free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add usb canary

This commit is contained in:
Bob Mottram 2017-05-01 12:25:15 +01:00
parent a075b9f62f
commit c7bffe6a77
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/freedombone-usb-canary Executable file
View File

@ -0,0 +1,11 @@
#!/bin/bash
PROJECT_NAME=freedombone
ADMIN_USER=$(cat /root/${PROJECT_NAME}-completed.txt | grep 'Admin user' | awk -F ':' '{print $2}')
#MY_EMAIL_ADDRESS=${ADMIN_USER}@$(cat /etc/hostname)
MY_EMAIL_ADDRESS=root@$(cat /etc/hostname)
echo "USB device connected on ${DEVPATH}" | mail -s "${PROJECT_NAME} USB canary" ${MY_EMAIL_ADDRESS}
echo "${ACTION}" > /tmp/usb-canary
echo "${MY_EMAIL_ADDRESS}" >> /tmp/usb-canary
echo "$(date)" >> /tmp/usb-canary

8
src/freedombone-utils-setup
View File

@ -551,6 +551,11 @@ function disable_null_passwords {
sed -i 's| nullok_secure||g' /etc/pam.d/common-auth sed -i 's| nullok_secure||g' /etc/pam.d/common-auth
} }
function create_usb_canary {
echo "ACTION==\"add\", KERNEL==\"sd*[!0-9]\", RUN+=\"/usr/local/bin/${PROJECT_NAME}-usb-canary\"" > /etc/udev/rules.d/00-usb-canary.rules
udevadm control --reload-rules
}
function setup_firewall { function setup_firewall {
function_check create_completion_file function_check create_completion_file
create_completion_file create_completion_file
@ -778,6 +783,9 @@ function setup_utils {
function_check schedule_stig_tests function_check schedule_stig_tests
schedule_stig_tests schedule_stig_tests
function_check create_usb_canary
create_usb_canary
} }
function setup_email { function setup_email {