linx/SIC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Initial commit

Browse Source
This commit is contained in:
胡楠
2023-02-28 09:33:09 +08:00
commit 5dedfaa5d9
36 changed files with 2491 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
README.md Normal file
View File

@@ -0,0 +1,98 @@
## 系统完整性检测工具记录
之前没有做记录此记录从V0.2开始进行记录
### 当前情况
#### code目录
```
code/
├── datadifflib
│   ├── main.c
│   ├── Makefile
│   ├── md5.c
│   ├── md5.h
│   ├── pkg.sh
│   ├── scan
│   ├── scan.c
│   └── scan.h
├── dataintolib
│   ├── clear_datelib.sh
│   ├── into_datelib.sh
│   └── iso
├── datalib
│   ├── fileinfo.db
│   ├── fileinfo.sql
│   └── merge.sh
├── pkg.sh
├── README.md
└── work
├── make.sh
└── test.c
```
完成详细设计的代码整体分为两部分系统信息收集部分into_datelib.sh目前的收集程序采用交互式只能收集系统的安装包需要先在虚拟机上安装好系统然后将镜像挂载到系统上程序会先根据镜像中的安装包生成安装包列表并收集安装包的全部信息然后用命令pkg、dpkg、rpm收集当前已经安装的安装包列表对已经安装的收集系统中文件的信息对未安装的收集安装包中的文件信息。
文件对比部分,读取系统的全部安装包,与当前系统中的安装包做比较,将安装的安装包记录并比较(包信息、包所属文件信息),将不存在和被卸载的安装包记录。
### 其他目录
目前已经编写SIC-详细设计说明书-V0.2.odt、SIC-项目变更记录.doc、立项申请书.odt、项目计划书.odt、SIC-用户需求说明书-V0.1.pdf、SIC-产品需求说明书-V0.1.odt。
```
zhang:~/git-zhang/SIC$ tree design/
design/
├── README.md
├── SIC-详细设计说明书-V0.2.odt
├── SIC-详细设计说明书-V0.2.pdf
├── 产品信息入库工具.png
├── 文件完整性检测工具结构图.png
├── 文件信息对比模块-流程图.png
└── 系统完整性检测工具结构图.png
0 directories, 7 files
zhang:~/git-zhang/SIC$ tree manage/
manage/
├── SIC-项目变更记录.doc
├── SIC-项目变更记录.pdf
├── 立项申请书.odt
├── 立项申请书.pdf
├── 项目计划书.odt
└── 项目计划书.pdf
0 directories, 6 files
zhang:~/git-zhang/SIC$ tree requirement/
requirement/
├── SIC-产品需求说明书-V0.1.odt
├── SIC-产品需求说明书-V0.1.pdf
├── SIC-用户需求说明书-V0.1.odt
└── SIC-用户需求说明书-V0.1.pdf
0 directories, 4 files
```
### 电科院需求
#### 工具功能
1. 能够采集应用软件的可执行文件、配置文件的版本信息。
2. 能够对运行的进程进行版本信息采集,包括起依赖的软件版本信息。
#### 功能规范和信息输出格式。
1. 输出信息格式初步为:“文件成名+文件类型+md5校验码”
2. 文件类型可执行二进制文件ELF、可执行shell脚本、文本配置文件、日志文件
#### 程序信息采集功能需求:
1. 能够动态采集运行的程序文件,同时按照程序文件、第三方组件、配置文件、系统文件、其>它文件等分类进行标识;(标识分类可讨论补充);
2. 程序采集按照指令触发响应的模式进行,即接收到触发指令,执行对程序文件信息的采集,>确定指令接口;
3. 采集程序过程中,控制资源消耗,不能影响正常程序文件的正常运行;
4. 由中国电科院提供校验码计算程序接口,在采集到程序文件列表后,利用计算程序接口计算>每个文件的校验码;
5. 计算结束后,按照软件名称、文件路径及名称、文件标识、校验码
###

25
code/README.md Normal file
View File

@@ -0,0 +1,25 @@
# 系统完整性检测工具源码
###### datadifflib 对比工具源代码
###### dataintolib 信息入库源代码
###### datalib 信息库源代码
###### work 工具生成脚本
### v0.1 更新介绍
将信息入库源代码从新优化,收集方式从直接解压源代码包,更改为对搭建的虚拟机已经安装的安装包,其中的文件信息进行收集。
优化后收集文件信息需要搭建好虚拟机并将dataintolib、datalib目录放置在虚拟机内将镜像放到dataintolib/iso目录
下,运行收集脚本。
### v0.2 更新介绍 
增加pkg.sh脚本该脚本为实际使用工具。
增加work目录用来生成检查工具。生成过程为将数据库和检测工具打包后追加到pkg.sh脚本中。
### v0.3 更新介绍

7
code/datadifflib/Makefile Normal file
View File

@@ -0,0 +1,7 @@
scan:main.c md5.c
gcc main.c md5.c -static -lsqlite3 -lpthread -ldl -lm -o scan -Wall -g
.PHONY:clean
clean:
rm scan

699
code/datadifflib/main.c Normal file
View File

@@ -0,0 +1,699 @@
#include "scan.h"
/* 主函数
*
*
*
*/
//#define PRINT_TEST
int main(int argc, const char *argv[])
{
/*****************获取数据库*********************************************/
struct isoinfo iso;//镜像信息结构体
char content[1024];
memset(content,0,sizeof(content));
if(get_iso_info(&iso)!=0)//获取当前系统id
{
sprintf(content,"iso|2|iso_name:%s|镜像在数据库中未找到",iso.name);
}
else
{
sprintf(content,"iso|1|iso_name:%s|iso_version:%s|iso_md5:%s|iso_id:%d|iso_issue=%s",iso.name,iso.version,iso.md5,iso.id,iso.issue);
}
put_diff_log(content);
/******************获取镜像信息*****************************************/
FILE *fp;
char now_name[256];
struct pkginfo now_pkg,data_pkg;
struct fileinfo now_file,data_file;
struct datalib file_list;
//获取当前系统安装包列表
if ((fp = fopen(PKGLIST,"r")) == NULL)
{
printf("can't open PKGLIST\n");
return 0;
}
int progress_i=0,progress_j=0,progress_sum=0,progress_sleep=0;
char progress_bar[101]={0};
if ( argc >=2 )
{
progress_sleep=atoi(argv[1]);
}
//每读取一条,便在数据库中搜索该安装包是否存在。
while(fgets(now_name,255,fp) != NULL)
{
/***********************读取当前安装包列表*******************************/
get_now_pkg(now_name,&now_pkg);
if ( argc >= 3 )
{
progress_sum=atoi(argv[2]);
progress_j=progress_i*100/progress_sum;
printf("[%-100s] [%s] [%d%%]\n",progress_bar,now_pkg.name,progress_j);
fflush(stdout);
progress_bar[progress_j]='#';
progress_i++;
}
/***************************打印对比进度********************************/
memset(content,0,sizeof(content));
if(get_pkg_info(&iso,&now_pkg,&data_pkg,FROM_NOWISO) == 0)
{
sprintf(content,"pkg|1|name:%s|version:%s|md5:%s",data_pkg.name,data_pkg.version,data_pkg.md5);
put_diff_log(content);
//安装包是默认安装
}
else if(get_pkg_info(&iso,&now_pkg,&data_pkg,FROM_DATALIB) == 0)
{
sprintf(content,"pkg|2|name:%s|version:%s|md5:%s",data_pkg.name,data_pkg.version,data_pkg.md5);
put_diff_log(content);
//安装包在数据库中存在
}
else
{
sprintf(content,"pkg|3|name:%s|version:%s",now_pkg.name,now_pkg.version);
put_diff_log(content);
continue;
//安装包在数据库不存在
}
/**************根据当前安装包列表搜索数据库中该安装包是否存在*************/
get_datafile_list(data_pkg,&data_file,&file_list);
//获取安装包文件列表
int i=0;
for(i=file_list.ncolumn;i<((file_list.nrow+1)*file_list.ncolumn);i=i+file_list.ncolumn)
{
memset(&data_file,0,sizeof(data_file));
memset(&now_file,0,sizeof(now_file));
get_datafile_info(i,&file_list,&data_file);
//获取数据库中该安装包文件信息
if(get_nowfile_info(&now_file,&data_file) == -1)
{
//文件在当前系统不存在
memset(content,0,sizeof(content));
sprintf(content,"file|3|name@@%s|type@@%s|md5@@%s|permis@@%s|owner@@%d|genus@@%d|acl@@%s|capable@@%s|mac@@%s|"\
,data_file.pathname,data_file.type,data_file.md5,data_file.permis,data_file.owner,data_file.genus\
,data_file.acl,data_file.capable,data_file.mac);
clean_n(content);
put_diff_log(content);
continue;
}
//获取当前系统中该文件信息
diff_file_info(now_file,data_file);
//对比数据库中与当前系统中文件信息的差异
usleep(progress_sleep);
//对程序性能进行限制
}
sqlite3_free_table(file_list.db_result);
}
/**************对比当前安装包列表文件信息是否正常*************/
fclose(fp);
return 0;
}
/*
* 功能 根据当前检测系统来获取当前镜像信息,获取依据为本系统的/etc/issue文件。
* 输入 镜像信息结构体
* 输出 正确返回镜像id 错误返回 -1
*/
int get_iso_info(struct isoinfo *iso)
{
FILE *fp;
int i = 0;
//获取当前系统版本
if ((fp = fopen("/etc/issue","r")) == NULL)
{
printf("can't open /etc/issue\n");
return -1;
}
char c;
memset(iso->issue,0,sizeof(iso->issue));
while( (c=getc(fp)) != EOF)
{
if(c != '\n')
{
iso->issue[i] = c;
}
else
{
iso->issue[i] = ' ';
}
i++;
}
// printf("%s\n",iso->issue);
//获取数据库product表中的系统版本 和镜像id
sqlite3 *db;
int ret = 0;
ret = sqlite3_open(DATALIB,&db);
if(ret != SQLITE_OK)
{
printf("open database error : %s\n",sqlite3_errmsg(db));
sqlite3_close(db);
return -1;
}
/*获取数据库*/
int nrow,ncolumn;
char ** db_result;
ret = 0;
char select_query[1024];
iso->issue[strlen(iso->issue)-1]=0;
sprintf(select_query,"select product_id,product_name,product_version,product_md5 from product where product_issue=\"%s\";",iso->issue);
ret = sqlite3_get_table(db,select_query,&db_result,&nrow,&ncolumn,NULL);
if(ret != SQLITE_OK)
{
printf("openside database error : %s\n",sqlite3_errmsg(db));
sqlite3_close(db);
return -1;
}
if(nrow < 1)
{
printf("未找到该镜像\n");
sqlite3_close(db);
return -2;
}
for(i=ncolumn;i<(nrow+1)*ncolumn;i=i+ncolumn)
{
iso->id=atoi(db_result[i]);
strcpy(iso->name,db_result[i+1]);
strcpy(iso->version,db_result[i+2]);
strcpy(iso->md5,db_result[i+3]);
}
sqlite3_close(db);
fclose(fp);
sqlite3_free_table(db_result);
return 0;
}
/*
* 功能 对pkglist文件读取出的数据进行处理输入到当前安装包信息结构体中。
*
* 输入 获取到的安装包名 当前安装包结构体
* 输出 正确返回0
*/
int get_now_pkg(char *now_name,struct pkginfo *now_pkg)
{
//获取当前系统安装包名
int a=0;
int b=0;
while(now_name[a] != '\n')
{
if(now_name[a] != ' ')
{
now_pkg->name[a] = now_name[a];
a++;
}
else
{
now_pkg->name[a] = '\0';
a++;
break;
}
}
//获取当前系统安装包版本
while(now_name[a] != '\n')
{
now_pkg->version[b] = now_name[a];
a++;
b++;
}
now_pkg->version[b] = '\0';
return 0;
}
/*
* 功能 根据标志位,获取数据库中安装包信息。
* 标志位
* FROM_PKGID:根据安装包id获取安装包信息
* FROM_NOWISO:根据安装包和安装包版本在当前产品默认安装包的包列表中查找
* FROM_DATALIB:根据安装包名和安装包版本遍历整个数据库
*
* 输入 镜像信息结构体 当前安装包信息结构体 数据库安装包信息结构体 获取标志位
* 输出 正确返回镜像id 错误返回 -1
*/
int get_pkg_info(struct isoinfo *iso,struct pkginfo *now_pkg,struct pkginfo *data_pkg,int statu)
{
sqlite3 *db;
int ret = 0;
ret = sqlite3_open(DATALIB,&db);
if(ret != SQLITE_OK)
{
printf("open database error : %s\n",sqlite3_errmsg(db));
sqlite3_close(db);
return -1;
}
/*获取数据库*/
int nrow,ncolumn;
char ** db_result;
ret = 0;
char select_query[2048];
switch (statu)
{
case FROM_PKGID:
//根据安装包id获取安装包信息
sprintf(select_query,"select pkg_name,pkg_version,pkg_id,pkg_md5 from pkg where pkg_id = %d;",now_pkg->id);
break;
case FROM_NOWISO:
//根据安装包和安装包版本在当前产品默认安装包的包列表中查找
sprintf(select_query,"select pkg.pkg_name,pkg.pkg_version,pkg.pkg_id,pkg.pkg_md5 from product_and_pkg,pkg where product_id=%d and pkg.pkg_name=\"%s\" and pkg.pkg_version=\"%s\" and product_and_pkg.pkg_id=pkg.pkg_id;",iso->id,now_pkg->name,now_pkg->version);
break;
case FROM_DATALIB:
//根据安装包名和安装包版本遍历整个数据库
sprintf(select_query,"select pkg.pkg_name,pkg.pkg_version,pkg.pkg_id,pkg.pkg_md5 from pkg where pkg_name=\"%s\" and pkg_version=\"%s\" ;",now_pkg->name,now_pkg->version);
break;
}
//printf("%s\n",select_query);
ret = sqlite3_get_table(db,select_query,&db_result,&nrow,&ncolumn,NULL);
if(ret != SQLITE_OK)
{
printf("未发现当前安装包信息\n");
printf("openside database error : %s\n",sqlite3_errmsg(db));
sqlite3_close(db);
return -1;
}
if(nrow != 0)
{
strcpy(data_pkg->name,db_result[4]);
strcpy(data_pkg->version,db_result[5]);
data_pkg->id=atoi(db_result[6]);
strcpy(data_pkg->md5,db_result[7]);
#ifdef PRINT_TEST
printf("pkg_name:%s pkg_version:%s pkg_id:%s pkg_md5:%s\n ",db_result[4],db_result[5],db_result[6],db_result[7]);
#endif
sqlite3_close(db);
sqlite3_free_table(db_result);
return 0;
}
else
{
sqlite3_close(db);
sqlite3_free_table(db_result);
return -2;
}
}
/*
* 功能 根据安装包信息,获取数据库中该安装包的文件列表
*
* 输入 数据库安装包信息结构体 数据库文件信息结构体
* 输出 正确返回0 错误返回-1
*/
int get_datafile_list(struct pkginfo data_pkg,struct fileinfo *data_file,struct datalib *file_list)
{
int ret = 0;
char select_query[2048];
sqlite3 *db;
ret = sqlite3_open(DATALIB,&db);
if(ret != SQLITE_OK)
{
printf("open database error : %s\n",sqlite3_errmsg(db));
sqlite3_close(db);
return -1;
}
/*获取数据库*/
sprintf(select_query,"select file_id,file_name,file_pathname,file_md5,file_type,file_owner,file_genus,file_permis,file_size,file_acl,file_capable,file_level,file_mac from file where pkg_id=%d;",data_pkg.id);
//根据安装包id获取其对应文件的信息
ret = sqlite3_get_table(db,select_query,&file_list->db_result,&file_list->nrow,&file_list->ncolumn,NULL);
if(ret != SQLITE_OK)
{
printf("未发现当前安装包信息\n");
printf("openside database error : %s\n",sqlite3_errmsg(db));
sqlite3_close(db);
return -1;
}
sqlite3_close(db);
return 0;
}
/* 将获取的文件信息转入到文件信息结构体中
*
* 输入 获取列表中第几个文件 安装包文件列表信息结构体 文件信息结构体
* 输出 无
*
*/
void get_datafile_info(int i,struct datalib *file_list,struct fileinfo *data_file)
{
data_file->id=atoi(file_list->db_result[i]);
strcpy(data_file->name,file_list->db_result[i+1]);
strcpy(data_file->pathname,file_list->db_result[i+2]);
strcpy(data_file->md5,file_list->db_result[i+3]);
strcpy(data_file->type,file_list->db_result[i+4]);
data_file->owner=atoi(file_list->db_result[i+5]);
data_file->genus=atoi(file_list->db_result[i+6]);
strcpy(data_file->permis,file_list->db_result[i+7]);
data_file->size=atoi(file_list->db_result[i+8]);
strcpy(data_file->acl,file_list->db_result[i+9]);
strcpy(data_file->capable,file_list->db_result[i+10]);
strcpy(data_file->level,file_list->db_result[i+11]);
strcpy(data_file->mac,file_list->db_result[i+12]);
#ifdef PRINT_TEST
printf("file_name=%s\n",data_file->name);
#endif
}
/* 获取当期系统的具体文件信息
*
* 输入 当前文件信息结构体 数据库文件信息结构体
* 输出 获取正常返回0 错误返回-1
*
*/
int get_nowfile_info( struct fileinfo *now_file,struct fileinfo *data_file )
{
struct stat filestat;
strcpy(now_file->name,data_file->name);
strcpy(now_file->pathname,data_file->pathname);
if(lstat(now_file->pathname,&filestat) < 0)
{
printf("cannot access the file %s\n",now_file->pathname);
perror("error : ");
return -1;
}
strcpy(now_file->md5,"");//清除now_file->md5
//获取文件类型
switch(filestat.st_mode & S_IFMT){
case S_IFDIR :
sprintf(now_file->type,"d");
break;
case S_IFBLK :
sprintf(now_file->type,"b");
//获取文件md5值
get_file_md5(now_file->pathname,now_file->md5);
break;
case S_IFSOCK :
sprintf(now_file->type,"s");
//获取文件md5值
get_file_md5(now_file->pathname,now_file->md5);
break;
case S_IFLNK :
sprintf(now_file->type,"l");
break;
case S_IFREG :
sprintf(now_file->type,"-");
//获取文件md5值
get_file_md5(now_file->pathname,now_file->md5);
break;
case S_IFCHR :
sprintf(now_file->type,"c");
break;
case S_IFIFO :
sprintf(now_file->type,"p");
break;
}
//获取文件大小
now_file->size = filestat.st_size;
//获取文件权限
sprintf(now_file->permis,"%o",(filestat.st_mode&S_ISUGV)+(filestat.st_mode&S_IRWXU)+(filestat.st_mode&S_IRWXG)+(filestat.st_mode&S_IRWXO));
//获取文件属主
now_file->owner=filestat.st_uid;
//获取文件属组
now_file->genus=filestat.st_gid;
//获取文件acl
get_acl(now_file);
//获取文件capable
get_cap(now_file);
//获取文件mac
get_mac(now_file);
//获取文件level
//now_file->level=NULL;
return 0 ;
}
/* 对比当前文件信息和数据库中文件信息的差异
*
* 输入 当前文件信息结构体 数据库文件信息结构体
* 输出 正确返回0
*
*/
int diff_file_info(struct fileinfo now_file,struct fileinfo data_file)
{
char content[9][512]={{0}};
char log[1024]={0};
int status=1;
sprintf(content[0],"name@%s",now_file.pathname);
if(strcmp(now_file.type,data_file.type) != 0)
{
sprintf(content[1],"type@%s@%s",now_file.type,data_file.type);
status=2;
}
if(now_file.type[0] != 'l')//如果文件类型为链接文件则不需要比较md5值
{
if(strcmp(now_file.md5,data_file.md5) != 0)
{
sprintf(content[2],"md5@%s@%s",now_file.md5,data_file.md5);
status=2;
}
}
if(strcmp(now_file.permis,data_file.permis) != 0)
{
sprintf(content[3],"permis@%s@%s",now_file.permis,data_file.permis);
status=2;
}
if(now_file.owner != data_file.owner)
{
sprintf(content[4],"owner@%d@%d",now_file.owner,data_file.owner);
status=2;
}
if(now_file.genus != data_file.genus)
{
sprintf(content[5],"genus@%d@%d",now_file.genus,data_file.genus);
status=2;
}
if(strcmp(now_file.acl,data_file.acl) != 0)
{
sprintf(content[6],"acl@%s@%s",now_file.acl,data_file.acl);
status=2;
}
if(strcmp(now_file.capable,data_file.capable) != 0)
{
sprintf(content[7],"capable@%s@%s",now_file.capable,data_file.capable);
status=2;
}
if(strcmp(now_file.mac,data_file.mac) != 0)
{
sprintf(content[8],"mac@%s@%s",now_file.mac,data_file.mac);
status=2;
}
sprintf(log,"file|%d|%s|%s|%s|%s|%s|%s|%s|%s|%s|",status,content[0],content[1],content[2],content[3],content[4],content[5],content[6],content[7],content[8]);
clean_n(log);
put_diff_log(log);
return 0 ;
}
/* 打印信息到记录日志
*
* 输入 需要打印的信息指针
* 输出 正确返回0 失败返回-1
*/
int put_diff_log(char *content)
{
FILE *fp=NULL;
if ((fp = fopen(FILEDIFF,"a")) == NULL)
{
perror("can't open FILEDIFF:");
return -1;
}
fputs(content,fp);
putc('\n',fp);
fflush(fp);
fclose(fp);
return 0;
}
/* 获取shell指令的输出
*
* 输入 shell指令指针 输出信息指针 输出信息的大小
* 输出 正确返回0 错误返回-1
*/
int myshell(char *command,char *buff,int num)
{
FILE *fp;
if ((fp=popen(command,"r")) == NULL)
{
perror("popen fp error");
return -1;
}
fread(buff,sizeof(char),num,fp);
if (pclose(fp) == -1)
{
perror("pclose fp error");
return -2;
}
return 0;
}
/* 获取文件acl
*
* 将根据当前结构提中文件名获取该文件的acl并存储到结构体中
*
* 输入 文件信息结构体
* 输出 无返回
*/
void get_acl(struct fileinfo *now_file)
{
memset(now_file->acl,0,sizeof(now_file->acl));
if ( now_file->type[0] == 'c' || now_file->type[0] == 'p' || now_file->type[0] == 'l')
return ;
char command[1024]={0};
sprintf(command,"getfacl --absolute-name \"%s\" 2>&1",now_file->pathname);
myshell(command,now_file->acl,sizeof(now_file->acl));
now_file->acl[strlen(now_file->acl)-2]='\0';
}
/* 获取文件mac
*
* 将根据当前结构提中文件名获取该文件的mac并存储到结构体中
*
* 输入 文件信息结构体
* 输出 无返回
*/
void get_mac(struct fileinfo *now_file)
{
memset(now_file->mac,0,sizeof(now_file->mac));
if ( now_file->type[0] == 'c' || now_file->type[0] == 'p' || now_file->type[0] == 'l')
return ;
char command[1024]={0};
sprintf(command,"getfmac \"%s\" 2>/dev/null",now_file->pathname);
myshell(command,now_file->mac,sizeof(now_file->mac));
now_file->mac[strlen(now_file->mac)-1]='\0';
}
/* 获取文件cap
*
* 将根据当前结构提中文件名获取该文件的cap并存储到结构体中
*
* 输入 文件信息结构体
* 输出 无返回
*/
void get_cap(struct fileinfo *now_file)
{
memset(now_file->capable,0,sizeof(now_file->capable));
if ( now_file->type[0] == 'c' || now_file->type[0] == 'p' || now_file->type[0] == 'l')
return ;
char command[1024]={0};
sprintf(command,"getcap \"%s\" 2>/dev/null",now_file->pathname);
myshell(command,now_file->capable,sizeof(now_file->capable));
now_file->capable[strlen(now_file->capable)-1]='\0';
}
void clean_n(char *log){
int i=0;
while(i<strlen(log))
{
if(log[i] == '\n')
{
log[i]=' ';
}
i++;
}
}

