pad92 · June 26, 2012 10:34
diff --git a/discover.sh b/discover.sh
 #!/bin/bash

 # You should be strict ! ( -e )
 # Or want some debug ? ( -x )
 set -e

 # NOTES
 # | mail -s "AWH host check for $HOSTNAME @ $(date +%Y.%m.%d-%H:%M)" [email protected]

 ###
 # {{{ Manifest
 ####################################################### 
 # Discover host for :
 # - migration
 # - check new installation
 # - verifiy old installation for conformity purpise
 #
 # Check domains
 # - apache / apache2
 # - nginx
 # - lighttpd
 # - varnish
 # - php
 # - memcached
 # - mysql
 # - percona
 # - bind
 # - mydns
 # - crontabs
 # - basics system hardening
 # Internal functions
 # - send output to file
 # - send $this->file par mail
 #
 # TODO :
 # - postgresql
 # - CGI-BIN
 #
 # Yannick Foeillet - Alter Way
 #######################################################
 # }}} Manifest

 ### 
 # {{{ CREATE WORKING DIR
 ###
 [ ! -d "/tmp/$$/" ] && $(which mkdir) /tmp/$$ 
 chmod -R 700 /tmp/$$
 # }}}

 ###
 # {{{ INIT
 if [ ! -z "$1" ];then
 	EMAIL=$1
 else
 	EMAIL="root@localhost"
 fi
 SUBJECT=$( $(which echo) "AWH host check for $HOSTNAME @ $(date +%Y.%m.%d-%H:%M)" )
 $(which echo) "SUBJECT:"$SUBJECT > /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 $(which echo) "---------- HOST ANALYSIS ----------" >> /tmp/$$/mail.tmp
 $(which echo) "Date : " $( $(which date) +%Y.%m.%d-%H:%M:%S) >> /tmp/$$/mail.tmp
 $(which echo) "Host : $HOSTNAME" >> /tmp/$$/mail.tmp
 $(which echo) "Arch : " $( $(which dpkg) --print-architecture) >> /tmp/$$/mail.tmp
 $(which echo) "Kernel : " $( $(which uname) -r) >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 $(which echo) "---------- FILESYSTEM SIZE ----------" >> /tmp/$$/mail.tmp
 $(which df) '-h' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} INIT

 ###
 # {{{ APACHE / APACHE2
 $(which echo) "---------- APACHE ----------" >> /tmp/$$/mail.tmp
 $(which dpkg) -l "*apache*" | $(which grep) ^.i | $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} APACHE

 ###
 # {{{ NGINX
 $(which echo) "---------- NGINX ----------" >> /tmp/$$/mail.tmp
 $(which dpkg) -l "*nginx*" | $(which grep) ^.i | $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} NGINX

 ###
 # {{{ LIGHTTPD
 $(which echo) "---------- LIGHTTPD ----------" >> /tmp/$$/mail.tmp
 $(which dpkg) -l "lighttpd*" | $(which grep) ^.i | $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} LIGHTTPD

 ###
 # {{{ VARNISH
 $(which echo) "---------- VARNISH ----------" >> /tmp/$$/mail.tmp
 $(which dpkg) -l "varnish*" | $(which grep) ^.i | $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} VARNISH

 ###
 # {{{ PHP
 $(which echo) "---------- PHP ----------" >> /tmp/$$/mail.tmp
 $(which dpkg) -l "*php*" | $(which grep) ^.i | $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} PHP

 ###
 # {{{ MEMCACHE
 $(which echo) "---------- MEMCACHE ----------" >> /tmp/$$/mail.tmp
 $(which dpkg) -l "memcache*" | $(which grep) ^.i | $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} MEMCACHE

 ###
 # {{{ MySQL
 $(which echo) "---------- MySQL ----------" >> /tmp/$$/mail.tmp
 $(which dpkg) -l "mysql*" | $(which grep) ^.i | $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} MySQL

 ###
 # {{{ PERCONA
 $(which echo) "---------- PERCONA----------" >> /tmp/$$/mail.tmp
 $(which dpkg) -l "percona*" | $(which grep) ^.i | $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} PERCONA

 ###
 # {{{ BIND
 $(which echo) "---------- BIND----------" >> /tmp/$$/mail.tmp
 $(which dpkg) -l "bind*" | $(which grep) ^.i | $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} BIND

 ###
 # {{{ MyDNS
 $(which echo) "---------- MyDNS----------" >> /tmp/$$/mail.tmp
 $(which dpkg) -l "mydns*" | $(which grep) ^.i | $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} MyDNS

 ###
 # {{{ CRONTABS
 $(which echo) "---------- CRONTABS ----------" >> /tmp/$$/mail.tmp
 $(which echo) "   ----- /var/spool/cron/crontabs/ ---" >> /tmp/$$/mail.tmp
 spool_crons=$( $(which ls ) -1 /var/spool/cron/crontabs/)
 for scron in $( $(which echo) $spool_crons );do
 	$(which echo) "      " /var/spool/cron/crontabs/$scron >> /tmp/$$/mail.tmp
 done
 $(which echo) "" >> /tmp/$$/mail.tmp
 $(which echo) "   ----- /etc/cron.d/ ---" >> /tmp/$$/mail.tmp
 etc_crons=$( $(which ls ) -1 /etc/cron.d/)
 for ecron in $( $(which echo) $etc_crons );do
 	$(which echo) "      " /etc/cron.d/$ecron >> /tmp/$$/mail.tmp
 done
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} CRONTABS

 ###
 # {{{ BASIC SYSTEM HARDENING
 # PAM
 $(which echo) "---------- PAM.D/SU CONTROL ----------" >> /tmp/$$/mail.tmp
 pam_su=$( $(which grep) -c -E "auth[[:space:]]*required[[:space:]]*pam_wheel.so" /etc/pam.d/su | $(which grep) -v "^#")
 if [ "$pam_su" -eq "0" ];then
 	$(which echo) "*** pam.d/su not conform ! ***" >> /tmp/$$/mail.tmp	
 fi
 $(which echo) "" >> /tmp/$$/mail.tmp
 # SSHD
 $(which echo) "---------- SSHD_PERMIT_ROOT_LOGIN CONTROL ----------" >> /tmp/$$/mail.tmp
 $(which grep) -E -i PermitRootLogin /etc/ssh/sshd_config | $(which grep) -v "^#" | $(which awk) '$2 ~ /yes/ {print "*** Security alert : "$0" ***"}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # GROUP
 $(which echo) "---------- NEXEN_IN_ROOT_GROUP CONTROL ----------" >> /tmp/$$/mail.tmp
 $(which grep) -E "^root" /etc/group | $(which awk) -F":" '$0 !~ /nexen/ {print "*** Security alert : "$0" ***"}' >> /tmp/$$/mail.tmp
 $(which echo) "" >> /tmp/$$/mail.tmp
 # }}} BASIC SYSTEM HARDENING

 # {{{ REPORT
 $(which cat) /tmp/$$/mail.tmp | $(which sendmail) $EMAIL
 # }}} REPORT

 ### 
 # {{{ DELETE EXISTING WORKING DIR
 ###
 [ -d "/tmp/$$/" ] && $(which rm) -rf /tmp/$$
 # }}}

 ###
 #{{{ vim vars
 # vim: ts=4 sw=4 fdm=marker
 # }}}
	#!/bin/bash

	# You should be strict ! ( -e )
	# Or want some debug ? ( -x )
	set -e

	# NOTES
	# \| mail -s "AWH host check for $HOSTNAME @ $(date +%Y.%m.%d-%H:%M)" [email protected]

	###
	# {{{ Manifest
	#######################################################
	# Discover host for :
	# - migration
	# - check new installation
	# - verifiy old installation for conformity purpise
	#
	# Check domains
	# - apache / apache2
	# - nginx
	# - lighttpd
	# - varnish
	# - php
	# - memcached
	# - mysql
	# - percona
	# - bind
	# - mydns
	# - crontabs
	# - basics system hardening
	# Internal functions
	# - send output to file
	# - send $this->file par mail
	#
	# TODO :
	# - postgresql
	# - CGI-BIN
	#
	# Yannick Foeillet - Alter Way
	#######################################################
	# }}} Manifest

	###
	# {{{ CREATE WORKING DIR
	###
	[ ! -d "/tmp/$$/" ] && $(which mkdir) /tmp/$$
	chmod -R 700 /tmp/$$
	# }}}

	###
	# {{{ INIT
	if [ ! -z "$1" ];then
	EMAIL=$1
	else
	EMAIL="root@localhost"
	fi
	SUBJECT=$( $(which echo) "AWH host check for $HOSTNAME @ $(date +%Y.%m.%d-%H:%M)" )
	$(which echo) "SUBJECT:"$SUBJECT > /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	$(which echo) "---------- HOST ANALYSIS ----------" >> /tmp/$$/mail.tmp
	$(which echo) "Date : " $( $(which date) +%Y.%m.%d-%H:%M:%S) >> /tmp/$$/mail.tmp
	$(which echo) "Host : $HOSTNAME" >> /tmp/$$/mail.tmp
	$(which echo) "Arch : " $( $(which dpkg) --print-architecture) >> /tmp/$$/mail.tmp
	$(which echo) "Kernel : " $( $(which uname) -r) >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	$(which echo) "---------- FILESYSTEM SIZE ----------" >> /tmp/$$/mail.tmp
	$(which df) '-h' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} INIT

	###
	# {{{ APACHE / APACHE2
	$(which echo) "---------- APACHE ----------" >> /tmp/$$/mail.tmp
	$(which dpkg) -l "apache" \| $(which grep) ^.i \| $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} APACHE

