thomd · March 3, 2012 19:52
diff --git a/check4change.sh b/check4change.sh
 #!/bin/sh

 # poor man's intrusion detection.
 #
 # usage:
 #
 #   (1) add website to git:
 #           ssh my-webserver
 #           cd web-root-folder
 #           git init
 #           git add .
 #           git ci -m "my uncompromised website"
 #
 #   (2) setup cronjob (check every 6 hours):
 #           MAILTO=""
 #           0 */6 * * * /this/script /path/to/workingcopy/to/observe mail-address
 #

 die() {
  echo >&2 "$@"
  exit 1
 }

 function parse_git_dirty {
  [[ $(/usr/local/bin/ --git-dir=$1/.git --work-tree=$1 status 2> /dev/null | tail -n1) != "nothing to commit (working directory clean)" ]]
 }


 [ "$#" -eq 2 ] || die "usage:\n $(basename $0) <workingcopy> <mailto>"

 if ( parse_git_dirty $1 ); then
  /usr/local/bin/ --git-dir=$1/.git --work-tree=$1 status | mail -s "changes on $(hostname) in $1" $2
 fi

 # vim:ft=sh
	#!/bin/sh

	# poor man's intrusion detection.
	#
	# usage:
	#
	# (1) add website to git:
	# ssh my-webserver
	# cd web-root-folder
	# git init
	# git add .
	# git ci -m "my uncompromised website"
	#
	# (2) setup cronjob (check every 6 hours):
	# MAILTO=""
	# 0 /6 * * /this/script /path/to/workingcopy/to/observe mail-address
	#

	die() {
	echo >&2 "$@"
	exit 1
	}

	function parse_git_dirty {
	[[ $(/usr/local/bin/ --git-dir=$1/.git --work-tree=$1 status 2> /dev/null \| tail -n1) != "nothing to commit (working directory clean)" ]]
	}


	[ "$#" -eq 2 ] \|\| die "usage:\n $(basename $0) <workingcopy> <mailto>"

	if ( parse_git_dirty $1 ); then
	/usr/local/bin/ --git-dir=$1/.git --work-tree=$1 status \| mail -s "changes on $(hostname) in $1" $2
	fi

	# vim:ft=sh