231
code/datadifflib/md5.c Normal file
View File

@@ -0,0 +1,231 @@
#include "md5.h"
#include <memory.h>
unsigned char PADDING[] =
{
0x80,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
};
void MD5Init(MD5_CTX *context)
{
context->count[0] = 0;
context->count[1] = 0;
context->state[0] = 0x67452301;
context->state[1] = 0xEFCDAB89;
context->state[2] = 0x98BADCFE;
context->state[3] = 0x10325476;
}
void MD5Update(MD5_CTX *context, unsigned char *input, unsigned int inputlen)
{
unsigned int i = 0;
unsigned int index = 0;
unsigned int partlen = 0;
index = (context->count[0] >> 3) & 0x3F;
partlen = 64 - index;
context->count[0] += inputlen << 3;
if(context->count[0] < (inputlen << 3))
context->count[1]++;
context->count[1] += inputlen >> 29;
if(inputlen >= partlen)
{
memcpy(&context->buffer[index], input,partlen);
MD5Transform(context->state, context->buffer);
for(i = partlen; i+64 <= inputlen; i+=64)
MD5Transform(context->state, &input[i]);
index = 0;
}
else
{
i = 0;
}
memcpy(&context->buffer[index], &input[i], inputlen-i);
}
void MD5Final(MD5_CTX *context, unsigned char digest[16])
{
unsigned int index = 0,padlen = 0;
unsigned char bits[8];
index = (context->count[0] >> 3) & 0x3F;
padlen = (index < 56)?(56-index):(120-index);
MD5Encode(bits, context->count, 8);
MD5Update(context, PADDING, padlen);
MD5Update(context, bits, 8);
MD5Encode(digest, context->state, 16);
}
void MD5Encode(unsigned char *output,unsigned int *input,unsigned int len)
{
unsigned int i = 0;
unsigned int j = 0;
while(j < len)
{
output[j] = input[i] & 0xFF;
output[j+1] = (input[i] >> 8) & 0xFF;
output[j+2] = (input[i] >> 16) & 0xFF;
output[j+3] = (input[i] >> 24) & 0xFF;
i++;
j += 4;
}
}
void MD5Decode(unsigned int *output, unsigned char *input, unsigned int len)
{
unsigned int i = 0;
unsigned int j = 0;
while(j < len)
{
output[i] = (input[j]) |
(input[j+1] << 8) |
(input[j+2] << 16) |
(input[j+3] << 24);
i++;
j += 4;
}
}
void MD5Transform(unsigned int state[4], unsigned char block[64])
{
unsigned int a = state[0];
unsigned int b = state[1];
unsigned int c = state[2];
unsigned int d = state[3];
unsigned int x[64];
MD5Decode(x,block,64);
FF(a, b, c, d, x[ 0], 7, 0xd76aa478); /* 1 */
FF(d, a, b, c, x[ 1], 12, 0xe8c7b756); /* 2 */
FF(c, d, a, b, x[ 2], 17, 0x242070db); /* 3 */
FF(b, c, d, a, x[ 3], 22, 0xc1bdceee); /* 4 */
FF(a, b, c, d, x[ 4], 7, 0xf57c0faf); /* 5 */
FF(d, a, b, c, x[ 5], 12, 0x4787c62a); /* 6 */
FF(c, d, a, b, x[ 6], 17, 0xa8304613); /* 7 */
FF(b, c, d, a, x[ 7], 22, 0xfd469501); /* 8 */
FF(a, b, c, d, x[ 8], 7, 0x698098d8); /* 9 */
FF(d, a, b, c, x[ 9], 12, 0x8b44f7af); /* 10 */
FF(c, d, a, b, x[10], 17, 0xffff5bb1); /* 11 */
FF(b, c, d, a, x[11], 22, 0x895cd7be); /* 12 */
FF(a, b, c, d, x[12], 7, 0x6b901122); /* 13 */
FF(d, a, b, c, x[13], 12, 0xfd987193); /* 14 */
FF(c, d, a, b, x[14], 17, 0xa679438e); /* 15 */
FF(b, c, d, a, x[15], 22, 0x49b40821); /* 16 */
/* Round 2 */
GG(a, b, c, d, x[ 1], 5, 0xf61e2562); /* 17 */
GG(d, a, b, c, x[ 6], 9, 0xc040b340); /* 18 */
GG(c, d, a, b, x[11], 14, 0x265e5a51); /* 19 */
GG(b, c, d, a, x[ 0], 20, 0xe9b6c7aa); /* 20 */
GG(a, b, c, d, x[ 5], 5, 0xd62f105d); /* 21 */
GG(d, a, b, c, x[10], 9, 0x2441453); /* 22 */
GG(c, d, a, b, x[15], 14, 0xd8a1e681); /* 23 */
GG(b, c, d, a, x[ 4], 20, 0xe7d3fbc8); /* 24 */
GG(a, b, c, d, x[ 9], 5, 0x21e1cde6); /* 25 */
GG(d, a, b, c, x[14], 9, 0xc33707d6); /* 26 */
GG(c, d, a, b, x[ 3], 14, 0xf4d50d87); /* 27 */
GG(b, c, d, a, x[ 8], 20, 0x455a14ed); /* 28 */
GG(a, b, c, d, x[13], 5, 0xa9e3e905); /* 29 */
GG(d, a, b, c, x[ 2], 9, 0xfcefa3f8); /* 30 */
GG(c, d, a, b, x[ 7], 14, 0x676f02d9); /* 31 */
GG(b, c, d, a, x[12], 20, 0x8d2a4c8a); /* 32 */
/* Round 3 */
HH(a, b, c, d, x[ 5], 4, 0xfffa3942); /* 33 */
HH(d, a, b, c, x[ 8], 11, 0x8771f681); /* 34 */
HH(c, d, a, b, x[11], 16, 0x6d9d6122); /* 35 */
HH(b, c, d, a, x[14], 23, 0xfde5380c); /* 36 */
HH(a, b, c, d, x[ 1], 4, 0xa4beea44); /* 37 */
HH(d, a, b, c, x[ 4], 11, 0x4bdecfa9); /* 38 */
HH(c, d, a, b, x[ 7], 16, 0xf6bb4b60); /* 39 */
HH(b, c, d, a, x[10], 23, 0xbebfbc70); /* 40 */
HH(a, b, c, d, x[13], 4, 0x289b7ec6); /* 41 */
HH(d, a, b, c, x[ 0], 11, 0xeaa127fa); /* 42 */
HH(c, d, a, b, x[ 3], 16, 0xd4ef3085); /* 43 */
HH(b, c, d, a, x[ 6], 23, 0x4881d05); /* 44 */
HH(a, b, c, d, x[ 9], 4, 0xd9d4d039); /* 45 */
HH(d, a, b, c, x[12], 11, 0xe6db99e5); /* 46 */
HH(c, d, a, b, x[15], 16, 0x1fa27cf8); /* 47 */
HH(b, c, d, a, x[ 2], 23, 0xc4ac5665); /* 48 */
/* Round 4 */
II(a, b, c, d, x[ 0], 6, 0xf4292244); /* 49 */
II(d, a, b, c, x[ 7], 10, 0x432aff97); /* 50 */
II(c, d, a, b, x[14], 15, 0xab9423a7); /* 51 */
II(b, c, d, a, x[ 5], 21, 0xfc93a039); /* 52 */
II(a, b, c, d, x[12], 6, 0x655b59c3); /* 53 */
II(d, a, b, c, x[ 3], 10, 0x8f0ccc92); /* 54 */
II(c, d, a, b, x[10], 15, 0xffeff47d); /* 55 */
II(b, c, d, a, x[ 1], 21, 0x85845dd1); /* 56 */
II(a, b, c, d, x[ 8], 6, 0x6fa87e4f); /* 57 */
II(d, a, b, c, x[15], 10, 0xfe2ce6e0); /* 58 */
II(c, d, a, b, x[ 6], 15, 0xa3014314); /* 59 */
II(b, c, d, a, x[13], 21, 0x4e0811a1); /* 60 */
II(a, b, c, d, x[ 4], 6, 0xf7537e82); /* 61 */
II(d, a, b, c, x[11], 10, 0xbd3af235); /* 62 */
II(c, d, a, b, x[ 2], 15, 0x2ad7d2bb); /* 63 */
II(b, c, d, a, x[ 9], 21, 0xeb86d391); /* 64 */
state[0] += a;
state[1] += b;
state[2] += c;
state[3] += d;
}
int get_file_md5(const char *file_path, char *md5_str)
{
int i;
int fd;
int ret;
unsigned char data[READ_DATA_SIZE];
unsigned char md5_value[MD5_SIZE];
MD5_CTX md5;
fd = open(file_path, O_RDONLY);
if (-1 == fd)
{
perror("open");
return -1;
}
// init md5
MD5Init(&md5);
while (1)
{
ret = read(fd, data, READ_DATA_SIZE);
if (-1 == ret)
{
perror("read");
return -1;
}
MD5Update(&md5, data, ret);
if (0 == ret || ret < READ_DATA_SIZE)
{
break;
}
}
close(fd);
MD5Final(&md5, md5_value);
for(i = 0; i < MD5_SIZE; i++)
{
snprintf(md5_str + i*2, 2+1, "%02x", md5_value[i]);
}
md5_str[MD5_STR_LEN] = '\0'; // add end
return 0;
}

