commit 5dedfaa5d9a074d7c2f9b16415480627da8f8c73 Author: 胡楠 Date: Tue Feb 28 09:33:09 2023 +0800 Initial commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..5bae5c9 --- /dev/null +++ b/README.md @@ -0,0 +1,98 @@ +## 系统完整性检测工具记录 + + 之前没有做记录,此记录从V0.2开始进行记录 + +### 当前情况 + +#### code目录 + +``` +code/ +├── datadifflib +│   ├── main.c +│   ├── Makefile +│   ├── md5.c +│   ├── md5.h +│   ├── pkg.sh +│   ├── scan +│   ├── scan.c +│   └── scan.h +├── dataintolib +│   ├── clear_datelib.sh +│   ├── into_datelib.sh +│   └── iso +├── datalib +│   ├── fileinfo.db +│   ├── fileinfo.sql +│   └── merge.sh +├── pkg.sh +├── README.md +└── work + ├── make.sh + └── test.c + +``` + + 完成详细设计的代码,整体分为两部分,系统信息收集部分(into_datelib.sh),目前的收集程序,采用交互式,只能收集系统的安装包,需要先在虚拟机上安装好系统,然后将镜像挂载到系统上,程序会先根据镜像中的安装包生成安装包列表,并收集安装包的全部信息,然后用命令(pkg、dpkg、rpm)收集当前已经安装的安装包列表,对已经安装的,收集系统中文件的信息,对未安装的,收集安装包中的文件信息。 + 文件对比部分,读取系统的全部安装包,与当前系统中的安装包做比较,将安装的安装包记录并比较(包信息、包所属文件信息),将不存在和被卸载的安装包记录。 + +### 其他目录 + + 目前已经编写,SIC-详细设计说明书-V0.2.odt、SIC-项目变更记录.doc、立项申请书.odt、项目计划书.odt、SIC-用户需求说明书-V0.1.pdf、SIC-产品需求说明书-V0.1.odt。 + +``` +zhang:~/git-zhang/SIC$ tree design/ +design/ +├── README.md +├── SIC-详细设计说明书-V0.2.odt +├── SIC-详细设计说明书-V0.2.pdf +├── 产品信息入库工具.png +├── 文件完整性检测工具结构图.png +├── 文件信息对比模块-流程图.png +└── 系统完整性检测工具结构图.png + +0 directories, 7 files +zhang:~/git-zhang/SIC$ tree manage/ +manage/ +├── SIC-项目变更记录.doc +├── SIC-项目变更记录.pdf +├── 立项申请书.odt +├── 立项申请书.pdf +├── 项目计划书.odt +└── 项目计划书.pdf + +0 directories, 6 files +zhang:~/git-zhang/SIC$ tree requirement/ +requirement/ +├── SIC-产品需求说明书-V0.1.odt +├── SIC-产品需求说明书-V0.1.pdf +├── SIC-用户需求说明书-V0.1.odt +└── SIC-用户需求说明书-V0.1.pdf + +0 directories, 4 files + +``` + +### 电科院需求 + +#### 工具功能 + +1. 能够采集应用软件的可执行文件、配置文件的版本信息。 + +2. 能够对运行的进程进行版本信息采集,包括起依赖的软件版本信息。 + +#### 功能规范和信息输出格式。 + +1. 输出信息格式初步为:“文件成名+文件类型+md5校验码” + +2. 文件类型:可执行二进制文件ELF、可执行shell脚本、文本配置文件、日志文件 + +#### 程序信息采集功能需求: + +1. 能够动态采集运行的程序文件,同时按照程序文件、第三方组件、配置文件、系统文件、其>它文件等分类进行标识;(标识分类可讨论补充); +2. 程序采集按照指令触发响应的模式进行,即接收到触发指令,执行对程序文件信息的采集,>确定指令接口; +3. 采集程序过程中,控制资源消耗,不能影响正常程序文件的正常运行; +4. 由中国电科院提供校验码计算程序接口,在采集到程序文件列表后,利用计算程序接口计算>每个文件的校验码; +5. 计算结束后,按照软件名称、文件路径及名称、文件标识、校验码 + +### diff --git a/code/README.md b/code/README.md new file mode 100644 index 0000000..25aa26c --- /dev/null +++ b/code/README.md @@ -0,0 +1,25 @@ +# 系统完整性检测工具源码 + +###### datadifflib 对比工具源代码 + +###### dataintolib 信息入库源代码 + +###### datalib 信息库源代码 + +###### work 工具生成脚本 + +### v0.1 更新介绍 + +将信息入库源代码从新优化,收集方式从直接解压源代码包,更改为对搭建的虚拟机已经安装的安装包,其中的文件信息进行收集。 + +优化后收集文件信息,需要搭建好虚拟机,并将dataintolib、datalib目录放置在虚拟机内,将镜像放到dataintolib/iso目录 +下,运行收集脚本。 + +### v0.2 更新介绍  + +增加pkg.sh脚本,该脚本为实际使用工具。 + +增加work目录,用来生成检查工具。生成过程为将数据库和检测工具打包后追加到pkg.sh脚本中。 + +### v0.3 更新介绍 + diff --git a/code/datadifflib/Makefile b/code/datadifflib/Makefile new file mode 100644 index 0000000..d5e4753 --- /dev/null +++ b/code/datadifflib/Makefile @@ -0,0 +1,7 @@ +scan:main.c md5.c + gcc main.c md5.c -static -lsqlite3 -lpthread -ldl -lm -o scan -Wall -g + +.PHONY:clean + +clean: + rm scan diff --git a/code/datadifflib/main.c b/code/datadifflib/main.c new file mode 100644 index 0000000..dec0a03 --- /dev/null +++ b/code/datadifflib/main.c @@ -0,0 +1,699 @@ +#include "scan.h" + +/* 主函数 + * + * + * + */ + +//#define PRINT_TEST + +int main(int argc, const char *argv[]) +{ +/*****************获取数据库*********************************************/ + + struct isoinfo iso;//镜像信息结构体 + char content[1024]; + memset(content,0,sizeof(content)); + + if(get_iso_info(&iso)!=0)//获取当前系统id + { + sprintf(content,"iso|2|iso_name:%s|镜像在数据库中未找到",iso.name); + } + else + { + sprintf(content,"iso|1|iso_name:%s|iso_version:%s|iso_md5:%s|iso_id:%d|iso_issue=%s",iso.name,iso.version,iso.md5,iso.id,iso.issue); + + } + put_diff_log(content); + +/******************获取镜像信息*****************************************/ + + FILE *fp; + char now_name[256]; + struct pkginfo now_pkg,data_pkg; + struct fileinfo now_file,data_file; + struct datalib file_list; + + //获取当前系统安装包列表 + if ((fp = fopen(PKGLIST,"r")) == NULL) + { + printf("can't open PKGLIST\n"); + return 0; + } + + int progress_i=0,progress_j=0,progress_sum=0,progress_sleep=0; + char progress_bar[101]={0}; + + + if ( argc >=2 ) + { + progress_sleep=atoi(argv[1]); + } + + //每读取一条,便在数据库中搜索该安装包是否存在。 + while(fgets(now_name,255,fp) != NULL) + { + +/***********************读取当前安装包列表*******************************/ + + get_now_pkg(now_name,&now_pkg); + + if ( argc >= 3 ) + { + progress_sum=atoi(argv[2]); + progress_j=progress_i*100/progress_sum; + printf("[%-100s] [%s] [%d%%]\n",progress_bar,now_pkg.name,progress_j); + fflush(stdout); + progress_bar[progress_j]='#'; + progress_i++; + } + /***************************打印对比进度********************************/ + + memset(content,0,sizeof(content)); + if(get_pkg_info(&iso,&now_pkg,&data_pkg,FROM_NOWISO) == 0) + { + sprintf(content,"pkg|1|name:%s|version:%s|md5:%s",data_pkg.name,data_pkg.version,data_pkg.md5); + put_diff_log(content); + //安装包是默认安装 + } + else if(get_pkg_info(&iso,&now_pkg,&data_pkg,FROM_DATALIB) == 0) + { + sprintf(content,"pkg|2|name:%s|version:%s|md5:%s",data_pkg.name,data_pkg.version,data_pkg.md5); + put_diff_log(content); + //安装包在数据库中存在 + } + else + { + sprintf(content,"pkg|3|name:%s|version:%s",now_pkg.name,now_pkg.version); + put_diff_log(content); + continue; + //安装包在数据库不存在 + } + +/**************根据当前安装包列表搜索数据库中该安装包是否存在*************/ + + get_datafile_list(data_pkg,&data_file,&file_list); + //获取安装包文件列表 + + int i=0; + + for(i=file_list.ncolumn;i<((file_list.nrow+1)*file_list.ncolumn);i=i+file_list.ncolumn) + { + memset(&data_file,0,sizeof(data_file)); + memset(&now_file,0,sizeof(now_file)); + + get_datafile_info(i,&file_list,&data_file); + //获取数据库中该安装包文件信息 + + if(get_nowfile_info(&now_file,&data_file) == -1) + { + //文件在当前系统不存在 + memset(content,0,sizeof(content)); + sprintf(content,"file|3|name@@%s|type@@%s|md5@@%s|permis@@%s|owner@@%d|genus@@%d|acl@@%s|capable@@%s|mac@@%s|"\ + ,data_file.pathname,data_file.type,data_file.md5,data_file.permis,data_file.owner,data_file.genus\ + ,data_file.acl,data_file.capable,data_file.mac); + + clean_n(content); + put_diff_log(content); + + continue; + } + //获取当前系统中该文件信息 + + diff_file_info(now_file,data_file); + //对比数据库中与当前系统中文件信息的差异 + + usleep(progress_sleep); + //对程序性能进行限制 + } + sqlite3_free_table(file_list.db_result); + } +/**************对比当前安装包列表文件信息是否正常*************/ + fclose(fp); + return 0; +} + + +/* + * 功能 根据当前检测系统来获取当前镜像信息,获取依据为本系统的/etc/issue文件。 + * 输入 镜像信息结构体 + * 输出 正确返回镜像id 错误返回 -1 + */ +int get_iso_info(struct isoinfo *iso) +{ + FILE *fp; + int i = 0; + + //获取当前系统版本 + if ((fp = fopen("/etc/issue","r")) == NULL) + { + printf("can't open /etc/issue\n"); + return -1; + } + + char c; + memset(iso->issue,0,sizeof(iso->issue)); + + while( (c=getc(fp)) != EOF) + { + if(c != '\n') + { + iso->issue[i] = c; + } + else + { + iso->issue[i] = ' '; + } + i++; + } +// printf("%s\n",iso->issue); + + //获取数据库product表中的系统版本 和镜像id + + sqlite3 *db; + int ret = 0; + ret = sqlite3_open(DATALIB,&db); + + if(ret != SQLITE_OK) + { + printf("open database error : %s\n",sqlite3_errmsg(db)); + sqlite3_close(db); + return -1; + } + /*获取数据库*/ + + + int nrow,ncolumn; + char ** db_result; + ret = 0; + char select_query[1024]; + + iso->issue[strlen(iso->issue)-1]=0; + sprintf(select_query,"select product_id,product_name,product_version,product_md5 from product where product_issue=\"%s\";",iso->issue); + + ret = sqlite3_get_table(db,select_query,&db_result,&nrow,&ncolumn,NULL); + + if(ret != SQLITE_OK) + { + printf("openside database error : %s\n",sqlite3_errmsg(db)); + sqlite3_close(db); + return -1; + } + + if(nrow < 1) + { + printf("未找到该镜像\n"); + sqlite3_close(db); + return -2; + } + + + for(i=ncolumn;i<(nrow+1)*ncolumn;i=i+ncolumn) + { + iso->id=atoi(db_result[i]); + strcpy(iso->name,db_result[i+1]); + strcpy(iso->version,db_result[i+2]); + strcpy(iso->md5,db_result[i+3]); + } + sqlite3_close(db); + fclose(fp); + sqlite3_free_table(db_result); + return 0; +} + + +/* + * 功能 对pkglist文件读取出的数据进行处理,输入到当前安装包信息结构体中。 + * + * 输入 获取到的安装包名 当前安装包结构体 + * 输出 正确返回0 + */ +int get_now_pkg(char *now_name,struct pkginfo *now_pkg) +{ + //获取当前系统安装包名 + int a=0; + int b=0; + + while(now_name[a] != '\n') + { + if(now_name[a] != ' ') + { + now_pkg->name[a] = now_name[a]; + a++; + } + else + { + now_pkg->name[a] = '\0'; + a++; + break; + } + } + + //获取当前系统安装包版本 + while(now_name[a] != '\n') + { + now_pkg->version[b] = now_name[a]; + a++; + b++; + } + + now_pkg->version[b] = '\0'; + return 0; +} + +/* + * 功能 根据标志位,获取数据库中安装包信息。 + * 标志位 + * FROM_PKGID:根据安装包id获取安装包信息 + * FROM_NOWISO:根据安装包和安装包版本在当前产品默认安装包的包列表中查找 + * FROM_DATALIB:根据安装包名和安装包版本遍历整个数据库 + * + * 输入 镜像信息结构体 当前安装包信息结构体 数据库安装包信息结构体 获取标志位 + * 输出 正确返回镜像id 错误返回 -1 + */ +int get_pkg_info(struct isoinfo *iso,struct pkginfo *now_pkg,struct pkginfo *data_pkg,int statu) +{ + + sqlite3 *db; + int ret = 0; + ret = sqlite3_open(DATALIB,&db); + + if(ret != SQLITE_OK) + { + printf("open database error : %s\n",sqlite3_errmsg(db)); + sqlite3_close(db); + return -1; + } + /*获取数据库*/ + + int nrow,ncolumn; + char ** db_result; + ret = 0; + char select_query[2048]; + + switch (statu) + { + case FROM_PKGID: + //根据安装包id获取安装包信息 + sprintf(select_query,"select pkg_name,pkg_version,pkg_id,pkg_md5 from pkg where pkg_id = %d;",now_pkg->id); + break; + case FROM_NOWISO: + //根据安装包和安装包版本在当前产品默认安装包的包列表中查找 + sprintf(select_query,"select pkg.pkg_name,pkg.pkg_version,pkg.pkg_id,pkg.pkg_md5 from product_and_pkg,pkg where product_id=%d and pkg.pkg_name=\"%s\" and pkg.pkg_version=\"%s\" and product_and_pkg.pkg_id=pkg.pkg_id;",iso->id,now_pkg->name,now_pkg->version); + break; + case FROM_DATALIB: + //根据安装包名和安装包版本遍历整个数据库 + sprintf(select_query,"select pkg.pkg_name,pkg.pkg_version,pkg.pkg_id,pkg.pkg_md5 from pkg where pkg_name=\"%s\" and pkg_version=\"%s\" ;",now_pkg->name,now_pkg->version); + break; + } + + //printf("%s\n",select_query); + ret = sqlite3_get_table(db,select_query,&db_result,&nrow,&ncolumn,NULL); + if(ret != SQLITE_OK) + { + printf("未发现当前安装包信息\n"); + printf("openside database error : %s\n",sqlite3_errmsg(db)); + sqlite3_close(db); + return -1; + } + + + if(nrow != 0) + { + strcpy(data_pkg->name,db_result[4]); + strcpy(data_pkg->version,db_result[5]); + data_pkg->id=atoi(db_result[6]); + strcpy(data_pkg->md5,db_result[7]); + +#ifdef PRINT_TEST + printf("pkg_name:%s pkg_version:%s pkg_id:%s pkg_md5:%s\n ",db_result[4],db_result[5],db_result[6],db_result[7]); +#endif + + sqlite3_close(db); + sqlite3_free_table(db_result); + return 0; + } + else + { + sqlite3_close(db); + sqlite3_free_table(db_result); + return -2; + } +} + + +/* + * 功能 根据安装包信息,获取数据库中该安装包的文件列表 + * + * 输入 数据库安装包信息结构体 数据库文件信息结构体 + * 输出 正确返回0 错误返回-1 + */ +int get_datafile_list(struct pkginfo data_pkg,struct fileinfo *data_file,struct datalib *file_list) +{ + int ret = 0; + char select_query[2048]; + + sqlite3 *db; + ret = sqlite3_open(DATALIB,&db); + + if(ret != SQLITE_OK) + { + printf("open database error : %s\n",sqlite3_errmsg(db)); + sqlite3_close(db); + return -1; + } + /*获取数据库*/ + + sprintf(select_query,"select file_id,file_name,file_pathname,file_md5,file_type,file_owner,file_genus,file_permis,file_size,file_acl,file_capable,file_level,file_mac from file where pkg_id=%d;",data_pkg.id); + //根据安装包id获取其对应文件的信息 + + ret = sqlite3_get_table(db,select_query,&file_list->db_result,&file_list->nrow,&file_list->ncolumn,NULL); + + if(ret != SQLITE_OK) + { + printf("未发现当前安装包信息\n"); + printf("openside database error : %s\n",sqlite3_errmsg(db)); + sqlite3_close(db); + return -1; + } + + sqlite3_close(db); + return 0; +} + + +/* 将获取的文件信息转入到文件信息结构体中 + * + * 输入 获取列表中第几个文件 安装包文件列表信息结构体 文件信息结构体 + * 输出 无 + * + */ +void get_datafile_info(int i,struct datalib *file_list,struct fileinfo *data_file) +{ + + data_file->id=atoi(file_list->db_result[i]); + strcpy(data_file->name,file_list->db_result[i+1]); + strcpy(data_file->pathname,file_list->db_result[i+2]); + strcpy(data_file->md5,file_list->db_result[i+3]); + strcpy(data_file->type,file_list->db_result[i+4]); + + data_file->owner=atoi(file_list->db_result[i+5]); + data_file->genus=atoi(file_list->db_result[i+6]); + + strcpy(data_file->permis,file_list->db_result[i+7]); + data_file->size=atoi(file_list->db_result[i+8]); + strcpy(data_file->acl,file_list->db_result[i+9]); + strcpy(data_file->capable,file_list->db_result[i+10]); + strcpy(data_file->level,file_list->db_result[i+11]); + strcpy(data_file->mac,file_list->db_result[i+12]); + +#ifdef PRINT_TEST + printf("file_name=%s\n",data_file->name); +#endif + +} + + +/* 获取当期系统的具体文件信息 + * + * 输入 当前文件信息结构体 数据库文件信息结构体 + * 输出 获取正常返回0 错误返回-1 + * + */ +int get_nowfile_info( struct fileinfo *now_file,struct fileinfo *data_file ) +{ + struct stat filestat; + strcpy(now_file->name,data_file->name); + + strcpy(now_file->pathname,data_file->pathname); + + if(lstat(now_file->pathname,&filestat) < 0) + { + printf("cannot access the file %s\n",now_file->pathname); + perror("error : "); + return -1; + } + + strcpy(now_file->md5,"");//清除now_file->md5 + + //获取文件类型 + switch(filestat.st_mode & S_IFMT){ + case S_IFDIR : + sprintf(now_file->type,"d"); + break; + case S_IFBLK : + sprintf(now_file->type,"b"); + //获取文件md5值 + get_file_md5(now_file->pathname,now_file->md5); + break; + case S_IFSOCK : + sprintf(now_file->type,"s"); + //获取文件md5值 + get_file_md5(now_file->pathname,now_file->md5); + break; + case S_IFLNK : + sprintf(now_file->type,"l"); + break; + case S_IFREG : + sprintf(now_file->type,"-"); + //获取文件md5值 + get_file_md5(now_file->pathname,now_file->md5); + break; + case S_IFCHR : + sprintf(now_file->type,"c"); + break; + case S_IFIFO : + sprintf(now_file->type,"p"); + break; + } + + //获取文件大小 + now_file->size = filestat.st_size; + //获取文件权限 + sprintf(now_file->permis,"%o",(filestat.st_mode&S_ISUGV)+(filestat.st_mode&S_IRWXU)+(filestat.st_mode&S_IRWXG)+(filestat.st_mode&S_IRWXO)); + //获取文件属主 + now_file->owner=filestat.st_uid; + //获取文件属组 + now_file->genus=filestat.st_gid; + + //获取文件acl + get_acl(now_file); + + //获取文件capable + get_cap(now_file); + + //获取文件mac + get_mac(now_file); + + //获取文件level + //now_file->level=NULL; + + return 0 ; +} + +/* 对比当前文件信息和数据库中文件信息的差异 + * + * 输入 当前文件信息结构体 数据库文件信息结构体 + * 输出 正确返回0 + * + */ +int diff_file_info(struct fileinfo now_file,struct fileinfo data_file) +{ + + char content[9][512]={{0}}; + char log[1024]={0}; + int status=1; + + + sprintf(content[0],"name@%s",now_file.pathname); + + if(strcmp(now_file.type,data_file.type) != 0) + { + sprintf(content[1],"type@%s@%s",now_file.type,data_file.type); + status=2; + } + if(now_file.type[0] != 'l')//如果文件类型为链接文件,则不需要比较md5值 + { + if(strcmp(now_file.md5,data_file.md5) != 0) + { + sprintf(content[2],"md5@%s@%s",now_file.md5,data_file.md5); + status=2; + } + } + if(strcmp(now_file.permis,data_file.permis) != 0) + { + sprintf(content[3],"permis@%s@%s",now_file.permis,data_file.permis); + status=2; + } + if(now_file.owner != data_file.owner) + { + sprintf(content[4],"owner@%d@%d",now_file.owner,data_file.owner); + status=2; + } + if(now_file.genus != data_file.genus) + { + sprintf(content[5],"genus@%d@%d",now_file.genus,data_file.genus); + status=2; + } + if(strcmp(now_file.acl,data_file.acl) != 0) + { + sprintf(content[6],"acl@%s@%s",now_file.acl,data_file.acl); + status=2; + } + if(strcmp(now_file.capable,data_file.capable) != 