diff -cr openaudit/scripts/audit_linux.sh openaudit-mod/scripts/audit_linux.sh
*** openaudit/scripts/audit_linux.sh	2009-09-09 23:13:38.000000000 -0300
--- openaudit-mod/scripts/audit_linux.sh	2009-09-09 22:21:39.000000000 -0300
***************
*** 6,13 ****
  OA_VERBOSE=y
  OA_SAFEMODE=n
  
! # Change this to nothing if you want to track ALL installed packages on dpkg systems.
! OA_PACKAGES="apt azureus bash build-essential cdparanoia cdrdao cdrecord cpp cron cupsys cvs dbus dhcp3-client diff dpkg epiphany-browser esound evolution firefox flashplugin-nonfree foomatic-db g++ gaim gcc gdm gedit gimp gnome-about gnucash gnumeric gtk+ httpd inkscape iptables k3b kdebase koffice libgnome2-0 linux-image-386 metacity mozilla-browser mysql-admin mysql-query-browser mysql-server-4.1 nautilus openoffice.org openssh-client openssh-server perl php4 php5 postfix postgresql python python2.4 rdesktop rhythmbox samba-common sendmail smbclient subversion sun-j2re1.5 swf-player synaptic thunderbird tsclient udev vim vlc vnc-common webmin xfce xmms xserver-xorg"
  OA_DPKG_TRACK=$OA_PACKAGES
  OA_YUM_TRACK=$OA_PACKAGES
  OA_PKG_TRACK=$OA_PACKAGES
--- 6,13 ----
  OA_VERBOSE=y
  OA_SAFEMODE=n
  
! # Keep this in nothing if you want to track ALL installed packages on dpkg systems or put that packages that you wanna monitor
! OA_PACKAGES=""
  OA_DPKG_TRACK=$OA_PACKAGES
  OA_YUM_TRACK=$OA_PACKAGES
  OA_PKG_TRACK=$OA_PACKAGES
***************
*** 37,42 ****
--- 37,43 ----
      OA_WGET=`which wget`
      OA_WHOAMI=`which whoami`
      OA_YUM=`which yum 2>/dev/null`
+     OA_RPM=`which rpm 2>/dev/null`
  else
      OA_AWK=/usr/bin/awk
      OA_CAT=/bin/cat
***************
*** 60,65 ****
--- 61,67 ----
      OA_WGET=/usr/bin/wget
      OA_WHOAMI=/usr/bin/whoami
      OA_YUM=/usr/bin/yum
+     OA_RPM=/bin/rpm
  fi
  
  # TODO: Bail out if any of the above are missing (or handle some optional packages?)
***************
*** 147,155 ****
                  distribution="Yellow dog"
                  OS_RELEASE=`$OA_CAT /etc/yellowdog-release`
                  OS_PCK_MGR=''
-             elif distribution="unknown"
-                 OS_RELEASE="unknown"
-                 OS_PCK_MGR=''
              elif test -f /etc/issue; then
                  distribution="Ubuntu"
                  OS_RELEASE=`$OA_CAT /etc/issue`
--- 149,154 ----
***************
*** 158,167 ****
                  distribution="Debian"
                  OS_RELEASE=`$OA_CAT /etc/debian_version`
                  OS_PCK_MGR=$OA_DPKG
-             else test -f /etc/debian-version; then
-                 distribution="Debian"
-                 OS_RELEASE=`$OA_CAT /etc/debian-version`
-                 OS_PCK_MGR=$OA_DPKG
              fi
  fi
  
