Initial commit.

cron.daily/aide

@@ -0,0 +1 @@
+18 01 * * *		/usr/bin/perl	/opt/aide.pl

cron.daily/csget

@@ -0,0 +1,90 @@
+#!/usr/bin/perl
+###############################################################################
+# Copyright 2006-2020, Way to the Web Limited
+# URL: http://www.configserver.com
+# Email: sales@waytotheweb.com
+###############################################################################
+use strict;
+use warnings;
+use diagnostics;
+
+if (my $pid = fork) {
+	exit 0;
+} elsif (defined($pid)) {
+	$pid = $$;
+} else {
+	die "Error: Unable to fork: $!";
+}
+chdir("/");
+close (STDIN);
+close (STDOUT);
+close (STDERR);
+open STDIN, "<","/dev/null";
+open STDOUT, ">","/dev/null";
+open STDERR, ">","/dev/null";
+
+$0 = "ConfigServer Version Check";
+
+my @downloadservers = ("https://download.configserver.com", "https://download2.configserver.com");
+
+system("mkdir -p /var/lib/configserver/");
+system("rm -f /var/lib/configserver/*.txt /var/lib/configserver/*error");
+
+my $cmd;
+if (-e "/usr/bin/curl") {$cmd = "/usr/bin/curl -skLf -m 120 -o"}
+elsif (-e "/usr/bin/wget") {$cmd = "/usr/bin/wget -q -T 120 -O"}
+else {
+	open (my $ERROR, ">", "/var/lib/configserver/error");
+	print $ERROR "Cannot find /usr/bin/curl or /usr/bin/wget to retrieve product versions\n";
+	close ($ERROR);
+	exit;
+}
+my $GET;
+if (-e "/usr/bin/GET") {$GET = "/usr/bin/GET -sd -t 120"}
+
+my %versions;
+if (-e "/etc/csf/csf.pl") {$versions{"/csf/version.txt"} = "/var/lib/configserver/csf.txt"}
+if (-e "/etc/cxs/cxs.pl") {$versions{"/cxs/version.txt"} = "/var/lib/configserver/cxs.txt"}
+if (-e "/usr/local/cpanel/whostmgr/docroot/cgi/configserver/cmm.cgi") {$versions{"/cmm/cmmversion.txt"} = "/var/lib/configserver/cmm.txt"}
+if (-e "/usr/local/cpanel/whostmgr/docroot/cgi/configserver/cse.cgi") {$versions{"/cse/cseversion.txt"} = "/var/lib/configserver/cse.txt"}
+if (-e "/usr/local/cpanel/whostmgr/docroot/cgi/configserver/cmq.cgi") {$versions{"/cmq/cmqversion.txt"} = "/var/lib/configserver/cmq.txt"}
+if (-e "/usr/local/cpanel/whostmgr/docroot/cgi/configserver/cmc.cgi") {$versions{"/cmc/cmcversion.txt"} = "/var/lib/configserver/cmc.txt"}
+if (-e "/etc/osm/osmd.pl") {$versions{"/osm/osmversion.txt"} = "/var/lib/configserver/osm.txt"}
+if (-e "/usr/msfe/version.txt") {$versions{"/version.txt"} = "/var/lib/configserver/msinstall.txt"}
+if (-e "/usr/msfe/msfeversion.txt") {$versions{"/msfeversion.txt"} = "/var/lib/configserver/msfe.txt"}
+
+if (scalar(keys %versions) == 0) {
+	unlink $0;
+	exit;
+}
+
+unless ($ARGV[0] eq "--nosleep") {
+	system("sleep",int(rand(60 * 60 * 6)));
+}
+for (my $x = @downloadservers; --$x;) {
+		my $y = int(rand($x+1));
+		if ($x == $y) {next}
+		@downloadservers[$x,$y] = @downloadservers[$y,$x];
+}
+
+foreach my $server (@downloadservers) {
+	foreach my $version (keys %versions) {
+		unless (-e $versions{$version}) {
+			if (-e $versions{$version}.".error") {unlink $versions{$version}.".error"}
+			my $status = system("$cmd $versions{$version} $server$version");
+#			print "$cmd $versions{$version} $server$version\n";
+			if ($status) {
+				if ($GET ne "") {
+					open (my $ERROR, ">", $versions{$version}.".error");
+					print $ERROR "$server$version - ";
+					close ($ERROR);
+					my $GETstatus = system("$GET $server$version >> $versions{$version}".".error");
+				} else {
+					open (my $ERROR, ">", $versions{$version}.".error");
+					print $ERROR "Failed to retrieve latest version from ConfigServer";
+					close ($ERROR);
+				}
+			}
+		}
+	}
+}

