📄 rkhunter
字号:
get_installdir_option() { # # This function obtains the RKH installation directory. It must # be set by the installer script, and has no default. # RKHINSTALLDIR=`get_option 1 single INSTALLDIR` || exit 1 if [ -z "${RKHINSTALLDIR}" ]; then echo "Invalid INSTALLDIR configuration option - no installation directory specified." exit 1 elif [ ! -d "${RKHINSTALLDIR}" ]; then echo "Installation directory does not exist: ${RKHINSTALLDIR}" exit 1 elif [ ! -r "${RKHINSTALLDIR}" ]; then echo "Installation directory is not readable: ${RKHINSTALLDIR}" exit 1 fi return}get_language_option() { # # First get the option from the command-line or the # configuration file, and do a simple check on whether # it is empty or a space. # if [ -n "${LANGUAGE}" ]; then LANGUAGE=`echo "${LANGUAGE}" | tr -d '" ' | tr -d "'"` if [ -z "${LANGUAGE}" ]; then echo "Invalid --language option - no language given." exit 1 fi else LANGUAGE=`get_option 1 single LANGUAGE` || exit 1 fi # # If no language has been set, then use English. # test -z "${LANGUAGE}" && LANGUAGE="en" # # Now check that the language is available. # if [ ! -d "${DB_PATH}/i18n" ]; then echo "The internationalisation directory does not exist: ${DB_PATH}/i18n" exit 1 fi # # If we are using the '--update' option, then the language files # will be installed if they are missing. As such, we cannot check # them here. # if [ ! -s "${DB_PATH}/i18n/${LANGUAGE}" ]; then if [ $UPDATE_ONLY -eq 1 ]; then RKHLANGUPDT=1 else echo "The language specified is not available: ${LANGUAGE}" echo "Use the command 'rkhunter --lang en --list languages' to see the list of available languages." exit 1 fi elif [ ! -s "${DB_PATH}/i18n/en" ]; then if [ $UPDATE_ONLY -eq 1 ]; then RKHLANGUPDT=1 else echo "The English language file must be present: ${DB_PATH}/i18n/en" echo "If it has been deleted, then you will need to run 'rkhunter --update' with no other options." exit 1 fi fi return}get_logfile_option() { # # First get the option from the command-line or the # configuration file, and do a simple check on whether # it is empty or a space. # if [ -n "${RKHLOGFILE}" ]; then RKHLOGFILE=`echo "${RKHLOGFILE}" | tr -d '" ' | tr -d "'"` if [ -z "${RKHLOGFILE}" ]; then echo "Invalid --logfile option - no logfile name given." exit 1 fi else RKHLOGFILE=`get_option 1 single LOGFILE` || exit 1 if [ -z "${RKHLOGFILE}" ]; then RKHLOGFILE="${DFLT_LOGFILE}" echo "Default logfile will be used (${RKHLOGFILE})." fi fi # # Now check that the given option is useable. # if [ "${RKHLOGFILE}" = "/dev/null" ]; then APPEND_LOG=0 else LOGDIR=`echo "${RKHLOGFILE}" | sed -e 's/\/[^/][^/]*$//'` if [ -z "`echo \"${LOGDIR}\" | grep '/'`" ]; then LOGDIR="." fi if [ "${LOGDIR}" = "${RKHLOGFILE}" ]; then echo "No log filename given: ${RKHLOGFILE}" exit 1 elif [ ! -d "${LOGDIR}" ]; then echo "Logfile directory does not exist: ${RKHLOGFILE}" exit 1 elif [ ! -w "${LOGDIR}" ]; then echo "Logfile directory is not writable: ${RKHLOGFILE}" exit 1 elif [ ! -r "${LOGDIR}" ]; then echo "Logfile