#!/usr/bin/perl -wT # # ========================================================================== # # Zone Minder Audit Script, $Date$, $Revision$ # Copyright (C) 2002 Philip Coombes # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # # ========================================================================== # # This script checks for consistency between the event filesystem and # the database. If events are found in one and not the other they are # deleted (optionally). Additionally any monitor event directories that # do not correspond to a database monitor are similarly disposed of. # However monitors in the database that don't have a directory are left # alone as this is valid if they are newly created and have no events # yet. # # ========================================================================== # # These are the elements you need to edit to suit your installation # # ========================================================================== use constant DB_NAME => "zm"; use constant DB_USER => "zmadmin"; use constant DB_PASS => "zmadminzm"; use constant IMAGE_PATH => "@WEB_PREFIX@/images"; use constant EVENT_PATH => "@WEB_PREFIX@/events"; use constant LOG_FILE => '/tmp/zmaudit.log'; # ========================================================================== # # You shouldn't need to change anything from here downwards # # ========================================================================== use strict; use DBI; use Getopt::Long; use Term::ReadKey; $| = 1; my $report = 0; my $yes = 0; my $delay = 0; sub usage { print( " Usage: zme.pl [-r,-report|-y,-yes] [-d ,-delay=] Parameters are :- -r, --report - Just report don't actually do anything -y, --yes - Just do all actions without confirmation -d , --delay= - how long to delay between each pass, the default of 0 means run once only. "); exit( -1 ); } sub confirm { my $yesno = $yes?1:0; if ( $report ) { print( "\n" ); } elsif ( $yes ) { print( ", deleting\n" ); } else { print( ", delete y/n: " ); my $char = ReadKey( 0 ); #print( "C:'".ord($char)."'\n" ); if ( $char eq 'q' ) { print( "\n" ); ReadMode( 'restore' ); exit( 0 ); } if ( ord($char) == 10 ) { $char = 'y'; } else { print( "$char\n" ); } if ( $char eq "a" ) { $yes = 1; return( 1 ); } $yesno = ( $char =~ /[yY]/ ); } return( $yesno ); } if ( !GetOptions( 'report'=>\$report, 'yes'=>\$yes, 'delay=i'=>\$delay ) ) { usage(); } if ( $report && $yes ) { print( STDERR "Error, only one of --report and --yes may be specified\n" ); usage(); } my $dbh = DBI->connect( "DBI:mysql:".DB_NAME, DB_USER, DB_PASS ); chdir( EVENT_PATH ); ( $ENV{PATH} ) = ( $ENV{PATH} =~ /^(.*)$/ ); ( $ENV{BASH_ENV} ) = ( $ENV{BASH_ENV} =~ /^(.*)$/ ); if ( !$yes && !$report ) { ReadMode( 'cbreak' ); } if ( $delay ) # Background mode { open( LOG, ">>".LOG_FILE ) or die( "Can't open log file: $!" ); open( STDOUT, ">&LOG" ) || die( "Can't dup stdout: $!" ); select( STDOUT ); $| = 1; open( STDERR, ">&LOG" ) || die( "Can't dup stderr: $!" ); select( STDERR ); $| = 1; select( LOG ); $| = 1; } my $max_image_age = 15/(24*60); # 15 Minutes my $image_path = IMAGE_PATH; do { my $fs_monitors; foreach my $monitor ( <*> ) { print( "Found filesystem monitor '$monitor'" ); my $fs_events = $fs_monitors->{$monitor} = {}; ( my $monitor_dir ) = ( $monitor =~ /^(.*)$/ ); # De-taint chdir( $monitor_dir ); foreach my $event ( <*> ) { $fs_events->{$event} = !undef; } chdir( '..' ); print( ", got ".int(keys(%$fs_events))." events\n" ); } my $db_monitors; my $sql = "select * from Monitors order by Name"; my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); my $sql2 = "select * from Events where MonitorId = ? order by Id"; my $sth2 = $dbh->prepare_cached( $sql2 ) or die( "Can't prepare '$sql2': ".$dbh->errstr() ); my $res = $sth->execute() or die( "Can't execute: ".