#! /bin/ksh
#
# updatedb - create a list of all files on the local system.
#
# Version: 1995/01/23.
#
#
# Set the list of directories not to be scanned.
#
dirlist="/news /cdrom"
#
# Set the database file name.
#
fcodes=/usr/local/lib/findfile.list
#
# Get system-dependent parameters.
#
. /usr/local/bin/Getsystemoptions
#
# Check that all NFS file systems are available, if possible.
#
if [ -x /usr/local/bin/Getnfsdownlist ]; then
   nfsdownlist="`/usr/local/bin/Getnfsdownlist`"
   if [ "$nfsdownlist" != "" ]; then
      echo "*** $0 finds NFS servers are down ***"
      for n in $nfsdownlist
      do
         echo $n
      done
      $mail -s "$basecommand on $host found NFS servers down" $admin <<EOF1
$basecommand on $host found the following NFS servers are down:

`echo $nfsdownlist`

The $basecommand command was not run - run it manually when all
NFS servers are up.
EOF1
      exit 1
   fi
fi
#
# Get the list of local file systems.
#
srchpaths="`Getlocalfs $dirlist | sort`"
#
# Loop over the directories, making a file list.
#
/bin/rm -f $fcodes
for d in $srchpaths
do
   find $d $findopts -print | sort | cat -v -t >>$fcodes
done
#
# Look for some problems:
#
maillist=/tmp/maillist.$$
/bin/rm -f $maillist
#
# Check for file names containing '..', which can be used
# by crackers to hide things.
#
dotlist=/tmp/dotlist.$$
grep '\.\.' $fcodes >$dotlist
if [ -s $dotlist ]; then
   cat <<EOF1 >>$maillist
The following file names contain '..', and are potential
security risks if being used by a cracker to hide files:

EOF1
   cat $dotlist >>$maillist
   cat <<EOF2 >>$maillist


EOF2
fi
#
# Check for file names containing a blank, which can be used
# by crackers to hide things, and are difficult for users.
#
blanklist=/tmp/blanklist.$$
grep ' ' $fcodes >$blanklist
if [ -s $blanklist ]; then
   cat <<EOF3 >>$maillist
The following files contain a blank, and are potential
security risks if being used by a cracker to hide files,
and are difficult for users to manipulate:

EOF3
   cat $blanklist >>$maillist
   cat <<EOF4 >>$maillist


EOF4
fi
#
# Check for file names containing a backslash character, which can
# cause problems with gnu tar, and are difficult for users.
#
backslashlist=/tmp/backslashlist.$$
grep '\\' $fcodes >$backslashlist
if [ -s $backslashlist ]; then
   cat <<EOF5 >>$maillist
The following file names contain a backslash character, and may cause
problems with GNU tar, and are difficult for users to manipulate:

EOF5
   cat $backslashlist >>$maillist
   cat <<EOF6 >>$maillist


EOF6
fi
#
# Check for file names containing a control character, which can be used
# by crackers to hide things, and are difficult for users.
# Check each file with 'M-' to see if this is just a file with 'M-'
# in the name, or a converted character larger than ASCII DEL.
#
controllist=/tmp/controllist.$$
grep '\^' $fcodes >$controllist
for f in `grep 'M-' $fcodes`
do
   if [ ! -r "$f" ]; then
      echo "$f" >>$controllist
   fi
done
if [ -s $controllist ]; then
   cat <<EOF7 >>$maillist
The following file names contain a control character, and are potential
security risks if being used by a cracker to hide files,
and are difficult for users to manipulate:

EOF7
   cat $controllist >>$maillist
   cat <<EOF8 >>$maillist

Note that file names listed which contain the string 'M-' may in fact
be OK, since the conversion of some non-printable characters produces
'M-x' in the file name.
EOF8
fi
#
# Mail the summary to the system administrator.
#
if [ -s $maillist ]; then
   $mail -s "Updatedb found the following problems on $host" $admin <$maillist
fi
#
# Clean up.
#
/bin/rm -f $maillist $dotlist $blanklist $controllist $backslashlist
#
exit 0
#
# End of updatedb.
#
