mirror of
				https://github.com/pandorafms/pandorafms.git
				synced 2025-10-25 01:24:05 +02:00 
			
		
		
		
	
		
			
				
	
	
		
			210 lines
		
	
	
		
			4.6 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
			
		
		
	
	
			210 lines
		
	
	
		
			4.6 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
| #!/bin/bash
 | |
| 
 | |
| # Pandora FMS Integrity Check v1.0
 | |
| # (c) 2014-2023 Pandora FMSTeam
 | |
| #
 | |
| # This script is used to generate a MD5 hash of each relevant file
 | |
| # in a Pandora FMS, including server and console files. It supports
 | |
| # a mode to "check" using the output of a previous execution.
 | |
| 
 | |
| UNIXTIME=`date +%s`
 | |
| HUMANDATE=`date +%d-%m-%y-%s`
 | |
| OUTPUT=integrity_check_`date +%d-%m-%y-%s`.data
 | |
| 
 | |
| echo "Pandora FMS Integrity Check tool v1.0"
 | |
| echo "(c) Pandora FMS Development Team 2014-2015"
 | |
| echo " "
 | |
| 
 | |
| if [ $# -lt 2 ]
 | |
| then
 | |
| 	echo "Syntax:"
 | |
| 	echo " "
 | |
| 	echo "integrity_chech new|check|compare [<path_to_console>] [<path_to_integrity_file>] [<path_to_integrity_file_2>]"
 | |
| 	echo " "
 | |
| 	echo "  If mode 'check' is selected, it will require a integrity file (generated by this tool) to check it against current setup. If mode 'compare' is selected, it wil require two integrity files, and will report differences between them"
 | |
| 	echo " "
 | |
| 	exit -1
 | |
| fi
 | |
| 
 | |
| CONSOLE_PATH=$2
 | |
| INTEGRITY_FILE=$3
 | |
| INTEGRITY_REPORT=$INTEGRITY_FILE.report
 | |
| MODE=$1
 | |
| ERROR=0
 | |
| 
 | |
| if [ ! -d "$CONSOLE_PATH" ] && [ "$MODE" != "compare" ]
 | |
| then
 | |
| 	echo "Error: Console path doesn't exist"
 | |
| 	exit -1
 | |
| fi
 | |
| 
 | |
| if [ "$MODE" == "compare" ]
 | |
| then
 | |
| 	FILE1=$2
 | |
| 	FILE2=$3
 | |
| 
 | |
| 	if [ ! -f "$FILE1" ] || [ ! -f "$FILE2" ]
 | |
| 	then
 | |
| 		echo "Error, at least one of the integrity files provided not found"
 | |
| 		exit -1
 | |
| 	fi
 | |
| 
 | |
| 	IFS="
 | |
| "
 | |
| 	COUNTER=0
 | |
| 	for a in `cat $FILE1 | grep -v "^#"`
 | |
| 	do
 | |
| 		if [ $COUNTER -eq 0 ]
 | |
| 		then
 | |
| 			echo -ne "\b|"
 | |
| 		fi
 | |
| 
 | |
| 		if [ $COUNTER -eq 1 ]
 | |
|                 then
 | |
|                         echo -ne "\b/"
 | |
|                 fi
 | |
| 
 | |
| 		if [ $COUNTER -eq 2 ]
 | |
|                 then
 | |
|                         echo -ne "\b-"
 | |
|                 fi
 | |
| 		if [ $COUNTER -eq 3 ]
 | |
|                 then
 | |
|                         echo -ne "\b\\"
 | |
| 			COUNTER=-1
 | |
|                 fi
 | |
| 		
 | |
| 		COUNTER=`expr $COUNTER + 1`
 | |
| 
 | |
| 		F1=`echo $a | awk '{ print $2 }'`
 | |
| 		M1=`echo $a | awk '{ print $1 }'`
 | |
| 
 | |
| 		BUF=`cat $FILE2 | grep "$F1\$"`
 | |
| 		if [ -z "$BUF" ]
 | |
| 		then
 | |
| 			echo " "
 | |
| 			echo "[MISS] $F1 is not present in $FILE2"
 | |
| 		else
 | |
| 			M2=`echo $BUF | awk '{ print $1 }'`
 | |
| 			if [ "$M2" != "$M1" ]
 | |
| 			then
 | |
| 				echo " "
 | |
| 				echo "[DIFF] $F1 has changed"   
 | |
| 			fi
 | |
| 		fi
 | |
| 	done	
 | |
| 
 | |
| fi
 | |
| 
 | |
| if [ "$MODE" == "check" ]
 | |
| then
 | |
| 	if [ ! -f "$INTEGRITY_FILE" ]
 | |
| 	then
 | |