$sth->errstr() ); while( my $monitor = $sth->fetchrow_hashref() ) { print( "Found database monitor '$monitor->{Name}'" ); my $db_events = $db_monitors->{$monitor->{Name}} = {}; my $res = $sth2->execute( $monitor->{Id} ) or die( "Can't execute: ".$sth2->errstr() ); while ( my $event = $sth2->fetchrow_hashref() ) { $db_events->{$event->{Id}} = !undef; } print( ", got ".int(keys(%$db_events))." events\n" ); $sth2->finish(); } $sth->finish(); while ( my ( $fs_monitor, $fs_events ) = each(%$fs_monitors) ) { if ( my $db_events = $db_monitors->{$fs_monitor} ) { if ( $fs_events ) { while ( my ( $fs_event, $val ) = each(%$fs_events ) ) { if ( !$db_events->{$fs_event} ) { print( "Filesystem event '$fs_monitor/$fs_event' does not exist in database" ); if ( confirm() ) { my $command = "/bin/rm -rf ".EVENT_PATH."/$fs_monitor/$fs_event"; qx( $command ); } } } } } else { print( "Filesystem monitor '$fs_monitor' does not exist in database" ); if ( confirm() ) { my $command = "rm -rf ".EVENT_PATH."/$fs_monitor"; qx( $command ); } } } my $sql3 = "delete from Monitors where Id = ?"; my $sth3 = $dbh->prepare_cached( $sql3 ) or die( "Can't prepare '$sql3': ".$dbh->errstr() ); my $sql4 = "delete from Events where Id = ?"; my $sth4 = $dbh->prepare_cached( $sql4 ) or die( "Can't prepare '$sql4': ".$dbh->errstr() ); my $sql5 = "delete from Frames where EventId = ?"; my $sth5 = $dbh->prepare_cached( $sql5 ) or die( "Can't prepare '$sql5': ".$dbh->errstr() ); my $sql6 = "delete from Stats where EventId = ?"; my $sth6 = $dbh->prepare_cached( $sql6 ) or die( "Can't prepare '$sql6': ".$dbh->errstr() ); while ( my ( $db_monitor, $db_events ) = each(%$db_monitors) ) { if ( my $fs_events = $fs_monitors->{$db_monitor} ) { if ( $db_events ) { while ( my ( $db_event, $val ) = each(%$db_events ) ) { if ( !$fs_events->{$db_event} ) { print( "Database event '$db_monitor/$db_event' does not exist in filesystem" ); if ( confirm() ) { my $res = $sth4->execute( $db_event ) or die( "Can't execute: ".$sth4->errstr() ); $res = $sth5->execute( $db_event ) or die( "Can't execute: ".$sth5->errstr() ); $res = $sth6->execute( $db_event ) or die( "Can't execute: ".$sth5->errstr() ); } } } } } else { print( "Database monitor '$db_monitor' does not exist in filesystem" ); if ( confirm() ) { # We don't actually do this in case it's new #my $res = $sth3->execute( $db_monitor ) or die( "Can't execute: ".$sth3->errstr() ); } } } my $sql7 = "select distinct EventId from Frames left join Events on Frames.EventId = Events.Id where isnull(Events.Id)"; my $sth7 = $dbh->prepare_cached( $sql7 ) or die( "Can't prepare '$sql7': ".$dbh->errstr() ); $res = $sth7->execute() or die( "Can't execute: ".$sth7->errstr() ); while( my $frame = $sth7->fetchrow_hashref() ) { print( "Found orphaned frame records for event '$frame->{EventId}'" ); if ( confirm() ) { $res = $sth5->execute( $frame->{EventId} ) or die( "Can't execute: ".$sth7->errstr() ); } } my $sql8 = "select distinct EventId from Stats left join Events on Stats.EventId = Events.Id where isnull(Events.Id)"; my $sth8 = $dbh->prepare_cached( $sql8 ) or die( "Can't prepare '$sql8': ".$dbh->errstr() ); $res = $sth8->execute() or die( "Can't execute: ".$sth8->errstr() ); while( my $stat = $sth8->fetchrow_hashref() ) { print( "Found orphaned statistic records for event '$stat->{EventId}'" ); if ( confirm() ) { $res = $sth6->execute( $stat->{EventId} ) or die( "Can't execute: ".$sth8->errstr() ); } } # Now delete any old wap image files if ( my @old_files = grep { -M > $max_image_age } <$image_path/*-wap-*.{jpg,gif,wbmp}> ) { print( "Deleting ".int(@old_files)." old wap images\n" ); my $untainted_old_files = join( ";", @old_files ); ( $untainted_old_files ) = ( $untainted_old_files =~ /^(.*)$/ ); unlink( split( ";", $untainted_old_files ) ); } sleep( $delay ) if ( $delay ); } while( $delay ); if ( !$yes && !$report ) { ReadMode( 'restore' ); }