62
code/datadifflib/md5.h Normal file
View File

@@ -0,0 +1,62 @@
#ifndef MD5_H
#define MD5_H
#define READ_DATA_SIZE 1024
#define MD5_SIZE 16
#define MD5_STR_LEN (MD5_SIZE * 2)
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
typedef struct
{
unsigned int count[2];
unsigned int state[4];
unsigned char buffer[64];
} MD5_CTX;
#define F(x,y,z) ((x & y) | (~x & z))
#define G(x,y,z) ((x & z) | (y & ~z))
#define H(x,y,z) (x^y^z)
#define I(x,y,z) (y ^ (x | ~z))
#define ROTATE_LEFT(x,n) ((x << n) | (x >> (32-n)))
#define FF(a,b,c,d,x,s,ac) \
{ \
a += F(b,c,d) + x + ac; \
a = ROTATE_LEFT(a,s); \
a += b; \
}
#define GG(a,b,c,d,x,s,ac) \
{ \
a += G(b,c,d) + x + ac; \
a = ROTATE_LEFT(a,s); \
a += b; \
}
#define HH(a,b,c,d,x,s,ac) \
{ \
a += H(b,c,d) + x + ac; \
a = ROTATE_LEFT(a,s); \
a += b; \
}
#define II(a,b,c,d,x,s,ac) \
{ \
a += I(b,c,d) + x + ac; \
a = ROTATE_LEFT(a,s); \
a += b; \
}
void MD5Init(MD5_CTX *context);
void MD5Update(MD5_CTX *context, unsigned char *input, unsigned int inputlen);
void MD5Final(MD5_CTX *context, unsigned char digest[16]);
void MD5Transform(unsigned int state[4], unsigned char block[64]);
void MD5Encode(unsigned char *output, unsigned int *input, unsigned int len);
void MD5Decode(unsigned int *output, unsigned char *input, unsigned int len);
int get_file_md5(const char *file_path, char *value);
#endif

123
code/datadifflib/pkg.sh Executable file
View File

@@ -0,0 +1,123 @@
#!/bin/bash
WORKDIR=./pkg
PKGLIST=$WORKDIR/pkglist
#硬限制
#限制进程最大内存使用100M
ulimit -Hv 102400
#限制进程最大虚拟内存为200M
ulimit -Hv 204800
#限制进程最大cpu占用时间为1秒
ulimit -Ht 1
#程序处理延迟(微秒)
progress_sleep=500
#初始化环境
function data_init(){
if [ -d $WORKDIR ];then
rm -rf $WORKDIR/log
fi
mkdir $WORKDIR/log
if [ -f $WORKDIR/pkglist ];then
rm pkglist
fi
}
#获取当前安装包列表
function data_pkglist(){
iso_version=`grep -o -E "42|60|80|76|77" /etc/issue`
case $iso_version in
42)
pkginfo -i >> $PKGLIST
;;
60|80)
#dpkg -l | awk '{if($1=="ii"){sub(":amd64","",$2);sub("[0-9]:","",$3);print $2"_"$3"_"$4}}' >> $PKGLIST
awk 'BEGIN{i=0;j=0;k=0}{if($1 == "Package:"){A[i]=$2;i+=1};if($1 == "Version:"){B[j]=$2;j+=1}if($1 == "Architecture:"){C[k]=$2;k=k+1}}END{for(i=0;i<k;i++)printf "%s_%s_%s\n",A[i],B[i],C[i]}' /var/lib/dpkg/status >> pkglist
;;
76|77)
rpm -qa | while read pkglist
do
pkg_isoname=`echo $pkglist | awk -F "-[0-9]" '{printf $1}'`
pkgversion=`ECTYPE_TRANSMIT_NOT_PRESENTho $pkglist | awk -F "$pkgname-" '{printf $2}'`
echo $pkgname $pkgversion >> $PKGLIST
done
;;
*)
echo "版本识别失败"
exit
;;
esac
}
#搭建工作环境
function data_env(){
tail -n +39 $0 > $WORKDIR/pkg.tar.gz
tar xf $WORKDIR/pkg.tar.gz
cd $WORKDIR/pkg
}
#对对比程序资源进行设置
function data_set(){
echo "设置进程资源"
}
#启动对比程序
function data_run(){
data_sum=`cat $PKGLIST | wc -l`
./scan $data_sum $progress_sleep
data_pid=$?
}
#监视对比程序运行状态
function data_control(){
echo "监视程序运行状态"
}
#生成检测报告
function data_report(){
echo "生成对比报告"
}
function main(){
data_init
data_pkglist
data_env
data_set
data_run
data_control
data_report
}
main
exit 0

BIN
code/datadifflib/scan Executable file
View File

Binary file not shown.

130
code/datadifflib/scan.c Normal file
View File

@@ -0,0 +1,130 @@
#include "scan.h"
//轮循读取文件名
void read_filename(char *dir)
{
DIR *dfd;
struct dirent *dp;
char name[MAX_NAME];
if ((dfd = opendir(dir)) == NULL)
{
printf("dir_order:can't open %s\n %s",dir,strerror(errno));
return ;
}
while ((dp = readdir(dfd)) != NULL)
{
if (strncmp(dp->d_name, ".", 1) == 0)
continue;
if (strlen(dir) + strlen(dp->d_name) + 2 > sizeof(name))//确定申请的空间够大
{
printf("dir_order:name %s %s too long\n",dir,dp->d_name);
return ;
}
else
{
memset(name,0,sizeof(char)*MAX_NAME);
sprintf(name,"%s/%s",dir,dp->d_name);
sprintf(file.name,name);
if(4 == dp->d_type)//判断文件为目录,则递归查询
{
read_filename(name);
printf("%s\n",name);
}
printf("%s\n" ,name);
}
}
closedir(dfd);
return ;
}
//获取文件部分信息
void read_filestat(struct fileinfo file)
{
struct stat filestat;
if(lstat(file.name,&filestat) <= 0)
{
printf("cannot access the file %s",file.name);
return;
}
//获取文件类型
switch(filestat.st_mode & S_IFMT){
case S_IFDIR :
sprintf(file.type,"目录");
break;
case S_IFSOCK :
sprintf(file.type," 套接字 ");
break;
case S_IFLNK :
sprintf(file.type," 软链接 ");
break;
case S_IFREG :
sprintf(file.type," 文件 ");
break;
case S_IFCHR :
sprintf(file.type," 字符设备 ");
break;
case S_IFIFO :
sprintf(file.type," 管道 ");
break;
}
//获取文件大小
//printf("%8ld\n" ,file.st_size);//打印文件名和文件大小。
file.size = filestat.st_size;
//获取文件权限
int i = 8;
while(i >= 0)
{
if((filestat.st_mode)& 1<<i)
{
switch(i%3)
{
case 2:
file.mod[9-i] = 'r';
break;
case 1:
file.mod[9-i] = 'w';
break;
case 0:
file.mod[9-i] = 'x';
break;
}
}
else
{
file.mod[9-i] = '-';
}
i--;
}
//获取文件属主
sprintf(file.uid,"%s",getpwuid(filestat.st_uid)->pw_name);
//获取文件属组
sprintf(file.gid,"%s",getgrgid(filestat.st_gid)->gr_name);
}
#if 0
void read_filemd5(struct fileinfo file)
{
}
#endif
#if 0
int main(int argc, const char *argv[])
{
char *dir = NULL;
char *name = NULL;
dir = (char *)malloc(MAX_FILE);
printf("请输入要读取的目录\n");
scanf("%s",dir);
read_filename(dir);
printf("文件名:%s\n",file.name);
return 0;
}
#endif

