1 |
#!/bin/sh |
2 |
# |
3 |
# script to run aide --check and verify GPG signatures |
4 |
# |
5 |
# written by Vincent Danen <vdanen-at-annvix.org> |
6 |
# |
7 |
# $Id: aidecheck 5176 2006-01-31 03:17:02Z vdanen $ |
8 |
|
9 |
hostname=`uname -n` |
10 |
gpg="/usr/bin/gpg" |
11 |
aide="/usr/sbin/aide" |
12 |
fname="aide-`hostname`-`date +%Y%m%d-%H%M%S`" |
13 |
|
14 |
echo "AIDE integrity check for ${hostname} beginning (`date`)" |
15 |
echo "" |
16 |
if [ ! -e /var/lib/aide/aide.db ] ; then |
17 |
echo "**** Error: AIDE database for ${hostname} not found." |
18 |
echo "**** Run 'aideinit' to create the database file." |
19 |
else |
20 |
if [ -f /etc/aide.conf ]; then |
21 |
if [ -f /var/lib/aide/aide.db.sig ]; then |
22 |
pushd /var/lib/aide >/dev/null |
23 |
echo "Verifying the GPG signature on the database..." |
24 |
echo "" |
25 |
${gpg} --verify aide.db.sig |
26 |
echo "" |
27 |
if [ "$?" == "1" ]; then |
28 |
echo "************************************************************" |
29 |
echo "GPG signature FAILED! Your database has been tampered with!" |
30 |
echo "************************************************************" |
31 |
exit 1 |
32 |
fi |
33 |
popd >/dev/null |
34 |
else |
35 |
echo "**** Error: No GPG signature found for the AIDE database!" |
36 |
echo "**** Unable to verify database; your system may be compromised or incorrectly configured!" |
37 |
exit 1 |
38 |
fi |
39 |
nice -20 ${aide} --check -B "report_url=file:/var/lib/aide/reports/${fname}.report" 2>/dev/null |
40 |
fi |
41 |
fi |
42 |
|
43 |
exit 0 |