From c7bffe6a77c020ed7ccad18ebb0bfbbc389c2d6a Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Mon, 1 May 2017 12:25:15 +0100
Subject: [PATCH] Add usb canary

---
 src/freedombone-usb-canary  | 11 +++++++++++
 src/freedombone-utils-setup |  8 ++++++++
 2 files changed, 19 insertions(+)
 create mode 100755 src/freedombone-usb-canary

diff --git a/src/freedombone-usb-canary b/src/freedombone-usb-canary
new file mode 100755
index 00000000..9d380f33
--- /dev/null
+++ b/src/freedombone-usb-canary
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+PROJECT_NAME=freedombone
+
+ADMIN_USER=$(cat /root/${PROJECT_NAME}-completed.txt | grep 'Admin user' | awk -F ':' '{print $2}')
+#MY_EMAIL_ADDRESS=${ADMIN_USER}@$(cat /etc/hostname)
+MY_EMAIL_ADDRESS=root@$(cat /etc/hostname)
+echo "USB device connected on ${DEVPATH}" | mail -s "${PROJECT_NAME} USB canary" ${MY_EMAIL_ADDRESS}
+echo "${ACTION}" > /tmp/usb-canary
+echo "${MY_EMAIL_ADDRESS}" >> /tmp/usb-canary
+echo "$(date)" >> /tmp/usb-canary
diff --git a/src/freedombone-utils-setup b/src/freedombone-utils-setup
index 63c45fb3..0dcb2f8c 100755
--- a/src/freedombone-utils-setup
+++ b/src/freedombone-utils-setup
@@ -551,6 +551,11 @@ function disable_null_passwords {
     sed -i 's| nullok_secure||g' /etc/pam.d/common-auth
 }
 
+function create_usb_canary {
+    echo "ACTION==\"add\", KERNEL==\"sd*[!0-9]\", RUN+=\"/usr/local/bin/${PROJECT_NAME}-usb-canary\"" > /etc/udev/rules.d/00-usb-canary.rules
+    udevadm control --reload-rules
+}
+
 function setup_firewall {
     function_check create_completion_file
     create_completion_file
@@ -778,6 +783,9 @@ function setup_utils {
 
     function_check schedule_stig_tests
     schedule_stig_tests
+
+    function_check create_usb_canary
+    create_usb_canary
 }
 
 function setup_email {