directory is not readable: ${RKHLOGFILE}" exit 1 elif [ -h "${RKHLOGFILE}" ]; then echo "Logfile is a symbolic link: ${RKHLOGFILE}" echo "This is a security problem. The link points to another file, and that file is about to be modified by rkhunter." exit 1 elif [ -e "${RKHLOGFILE}" -a ! -f "${RKHLOGFILE}" ]; then echo "Logfile already exists but it is not a file: ${RKHLOGFILE}" exit 1 fi # # Now check whether we should append to the logfile # or overwrite it. We check the configuration file # option, if it is given, and ensure that it is valid. # if [ $APPEND_OPT -eq 0 ]; then APPEND_LOG=`get_option 1 single APPEND_LOG` || exit 1 if [ -n "${APPEND_LOG}" ]; then if [ "${APPEND_LOG}" != "0" -a "${APPEND_LOG}" != "1" ]; then echo "Invalid APPEND_LOG configuration option: not a number: ${APPEND_LOG}" exit 1 fi else APPEND_LOG=0 fi fi fi return}get_tmpdir_option() { # # First get the option from the command-line or the # configuration file, and do a simple check on whether # it is empty or a space. # if [ -n "${RKHTMPDIR}" ]; then RKHTMPDIR=`echo "${RKHTMPDIR}" | tr -d '" ' | tr -d "'"` if [ -z "${RKHTMPDIR}" ]; then echo "Invalid --tmpdir option - no directory name given." exit 1 fi else RKHTMPDIR=`get_option 1 single TMPDIR` || exit 1 if [ -z "${RKHTMPDIR}" ]; then RKHTMPDIR="${RKHINSTALLDIR}/lib/rkhunter/tmp" echo "Default temporary directory will be used (${RKHTMPDIR})." fi fi # # Now check that the given option is useable. # if [ ! -d "${RKHTMPDIR}" ]; then echo "Temporary directory does not exist: ${RKHTMPDIR}" exit 1 elif [ ! -w "${RKHTMPDIR}" ]; then echo "Temporary directory is not writable: ${RKHTMPDIR}" exit 1 elif [ ! -r "${RKHTMPDIR}" ]; then echo "Temporary directory is not readable: ${RKHTMPDIR}" exit 1 elif [ "${RKHTMPDIR}" = "${RKHROOTDIR}/tmp" -o "${RKHTMPDIR}" = "${RKHROOTDIR}/var/tmp" ]; then echo "Do not use ${RKHTMPDIR} as the temporary directory." echo "This directory will be used by rkhunter to contain system files, so it must be secure." exit 1 elif [ "${RKHTMPDIR}" = "${RKHROOTDIR}/etc" ]; then echo "Do not use ${RKHTMPDIR} as the temporary directory." echo "This directory will be used by rkhunter to copy and delete certain system files." exit 1 fi return}get_dbdir_option() { # # First get the option from the command-line or the # configuration file, and do a simple check on whether # it is empty or a space. # if [ -n "${DB_PATH}" ]; then DB_PATH=`echo "${DB_PATH}" | tr -d '" ' | tr -d "'"` if [ -z "${DB_PATH}" ]; then echo "Invalid --dbdir option - no directory name given." exit 1 fi else DB_PATH=`get_option 1 single DBDIR` || exit 1 if [ -z "${DB_PATH}" ]; then DB_PATH="${RKHINSTALLDIR}/lib/rkhunter/db" echo "Default database directory will be used (${DB_PATH})." fi fi # # Now check that the given option is useable. # if [ ! -d "${DB_PATH}" ]; then echo "Database directory does not exist: ${DB_PATH}" exit 1 elif [ ! -w "${DB_PATH}" ]; then echo "Database directory is not writable: ${DB_PATH}" exit 1 elif [ ! -r "${DB_PATH}" ]; then echo "Database directory is not readable: ${DB_PATH}" exit 1 fi return}add_extra_dirs() { # # This functions takes care of any additional directories # that may exist on some systems. After the function is called # the value of EXTRA_DIRS must be added to whatever variable # is being used. # EXTRA_DIRS="" if [ $SUNOS -eq 1 ]; then # # Add in some other directories, and those which # contain the Sun 'companion' software. # test -d /usr/sfw && EXTRA_DIRS="${EXTRA_DIRS} /usr/sfw/bin /usr/sfw/sbin /usr/sfw/libexec" test -d /opt/sfw && EXTRA_DIRS="${EXTRA_DIRS} /opt/sfw/bin /opt/sfw/sbin /opt/sfw/libexec" test -d /usr/xpg4/bin && EXTRA_DIRS="${EXTRA_DIRS} /usr/xpg4/bin" test -d /usr/ccs/bin && EXTRA_DIRS="${EXTRA_DIRS} /usr/ccs/bin" test -d /usr/5bin -a ! -h /usr/5bin && EXTRA_DIRS="${EXTRA_DIRS} /usr/5bin" test -d /usr/ucb && EXTRA_DIRS="${EXTRA_DIRS} /usr/ucb" # # OpenSolaris distributions (e.g. BeleniX) may use # other directories. # test -d /usr/foss && EXTRA_DIRS="${EXTRA_DIRS} /usr/foss/bin /usr/foss/sbin /usr/foss/libexec" elif [ $BSDOS -eq 1 ]; then test -d /usr/pkg/bin && EXTRA_DIRS="${EXTRA_DIRS} /usr/pkg/bin" test -d /usr/pkg/sbin && EXTRA_DIRS="${EXTRA_DIRS} /usr/pkg/sbin" test -d /usr/pkg/libexec && EXTRA_DIRS="${EXTRA_DIRS} /usr/pkg/libexec" elif [ "${OPERATING_SYSTEM}" = "Darwin" ]; then # # Cater for Fink (Mac OS X) additional software. # test -d /sw/bin && EXTRA_DIRS="${EXTRA_DIRS} /sw/bin" test -d /sw/sbin && EXTRA_DIRS="${EXTRA_DIRS} /sw/sbin" elif [ $IRIXOS -eq 1 ]; then test -d /usr/ucb && EXTRA_DIRS="${EXTRA_DIRS} /usr/ucb" test -d /usr/freeware/bin && EXTRA_DIRS="${EXTRA_DIRS} /usr/freeware/bin" test -d /usr/freeware/sbin && EXTRA_DIRS="${EXTRA_DIRS} /usr/freeware/sbin" test -d /usr/xpg4/bin && EXTRA_DIRS="${EXTRA_DIRS} /usr/xpg4/bin" elif [ -f "/etc/GoboLinuxVersion" ]; then # # We have no other easy way of detecting GoboLinux. # It has a peculiar filesystem layout, so we need to # add in this little bit of support to help it work # with RKH. # test -d "/System/Links/Executables" && EXTRA_DIRS="/System/Links/Executables" fi # # Finally check if there are any optional # bin and sbin directories present. # test -d /usr/opt/bin && EXTRA_DIRS="${EXTRA_DIRS} /usr/opt/bin" test -d /usr/opt/sbin && EXTRA_DIRS="${EXTRA_DIRS} /usr/opt/sbin" test -d /opt/bin && EXTRA_DIRS="${EXTRA_DIRS} /opt/bin" test -d /opt/sbin && EXTRA_DIRS="${EXTRA_DIRS} /opt/sbin" return}get_bindir_option() { # # First get the option from the command-line or the # configuration file, and do a simple check on whether # it is empty or a space. # USE_DFLT=0 if [ -n "${BINPATHS}" ]; then BINPATHS=`echo "${BINPATHS}" | tr -d '"' | tr -d "'" | tr ' ' ' ' | tr -s ' '` if [ "${BINPATHS}" = " " ]; then echo "Invalid --bindir option - no directory names given." exit 1 fi else BINPATHS=`get_option 2 single BINDIR` || exit 1 if [ -z "${BINPATHS}" ]; then USE_DFLT=1 BINPATHS="${DFLT_BINPATHS}" # # Under some OS's /bin is a link to /usr/bin, so # there is no need to look in it. # if [ $SUNOS -eq 1 -o $IRIXOS -eq 1 -o "${OPERATING_SYSTEM}" = "AIX" ]; then if [ -h /bin ]; then RKHB="" for DIR in ${BINPATHS}; do test "${DIR}" != "/bin" && RKHB="${RKHB} ${DIR}" done BINPATHS=`echo ${RKHB}` fi fi add_extra_dirs BINPATHS="${BINPATHS}${EXTRA_DIRS}" fi fi # # This is a simple check that each directory begins with # a '.' or '/'. We allow non-existent directories because # this list may be used with RKHROOTDIR. As such the directory # may not exist on the local host, but may exist on a # remotely diagnosed system. # for DIR in ${BINPATHS}; do if [ -z "`echo ${DIR} | grep '^[./]'`" ]; then echo "Invalid BINDIR directory found: ${DIR}" exit 1 fi done return}get_scriptdir_option() { # # Get the value from the configuration file, and do a simple # check on whether it is empty or a space. # # Note: The installer will set this option. As such there # is no default. # SCRIPT_PATH=`get_option 1 single SCRIPTDIR` || exit 1 if [ -z "${SCRIPT_PATH}" ]; then echo "The SCRIPTDIR configuration option has not been set by the installer." exit 1 fi # # Now check that the given option is useable. # if [ ! -d "${SCRIPT_PATH}" ]; then echo "Script directory does not exist: ${SCRIPT_PATH}" exit 1 elif [ ! -r "${SCRIPT_PATH}" ]; then echo "Script directory is not readable: ${SCRIPT_PATH}" exit 1 fi return}find_cmd() { # # This function performs a search of the PATH and BINPATHS # directories looking for the requested command. The full # pathname is returned if the command is found. # # If a full pathname is provided then we simply check that # it is executable. # CMD=$1 test -z "${CMD}" && return if [ -n "`echo ${CMD} | grep '/'`" ]; then test -f "${CMD}" -a -x "${CMD}" && echo "${CMD}" else for CMDDIR in ${SPACEDPATH} ${BINPATHS}; do if [ -f "${CMDDIR}/${CMD}" -a -x "${CMDDIR}/${CMD}" ]; then echo "${CMDDIR}/${CMD}" return fi done fi return}get_rootdir_option() { # # First get the option from the command-line or the # configuration file, and do a simple check on whether # it is empty or a space. # if [ -n "${RKHROOTDIR}" ]; then RKHROOTDIR=`echo "${RKHROOTDIR}" | tr -d '" ' | tr -d "'"` if [ -z "${RKHROOTDIR}" ]; then echo "Invalid --rootdir option - no directory name given." exit 1 fi else RKHROOTDIR=`get_option 1 single ROOTDIR` || exit 1 fi # # Now check that the given option is useable. # if [ -n "${RKHROOTDIR}" ]; then if [ ! -d "${RKHROOTDIR}" ]; then echo "The root directory does not exist: ${RKHROOTDIR}" exit 1 elif [ ! -r "${RKHROOTDIR}" ]; then echo "The root directory is not readable: ${RKHROOTDIR}" exit 1 fi fi return}get_mailonwarn_option() { # # Get the option from the configuration file. If it is set, # then we get the MAIL_CMD option as well. # MAILONWARNING=`get_option 2 single MAIL-ON-WARNING` || exit 1 if [ -n "${MAILONWARNING}" ]; then MAIL_CMD=`get_option 2 single MAIL_CMD` || exit 1 test -z "${MAIL_CMD}" && MAIL_CMD="mail -s \"[rkhunter] Warnings found for \${HOST_NAME}\"" # # Check that the mail command is executable.⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -