2014-08-26 17:33:55 +02:00
|
|
|
#!/bin/sh
|
|
|
|
|
|
|
|
#################################################################################
|
|
|
|
#
|
|
|
|
# Lynis
|
|
|
|
# ------------------
|
|
|
|
#
|
2015-01-30 19:58:00 +01:00
|
|
|
# Copyright 2007-2015, Michael Boelen (michael.boelen@cisofy.com), CISOfy
|
|
|
|
# Web site: https://cisofy.com
|
2014-08-26 17:33:55 +02:00
|
|
|
#
|
|
|
|
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
|
|
|
# welcome to redistribute it under the terms of the GNU General Public License.
|
|
|
|
# See LICENSE file for usage of this software.
|
|
|
|
#
|
|
|
|
#################################################################################
|
|
|
|
#
|
|
|
|
# Data upload
|
|
|
|
#
|
|
|
|
#################################################################################
|
|
|
|
#
|
|
|
|
# logtextbreak
|
|
|
|
PROGRAM_VERSION="101"
|
2014-12-05 12:06:41 +01:00
|
|
|
|
|
|
|
|
2015-02-03 18:26:30 +01:00
|
|
|
# Data upload destination
|
|
|
|
if [ "${UPLOAD_SERVER}" = "" ]; then
|
|
|
|
UPLOAD_SERVER="cisofy.com"
|
|
|
|
fi
|
|
|
|
UPLOAD_URL="https://${UPLOAD_SERVER}/upload/"
|
|
|
|
|
|
|
|
logtext "Upload server: ${UPLOAD_SERVER}"
|
2014-12-05 12:06:41 +01:00
|
|
|
logtext "URL to upload to: ${UPLOAD_URL}"
|
|
|
|
|
2015-02-03 18:26:30 +01:00
|
|
|
# License server (set to upload server if not configured)
|
|
|
|
if [ "${LICENSE_SERVER}" = "" ]; then
|
|
|
|
LICENSE_SERVER="${UPLOAD_SERVER}"
|
|
|
|
fi
|
|
|
|
LICENSE_SERVER_URL="https://${LICENSE_SERVER}/license/"
|
|
|
|
|
|
|
|
logtext "License server: ${LICENSE_SERVER}"
|
|
|
|
|
|
|
|
|
2014-08-26 17:33:55 +02:00
|
|
|
# Additional options to curl
|
2015-01-30 19:58:00 +01:00
|
|
|
if [ "${UPLOAD_OPTIONS}" = "" ]; then
|
|
|
|
CURL_OPTIONS=""
|
|
|
|
else
|
|
|
|
CURL_OPTIONS="${UPLOAD_OPTIONS}"
|
|
|
|
fi
|
2014-08-26 17:33:55 +02:00
|
|
|
SETTINGS_FILE="${PROFILE}"
|
|
|
|
|
|
|
|
# Only output text to stdout if DEBUG mode is not used
|
|
|
|
output()
|
|
|
|
{
|
|
|
|
if [ ${DEBUG} -eq 1 ]; then echo "$1"; fi
|
|
|
|
}
|
|
|
|
|
|
|
|
#####################################################################################
|
|
|
|
#
|
|
|
|
# SYSTEM CHECKS
|
|
|
|
#
|
|
|
|
#####################################################################################
|
|
|
|
|
|
|
|
output "Lynis Enterprise data uploader starting"
|
|
|
|
output "Settings file: ${SETTINGS_FILE}"
|
|
|
|
|
|
|
|
# Check if we can find curl
|
|
|
|
# Suggestion: If you want to keep the system hardened, copying the binary from a trusted source is a good alternative.
|
|
|
|
# Restrict access to this binary to the user who is running this script.
|
|
|
|
if [ "${CURLBINARY}" = "" ]; then
|
|
|
|
echo "Fatal: can't find curl binary. Please install the related package or put the binary in the PATH. Quitting.."
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Extra the license key from the settings file
|
|
|
|
if [ "${LICENSE_KEY}" = "" ]; then
|
|
|
|
echo "Fatal: no license key found. Quitting.."
|
2015-01-30 19:58:00 +01:00
|
|
|
ExitFatal
|
2014-08-26 17:33:55 +02:00
|
|
|
else
|
|
|
|
output "License key = ${LICENSE_KEY}"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
#####################################################################################
|
|
|
|
#
|
|
|
|
# JOB CONTROL
|
|
|
|
#
|
|
|
|
#####################################################################################
|
|
|
|
|
|
|
|
# Check report file
|
|
|
|
if [ -f ${REPORTFILE} ]; then
|
|
|
|
output "${WHITE}Report file found.${NORMAL} Starting with connectivity check.."
|
|
|
|
# Quit if license is not valid, to reduce load on both client and server.
|
2015-02-03 18:26:30 +01:00
|
|
|
UPLOAD=`${CURLBINARY} ${CURL_OPTIONS} -s -S --data-urlencode "licensekey=${LICENSE_KEY}" --data-urlencode "collector_version=${PROGRAM_VERSION}" ${LICENSE_SERVER_URL}`
|
2014-08-26 17:33:55 +02:00
|
|
|
UPLOAD_CODE=`echo ${UPLOAD} | head -n 1 | awk '{ if ($1=="Response") { print $2 }}'`
|
|
|
|
if [ "${UPLOAD_CODE}" = "100" ]; then
|
2014-12-05 12:06:41 +01:00
|
|
|
output "${WHITE}License is valid${NORMAL}"
|
|
|
|
logtext "Result: License is valid"
|
2014-08-26 17:33:55 +02:00
|
|
|
else
|
2014-12-05 12:06:41 +01:00
|
|
|
echo "${RED}Fatal error: ${WHITE}This license key can not be checked, or has been expired. Please contact support@cisofy.com.${NORMAL}"
|
|
|
|
logtext "License check failed. This might have different causes:"
|
|
|
|
logtext "- Connection with license server could not be established"
|
|
|
|
logtext "- Collector version of Lynis version outdated"
|
|
|
|
logtext "- License expired"
|
|
|
|
logtext "- No credits left"
|
2014-08-26 17:33:55 +02:00
|
|
|
output "Debug information: ${UPLOAD}"
|
|
|
|
# Quit
|
|
|
|
ExitClean
|
|
|
|
fi
|
|
|
|
# Extract the hostid from the parse file
|
|
|
|
HOSTID=`cat ${REPORTFILE} | grep "^hostid=" | awk -F= '{ print $2 }'`
|
|
|
|
if [ ! "${HOSTID}" = "" ]; then
|
|
|
|
output "${WHITE}Found hostid: ${HOSTID}${NORMAL}"
|
|
|
|
# Try to connect
|
|
|
|
output "Uploading data.."
|
2014-12-05 12:06:41 +01:00
|
|
|
UPLOAD=`${CURLBINARY} ${CURL_OPTIONS} -s -S --data-urlencode "data@${REPORTFILE}" --data-urlencode "licensekey=${LICENSE_KEY}" --data-urlencode "hostid=${HOSTID}" ${UPLOAD_URL}`
|
2014-08-26 17:33:55 +02:00
|
|
|
UPLOAD_CODE=`echo ${UPLOAD} | head -n 1 | awk '{ print $2 }'`
|
|
|
|
output "Output code from upload: ${UPLOAD_CODE}"
|
|
|
|
if [ "${UPLOAD_CODE}" = "100" ]; then
|
|
|
|
output "${GREEN}Data uploaded successfully${NORMAL}"
|
|
|
|
else
|
|
|
|
echo "${RED}Error occured, please check documentation for code ${UPLOAD_CODE}.${NORMAL}"
|
2015-02-03 18:26:30 +01:00
|
|
|
echo "Command used: ${CURLBINARY} ${CURL_OPTIONS} -s -S --data-urlencode \"data@${REPORTFILE}\" --data-urlencode \"licensekey=${LICENSE_KEY}\" --data-urlencode \"hostid=${HOSTID}\" ${UPLOAD_URL}"
|
2014-08-26 17:33:55 +02:00
|
|
|
output "Debug:"
|
|
|
|
output ${UPLOAD}
|
|
|
|
# Quit
|
|
|
|
ExitClean
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
echo "${RED}Fatal error${NORMAL}: No hostid found in report file. Can not upload report file."
|
|
|
|
# Quit
|
|
|
|
ExitClean
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
output "${YELLOW}No report file found to upload.${NORMAL}"
|
|
|
|
fi
|
|
|
|
|
|
|
|
#
|
|
|
|
#================================================================================
|
2015-01-03 12:45:22 +01:00
|
|
|
# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|