Initial commit.

cron.daily/rkhunter

@@ -0,0 +1,57 @@
+#!/bin/sh
+# 01-rkhunter  A shell script to update and run rkhunter via CRON
+
+XITVAL=0
+
+# Get a secure tempfile
+TMPFILE1=`/bin/mktemp -p /var/lib/rkhunter rkhcronlog.XXXXXXXXXX` || exit 1
+
+if [ ! -e /var/lock/subsys/rkhunter ]; then
+
+  # Try to keep the SysInit boot scan from colliding with us (highly unlikely)
+  /bin/touch /var/lock/subsys/rkhunter
+
+  # Source system configuration parameters.
+  if [ -e /etc/sysconfig/rkhunter ] ; then
+    . /etc/sysconfig/rkhunter
+  else
+    MAILTO=root@localhost
+  fi
+
+  # If a diagnostic mode scan was requested, setup the parameters
+  if [ "$DIAG_SCAN" = "yes" ]; then
+    RKHUNTER_FLAGS="--checkall --skip-keypress --nocolors --quiet --appendlog --display-logfile"
+  else
+    RKHUNTER_FLAGS="--cronjob --nocolors --report-warnings-only"
+  fi
+
+  # Set a few critical parameters
+  RKHUNTER=/usr/bin/rkhunter
+  LOGFILE=/var/log/rkhunter/rkhunter.log
+
+  # Run RootKit Hunter if available
+  if [ -x $RKHUNTER ]; then
+    /bin/echo -e "\n--------------------- Start Rootkit Hunter Update ---------------------" \
+      > $TMPFILE1
+    /bin/nice -n 10 $RKHUNTER --update --nocolors 2>&1 >> $TMPFILE1
+    /bin/echo -e "\n---------------------- Start Rootkit Hunter Scan ----------------------" \
+      >> $TMPFILE1
+    /bin/nice -n 10 $RKHUNTER $RKHUNTER_FLAGS 2>&1 >> $TMPFILE1
+    XITVAL=$?
+    /bin/echo -e "\n----------------------- End Rootkit Hunter Scan -----------------------" \
+      >> $TMPFILE1
+
+    if [ $XITVAL != 0 ]; then
+         /bin/cat $TMPFILE1 | /bin/mail -s "rkhunter Daily Run on $(hostname)" $MAILTO
+    fi
+    /bin/cat $TMPFILE1 >> $LOGFILE
+  fi
+
+  # Delete the gating lockfile
+  /bin/rm -f /var/lock/subsys/rkhunter
+fi
+
+# Delete the secure tempfile
+/bin/rm -f $TMPFILE1
+
+exit $XITVAL