| 		echo "Error: Integrity file to check not found"
 | |
| 		exit -1
 | |
| 	fi
 | |
| 
 | |
| 	IFS="
 | |
| "
 | |
| 
 | |
| 	cat /dev/null > $INTEGRITY_REPORT
 | |
| 	echo "#Pandora FMS Integrity Check REPORT generated at $HUMANDATE at `hostname` by $USER" >> $INTEGRITY_REPORT
 | |
| 	echo "Checking file integrity in $INTEGRITY_FILE."
 | |
| 
 | |
| 	for ax in `cat $INTEGRITY_FILE | grep -v "^#"`
 | |
| 	do
 | |
| 	
 | |
| 		md5=`echo $ax | awk '{ print $1 }'`
 | |
| 		file=`echo $ax | awk '{ print $2 }'`
 | |
| 
 | |
| 		if [ -f "$file" ]
 | |
| 		then
 | |
| 			md5_v2=`md5sum $file | awk '{ print $1 }'`
 | |
| 			if [ "$md5_v2" != "$md5" ]
 | |
| 			then
 | |
| 				echo "[ERR] $file -- MD5 CHECKSUM ERROR" >> $INTEGRITY_REPORT
 | |
| 				ERROR=`expr $ERROR + 1`
 | |
| 				echo -n "e"
 | |
| 			else
 | |
| 				echo "[ ok] $file -- OK" >> $INTEGRITY_REPORT
 | |
| 				echo -n "."
 | |
| 			fi
 | |
| 		else
 | |
| 			echo "[ERR] $file -- FILE MISSING in current target" >> $INTEGRITY_REPORT
 | |
| 			ERROR=`expr $ERROR + 1`
 | |
| 			echo -n "m"
 | |
| 		fi
 | |
| 	done
 | |
| 	echo " "
 | |
| 	if [ $ERROR -gt 0 ]
 | |
| 	then
 | |
| 		echo "WARNING: Some discrepancies has been found. Check the Integrity report"
 | |
| 	else
 | |
| 		echo "Everything seems to be OK, no changes detected!"
 | |
| 	fi
 | |
| 
 | |
| 	echo "Done. Report is in $INTEGRITY_REPORT"
 | |
| 	exit 0
 | |
| fi
 | |
| 
 | |
| if [ "$MODE" == "new" ]
 | |
| then
 | |
| 
 | |
| 	echo " "
 | |
| 	# Begin CREATION of a new Integrity Check File
 | |
| 
 | |
| 	cat /dev/null > $OUTPUT
 | |
| 	echo "#Pandora FMS Integrity Check generated at $HUMANDATE at `hostname` by $USER" >> $OUTPUT
 | |
| 	echo "Creating integrity check of Pandora FMS Console files"
 | |
| 	for ax in `find $CONSOLE_PATH -name "*.php" -o -name "*.js" -o -name "*.css" -o -name "*.sql"`
 | |
| 	do
 | |
| 		bx=`md5sum $ax`
 | |
| 		echo $bx >>$OUTPUT
 | |
| 		echo -n "."
 | |
| 	done
 | |
| 	echo " "
 | |
| 	echo "Creating integrity check of Pandora FMS server files"
 | |
| 	for ax in `find /usr/share/pandora_server/ -type f `
 | |
|         do
 | |
| 		bx=`md5sum $ax`
 | |
|                 echo $bx >>$OUTPUT
 | |
|                 echo -n "."
 | |
|         done
 | |
| 
 | |
| 	for ax in `find /usr/lib/perl5/PandoraFMS/ -type f`
 | |
|         do
 | |
|                 bx=`md5sum $ax`
 | |
|                 echo $bx >>$OUTPUT
 | |
|                 echo -n "."
 | |
|         done
 | |
| 
 | |
| 	if [ -d "/usr/lib/perl5/Goliat/" ]
 | |
| 	then
 | |
| 		for ax in `find /usr/lib/perl5/Goliat/ -type f`
 | |
|                 do
 | |
|                        	bx=`md5sum $ax`
 | |
|                        	echo $bx >>$OUTPUT
 | |
|                        	echo -n "."
 | |
|                 done
 | |
| 	fi
 | |
| 
 | |
| 	if [ -d "/etc/pandora/" ]
 | |
|         then
 | |
|                 for ax in `find /etc/pandora/ -type f`
 | |
|                 do
 | |
|                         bx=`md5sum $ax`
 | |
|                         echo $bx >>$OUTPUT
 | |
|                        echo -n "."
 | |
|                 done
 | |
|         fi
 | |
| 	echo " "
 | |
| 	echo "File generated at $OUTPUT"
 | |
| fi
 | |
| 
 | |
| 
 | |
| echo "Finishing witout error"
 | |
| exit 0
 | |
| 
 | |
| 
 | |
| 
 |