Package verification script

verify

#!/bin/bash

# Use debsums to check for any altered binaries
#
# To recreate the baseline file, simply rm it

cd /root/verify || exit

VERIFY="debsums | grep FAILED"
TERMINAL=

if [[ "$TERM" =~ ^xterm ]]; then 
    TERMINAL=y
fi

# First, make the list of packages associated with files on the execution
# path

# Make a current verify result, 
[ $TERMINAL ] && echo "Looking at MD5 sum for package files"
eval "$VERIFY" &> verify.current.txt

# Now, see if there's a baseline file to work with.  If so, check against
# it, else make one.

if [ -e verify.baseline.txt ]; then

    # diff current verify result against the old one
    # Do it silently so there's no email when run via cron

    diffs=$(diff verify.current.txt verify.baseline.txt)

    if [ "$diffs" ]; then
      SUBJECT="FAILURE"
    else
      SUBJECT="ran"
    fi

    
    if [ ! -z "$diffs" -o "$(date +"%d")" == "13" ]; then
        [ $TERMINAL ] && echo "Sending mail"
        /usr/sbin/sendmail gbell2@localhost <<MAILHEADER 
From root@gregs.room  $(date)
Return-Path: <gbell_spamless@yahoo.com>
From: "Verify Czar" <gbell_spamless@yahoo.com>
To: "Greg Bell" <gbell2@localhost>
Subject: Verification $SUBJECT
Date: $(date)
Status: 

    $diffs

MAILHEADER

        /usr/sbin/sendmail -q
    fi 

else
    [ $TERMINAL ] && echo "No baseline.txt...  making one."
    mv verify.current.txt verify.baseline.txt

fi

[ $TERMINAL ] && echo "Done"