#!/bin/sh
#
# script to run aide --check and verify GPG signatures
#
# written by Vincent Danen <vdanen-at-annvix.org>
#
# $Id: aidecheck 5176 2006-01-31 03:17:02Z vdanen $

hostname=`uname -n`
gpg="/usr/bin/gpg"
aide="/usr/sbin/aide"
fname="aide-`hostname`-`date +%Y%m%d-%H%M%S`"

echo "AIDE integrity check for ${hostname} beginning (`date`)"
echo ""
if [ ! -e /var/lib/aide/aide.db ] ; then
    echo "**** Error: AIDE database for ${hostname} not found."
    echo "**** Run 'aideinit' to create the database file."
else
    if [ -f /etc/aide.conf ]; then
        if [ -f /var/lib/aide/aide.db.sig ]; then
	    pushd /var/lib/aide >/dev/null
	        echo "Verifying the GPG signature on the database..."
		echo ""
	        ${gpg} --verify aide.db.sig
		echo ""
		if [ "$?" == "1" ]; then
		    echo "************************************************************"
		    echo "GPG signature FAILED!  Your database has been tampered with!"
		    echo "************************************************************"
		    exit 1
		fi
	    popd >/dev/null
	else
	    echo "**** Error: No GPG signature found for the AIDE database!"
	    echo "**** Unable to verify database; your system may be compromised or incorrectly configured!"
	    exit 1
	fi
        nice -20 ${aide} --check -B "report_url=file:/var/lib/aide/reports/${fname}.report" 2>/dev/null
    fi
fi

exit 0