98
code/datadifflib/scan.h Normal file
View File

@@ -0,0 +1,98 @@
#include <stdio.h>
#include <dirent.h>
#include <malloc.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>
#include <string.h>
#include <pwd.h>
#include <grp.h>
#include <sqlite3.h>
#include <stdlib.h>
#include "md5.h"
#define MAX 512
#define MAX_NAME 512
#define MAX_FILE 512
#define MAX_ACL 1024
#define MAX_ID 32
#define MAX_TYPE 10
#define MAX_MD5 33
#define MAX_MOD 16
#define MAX_PATH 4096
#define FILEISO 1
#define FILEPKG 2
#define FILEFIL 3
#define FILEMD5 4
#define FILEPER 5
#define FILEOWN 6
#define FILEGEN 7
#define FILETYP 8
#define FROM_PKGID 10
#define FROM_NOWISO 20
#define FROM_DATALIB 30
#define S_ISUGV 07000
#define md5_t char
#define DATALIB "./fileinfo.db"
#define PKGLIST "./pkglist"
#define FILEDIFF "./diff.log"
struct isoinfo{
char name[MAX_NAME]; //镜像名
char version[MAX_NAME];//镜像版本
int id; //镜像id
md5_t md5[MAX_NAME]; //镜像md5_t
char issue[MAX_NAME];
} ;
struct pkginfo{
char name[MAX_NAME]; //安装包名
char version[MAX_NAME];//安装包版本
int id; //安装包id
md5_t md5[MAX_MD5]; //安装包md5
} ;
struct fileinfo{
int id; //文件id
char name[MAX_NAME]; //文件名
char pathname[MAX_PATH];//文件绝对路径名
md5_t md5[MAX_MD5]; //文件md5值
char type[MAX_TYPE]; //文件类型
int owner; //文件属主
int genus; //文件属组
char permis[MAX_ID]; //文件权限
off_t size; //文件大小
char acl[MAX_ACL]; //文件acl
char capable[MAX]; //文件能力
char mac[MAX]; //文件mac
char level[MAX]; //文件等级
} ;
struct datalib{
int nrow;
int ncolumn;
char ** db_result;
} ;
int get_iso_info(struct isoinfo *iso); //获取当前镜像信息
int get_now_pkg(char *now_name,struct pkginfo *now_pkg); //处理当前安装包列表
int get_pkg_info(struct isoinfo *iso,struct pkginfo *now_pkg,struct pkginfo *data_pkg,int statu);//获取安装包信息
int get_datafile_list(struct pkginfo data_pkg,struct fileinfo *data_file,struct datalib *file_list);//根据安装包信息获取对应文件列表
int get_nowfile_info( struct fileinfo *now_file,struct fileinfo *data_file );//获取当前系统文件具体信息
int diff_file_info(struct fileinfo now_file,struct fileinfo data_file);//对比当前系统文件信息和数据库文件信息
void get_datafile_info(int i,struct datalib *file_list,struct fileinfo *data_file);//将获取的文件信息转入到文件信息结构体中
void get_cap(struct fileinfo *now_file);
void get_mac(struct fileinfo *now_file);
void get_acl(struct fileinfo *now_file);
int put_diff_log(char *content);
int myshell(char *command,char *buff,int num);//调用shell命令
void clean_n(char *log);

50
code/dataintolib/clear_datelib.sh Executable file
View File

@@ -0,0 +1,50 @@
#!/bin/bash
LIDADDR="../datalib/fileinfo.db"
echo " 选择需要删除的数据类型"
echo "================================================================="
echo " 1 删除指定产品 2 删除指定安装包 3 删除指定文件 4 清除所有文件 5 清除所有 "
read stat
case ${stat:0:1} in
1)
echo "请输入产品id"
read product_id
sqlite3 $LIDADDR "delete from product where product_id = $product_id"
for id in `sqlite3 $LIDADDR "select pkg_id from product_and_pkg where product_id = $product_id"`
do
sqlite3 $LIDADDR "delete from file where pkg_id = $id"
sqlite3 $LIDADDR "delete from pkg where pkg_id = $id"
sqlite3 $LIDADDR "delete from product_and_pkg where product_id = $product_id"
done
;;
2)
echo "请输入安装包id"
read pkg_id
sqlite3 $LIDADDR "delete from file where pkg_id = $pkg_id"
sqlite3 $LIDADDR "delete from pkg where pkg_id = $pkg_id"
sqlite3 $LIDADDR "delete from product_and_pkg where pkg_id = $pkg_id"
;;
3)
echo "请输入文件名"
read file_id
sqlite3 $LIDADDR "delete from file where file_id = $file_id"
;;
4)
sqlite3 $LIDADDR "delete from file"
;;
5)
sqlite3 $LIDADDR "delete from file"
sqlite3 $LIDADDR "delete from pkg"
sqlite3 $LIDADDR "delete from product_and_pkg"
sqlite3 $LIDADDR "delete from product"
;;
*)
echo "输入错误请输入1、2、3、4"
;;
esac