0) + { + sprintf(content[7],"capable@%s@%s",now_file.capable,data_file.capable); + status=2; + } + if(strcmp(now_file.mac,data_file.mac) != 0) + { + sprintf(content[8],"mac@%s@%s",now_file.mac,data_file.mac); + status=2; + } + + sprintf(log,"file|%d|%s|%s|%s|%s|%s|%s|%s|%s|%s|",status,content[0],content[1],content[2],content[3],content[4],content[5],content[6],content[7],content[8]); + + clean_n(log); + + put_diff_log(log); + + return 0 ; +} + + +/* 打印信息到记录日志 + * + * 输入 需要打印的信息指针 + * 输出 正确返回0 失败返回-1 + */ +int put_diff_log(char *content) +{ + FILE *fp=NULL; + + if ((fp = fopen(FILEDIFF,"a")) == NULL) + { + perror("can't open FILEDIFF:"); + + return -1; + } + + fputs(content,fp); + putc('\n',fp); + fflush(fp); + + fclose(fp); + + return 0; + +} + +/* 获取shell指令的输出 + * + * 输入 shell指令指针 输出信息指针 输出信息的大小 + * 输出 正确返回0 错误返回-1 + */ +int myshell(char *command,char *buff,int num) +{ + FILE *fp; + + if ((fp=popen(command,"r")) == NULL) + { + perror("popen fp error"); + return -1; + } + + fread(buff,sizeof(char),num,fp); + + if (pclose(fp) == -1) + { + perror("pclose fp error"); + return -2; + } + + return 0; +} + +/* 获取文件acl + * + * 将根据当前结构提中文件名获取该文件的acl并存储到结构体中 + * + * 输入 文件信息结构体 + * 输出 无返回 + */ +void get_acl(struct fileinfo *now_file) +{ + memset(now_file->acl,0,sizeof(now_file->acl)); + + if ( now_file->type[0] == 'c' || now_file->type[0] == 'p' || now_file->type[0] == 'l') + return ; + + char command[1024]={0}; + + sprintf(command,"getfacl --absolute-name \"%s\" 2>&1",now_file->pathname); + + myshell(command,now_file->acl,sizeof(now_file->acl)); + + now_file->acl[strlen(now_file->acl)-2]='\0'; +} + +/* 获取文件mac + * + * 将根据当前结构提中文件名获取该文件的mac并存储到结构体中 + * + * 输入 文件信息结构体 + * 输出 无返回 + */ +void get_mac(struct fileinfo *now_file) +{ + memset(now_file->mac,0,sizeof(now_file->mac)); + if ( now_file->type[0] == 'c' || now_file->type[0] == 'p' || now_file->type[0] == 'l') + return ; + + char command[1024]={0}; + + sprintf(command,"getfmac \"%s\" 2>/dev/null",now_file->pathname); + + myshell(command,now_file->mac,sizeof(now_file->mac)); + + now_file->mac[strlen(now_file->mac)-1]='\0'; + +} + +/* 获取文件cap + * + * 将根据当前结构提中文件名获取该文件的cap并存储到结构体中 + * + * 输入 文件信息结构体 + * 输出 无返回 + */ +void get_cap(struct fileinfo *now_file) +{ + memset(now_file->capable,0,sizeof(now_file->capable)); + + if ( now_file->type[0] == 'c' || now_file->type[0] == 'p' || now_file->type[0] == 'l') + return ; + + char command[1024]={0}; + + sprintf(command,"getcap \"%s\" 2>/dev/null",now_file->pathname); + + myshell(command,now_file->capable,sizeof(now_file->capable)); + + now_file->capable[strlen(now_file->capable)-1]='\0'; +} + +void clean_n(char *log){ + + int i=0; + + while(i + +unsigned char PADDING[] = +{ + 0x80,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 +}; + +void MD5Init(MD5_CTX *context) +{ + context->count[0] = 0; + context->count[1] = 0; + context->state[0] = 0x67452301; + context->state[1] = 0xEFCDAB89; + context->state[2] = 0x98BADCFE; + context->state[3] = 0x10325476; +} + +void MD5Update(MD5_CTX *context, unsigned char *input, unsigned int inputlen) +{ + unsigned int i = 0; + unsigned int index = 0; + unsigned int partlen = 0; + + index = (context->count[0] >> 3) & 0x3F; + partlen = 64 - index; + context->count[0] += inputlen << 3; + + if(context->count[0] < (inputlen << 3)) + context->count[1]++; + context->count[1] += inputlen >> 29; + + if(inputlen >= partlen) + { + memcpy(&context->buffer[index], input,partlen); + MD5Transform(context->state, context->buffer); + + for(i = partlen; i+64 <= inputlen; i+=64) + MD5Transform(context->state, &input[i]); + + index = 0; + } + else + { + i = 0; + } + memcpy(&context->buffer[index], &input[i], inputlen-i); +} + +void MD5Final(MD5_CTX *context, unsigned char digest[16]) +{ + unsigned int index = 0,padlen = 0; + unsigned char bits[8]; + + index = (context->count[0] >> 3) & 0x3F; + padlen = (index < 56)?(56-index):(120-index); + MD5Encode(bits, context->count, 8); + MD5Update(context, PADDING, padlen); + MD5Update(context, bits, 8); + MD5Encode(digest, context->state, 16); +} + +void MD5Encode(unsigned char *output,unsigned int *input,unsigned int len) +{ + unsigned int i = 0; + unsigned int j = 0; + + while(j < len) + { + output[j] = input[i] & 0xFF; + output[j+1] = (input[i] >> 8) & 0xFF; + output[j+2] = (input[i] >> 16) & 0xFF; + output[j+3] = (input[i] >> 24) & 0xFF; + i++; + j += 4; + } +} + +void MD5Decode(unsigned int *output, unsigned char *input, unsigned int len) +{ + unsigned int i = 0; + unsigned int j = 0; + + while(j < len) + { + output[i] = (input[j]) | + (input[j+1] << 8) | + (input[j+2] << 16) | + (input[j+3] << 24); + i++; + j += 4; + } +} + +void MD5Transform(unsigned int state[4], unsigned char block[64]) +{ + unsigned int a = state[0]; + unsigned int b = state[1]; + unsigned int c = state[2]; + unsigned int d = state[3]; + unsigned int x[64]; + + MD5Decode(x,block,64); + + FF(a, b, c, d, x[ 0], 7, 0xd76aa478); /* 1 */ + FF(d, a, b, c, x[ 1], 12, 0xe8c7b756); /* 2 */ + FF(c, d, a, b, x[ 2], 17, 0x242070db); /* 3 */ + FF(b, c, d, a, x[ 3], 22, 0xc1bdceee); /* 4 */ + FF(a, b, c, d, x[ 4], 7, 0xf57c0faf); /* 5 */ + FF(d, a, b, c, x[ 5], 12, 0x4787c62a); /* 6 */ + FF(c, d, a, b, x[ 6], 17, 0xa8304613); /* 7 */ + FF(b, c, d, a, x[ 7], 22, 0xfd469501); /* 8 */ + FF(a, b, c, d, x[ 8], 7, 0x698098d8); /* 9 */ + FF(d, a, b, c, x[ 9], 12, 0x8b44f7af); /* 10 */ + FF(c, d, a, b, x[10], 17, 0xffff5bb1); /* 11 */ + FF(b, c, d, a, x[11], 22, 0x895cd7be); /* 12 */ + FF(a, b, c, d, x[12], 7, 0x6b901122); /* 13 */ + FF(d, a, b, c, x[13], 12, 0xfd987193); /* 14 */ + FF(c, d, a, b, x[14], 17, 0xa679438e); /* 15 */ + FF(b, c, d, a, x[15], 22, 0x49b40821); /* 16 */ + + /* Round 2 */ + GG(a, b, c, d, x[ 1], 5, 0xf61e2562); /* 17 */ + GG(d, a, b, c, x[ 6], 9, 0xc040b340); /* 18 */ + GG(c, d, a, b, x[11], 14, 0x265e5a51); /* 19 */ + GG(b, c, d, a, x[ 0], 20, 0xe9b6c7aa); /* 20 */ + GG(a, b, c, d, x[ 5], 5, 0xd62f105d); /* 21 */ + GG(d, a, b, c, x[10], 9, 0x2441453); /* 22 */ + GG(c, d, a, b, x[15], 14, 0xd8a1e681); /* 23 */ + GG(b, c, d, a, x[ 4], 20, 0xe7d3fbc8); /* 24 */ + GG(a, b, c, d, x[ 9], 5, 0x21e1cde6); /* 25 */ + GG(d, a, b, c, x[14], 9, 0xc33707d6); /* 26 */ + GG(c, d, a, b, x[ 3], 14, 0xf4d50d87); /* 27 */ + GG(b, c, d, a, x[ 8], 20, 0x455a14ed); /* 28 */ + GG(a, b, c, d, x[13], 5, 0xa9e3e905); /* 29 */ + GG(d, a, b, c, x[ 2], 9, 0xfcefa3f8); /* 30 */ + GG(c, d, a, b, x[ 7], 14, 0x676f02d9); /* 31 */ + GG(b, c, d, a, x[12], 20, 0x8d2a4c8a); /* 32 */ + + /* Round 3 */ + HH(a, b, c, d, x[ 5], 4, 0xfffa3942); /* 33 */ + HH(d, a, b, c, x[ 8], 11, 0x8771f681); /* 34 */ + HH(c, d, a, b, x[11], 16, 0x6d9d6122); /* 35 */ + HH(b, c, d, a, x[14], 23, 0xfde5380c); /* 36 */ + HH(a, b, c, d, x[ 1], 4, 0xa4beea44); /* 37 */ + HH(d, a, b, c, x[ 4], 11, 0x4bdecfa9); /* 38 */ + HH(c, d, a, b, x[ 7], 16, 0xf6bb4b60); /* 39 */ + HH(b, c, d, a, x[10], 23, 0xbebfbc70); /* 40 */ + HH(a, b, c, d, x[13], 4, 0x289b7ec6); /* 41 */ + HH(d, a, b, c, x[ 0], 11, 0xeaa127fa); /* 42 */ + HH(c, d, a, b, x[ 3], 16, 0xd4ef3085); /* 43 */ + HH(b, c, d, a, x[ 6], 23, 0x4881d05); /* 44 */ + HH(a, b, c, d, x[ 9], 4, 0xd9d4d039); /* 45 */ + HH(d, a, b, c, x[12], 11, 0xe6db99e5); /* 46 */ + HH(c, d, a, b, x[15], 16, 0x1fa27cf8); /* 47 */ + HH(b, c, d, a, x[ 2], 23, 0xc4ac5665); /* 48 */ + + /* Round 4 */ + II(a, b, c, d, x[ 0], 6, 0xf4292244); /* 49 */ + II(d, a, b, c, x[ 7], 10, 0x432aff97); /* 50 */ + II(c, d, a, b, x[14], 15, 0xab9423a7); /* 51 */ + II(b, c, d, a, x[ 5], 21, 0xfc93a039); /* 52 */ + II(a, b, c, d, x[12], 6, 0x655b59c3); /* 53 */ + II(d, a, b, c, x[ 3], 10, 0x8f0ccc92); /* 54 */ + II(c, d, a, b, x[10], 15, 0xffeff47d); /* 55 */ + II(b, c, d, a, x[ 1], 21, 0x85845dd1); /* 56 */ + II(a, b, c, d, x[ 8], 6, 0x6fa87e4f); /* 57 */ + II(d, a, b, c, x[15], 10, 0xfe2ce6e0); /* 58 */ + II(c, d, a, b, x[ 6], 15, 0xa3014314); /* 59 */ + II(b, c, d, a, x[13], 21, 0x4e0811a1); /* 60 */ + II(a, b, c, d, x[ 4], 6, 0xf7537e82); /* 61 */ + II(d, a, b, c, x[11], 10, 0xbd3af235); /* 62 */ + II(c, d, a, b, x[ 2], 15, 0x2ad7d2bb); /* 63 */ + II(b, c, d, a, x[ 9], 21, 0xeb86d391); /* 64 */ + state[0] += a; + state[1] += b; + state[2] += c; + state[3] += d; +} + +int get_file_md5(const char *file_path, char *md5_str) +{ + int i; + int fd; + int ret; + unsigned char data[READ_DATA_SIZE]; + unsigned char md5_value[MD5_SIZE]; + MD5_CTX md5; + + fd = open(file_path, O_RDONLY); + if (-1 == fd) + { + perror("open"); + return -1; + } + + // init md5 + MD5Init(&md5); + + while (1) + { + ret = read(fd, data, READ_DATA_SIZE); + if (-1 == ret) + { + perror("read"); + return -1; + } + + MD5Update(&md5, data, ret); + + if (0 == ret || ret < READ_DATA_SIZE) + { + break; + } + } + + close(fd); + + MD5Final(&md5, md5_value); + + for(i = 0; i < MD5_SIZE; i++) + { + snprintf(md5_str + i*2, 2+1, "%02x", md5_value[i]); + } + md5_str[MD5_STR_LEN] = '\0'; // add end + + return 0; +} diff --git a/code/datadifflib/md5.h b/code/datadifflib/md5.h new file mode 100644 index 0000000..3bf3e5e --- /dev/null +++ b/code/datadifflib/md5.h @@ -0,0 +1,62 @@ +#ifndef MD5_H +#define MD5_H + +#define READ_DATA_SIZE 1024 +#define MD5_SIZE 16 +#define MD5_STR_LEN (MD5_SIZE * 2) + +#include +#include +#include +#include +#include +#include +#include + +typedef struct +{ + unsigned int count[2]; + unsigned int state[4]; + unsigned char buffer[64]; +} MD5_CTX; + + +#define F(x,y,z) ((x & y) | (~x & z)) +#define G(x,y,z) ((x & z) | (y & ~z)) +#define H(x,y,z) (x^y^z) +#define I(x,y,z) (y ^ (x | ~z)) +#define ROTATE_LEFT(x,n) ((x << n) | (x >> (32-n))) + +#define FF(a,b,c,d,x,s,ac) \ +{ \ + a += F(b,c,d) + x + ac; \ + a = ROTATE_LEFT(a,s); \ + a += b; \ +} +#define GG(a,b,c,d,x,s,ac) \ +{ \ + a += G(b,c,d) + x + ac; \ + a = ROTATE_LEFT(a,s); \ + a += b; \ +} +#define HH(a,b,c,d,x,s,ac) \ +{ \ + a += H(b,c,d) + x + ac; \ + a = ROTATE_LEFT(a,s); \ + a += b; \ +} +#define II(a,b,c,d,x,s,ac) \ +{ \ + a += I(b,c,d) + x + ac; \ + a = ROTATE_LEFT(a,s); \ + a += b; \ +} +void MD5Init(MD5_CTX *context); +void MD5Update(MD5_CTX *context, unsigned char *input, unsigned int inputlen); +void MD5Final(MD5_CTX *context, unsigned char digest[16]); +void MD5Transform(unsigned int state[4], unsigned char block[64]); +void MD5Encode(unsigned char *output, unsigned int *input, unsigned int len); +void MD5Decode(unsigned int *output, unsigned char *input, unsigned int len); +int get_file_md5(const char *file_path, char *value); + +#endif diff --git a/code/datadifflib/pkg.sh b/code/datadifflib/pkg.sh new file mode 100755 index 0000000..3881e59 --- /dev/null +++ b/code/datadifflib/pkg.sh @@ -0,0 +1,123 @@ +#!/bin/bash + +WORKDIR=./pkg +PKGLIST=$WORKDIR/pkglist + + +#硬限制 +#限制进程最大内存使用100M +ulimit -Hv 102400 +#限制进程最大虚拟内存为200M +ulimit -Hv 204800 +#限制进程最大cpu占用时间为1秒 +ulimit -Ht 1 +#程序处理延迟(微秒) +progress_sleep=500 + + +#初始化环境 +function data_init(){ + + if [ -d $WORKDIR ];then + rm -rf $WORKDIR/log + fi + + mkdir $WORKDIR/log + + if [ -f $WORKDIR/pkglist ];then + rm pkglist + fi + +} + +#获取当前安装包列表 +function data_pkglist(){ + +iso_version=`grep -o -E "42|60|80|76|77" /etc/issue` + +case $iso_version in + + 42) + pkginfo -i >> $PKGLIST + ;; + 60|80) + #dpkg -l | awk '{if($1=="ii"){sub(":amd64","",$2);sub("[0-9]:","",$3);print $2"_"$3"_"$4}}' >> $PKGLIST + awk 'BEGIN{i=0;j=0;k=0}{if($1 == "Package:"){A[i]=$2;i+=1};if($1 == "Version:"){B[j]=$2;j+=1}if($1 == "Architecture:"){C[k]=$2;k=k+1}}END{for(i=0;i> pkglist + ;; + 76|77) + rpm -qa | while read pkglist + do + pkg_isoname=`echo $pkglist | awk -F "-[0-9]" '{printf $1}'` + pkgversion=`ECTYPE_TRANSMIT_NOT_PRESENTho $pkglist | awk -F "$pkgname-" '{printf $2}'` + echo $pkgname $pkgversion >> $PKGLIST + done + ;; + *) + echo "版本识别失败" + exit + ;; +esac + +} + +#搭建工作环境 +function data_env(){ + +tail -n +39 $0 > $WORKDIR/pkg.tar.gz + +tar xf $WORKDIR/pkg.tar.gz + +cd $WORKDIR/pkg + +} + +#对对比程序资源进行设置 +function data_set(){ + +echo "设置进程资源" + +} + +#启动对比程序 +function data_run(){ + + data_sum=`cat $PKGLIST | wc -l` + + ./scan $data_sum $progress_sleep + + data_pid=$? + +} + +#监视对比程序运行状态 +function data_control(){ + + echo "监视程序运行状态" + +} + +#生成检测报告 +function data_report(){ + + echo "生成对比报告" + + + +} + + +function main(){ + + data_init + data_pkglist + data_env + data_set + data_run + data_control + data_report + +} + +main + +exit 0 diff --git a/code/datadifflib/scan b/code/datadifflib/scan new file mode 100755 index 0000000..8aebaa9 Binary files /dev/null and b/code/datadifflib/scan differ diff --git a/code/datadifflib/scan.c b/code/datadifflib/scan.c new file mode 100644 index 0000000..c6f1fd6 --- /dev/null +++ b/code/datadifflib/scan.c @@ -0,0 +1,130 @@ +#include "scan.h" + +//轮循读取文件名 +void read_filename(char *dir) +{ + DIR *dfd; + struct dirent *dp; + char name[MAX_NAME]; + + if ((dfd = opendir(dir)) == NULL) + { + printf("dir_order:can't open %s\n %s",dir,strerror(errno)); + return ; + } + while ((dp = readdir(dfd)) != NULL) + { + if (strncmp(dp->d_name, ".", 1) == 0) + continue; + if (strlen(dir) + strlen(dp->d_name) + 2 > sizeof(name))//确定申请的空间够大 + { + printf("dir_order:name %s %s too long\n",dir,dp->d_name); + return ; + } + else + { + memset(name,0,sizeof(char)*MAX_NAME); + sprintf(name,"%s/%s",dir,dp->d_name); + + sprintf(file.name,name); + + if(4 == dp->d_type)//判断文件为目录,则递归查询 + { + read_filename(name); + printf("%s\n",name); + } + printf("%s\n" ,name); + } + } + closedir(dfd); + return ; +} + +//获取文件部分信息 +void read_filestat(struct fileinfo file) +{ + struct stat filestat; + + if(lstat(file.name,&filestat) <= 0) + { + printf("cannot access the file %s",file.name); + return; + } +//获取文件类型 + switch(filestat.st_mode & S_IFMT){ + case S_IFDIR : + sprintf(file.type,"目录"); + break; + case S_IFSOCK : + sprintf(file.type," 套接字 "); + break; + case S_IFLNK : + sprintf(file.type," 软链接 "); + break; + case S_IFREG : + sprintf(file.type," 文件 "); + break; + case S_IFCHR : + sprintf(file.type," 字符设备 "); + break; + case S_IFIFO : + sprintf(file.type," 管道 "); + break; + } +//获取文件大小 + //printf("%8ld\n" ,file.st_size);//打印文件名和文件大小。 + file.size = filestat.st_size; +//获取文件权限 + int i = 8; + while(i >= 0) + { + if((filestat.st_mode)& 1<pw_name); +//获取文件属组 + sprintf(file.gid,"%s",getgrgid(filestat.st_gid)->gr_name); +} + +#if 0 +void read_filemd5(struct fileinfo file) +{ + +} +#endif + +#if 0 +int main(int argc, const char *argv[]) +{ + char *dir = NULL; + char *name = NULL; + + dir = (char *)malloc(MAX_FILE); + printf("请输入要读取的目录\n"); + scanf("%s",dir); + read_filename(dir); + + printf("文件名:%s\n",file.name); + return 0; +} +#endif diff --git a/code/datadifflib/scan.h b/code/datadifflib/scan.h new file mode 100644 index 0000000..697f8ba --- /dev/null +++ b/code/datadifflib/scan.h @@ -0,0 +1,98 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "md5.h" + +#define MAX 512 +#define MAX_NAME 512 +#define MAX_FILE 512 +#define MAX_ACL 1024 +#define MAX_ID 32 +#define MAX_TYPE 10 +#define MAX_MD5 33 +#define MAX_MOD 16 +#define MAX_PATH 4096 + +#define FILEISO 1 +#define FILEPKG 2 +#define FILEFIL 3 +#define FILEMD5 4 +#define FILEPER 5 +#define FILEOWN 6 +#define FILEGEN 7 +#define FILETYP 8 + +#define FROM_PKGID 10 +#define FROM_NOWISO 20 +#define FROM_DATALIB 30 + +#define S_ISUGV 07000 + +#define md5_t char + +#define DATALIB "./fileinfo.db" +#define PKGLIST "./pkglist" +#define FILEDIFF "./diff.log" + +struct isoinfo{ + char name[MAX_NAME]; //镜像名 + char version[MAX_NAME];//镜像版本 + int id; //镜像id + md5_t md5[MAX_NAME]; //镜像md5_t + char issue[MAX_NAME]; +} ; + +struct pkginfo{ + char name[MAX_NAME]; //安装包名 + char version[MAX_NAME];//安装包版本 + int id; //安装包id + md5_t md5[MAX_MD5]; //安装包md5 +} ; + +struct fileinfo{ + int id; //文件id + char name[MAX_NAME]; //文件名 + char pathname[MAX_PATH];//文件绝对路径名 + md5_t md5[MAX_MD5]; //文件md5值 + char type[MAX_TYPE]; //文件类型 + int owner; //文件属主 + int genus; //文件属组 + char permis[MAX_ID]; //文件权限 + off_t size; //文件大小 + char acl[MAX_ACL]; //文件acl + char capable[MAX]; //文件能力 + char mac[MAX]; //文件mac + char level[MAX]; //文件等级 +} ; + +struct datalib{ + int nrow; + int ncolumn; + char ** db_result; +} ; + +int get_iso_info(struct isoinfo *iso); //获取当前镜像信息 +int get_now_pkg(char *now_name,struct pkginfo *now_pkg); //处理当前安装包列表 +int get_pkg_info(struct isoinfo *iso,struct pkginfo *now_pkg,struct pkginfo *data_pkg,int statu);//获取安装包信息 +int get_datafile_list(struct pkginfo data_pkg,struct fileinfo *data_file,struct datalib *file_list);//根据安装包信息获取对应文件列表 +int get_nowfile_info( struct fileinfo *now_file,struct fileinfo *data_file );//获取当前系统文件具体信息 +int diff_file_info(struct fileinfo now_file,struct fileinfo data_file);//对比当前系统文件信息和数据库文件信息 +void get_datafile_info(int i,struct datalib *file_list,struct fileinfo *data_file);//将获取的文件信息转入到文件信息结构体中 +void get_cap(struct fileinfo *now_file); +void get_mac(struct fileinfo *now_file); +void get_acl(struct fileinfo *now_file); + +int put_diff_log(char *content); +int myshell(char *command,char *buff,int num);//调用shell命令 + +void clean_n(char *log); diff --git a/code/dataintolib/clear_datelib.sh b/code/dataintolib/clear_datelib.sh new file mode 100755 index 0000000..e7ac839 --- /dev/null +++ b/code/dataintolib/clear_datelib.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +LIDADDR="../datalib/fileinfo.db" + +echo " 选择需要删除的数据类型" +echo "=================================================================" +echo " 1 删除指定产品 2 删除指定安装包 3 删除指定文件 4 清除所有文件 5 清除所有 " + +read stat + +case ${stat:0:1} in + 1) + echo "请输入产品id" + read product_id + + sqlite3 $LIDADDR "delete from product where product_id = $product_id" + for id in `sqlite3 $LIDADDR "select pkg_id from product_and_pkg where product_id = $product_id"` + do + sqlite3 $LIDADDR "delete from file where pkg_id = $id" + sqlite3 $LIDADDR "delete from pkg where pkg_id = $id" + sqlite3 $LIDADDR "delete from product_and_pkg where product_id = $product_id" + done + ;; + 2) + echo "请输入安装包id" + read pkg_id + + sqlite3 $LIDADDR "delete from file where pkg_id = $pkg_id" + sqlite3 $LIDADDR "delete from pkg where pkg_id = $pkg_id" + sqlite3 $LIDADDR "delete from product_and_pkg where pkg_id = $pkg_id" + ;; + 3) + echo "请输入文件名" + read file_id + + sqlite3 $LIDADDR "delete from file where file_id = $file_id" + ;; + 4) + sqlite3 $LIDADDR "delete from file" + ;; + 5) + sqlite3 $LIDADDR "delete from file" + sqlite3 $LIDADDR "delete from pkg" + sqlite3 $LIDADDR "delete from product_and_pkg" + sqlite3 $LIDADDR "delete from product" + ;; + *) + echo "输入错误,请输入(1、2、3、4)" + ;; +esac diff --git a/code/dataintolib/into_datelib.sh b/code/dataintolib/into_datelib.sh new file mode 100755 index 0000000..dc0b09e --- /dev/null +++ b/code/dataintolib/into_datelib.sh @@ -0,0 +1,585 @@ +#!/bin/bash + +set -e + +#镜像挂载目录 +MOUNT="/mnt" + +#当前镜像版本 + +ISO_ROCKY="*4.2* | *6.0.42* | *4.3*" +ISO_DEBIN="*6.0.60* | *6.0.80*" +ISO_REDHA="*6.0.77* | *6.0.76*" + +#当前目录 +NOWDIR=`pwd` + +#安装包临时解压目录 +PKGDIR="$NOWDIR/pkg" + +#操作系统存储目录 +ISODIR="$NOWDIR/iso" + +#数据库位置 +data_DIR="../datalib" +#数据库名 +data_NAME="fileinfo.db" +data_SQL="fileinfo.sql" + +data_ADD="$data_DIR/$data_NAME" +data_FILE="$data_DIR/$data_SQL" + +#日志文件 +file_LOG="$NOWDIR/filelog" +#当前已经安装的文件列表 +file_NOW="$NOWDIR/now_pkglist" +#当前镜像中未录入的文件列表 +file_NEW="$NOWDIR/new_pkglist" + +#读取镜像issue文件 +function data_intoissue(){ +echo "获取镜像版本(通过issue)" +case $1 in + rocky) + iso_issue=`cat /etc/issue | sed ':a;N;s/\n/ /g;ta'` + sqlite3 $data_ADD "update product set product_issue='$iso_issue' where product_id=$data_isoid;" + ;; + debian) + #iso_base_files=`find $iso_mountname -name base-files*.deb` + #if [ -d $PKGDIR ] + #then + # rm -rf $PKGDIR + #fi + + #PKGDIR=$PKGDIR + #echo "解压base-files_8+deb8u9-linx18_amd64.deb" + #mkdir -p $PKGDIR + #dpkg -X $iso_base_files $PKGDIR + + iso_issue=`cat /etc/issue | sed ':a;N;s/\n/ /g;ta'` + sqlite3 $data_ADD "update product set product_issue=\"$iso_issue\" where product_id=$data_isoid;" + ;; + redhat) + iso_issue=`cat /etc/issue | sed ':a;N;s/\n/ /g;ta'` + sqlite3 $data_ADD "update product set product_issue=\"$iso_issue\" where product_id=$data_isoid;" + + ;; + *) + ;; +esac + +} + +function data_intofile(){ + +local data_file=$1 +if [ ! -e $data_file ] +then + echo "文件不存在" + return 0 +fi + +if [ "$2" == "1" ] +then + local data_filepath=$1 + local data_filelevel=1 +else + local data_filepath=` echo $data_file | awk -F "$PKGDIR" '{ print $2 }' ` + local data_filelevel=2 +fi + +if [ "$PKGDIR" == "$data_file" ] +then + echo "临时目录" + return 0 +elif [ "$data_filepath" == "/usr" ] || + [ "$data_filepath" == "/etc" ] || + [ "$data_filepath" == "/bin" ] || + [ "$data_filepath" == "/sbin" ] || + [ "$data_filepath" == "/lib" ] || + [ "$data_filepath" == "/lib64" ] || + [ "$data_filepath" == "/var" ] || + [ "$data_filepath" == "/opt" ] || + [ "$data_filepath" == "/dev" ] || + [ "$data_filepath" == "/proc" ] || + [ "$data_filepath" == "/sys" ] || + [ "$data_filepath" == "/opt" ] || + [ "$data_filepath" == "/tmp" ] || + [ "$data_filepath" == "/mnt" ] || + [ "$data_filepath" == "/usr/share" ] || + [ "$data_filepath" == "/usr/bin" ] || + [ "$data_filepath" == "/usr/lib" ] || + [ "$data_filepath" == "/usr/etc" ] || + [ "$data_filepath" == "/usr/lib64" ] || + [ "$data_filepath" == "/usr/share" ] || + [ "$data_filepath" == "/usr/include" ] || + [ "$data_filepath" == "/usr/local" ] || + [ "$data_filepath" == "/." ] +then + echo "无用目录" + return 0 +fi + +local data_filename=$(basename $data_file) +local data_filepermis=$(stat -c %a $data_file) +local data_filetype=$(ls -lad $data_file) +local data_filetype=$(echo ${data_filetype:0:1}) +local data_filegenus=$(stat -c %g $data_file) +local data_fileowner=$(stat -c %u $data_file) +local data_filesize=$(stat -c %s $data_file) + +#发现默认未有文件设置该信息 + +if [[ $data_filetype == "b" ]] || + [[ $data_filetype == "s" ]] || + [[ $data_filetype == "-" ]] +then + local data_filemd5=$(md5sum $data_file | awk '{ print $1 }') + local data_filecap=$(getcap "$data_file") + local data_filemac=$(getfmac "$data_file") + local data_fileacl=$(getfacl --absolute-name "$data_file" 2>/dev/null) +elif [[ $data_filetype == "d" ]] +then + local data_filemd5= + local data_filecap=$(getcap "$data_file") + local data_filemac=$(getfmac "$data_file") + local data_fileacl=$(getfacl --absolute-name "$data_file" 2>/dev/null) +fi + +#当文件为解压收集信息时,cap、mac、acl信息会出现错误。 +if [[ $data_filelevel == "2" ]] +then + local data_filecap="" + local data_filemac="" + local data_fileacl="" +fi + +local data_fileid=$(expr `sqlite3 $data_ADD "select file_id from file order by file_id desc limit 1;"` + 1) +local data_pkgid=$(sqlite3 $data_ADD "select pkg_id from pkg where pkg_name='$pkg_name' and pkg_version='$pkg_version' ;") + +echo -e " 当前产品:$product_iso \n \ + 当前文件:$data_file \n \ + 当前文件名:$data_filename \n \ + 当前文件绝对路径:$data_filepath \n \ + 当前临时文件目录:$PKGDIR \n \ + 当前安装包:$pkg_name \n \ + 文件id: $data_fileid \n \ + 文件类型:$data_filetype \n \ + 文件属主:$data_fileowner \n \ + 文件属组:$data_filegenus \n \ + 文件权限:$data_filepermis \n \ + 文件大小:$data_filesize \n \ + 文件md5: $data_filemd5 \n \ + 文件cap: $data_filecap \n \ + 文件acl: $data_fileacl \n \ + 文件mac: $data_filemac \n \ + 将$1存入数据库" >> $file_LOG + +if [ -z $data_pkgid ] +then + echo "文件未经过安装包" +else + echo "将文件$data_filepath输入数据库" + sqlite3 $data_ADD "insert into file values ($data_fileid,\"$data_filename\",$data_pkgid,\"$data_filepath\",\"$data_filemd5\",\"$data_filetype\",\"$data_fileowner\",\"$data_filegenus\",$data_filepermis,$data_filesize,\"$data_fileacl\",\"$data_filecap\",\"$data_filelevel\",\"$data_filemac\")" +fi + +} + +function data_intopkg(){ +local data_pkg=$1 +local data_pkgmd5=`md5sum $data_pkg | awk '{ print $1 }'` + +#要判断pkg表是否有重复包 +local pkg_md5=`sqlite3 $data_ADD "select pkg_md5 from pkg where pkg_md5 is '$data_pkgmd5'"` +if [ "$pkg_md5" != "$data_pkgmd5" ]; +then + case $data_pkg in + *pkg.tar.gz) + local data_pkgname=`echo "$(basename $data_pkg .pkg.tar.gz)" |awk -F "#" '{print $1}'` + local data_pkgversion=`echo "$(basename $data_pkg .pkg.tar.gz)" |awk -F "#" '{print $2}'` + ;; + *.deb) + local data_pkgname=`echo "$(basename $data_pkg .deb)" | awk -F "_" '{print $1}'` + local data_pkgversion=`echo "$(basename $data_pkg .deb)" | awk -F "_" '{print $2"_"$3}'` + ;; + *.rpm) + local data_pkgversion=`echo "$(basename $data_pkg .rpm)" | awk -F "-" '{for(i=NF-1;i> $file_LOG + sqlite3 $data_ADD "insert into pkg values ($data_pkgid,'$data_pkgname','$data_pkgversion','$data_pkgmd5')" + + #更新product_and_pkg表 + echo "更新product_and_pkg表" + local data_papid=$(expr `sqlite3 $data_ADD "select pap_id from product_and_pkg order by pap_id desc limit 1;"` + 1) + sqlite3 $data_ADD "insert into product_and_pkg values ($data_papid,$data_isoid,$data_pkgid)" + + echo "$data_pkgname $data_pkgversion" >> ./new + + #如果为新的安装包则解压扫描包内文件 +else + local pkg_id=`sqlite3 $data_ADD "select pkg_id from pkg where pkg_md5 is '$data_pkgmd5'"` + local iso_pkgid=`sqlite3 $data_ADD "select product_id from product_and_pkg where pkg_id = '$pkg_id' and product_id = '$data_isoid'"` + + #判断是否有向product_and_pkg输入相同的信息 + if [ "$data_isoid" == "$iso_pkgid" ]; + then + echo "相同安装包id为:$pkg_id">>$file_LOG + echo "data_isoid=$data_isoid iso_pkgid=$iso_pkgid 未入库">>$file_LOG + else + local data_papid=$(expr `sqlite3 $data_ADD "select pap_id from product_and_pkg order by pap_id desc limit 1;"` + 1) + sqlite3 $data_ADD "insert into product_and_pkg values ($data_papid,$data_isoid,$pkg_id)" + echo "相同安装包id为:$pkg_id">>$file_LOG + echo "data_isoid=$data_isoid iso_pkgid=$iso_pkgid 入库">>$file_LOG + fi + +fi +} + +function data_intoiso(){ +data_iso=$1 +data_isomd5=`md5sum $data_iso | awk '{ print $1 }'` +data_isoname=`echo "$(basename $data_iso .iso)" | awk -F "-" '{print $1"-"$2}'` +data_isoversion=`echo "$(basename $data_iso .iso)" | awk -F "$data_isoname" '{print $2}'` +data_isoid=$(expr `sqlite3 $data_ADD "select product_id from product order by product_id desc limit 1;"` + 1) +#获取最后一个id值加1 +echo -e "当前镜像:$data_iso\n 镜像名:$data_isoname\n 镜像版本:$data_isoversion\n 镜像md5:$data_isomd5\n 镜像id:$data_isoid\n">>$file_LOG +sqlite3 $data_ADD "insert into product values ($data_isoid,'$data_isoname','$data_isoversion','$data_isomd5',' ')" +} + +#整理文件信息获取 +function data_get(){ + +data_stat=$2 +echo "入库类型:$data_stat" + +case $data_stat in + iso_stat) + data_intoiso $1 + ;; + + pkg_stat) + data_intopkg $1 + ;; + + file_stat) + data_intofile $1 $3 + ;; + + iso_issue) + data_intoissue $1 + ;; + + *) + echo "程序出错" + return 3 + ;; +esac +} + +#将镜像挂载到指定目录下 +function iso_mount(){ +echo "iso_mount" +iso_mountname=$MOUNT + +while [[ `mount | grep $iso_mountname` != "" ]] +do + umount $iso_mountname +done + +if [ -d $iso_mountname ]; +then + mount -o loop $iso_name $iso_mountname +else + mkdir $iso_mountname + mount -o loop $iso_name $iso_mountname +fi + +data_get $iso_vis "iso_issue" +#将镜像issue信息存入库 + +} + +#判断当前镜像版本 +#将镜像信息入库 +function iso(){ + +iso_name=$1 + + case $iso_name in + *4.2* | *6.0.42* | *4.3*) + echo "42" + iso_vis="rocky" + ;; + *6.0.60* | *6.0.80* ) + echo "60|80" + iso_vis="debian" + ;; + *6.0.77* | *6.0.76* ) + echo "76|77" + iso_vis="redhat" + ;; + *) + echo "镜像不存在" + exit + ;; + esac + + data_get $product_iso "iso_stat" + #将镜像信息入库 +} + +#获取当前系统已经安装的安装包,并将镜像中全部安装包进行排序 +function pkg(){ +echo "tar:$1" +pkg_filename=$1 + +PKGDIR=$PKGDIR + +case $iso_vis in + #当前已经安装的文件 + rocky) + pkginfo -i | sort >> $file_NOW + ;; + debian) + awk 'BEGIN{i=0;j=0;k=0}{if($1 == "Package:"){A[i]=$2;i+=1};if($1 == "Version:"){B[j]=$2;j+=1}if($1 == "Architecture:"){C[k]=$2;k=k+1}}END{for(i=0;i> $file_NOW + ;; + redhat) + rpm -qa | awk -F "-" '{for(i=1;i> $file_NOW + ;; + *) + echo "解压选择出错$pkg_filename" + ;; +esac + + if [ -e ./new ] + then + cat ./new | sort >> $file_NEW + rm ./new + else + touch $file_NEW + fi +} + +#获取需要收集安装包的文件信息 +function file_now(){ + +#处理带有空格的文件名 +MY_SAVEIFS=$IFS +IFS=$'\n' + +#收集虚拟机已经安装的文件 +for pkg_list in `comm -12 $file_NEW $file_NOW ` +do + pkg_name=`echo $pkg_list | awk '{print $1}' ` + pkg_version=`echo $pkg_list | awk '{print $2}'` + case $iso_vis in + rocky) + file_listname=$( pkginfo -l $pkg_name | sed "s/\*/\\\*/g" ) + #发现有的文件存在*号,会导致文件信息获取出错。 + for file_list in $file_listname + do + if [ -d "/$file_list" ];then + file_list=${file_list%?} + fi + data_get "/$file_list" "file_stat" 1 + done + ;; + debian) + for file_list in `dpkg -L $pkg_name | awk -F ":" '{if($1=="软件包将其他的包转移至"){print $2}else{print $1}}'` + do + data_get $file_list "file_stat" 1 + done + echo "当前已安装的包收集完毕" + ;; + redhat) + for file_list in `rpm -ql $pkg_name` + do + data_get $file_list "file_stat" 1 + done + ;; + *) + echo "文件收集错误" + ;; + esac +done + + +IFS=$MY_SAVEIFS  + +} + +function file_new(){ +comm -23 $file_NEW $file_NOW |while read pkg_list +do + pkg_name=`echo $pkg_list | awk '{print $1}'` + pkg_version=`echo $pkg_list | awk '{print $2}'` + + + if [ -d $PKGDIR ] + then + rm -r $PKGDIR + fi + + PKGDIR=$PKGDIR + + case $iso_vis in + rocky) + pkg_filename=`echo $pkg_name"#"$pkg_version"*"` + pkg_filename=`find $iso_mountname -name $pkg_filename` + pkg_filename=`echo $pkg_filename | awk '{print $1}'` + echo "解压tar类型安装包" + mkdir -p $PKGDIR + tar xf $pkg_filename -C $PKGDIR + ;; + debian) + pkg_filename=`echo $pkg_name"_"$pkg_version"*"` + pkg_filename=`find $iso_mountname -name $pkg_filename` + pkg_filename=`echo $pkg_filename | awk '{print $1}'` + echo "解压deb类型安装包" + mkdir -p $PKGDIR + dpkg -X $pkg_filename $PKGDIR + ;; + redhat) + pkg_filename=`echo $pkg_name"-"$pkg_version"*"` + echo $iso_mountname + pkg_filename=`find $iso_mountname -name $pkg_filename` + pkg_filename=`echo $pkg_filename | awk '{print $1}'` + echo "解压rpm类型安装包" + mkdir -p $PKGDIR + cp $pkg_filename $PKGDIR + cd $PKGDIR + rpm2cpio *.rpm | cpio -div + rm *.rpm + cd - + ;; + *) + echo "解压选择出错$pkg_filename" + ;; + esac + #处理带有空格的文件名 + MY_SAVEIFS=$IFS + IFS=$'\n' + + for pkg_file in `find $PKGDIR` + do + data_get $pkg_file "file_stat" 2 + done + IFS=$MY_SAVEIFS + rm -r $PKGDIR + +done + +} + +#判断输入介质为目录 +#输入目录名 +function iso_pkg(){ + +echo "dir:$1" +iso_pkgdir=$1 + +case $iso_vis in + rocky) + echo "pkg.tar.gz安装包" + for iso_pkgfile in `find $iso_pkgdir -name *.pkg.tar.gz` + do + data_get $iso_pkgfile "pkg_stat" + done + ;; + debian) + echo "deb安装包" + for iso_pkgfile in `find $iso_pkgdir -name *.deb` + do + data_get $iso_pkgfile "pkg_stat" + done + ;; + redhat) + echo "rpm安装包" + for iso_pkgfile in `find $iso_pkgdir -name *.rpm` + do + data_get $iso_pkgfile "pkg_stat" + done +esac + +} + +function set_env(){ + + if [ -f $data_ADD ]; + then + rm $data_ADD + fi + + if [ -f $file_NEW ]; + then + rm $file_NEW + fi + + if [ -f $file_NOW ]; + then + rm $file_NOW + fi + + if [ -f $file_LOG ]; + then + rm $file_LOG + fi + + if [ -f ./new ]; + then + rm ./new + fi + + cd $data_DIR + sqlite3 $data_NAME < $data_FILE + cd - + echo "重建数据库" + #创建数据库 + +} + +function main(){ + +echo " 请选择产品类型" +echo "=========================================" +echo " 1.