0);
164 printf("\n** Integrity check database updated.\n\n");