--- 157,162 ----
***************
*** 193,199 ****
  do
    NET_DNS="$i"
  done
! for i in `$OA_HAL_FIND --key linux.subsystem --string net`
  do
    NET_PARENT=`$OA_HAL_GET --udi $i --key info.parent`
    NET_NAME=`$OA_HAL_GET --udi $i --key net.interface`
--- 188,194 ----
  do
    NET_DNS="$i"
  done
! for i in `$OA_HAL_FIND --key linux.subsystem --string net | $OA_GREP -v 'loopback'`
  do
    NET_PARENT=`$OA_HAL_GET --udi $i --key info.parent`
    NET_NAME=`$OA_HAL_GET --udi $i --key net.interface`
***************
*** 201,211 ****
    NET_DESCRIPTION=`$OA_HAL_GET --udi $i --key info.product`
    NET_DEVICE=`$OA_HAL_GET --udi $NET_PARENT --key info.product`
    NET_MANUFACTURER=`$OA_HAL_GET --udi $NET_PARENT --key info.vendor`
!   if [ "`$OA_IFCONFIG $NET_NAME | $OA_GREP 'inet addr'`" ]
    then
        NET_IP=`$OA_IFCONFIG $NET_NAME | $OA_GREP -w inet | $OA_CUT -d":" -f2 | $OA_CUT -d" " -f1`
        NET_IPV6=`$OA_IFCONFIG $NET_NAME | $OA_GREP -w inet6 | $OA_CUT -d" " -f13`
        NET_SUBNET=`$OA_IFCONFIG $NET_NAME | $OA_GREP -w inet | $OA_CUT -d":" -f4 | $OA_CUT -d" " -f1`
    else
        # Interface is not online
        NET_IP="--.--.--.--"
--- 196,213 ----
    NET_DESCRIPTION=`$OA_HAL_GET --udi $i --key info.product`
    NET_DEVICE=`$OA_HAL_GET --udi $NET_PARENT --key info.product`
    NET_MANUFACTURER=`$OA_HAL_GET --udi $NET_PARENT --key info.vendor`
!   if [ "`$OA_IFCONFIG $NET_NAME | $OA_GREP 'inet'`" ]
    then
+     if [ $distribution = "RedHat" ]
+      then
+       NET_IP=`$OA_IFCONFIG $NET_NAME | $OA_GREP -w inet | $OA_CUT -d":" -f2 | $OA_CUT -d" " -f2`
+       NET_IPV6=`$OA_IFCONFIG $NET_NAME | $OA_GREP -w inet6 | $OA_CUT -d" " -f13`
+       NET_SUBNET=`$OA_IFCONFIG $NET_NAME | $OA_GREP -w inet | $OA_CUT -d":" -f4 | $OA_CUT -d" " -f1`
+      else
        NET_IP=`$OA_IFCONFIG $NET_NAME | $OA_GREP -w inet | $OA_CUT -d":" -f2 | $OA_CUT -d" " -f1`
        NET_IPV6=`$OA_IFCONFIG $NET_NAME | $OA_GREP -w inet6 | $OA_CUT -d" " -f13`
        NET_SUBNET=`$OA_IFCONFIG $NET_NAME | $OA_GREP -w inet | $OA_CUT -d":" -f4 | $OA_CUT -d" " -f1`
+     fi
    else
        # Interface is not online
        NET_IP="--.--.--.--"
***************
*** 396,408 ****
      OA_OLDCOLUMNS=$COLUMNS
      COLUMNS=160
  
!     OA_ALL_PACKAGES=`$OA_YUM list installed 2> /dev/null | $OA_GREP " installed *$"`
  
      if [ "$OA_YUM_TRACK" = "" ]
      then
          for OA_PACKAGE_LINE in $OA_ALL_PACKAGES; do
!             OA_PACKAGE_NAME=`echo $OA_PACKAGE_LINE | $OA_AWK '{print $1}' 2> /dev/null`
!             OA_PACKAGE_VERSION=`echo $OA_PACKAGE_LINE | $OA_AWK '{print $2}' 2> /dev/null`
     
              if [ "$OA_PACKAGE_NAME" ] && [ "$OA_PACKAGE_VERSION" ]
              then
--- 398,410 ----
      OA_OLDCOLUMNS=$COLUMNS
      COLUMNS=160
  
!     OA_ALL_PACKAGES=`$OA_RPM -qa --queryformat='%{name}:%{version}-%{release}\n'`
  
      if [ "$OA_YUM_TRACK" = "" ]
      then
          for OA_PACKAGE_LINE in $OA_ALL_PACKAGES; do
!             OA_PACKAGE_NAME=`echo $OA_PACKAGE_LINE | $OA_AWK -F: '{print $1}' 2> /dev/null`
!             OA_PACKAGE_VERSION=`echo $OA_PACKAGE_LINE | $OA_AWK -F: '{print $2}' 2> /dev/null`
     
              if [ "$OA_PACKAGE_NAME" ] && [ "$OA_PACKAGE_VERSION" ]
              then
Only in openaudit-mod/scripts: audit_linux.sh~