int fs_init() { int i; char *bufferFAT = (char *) fat; /*for(i=0;i<32;i++){ if(!le_bloco((char *) fat, i)){ printf("Falha ao carregar o sistema de fat!\n"); return 0; } }*/ /*Carrega para a memória o sistema a FAT, começando do cluster 0 até o 32, multiplicando por 8 para obter cada setor contido */ for (i=0;i<(32*8);i++) { //versão arthur, queria mudar pra minha =/ if(!bl_read(i, &bufferFAT[SECTORSIZE*i])){ printf("Falha ao carregar o sistema de fat!\n"); return 0; } } /*Carrego o arquivo de diretórios utilizando */ if(!le_bloco((char *) dir, 32)){ printf("Falha ao carregar o sistema de diretórios!\n"); return 0; } /*Todos os ids vão pra -1, se ele é negativo, não é um arquivo aberto válido*/ for(i=0; i<128; i++){ file_list[i].id = -1; } checkdisk(); return 1; }
//************************************************************** // Main <smile> All sub-programs/functions should be called // from here. Note: they should also be listed in lciheader.h //************************************************************** int main(int argc, char *argv[]) { int retval=0; // a return value indicator int verbose=0; // for verbosity // note: switches: //lci -a = advanced help //lci -d = perform a diff of the md5output and old md5output //lci -v = verbose, verbose = 1 //lci = slightly verbose, verbose = 0, // the module name is printed as it performes each module //lci -s = silent, verbose = -1, nothing printed at all. //lci -r = run checkrpm module. //lci -m = force a distribution mode, e.g. lci -m redhat //lci -h = give help output //lci -o outfile = put output in outfile instead of lci.out //lci -w = print output in html format //lci -x module = exclude module from checks int diff=0; // do we run the md5 diff? int rpmmodule=0; // do we run the rpm module? int inetexists=0; // if inetd.conf exists, this is 1 int distribution=1; // what distro are we on? // -1=user specified a distro, its in man_distro // 1=redhat // 2=debian // 3=solaris // 4=gentoo // 5=macosx // 6=slackware // default = redhat int html=0; // html output? // html = 0: normal output //html = 1: user wants html output char release[50]; // array for release level char kernel[50]; // what kernel user is running static char *man_distro; // if the user specifies a distribution const char * header =NULL; // to print out the header static char *out_file = "lci.out"; // output filename var char xlist[100]; // modules to exclude int xarray[33] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; int somethinginxlist = 0; // note if no filename given, default = lci.out FILE *tempptr; // a temp file pointer uid_t uidme; uidme = getuid(); // we used to set the umask of the user here... // note that does not work all of the time. // instead use open with options below. Also, // warn user at bottom about setting umask to // sensible value before modifying files. // we will again try to set umask here... mode_t old_umask; old_umask=(umask(0177)); // Now do options processing int i; for (i=1; i < argc; i++) { if(argv[i][0] == '-') { switch (argv[i][1]) { case 'a': usage(); break; case 'h': usage(); break; case 'd': diff = 1; break; case 'm': strcpy(man_distro, argv[i]+3); break; case 'o': strcpy(out_file, argv[i]+3); break; case 'r': rpmmodule = 1; break; case 's': verbose = -1; break; case 'v': verbose = 1; break; case 'w': html = 1; out_file="lci.html"; break; case 'x': strcpy(xlist,argv[i]+3); somethinginxlist = 1; break; default : usage(); break; } } } if (!out_file) // if no filename after -o { usage(); // note usage() will exit lci } // if an exclude list was given, parse the file and // fill the array of excludes.. if (somethinginxlist == 1) { if (findexclude(xlist, xarray) != 0) { // something went wrong perror("Error reading exclude list...\n"); return(-1); } } // check if output exists, if it does, make a // backup and rm the orig. named one. tempptr = fopen(out_file, "r"); if (tempptr != 0) { // output file exists // make a backup copy char *newname = NULL; if ((newname = (char *) calloc(2, sizeof(out_file))) == NULL) { perror("Can not allocate temp memory in lcimain.\n"); perror("Strange. Bailing...\n"); exit(-1); } fclose(tempptr); // add .old onto the old outfile name sprintf(newname, "%s.old", out_file); // gnu, but should be ok... // whoops, we are now failure checking this... retval = 0; retval = rename(out_file, newname); if (retval < 0) { // damn, rename bombed perror("GNU rename bombed in lcimain.\n"); perror("Very odd, you should have seen errors, report them :) \n"); exit(-1); } // free up calloc'd mem free(newname); } // now that we have a backup, remove the outfile // don't care about failure here... remove(out_file); // not seem to work 100% of the time on my system // for making files w/chmod 0600... // reverting to open with options... retval = 0; if ((retval = open(out_file, O_RDWR | O_CREAT | O_EXCL, 0600)) < 0) { perror("Could not make file w/perms 0600...\n"); perror("Possible link attack while creating/opening file!\n"); perror("Bailing in lcimain...\n"); exit(-1); } // we print this out no matter what verbose is printf("Starting LCI...\n"); // remove old tempfiles (if lci got killed) // if this fails, we should stop _now_! if (rm() < 0) { perror("Could not remove tempfiles during startup.\n"); perror("You may need root permissions to do this.\n"); return(-1); } // read that in, check kernel version and "release" if (verbose >= 0) { printf("Getting system information...\n"); } retval = versions(release, kernel, verbose); if (retval < 0) { // something went wrong... perror("Problem in versions function.