585
code/dataintolib/into_datelib.sh Executable file
View File

@@ -0,0 +1,585 @@
#!/bin/bash
set -e
#镜像挂载目录
MOUNT="/mnt"
#当前镜像版本
ISO_ROCKY="*4.2* | *6.0.42* | *4.3*"
ISO_DEBIN="*6.0.60* | *6.0.80*"
ISO_REDHA="*6.0.77* | *6.0.76*"
#当前目录
NOWDIR=`pwd`
#安装包临时解压目录
PKGDIR="$NOWDIR/pkg"
#操作系统存储目录
ISODIR="$NOWDIR/iso"
#数据库位置
data_DIR="../datalib"
#数据库名
data_NAME="fileinfo.db"
data_SQL="fileinfo.sql"
data_ADD="$data_DIR/$data_NAME"
data_FILE="$data_DIR/$data_SQL"
#日志文件
file_LOG="$NOWDIR/filelog"
#当前已经安装的文件列表
file_NOW="$NOWDIR/now_pkglist"
#当前镜像中未录入的文件列表
file_NEW="$NOWDIR/new_pkglist"
#读取镜像issue文件
function data_intoissue(){
echo "获取镜像版本通过issue)"
case $1 in
rocky)
iso_issue=`cat /etc/issue | sed ':a;N;s/\n/ /g;ta'`
sqlite3 $data_ADD "update product set product_issue='$iso_issue' where product_id=$data_isoid;"
;;
debian)
#iso_base_files=`find $iso_mountname -name base-files*.deb`
#if [ -d $PKGDIR ]
#then
# rm -rf $PKGDIR
#fi
#PKGDIR=$PKGDIR
#echo "解压base-files_8+deb8u9-linx18_amd64.deb"
#mkdir -p $PKGDIR
#dpkg -X $iso_base_files $PKGDIR
iso_issue=`cat /etc/issue | sed ':a;N;s/\n/ /g;ta'`
sqlite3 $data_ADD "update product set product_issue=\"$iso_issue\" where product_id=$data_isoid;"
;;
redhat)
iso_issue=`cat /etc/issue | sed ':a;N;s/\n/ /g;ta'`
sqlite3 $data_ADD "update product set product_issue=\"$iso_issue\" where product_id=$data_isoid;"
;;
*)
;;
esac
}
function data_intofile(){
local data_file=$1
if [ ! -e $data_file ]
then
echo "文件不存在"
return 0
fi
if [ "$2" == "1" ]
then
local data_filepath=$1
local data_filelevel=1
else
local data_filepath=` echo $data_file | awk -F "$PKGDIR" '{ print $2 }' `
local data_filelevel=2
fi
if [ "$PKGDIR" == "$data_file" ]
then
echo "临时目录"
return 0
elif [ "$data_filepath" == "/usr" ] ||
[ "$data_filepath" == "/etc" ] ||
[ "$data_filepath" == "/bin" ] ||
[ "$data_filepath" == "/sbin" ] ||
[ "$data_filepath" == "/lib" ] ||
[ "$data_filepath" == "/lib64" ] ||
[ "$data_filepath" == "/var" ] ||
[ "$data_filepath" == "/opt" ] ||
[ "$data_filepath" == "/dev" ] ||
[ "$data_filepath" == "/proc" ] ||
[ "$data_filepath" == "/sys" ] ||
[ "$data_filepath" == "/opt" ] ||
[ "$data_filepath" == "/tmp" ] ||
[ "$data_filepath" == "/mnt" ] ||
[ "$data_filepath" == "/usr/share" ] ||
[ "$data_filepath" == "/usr/bin" ] ||
[ "$data_filepath" == "/usr/lib" ] ||
[ "$data_filepath" == "/usr/etc" ] ||
[ "$data_filepath" == "/usr/lib64" ] ||
[ "$data_filepath" == "/usr/share" ] ||
[ "$data_filepath" == "/usr/include" ] ||
[ "$data_filepath" == "/usr/local" ] ||
[ "$data_filepath" == "/." ]
then
echo "无用目录"
return 0
fi
local data_filename=$(basename $data_file)
local data_filepermis=$(stat -c %a $data_file)
local data_filetype=$(ls -lad $data_file)
local data_filetype=$(echo ${data_filetype:0:1})
local data_filegenus=$(stat -c %g $data_file)
local data_fileowner=$(stat -c %u $data_file)
local data_filesize=$(stat -c %s $data_file)
#发现默认未有文件设置该信息
if [[ $data_filetype == "b" ]] ||
[[ $data_filetype == "s" ]] ||
[[ $data_filetype == "-" ]]
then
local data_filemd5=$(md5sum $data_file | awk '{ print $1 }')
local data_filecap=$(getcap "$data_file")
local data_filemac=$(getfmac "$data_file")
local data_fileacl=$(getfacl --absolute-name "$data_file" 2>/dev/null)
elif [[ $data_filetype == "d" ]]
then
local data_filemd5=
local data_filecap=$(getcap "$data_file")
local data_filemac=$(getfmac "$data_file")
local data_fileacl=$(getfacl --absolute-name "$data_file" 2>/dev/null)
fi
#当文件为解压收集信息时cap、mac、acl信息会出现错误。
if [[ $data_filelevel == "2" ]]
then
local data_filecap=""
local data_filemac=""
local data_fileacl=""
fi
local data_fileid=$(expr `sqlite3 $data_ADD "select file_id from file order by file_id desc limit 1;"` + 1)
local data_pkgid=$(sqlite3 $data_ADD "select pkg_id from pkg where pkg_name='$pkg_name' and pkg_version='$pkg_version' ;")
echo -e " 当前产品:$product_iso \n \
当前文件:$data_file \n \
当前文件名:$data_filename \n \
当前文件绝对路径:$data_filepath \n \
当前临时文件目录:$PKGDIR \n \
当前安装包:$pkg_name \n \
文件id: $data_fileid \n \
文件类型:$data_filetype \n \
文件属主:$data_fileowner \n \
文件属组:$data_filegenus \n \
文件权限:$data_filepermis \n \
文件大小:$data_filesize \n \
文件md5: $data_filemd5 \n \
文件cap: $data_filecap \n \
文件acl: $data_fileacl \n \
文件mac: $data_filemac \n \
$1存入数据库" >> $file_LOG
if [ -z $data_pkgid ]
then
echo "文件未经过安装包"
else
echo "将文件$data_filepath输入数据库"
sqlite3 $data_ADD "insert into file values ($data_fileid,\"$data_filename\",$data_pkgid,\"$data_filepath\",\"$data_filemd5\",\"$data_filetype\",\"$data_fileowner\",\"$data_filegenus\",$data_filepermis,$data_filesize,\"$data_fileacl\",\"$data_filecap\",\"$data_filelevel\",\"$data_filemac\")"
fi
}
function data_intopkg(){
local data_pkg=$1
local data_pkgmd5=`md5sum $data_pkg | awk '{ print $1 }'`
#要判断pkg表是否有重复包
local pkg_md5=`sqlite3 $data_ADD "select pkg_md5 from pkg where pkg_md5 is '$data_pkgmd5'"`
if [ "$pkg_md5" != "$data_pkgmd5" ];
then
case $data_pkg in
*pkg.tar.gz)
local data_pkgname=`echo "$(basename $data_pkg .pkg.tar.gz)" |awk -F "#" '{print $1}'`
local data_pkgversion=`echo "$(basename $data_pkg .pkg.tar.gz)" |awk -F "#" '{print $2}'`
;;
*.deb)
local data_pkgname=`echo "$(basename $data_pkg .deb)" | awk -F "_" '{print $1}'`
local data_pkgversion=`echo "$(basename $data_pkg .deb)" | awk -F "_" '{print $2"_"$3}'`
;;
*.rpm)
local data_pkgversion=`echo "$(basename $data_pkg .rpm)" | awk -F "-" '{for(i=NF-1;i<NF+1;i++){printf("%s",$i);if(i!=NF)printf("-")} printf("\n") }'`
local data_pkgname=`echo "$(basename $data_pkg .rpm)" | awk -F "-" '{for(i=1;i<NF-1;i++){printf("%s",$i);if(i!=NF-2)printf("-")} printf("\n") }'`
;;
esac
local data_pkgid=$(expr `sqlite3 $data_ADD "select pkg_id from pkg order by pkg_id desc limit 1;"` + 1)
echo -e " 当前包:$data_pkg \n 安装包名:$data_pkgname \n 安装包版本:$data_pkgversion \n 安装包md5: $data_pkgmd5 \n 安装包id: $data_pkgid \n " >> $file_LOG
sqlite3 $data_ADD "insert into pkg values ($data_pkgid,'$data_pkgname','$data_pkgversion','$data_pkgmd5')"
#更新product_and_pkg表
echo "更新product_and_pkg表"
local data_papid=$(expr `sqlite3 $data_ADD "select pap_id from product_and_pkg order by pap_id desc limit 1;"` + 1)
sqlite3 $data_ADD "insert into product_and_pkg values ($data_papid,$data_isoid,$data_pkgid)"
echo "$data_pkgname $data_pkgversion" >> ./new
#如果为新的安装包则解压扫描包内文件
else
local pkg_id=`sqlite3 $data_ADD "select pkg_id from pkg where pkg_md5 is '$data_pkgmd5'"`
local iso_pkgid=`sqlite3 $data_ADD "select product_id from product_and_pkg where pkg_id = '$pkg_id' and product_id = '$data_isoid'"`
#判断是否有向product_and_pkg输入相同的信息
if [ "$data_isoid" == "$iso_pkgid" ];
then
echo "相同安装包id为$pkg_id">>$file_LOG
echo "data_isoid=$data_isoid iso_pkgid=$iso_pkgid 未入库">>$file_LOG
else
local data_papid=$(expr `sqlite3 $data_ADD "select pap_id from product_and_pkg order by pap_id desc limit 1;"` + 1)
sqlite3 $data_ADD "insert into product_and_pkg values ($data_papid,$data_isoid,$pkg_id)"
echo "相同安装包id为$pkg_id">>$file_LOG
echo "data_isoid=$data_isoid iso_pkgid=$iso_pkgid 入库">>$file_LOG
fi
fi
}
function data_intoiso(){
data_iso=$1
data_isomd5=`md5sum $data_iso | awk '{ print $1 }'`
data_isoname=`echo "$(basename $data_iso .iso)" | awk -F "-" '{print $1"-"$2}'`
data_isoversion=`echo "$(basename $data_iso .iso)" | awk -F "$data_isoname" '{print $2}'`
data_isoid=$(expr `sqlite3 $data_ADD "select product_id from product order by product_id desc limit 1;"` + 1)
#获取最后一个id值加1
echo -e "当前镜像:$data_iso\n 镜像名:$data_isoname\n 镜像版本:$data_isoversion\n 镜像md5:$data_isomd5\n 镜像id:$data_isoid\n">>$file_LOG
sqlite3 $data_ADD "insert into product values ($data_isoid,'$data_isoname','$data_isoversion','$data_isomd5',' ')"
}
#整理文件信息获取
function data_get(){
data_stat=$2
echo "入库类型:$data_stat"
case $data_stat in
iso_stat)
data_intoiso $1
;;
pkg_stat)
data_intopkg $1
;;
file_stat)
data_intofile $1 $3
;;
iso_issue)
data_intoissue $1
;;
*)
echo "程序出错"
return 3
;;
esac
}
#将镜像挂载到指定目录下
function iso_mount(){
echo "iso_mount"
iso_mountname=$MOUNT
while [[ `mount | grep $iso_mountname` != "" ]]
do
umount $iso_mountname
done
if [ -d $iso_mountname ];
then
mount -o loop $iso_name $iso_mountname
else
mkdir $iso_mountname
mount -o loop $iso_name $iso_mountname
fi
data_get $iso_vis "iso_issue"
#将镜像issue信息存入库
}
#判断当前镜像版本
#将镜像信息入库
function iso(){
iso_name=$1
case $iso_name in
*4.2* | *6.0.42* | *4.3*)
echo "42"
iso_vis="rocky"
;;
*6.0.60* | *6.0.80* )
echo "60|80"
iso_vis="debian"
;;
*6.0.77* | *6.0.76* )
echo "76|77"
iso_vis="redhat"
;;
*)
echo "镜像不存在"
exit
;;
esac
data_get $product_iso "iso_stat"
#将镜像信息入库
}
#获取当前系统已经安装的安装包,并将镜像中全部安装包进行排序
function pkg(){
echo "tar:$1"
pkg_filename=$1
PKGDIR=$PKGDIR
case $iso_vis in
#当前已经安装的文件
rocky)
pkginfo -i | sort >> $file_NOW
;;
debian)
awk 'BEGIN{i=0;j=0;k=0}{if($1 == "Package:"){A[i]=$2;i+=1};if($1 == "Version:"){B[j]=$2;j+=1}if($1 == "Architecture:"){C[k]=$2;k=k+1}}END{for(i=0;i<k;i++)printf "%s %s_%s\n",A[i],B[i],C[i]}' /var/lib/dpkg/status | sort >> $file_NOW
;;
redhat)
rpm -qa | awk -F "-" '{for(i=1;i<NF-1;i++){printf("%s",$i);if(i!=NF-2)printf("-");};print " "$(NF-1)"-"$NF}' | sort >> $file_NOW
;;
*)
echo "解压选择出错$pkg_filename"
;;
esac
if [ -e ./new ]
then
cat ./new | sort >> $file_NEW
rm ./new
else
touch $file_NEW
fi
}
#获取需要收集安装包的文件信息
function file_now(){
#处理带有空格的文件名
MY_SAVEIFS=$IFS
IFS=$'\n'
#收集虚拟机已经安装的文件
for pkg_list in `comm -12 $file_NEW $file_NOW `
do
pkg_name=`echo $pkg_list | awk '{print $1}' `
pkg_version=`echo $pkg_list | awk '{print $2}'`
case $iso_vis in
rocky)
file_listname=$( pkginfo -l $pkg_name | sed "s/\*/\\\*/g" )
#发现有的文件存在*号,会导致文件信息获取出错。
for file_list in $file_listname
do
if [ -d "/$file_list" ];then
file_list=${file_list%?}
fi
data_get "/$file_list" "file_stat" 1
done
;;
debian)
for file_list in `dpkg -L $pkg_name | awk -F "" '{if($1=="软件包将其他的包转移至"){print $2}else{print $1}}'`
do
data_get $file_list "file_stat" 1
done
echo "当前已安装的包收集完毕"
;;
redhat)
for file_list in `rpm -ql $pkg_name`
do
data_get $file_list "file_stat" 1
done
;;
*)
echo "文件收集错误"
;;
esac
done
IFS=$MY_SAVEIFS 
}
function file_new(){
comm -23 $file_NEW $file_NOW |while read pkg_list
do
pkg_name=`echo $pkg_list | awk '{print $1}'`
pkg_version=`echo $pkg_list | awk '{print $2}'`
if [ -d $PKGDIR ]
then
rm -r $PKGDIR
fi
PKGDIR=$PKGDIR
case $iso_vis in
rocky)
pkg_filename=`echo $pkg_name"#"$pkg_version"*"`
pkg_filename=`find $iso_mountname -name $pkg_filename`
pkg_filename=`echo $pkg_filename | awk '{print $1}'`
echo "解压tar类型安装包"
mkdir -p $PKGDIR
tar xf $pkg_filename -C $PKGDIR
;;
debian)
pkg_filename=`echo $pkg_name"_"$pkg_version"*"`
pkg_filename=`find $iso_mountname -name $pkg_filename`
pkg_filename=`echo $pkg_filename | awk '{print $1}'`
echo "解压deb类型安装包"
mkdir -p $PKGDIR
dpkg -X $pkg_filename $PKGDIR
;;
redhat)
pkg_filename=`echo $pkg_name"-"$pkg_version"*"`
echo $iso_mountname
pkg_filename=`find $iso_mountname -name $pkg_filename`
pkg_filename=`echo $pkg_filename | awk '{print $1}'`
echo "解压rpm类型安装包"
mkdir -p $PKGDIR
cp $pkg_filename $PKGDIR
cd $PKGDIR
rpm2cpio *.rpm | cpio -div
rm *.rpm
cd -
;;
*)
echo "解压选择出错$pkg_filename"
;;
esac
#处理带有空格的文件名
MY_SAVEIFS=$IFS
IFS=$'\n'
for pkg_file in `find $PKGDIR`
do
data_get $pkg_file "file_stat" 2
done
IFS=$MY_SAVEIFS
rm -r $PKGDIR
done
}
#判断输入介质为目录
#输入目录名
function iso_pkg(){
echo "dir:$1"
iso_pkgdir=$1
case $iso_vis in
rocky)
echo "pkg.tar.gz安装包"
for iso_pkgfile in `find $iso_pkgdir -name *.pkg.tar.gz`
do
data_get $iso_pkgfile "pkg_stat"
done
;;
debian)
echo "deb安装包"
for iso_pkgfile in `find $iso_pkgdir -name *.deb`
do
data_get $iso_pkgfile "pkg_stat"
done
;;
redhat)
echo "rpm安装包"
for iso_pkgfile in `find $iso_pkgdir -name *.rpm`
do
data_get $iso_pkgfile "pkg_stat"
done
esac
}
function set_env(){
if [ -f $data_ADD ];
then
rm $data_ADD
fi
if [ -f $file_NEW ];
then
rm $file_NEW
fi
if [ -f $file_NOW ];
then
rm $file_NOW
fi
if [ -f $file_LOG ];
then
rm $file_LOG
fi
if [ -f ./new ];
then
rm ./new
fi
cd $data_DIR
sqlite3 $data_NAME < $data_FILE
cd -
echo "重建数据库"
#创建数据库
}
function main(){
echo " 请选择产品类型"
echo "========================================="
echo " 1.操作系统 2.附加产品 3.其他"
read product_stat
case ${product_stat:0:1} in
1)
set_env
#设置数据库
product_iso=`find $ISODIR -mindepth 1`
iso $product_iso
#判断镜像版本
iso_mount $iso_vis
#将镜像挂载在指定目录
iso_pkg $iso_mountname
#将镜像中未录入的安装包入库,并记录到$file_NEW
pkg $data_pkg
#获取当前已安装的安装包列表,并记录到$file_NOW
file_now
#获取已安装的包文件信息
file_new
#获取未安装的包文件信息
;;
2)
echo "附加产品"
;;
3)
echo "其它产品"
;;
*)
echo "请输入1/2/3"
esac
echo "信息录取成功"
}
main

