Re: Integrite du systeme
Georges Roux <georges.roux@pacageek.org> a écrit :
> Donc ma question etait : existe t'il un logiciel dans ce sens plus adapte a
> debian
J'utilise un logiciel de type tripwire qui vérifie les fichiers non inclus
dans la distrib. Je pense qu'on ne peut pas s'en dispenser.
Pour vérifier la distribution, j'avais commencé un script. On peut voir à
le mettre sur savannah et le rendre plus utilisable si quelqu'un est
intéressé.
#!/usr/bin/perl -w
#-*-perl-*-
# ----------------------------------------------------------------------
# MD5 check : warns for differences from packages
# replacing ' debsums -s'
# ----------------------------------------------------------------------
# ----------------------------------------------------------------------
#
# Copyright (C) 2001 Michel Verdier
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
# mverdier11@libertysurf.fr
# ----------------------------------------------------------------------
use strict;
my $info_dir = '/var/lib/dpkg/info';
my @packages;
my $nb_files = 0;
my $nb_packages = 0;
my @exceptions = (
# changed files
'/usr/lib/cgi-bin/test-cgi',
'/usr/lib/dosemu/commands/autoexec.bat',
'/usr/lib/dosemu/commands/config.sys',
'/var/lib/games/snake4.score',
'/etc/ppp/peers/wvdial',
'/usr/X11R6/lib/X11/app-defaults/XCalc',
'/usr/X11R6/lib/X11/app-defaults/XCalc-color',
'/usr/X11R6/lib/X11/app-defaults/Xedit',
'/usr/X11R6/lib/X11/app-defaults/XFontSel',
'/usr/X11R6/lib/X11/app-defaults/Xman',
'/usr/X11R6/lib/X11/app-defaults/XGammon',
'/usr/bin/libtool',
# ppp 2.4.1
'/usr/sbin/chat',
'/usr/sbin/pppd',
'/usr/sbin/pppstats',
'/usr/sbin/pppdump',
# XFree 4.0.2
'/usr/X11R6/bin/ico',
'/usr/X11R6/bin/showfont',
'/usr/X11R6/bin/xbiff',
'/usr/X11R6/bin/xcalc',
'/usr/X11R6/bin/xditview',
'/usr/X11R6/bin/xedit',
'/usr/X11R6/bin/xev',
'/usr/X11R6/bin/xeyes',
'/usr/X11R6/bin/xfontsel',
'/usr/X11R6/bin/xgc',
'/usr/X11R6/bin/xload',
'/usr/X11R6/bin/xman',
'/usr/X11R6/bin/xmessage',
'/usr/X11R6/lib/X11/xman.help',
'/usr/X11R6/lib/libXpm.so.4.11',
'/usr/X11R6/bin/sxpm',
'/usr/X11R6/bin/cxpm',
);
sub read_packages {
my $package = shift(@ARGV) || die "usage: $0 <package>\n";
if($package eq 'all') {
opendir(INFO,$info_dir) || die "open $info_dir: $!\n";
for(readdir(INFO)) {
next if(!/\.md5sums$/);
s/\.md5sums$//;
push(@packages,$_);
}
closedir(INFO);
} else {
@packages = ($package);
}
$nb_packages = @packages;
}
sub check_package {
my($package) = @_;
my @conffiles = ();
chdir '/';
my @result = `/usr/bin/md5sum -c $info_dir/$package.md5sums 2>&1`;
if(open(LIST,"$info_dir/$package.md5sums")) {
my @liste = <LIST>;
$nb_files += @liste;
close(LIST);
}
if(open(CONF,"$info_dir/$package.conffiles")) {
@conffiles = <CONF>;
close(CONF);
}
print "-------- $package ---------\n";
for(@result) {
if(/^.+check failed for '(\S+)'/) { # modified file
my $file = $1;
if(grep(/^\/$file$/,@exceptions)==0 # file is not to be modified
&& grep(/^\/$file$/,@conffiles)==0) { # file is not a configuration file
print "/$file\n";
}
}
}
}
read_packages();
print "Verifying $nb_packages packages\n";
foreach my $package (sort @packages) {
check_package($package);
}
print "$nb_files files verified\n";
--
Michel Verdier
Reply to: