87dd74faf0
Debian and Centos use the same tools but they are installed in different places. In order for collect to work on Debian, make sure that we are trying not use to RPMs on Debian. This is done in the collect-patching script so that the "smart" program is not run. Also kdump uses the /var/lib/kdump path on Debian rather than /var/crash on Centos. Also checked for 'rpm -qa' usage and changed them to 'dpkg -l'. Test Plan PASS Build package PASS Build and install ISO PASS Run the collect -v -all Story: 2009101 Task: 43732 Depends-On: https://review.opendev.org/c/starlingx/tools/+/838327 Signed-off-by: Charles Short <charles.short@windriver.com> Change-Id: I66cf0615f8cab7fe877b6cb09d605557c9258c43
60 lines
1.7 KiB
Bash
Executable File
60 lines
1.7 KiB
Bash
Executable File
#! /bin/bash
|
|
#
|
|
# Copyright (c) 2017 Wind River Systems, Inc.
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
|
|
|
|
# Loads Up Utilities and Commands Variables
|
|
source /usr/local/sbin/collect_parms
|
|
source /usr/local/sbin/collect_utils
|
|
|
|
function is_extended_profile {
|
|
if [ ! -n "${security_profile}" ] || [ "${security_profile}" != "extended" ]; then
|
|
return 0
|
|
else
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
SERVICE="ima"
|
|
LOGFILE="${extradir}/${SERVICE}.info"
|
|
|
|
###############################################################################
|
|
# All Node Types
|
|
###############################################################################
|
|
|
|
is_extended_profile
|
|
if [ "$?" = "0" ] ; then
|
|
exit 0
|
|
fi
|
|
|
|
echo "${hostname}: IMA Info ..........: ${LOGFILE}"
|
|
|
|
delimiter ${LOGFILE} "IMA Kernel Modules"
|
|
lsmod | grep ima >> ${LOGFILE} 2>>${COLLECT_ERROR_LOG}
|
|
|
|
delimiter ${LOGFILE} "Auditd status"
|
|
service auditd status >> ${LOGFILE} 2>>${COLLECT_ERROR_LOG}
|
|
ps -aux | grep audit >> ${LOGFILE} 2>>${COLLECT_ERROR_LOG}
|
|
|
|
mkdir -p ${extradir}/integrity 2>>${COLLECT_ERROR_LOG}
|
|
|
|
delimiter ${LOGFILE} "IMA Runtime Measurement and Violations cache"
|
|
if [ -d "/sys/kernel/security/ima" ]; then
|
|
ls /sys/kernel/security/ima >> ${LOGFILE} 2>>${COLLECT_ERROR_LOG}
|
|
cp -rf /sys/kernel/security/ima ${extradir}/integrity 2>>${COLLECT_ERROR_LOG}
|
|
else
|
|
echo "ERROR: IMA Securityfs directory does not exist!" >> ${LOGFILE}
|
|
fi
|
|
|
|
cp -rf /etc/modprobe.d/ima.conf ${extradir}/integrity 2>>${COLLECT_ERROR_LOG}
|
|
cp -rf /etc/modprobe.d/integrity.conf ${extradir}/integrity 2>>${COLLECT_ERROR_LOG}
|
|
cp -rf /etc/ima.policy ${extradir}/integrity 2>>${COLLECT_ERROR_LOG}
|
|
|
|
# make sure all these collected files are world readible
|
|
chmod -R 755 ${extradir}/integrity
|
|
|
|
exit 0
|