Blame contrib/gpg_update.sh
|
Packit Service |
5e8d2a |
#!/bin/bash
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
# $Id$
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
# aide update script
|
|
Packit Service |
5e8d2a |
# Written by: charlie heselton
|
|
Packit Service |
5e8d2a |
# Email: echo "hfouvyAdpy/ofu" | perl -pe 's/(.)/chr(ord($1)-1)/ge'
|
|
Packit Service |
5e8d2a |
# 09/23/2005
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
DBDIR="/etc/aide/db"
|
|
Packit Service |
5e8d2a |
DBFILE="${DBDIR}/aide.db"
|
|
Packit Service |
5e8d2a |
ENC_DBFILE="${DBDIR}/aide.db.gpg"
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
# make the assumption that the database exists and is encrypted
|
|
Packit Service |
5e8d2a |
# but test for it ;-)
|
|
Packit Service |
5e8d2a |
[[ -f ${ENC_DBFILE} ]] && /usr/bin/gpg --batch -d ${ENC_DBFILE} > ${DBFILE}
|
|
Packit Service |
5e8d2a |
rm -f ${ENC_DBFILE}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
# (for now, we'll assume that encrypting the file includes an integrity check )
|
|
Packit Service |
5e8d2a |
# Run the update.
|
|
Packit Service |
5e8d2a |
/usr/bin/aide --update > /tmp/aide_update.out 2>&1
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
# mail out the results
|
|
Packit Service |
5e8d2a |
# set the "Reply-to" address
|
|
Packit Service |
5e8d2a |
REPLYTO="root@charlesheselton.no-ip.org"
|
|
Packit Service |
5e8d2a |
export REPLYTO
|
|
Packit Service |
5e8d2a |
# send the mail
|
|
Packit Service |
5e8d2a |
/usr/bin/cat /tmp/aide_update.out | /usr/bin/mutt -s "AIDE Update for `date`" your_valid_email@somewhere.com
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
# cleanup
|
|
Packit Service |
5e8d2a |
# if the mailing was successful then delete the output file
|
|
Packit Service |
5e8d2a |
if [ $? -eq 0 ]
|
|
Packit Service |
5e8d2a |
then
|
|
Packit Service |
5e8d2a |
rm -f /tmp/aide_update.out
|
|
Packit Service |
5e8d2a |
fi
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
# move the aide.db.new file to the aide.db
|
|
Packit Service |
5e8d2a |
mv ${DBDIR}/aide.db.new ${DBFILE}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
# encrypt the new db file and remove the unencrypted version
|
|
Packit Service |
5e8d2a |
/usr/bin/gpg --batch -se -r gentoo_root ${DBFILE}
|
|
Packit Service |
5e8d2a |
rm -f ${DBFILE}
|