\n"); return(0); } // note about Mandrake: until I can find vast differences // between RedHat/Mandrake in terms of configs, we assume // that it is redhat and don't check /etc/mandrake_rel... // simple check to see if we are on RedHat or Debian // first, did the user specify a distro? if (distribution != -1) { if ((system("cat /etc/redhat-release 1>/dev/null 2>/dev/null >/dev/null")) == 0) { // we are on redhat distribution = 1; } if ((system("cat /etc/debian_version 1>/dev/null 2>/dev/null >/dev/null")) == 0) { // we are on debian distribution = 2; } if ((system("uname |grep SunOS 1>/dev/null 2>/dev/null >/dev/null")) == 0) { // we are on Solaris/SunOS distribution = 3; } if ((system("uname -a |grep gentoo 1>/dev/null 2>/dev/null >/dev/null")) == 0) { // we are on gentoo distribution = 4; } if ((system("uname |grep Darwin 1>/dev/null 2>/dev/null >/dev/null")) == 0) { // we are on Mac OSX distribution = 5; } if ((system("cat /etc/slackware-version 1>/dev/null 2>/dev/null >/dev/null")) == 0) // JTO { // we are on slack distribution = 6; } } if (distribution == -1) { // user specified a distribution if ((strcmp(man_distro, "redhat")) == 0) { // redhat distribution = 1; } if ((strcmp(man_distro, "centos")) == 0) { // CentOS, RHEL-alike distribution = 1; } if ((strcmp(man_distro, "caos")) == 0) { // CaOS, RHL-alike distribution = 1; } if ((strcmp(man_distro, "fedora")) == 0) { // Post-RHL distribution = 1; } if ((strcmp(man_distro, "debian")) == 0) { // debian distribution = 2; } if ((strcmp(man_distro, "solaris")) == 0) { // solaris distribution = 3; } if ((strcmp(man_distro, "mandrake")) == 0) { // mandrake, same as redhat, sortof distribution = 1; } if ((strcmp(man_distro, "gentoo")) == 0) { // gentoo distribution = 4; } if ((strcmp(man_distro, "macosx")) == 0) { // Mac OSX distribution = 5; } if ((strcmp(man_distro, "slackware")) == 0) // JTO { // slackware- JTO distribution = 6; } // default is redhat else { distribution = 1; } } // end if (distribution == -1) // ********* checks are below *****************// // ok, we should have enough info, run the checks if (verbose >= 0) { printf("Running modules...\n"); } // we need to make a header if html = 1, as this // could confuse the issue by putting it in the // first module... call dostuff here... if (html == 1) { html = 2; // this tells dostuff to write out header html header = "\n"; // can't be NULL if ((dostuff(0, out_file, 0, header, html)) < 0) { // something went wrong perror(" Creation of list failed."); return (-1); } html = 1; // change html int back to one } // run checkpkgs // did user put it in exclude list? if (xarray[0] == 0 ) { retval = 0; retval = checkpkgs(distribution, out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkpkgs module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // run checkrpm if rpmmodule = 1 and distribution =1 // did user put it in exclude list? if (xarray[1] == 0) { retval = 0; if ((rpmmodule == 1) && (distribution == 1)) { retval = checkrpm(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkrpm module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } } // run checkinetd // did user put it in exclude list? if (xarray[2] == 0) { // if hosts file exists run checkhostsfiles inetexists = checkinetd(out_file,distribution, verbose, html); // if inetexists == 1, it does! // if inetexists == 0, it does not... // if inetexists == -1, we had some problems. if (inetexists == 1) { checkhostsfiles(out_file, verbose, html); } if (inetexists == 0) { // do nothing... ; } if (inetexists == -1) { // there was a problem. User should have seen // messages from checkinetd program. // do nothing here and continue... // module bombed, clean up rm(); } } // check inittab // did user put it in exclude list? if (xarray[3] == 0) { retval = 0; retval = checkinittab(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkinittab module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // check logging // did user put it in exclude list? if (xarray[4] == 0) { retval = 0; retval = checklogging(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checklogging module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // check for setuid/setgid files // did user put it in exclude list? if (xarray[5] == 0) { retval = 0; retval = checkset(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkset module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // check for world writable files/directories // did user put it in exclude list? if (xarray[6] == 0) { retval = 0; retval = checkwrite(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkwrite module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // check for .exrc and .forward files // did user put it in exclude list? if (xarray[7] == 0) { retval = 0; retval = checkdotfiles(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkdotfiles module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // check /etc/passwd for uid 0 other than // root and users not needed on the sys. // did user put it in exclude list? if (xarray[8] == 0) { retval = 0; retval = checkpasswd(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkpasswd module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // check to see if sticky bits are set // on /tmp & /var/tmp. I will add more // to this later on... // did user put it in exclude list? if (xarray[9] == 0) { retval = 0; retval = checkfiles(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkfiles module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // did user put it in exclude list? if (xarray[10] == 0) { retval = 0; retval = checkumask(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in chumask module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // did user put it in exclude list? if (xarray[11] == 0) { retval = 0; retval = checkftpusers(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkftpusers module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // did user put it in exclude list? if (xarray[12] == 0) { retval = 0; retval = checkrc(release, kernel, distribution, out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkrc module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // did user put it in exclude list? if (xarray[13] == 0) { retval = 0; retval = checkkbd(release, out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkkbd module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // did user put it in exclude list? if (xarray[14] == 