1 /* Copyright (C) 2010 Trend Micro Inc.
2  * All rights reserved.
3  *
4  * This program is a free software; you can redistribute it
5  * and/or modify it under the terms of the GNU General Public
6  * License (version 2) as published by the FSF - Free Software
7  * Foundation.
8  */
9 
10 #ifdef ARGV0
11 #undef ARGV0
12 #define ARGV0 "ossec-testrule"
13 #endif
14 
15 #include "shared.h"
16 #include "active-response.h"
17 #include "config.h"
18 #include "rules.h"
19 #include "stats.h"
20 #include "lists_make.h"
21 #include "eventinfo.h"
22 #include "analysisd.h"
23 
24 /** Global definitions **/
25 int today;
26 int thishour;
27 int prev_year;
28 char prev_month[4];
29 int __crt_hour;
30 int __crt_wday;
31 time_t c_time;
32 char __shost[512];
33 OSDecoderInfo *NULL_Decoder;
34 
35 /* print help statement */
36 __attribute__((noreturn))
help_makelists(void)37 static void help_makelists(void)
38 {
39     print_header();
40     print_out("  %s: -[VhdtF] [-u user] [-g group] [-c config] [-D dir]", ARGV0);
41     print_out("    -V          Version and license message");
42     print_out("    -h          This help message");
43     print_out("    -d          Execute in debug mode. This parameter");
44     print_out("                can be specified multiple times");
45     print_out("                to increase the debug level.");
46     print_out("    -t          Test configuration");
47     print_out("    -F          Force rebuild of all databases");
48     print_out("    -u <user>   User to run as (default: %s)", USER);
49     print_out("    -g <group>  Group to run as (default: %s)", GROUPGLOBAL);
50     print_out("    -c <config> Configuration file to use (default: %s)", DEFAULTCPATH);
51     print_out("    -D <dir>    Directory to chroot into (default: %s)", DEFAULTDIR);
52     print_out(" ");
53     exit(1);
54 }
55 
main(int argc,char ** argv)56 int main(int argc, char **argv)
57 {
58     int test_config = 0;
59     int c = 0;
60     const char *dir = DEFAULTDIR;
61     const char *user = USER;
62     const char *group = GROUPGLOBAL;
63     uid_t uid;
64     gid_t gid;
65     int force = 0;
66 
67     const char *cfg = DEFAULTCPATH;
68 
69     /* Set the name */
70     OS_SetName(ARGV0);
71 
72     thishour = 0;
73     today = 0;
74     prev_year = 0;
75     memset(prev_month, '\0', 4);
76 
77     while ((c = getopt(argc, argv, "VdhFtu:g:D:c:")) != -1) {
78         switch (c) {
79             case 'V':
80                 print_version();
81                 break;
82             case 'h':
83                 help_makelists();
84                 break;
85             case 'd':
86                 nowDebug();
87                 break;
88             case 'u':
89                 if (!optarg) {
90                     ErrorExit("%s: -u needs an argument", ARGV0);
91                 }
92                 user = optarg;
93                 break;
94             case 'g':
95                 if (!optarg) {
96                     ErrorExit("%s: -g needs an argument", ARGV0);
97                 }
98                 group = optarg;
99                 break;
100             case 'D':
101                 if (!optarg) {
102                     ErrorExit("%s: -D needs an argument", ARGV0);
103                 }
104                 dir = optarg;
105                 break;
106             case 'c':
107                 if (!optarg) {
108                     ErrorExit("%s: -c needs an argument", ARGV0);
109                 }
110                 cfg = optarg;
111                 break;
112             case 'F':
113                 force = 1;
114                 break;
115             case 't':
116                 test_config = 1;
117                 break;
118             default:
119                 help_makelists();
120                 break;
121         }
122     }
123 
124     /* Check if the user/group given are valid */
125     uid = Privsep_GetUser(user);
126     gid = Privsep_GetGroup(group);
127     if (uid == (uid_t) - 1 || gid == (gid_t) - 1) {
128         ErrorExit(USER_ERROR, ARGV0, user, group);
129     }
130 
131     /* Found user */
132     debug1(FOUND_USER, ARGV0);
133 
134     /* Read configuration file */
135     if (GlobalConf(cfg) < 0) {
136         ErrorExit(CONFIG_ERROR, ARGV0, cfg);
137     }
138 
139     debug1(READ_CONFIG, ARGV0);
140 
141     /* Set the group */
142     if (Privsep_SetGroup(gid) < 0) {
143         ErrorExit(SETGID_ERROR, ARGV0, group, errno, strerror(errno));
144     }
145 
146     /* Chroot */
147     if (Privsep_Chroot(dir) < 0) {
148         ErrorExit(CHROOT_ERROR, ARGV0, dir, errno, strerror(errno));
149     }
150 
151     nowChroot();
152 
153     if (test_config == 1) {
154         exit(0);
155     }
156 
157     /* Create the lists for use in rules */
158     Lists_OP_CreateLists();
159 
160     /* Read the lists */
161     {
162         char **listfiles;
163         listfiles = Config.lists;
164         while (listfiles && *listfiles) {
165             if (Lists_OP_LoadList(*listfiles) < 0) {
166                 ErrorExit(LISTS_ERROR, ARGV0, *listfiles);
167             }
168             free(*listfiles);
169             listfiles++;
170         }
171         free(Config.lists);
172         Config.lists = NULL;
173     }
174 
175     Lists_OP_MakeAll(force);
176 
177     exit(0);
178 }
179 
180