add auditd config cli

3 years ago · 2b0dd2b386
parent f213611171
commit 2b0dd2b386
5 changed files with 72 additions and 0 deletions
--- a/DESTDIR/.gitignore
+++ b/DESTDIR/.gitignore
@ -0,0 +1,2 @@
+etc/audit/auditd.conf
+var/lib/linux-infosec-setupper/audit/auditd-conf.sh
--- a/4
+++ b/4
@ -2,7 +2,11 @@ all:
 	cd po/back_auditd ; msgfmt -o linux-infosec-setupper-back_auditd.mo ru.po

 install:
+	# bin is for scripts which will run sbin/* via pkexec
 	#mkdir -p $(DESTDIR)/usr/bin
+	# sbin is for executables
+	mkdir -p $(DESTDIR)/usr/sbin
+	install -m0755 front_auditd_cli.sh $(DESTDIR)/usr/sbin/linux-infosec-setupper-auditd-cli
 	mkdir -p $(DESTDIR)/usr/share/linux-infosec-setupper
 	mkdir -p $(DESTDIR)/usr/share/linux-infosec-setupper/audit
 	#mkdir -p $(DESTDIR)/usr/share/linux-infosec-setupper/pwquality
--- a/common.sh
+++ b/common.sh
@ -16,6 +16,11 @@ AUDIT_DAEMON_SYSTEMD_OVERRIDE="${DESTDIR}/etc/systemd/system/auditd.service.d/90
 # validate email, https://stackoverflow.com/a/2138832, https://stackoverflow.com/a/41192733
 REGEX_EMAIL="^[a-z0-9!#\$%&'*+/=?^_\`{|}~-]+(\.[a-z0-9!#$%&'*+/=?^_\`{|}~-]+)*@([a-z0-9]([a-z0-9-]*[a-z0-9])?\.)+[a-z0-9]([a-z0-9-]*[a-z0-9])?\$"

+_echo() {
+	printf -- "$@"
+	echo ''
+}
+
 error() {
 	printf -- "$@" 1>&2
 	echo '' 1>&2
--- a/front_auditd_cli.sh
+++ b/front_auditd_cli.sh
@ -0,0 +1,60 @@
+#!/bin/bash
+set -e
+
+# detect running from git tree
+if [ -f ./common.sh ] && [ -f "$0" ]
+then
+	source common.sh
+	source back_auditd.sh
+else
+	source /usr/share/linux-infosec-setupper/common.sh
+	source "${SHARE_DIR_PWQUALITY}/back_auditd.sh"
+fi
+
+_audit_variables
+
+_echo_help(){
+	_echo $"This is generator of auditd config"
+	_echo $"Run as: %s [--parameter value] [--parameter value]" "$0"
+	_echo $"Supported parameters of auditd and their default values are:"
+	cat << EOF
+--local_events "$local_events"
+--log_file "$log_file"
+--write_logs "$write_logs"
+--log_format "$log_format"
+--log_group "$log_group"
+--priority_boost "$priority_boost"
+--flush "$flush"
+--freq "$freq"
+--max_log_fileaction "$max_log_fileaction"
+--num_logs "$num_logs"
+--disp_qos "$disp_qos"
+--dispatcher "$dispatcher"
+--distribute_network "$distribute_network"
+--name_format "$name_format"
+--name "$name"
+--max_log_file "$max_log_file"
+--action_mail_acct "$action_mail_acct"
+--space_left "$space_left"
+--space_left_action "$space_left_action"
+--disk_full_action "$disk_full_action"
+--disk_error_action "$disk_error_action"
+--tcp_listen_port "$tcp_listen_port"
+--tcp_max_per_addr "$tcp_max_per_addr"
+EOF
+}
+
+_main(){
+	if [[ "$@" =~ (\-\-help|\-h)($|[[:space:]]) ]]; then
+		_echo_help
+		exit 0
+	fi
+	if [ -z "$(echo "$@")" ]; then
+		_echo_help
+		exit 1
+	fi
+	_mk_auditd_config $@
+	_write_auditd_config
+}
+
+_main $@
--- a/linux-infosec-setupper.spec
+++ b/linux-infosec-setupper.spec
@ -44,6 +44,7 @@ Requires: audit
 CLI and backend to setup auditd configs

 %files auditd-cli
+%{_sbindir}/linux-infosec-setupper-auditd-cli
 %dir %{_datadir}/linux-infosec-setupper/audit
 %{_datadir}/linux-infosec-setupper/audit/back_auditd.sh
 %dir %attr(0700,root,root) /var/lib/linux-infosec-setupper/audit