#!/bin/sh

# /etc/cron.daily/integrit : integrit daily cron job
# written by Andras Bali

[ -x /usr/sbin/integrit ] || exit 0
[ -f /etc/integrit/integrit.debian.conf ] || exit 0
. /etc/integrit/integrit.debian.conf

for config in $CONFIGS; do
    known=$(egrep '^ *known *= *.+' $config | sed 's/^ *known *= *\(.\+\)$/\1/')
    current=$(egrep '^ *current *= *.+' $config | sed 's/^ *current *= *\(.\+\)$/\1/')
    options="-cu"
    if [ ! -f "$known" ]; then
	if [ -f "$current" ]; then
		mv "$current" "$known"
	else
		options="-u"
	fi
    else
	if [ -f "$current" ]; then
		savelog -m 640 -u root -g root -c $SAVECYCLE "$known" > /dev/null
		mv "$current" "$known"
	fi
    fi
    output=$(nice integrit -C $config $options 2>&1)
    
    # * UNCOMMENT the two following lines marked with `# !' if you don't
    # * want to receive reports if no mismatches were found
    
    # ! if [ "$(echo "$output" | egrep -v '^integrit: ')" ]; then
    	message=$(echo "$message" && echo "$output")
    # ! fi
done

if [ "$(echo "$message")" ]; then
	echo "$message" | mail -s "$EMAIL_SUBJ" "$EMAIL_RCPT"
fi

