source: trunk/scripts/samhainrc_update.sh@ 73

Last change on this file since 73 was 29, checked in by rainer, 19 years ago

Fixes for test suite, OpenBSD portability, self-resolving, and suidchk patch by Neil

File size: 7.2 KB
RevLine 
[29]1#! /bin/sh
[1]2
[29]3# -----------------------------------------------------------------------
4# The default configuration file
5# -----------------------------------------------------------------------
[1]6
[29]7cfgfile="/etc/samhainrc"
[1]8
[29]9# -----------------------------------------------------------------------
10# Be Bourne compatible
11# -----------------------------------------------------------------------
[1]12
[29]13if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
14 emulate sh
15 NULLCMD=:
16elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then
17 set -o posix
18fi
[1]19
[29]20programname="$0"
21sysmap=
[1]22
[29]23# -----------------------------------------------------------------------
24# Print help
25# -----------------------------------------------------------------------
[1]26
[29]27showhelp() {
28 echo
29 echo "$programname - update samhain config file after kernel update"
30 echo
31 echo "OPTIONS:"
32 echo
33 echo " -u|--update </path/to/System.map>"
34 echo " Update the configuration file with new"
35 echo " settings as taken from </path/to/System.map>"
36 echo
37 echo " -c|--config-file </path/to/config-file>"
38 echo " Specify the configuration file to update [${cfgfile}]"
39 echo
40 echo " -p|--print-only </path/to/System.map>"
41 echo " Print new settings, don't modify anything"
42 echo
43 echo " -h|--help"
44 echo " Print this help"
45 echo
46 echo " -n|--nocolor"
47 echo " (ignored, legacy support)"
48 echo
49}
[1]50
51
[29]52# -----------------------------------------------------------------------
53# Death strikes
54# -----------------------------------------------------------------------
[1]55
[29]56die() {
57 echo ${1+"$@"} >&2
58 { (exit 1); exit 1; }
59}
[1]60
[29]61# -----------------------------------------------------------------------
62# Get new settings from </path/to/System.map>
63# -----------------------------------------------------------------------
[1]64
[29]65system_call=
66syscall_table=
67proc_root=
68proc_root_inode_operations=
69proc_root_lookup=
[1]70
[29]71get_new_settings() {
[1]72
[29]73 if [ -z "$sysmap" ]; then
74 die "No System.map specified"
75 fi
76 if [ -f "$sysmap" ]; then
77 if [ -r "$sysmap" ]; then
78 system_call=`egrep '[[:alnum:]]{8}[[:space:]]+[[:alpha:]]{1}[[:space:]]+system_call$' ${sysmap} | awk '{ print $1 }'`
79 syscall_table=`egrep '[[:alnum:]]{8}[[:space:]]+[[:alpha:]]{1}[[:space:]]+sys_call_table$' ${sysmap} | awk '{ print $1 }'`
80 proc_root=`egrep '[[:alnum:]]{8}[[:space:]]+[[:alpha:]]{1}[[:space:]]+proc_root$' ${sysmap} | awk '{ print $1 }'`
81 proc_root_inode_operations=`egrep '[[:alnum:]]{8}[[:space:]]+[[:alpha:]]{1}[[:space:]]+proc_root_inode_operations$' ${sysmap} | awk '{ print $1 }'`
82 proc_root_lookup=`egrep '[[:alnum:]]{8}[[:space:]]+[[:alpha:]]{1}[[:space:]]+proc_root_lookup$' ${sysmap} | awk '{ print $1 }'`
83 else
84 die "System.map ${sysmap} not readable"
85 fi
86 else
87 die "System.map ${sysmap} not found"
88 fi
89 test -z "${system_call}" && die "system_call not found in ${cfgfile}"
90 test -z "${syscall_table}" && die "sys_call_table not found in ${cfgfile}"
91 test -z "${proc_root}" && die "proc_root not found in ${cfgfile}"
92 test -z "${proc_root_inode_operations}" && die "proc_root_inode_operations not found in ${cfgfile}"
93 test -z "${proc_root_lookup}" && die "proc_root_lookup not found in ${cfgfile}"
[1]94
[29]95}
[1]96
[29]97# -----------------------------------------------------------------------
98# Print new settings
99# -----------------------------------------------------------------------
100
101run_print() {
102 get_new_settings
103 echo
104 echo "KernelSystemCall = 0x${system_call}"
105 echo "KernelSyscallTable = 0x${syscall_table}"
106 echo "KernelProcRoot = 0x${proc_root}"
107 echo "KernelProcRootIops = 0x${proc_root_inode_operations}"
108 echo "KernelProcRootLookup = 0x${proc_root_lookup}"
109 echo
[1]110}
111
