/etc/cron.daily/integrit is in integrit 4.1-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 | #!/bin/sh
# /etc/cron.daily/integrit : integrit daily cron job
# initially written by Andras Bali
test -x /usr/sbin/integrit || exit 0
test -f /etc/integrit/integrit.debian.conf || exit 0
CONFIGS=""
. /etc/integrit/integrit.debian.conf
test -n "$CONFIGS" || exit 0
if test -z "$EMAIL_RCPT"; then
echo "EMAIL_RCPT must be set in /etc/integrit/integrit.debian.conf" >&2
exit 1
fi
REPORT="/var/lib/integrit/current.report.$$"
cp /dev/null "$REPORT"
trap "rm -f \"$REPORT\"" EXIT
rc=0
for i in $CONFIGS; do
known=`sed -n 's/^ *known *= *\(.\+\) *$/\1/p' <$i |head -n1`
current=`sed -n 's/^ *current *= *\(.\+\) *$/\1/p' <$i |head -n1`
if test -z "$known" -o -z "$current"; then
echo "known and/or current not set in $i, skipping." >&2; echo
continue
fi
OPTS='-cu'
test -e "$known" || OPTS='-u'
echo "start: integrit -C $i $OPTS"
RC=0
nice integrit -C $i "$OPTS" 2>&1 || RC="$?"
echo "exit: $RC"; echo
if test "$RC" -eq 0; then
test -e "$known" || cp "$current" "$known"
else
rc="$RC"
fi
done >>"$REPORT"
test "$rc" -ne 0 || test "$ALWAYS_EMAIL" = 'true' || exit 0
mail -s "$EMAIL_SUBJ" "$EMAIL_RCPT" <"$REPORT"
|