Ive been getting into bash scripting latley, I think learning a new language might actaully be helping me learn 'C' better, here is the script:
Code:
#!/bin/bash
#Check modifications of files and changed directory's and checksums
##########################################################################
#I suggest you make sure you system is secure *before* you use this script.
#Copy all the file's made to a floppy and make it read-only.
###########################################################################
SUCESS=
PACK=/var/log/newpack.txt
MODTIME=/var/log/modfile.txt
SBIN=/sbin
USRSBIN=/usr/sbin
ETC=/etc
CKSUM=/usr/bin/cksum
DIRCACHE=/var/log/sbin.txt
DIRCACHE1=/var/log/usrsbin.txt
DIRCACHE2=/var/log/etc.txt
CKSUMCACHE=/var/log/sbinCK.txt
CKSUMCACHE1=/var/log/usrsbinCK.txt
CKSUMCACHE2=/var/log/etcCK.txt
DIRTMP=/tmp.txt
DIRTMP1=/tmp1.txt
DIRTMP2=/tmp2.txt
CKTMP=/tmp3.txt
CKTMP1=/tmp4.txt
CKTMP2=tmp5.txt
WALL=/tmp6.txt
NEWPACK=/tmp7.txt
TMP=/tmp8.txt
TMP1=/tmp9.txt
TMP2=/tmp10.txt
TMP3=/tmp11.txt
database()
{
echo "Creating Database..."
tree /sbin > /var/log/sbin.txt && tree /usr/sbin > /var/log/usrsbin.txt && tree /etc > /var/log/etc.txt
find /etc -exec cksum {} \; > /var/log/etcCK.txt 2> /dev/null && cksum /sbin/* > /var/log/sbinCK.txt 2> /dev/null\
&& cksum /usr/sbin/* > /var/log/usrsbinCK.txt 2> /dev/null && ls /var/log/packages > $PACK
}
if [ ! -f "$DIRCACHE" ]; then
database
fi
NewPack()
{
ls /var/log/packages > $NEWPACK
echo "Checking for new installed packages..."
if ( ! diff "$NEWPACK" "$PACK" > "$TMP" ); then
echo "There is new packages installed..."
echo "Would you like to see them?[yes/no]"
read ANSWER
if [ "$ANSWER" = "yes" ]; then
echo "Press 'q' when done..."
sleep 3
cat "$TMP" | less
SUCCESS=1
fi
else
echo "There doesnt appear to be any new installed packages..."
SUCCESS=0
fi
}
echo "Working..."
find / -mtime 7 -o -ctime 7 2> /dev/null | find / -mtime 6 -o -ctime 6 2> /dev/null | find / -mtime\
5 -o -ctime 5 2> /dev/null | find / -mtime 4 -o -ctime 4 2> /dev/null | find / -mtime 3 -o -ctime 3 2> /dev/null | find / -mtime 2 -o -ctime 2 2>\
/dev/null | find / -mtime 1 -o -ctime 1 2> /dev/null | find / -mtime 0 -o -ctime 0 2> /dev/null > $MODTIME
NewPack
if [ "$SUCCESS" = 1 ]; then
echo "If you *did* install new packages,"
echo "you will have to recreate the database."
echo "Would you like to recreate the database now? [yes/no]"
read ANSWER1
if [ "$ANSWER1" = "yes" ]; then
database
fi
fi
tree "$SBIN" > "$DIRTMP" && tree "$USRSBIN" > "$DIRTMP1" && tree "$ETC" > "$DIRTMP2"
"$CKSUM" "$SBIN"/* > "$CKTMP" && "$CKSUM" "$USRSBIN"/* > "$CKTMP1" && find "$ETC" -exec "$CKSUM" 2> /dev/null {} \; > "$CKTMP2"
if ( ! diff "$CKSUMCACHE" "$CKTMP" > "$TMP1" ); then
echo "$HOSTNAME: There has been a CRC checksum change: Check '$SBIN'." > "$WALL"
echo "There was a CRC checksum change in '$SBIN',"
echo "Would you like to see the possiblity's? [yes/no]"
read ANSWER2
if [ "$ANSWER2" = "yes" ]; then
echo "press 'q' when done."
