blob: 6ecd8988c1e78c50f27d35f243ccdd183ffb1869 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
#!/bin/sh
#########################################################################
#
# Builds Lynis distribution
#
# Usage: this script creates Lynis builds
#
# *** NOTE ***
# This script is not fully functional yet, several options like digital
# signing, RPM/DEB package creation are missing.
#
#########################################################################
#
# Options:
# Umask used when creating files/directories
OPTION_UMASK="027"
# Directory name used to create package related directories (like /usr/local/include/lynis)
OPTION_PACKAGE_DIRNAME="lynis"
# Binary to test
OPTION_BINARY_FILE="../lynis"
#
#########################################################################
#
# Functions:
# Clean temporary files up
CleanUp()
{
if [ ! ${TMPDIR} = "" -a -d ${TMPDIR} ]; then
rm -rf ${TMPDIR}
fi
}
#
#########################################################################
#
# Clean files up if we get interrupted
trap CleanUp INT
#
#########################################################################
#
# Set umask
echo -n "- Setting umask to ${OPTION_UMASK} "
umask ${OPTION_UMASK}
if [ $? -eq 0 ]; then
echo "OK"
else
echo "BAD"
exit 1
fi
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# Build root
echo -n "- Creating BUILDROOT "
TMPDIR=`mktemp -d /tmp/lynis-BUILDROOT.XXXX`
if [ $? -eq 0 ]; then
echo "OK"
echo " BUILDROOT: ${TMPDIR}"
else
echo "BAD"
exit 1
fi
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# Test script for errors
echo -n "- Test Lynis script "
# Is file there?
if [ ! -f ${OPTION_BINARY_FILE} ]; then echo "BAD (can't find ${OPTION_BINARY_FILE})"; exit 1; fi
# Check script
FIND=`sh -n ${OPTION_BINARY_FILE} ; echo $?`
if [ $FIND -eq 0 ]; then
echo "OK"
else
echo "BAD"
fi
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# Create SHA1 hashes
echo -n "- Create SHA1 hashes "
SHA1HASH_LYNIS=`grep -v '^#' ${OPTION_BINARY_FILE} | sha1`
echo "DONE"
echo " Lynis (SHA1): ${SHA1HASH_LYNIS}"
# Add hashes to script
echo -n "- Injecting SHA1 hash into Lynis script "
echo "-NOT DONE-"
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
echo -n "- Cleaning up OpenBSD package build... "
if [ -f openbsd/+CONTENTS ]; then rm openbsd/+CONTENTS; fi
echo "DONE"
OPENBSD_CONTENTS="openbsd/+CONTENTS"
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
echo -n "- Creating MD5 hashes..."
PACKAGE_LIST_FILES=`cat files.dat | grep "^file:" | cut -d ':' -f3`
for I in ${PACKAGE_LIST_FILES}; do
echo -n "${I} "
#FULLNAME=`cat files.dat | grep ":file:include:
#echo "${FULLNAME}" >> ${OPENBSD_CONTENTS}
echo "${I}" >> ${OPENBSD_CONTENTS}
FILE="../${I}"
MD5HASH=`md5 -q ${FILE}`
echo "@md5 ${MD5HASH}" >> ${OPENBSD_CONTENTS}
echo "@size 0000" >> ${OPENBSD_CONTENTS}
done
echo ""
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
echo -n "- Cleaning up... "
# Clean up our mess
CleanUp
echo "DONE"
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# The End!
|