Search
Search
Search
Search
Information
Information
Light
Dark
Open actions menu
Basic upload method
Bypass upload method
Tips!
If you encounter an error (by firewall) while uploading using both methods,
try changing extension of the file before uploading it and rename it right after.
This uploader supports multiple file upload.
Submit
~
etc
cron.daily
File Content:
chkrootkit
#!/bin/sh set -ue # note that all variables can be changed by editing $CONFIG CONFIG=/etc/chkrootkit/chkrootkit.conf CHKROOTKIT=/usr/sbin/chkrootkit LOG_DIR=/var/log/chkrootkit OUTPUT="$LOG_DIR/log.today" RAW_OUTPUT="$OUTPUT.raw" EXPECTED_OUTPUT="$LOG_DIR/log.expected" # If you do not want to use ionice, set IONICE="" in $CONFIG if [ -x /usr/bin/ionice ] && /usr/bin/ionice -c3 true 2>/dev/null; then IONICE="/usr/bin/ionice -c3" else IONICE="" fi RUN_DAILY=false # $CONFIG should set this to 'true' DIFF_MODE=false RUN_DAILY_OPTS="" ## lines matching patterns in here are omitted entirely from the output, if the file exists. IGNORE_FILE="/etc/chkrootkit/chkrootkit.ignore" ## The output (after any IGNORE_FILE) is passed through $FILTER) FILTER="sed -re 's![[:alnum:]]+: PACKET SNIFFER\(((/lib/systemd/systemd-networkd|(/usr)?/sbin/(dhclient|dhcpc?d[0-9]*|wpa_supplicant|NetworkManager))\[[0-9]+\](, )?)+\)!<interface>: PACKET SNIFFER\([systemd-networkd|dhclient|dhcpd|dhcpcd|wpa_supplicant|NetworkManager]{PID}\)!' -e 's/(! [[:alnum:]+-]+)\s+[0-9]+/\1 {PID}/'" if [ ! -x "$CHKROOTKIT" ]; then exit 0 fi if [ -r "$CONFIG" ]; then . "$CONFIG" fi # support upgrades from bullseye where $OLD_CONFIG was used OLD_CONFIG=/etc/chkrootkit.conf if [ -r "$OLD_CONFIG" ]; then echo "WARNING: $OLD_CONFIG is deprecated. Please put your settings in $CONFIG instead: $OLD_CONFIG will be ignored in a future release and should be deleted." . $OLD_CONFIG fi if [ "$RUN_DAILY" = "false" ]; then exit 0 fi if [ ! -r "$IGNORE_FILE" ]; then IGNORE_FILE=/dev/null fi if [ -z "$FILTER" ]; then # explicitly disabled FILTER=cat elif ! echo "test" | eval "$FILTER" >/dev/null 2>&1; then echo "Ignoring invalid \$FILTER='$FILTER'" FILTER=cat fi # Run, filter, and save output eval "$IONICE" "$CHKROOTKIT" "$RUN_DAILY_OPTS" 2>&1 \ | tee "$RAW_OUTPUT" 2>&1 \ | eval "$FILTER" \ | egrep -v -f "$IGNORE_FILE" 2>&1 \ > "$OUTPUT" 2>&1 || true # show results if [ "$DIFF_MODE" = "false" ]; then cat "$OUTPUT" 2>&1 || true elif [ ! -f "$EXPECTED_OUTPUT" ]; then echo "No file $LOG_DIR/log.expected" echo "This file should contain expected output from chkrootkit" echo echo "Today's run produced the following output:" echo "--- [ BEGIN: cat $OUTPUT ] ---" cat "$LOG_DIR/log.today" 2>&1 || true echo "--- [ END: cat $OUTPUT ] ---" echo echo "To create this file containing all output from today's run, do (as root)" echo "# cp -a $OUTPUT $EXPECTED_OUTPUT" echo "# (note that unedited output is in $RAW_OUTPUT)" elif ! diff -q "$EXPECTED_OUTPUT" "$OUTPUT" > /dev/null 2>&1; then echo "chkrootkit output was not as expected." echo echo "The difference is:" echo "--- [ BEGIN: diff -u $EXPECTED_OUTPUT $OUTPUT ] ---" diff -u "$EXPECTED_OUTPUT" "$OUTPUT" 2>&1 || true echo "--- [ END: diff -u $EXPECTED_OUTPUT $OUTPUT ] ---" echo echo "To update the expected output, run (as root)" echo "# cp -a -f $OUTPUT $EXPECTED_OUTPUT" echo "# (note that unedited output is in $RAW_OUTPUT)" fi
Edit
Download
Unzip
Chmod
Delete