cron.daily/etckeeper

@@ -0,0 +1,8 @@
+#!/bin/sh
+set -e
+if [ -e /etc/etckeeper/daily ] && [ -e /etc/etckeeper/etckeeper.conf ]; then
+	. /etc/etckeeper/etckeeper.conf
+	if [ "$AVOID_DAILY_AUTOCOMMITS" != "1" ]; then
+		/etc/etckeeper/daily
+	fi
+fi

cron.daily/logrotate

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+/usr/sbin/logrotate /etc/logrotate.conf
+EXITVALUE=$?
+if [ $EXITVALUE != 0 ]; then
+    /usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
+fi
+exit $EXITVALUE

cron.daily/maldet

@@ -0,0 +1,108 @@
+#!/usr/bin/env bash
+export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:$PATH
+export LMDCRON=1
+inspath='/usr/local/maldetect'
+intcnf="$inspath/internals/internals.conf"
+
+if [ -f "$intcnf" ]; then
+	source $intcnf
+else
+	echo "\$intcnf not found."
+	exit 1
+fi
+if [ -f "$cnf" ]; then
+	source $cnf
+	if [ -f "$compatcnf" ]; then
+	        source $compatcnf
+	fi
+else
+	echo "could not find \$cnf, fatal error, bye."
+	exit 1
+fi
+
+if [ -f "/etc/sysconfig/maldet" ]; then
+	. /etc/sysconfig/maldet
+elif [ -f "/etc/default/maldet" ]; then
+	. /etc/default/maldet
+fi
+
+if [ -f "$cron_custom_conf" ]; then
+	. $cron_custom_conf
+fi
+
+if [ -z "$scan_days" ]; then
+	scan_days=1
+fi
+
+if [ -z "$cron_prune_days" ]; then
+	cron_prune_days=21
+fi
+
+if [ "$find" ]; then
+	# prune any quarantine/session/tmp data older than 7 days
+	tmpdirs="$tmpdir $varlibpath/sess $varlibpath/quarantine $varlibpath/pub"
+	for dir in $tmpdirs; do
+	 if [ -d "$dir" ]; then
+	  $find $dir -type f -mtime +${cron_prune_days} -print0 | xargs -0 rm -f >> /dev/null 2>&1
+	 fi
+	done
+fi
+
+if [ "$autoupdate_version" == "1" ] || [ "$autoupdate_signatures" == "1" ]; then
+	# sleep for random 1-999s interval to better distribute upstream load
+	sleep $(echo $RANDOM | cut -c1-3) >> /dev/null 2>&1
+fi
+
+if [ "$autoupdate_version" == "1" ]; then
+	# check for new release version
+	$inspath/maldet -d >> /dev/null 2>&1
+fi
+
+if [ "$autoupdate_signatures" == "1" ]; then
+	# check for new definition set
+	$inspath/maldet -u >> /dev/null 2>&1
+fi
+
+# if we're running inotify monitoring, send daily hit summary
+if [ "$(ps -A --user root -o "cmd" | grep -E maldetect | grep -E inotifywait)" ]; then
+        $inspath/maldet --monitor-report >> /dev/null 2>&1
+elif [ "$cron_daily_scan" == "1" ]; then
+	if [ -d "/home/virtual" ] && [ -d "/usr/lib/opcenter" ]; then
+		# ensim
+	        $inspath/maldet -b -r /home/virtual/?/fst/var/www/html/,/home/virtual/?/fst/home/?/public_html/ $scan_days >> /dev/null 2>&1
+	elif [ -d "/etc/psa" ] && [ -d "/var/lib/psa" ]; then
+		# psa
+		$inspath/maldet -b -r /var/www/vhosts/?/ $scan_days >> /dev/null 2>&1
+        elif [ -d "/usr/local/directadmin" ]; then
+                # DirectAdmin
+                $inspath/maldet -b -r /home?/?/domains/?/public_html/,/var/www/html/?/ $scan_days >> /dev/null 2>&1
+	elif [ -d "/var/www/clients" ]; then
+		# ISPConfig
+                $inspath/maldet -b -r /var/www/clients/?/web?/web,/var/www/clients/?/web?/subdomains,/var/www $scan_days >> /dev/null 2>&1
+	elif [ -d "/etc/webmin/virtual-server" ]; then
+		# Virtualmin
+                $inspath/maldet -b -r /home/?/public_html/,/home/?/domains/?/public_html/ $scan_days >> /dev/null 2>&1
+	elif [ -d "/usr/local/ispmgr" ] || [ -d "/usr/local/mgr5" ]; then
+		# ISPmanager
+		$inspath/maldet -b -r /var/www/?/data/,/home/?/data/ $scan_days >> /dev/null 2>&1
+	elif [ -d "/var/customers/webs" ]; then
+		# froxlor
+		$inspath/maldet -b -r /var/customers/webs/ $scan_days >> /dev/null 2>&1
+        elif [ -d "/usr/local/vesta" ]; then
+                # VestaCP
+                $inspath/maldet -b -r /home/?/web/?/public_html/,/home/?/web/?/public_shtml/,/home/?/tmp/,/home/?/web/?/private/ $scan_days >> /dev/null 2>&1
+        elif [ -d "/usr/share/dtc" ]; then
+                # DTC
+                if [ -f /var/lib/dtc/saved_install_config ]; then
+                    . /var/lib/dtc/saved_install_config
+                fi
+                $inspath/maldet -b -r ${conf_hosting_path:-/var/www/sites}/?/?/subdomains/?/html/ $scan_days >> /dev/null 2>&1
+	else
+		# cpanel, interworx and other standard home/user/public_html setups
+	        $inspath/maldet -b -r /home?/?/public_html/,/var/www/html/,/usr/local/apache/htdocs/ $scan_days >> /dev/null 2>&1
+	fi
+fi
+
+if [ -f "$cron_custom_exec" ]; then
+	. $cron_custom_exec
+fi

