#!/bin/sh set -e unset NO_CONFIRM unset NO_REMOVE unset REMOVE_REPORTS unset REMOVE_LOGS unset REMOVE_DB unset REMOVE_KEYS unset RM UNAME=`uname` help() { cat >&2 << 'HELP' tripwire_uninstall [-y] [-N] [ [-R] [-L] [-D] [-K] | [-A] ] -y no confirmation (unattended operation) -N dont remove binaries, docs and man pages -A remove everything (logs, reports, db and keys) -R remove reports -L remove logs -D remove db -K remove keys -N with -Y is valid HELP } while [ "$#" != 0 ]; do case "$1" in -y) NO_CONFIRM=1 ;; -N) NO_REMOVE=1 ;; -L) REMOVE_LOGS=1 ;; -D) REMOVE_DB=1 ;; -K) REMOVE_KEYS=1 ;; -A) REMOVE_LOGS=1 REMOVE_KEYS=1 REMOVE_DB=1 ;; *) help ; exit 1 esac shift done secure_rm() { case $UNAME in Darwin) /usr/bin/srm -vf -- "$@" ;; Linux) /usr/bin/shred -vfu -- "$@" ;; FreeBSD|*) # 3x wipe for FILE in "$@"; do /bin/dd if=/dev/random of="$FILE" bs=1 count=$(/usr/bin/wc -c < "$FILE" | /usr/bin/sed "s/[^0-9]//g") /bin/dd if=/dev/random of="$FILE" bs=1 count=$(/usr/bin/wc -c < "$FILE" | /usr/bin/sed "s/[^0-9]//g") /bin/dd if=/dev/random of="$FILE" bs=1 count=$(/usr/bin/wc -c < "$FILE" | /usr/bin/sed "s/[^0-9]//g") done rm -vf "$@" ;; esac } secure_rm_rf() { case $UNAME in Darwin) /usr/bin/srm -vrf -- "$@" ;; Linux) /usr/bin/find "$@" -type f -exec /usr/bin/shred -vfu -- {} \; rm -vrf "$@" ;; FreeBSD|*) # 3x wipe /usr/bin/find "$@" -type f | xargs -I% sh -c '/bin/dd if=/dev/random of="%" bs=1 count=$(/usr/bin/wc -c < "%" | /usr/bin/sed "s/[^0-9]//g")' /usr/bin/find "$@" -type f | xargs -I% sh -c '/bin/dd if=/dev/random of="%" bs=1 count=$(/usr/bin/wc -c < "%" | /usr/bin/sed "s/[^0-9]//g")' /usr/bin/find "$@" -type f | xargs -I% sh -c '/bin/dd if=/dev/random of="%" bs=1 count=$(/usr/bin/wc -c < "%" | /usr/bin/sed "s/[^0-9]//g")' rm -vrf "$@" ;; esac } if [ -n "$NO_CONFIRM" ]; then :; # noop else printf "Uninstall tripwire ? [Yn] " unset PROMPT read PROMPT if [ "$PROMPT" = 'y' ] || [ "$PROMPT" = 'Y' ]; then :; # noop else echo "user cancelled" >&2 exit 1 fi fi if [ -z "$NO_REMOVE" ]; then echo "removing tripwire binaries, scripts, docs and man pages" >&2 # binaries secure_rm "TRIPWIRE_ROOT/sbin/siggen" secure_rm "TRIPWIRE_ROOT/sbin/tripwire" secure_rm "TRIPWIRE_ROOT/sbin/twadmin" secure_rm "TRIPWIRE_ROOT/sbin/twprint" # scripts secure_rm "TRIPWIRE_ROOT/sbin/tripwire_"* # docs secure_rm_rf "TRIPWIRE_ROOT/doc/tripwire" # man pages secure_rm "TRIPWIRE_ROOT/share/man/man4/twconfig.4" secure_rm "TRIPWIRE_ROOT/share/man/man4/twpolicy.4" secure_rm "TRIPWIRE_ROOT/share/man/man5/twfiles.5" secure_rm "TRIPWIRE_ROOT/share/man/man8/siggen.8" secure_rm "TRIPWIRE_ROOT/share/man/man8/tripwire.8" secure_rm "TRIPWIRE_ROOT/share/man/man8/twadmin.8" secure_rm "TRIPWIRE_ROOT/share/man/man8/twintro.8" secure_rm "TRIPWIRE_ROOT/share/man/man8/twprint.8" fi if [ -n "$REMOVE_REPORTS" ]; then echo "removing tripwire reports" >&2 secure_rm "TRIPWIRE_ROOT/lib/tripwire/report"/*.twr fi if [ -n "$REMOVE_LOGS" ]; then echo "removing tripwire logs" >&2 secure_rm "TRIPWIRE_LOG_DIR/tripwire_periodic_"*.log fi if [ -n "$REMOVE_DB" ]; then echo "removing tripwire db" >&2 secure_rm "TRIPWIRE_ROOT/lib/tripwire"/*.twd* fi if [ -n "$REMOVE_KEYS" ]; then echo "removing tripwire keys" >&2 secure_rm "TRIPWIRE_ROOT/etc"/*.key fi echo "finished removing tripwire" >&2