210 lines
4.6 KiB
Bash
Executable File
210 lines
4.6 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Pandora FMS Integrity Check v1.0
|
|
# (c) 2014 Pandora FMS Team
|
|
#
|
|
# This script is used to generate a MD5 hash of each relevant file
|
|
# in a Pandora FMS, including server and console files. It supports
|
|
# a mode to "check" using the output of a previous execution.
|
|
|
|
UNIXTIME=`date +%s`
|
|
HUMANDATE=`date +%d-%m-%y-%s`
|
|
OUTPUT=integrity_check_`date +%d-%m-%y-%s`.data
|
|
|
|
echo "Pandora FMS Integrity Check tool v1.0"
|
|
echo "(c) Pandora FMS Development Team 2014"
|
|
echo " "
|
|
|
|
if [ $# -lt 2 ]
|
|
then
|
|
echo "Syntax:"
|
|
echo " "
|
|
echo "integrity_chech new|check|compare [<path_to_console>] [<path_to_integrity_file>] [<path_to_integrity_file_2>]"
|
|
echo " "
|
|
echo " If mode 'check' is selected, it will require a integrity file (generated by this tool) to check it against current setup. If mode 'compare' is selected, it wil require two integrity files, and will report differences between them"
|
|
echo " "
|
|
exit -1
|
|
fi
|
|
|
|
CONSOLE_PATH=$2
|
|
INTEGRITY_FILE=$3
|
|
INTEGRITY_REPORT=$INTEGRITY_FILE.report
|
|
MODE=$1
|
|
ERROR=0
|
|
|
|
if [ ! -d "$CONSOLE_PATH" ] && [ "$MODE" != "compare" ]
|
|
then
|
|
echo "Error: Console path doesn't exist"
|
|
exit -1
|
|
fi
|
|
|
|
if [ "$MODE" == "compare" ]
|
|
then
|
|
FILE1=$2
|
|
FILE2=$3
|
|
|
|
if [ ! -f "$FILE1" ] || [ ! -f "$FILE2" ]
|
|
then
|
|
echo "Error, at least one of the integrity files provided not found"
|
|
exit -1
|
|
fi
|
|
|
|
IFS="
|
|
"
|
|
COUNTER=0
|
|
for a in `cat $FILE1 | grep -v "^#"`
|
|
do
|
|
if [ $COUNTER -eq 0 ]
|
|
then
|
|
echo -ne "\b|"
|
|
fi
|
|
|
|
if [ $COUNTER -eq 1 ]
|
|
then
|
|
echo -ne "\b/"
|
|
fi
|
|
|
|
if [ $COUNTER -eq 2 ]
|
|
then
|
|
echo -ne "\b-"
|
|
fi
|
|
if [ $COUNTER -eq 3 ]
|
|
then
|
|
echo -ne "\b\\"
|
|
COUNTER=-1
|
|
fi
|
|
|
|
COUNTER=`expr $COUNTER + 1`
|
|
|
|
F1=`echo $a | awk '{ print $2 }'`
|
|
M1=`echo $a | awk '{ print $1 }'`
|
|
|
|
BUF=`cat $FILE2 | grep "$F1\$"`
|
|
if [ -z "$BUF" ]
|
|
then
|
|
echo " "
|
|
echo "[MISS] $F1 is not present in $FILE2"
|
|
else
|
|
M2=`echo $BUF | awk '{ print $1 }'`
|
|
if [ "$M2" != "$M1" ]
|
|
then
|
|
echo " "
|
|
echo "[DIFF] $F1 has changed"
|
|
fi
|
|
fi
|
|
done
|
|
|
|
fi
|
|
|
|
if [ "$MODE" == "check" ]
|
|
then
|
|
if [ ! -f "$INTEGRITY_FILE" ]
|
|
then
|
|
echo "Error: Integrity file to check not found"
|
|
exit -1
|
|
fi
|
|
|
|
IFS="
|
|
"
|
|
|
|
cat /dev/null > $INTEGRITY_REPORT
|
|
echo "#Pandora FMS Integrity Check REPORT generated at $HUMANDATE at `hostname` by $USER" >> $INTEGRITY_REPORT
|
|
echo "Checking file integrity in $INTEGRITY_FILE."