cron.daily/rkhunter

@@ -0,0 +1,57 @@
+#!/bin/sh
+# 01-rkhunter  A shell script to update and run rkhunter via CRON
+
+XITVAL=0
+
+# Get a secure tempfile
+TMPFILE1=`/bin/mktemp -p /var/lib/rkhunter rkhcronlog.XXXXXXXXXX` || exit 1
+
+if [ ! -e /var/lock/subsys/rkhunter ]; then
+
+  # Try to keep the SysInit boot scan from colliding with us (highly unlikely)
+  /bin/touch /var/lock/subsys/rkhunter
+
+  # Source system configuration parameters.
+  if [ -e /etc/sysconfig/rkhunter ] ; then
+    . /etc/sysconfig/rkhunter
+  else
+    MAILTO=root@localhost
+  fi
+
+  # If a diagnostic mode scan was requested, setup the parameters
+  if [ "$DIAG_SCAN" = "yes" ]; then
+    RKHUNTER_FLAGS="--checkall --skip-keypress --nocolors --quiet --appendlog --display-logfile"
+  else
+    RKHUNTER_FLAGS="--cronjob --nocolors --report-warnings-only"
+  fi
+
+  # Set a few critical parameters
+  RKHUNTER=/usr/bin/rkhunter
+  LOGFILE=/var/log/rkhunter/rkhunter.log
+
+  # Run RootKit Hunter if available
+  if [ -x $RKHUNTER ]; then
+    /bin/echo -e "\n--------------------- Start Rootkit Hunter Update ---------------------" \
+      > $TMPFILE1
+    /bin/nice -n 10 $RKHUNTER --update --nocolors 2>&1 >> $TMPFILE1
+    /bin/echo -e "\n---------------------- Start Rootkit Hunter Scan ----------------------" \
+      >> $TMPFILE1
+    /bin/nice -n 10 $RKHUNTER $RKHUNTER_FLAGS 2>&1 >> $TMPFILE1
+    XITVAL=$?
+    /bin/echo -e "\n----------------------- End Rootkit Hunter Scan -----------------------" \
+      >> $TMPFILE1
+
+    if [ $XITVAL != 0 ]; then
+         /bin/cat $TMPFILE1 | /bin/mail -s "rkhunter Daily Run on $(hostname)" $MAILTO
+    fi
+    /bin/cat $TMPFILE1 >> $LOGFILE
+  fi
+
+  # Delete the gating lockfile
+  /bin/rm -f /var/lock/subsys/rkhunter
+fi
+
+# Delete the secure tempfile
+/bin/rm -f $TMPFILE1
+
+exit $XITVAL