[29]112# -----------------------------------------------------------------------
113# Replace a setting
114# -----------------------------------------------------------------------
[1]115
[29]116# set ignorecase
117# search pattern
118# delete current line
119# insert
120# single dot == end of insert text
121# save and exit
[1]122
[29]123run_replace() {
124 item="$1"
125 address="$2"
126 ex -s "$cfgfile" <<EOF
127:set ic
128:/^[[:blank:]]*$1[[:blank:]]*=
129:d
130:i
131$item = $address
132.
133:x
134EOF
[1]135}
136
[29]137# -----------------------------------------------------------------------
138# Add a setting
139# -----------------------------------------------------------------------
[1]140
[29]141# set ignorecase
142# search pattern ([Kernel] section)
143# append (next line)
144# single dot == end of insert text
145# save and exit
[1]146
[29]147run_add() {
148 item="$1"
149 address="$2"
150 ex -s "$cfgfile" <<EOF
151:set ic
152:/^[[:space:]]*\[Kernel\]
153:a
154$item = $address
155.
156:x
157EOF
158}
[1]159
[29]160# -----------------------------------------------------------------------
161# Update with new settings
162# -----------------------------------------------------------------------
[1]163
[29]164run_update() {
[1]165
[29]166 get_new_settings
[1]167
[29]168 if [ -z "$cfgfile" ]; then
169 die "No configuration file specified"
170 fi
171 if [ ! -w "$cfgfile" ]; then
172 die "Configuration file ${cfgfile} not writeable"
173 fi
174 egrep '^[[:space:]]*\[Kernel\]' "$cfgfile" >/dev/null
175 if [ $? -ne 0 ]; then
176 die "No [Kernel] section in configuration file $cfgfile"
177 fi
[1]178
[29]179 cat "$cfgfile" | egrep -i 'KernelProcRootLookup' >/dev/null
180 if [ $? -eq 0 ]; then
181 run_replace 'KernelProcRootLookup' "0x${proc_root_lookup}"
182 else
183 run_add 'KernelProcRootLookup' "0x${proc_root_lookup}"
184 fi
185
186 cat "$cfgfile" | egrep -i 'KernelProcRootIops' >/dev/null
187 if [ $? -eq 0 ]; then
188 run_replace 'KernelProcRootIops' "0x${proc_root_inode_operations}"
189 else
190 run_add 'KernelProcRootIops' "0x${proc_root_inode_operations}"
191 fi
[1]192
[29]193 cat "$cfgfile" | egrep -i 'KernelProcRoot[[:space:]]*=' >/dev/null
194 if [ $? -eq 0 ]; then
195 run_replace 'KernelProcRoot' "0x${proc_root}"
196 else
197 run_add 'KernelProcRoot' "0x${proc_root}"
198 fi
199
200 cat "$cfgfile" | egrep -i 'KernelSyscallTable' >/dev/null
201 if [ $? -eq 0 ]; then
202 run_replace 'KernelSyscallTable' "0x${syscall_table}"
203 else
204 run_add 'KernelSyscallTable' "0x${syscall_table}"
205 fi
206
207 cat "$cfgfile" | egrep -i 'KernelSystemCall' >/dev/null
208 if [ $? -eq 0 ]; then
209 run_replace 'KernelSystemCall' "0x${system_call}"
210 else
211 run_add 'KernelSystemCall' "0x${system_call}"
212 fi
213
[1]214}
215
[29]216# -----------------------------------------------------------------------
217# Parse command line
218# -----------------------------------------------------------------------
[1]219
[29]220sysmap=
221action=
[1]222
[29]223for option
224do
225
226 # If the previous option needs an argument, assign it.
227 #
228 if test -n "$opt_prev"; then
229 eval "$opt_prev=\$option"
230 eval export "$opt_prev"
231 opt_prev=
232 continue
[1]233 fi
234
[29]235 case "$option" in
236 -*=*)
237 optarg=`echo "$option" | sed 's/[-_a-zA-Z0-9]*=//'`
238 ;;
239 *)
240 optarg=
241 ;;
242 esac
[1]243
[29]244 case "$option" in
[1]245
[29]246 -h|--help)
247 showhelp
248 exit 0
249 ;;
[1]250
[29]251 -n|--nocolor)
252 ;;
[1]253
[29]254 -c|--config-file)
255 opt_prev=cfgfile
256 ;;
[1]257
[29]258 -c=* | --config-file=*)
259 cfgfile="$optarg"
260 ;;
[1]261
[29]262 -p|--print-only)
263 opt_prev=sysmap
264 action=p
265 ;;
[1]266
267
[29]268 -p=* | --print-only=*)
269 sysmap="$optarg"
270 action=p
271 ;;
272
273 -u|--update)
274 opt_prev=sysmap
275 action=u
276 ;;
[1]277
[29]278 -u=* | --update=*)
279 sysmap="$optarg"
280 action=u
281 ;;
[1]282
[29]283 esac
[1]284
[29]285done
[1]286
[29]287if [ x"$action" = xp ]; then
288 run_print
289 exit 0
[1]290fi
[29]291if [ x"$action" = xu ]; then
292 run_update
293 exit 0
294fi
[1]295
[29]296showhelp
297exit 1
Note: See TracBrowser for help on using the repository browser.