From c06c99cbd385cab121eb7314d03abdbda07fd188 Mon Sep 17 00:00:00 2001
From: blymn <blymn@NetBSD.org>
Date: Sat, 23 Nov 2002 10:25:03 +0000
Subject: [PATCH] Example signature generating scripts.

---
 share/examples/veriexecctl/Makefile | 12 ++++++++++++
 share/examples/veriexecctl/gen_md5  | 26 ++++++++++++++++++++++++++
 share/examples/veriexecctl/gen_sha1 | 26 ++++++++++++++++++++++++++
 3 files changed, 64 insertions(+)
 create mode 100644 share/examples/veriexecctl/Makefile
 create mode 100755 share/examples/veriexecctl/gen_md5
 create mode 100755 share/examples/veriexecctl/gen_sha1

diff --git a/share/examples/veriexecctl/Makefile b/share/examples/veriexecctl/Makefile
new file mode 100644
index 000000000000..9e64c7087862
--- /dev/null
+++ b/share/examples/veriexecctl/Makefile
@@ -0,0 +1,12 @@
+#	$NetBSD: Makefile,v 1.1 2002/11/23 10:25:03 blymn Exp $
+
+NOOBJ=	# defined
+
+.include <bsd.own.mk>
+
+.if ${MKSHARE} != "no"
+FILES=	gen_md5 gen_sha1
+FILESDIR=/usr/share/examples/veriexecctl
+.endif
+
+.include <bsd.prog.mk>
diff --git a/share/examples/veriexecctl/gen_md5 b/share/examples/veriexecctl/gen_md5
new file mode 100755
index 000000000000..127aaaa1be6a
--- /dev/null
+++ b/share/examples/veriexecctl/gen_md5
@@ -0,0 +1,26 @@
+#!/bin/sh
+#
+#	$NetBSD: gen_md5,v 1.1 2002/11/23 10:25:04 blymn Exp $
+#
+# This is a helper script that scans all the file systems for
+# executables and generates an entry in the signatures file for
+# each one found.  The script is probably best run by root and
+# will move the old signatures file prior to starting the real work.
+#
+mv signatures signatures.old
+echo "Fingerprinting the system, this may take a while...."
+#
+find / \( \( -fstype ffs -a ! -iregex '^/proc.*' -a -type f -a \( -perm -0100 -o -perm -0010 -o -perm -0001 \) \) -o -name 'lib*so*' \) -print | while read line
+do
+	echo "Fingerprinting $line"
+	hash=`md5 $line | cut -d'=' -f2 | tr -d ' '`
+	flag=""
+	if [ ! -x $line ]
+	then
+	    flag="	FILE"
+	fi
+	if [ "${hash}" != "" ]
+	then
+		echo "$line	md5	${hash}${flag}" >> signatures
+	fi
+done
diff --git a/share/examples/veriexecctl/gen_sha1 b/share/examples/veriexecctl/gen_sha1
new file mode 100755
index 000000000000..071cde60283a
--- /dev/null
+++ b/share/examples/veriexecctl/gen_sha1
@@ -0,0 +1,26 @@
+#!/bin/sh
+#
+#	$NetBSD: gen_sha1,v 1.1 2002/11/23 10:25:04 blymn Exp $
+#
+# This is a helper script that scans all the file systems for
+# executables and generates an entry in the signatures file for
+# each one found.  The script is probably best run by root and
+# will move the old signatures file prior to starting the real work.
+#
+mv signatures signatures.old
+echo "Fingerprinting the system, this may take a while...."
+#
+find / \( \( -fstype ffs -a ! -iregex '^/proc.*' -a -type f -a \( -perm -0100 -o -perm -0010 -o -perm -0001 \) \) -o -name 'lib*so*' \) -print | while read line
+do
+	echo "Fingerprinting $line"
+	hash=`sha1 $line | cut -d'=' -f2 | tr -d ' '`
+	flag=""
+	if [ ! -x $line ]
+	then
+	    flag="	FILE"
+	fi
+	if [ "${hash}" != "" ]
+	then
+		echo "$line	sha1	${hash}${flag}" >> signatures
+	fi
+done