Open-AudIT

The OS that shows up when audit-linux.sh is run on an OpenSUSE 10.2 box we have at work shows us as "Novell" for the OS

I modified parts of audit-linux.sh to fix this (so the OS shows up as OpenSUSE and VERSION shows us as 10.2) - anyone interested in that?

Definitely, please post the code changes.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.

Yes, I'm interested as well!

Sorry guys I posted and then promptly was inundated with work, and forgot about my post here

Under audit_linux.sh, there's a section that "figures out" the OS based on files in /etc:

[code]
if [ "$name" = "Linux" ]
then if test -f /etc/redhat-release; then
distribution="RedHat"
OS_RELEASE=`$OA_CAT /etc/redhat-release`
OS_PCK_MGR=$OA_YUM
elif test -f /etc/redhat-version; then
distribution="RedHat"
OS_RELEASE=`$OA_CAT /etc/redhat-version`
OS_PCK_MGR=$OA_YUM
elif test -f /etc/fedora-release; then
distribution="Fedora"
OS_RELEASE=`$OA_CAT /etc/fedora-release`
OS_PCK_MGR=$OA_YUM
elif test -f /etc/mandrake-release; then
distribution="Mandrake"
OS_RELEASE=`$OA_CAT /etc/mandrake-release`
OS_PCK_MGR='urpmi'
elif test -f /etc/SuSE-release; then
distribution=`$OA_CAT /etc/SuSE-release | $OA_GREP SUSE | $OA_CUT -d " " -f1`
OS_RELEASE=`$OA_CAT /etc/SuSE-release | $OA_GREP SUSE | $OA_CUT -d " " -f2`
OS_PCK_MGR=$OA_RPM
[/code]

At the bottom there you can see where I've modified the script that looks at /etc/SuSE-release - this has my audit DB reporting properly now, as OpenSUSE 10.2 instead of the genereic "Novell"

There's more to it than that as well... I added "OA_RPM" for the software audit because OpenSUSE has no YUM commands.

I guess it makes more sense to get a diff/patch together than posting all the changes, so you guys can see for yourselves. I'll work on that.

Anyone know the diff command I need to run offhand? I know it's something along the lines of

[code]diff audit_linux.sh audit_linux_ericsver.sh[/code]

I think I've gotten a diff together against OA's audit_linux.sh svn and mine... I'm just pasting it here because .txt attachments aren't allowed

[code]13a18
> OA_RPM_TRACK=$OA_PACKAGES
39a45
> OA_RPM=`which rpm 2>/dev/null`
127,129c134,136
< distribution="Novell SuSE"
< OS_RELEASE=`$OA_CAT /etc/SuSE-release`
< OS_PCK_MGR=$OA_YUM
---
> distribution=`$OA_CAT /etc/SuSE-release | $OA_GREP SUSE | $OA_CUT -d " " -f1`
> OS_RELEASE=`$OA_CAT /etc/SuSE-release | $OA_GREP SUSE | $OA_CUT -d " " -f2`
> OS_PCK_MGR=$OA_RPM
279c287,288
< echo "system03^^^$mount_point^^^$version^^^Linux^^^$distribution - $OS_RELEASE^^^$country^^^ ^^^ ^^^ ^^^ ^^^ ^^^$SYSTEM_SERIAL^^^ ^^^$version^^^^^^" >> $ReportFile
---
> echo "system03^^^$mount_point^^^$version^^^Linux^^^$distribution $OS_RELEASE^^^ ^^^ ^^^ ^^^ ^^^ ^^^ ^^^ ^^^$SYSTEM_SERIAL^^^ ^^^$version^^^^^^" >> $ReportFile
>
361a371,393
>
> if [ "$OS_PCK_MGR" == "$OA_RPM" ]
> then
>
> if [ "$OA_RPM_TRACK" == "" ]
> then
> OA_INTERESTING_PACKAGES=`$OA_RPM -qa`
> else
> OA_INTERESTING_PACKAGES=`$OA_RPM -q $OA_RPM_TRACK`
> fi
>
> for OA_PACKAGE_LINE in $OA_INTERESTING_PACKAGES
> do
> OA_PACKAGE_NAME=`echo $OA_PACKAGE_LINE | $OA_AWK '{ match($0, /^([a-zA-Z\-]*)\-([0-9].*)$/, a); print a[1] }' 2> /dev/null`
> OA_PACKAGE_VERSION=`echo $OA_PACKAGE_LINE | $OA_AWK '{ match($0, /^([a-zA-Z\-]*)\-([0-9].*)$/, a); print a[2] }' 2> /dev/null`
>
> if [ "$OA_PACKAGE_NAME" ] && [ "$OA_PACKAGE_VERSION" ]
> then
> echo "software^^^$OA_PACKAGE_NAME^^^$OA_PACKAGE_VERSION^^^^^^^^^^^^^^^^^^^^^^^^^^^" >> $ReportFile
> fi
> done
> fi
>
[/code]