操作系统 2.附加产品 3.其他" + +read product_stat + +case ${product_stat:0:1} in + 1) + set_env + #设置数据库 + product_iso=`find $ISODIR -mindepth 1` + iso $product_iso + #判断镜像版本 + iso_mount $iso_vis + #将镜像挂载在指定目录 + iso_pkg $iso_mountname + #将镜像中未录入的安装包入库,并记录到$file_NEW + pkg $data_pkg + #获取当前已安装的安装包列表,并记录到$file_NOW + file_now + #获取已安装的包文件信息 + file_new + #获取未安装的包文件信息 + ;; + 2) + echo "附加产品" + ;; + 3) + echo "其它产品" + ;; + *) + echo "请输入1/2/3" +esac + +echo "信息录取成功" +} + +main + diff --git a/code/dataintolib/tags b/code/dataintolib/tags new file mode 100644 index 0000000..76d9f95 --- /dev/null +++ b/code/dataintolib/tags @@ -0,0 +1,19 @@ +!_TAG_FILE_FORMAT 2 /extended format; --format=1 will not append ;" to lines/ +!_TAG_FILE_SORTED 1 /0=unsorted, 1=sorted, 2=foldcase/ +!_TAG_PROGRAM_AUTHOR Darren Hiebert /dhiebert@users.sourceforge.net/ +!_TAG_PROGRAM_NAME Exuberant Ctags // +!_TAG_PROGRAM_URL http://ctags.sourceforge.net /official site/ +!_TAG_PROGRAM_VERSION 5.9~svn20110310 // +data_get into_datelib.sh /^function data_get(){$/;" f +data_intofile into_datelib.sh /^function data_intofile(){$/;" f +data_intoiso into_datelib.sh /^function data_intoiso(){$/;" f +data_intoissue into_datelib.sh /^function data_intoissue(){$/;" f +data_intopkg into_datelib.sh /^function data_intopkg(){$/;" f +file_new into_datelib.sh /^function file_new(){$/;" f +file_now into_datelib.sh /^function file_now(){$/;" f +iso into_datelib.sh /^function iso(){$/;" f +iso_mount into_datelib.sh /^function iso_mount(){$/;" f +iso_pkg into_datelib.sh /^function iso_pkg(){$/;" f +main into_datelib.sh /^function main(){$/;" f +pkg into_datelib.sh /^function pkg(){$/;" f +set_env into_datelib.sh /^function set_env(){$/;" f diff --git a/code/datalib/fileinfo.db b/code/datalib/fileinfo.db new file mode 100644 index 0000000..4929d10 Binary files /dev/null and b/code/datalib/fileinfo.db differ diff --git a/code/datalib/fileinfo.sql b/code/datalib/fileinfo.sql new file mode 100644 index 0000000..0b716b3 --- /dev/null +++ b/code/datalib/fileinfo.sql @@ -0,0 +1,80 @@ +/* +SET FOREIGN_KEY_CHECKS = 0; +DROP TABLE IF EXISTS `product`; +DROP TABLE IF EXISTS `pkg`; +DROP TABLE IF EXISTS `file`; +DROP TABLE IF EXISTS `product_and_pkg`; +SET FOREIGN_KEY_CHECKS = 1; + + +ON DELETE 和 ON UPDATE,表示当发生delete和update时,会发生什么行为 + +NO ACTION:默认的,表示没有什么行为. +RESTRICT:当有一个child关联到parent时,禁止delete或update parent +SET NULL:当parent被delete或update时,child的的关联字段被置为null(如果字段有not null,就出错) +SET DEFAULT:类似于SET NULL (是不是设置默认值?没有试过) +CASCADE:将实施在parent上的删除或更新操作,传播给你吧与之关联的child上. +对于 ON DELETE CASCADE, 同被删除的父表中的行 相关联的子表中的每1行,也会被删除. +对于ON UPDATE CASCADE, 存储在子表中的每1行,对应的字段的值会被自动修改成同新的父键匹配 + + +DEFAULT 约束在 INSERT INTO 语句没有提供一个特定的值时,为列提供一个默认值。 + FOREIGN KEY (`product_id`) REFERENCES product(`product_id`) ON DELETE CASCADE ON UPDATE CASCADE, + FOREIGN KEY (`pkg_id`) REFERENCES pkg(`pkg_id`) ON DELETE CASCADE ON UPDATE CASCADE + +CREATE TABLE `pkg_and_file` ( + `paf_id` INTEGER NOT NULL, + `pkg_id` INTEGER NOT NULL, + `file_id` INTEGER NOT NULL, + PRIMARY KEY (`paf_id`) +); +*/ + +CREATE TABLE `product` ( + `product_id` SMALLINT NOT NULL, + `product_name` TEXT(255) NOT NULL, + `product_version` CHAR(255) NOT NULL, + `product_md5` CHAR(32) NOT NULL, + `product_issue` CHAR NOT NULL, + PRIMARY KEY (`product_id`) +); + +CREATE TABLE `pkg` ( + `pkg_id` INTEGER NOT NULL, + `pkg_name` CHAR(255) NOT NULL, + `pkg_version` CHAR(255) NOT NULL, + `pkg_md5` CHAR(32) NOT NULL, + PRIMARY KEY (`pkg_id`) +); + +CREATE TABLE `file` ( + `file_id` INTEGER NOT NULL, + `file_name` char(255) NOT NULL, + `pkg_id` INTEGER NOT NULL, + `file_pathname` CHAR(4096) NOT NULL, + `file_md5` CHAR(32) DEFAULT " ", + `file_type` CHAR NOT NULL, + `file_owner` CHAR NOT NULL, + `file_genus` CHAR NOT NULL, + `file_permis` INTEGER NOT NULL, + `file_size` INTEGER NOT NULL, + `file_acl` CHAR DEFAULT " ", + `file_capable` CHAR DEFAULT " ", + `file_level` INTEGER DEFAULT 0, + `file_mac` CHAR DEFAULT " ", + PRIMARY KEY (`file_id`) +); + +CREATE TABLE `product_and_pkg` ( + `pap_id` INTEGER NOT NULL, + `product_id` SMALLINT NOT NULL, + `pkg_id` INTEGER NOT NULL, + PRIMARY KEY (`pap_id`) +); + +CREATE TABLE `pkg_and_file` ( + `paf_id` INTEGER NOT NULL, + `pkg_id` INTEGER NOT NULL, + `file_id` INTEGER NOT NULL, + PRIMARY KEY (`paf_id`) +); diff --git a/code/datalib/merge.sh b/code/datalib/merge.sh new file mode 100755 index 0000000..124440d --- /dev/null +++ b/code/datalib/merge.sh @@ -0,0 +1,133 @@ +#/bin/bash + +data_ADD="./fileinfo.1.db" +#总数据库名 +data_NEW="./fileinfo.2.db" +#新数据库名 + +merge_LOG="./merge.log" +#合并日志 +merge_LIST="./merge.list" + +function set_env(){ + + if [ -f $merge_LOG ]; + then + rm $merge_LOG + fi + + if [ -f $merge_LIST ]; + then + rm $merge_LIST + fi + +} + +#获取新数据库中镜像信息存入到总数据库中 +function get_into_iso(){ + + data_isomd5=`sqlite3 $data_NEW "select product_md5 from product;"` + + data_isoname=`sqlite3 $data_NEW "select product_name from product;"` + data_isoversion=`sqlite3 $data_NEW "select product_version from product;"` + data_isoissue=`sqlite3 $data_NEW "select product_issue from product;"` + data_isoid=$(expr `sqlite3 $data_ADD "select product_id from product order by product_id desc limit 1;"` + 1) + + sqlite3 $data_ADD "insert into product values ($data_isoid,'$data_isoname','$data_isoversion','$data_isomd5','$data_isoissue');" + + echo "镜像 name:$data_isoname version:$data_isoversion md5:$data_isomd5 issue:$data_isoissue id:$data_isoid" >> $merge_LOG +} + +function get_into_pkg(){ + for pkg_list in `sqlite3 $data_NEW "select * from pkg;"` + do + new_pkg_md5=`echo $pkg_list | awk -F "|" '{print $4}'` + + pkg_md5=`sqlite3 $data_ADD "select pkg_md5 from pkg where pkg_md5 is '$new_pkg_md5';"` + + if [ "$new_pkg_md5" != "$pkg_md5" ]; + then + new_pkg_name=`echo $pkg_list | awk -F "|" '{print $2}'` + new_pkg_version=`echo $pkg_list | awk -F "|" '{print $3}'` + new_pkg_id=`echo $pkg_list | awk -F "|" '{print $1}'` + pkg_id=$(expr `sqlite3 $data_ADD "select pkg_id from pkg order by pkg_id desc limit 1;"` + 1) + sqlite3 $data_ADD "insert into pkg values ($pkg_id,'$new_pkg_name','$new_pkg_version','$new_pkg_md5');" + + #更新product_and_pkg表 + local data_papid=$(expr `sqlite3 $data_ADD "select pap_id from product_and_pkg order by pap_id desc limit 1;"` + 1) + sqlite3 $data_ADD "insert into product_and_pkg values ($data_papid,$data_isoid,$pkg_id);" + echo "安装包 name:$new_pkg_name version:$new_pkg_version md5:$new_pkg_md5 id:$pkg_id papid:$data_papid" >> $merge_LOG + + echo "$new_pkg_id $pkg_id" >> $merge_LIST + #获取新数据库中文件信息,并输入到总数据库中 + + else + pkg_id=`sqlite3 $data_ADD "select pkg_id from pkg where pkg_md5 is '$pkg_md5';"` + iso_pkgid=`sqlite3 $data_ADD "select product_id from product_and_pkg where pkg_id = '$pkg_id' and product_id = '$data_isoid';"` + + #判断是否有向product_and_pkg输入相同的信息 + if [ "$data_isoid" == "$iso_pkgid" ]; + then + echo "相同安装包id为:$pkg_id" >> $merge_LOG + else + local data_papid=$(expr `sqlite3 $data_ADD "select pap_id from product_and_pkg order by pap_id desc limit 1;"` + 1) + sqlite3 $data_ADD "insert into product_and_pkg values ($data_papid,$data_isoid,$pkg_id);" + echo "更新product_and_pkg表 papid=$data_papid iso_id=$data_isoid pkg_id=$pkg_id" >> $merge_LOG + fi + fi + done +} + +#获取新数据库中文件信息存入到总数据库中 +function get_into_file(){ + + OLDIFS=$IFS + IFS=$'\n' + + for file_pkg_list in `cat $merge_LIST` + do + pkg_list=`echo $file_pkg_list | awk '{print $1}'` + for file_id in $(sqlite3 $data_NEW "select file_id from file where pkg_id= '$pkg_list';") + do + data_fileid=$(expr `sqlite3 $data_ADD "select file_id from file order by file_id desc limit 1;"` + 1) + + data_filename=`sqlite3 $data_NEW "select file_name from file where file_id=$file_id"` + data_pkgid=`echo $file_pkg_list | awk '{print $2}'` + data_filepath=`sqlite3 $data_NEW "select file_pathname from file where file_id=$file_id"` + data_filemd5=`sqlite3 $data_NEW "select file_md5 from file where file_id=$file_id"` + data_filetype=`sqlite3 $data_NEW "select file_type from file where file_id=$file_id"` + data_fileowner=`sqlite3 $data_NEW "select file_owner from file where file_id=$file_id"` + data_filegenus=`sqlite3 $data_NEW "select file_genus from file where file_id=$file_id"` + data_filepermis=`sqlite3 $data_NEW "select file_permis from file where file_id=$file_id"` + data_filesize=`sqlite3 $data_NEW "select file_size from file where file_id=$file_id"` + data_fileacl=`sqlite3 $data_NEW "select file_acl from file where file_id=$file_id"` + data_filecap=`sqlite3 $data_NEW "select file_capable from file where file_id=$file_id"` + data_filelevel=`sqlite3 $data_NEW "select file_level from file where file_id=$file_id"` + data_filemac=`sqlite3 $data_NEW "select file_mac from file where file_id=$file_id"` + + sqlite3 $data_ADD "insert into file values ($data_fileid,\"$data_filename\",$data_pkgid,\"$data_filepath\",\"$data_filemd5\",\"$data_filetype\",\"$data_fileowner\",\"$data_filegenus\",$data_filepermis,$data_filesize,\"$data_fileacl\",\"$data_filecap\",\"$data_filelevel\",\"$data_filemac\");" + + echo "文件 id:$data_fileid name:$data_filename pkgid:$data_pkgid newpkgid:$new_pkg_id path:$data_filepath md5:$data_filemd5 type:$data_filetype owner:$data_fileowner genus:$data_filegenus permis:$data_filepermis size:$data_filesize acl:$data_fileacl cap:$data_filecap level:$data_filelevel mac:$data_filemac" >> $merge_LOG + done + done + + IFS=$OLDIFS +} + +function main(){ + + set_env + #设置环境 + + get_into_iso + #获取新数据库中镜像信息,并输入到总数据库中 + + get_into_pkg + #获取新数据库中安装包信息,并输入到总数据库中 + + get_into_file + #获取新数据库中文件信息,并如输入到总数据库中 + +} + +main diff --git a/code/pkg.sh b/code/pkg.sh new file mode 100755 index 0000000..0a3b8e7 --- /dev/null +++ b/code/pkg.sh @@ -0,0 +1,112 @@ +#!/bin/bash + +WORKNOW=`pwd` +WORKDIR=$WORKNOW/pkg +PKGLIST=$WORKDIR/pkglist + + +#限制进程最大内存使用100M +ulimit -m 102400 +#限制进程最大虚拟内存为200M +ulimit -v 204800 +#限制进程最大cpu占用时间为1秒 +ulimit -t 1 +#程序处理延迟(微秒) +progress_sleep=500 + + +#初始化环境 +function data_init(){ + if [ -d $WORKDIR ];then + rm -rf $WORKDIR + fi + + mkdir $WORKDIR +} + +#获取当前安装包列表 +function data_pkglist(){ + +iso_version=`grep -o -E "42|60|80|76|77" /etc/issue` + +case $iso_version in + + 42) + pkginfo -i >> $PKGLIST + ;; + 60|80) + #dpkg -l | awk '{if($1=="ii"){sub(":amd64","",$2);sub("[0-9]:","",$3);print $2"_"$3"_"$4}}' >> $PKGLIST + awk 'BEGIN{i=0;j=0;k=0}{if($1 == "Package:"){A[i]=$2;i+=1};if($1 == "Version:"){B[j]=$2;j+=1}if($1 == "Architecture:"){C[k]=$2;k=k+1}}END{for(i=0;i> $PKGLIST + ;; + 76|77) + rpm -qa | awk -F "-" '{for(i=1;i> $PKGLIST + ;; + *) + echo "版本识别失败" + exit + ;; +esac + +} + +#搭建工作环境 +function data_env(){ + +#tail -n +39 $0 > $WORKDIR/pkg.tar.gz + +#tar xf $WORKDIR/pkg.tar.gz + +cp ./scan $WORKDIR +cp ./fileinfo.db $WORKDIR +cd $WORKDIR + +} + +#对对比程序资源进行设置 +function data_set(){ + +echo "设置进程资源" + +} + +#启动对比程序 +function data_run(){ + + data_sum=`cat $PKGLIST | wc -l` + + ./scan $data_sum $progress_sleep & + + data_pid=$? + +} + +#监视对比程序运行状态 +function data_control(){ + + echo "监视程序运行状态" + +} + +#生成检测报告 +function data_report(){ + + echo "生成对比报告" + +} + + +function main(){ + + data_init + data_pkglist + data_env + data_set + data_run + data_control + data_report + +} + +main + +exit 0 diff --git a/code/work/make.sh b/code/work/make.sh new file mode 100755 index 0000000..2f7a27f --- /dev/null +++ b/code/work/make.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +mkdir pkg + +cd ../datadifflib + +make clean +make + +cd - + +cp ../datadifflib/scan ./pkg +cp ../datalib/fileinfo.db ./pkg +cp ../datadifflib/pkg.sh . + +tar zcf pkg.tar.gz ./pkg + +cat pkg.tar.gz >> pkg.sh + +rm -rf pkg.tar.gz pkg diff --git a/code/work/test.c b/code/work/test.c new file mode 100644 index 0000000..d4fe20c --- /dev/null +++ b/code/work/test.c @@ -0,0 +1,19 @@ +#include +#include +int main() +{ + int i=0; + char bar[101]; + const char* lable="|/-\\";//打印旋转的图标 + while(i<=100) + { + bar[i]='\0'; + printf("[%-100s] [%c] [%d/%]\r",bar,lable[i%4],i); + fflush(stdout); + bar[i]='#'; + i++; + usleep(10000); + } + printf("/n"); + return 0; +} diff --git a/design/README.md b/design/README.md new file mode 100644 index 0000000..e69de29 diff --git a/design/SIC-详细设计说明书-V0.2.odt b/design/SIC-详细设计说明书-V0.2.odt new file mode 100644 index 0000000..8934e35 Binary files /dev/null and b/design/SIC-详细设计说明书-V0.2.odt differ diff --git a/design/SIC-详细设计说明书-V0.2.pdf b/design/SIC-详细设计说明书-V0.2.pdf new file mode 100644 index 0000000..8633474 Binary files /dev/null and b/design/SIC-详细设计说明书-V0.2.pdf differ diff --git a/design/产品信息入库工具.png b/design/产品信息入库工具.png new file mode 100644 index 0000000..9bc368c Binary files /dev/null and b/design/产品信息入库工具.png differ diff --git a/design/文件信息对比模块-流程图.png b/design/文件信息对比模块-流程图.png new file mode 100644 index 0000000..6c8d3d2 Binary files /dev/null and b/design/文件信息对比模块-流程图.png differ diff --git a/design/文件完整性检测工具结构图.png b/design/文件完整性检测工具结构图.png new file mode 100644 index 0000000..d5aa790 Binary files /dev/null and b/design/文件完整性检测工具结构图.png differ diff --git a/design/系统完整性检测工具结构图.png b/design/系统完整性检测工具结构图.png new file mode 100644 index 0000000..29058b3 Binary files /dev/null and b/design/系统完整性检测工具结构图.png differ diff --git a/manage/SIC-项目变更记录.doc b/manage/SIC-项目变更记录.doc new file mode 100644 index 0000000..04b4044 Binary files /dev/null and b/manage/SIC-项目变更记录.doc differ diff --git a/manage/SIC-项目变更记录.pdf b/manage/SIC-项目变更记录.pdf new file mode 100644 index 0000000..4d156bb Binary files /dev/null and b/manage/SIC-项目变更记录.pdf differ diff --git a/manage/立项申请书.odt b/manage/立项申请书.odt new file mode 100644 index 0000000..eeb07f6 Binary files /dev/null and b/manage/立项申请书.odt differ diff --git a/manage/立项申请书.pdf b/manage/立项申请书.pdf new file mode 100644 index 0000000..df352ac Binary files /dev/null and b/manage/立项申请书.pdf differ diff --git a/manage/项目计划书.odt b/manage/项目计划书.odt new file mode 100644 index 0000000..f5d0748 Binary files /dev/null and b/manage/项目计划书.odt differ diff --git a/manage/项目计划书.pdf b/manage/项目计划书.pdf new file mode 100644 index 0000000..22bd15b Binary files /dev/null and b/manage/项目计划书.pdf differ diff --git a/requirement/SIC-产品需求说明书-V0.1.odt b/requirement/SIC-产品需求说明书-V0.1.odt new file mode 100644 index 0000000..e7e81aa Binary files /dev/null and b/requirement/SIC-产品需求说明书-V0.1.odt differ diff --git a/requirement/SIC-产品需求说明书-V0.1.pdf b/requirement/SIC-产品需求说明书-V0.1.pdf new file mode 100644 index 0000000..ba4793f Binary files /dev/null and b/requirement/SIC-产品需求说明书-V0.1.pdf differ diff --git a/requirement/SIC-用户需求说明书-V0.1.odt b/requirement/SIC-用户需求说明书-V0.1.odt new file mode 100644 index 0000000..c93b068 Binary files /dev/null and b/requirement/SIC-用户需求说明书-V0.1.odt differ diff --git a/requirement/SIC-用户需求说明书-V0.1.pdf b/requirement/SIC-用户需求说明书-V0.1.pdf new file mode 100644 index 0000000..17018f6 Binary files /dev/null and b/requirement/SIC-用户需求说明书-V0.1.pdf differ