/usr/share/lynis/include/data_upload is in lynis 2.1.1-1.
This file is owned by root:root, with mode 0o600.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 | #!/bin/sh
#################################################################################
#
# Lynis
# ------------------
#
# Copyright 2007-2015, Michael Boelen (michael.boelen@cisofy.com), CISOfy
# Web site: https://cisofy.com
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#
#################################################################################
#
# Data upload
#
#################################################################################
#
# logtextbreak
PROGRAM_VERSION="101"
# Data upload destination
if [ "${UPLOAD_SERVER}" = "" ]; then
UPLOAD_SERVER="cisofy.com"
fi
UPLOAD_URL="https://${UPLOAD_SERVER}/upload/"
logtext "Upload server: ${UPLOAD_SERVER}"
logtext "URL to upload to: ${UPLOAD_URL}"
# License server (set to upload server if not configured)
if [ "${LICENSE_SERVER}" = "" ]; then
LICENSE_SERVER="${UPLOAD_SERVER}"
fi
LICENSE_SERVER_URL="https://${LICENSE_SERVER}/license/"
logtext "License server: ${LICENSE_SERVER}"
# Additional options to curl
if [ "${UPLOAD_OPTIONS}" = "" ]; then
CURL_OPTIONS=""
else
CURL_OPTIONS="${UPLOAD_OPTIONS}"
fi
SETTINGS_FILE="${PROFILE}"
# Only output text to stdout if DEBUG mode is not used
output()
{
if [ ${DEBUG} -eq 1 ]; then echo "$1"; fi
}
#####################################################################################
#
# SYSTEM CHECKS
#
#####################################################################################
output "Lynis Enterprise data uploader starting"
output "Settings file: ${SETTINGS_FILE}"
# Check if we can find curl
# Suggestion: If you want to keep the system hardened, copying the binary from a trusted source is a good alternative.
# Restrict access to this binary to the user who is running this script.
if [ "${CURLBINARY}" = "" ]; then
echo "Fatal: can't find curl binary. Please install the related package or put the binary in the PATH. Quitting.."
exit 1
fi
# Extra the license key from the settings file
if [ "${LICENSE_KEY}" = "" ]; then
echo "Fatal: no license key found. Quitting.."
ExitFatal
else
output "License key = ${LICENSE_KEY}"
fi
#####################################################################################
#
# JOB CONTROL
#
#####################################################################################
# Check report file
if [ -f ${REPORTFILE} ]; then
output "${WHITE}Report file found.${NORMAL} Starting with connectivity check.."
# Quit if license is not valid, to reduce load on both client and server.
UPLOAD=`${CURLBINARY} ${CURL_OPTIONS} -s -S --data-urlencode "licensekey=${LICENSE_KEY}" --data-urlencode "collector_version=${PROGRAM_VERSION}" ${LICENSE_SERVER_URL}`
UPLOAD_CODE=`echo ${UPLOAD} | head -n 1 | awk '{ if ($1=="Response") { print $2 }}'`
if [ "${UPLOAD_CODE}" = "100" ]; then
output "${WHITE}License is valid${NORMAL}"
logtext "Result: License is valid"
else
echo "${RED}Fatal error: ${WHITE}Error while checking the license.${NORMAL}"
echo ""
echo "Possible causes and steps you can take:"
echo "- Connection with license server could not be established (try address in your web browser)"
echo "- License is expired (listed in Configuration screen)"
echo "- No credits left (listed in Configuration screen)"
echo "- Collector version of Lynis version outdated (upgrade to latest Lynis or Lynis Collector)"
echo ""
echo "If you need support in solving this, please contact support@cisofy.com and include this screen output."
echo ""
echo "URL: ${LICENSE_SERVER_URL}"
echo "Key: ${LICENSE_KEY}"
output "Debug information: ${UPLOAD}"
# Quit
ExitClean
fi
# Extract the hostid from the parse file
HOSTID=`cat ${REPORTFILE} | grep "^hostid=" | awk -F= '{ print $2 }'`
if [ ! "${HOSTID}" = "" ]; then
output "${WHITE}Found hostid: ${HOSTID}${NORMAL}"
# Try to connect
output "Uploading data.."
logtext "Command used: ${CURLBINARY} ${CURL_OPTIONS} -s -S --data-urlencode \"data@${REPORTFILE}\" --data-urlencode \"licensekey=${LICENSE_KEY}\" --data-urlencode \"hostid=${HOSTID}\" ${UPLOAD_URL}"
UPLOAD=`${CURLBINARY} ${CURL_OPTIONS} -s -S --data-urlencode "data@${REPORTFILE}" --data-urlencode "licensekey=${LICENSE_KEY}" --data-urlencode "hostid=${HOSTID}" ${UPLOAD_URL}`
if [ $? -gt 0 ]; then
#UPLOAD_CODE=`echo ${UPLOAD} | head -n 1 | awk '{ print $2 }'`
#output "Output code from upload: ${UPLOAD_CODE}"
output "${RED}Error occurred, please check documentation for code ${UPLOAD_CODE}.${NORMAL}"
output "Debug:"
output ${UPLOAD}
# Quit
ExitClean
fi
else
echo "${RED}Fatal error${NORMAL}: No hostid found in report file. Can not upload report file."
# Quit
ExitClean
fi
else
output "${YELLOW}No report file found to upload.${NORMAL}"
fi
#
#================================================================================
# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|