#!/bin/sh
#
#     tiger - A UN*X security checking system
#     Copyright (C) 2000, 2001, 2002 Javier Fernandez-Sanguino Pea
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2, or (at your option)
#    any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#     Please see the file `COPYING' for the complete copyright notice.
#
# Linux/deb_nopackfiles - 23/08/2001
# 
# 09/19/2003 - jfs - Applied patch from Nicolas Franois  which enhances
#            speed by restricting the list of files to check to those that
#            will be, indeed, tested and improved DPKG dependancy.
#            Send FIND errors to /dev/null just in case some of the
#            directories do not exist.
# 08/08/2003 - jfs - Improved temporary file creation and removed RM dependancy.
# 08/08/2003 - jfs - Applied patch from Nicolas Franois. 
#              Instead of grepping each file all the files are appended to
#              a single file and removed a redundant check.
# 11/05/2002 - jfs - Changed from a 'for' statement to a 'find'
#
# TODO:
# - Consider if the the path '/bin/ /usr/bin/ /sbin/ /usr/sbin/
# /lib/ /usr/X11R6/bin/' should be customizable in tigerrc.
# Also, the maxpath could be set in another option.
# - Consider the use of 'dlocate' which will be faster than DPKG. Notice
# however that it's priority "optional"
# dlocate could be faster
# DLOCATE=`which dlocate`
# DLOCATE=${DLOCATE:-$DPKG}
#
#-----------------------------------------------------------------------------
TigerInstallDir='.'


#
# Set default base directory.
# Order or preference:
#      -B option
#      TIGERHOMEDIR environment variable
#      TigerInstallDir installed location
#
basedir=${TIGERHOMEDIR:=$TigerInstallDir}

for parm
do
   case $parm in
   -B) basedir=$2; break;;
   esac
done

#
# Verify that a config file exists there, and if it does
# source it.
#
[ ! -r $basedir/config ] && {
  echo "--ERROR-- [init002e] No 'config' file in \`$basedir'."
  exit 1
}

. $basedir/config

. $BASEDIR/initdefs

#
# If run in test mode (-t) this will verify that all required
# elements are set.
#
[ "$Tiger_TESTMODE" = 'Y' ] && {
  haveallcmds FIND GREP || exit 1
  if [ "$Tiger_DPKG_Optimize" = "N" ]
  then
  	haveallcmds DPKG || exit 1
  fi
  haveallfiles BASEDIR WORKDIR || exit 1
  haveallvars TESTLINK HOSTNAME
  
  message CONFIG init003c "" "$0: Configuration ok..."
  exit 0
}

#------------------------------------------------------------------------
echo
echo "# Checking installed files against packages..."

haveallcmds FIND GREP || exit 1
if [ "$Tiger_DPKG_Optimize" = "N" ]
then
	haveallcmds DPKG || exit 1
fi

safe_temp $WORKDIR/dpkg-packages.list
trap 'delete $WORKDIR/dpkg-packages.list ; exit 1' 1 2 3 15


# We have two options here, use dpkg (non-optimal but on the safe side)
# or use grep (optimal but not on the safe side)
if [ "$Tiger_DPKG_Optimize" = "N" ]
then
        $FIND /bin/ /usr/bin/ /sbin/ /usr/sbin/ /lib/ /usr/X11R6/bin/ -type f 2>/dev/null|
        # We are not using -maxdepth here, but we could...
        while read file
        do
                pack=`$DPKG -S $file 2>/dev/null`
                [ "$pack" = "" ] && {
                message WARN lin001w "" "File \`$file' does not belong to any package." 
                }
        done       
else
        # Alternative (optimal but not following standard way)
	$FIND /var/lib/dpkg/info -name "*.list" -exec cat {} \; |
        $SED -ne "/^\/\(bin\|usr\/bin\|sbin\|usr\/sbin\|lib\|usr\/X11R6\/bin\)/p" > $WORKDIR/dpkg-packages.list
        $FIND /bin/ /usr/bin/ /sbin/ /usr/sbin/ /lib/ /usr/X11R6/bin/ -type f |
        # We are not using -maxdepth here, but we could...
        $GREP -x -F -v -f $WORKDIR/dpkg-packages.list |
        # To search for diversions
        $GREP -x -F -v -f /var/lib/dpkg/diversions |
        while read file
        do
          message WARN lin001w "" "File \`$file' does not belong to any package."
        done
        delete $WORKDIR/dpkg-packages.list
fi
