free
/
freedombone


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108
							#!/bin/bash
#
# .---.                  .              .
# |                      |              |
# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
#
#                    Freedom in the Cloud
#
# Intrusion detection application
#
# License
# =======
#
# Copyright (C) 2014-2016 Bob Mottram <bob@robotics.uk.to>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

function backup_local_tripwire {
    echo -n ''
}

function backup_remote_tripwire {
    echo -n ''
}

function remove_tripwire {
	if ! grep -Fxq "tripwire" $COMPLETION_FILE; then
		return
	fi
	apt-get -y remove --purge tripwire
	if [ -d /etc/tripwire ]; then
		rm -rf /etc/tripwire
	fi
	rm /usr/bin/reset-tripwire
	sed -i '/tripwire/d' $COMPLETION_FILE
}

function install_tripwire {
	if grep -Fxq "install_tripwire" $COMPLETION_FILE; then
		return
	fi
	if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
		return
	fi
	apt-get -y install tripwire
	apt-get -y autoremove
	cd /etc/tripwire
	cp site.key $DEFAULT_DOMAIN_NAME-site.key
	echo '*** Installing intrusion detection ***'
	echo '

' | tripwire --init

	# make a script for easy resetting of the tripwire
	echo '#!/bin/sh' > /usr/bin/reset-tripwire
	echo 'tripwire --update-policy --secure-mode low /etc/tripwire/twpol.txt' >> /usr/bin/reset-tripwire
	chmod +x /usr/bin/reset-tripwire

	sed -i 's/SYSLOGREPORTING.*/SYSLOGREPORTING =false/g' /etc/tripwire/twcfg.txt
	# only send emails if something has changed
	sed -i 's|MAILNOVIOLATIONS.*|MAILNOVIOLATIONS = false|g' /etc/tripwire/twcfg.txt
	sed -i '/# These files change the behavior of the root account/,/}/ s/.*//g' /etc/tripwire/twpol.txt
	sed -i 's|/etc/rc.boot.*||g' /etc/tripwire/twpol.txt
	# Don't show any changes to /proc
	sed -i 's|/proc.*||g' /etc/tripwire/twpol.txt
	# Don't report log changes
	sed -i 's|/var/log.*||g' /etc/tripwire/twpol.txt
	# Ignore /etc/tripwire
	if ! grep -q '!/etc/tripwire' /etc/tripwire/twpol.txt; then
		sed -i '\|/etc\t\t->.*|a\    !/etc/tripwire ;' /etc/tripwire/twpol.txt
	fi
	# ignore tt-rss cache
	if ! grep -q '!/etc/share/tt-rss/cache' /etc/tripwire/twpol.txt; then
		sed -i '\|/etc\t\t->.*|a\    !/etc/share/tt-rss/cache ;' /etc/tripwire/twpol.txt
	fi
	if ! grep -q '!/etc/share/tt-rss/lock' /etc/tripwire/twpol.txt; then
		sed -i '\|/etc\t\t->.*|a\    !/etc/share/tt-rss/lock ;' /etc/tripwire/twpol.txt
	fi
	# Avoid logging the changed database
	sed -i 's|$(TWETC)/tw.pol.*||g' /etc/tripwire/twpol.txt
	# recreate the configuration
	echo '

	   ' | twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt
	# reset
	echo '


	   ' | reset-tripwire

	echo 'install_tripwire' >> $COMPLETION_FILE
}

# NOTE: deliberately no exit 0