19
code/dataintolib/tags Normal file
View File

@@ -0,0 +1,19 @@
!_TAG_FILE_FORMAT 2 /extended format; --format=1 will not append ;" to lines/
!_TAG_FILE_SORTED 1 /0=unsorted, 1=sorted, 2=foldcase/
!_TAG_PROGRAM_AUTHOR Darren Hiebert /dhiebert@users.sourceforge.net/
!_TAG_PROGRAM_NAME Exuberant Ctags //
!_TAG_PROGRAM_URL http://ctags.sourceforge.net /official site/
!_TAG_PROGRAM_VERSION 5.9~svn20110310 //
data_get into_datelib.sh /^function data_get(){$/;" f
data_intofile into_datelib.sh /^function data_intofile(){$/;" f
data_intoiso into_datelib.sh /^function data_intoiso(){$/;" f
data_intoissue into_datelib.sh /^function data_intoissue(){$/;" f
data_intopkg into_datelib.sh /^function data_intopkg(){$/;" f
file_new into_datelib.sh /^function file_new(){$/;" f
file_now into_datelib.sh /^function file_now(){$/;" f
iso into_datelib.sh /^function iso(){$/;" f
iso_mount into_datelib.sh /^function iso_mount(){$/;" f
iso_pkg into_datelib.sh /^function iso_pkg(){$/;" f
main into_datelib.sh /^function main(){$/;" f
pkg into_datelib.sh /^function pkg(){$/;" f
set_env into_datelib.sh /^function set_env(){$/;" f

BIN
code/datalib/fileinfo.db Normal file
View File

Binary file not shown.

80
code/datalib/fileinfo.sql Normal file
View File

@@ -0,0 +1,80 @@
/*
SET FOREIGN_KEY_CHECKS = 0;
DROP TABLE IF EXISTS `product`;
DROP TABLE IF EXISTS `pkg`;
DROP TABLE IF EXISTS `file`;
DROP TABLE IF EXISTS `product_and_pkg`;
SET FOREIGN_KEY_CHECKS = 1;
ON DELETE 和 ON UPDATE,表示当发生delete和update时,会发生什么行为
NO ACTION:默认的,表示没有什么行为.
RESTRICT:当有一个child关联到parent时,禁止delete或update parent
SET NULL:当parent被delete或update时,child的的关联字段被置为null(如果字段有not null,就出错)
SET DEFAULT:类似于SET NULL (是不是设置默认值?没有试过)
CASCADE:将实施在parent上的删除或更新操作,传播给你吧与之关联的child上.
对于 ON DELETE CASCADE, 同被删除的父表中的行 相关联的子表中的每1行,也会被删除.
对于ON UPDATE CASCADE, 存储在子表中的每1行,对应的字段的值会被自动修改成同新的父键匹配
DEFAULT 约束在 INSERT INTO 语句没有提供一个特定的值时,为列提供一个默认值。
FOREIGN KEY (`product_id`) REFERENCES product(`product_id`) ON DELETE CASCADE ON UPDATE CASCADE,
FOREIGN KEY (`pkg_id`) REFERENCES pkg(`pkg_id`) ON DELETE CASCADE ON UPDATE CASCADE
CREATE TABLE `pkg_and_file` (
`paf_id` INTEGER NOT NULL,
`pkg_id` INTEGER NOT NULL,
`file_id` INTEGER NOT NULL,
PRIMARY KEY (`paf_id`)
);
*/
CREATE TABLE `product` (
`product_id` SMALLINT NOT NULL,
`product_name` TEXT(255) NOT NULL,
`product_version` CHAR(255) NOT NULL,
`product_md5` CHAR(32) NOT NULL,
`product_issue` CHAR NOT NULL,
PRIMARY KEY (`product_id`)
);
CREATE TABLE `pkg` (
`pkg_id` INTEGER NOT NULL,
`pkg_name` CHAR(255) NOT NULL,
`pkg_version` CHAR(255) NOT NULL,
`pkg_md5` CHAR(32) NOT NULL,
PRIMARY KEY (`pkg_id`)
);
CREATE TABLE `file` (
`file_id` INTEGER NOT NULL,
`file_name` char(255) NOT NULL,
`pkg_id` INTEGER NOT NULL,
`file_pathname` CHAR(4096) NOT NULL,
`file_md5` CHAR(32) DEFAULT " ",
`file_type` CHAR NOT NULL,
`file_owner` CHAR NOT NULL,
`file_genus` CHAR NOT NULL,
`file_permis` INTEGER NOT NULL,
`file_size` INTEGER NOT NULL,
`file_acl` CHAR DEFAULT " ",
`file_capable` CHAR DEFAULT " ",
`file_level` INTEGER DEFAULT 0,
`file_mac` CHAR DEFAULT " ",
PRIMARY KEY (`file_id`)
);
CREATE TABLE `product_and_pkg` (
`pap_id` INTEGER NOT NULL,
`product_id` SMALLINT NOT NULL,
`pkg_id` INTEGER NOT NULL,
PRIMARY KEY (`pap_id`)
);
CREATE TABLE `pkg_and_file` (
`paf_id` INTEGER NOT NULL,
`pkg_id` INTEGER NOT NULL,
`file_id` INTEGER NOT NULL,
PRIMARY KEY (`paf_id`)
);

133
code/datalib/merge.sh Executable file
View File

@@ -0,0 +1,133 @@
#/bin/bash
data_ADD="./fileinfo.1.db"
#总数据库名
data_NEW="./fileinfo.2.db"
#新数据库名
merge_LOG="./merge.log"
#合并日志
merge_LIST="./merge.list"
function set_env(){
if [ -f $merge_LOG ];
then
rm $merge_LOG
fi
if [ -f $merge_LIST ];
then
rm $merge_LIST
fi
}
#获取新数据库中镜像信息存入到总数据库中
function get_into_iso(){
data_isomd5=`sqlite3 $data_NEW "select product_md5 from product;"`
data_isoname=`sqlite3 $data_NEW "select product_name from product;"`
data_isoversion=`sqlite3 $data_NEW "select product_version from product;"`
data_isoissue=`sqlite3 $data_NEW "select product_issue from product;"`
data_isoid=$(expr `sqlite3 $data_ADD "select product_id from product order by product_id desc limit 1;"` + 1)
sqlite3 $data_ADD "insert into product values ($data_isoid,'$data_isoname','$data_isoversion','$data_isomd5','$data_isoissue');"
echo "镜像 name:$data_isoname version:$data_isoversion md5:$data_isomd5 issue:$data_isoissue id:$data_isoid" >> $merge_LOG
}
function get_into_pkg(){
for pkg_list in `sqlite3 $data_NEW "select * from pkg;"`
do
new_pkg_md5=`echo $pkg_list | awk -F "|" '{print $4}'`
pkg_md5=`sqlite3 $data_ADD "select pkg_md5 from pkg where pkg_md5 is '$new_pkg_md5';"`
if [ "$new_pkg_md5" != "$pkg_md5" ];
then
new_pkg_name=`echo $pkg_list | awk -F "|" '{print $2}'`
new_pkg_version=`echo $pkg_list | awk -F "|" '{print $3}'`
new_pkg_id=`echo $pkg_list | awk -F "|" '{print $1}'`
pkg_id=$(expr `sqlite3 $data_ADD "select pkg_id from pkg order by pkg_id desc limit 1;"` + 1)
sqlite3 $data_ADD "insert into pkg values ($pkg_id,'$new_pkg_name','$new_pkg_version','$new_pkg_md5');"
#更新product_and_pkg表
local data_papid=$(expr `sqlite3 $data_ADD "select pap_id from product_and_pkg order by pap_id desc limit 1;"` + 1)
sqlite3 $data_ADD "insert into product_and_pkg values ($data_papid,$data_isoid,$pkg_id);"
echo "安装包 name:$new_pkg_name version:$new_pkg_version md5:$new_pkg_md5 id:$pkg_id papid:$data_papid" >> $merge_LOG
echo "$new_pkg_id $pkg_id" >> $merge_LIST
#获取新数据库中文件信息,并输入到总数据库中
else
pkg_id=`sqlite3 $data_ADD "select pkg_id from pkg where pkg_md5 is '$pkg_md5';"`
iso_pkgid=`sqlite3 $data_ADD "select product_id from product_and_pkg where pkg_id = '$pkg_id' and product_id = '$data_isoid';"`
#判断是否有向product_and_pkg输入相同的信息
if [ "$data_isoid" == "$iso_pkgid" ];
then
echo "相同安装包id为$pkg_id" >> $merge_LOG
else
local data_papid=$(expr `sqlite3 $data_ADD "select pap_id from product_and_pkg order by pap_id desc limit 1;"` + 1)
sqlite3 $data_ADD "insert into product_and_pkg values ($data_papid,$data_isoid,$pkg_id);"
echo "更新product_and_pkg表 papid=$data_papid iso_id=$data_isoid pkg_id=$pkg_id" >> $merge_LOG
fi
fi
done
}
#获取新数据库中文件信息存入到总数据库中
function get_into_file(){
OLDIFS=$IFS
IFS=$'\n'
for file_pkg_list in `cat $merge_LIST`
do
pkg_list=`echo $file_pkg_list | awk '{print $1}'`
for file_id in $(sqlite3 $data_NEW "select file_id from file where pkg_id= '$pkg_list';")
do
data_fileid=$(expr `sqlite3 $data_ADD "select file_id from file order by file_id desc limit 1;"` + 1)
data_filename=`sqlite3 $data_NEW "select file_name from file where file_id=$file_id"`
data_pkgid=`echo $file_pkg_list | awk '{print $2}'`
data_filepath=`sqlite3 $data_NEW "select file_pathname from file where file_id=$file_id"`
data_filemd5=`sqlite3 $data_NEW "select file_md5 from file where file_id=$file_id"`
data_filetype=`sqlite3 $data_NEW "select file_type from file where file_id=$file_id"`
data_fileowner=`sqlite3 $data_NEW "select file_owner from file where file_id=$file_id"`
data_filegenus=`sqlite3 $data_NEW "select file_genus from file where file_id=$file_id"`
data_filepermis=`sqlite3 $data_NEW "select file_permis from file where file_id=$file_id"`
data_filesize=`sqlite3 $data_NEW "select file_size from file where file_id=$file_id"`
data_fileacl=`sqlite3 $data_NEW "select file_acl from file where file_id=$file_id"`
data_filecap=`sqlite3 $data_NEW "select file_capable from file where file_id=$file_id"`
data_filelevel=`sqlite3 $data_NEW "select file_level from file where file_id=$file_id"`
data_filemac=`sqlite3 $data_NEW "select file_mac from file where file_id=$file_id"`
sqlite3 $data_ADD "insert into file values ($data_fileid,\"$data_filename\",$data_pkgid,\"$data_filepath\",\"$data_filemd5\",\"$data_filetype\",\"$data_fileowner\",\"$data_filegenus\",$data_filepermis,$data_filesize,\"$data_fileacl\",\"$data_filecap\",\"$data_filelevel\",\"$data_filemac\");"
echo "文件 id:$data_fileid name:$data_filename pkgid:$data_pkgid newpkgid:$new_pkg_id path:$data_filepath md5:$data_filemd5 type:$data_filetype owner:$data_fileowner genus:$data_filegenus permis:$data_filepermis size:$data_filesize acl:$data_fileacl cap:$data_filecap level:$data_filelevel mac:$data_filemac" >> $merge_LOG
done
done
IFS=$OLDIFS
}
function main(){
set_env
#设置环境
get_into_iso
#获取新数据库中镜像信息,并输入到总数据库中
get_into_pkg
#获取新数据库中安装包信息,并输入到总数据库中
get_into_file
#获取新数据库中文件信息,并如输入到总数据库中
}
main

112
code/pkg.sh Executable file
View File

@@ -0,0 +1,112 @@
#!/bin/bash
WORKNOW=`pwd`
WORKDIR=$WORKNOW/pkg
PKGLIST=$WORKDIR/pkglist
#限制进程最大内存使用100M
ulimit -m 102400
#限制进程最大虚拟内存为200M
ulimit -v 204800
#限制进程最大cpu占用时间为1秒
ulimit -t 1
#程序处理延迟(微秒)
progress_sleep=500
#初始化环境
function data_init(){
if [ -d $WORKDIR ];then
rm -rf $WORKDIR
fi
mkdir $WORKDIR
}
#获取当前安装包列表
function data_pkglist(){
iso_version=`grep -o -E "42|60|80|76|77" /etc/issue`
case $iso_version in
42)
pkginfo -i >> $PKGLIST
;;
60|80)
#dpkg -l | awk '{if($1=="ii"){sub(":amd64","",$2);sub("[0-9]:","",$3);print $2"_"$3"_"$4}}' >> $PKGLIST
awk 'BEGIN{i=0;j=0;k=0}{if($1 == "Package:"){A[i]=$2;i+=1};if($1 == "Version:"){B[j]=$2;j+=1}if($1 == "Architecture:"){C[k]=$2;k=k+1}}END{for(i=0;i<k;i++)printf "%s %s_%s\n",A[i],B[i],C[i]}' /var/lib/dpkg/status >> $PKGLIST
;;
76|77)
rpm -qa | awk -F "-" '{for(i=1;i<NF-1;i++){printf("%s",$i);if(i!=NF-2)printf("-");};print " "$(NF-1)"-"$NF}' >> $PKGLIST
;;
*)
echo "版本识别失败"
exit
;;
esac
}
#搭建工作环境
function data_env(){
#tail -n +39 $0 > $WORKDIR/pkg.tar.gz
#tar xf $WORKDIR/pkg.tar.gz
cp ./scan $WORKDIR
cp ./fileinfo.db $WORKDIR
cd $WORKDIR
}
#对对比程序资源进行设置
function data_set(){
echo "设置进程资源"
}
#启动对比程序
function data_run(){
data_sum=`cat $PKGLIST | wc -l`
./scan $data_sum $progress_sleep &
data_pid=$?
}
#监视对比程序运行状态
function data_control(){
echo "监视程序运行状态"
}
#生成检测报告
function data_report(){
echo "生成对比报告"
}
function main(){
data_init
data_pkglist
data_env
data_set
data_run
data_control
data_report
}
main
exit 0

20
code/work/make.sh Executable file
View File

@@ -0,0 +1,20 @@
#!/bin/bash
mkdir pkg
cd ../datadifflib
make clean
make
cd -
cp ../datadifflib/scan ./pkg
cp ../datalib/fileinfo.db ./pkg
cp ../datadifflib/pkg.sh .
tar zcf pkg.tar.gz ./pkg
cat pkg.tar.gz >> pkg.sh
rm -rf pkg.tar.gz pkg

19
code/work/test.c Normal file
View File

@@ -0,0 +1,19 @@
#include <stdio.h>
#include<unistd.h>
int main()
{
int i=0;
char bar[101];
const char* lable="|/-\\";//打印旋转的图标
while(i<=100)
{
bar[i]='\0';
printf("[%-100s] [%c] [%d/%]\r",bar,lable[i%4],i);
fflush(stdout);
bar[i]='#';
i++;
usleep(10000);
}
printf("/n");
return 0;
}

0
design/README.md Normal file
View File

BIN
design/SIC-详细设计说明书-V0.2.odt Normal file
View File

Binary file not shown.

BIN
design/SIC-详细设计说明书-V0.2.pdf Normal file
View File

Binary file not shown.

BIN
design/产品信息入库工具.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 51 KiB

BIN
design/文件信息对比模块-流程图.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 88 KiB

BIN
design/文件完整性检测工具结构图.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 35 KiB

BIN
design/系统完整性检测工具结构图.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 38 KiB

BIN
manage/SIC-项目变更记录.doc Normal file
View File

Binary file not shown.

BIN
manage/SIC-项目变更记录.pdf Normal file
View File

Binary file not shown.

BIN
manage/立项申请书.odt Normal file
View File

Binary file not shown.

BIN
manage/立项申请书.pdf Normal file
View File

Binary file not shown.

BIN
manage/项目计划书.odt Normal file
View File

Binary file not shown.

BIN
manage/项目计划书.pdf Normal file
View File

Binary file not shown.

BIN
requirement/SIC-产品需求说明书-V0.1.odt Normal file
View File

Binary file not shown.

BIN
requirement/SIC-产品需求说明书-V0.1.pdf Normal file
View File

Binary file not shown.

BIN
requirement/SIC-用户需求说明书-V0.1.odt Normal file
View File

Binary file not shown.

BIN
requirement/SIC-用户需求说明书-V0.1.pdf Normal file
View File

Binary file not shown.