#!/bin/sh
#
# script to run aide --check and verify GPG signatures
#
# written by Vincent Danen <vdanen-at-annvix.org>
#
# $Id: aidecheck 5176 2006-01-31 03:17:02Z vdanen $

TEXTDOMAIN=aidescripts

hostname=`uname -n`
if command -v gpg2 >/dev/null 2>&1
then gpg=gpg2
else if command -v gpg >/dev/null 2>&1
then gpg=gpg
fi
fi
aide="/usr/sbin/aide"
fname="aide-`hostname`-`date +%Y%m%d-%H%M%S`"

printf $"AIDE integrity check for %s beginning (%s)""\n" "${hostname}" "$(date)"

if [ ! -e /var/lib/aide/aide.db ] ; then
    printf "**** "$"FATAL: "$"AIDE database for %s not found.""\n" "${hostname}"
    echo "**** "$"Run aideinit to create the database file.""\n"
else
    if [ -f /etc/aide.conf ]; then
        if [ -f /var/lib/aide/aide.db.sig ]; then
	    pushd /var/lib/aide >/dev/null
	        printf $"Verifying the GPG signature on the database...""\n"
		echo ""
	        ${gpg} --verify aide.db.sig
		echo ""
		if [ "$?" == "1" ]; then
		    printf "************************************************************\n"
		    printf $"GPG signature FAILED!  Your database has been tampered with!""\n"
		    printf "************************************************************\n"
		    exit 1
		fi
	    popd >/dev/null
	else
	    printf "**** "$$"FATAL: "$"No GPG signature found for the AIDE database!""\n"
	    printf "**** "$"Unable to verify database; your system may be compromised or incorrectly configured!""\n"
	    exit 1
	fi
        ${aide} --check -B "report_url=file:/var/lib/aide/reports/${fname}.report" 2>/dev/null
    fi
fi

exit 0
