/usr/lib/tiger/systems/Linux/2/deb_nopackfiles is in tiger 1:3.2.3-10.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 | #!/bin/sh
#
# tiger - A UN*X security checking system
# Copyright (C) 2000, 2001, 2002 Javier Fernandez-Sanguino Peña
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# Please see the file `COPYING' for the complete copyright notice.
#
# Linux/deb_nopackfiles - 23/08/2001
#
# 05/07/2006 - jfs - Skip directories that are symbolic links, this happens
# with /usr/X11R6/bin as the latest Xorg package
# versions just symlink this to /usr/bin/ (Debian bug #367931)
# 03/21/2005 - jfs - Remove uneeded {} (Debian bug #297889). Also redirect
# find stderr to /dev/null
# 06/18/2004 - jfs - Made the dirlist variable so that directories which
# do not exist are not checked for (Debian bug #254574)
# Also fixed SED check so that only binary files (and not
# directories) are included in the list which should slightly
# improve performance.
# 09/19/2003 - jfs - Applied patch from Nicolas François which enhances
# speed by restricting the list of files to check to those that
# will be, indeed, tested and improved DPKG dependancy.
# Send FIND errors to /dev/null just in case some of the
# directories do not exist.
# 08/08/2003 - jfs - Improved temporary file creation and removed RM dependancy.
# 08/08/2003 - jfs - Applied patch from Nicolas François.
# Instead of grepping each file all the files are appended to
# a single file and removed a redundant check.
# 11/05/2002 - jfs - Changed from a 'for' statement to a 'find'
#
# TODO:
# - Consider if the the path '/bin/ /usr/bin/ /sbin/ /usr/sbin/
# /lib/ /usr/X11R6/bin/' should be customizable in tigerrc.
# Also, the maxpath could be set in another option.
# - Consider the use of 'dlocate' which will be faster than DPKG. Notice
# however that it's priority "optional"
# dlocate could be faster
# DLOCATE=`which dlocate`
# DLOCATE=${DLOCATE:-$DPKG}
#
#-----------------------------------------------------------------------------
TigerInstallDir="/usr/lib/tiger"
#
# Set default base directory.
# Order or preference:
# -B option
# TIGERHOMEDIR environment variable
# TigerInstallDir installed location
#
basedir=${TIGERHOMEDIR:=$TigerInstallDir}
for parm
do
case $parm in
-B) basedir=$2; break;;
esac
done
#
# Verify that a config file exists there, and if it does
# source it.
#
[ ! -r $basedir/config ] && {
echo "--ERROR-- [init002e] No 'config' file in \`$basedir'."
exit 1
}
. $basedir/config
. $BASEDIR/initdefs
#
# If run in test mode (-t) this will verify that all required
# elements are set.
#
[ "$Tiger_TESTMODE" = 'Y' ] && {
haveallcmds FIND GREP || exit 1
if [ "$Tiger_DPKG_Optimize" = "N" ]
then
haveallcmds DPKG || exit 1
fi
haveallfiles BASEDIR WORKDIR || exit 1
haveallvars TESTLINK HOSTNAME
message CONFIG init003c "" "$0: Configuration ok..."
exit 0
}
#------------------------------------------------------------------------
echo
echo "# Checking installed files against packages..."
haveallcmds FIND GREP || exit 1
if [ "$Tiger_DPKG_Optimize" = "N" ]
then
haveallcmds DPKG || exit 1
fi
safe_temp $WORKDIR/dpkg-packages.list
trap 'delete $WORKDIR/dpkg-packages.list ; exit 1' 1 2 3 15
# NOTE: /usr/lib cannot be added here since quite a lot of packages
# will compile stuff there on installation which will result in a
# tremendous report...
dirlist="/bin/ /usr/bin/ /sbin/ /usr/sbin/ /lib/ /usr/X11R6/bin"
okdirs=""
# Before using dirlist we are going to determine which values are ok
for dir in $dirlist ; do
if [ -d $dir ] && [ ! -L $dir ] ; then
if [ -n "$okdirs" ] ; then
okdirs="$dir $okdirs"
else
okdirs=$dir
fi
fi
done
dirlist=$okdirs
if [ -z "$dirlist" ]; then
message ERROR linxxxw "" "None of the configured directories are available"
exit 1
fi
# We have two options here, use dpkg (non-optimal but on the safe side)
# or use grep (optimal but not on the safe side)
if [ "$Tiger_DPKG_Optimize" = "N" ]
then
$FIND $dirlist -type f 2>/dev/null|
# We are not using -maxdepth here, but we could...
while read file
do
pack=`$DPKG -S $file 2>/dev/null`
[ "$pack" = "" ] && {
message WARN lin001w "" "File \`$file' does not belong to any package."
}
done
else
# Alternative (optimal but not following standard way)
seddirlist=`echo $dirlist | $SED -e 's/ /\\\\\|/g; s/\//\\\\\//g'`
$FIND /var/lib/dpkg/info -name "*.list" -exec cat {} \; |
$SED -ne "/^\($seddirlist\)/p" > $WORKDIR/dpkg-packages.list
$FIND $dirlist -type f 2>/dev/null |
# We are not using -maxdepth here, but we could...
$GREP -x -F -v -f $WORKDIR/dpkg-packages.list |
# To search for diversions
$GREP -x -F -v -f /var/lib/dpkg/diversions |
while read file
do
message WARN lin001w "" "File \`$file' does not belong to any package."
done
delete $WORKDIR/dpkg-packages.list
fi
exit 0
|