	###
	# {{{ NGINX
	$(which echo) "---------- NGINX ----------" >> /tmp/$$/mail.tmp
	$(which dpkg) -l "nginx" \| $(which grep) ^.i \| $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} NGINX

	###
	# {{{ LIGHTTPD
	$(which echo) "---------- LIGHTTPD ----------" >> /tmp/$$/mail.tmp
	$(which dpkg) -l "lighttpd*" \| $(which grep) ^.i \| $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} LIGHTTPD

	###
	# {{{ VARNISH
	$(which echo) "---------- VARNISH ----------" >> /tmp/$$/mail.tmp
	$(which dpkg) -l "varnish*" \| $(which grep) ^.i \| $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} VARNISH

	###
	# {{{ PHP
	$(which echo) "---------- PHP ----------" >> /tmp/$$/mail.tmp
	$(which dpkg) -l "php" \| $(which grep) ^.i \| $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} PHP

	###
	# {{{ MEMCACHE
	$(which echo) "---------- MEMCACHE ----------" >> /tmp/$$/mail.tmp
	$(which dpkg) -l "memcache*" \| $(which grep) ^.i \| $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} MEMCACHE

	###
	# {{{ MySQL
	$(which echo) "---------- MySQL ----------" >> /tmp/$$/mail.tmp
	$(which dpkg) -l "mysql*" \| $(which grep) ^.i \| $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} MySQL

	###
	# {{{ PERCONA
	$(which echo) "---------- PERCONA----------" >> /tmp/$$/mail.tmp
	$(which dpkg) -l "percona*" \| $(which grep) ^.i \| $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} PERCONA

	###
	# {{{ BIND
	$(which echo) "---------- BIND----------" >> /tmp/$$/mail.tmp
	$(which dpkg) -l "bind*" \| $(which grep) ^.i \| $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} BIND

	###
	# {{{ MyDNS
	$(which echo) "---------- MyDNS----------" >> /tmp/$$/mail.tmp
	$(which dpkg) -l "mydns*" \| $(which grep) ^.i \| $(which awk) '{print $2" : "$3}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} MyDNS

	###
	# {{{ CRONTABS
	$(which echo) "---------- CRONTABS ----------" >> /tmp/$$/mail.tmp
	$(which echo) " ----- /var/spool/cron/crontabs/ ---" >> /tmp/$$/mail.tmp
	spool_crons=$( $(which ls ) -1 /var/spool/cron/crontabs/)
	for scron in $( $(which echo) $spool_crons );do
	$(which echo) " " /var/spool/cron/crontabs/$scron >> /tmp/$$/mail.tmp
	done
	$(which echo) "" >> /tmp/$$/mail.tmp
	$(which echo) " ----- /etc/cron.d/ ---" >> /tmp/$$/mail.tmp
	etc_crons=$( $(which ls ) -1 /etc/cron.d/)
	for ecron in $( $(which echo) $etc_crons );do
	$(which echo) " " /etc/cron.d/$ecron >> /tmp/$$/mail.tmp
	done
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} CRONTABS

	###
	# {{{ BASIC SYSTEM HARDENING
	# PAM
	$(which echo) "---------- PAM.D/SU CONTROL ----------" >> /tmp/$$/mail.tmp
	pam_su=$( $(which grep) -c -E "auth[[:space:]]required[[:space:]]pam_wheel.so" /etc/pam.d/su \| $(which grep) -v "^#")
	if [ "$pam_su" -eq "0" ];then
	$(which echo) "* pam.d/su not conform ! *" >> /tmp/$$/mail.tmp
	fi
	$(which echo) "" >> /tmp/$$/mail.tmp
	# SSHD
	$(which echo) "---------- SSHD_PERMIT_ROOT_LOGIN CONTROL ----------" >> /tmp/$$/mail.tmp
	$(which grep) -E -i PermitRootLogin /etc/ssh/sshd_config \| $(which grep) -v "^#" \| $(which awk) '$2 ~ /yes/ {print "* Security alert : "$0" *"}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# GROUP
	$(which echo) "---------- NEXEN_IN_ROOT_GROUP CONTROL ----------" >> /tmp/$$/mail.tmp
	$(which grep) -E "^root" /etc/group \| $(which awk) -F":" '$0 !~ /nexen/ {print "* Security alert : "$0" *"}' >> /tmp/$$/mail.tmp
	$(which echo) "" >> /tmp/$$/mail.tmp
	# }}} BASIC SYSTEM HARDENING

	# {{{ REPORT
	$(which cat) /tmp/$$/mail.tmp \| $(which sendmail) $EMAIL
	# }}} REPORT

	###
	# {{{ DELETE EXISTING WORKING DIR
	###
	[ -d "/tmp/$$/" ] && $(which rm) -rf /tmp/$$
	# }}}

	###
	#{{{ vim vars
	# vim: ts=4 sw=4 fdm=marker
	# }}}