1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
#!/usr/bin/lua5.2
local posix = require 'posix'
local config_file = "/etc/aaudit/aaudit.conf"
local function load_config(filename)
local F = io.open(filename, "r")
local cfg = "return {" .. F:read("*all").. "}"
F:close()
return loadstring(cfg, "config:"..filename)()
end
local function match_file(fn, match_list)
if not match_list then return false end
local i, m
for i, pattern in ipairs(match_list) do
if posix.fnmatch(pattern, fn) then return true end
end
return false
end
local CONF = load_config(config_file)
if CONF.notify_email == nil or CONF.smtp_server == nil then return end
local visible, has_data = false, false
local diff = {}
for l in io.lines() do
local fn = l:match("^diff [^ \t]* a/([^ \t]*)")
if fn then
visible = not match_file(fn, CONF.no_notify_files)
if visible then
has_data = true
visible = not match_file(fn, CONF.private_files)
if not visible then
table.insert(diff, "Private file "..fn.." changed")
end
end
end
if visible then table.insert(diff, l) end
end
if has_data then
local EMAIL = io.popen(string.format("sendmail -t -S %s", CONF.smtp_server), "w")
EMAIL:write(string.format([[
From: %s <%s>
To: %s
Subject: Configuration change on %s
Date: %s
This is automatically generated e-mail about the following configuration change:
%s
]],
CONF.author_name or "Alpine Auditor", CONF.author_email or "auditor@alpine.local",
table.concat(CONF.notify_email, ", "),
arg[1],
os.date("%a, %d %b %Y %H:%M:%S"),
table.concat(diff, '\n')
))
EMAIL:close()
end
|