|
|
|
|
for ax in `cat $INTEGRITY_FILE | grep -v "^#"`
|
|
do
|
|
|
|
md5=`echo $ax | awk '{ print $1 }'`
|
|
file=`echo $ax | awk '{ print $2 }'`
|
|
|
|
if [ -f "$file" ]
|
|
then
|
|
md5_v2=`md5sum $file | awk '{ print $1 }'`
|
|
if [ "$md5_v2" != "$md5" ]
|
|
then
|
|
echo "[ERR] $file -- MD5 CHECKSUM ERROR" >> $INTEGRITY_REPORT
|
|
ERROR=`expr $ERROR + 1`
|
|
echo -n "e"
|
|
else
|
|
echo "[ ok] $file -- OK" >> $INTEGRITY_REPORT
|
|
echo -n "."
|
|
fi
|
|
else
|
|
echo "[ERR] $file -- FILE MISSING in current target" >> $INTEGRITY_REPORT
|
|
ERROR=`expr $ERROR + 1`
|
|
echo -n "m"
|
|
fi
|
|
done
|
|
echo " "
|
|
if [ $ERROR -gt 0 ]
|
|
then
|
|
echo "WARNING: Some discrepancies has been found. Check the Integrity report"
|
|
else
|
|
echo "Everything seems to be OK, no changes detected!"
|
|
fi
|
|
|
|
echo "Done. Report is in $INTEGRITY_REPORT"
|
|
exit 0
|
|
fi
|
|
|
|
if [ "$MODE" == "new" ]
|
|
then
|
|
|
|
echo " "
|
|
# Begin CREATION of a new Integrity Check File
|
|
|
|
cat /dev/null > $OUTPUT
|
|
echo "#Pandora FMS Integrity Check generated at $HUMANDATE at `hostname` by $USER" >> $OUTPUT
|
|
echo "Creating integrity check of Pandora FMS Console files"
|
|
for ax in `find /var/www/pandora_console/ -name "*.php" -o -name "*.js" -o -name "*.css" -o -name "*.sql"`
|
|
do
|
|
bx=`md5sum $ax`
|
|
echo $bx >>$OUTPUT
|
|
echo -n "."
|
|
done
|
|
echo " "
|
|
echo "Creating integrity check of Pandora FMS server files"
|
|
for ax in `find /usr/share/pandora_server/ -type f `
|
|
do
|
|
bx=`md5sum $ax`
|
|
echo $bx >>$OUTPUT
|
|
echo -n "."
|
|
done
|
|
|
|
for ax in `find /usr/lib/perl5/PandoraFMS/ -type f`
|
|
do
|
|
bx=`md5sum $ax`
|
|
echo $bx >>$OUTPUT
|
|
echo -n "."
|
|
done
|
|
|
|
if [ -d "/usr/lib/perl5/Goliat/" ]
|
|
then
|
|
for ax in `find /usr/lib/perl5/Goliat/ -type f`
|
|
do
|
|
bx=`md5sum $ax`
|
|
echo $bx >>$OUTPUT
|
|
echo -n "."
|
|
done
|
|
fi
|
|
|
|
if [ -d "/etc/pandora/" ]
|
|
then
|
|
for ax in `find /etc/pandora/ -type f`
|
|
do
|
|
bx=`md5sum $ax`
|
|
echo $bx >>$OUTPUT
|
|
echo -n "."
|
|
done
|
|
fi
|
|
echo " "
|
|
echo "File generated at $OUTPUT"
|
|
fi
|
|
|
|
|
|
echo "Finishing witout error"
|
|
exit 0
|
|
|
|
|
|
|