#!/bin/sh

set -e

CHKROOTKIT=/usr/sbin/chkrootkit
CF=/etc/chkrootkit.conf
LOG_DIR=/var/log/chkrootkit
IGNORE_FILE=/dev/null

if [ ! -x $CHKROOTKIT ]; then
  exit 0
fi

if [ -f $CF ]; then
    . $CF
fi

if [ ! -r "${IGNORE_FILE}" ]; then
 IGNORE_FILE=/dev/null
fi


if [ "$RUN_DAILY" = "true" ]; then
    if [ "$DIFF_MODE" = "true" ]; then
				eval $CHKROOTKIT $RUN_DAILY_OPTS 2>&1 | egrep -v -f "${IGNORE_FILE}" > $LOG_DIR/log.today || true
        if [ ! -f $LOG_DIR/log.expected ]; then
						echo "ERROR: No file $LOG_DIR/log.expected"
						echo "This file should contain expected output from chkrootkit"
						echo
						echo "Today's run produced the following output:"
						echo "--- [ BEGIN: cat $LOG_DIR/log.today  ] ---"
						cat $LOG_DIR/log.today
						echo "--- [ END: cat $LOG_DIR/log.today ] ---"
						echo
						echo "To create this file containing all output from today's run, do (as root)"
						echo "# cp -a $LOG_DIR/log.today $LOG_DIR/log.expected"
				elif ! diff -q $LOG_DIR/log.expected $LOG_DIR/log.today > /dev/null 2>&1; then
						echo "ERROR: chkrootkit output was not as expected."
						echo
						echo "The difference is:"
						echo "---[ BEGIN: diff -u $LOG_DIR/log.expected $LOG_DIR/log.today ] ---"
						diff -u $LOG_DIR/log.expected $LOG_DIR/log.today || true
						echo "---[ END: diff -u $LOG_DIR/log.expected $LOG_DIR/log.today ] ---"
						echo
           					echo "To update the expected output, run (as root)"
						echo "#  cp -a -f $LOG_DIR/log.today $LOG_DIR/log.expected"
        fi
    else
        eval $CHKROOTKIT $RUN_DAILY_OPTS 2>&1 | (egrep -v -f "${IGNORE_FILE}") || true
    fi
fi