Your IP : 172.28.240.42
| Current Path : /usr/sbin/ |
|
|
| Current File : //usr/sbin/update-aide.conf |
#!/bin/bash
# update-aide.conf(8) - Generate /var/lib/aide/aide.conf.autogenerated
# this has been mercilessly ripped from exim4's update-exim4.conf
UPAC_CONFDIR="/etc/aide"
UPAC_CONFD="$UPAC_CONFDIR/aide.conf.d"
UPAC_SETTINGSD="$UPAC_CONFDIR/aide.settings.d"
if [ -f /etc/default/aide ]; then
. /etc/default/aide
fi
UPAC_confdir="$UPAC_CONFDIR"
UPAC_confd="$UPAC_CONFD"
UPAC_settingsd="$UPAC_SETTINGSD"
UPAC_verbose=no
UPAC_comments=no
UPAC_autoconfigfile=/var/lib/aide/aide.conf.autogenerated
UPAC_outputfile="${UPAC_autoconfigfile}"
export UPAC_verbose
export UPAC_confdir
export UPAC_confd
export UPAC_settingsd
usage() {
cat <<EOF
$0 - Generate AIDE configuration files
Options:
-v|--verbose - Enable verbose mode, tell about ignored files
-h|--help - Show this message
--keepcomments - Do not remove comment lines
--removecomments - Remove comment lines
-o|--output file - write output to file instead of ${UPAC_outputfile}
-d|--confdir directory - read input from given directory instead of ${UPA4C_confdir}
-D|--confd directory - read config snippets from given directory instead of ${UPAC_confd}
-S|--settingsd directory - read settings snippets from given directory instead of ${UPAC_settingsd}
EOF
}
## Parse commandline
TEMP=$(getopt -n update-aide.conf \
-l keepcomments,removecomments,output:,confdir:,confd:,settingsd:,help,verbose -- \
+o:d:D:S:hv "$@")
if test "$?" != 0; then
echo "Terminating..." >&2
exit 1
fi
eval set -- ${TEMP}
while test "$1" != "--"; do
case $1 in
-h|--help)
usage
exit 0
;;
-v|--verbose)
UPAC_verbose=yes
;;
--keepcomments)
UPAC_comments=yes
;;
--removecomments)
UPAC_comments=no
;;
-o|--output)
shift
UPAC_outputfile="$1"
;;
-d|--confdir)
shift
UPAC_confdir="$1"
;;
-D|--confd)
shift
UPAC_confd="$1"
;;
-S|--settingsd)
shift
UPAC_settingsd="$1"
;;
esac
shift
done
shift
# No non-option arguments allowed.
if [ "$#" -ne 0 ]; then
echo "No non option arguments ($@) allowed" >&2
usage >&2
exit 1
fi
[ -d ${UPAC_confd} ] || \
{ printf "$0: Error, no ${UPAC_confd}, exiting.\n" 1>&2 ; exit 1 ; }
[ -d $(dirname $UPAC_outputfile) ] || \
{ printf "$0: Error, missing $(dirname $UPAC_outputfile), exiting.\n" 1>&2 ; exit 1 ; }
# run-parts emulation, stolen from Branden's /etc/X11/Xsession
# Addition: Use file.rul instead if file if it exists.
run_parts () {
# reset LC_COLLATE
unset LANG LC_COLLATE LC_ALL
if [ -z "$1" ]; then
errormessage "$0: internal run_parts called without an argument"
fi
if [ ! -d "$1" ]; then
errormessage "$0: internal run_parts called, but $1 does not exist or is not a directory."
fi
for F in $(ls $1); do
if expr "$F" : '[[:alnum:]_-]\+$' > /dev/null 2>&1; then
if [ -f "$1/$F" ] ; then
if [ -f "$1/${F}.rul" ] ; then
echo "$1/${F}.rul"
else
echo "$1/$F"
fi
fi
fi
done;
}
cat_parts() {
if [ -z "$1" ]; then
errormessage "$0: internal cat_parts called without an argument"
fi
if [ ! -d "$1" ]; then
errormessage "$0: internal cat_parts called, but $1 does not exist or is not a directory."
fi
for file in $(run_parts $1); do
if [ -x "$file" ]; then
echo "#####################################################"
echo "### output of invoking $file"
echo "#####################################################"
$file
echo
echo "#####################################################"
echo "### end of $file output"
echo "#####################################################"
else
echo "#####################################################"
echo "### $file"
echo "#####################################################"
cat $file
echo
echo "#####################################################"
echo "### end $file"
echo "#####################################################"
fi
done
}
removecomments(){
if [ "x${UPAC_comments}" = "xno" ] ; then
grep -E -v '^[[:space:]]*#' | sed -e '/^$/N;/\n$/D' ;
else
cat
fi
}
# also from Branden
errormessage () {
# pretty-print messages of arbitrary length (no trailing newline)
echo "$*" | fold -s -w ${COLUMNS:-80} >&2;
}
cat << EOF > ${UPAC_outputfile}.tmp
#########
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# this file is generated dynamically from /etc/aide/aide.conf and the files
# in /etc/aide/aide.conf.d
# Any changes you make here will be lost.
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
#########
EOF
(cat ${UPAC_confdir}/aide.conf 2>/dev/null; cat_parts ${UPAC_confd}) | \
removecomments | \
sed '\;^[=!/]; s;/;/@@{ROOTPREFIX};' \
>> ${UPAC_outputfile}.tmp
# test validity if called without -o
# this is not currently possible with AIDE (see bug #289171),
# but can be easily enabled with this (of course untested) example code
#if [ "x${UPAC_outputfile}" = "x${UPAC_autoconfigfile}" ] && \
# [ -x ${AIDE} ] ; then
# if ! ${AIDE} --config "${UPAC_outputfile}.tmp" > /dev/null ; then
# errormessage "Invalid new configfile ${UPAC_outputfile}.tmp"
# errormessage "not installing ${UPAC_outputfile}.tmp to ${UPAC_outputfile}"
# exit 1
# fi
#fi
mv -f ${UPAC_outputfile}.tmp ${UPAC_outputfile}