sleep 3
cat "$TMP1" | less
sleep 3
fi
else
echo "$HOSTNAME: There is no CRC checksum change in '$SBIN'." > "$WALL"
fi
if ( ! diff "$CKSUMCACHE1" "$CKTMP1" > "$TMP2" ); then
echo "$HOSTNAME: There has been a CRC checksum change: Check '$USRSBIN'." >> "$WALL"
echo "There was a CRC checksum change in '$USRSBIN',"
echo "Would you like to see the possiblity's?[yes/no]"
read ANSWER3
if [ "$ANSWER3" = "yes" ]; then
echo "press 'q' when done."
sleep 3
cat "$TMP2" | less
sleep 3
fi
else
echo "$HOSTNAME: There is no CRC checksum change in '$USRSBIN'." >> "$WALL"
fi
if ( ! diff "$CKSUMCACHE2" "$CKTMP2" > "$TMP3" ); then
echo "$HOSTNAME: There has been a CRC checksum change: Check '$ETC'." >> "$WALL"
echo "There was a CRC checksum change in '$ETC',"
echo "Would you like to see the possiblitys?[yes/no]"
read ANSWER4
if [ "$ANSWER4" = "yes" ]; then
echo "press 'q' when done."
sleep 3
cat "$TMP3" | less
sleep 3
fi
else
echo "$HOSTNAME: There is no CRC checksum change in '$ETC'." >> "$WALL"
fi
if ( ! cmp "$DIRCACHE" "$DIRTMP" 1> /dev/null ); then
echo "$HOSTNAME: There has been a modification in a critical system dir: Check '$SBIN'." >> "$WALL"
else
echo "$HOSTNAME: There has been no change in critical system dir '$SBIN'." >> "$WALL"
fi
if ( ! cmp "$DIRCACHE1" "$DIRTMP1" 1> /dev/null ); then
echo "$HOSTNAME: There has been a modification in a critical system dir: Check '$USRSBIN'." >> "$WALL"
else
echo "$HOSTNAME: There has been no change in critical system dir '$USRSBIN'." >> "$WALL"
fi
if ( ! cmp "$DIRCACHE2" "$DIRTMP2" 1> /dev/null ); then
echo "$HOSTNAME: There has been files added or removed from: '$ETC'." >> "$WALL"
else
echo "$HOSTNAME: There has been no files added or removed from '$ETC'." >> "$WALL"
fi
echo "$HOSTNAME: Check '$MODTIME'." >> "$WALL"
clear
wall "$WALL"
echo "if something was found and it checked out, you can recreate the database."
echo "Would you like to recreate the database?[yes/no]"
read ANSWER5
if [ "$ANSWER5" = "yes" ]; then
database
sleep 3
echo "Would you like the run the script again?[yes/no]"
read ANSWER6
if [ "$ANSWER6" = "yes" ]; then
rm "$DIRTMP" "$DIRTMP1" "$DIRTMP2" "$CKTMP" "$CKTMP1" "$CKTMP2" "$NEWPACK" "$WALL" "$TMP" "$TMP1" "$TMP2" "$TMP3"
"$0"
fi
fi
if [ -f "$DIRTMP" ]; then
rm "$DIRTMP" "$DIRTMP1" "$DIRTMP2" "$CKTMP" "$CKTMP1" "$CKTMP2" "$NEWPACK" "$WALL" "$TMP" "$TMP1" "$TMP2" "$TMP3"
fi
exit 0
The interesting part to me is the part where the sucess of 'NewPack()' can branch the program to do other things. I just learned this and have already written other scripts to do things in similar ways, like a while loop that ends when the "sucess" changes, as seem below...
Code:
while [ "$SUCESS" = 1 ]
do
echo "sorry but that username is in use, please choose another"
read username
if ! test -e /home/$username; then
SUCESS=0
fi
done
Any thoughts on this?