diff options
-rw-r--r-- | system/glyptodon/README | 9 | ||||
-rw-r--r-- | system/glyptodon/config/glyptodon.cron | 1 | ||||
-rw-r--r-- | system/glyptodon/config/glyptodon.logrotate | 8 | ||||
-rw-r--r-- | system/glyptodon/doinst.sh | 15 | ||||
-rw-r--r-- | system/glyptodon/glyptodon.SlackBuild | 58 | ||||
-rw-r--r-- | system/glyptodon/glyptodon.info | 10 | ||||
-rw-r--r-- | system/glyptodon/patches/glyptodon.sh-1.2b-caps.diff | 19 | ||||
-rw-r--r-- | system/glyptodon/slack-desc | 19 |
8 files changed, 139 insertions, 0 deletions
diff --git a/system/glyptodon/README b/system/glyptodon/README new file mode 100644 index 0000000000000..b375511569387 --- /dev/null +++ b/system/glyptodon/README @@ -0,0 +1,9 @@ +Glyptodon is a little file-system analyzer for Linux systems. +It is written in bash and it comes with an installer to make it run +everyday automatically. his script writes some general infos about files +permission, socket, ownership etc... + +This script also verifies the file-system for potential risk, such as +set-uid files, world writable files, symlinks nouser files, etc. +Since the 1.1 version, Glyptodon also scan the system for threats linked +to POSIX file capabilities. diff --git a/system/glyptodon/config/glyptodon.cron b/system/glyptodon/config/glyptodon.cron new file mode 100644 index 0000000000000..abe485a55bb80 --- /dev/null +++ b/system/glyptodon/config/glyptodon.cron @@ -0,0 +1 @@ +/usr/local/sbin/glyptodon --capabilities-scan --capabilities-scan --skip-dir=/mnt,/media --log=/var/log/glyptodon.log diff --git a/system/glyptodon/config/glyptodon.logrotate b/system/glyptodon/config/glyptodon.logrotate new file mode 100644 index 0000000000000..203d05c7bf275 --- /dev/null +++ b/system/glyptodon/config/glyptodon.logrotate @@ -0,0 +1,8 @@ + +/var/log/glyptodon.log { + weekly + size 16k + rotate 8 + compress +} + diff --git a/system/glyptodon/doinst.sh b/system/glyptodon/doinst.sh new file mode 100644 index 0000000000000..4347dd34a29ab --- /dev/null +++ b/system/glyptodon/doinst.sh @@ -0,0 +1,15 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/cron.daily/glyptodon.new +config etc/logrotate.d/glyptodon.new diff --git a/system/glyptodon/glyptodon.SlackBuild b/system/glyptodon/glyptodon.SlackBuild new file mode 100644 index 0000000000000..e3fa18d11713d --- /dev/null +++ b/system/glyptodon/glyptodon.SlackBuild @@ -0,0 +1,58 @@ +#!/bin/sh + +# Slackware build script for Glyptodon + +# Written by Menno Duursma <druiloor@zonnet.nl> + +# This program is free software. It comes without any warranty. +# Granted WTFPL, Version 2, as published by Sam Hocevar. See +# http://sam.zoy.org/wtfpl/COPYING for more details. + +PRGNAM=glyptodon +VERSION=${VERSION:-1.2b} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} +ARCH=noarch + +CWD=$(pwd) +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +set -e # Exit on most errors + +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP + +# Easiest to just hardcode this +rm -rf Glyptodon_1.2-beta +tar xvf $CWD/Glyptodon_1-2-beta-tar.gz +cd Glyptodon_1.2-beta + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Patch to remove FCAPS kernel-config check +cat $CWD/patches/glyptodon.sh-1.2b-caps.diff | patch -p0 --verbose + + +install -D -m0755 glyptodon.sh $PKG/usr/sbin/glyptodon + +install -D -m0644 $CWD/config/glyptodon.cron $PKG/etc/cron.daily/glyptodon.new +install -D -m0644 $CWD/config/glyptodon.logrotate $PKG/etc/logrotate.d/glyptodon.new + +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a COPYING README $PKG/usr/doc/$PRGNAM-$VERSION +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/system/glyptodon/glyptodon.info b/system/glyptodon/glyptodon.info new file mode 100644 index 0000000000000..abfa897ed84b7 --- /dev/null +++ b/system/glyptodon/glyptodon.info @@ -0,0 +1,10 @@ +PRGNAM="glyptodon" +VERSION="1.2b" +HOMEPAGE="http://www.sevagas.com/?-Glyptodon-" +DOWNLOAD="http://www.sevagas.com/IMG/gz/Glyptodon_1-2-beta-tar.gz" +MD5SUM="d159a8396d4c022686c48293ca15de1b" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" +MAINTAINER="Menno Duursma" +EMAIL="druiloor@zonnet.nl" +APPROVED="michiel" diff --git a/system/glyptodon/patches/glyptodon.sh-1.2b-caps.diff b/system/glyptodon/patches/glyptodon.sh-1.2b-caps.diff new file mode 100644 index 0000000000000..9375b2feee0ea --- /dev/null +++ b/system/glyptodon/patches/glyptodon.sh-1.2b-caps.diff @@ -0,0 +1,19 @@ +--- glyptodon.sh.old 2010-09-14 22:45:49.000000000 +0200 ++++ glyptodon.sh 2010-09-22 15:52:25.000000000 +0200 +@@ -196,11 +196,11 @@ + # Verifye system is compatiable and has the tools to manage POSIX capabilities + if [ $CAPABILITIES ] + then +- if ! grep -x "CONFIG_SECURITY_FILE_CAPABILITIES=y" /boot/config-`cat /proc/version | cut -d " " -f 3` &> /dev/null +- then +- writeAndLog "Error : Your kernel configuration does not allow file capabilities -> Abort script." +- exit 1 +- fi ++# if ! grep -x "CONFIG_SECURITY_FILE_CAPABILITIES=y" /boot/config-`cat /proc/version | cut -d " " -f 3` &> /dev/null ++# then ++# writeAndLog "Error : Your kernel configuration does not allow file capabilities -> Abort script." ++# exit 1 ++# fi + for tool in $CAPABILITIES_TOOLS + do + if ! command -v "$tool" &>/dev/null diff --git a/system/glyptodon/slack-desc b/system/glyptodon/slack-desc new file mode 100644 index 0000000000000..d9bf57bb2d643 --- /dev/null +++ b/system/glyptodon/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler-----------------------------------------------------| +glyptodon: Glyptodon (file-system analyzer) +glyptodon: +glyptodon: A file-system analyzer and security sacnner for Linux systems. +glyptodon: +glyptodon: Glyptodon was written by Emeric Nasi +glyptodon: +glyptodon: +glyptodon: +glyptodon: +glyptodon: +glyptodon: |