#!/bin/sh
#
#     tiger - A UN*X security checking system
#     Copyright (C) 1993 Douglas Lee Schales, David K. Hess, David R. Safford
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2, or (at your option)
#    any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#     Please see the file `COPYING' for the complete copyright notice.
#
# Linux/2/check - 08/12/2002
# 
# Checks for Linux systems
# 
# Linux/2/check - 10/15/2003 - jfs - Removed bashishm (Debian bug #215896)
# Linux/2/check - 04/23/2003 - jfs
# 	Removed CC dependancy, added TODO
#       Debian specific checks moved into an if and check.tbl cleared
#       (that file should be user-only)
# Linux/2/check - 05/09/2003 - jfs
# 	Removed ambiguous redirect
#       Fixed SCRIPTDIR to SYSTEMDIR
# Linux/2/check - 06/26/2003 - jfs
#       Commented out the first call to CHECK_PATCH since it is done
#       only if running on Debian GNU/Linux
# Linux/2/check - 08/28/2003 - jfs
#       Removed Debian specific checks from header since they are
#       already called for below
# Linux/2/check - 04/02/2018 - jfs
#       Make it possible to enable/disable the Debian specific checks
#       based on patch provided by Nicholas Bamber (Debian bug 512085)
# Linux/2/check - 04/02/2018 - jfs
#       Removed deb_checkadvisories as, since 2005, the website does 
#       not include sufficient information to check the package version
#       and generate a proper 'debian_advisories' file
#-----------------------------------------------------------------------------
# TODO:
#
# - Nothing yet :)
#
#-----------------------------------------------------------------------------
#
TigerInstallDir='.'

#
# Set default base directory.
# Order or preference:
#      -B option
#      TIGERHOMEDIR environment variable
#      TigerInstallDir installed location
#
basedir=${TIGERHOMEDIR:=$TigerInstallDir}

for parm
do
   case $parm in
   -B) basedir=$2; break;;
   esac
done

#
# Verify that a config file exists there, and if it does
# source it.
#
[ ! -r $basedir/config ] && {
  echo "--ERROR-- [init002e] No 'config' file in \`$basedir'."
  exit 1
}

. $basedir/config

. $BASEDIR/initdefs

#
# If run in test mode (-t) this will verify that all required
# elements are set.
#
[ "$Tiger_TESTMODE" = 'Y' ] && {
  haveallcmds CAT GREP RM SGREP STRINGS || exit 1
  haveallfiles BASEDIR WORKDIR || exit 1
  
  echo "--CONFIG-- [init003c] $0: Configuration ok..."
  exit 0
}

#------------------------------------------------------------------------

haveallcmds CAT GREP RM SGREP STRINGS || exit 1
haveallfiles BASEDIR WORKDIR || exit 1

SYSTEMDIR=$BASEDIR/systems/Linux/2
#
# The following scripts have been added to provide new checks 
# for any Linux system, written by Paul Telford and
# Javier Fernandez-Sanguino
# 
# Note: cannot echo TIMECMD since we lose the handle to the tmplog


[ "$Tiger_Check_SINGLE" != 'N' ] && {
#  echo "`$TIMECMD`> Checking for single user mode password..."
  $SYSTEMDIR/check_single 
}

[ "$Tiger_Check_BOOT" != 'N' ] && {
#  echo "`$TIMECMD`> Checking boot loader file permissions..."
  $SYSTEMDIR/check_lilo 
}

[ "$Tiger_Check_INITTAB" != 'N' ] && {
#  echo "`$TIMECMD`> Checking inittab definitions..."
  $SYSTEMDIR/check_inittab
}

[ "$Tiger_Check_RCUMASK" != 'N' ] && {
#  echo "`$TIMECMD`> Checking umask definitions..."
  $SYSTEMDIR/check_rcumask
}

[ "$Tiger_Check_NEVERLOG" != 'N' ] && {
#  echo "`$TIMECMD`> Checking for users which have not logged in..."
  $SYSTEMDIR/check_neverlogin
}

[ "$Tiger_Check_NETWORKCONFIG" != 'N' ] && {
# echo "`$TIMECMD`> Checking for values of the network configuration."
  $SYSTEMDIR/check_network_config
}

[ "$Tiger_Check_PASSWD" != 'N' -a "$Tiger_Check_PASSWD_SHADOW" != 'N' ] && {
  $SYSTEMDIR/check_passwdspec
}

# The following scripts have been added to provide new checks 
# specific to the Debian system, written by Javier Fernandez-Sanguino
#
if [ "$LXDISTRIBUTION" = "debian" ]; then

# The following checks, for the moment, work only for Debian but
# they could be generalised (there is a tigerrc variable for them)
[ "$Tiger_Check_OS" != 'N' ] && {
#  echo "`$TIMECMD`> Checking for correct OS version..."
  $SYSTEMDIR/check_release 
}

[ "$Tiger_Check_PATCH" != 'N' ] && {
#  echo "`$TIMECMD`> Checking for up-to-date patches..."
  $SYSTEMDIR/check_patches
}

# Debian specific checks
[ "$Tiger_Deb_CheckMD5Sums" != 'N' ]&&  {
  $SYSTEMDIR/deb_checkmd5sums
}
[ "$Tiger_Deb_NoPackFiles" != 'N' ]&&  {
  $SYSTEMDIR/deb_nopackfiles
}
# End of Debian-specific checks

fi 
