int create_db()
{
int i = 0;
/* Create store data */
syscheck.fp = OSHash_Create();
if (!syscheck.fp) {
ErrorExit("%s: Unable to create syscheck database."
". Exiting.", ARGV0);
}
if (!OSHash_setSize(syscheck.fp, 2048)) {
merror(LIST_ERROR, ARGV0);
return (0);
}
if ((syscheck.dir == NULL) || (syscheck.dir[0] == NULL)) {
merror("%s: No directories to check.", ARGV0);
return (-1);
}
merror("%s: INFO: Starting syscheck database (pre-scan).", ARGV0);
/* Read all available directories */
__counter = 0;
do {
if (read_dir(syscheck.dir[i], syscheck.opts[i], syscheck.filerestrict[i]) == 0) {
#ifdef WIN32
if (syscheck.opts[i] & CHECK_REALTIME) {
realtime_adddir(syscheck.dir[i]);
}
#endif
}
i++;
} while (syscheck.dir[i] != NULL);
#if defined (INOTIFY_ENABLED) || defined (WIN32)
if (syscheck.realtime && (syscheck.realtime->fd >= 0)) {
verbose("%s: INFO: Real time file monitoring started.", ARGV0);
}
#endif
merror("%s: INFO: Finished creating syscheck database (pre-scan "
"completed).", ARGV0);
return (0);
}
static int read_dir(const char *dir_name, int opts, OSMatch *restriction)
{
size_t dir_size;
char f_name[PATH_MAX + 2];
short is_nfs;
DIR *dp;
struct dirent *entry;
f_name[PATH_MAX + 1] = '\0';
/* Directory should be valid */
if ((dir_name == NULL) || ((dir_size = strlen(dir_name)) > PATH_MAX)) {
merror(NULL_ERROR, ARGV0);
return (-1);
}
/* Should we check for NFS? */
if(syscheck.skip_nfs)
{
is_nfs = IsNFS(dir_name);
if(is_nfs != 0)
{
// Error will be -1, and 1 means skipped
return(is_nfs);
}
}
/* Open the directory given */
dp = opendir(dir_name);
if (!dp) {
if (errno == ENOTDIR) {
if (read_file(dir_name, opts, restriction) == 0) {
return (0);
}
}
#ifdef WIN32
int di = 0;
char *(defaultfilesn[]) = {
"C:\\autoexec.bat",
"C:\\config.sys",
"C:\\WINDOWS/System32/eventcreate.exe",
"C:\\WINDOWS/System32/eventtriggers.exe",
"C:\\WINDOWS/System32/tlntsvr.exe",
"C:\\WINDOWS/System32/Tasks",
NULL
};
while (defaultfilesn[di] != NULL) {
if (strcmp(defaultfilesn[di], dir_name) == 0) {
break;
}
di++;
}
if (defaultfilesn[di] == NULL) {
merror("%s: WARN: Error opening directory: '%s': %s ",
ARGV0, dir_name, strerror(errno));
}
#else
merror("%s: WARN: Error opening directory: '%s': %s ",
ARGV0,
dir_name,
strerror(errno));
#endif /* WIN32 */
return (-1);
}
/* Check for real time flag */
if (opts & CHECK_REALTIME) {
#if defined(INOTIFY_ENABLED) || defined(WIN32)
realtime_adddir(dir_name);
#else
merror("%s: WARN: realtime monitoring request on unsupported system for '%s'",
ARGV0,
dir_name
);
#endif
}
while ((entry = readdir(dp)) != NULL) {
char *s_name;
/* Ignore . and .. */
if ((strcmp(entry->d_name, ".") == 0) ||
(strcmp(entry->d_name, "..") == 0)) {
continue;
}
strncpy(f_name, dir_name, PATH_MAX);
s_name = f_name;
s_name += dir_size;
/* Check if the file name is already null terminated */
if (*(s_name - 1) != '/') {
*s_name++ = '/';
}
*s_name = '\0';
strncpy(s_name, entry->d_name, PATH_MAX - dir_size - 2);
/* Check integrity of the file */
read_file(f_name, opts, restriction);
}
closedir(dp);
return (0);
}