0) { if (distribution != 6) // need to fix for slack, JTO { retval = 0; retval = checklimits(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checklimits module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // end if its not slack if statement } // did user put it in exclude list? if (xarray[15] == 0) { retval = 0; retval = checkssh(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong.. perror("Problem in checkssh module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } // did user put it in exclude list? if (xarray[16] == 0) { retval = 0; retval = checkopenfiles(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong.. perror("Problem in checkopenfiles module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } // did user put it in exclude list? if (xarray[17] == 0) { retval = 0; retval = checkissue(out_file, verbose, html); if (retval < 0) { // something went wrong.. perror("Problem in checksissue module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } // did user put it in exclude list? if (xarray[18] == 0) { retval = 0; retval = checkwww(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong.. perror("Problem in checkwww module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } // did user put it in exclude list? if (xarray[19] == 0) { retval = 0; retval = checkmd5(out_file, distribution, verbose, html, diff); if (retval < 0) { // something went wrong.. perror("Problem in checkmd5 module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } // did user put it in exclude list? if (xarray[20] == 0) { if ((distribution != 3) && (distribution !=5)) // we are not on Solaris, so we can run this module { retval = 0; retval = checkmodules(out_file, verbose, html); if (retval < 0) { // something went wrong.. perror("Problem in checkmodules module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } } // did user put it in exclude list? if (xarray[21] == 0) { retval = 0; retval = checksecuretty(out_file, verbose, html); if (retval < 0) { // something went wrong.. perror("Problem in checksecuretty module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } // did user put it in exclude list? if (xarray[22] == 0) { retval = 0; retval = checkrcperms(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkrcperms module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } // did user put it in exclude list? if (xarray[23] == 0) { retval = 0; retval = checknet(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checknet module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // did user put it in exclude list? if (xarray[24] == 0) { retval = 0; retval = checknetforward(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checknetforward module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } // did user put it in exclude list? if (xarray[25] == 0) { if ((distribution !=3) && (distribution != 5)) { // we are on linux... retval = 0; retval = checknetp(kernel, out_file, distribution, verbose, html); if (retval < 0) { perror("Problem in checknetpromisc module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } } // did user put it in exclude list? if (xarray[26] == 0) { if (distribution == 1) // redhat (or derived) specific { retval = 0; retval = checkcfg(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkcfg module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } } // did user put it in exclude list? if (xarray[27] == 0) { if ((distribution !=3) && (distribution != 5)) // we are on linux { retval = 0; retval = checkbpass(distribution, out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkbpass module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } } // did user put it in exclude list? if (xarray[28] == 0) { if ((distribution != 3) && (distribution != 5)) // we are on linux { retval = 0; retval = checkipv4(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkipv4 module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } } // did user put it in exclude list? if (xarray[29] == 0) { if ((distribution !=3) && (distribution !=5)) // we are on linux { retval = 0; retval = checkx(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkx module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } } // did user put it in exclude list? if (xarray[30] == 0) { if ((distribution !=3) && (distribution !=5)) // we are on linux { retval = 0; retval = checkftp(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkftp module.\n"); perror("You should have seen errors...\n"); // module bombed, clean up rm(); return(0); } } } // did user put it in exclude list? if (xarray[31] == 0) { retval = 0; retval = checklistening(out_file, distribution, verbose, html); if (retval < 0) { // something went wrong.. perror("Problem in checklistening module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } // did user put it in exclude list? if (xarray[32] == 0) { retval = 0; retval = checkdisk(out_file, verbose, html); if (retval < 0) { // something went wrong... perror("Problem in checkdisk module.\n"); perror("You should have seen errors...\n"); rm(); return(0); } } // this is to put a footer html at the end of the output // file if the user wanted html output. if (html == 1) { html = 3; // tells dostuff to do an html footer header = "\n"; // can't be NULL if ((dostuff(0, out_file, 0, header, html)) < 0) { // something went wrong perror(" Creation of list failed."); return (-1); } html = 1; // set html int back... habit } else { // print a general footer header = "\n"; if ((dostuff(0, out_file, 0, header, 0)) < 0) { // something went wrong perror(" Creation of footer failed."); return(-1); } } // tell the user we are finished and where the output is // we print this out no matter what verbose is printf("Finished.\n"); printf("Check %s for details.\n", out_file); // in silent mode we don't say much if (verbose >= 0) { printf("Don't forget to check your umask or file perms\n"); printf("when modifying files on the system.\n"); } // set the umask back... umask(old_umask); return(0); }