#! /bin/sh
# integrit_check - demo script runs integrit from secure server's read-only NFS
# Copyright (C) 2000 Ed Cashin
# 
# You can redistribute this program and/or modify it under the terms of
# the Artistic License as published by the Open Source Initiative,
# currently at the following URL:
# 
#     http://www.opensource.org/licenses/artistic-license.html
# 
# THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
# MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
# 
# $Header: /cvsroot/integrit/integrit/examples/integrit_check,v 1.2 2000/12/05 00:56:51 ecashin Exp $

# WARNING: I haven't tested this yet.

host=`hostname`
securedir=/mnt/dbserv
recipient=$1
arch=`uname`

if [ "$recipient" = "" ]; then
    echo usage: $0 email_recipient 1>&2
    exit 1
fi

if [ "`whoami`" != "root" ]; then
    echo you must be root to run $0 1>&2
    exit 1
fi

#------------integrit binary compiled for this architecture
integrit=$securedir/bin/integrit-$arch	

#------------configuration file
conf=$securedir/conf/integrit-$host.conf

# do update (-u) and check (-c) 
# ... with configuration $conf (-C) and XML output (-x)
# ... piping output to a copy of sendmail that physically lives on 
# the secure server; or exit with an error message to standard output.

(printf "To: $recipient\nSubject: integrit $host report\n\n";
 $integrit -C $conf -x -u -c) | $securdir/bin/sendmail-$arch -t || {
    echo $0 error 1>&2
    exit 1
}



