security.functions revision 326326
133965Sjdp#!/bin/sh 278828Sobrien# 3218822Sdim# Copyright (c) 2001 The FreeBSD Project 4218822Sdim# All rights reserved. 5218822Sdim# 678828Sobrien# Redistribution and use in source and binary forms, with or without 778828Sobrien# modification, are permitted provided that the following conditions 878828Sobrien# are met: 978828Sobrien# 1. Redistributions of source code must retain the above copyright 1078828Sobrien# notice, this list of conditions and the following disclaimer. 1178828Sobrien# 2. Redistributions in binary form must reproduce the above copyright 1278828Sobrien# notice, this list of conditions and the following disclaimer in the 1378828Sobrien# documentation and/or other materials provided with the distribution. 1478828Sobrien# 1578828Sobrien# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1678828Sobrien# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1778828Sobrien# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18218822Sdim# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19218822Sdim# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20218822Sdim# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2133965Sjdp# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2233965Sjdp# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2333965Sjdp# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2433965Sjdp# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2533965Sjdp# SUCH DAMAGE. 2633965Sjdp# 2733965Sjdp# $FreeBSD: stable/10/etc/periodic/security/security.functions 326326 2017-11-28 17:27:00Z asomers $ 2833965Sjdp# 2933965Sjdp 3033965Sjdp# This is a library file, so we only try to do something when sourced. 3160484Sobriencase "$0" in 3260484Sobrien*/security.functions) exit 0 ;; 3360484Sobrienesac 3460484Sobrien 3533965Sjdpsecurity_daily_compat_var security_status_logdir 3633965Sjdpsecurity_daily_compat_var security_status_diff_flags 3733965Sjdp 38218822Sdim# 3933965Sjdp# Show differences in the output of an audit command 40218822Sdim# 41218822Sdim 4233965SjdpLOG="${security_status_logdir}" 4333965Sjdprc=0 4433965Sjdp 4533965Sjdp# Usage: COMMAND | check_diff [new_only] LABEL - MSG 4633965Sjdp# COMMAND > TMPFILE; check_diff [new_only] LABEL TMPFILE MSG 4733965Sjdp# if $1 is new_only, show only the 'new' part of the diff. 4833965Sjdp# LABEL is the base name of the ${LOG}/${label}.{today,yesterday} files. 4933965Sjdp 5033965Sjdpcheck_diff() { 5133965Sjdp unset IFS 52218822Sdim rc=0 5333965Sjdp if [ "$1" = "new_only" ]; then 5433965Sjdp shift 5533965Sjdp filter="grep '^[>+][^+]'" 5633965Sjdp else 5733965Sjdp filter="cat" 5833965Sjdp fi 5933965Sjdp label="$1"; shift 6033965Sjdp tmpf="$1"; shift 6133965Sjdp msg="$1"; shift 62218822Sdim 63218822Sdim if [ "${tmpf}" = "-" ]; then 6433965Sjdp tmpf=`mktemp -t security` 65130561Sobrien cat > ${tmpf} 66130561Sobrien fi 6733965Sjdp 6833965Sjdp if [ ! -f ${LOG}/${label}.today ]; then 6933965Sjdp rc=1 7033965Sjdp echo "" 7133965Sjdp echo "No ${LOG}/${label}.today" 7233965Sjdp cp ${tmpf} ${LOG}/${label}.today || rc=3 7333965Sjdp fi 7433965Sjdp 7533965Sjdp if ! cmp -s ${LOG}/${label}.today ${tmpf} >/dev/null; then 7633965Sjdp [ $rc -lt 1 ] && rc=1 7733965Sjdp echo "" 7833965Sjdp echo "${msg}" 7991041Sobrien diff ${security_status_diff_flags} ${LOG}/${label}.today \ 8091041Sobrien ${tmpf} | eval "${filter}" 8191041Sobrien mv ${LOG}/${label}.today ${LOG}/${label}.yesterday || rc=3 8291041Sobrien mv ${tmpf} ${LOG}/${label}.today || rc=3 83218822Sdim fi 8433965Sjdp 8577298Sobrien rm -f ${tmpf} 8677298Sobrien exit ${rc} 8777298Sobrien} 8877298Sobrien