Aurora

Name	Size	Permissions	Actions
..	-	-	-

#!/usr/bin/bash
# vi:syntax=sh

set -eo pipefail

progname=$(basename "$0")

sub_help(){
    echo "Usage: $progname <subcommand> [options]"
    echo ""
    echo "Subcommands:"
    echo "    init   [username ...]"
    echo "    disable"
    echo ""
    echo "For help with each subcommand run:"
    echo "$progname <subcommand> -h|--help"
    echo ""
}

subcommand=$1
KCARE_PROFILE='/etc/profile.d/kernelcare.sh'
KCARE_SUDOERS='/etc/sudoers.d/kernelcare'
TMP_SUDOERS="/root/kernelcare.sudoers.tmp"
KCARE_FALCON_OVERRIDE_DIR='/etc/systemd/system/falcon-sensor.service.d'
KCARE_FALCON_OVERRIDE="${KCARE_FALCON_OVERRIDE_DIR}/kcare-scanner-interface.conf"

function clean_env_file(){
    [ -f "$1" ] && sed -i '/kpatch_package/d' "$1" || :
}

function patch_env_file(){
    clean_env_file "$1"
    echo "$2${KCARE_PACKAGE_ENV}$3" >> "$1"
}

function patch_falcon(){
    # CrowdStrike Falcon's unit file declares no EnvironmentFile, so a
    # systemd drop-in is the only supported way to inject LD_PRELOAD.
    command -v systemctl >/dev/null 2>&1 || return 0
    systemctl cat falcon-sensor.service >/dev/null 2>&1 || return 0

mkdir -p "${KCARE_FALCON_OVERRIDE_DIR}"
    cat > "${KCARE_FALCON_OVERRIDE}" << FALCONOVERRIDE
# Managed by kcare-scanner-interface — do not edit manually
[Service]
Environment="${KCARE_PACKAGE_ENV}"
FALCONOVERRIDE
    chmod 0644 "${KCARE_FALCON_OVERRIDE}"
    systemctl daemon-reload >/dev/null 2>&1 || :
    echo "Restart falcon-sensor.service to apply: systemctl restart falcon-sensor.service"
}

function unpatch_falcon(){
    [ -f "${KCARE_FALCON_OVERRIDE}" ] || return 0
    rm -f "${KCARE_FALCON_OVERRIDE}"
    rmdir "${KCARE_FALCON_OVERRIDE_DIR}" 2>/dev/null || :
    command -v systemctl >/dev/null 2>&1 && systemctl daemon-reload >/dev/null 2>&1 || :
    echo "Restart falcon-sensor.service to drop the LD_PRELOAD wrapper: systemctl restart falcon-sensor.service"
}

function patch_agents(){
    # Patch environment of the Qualys agent
    patch_env_file "/etc/sysconfig/qualys-cloud-agent" 'export ' '.qualys'
    patch_env_file "/etc/default/qualys-cloud-agent" '' '.qualys'
    # Patch environment of the Nessus agent
    patch_env_file "/etc/sysconfig/nessusagent" '' ''
    # Patch environment of the CrowdStrike Falcon agent
    patch_falcon
}

function patch_bashrc(){
    BASHRC=$1
    SOURCE_LINE="test -f ${KCARE_PROFILE} && source ${KCARE_PROFILE} > /dev/null ||:"
    test -f "${BASHRC}" && sed -i "2 i${SOURCE_LINE}" "${BASHRC}" 2> /dev/null || :
}

function patch_user(){
    KCARE_SCANNER_USER=$1

# Setup scanner interface for one user defined in $KCARE_SCANNER_USER
    if [ "$KCARE_SCANNER_USER" == '*' ]; then
        cat >> ${KCARE_PROFILE} << PROFILECONTENT
export ${KCARE_PACKAGE_ENV}
PROFILECONTENT
    else
        # Ensure profile script always exits with code 0 to avoid breaking job execution
        cat >> ${KCARE_PROFILE} << PROFILECONTENT
[ \$(logname 2>/dev/null || echo \${SUDO_USER:-\$USER}) = ${KCARE_SCANNER_USER} ] && export ${KCARE_PACKAGE_ENV} || :
PROFILECONTENT
    fi

chmod 644 "${KCARE_PROFILE}"

rm -rf "${TMP_SUDOERS}"
    [ -f ${KCARE_SUDOERS} ] && cp ${KCARE_SUDOERS} ${TMP_SUDOERS}

# Patch environment for sudoers
    if [ -f /usr/sbin/visudo ]; then
        if [ "$KCARE_SCANNER_USER" == '*' ]; then
            echo "Defaults env_file=/usr/libexec/kcare/env" >> "${TMP_SUDOERS}"
        else
            echo "Defaults:$KCARE_SCANNER_USER env_file=/usr/libexec/kcare/env" >> "${TMP_SUDOERS}"
        fi
        /usr/sbin/visudo -cf ${TMP_SUDOERS} > /dev/null && cp ${TMP_SUDOERS} ${KCARE_SUDOERS} && chmod 0440 ${KCARE_SUDOERS}
    fi
}

sub_disable(){
  rm -f ${KCARE_PROFILE}
  rm -f ${KCARE_SUDOERS}

sed -i '/^SCANNER_USER=/d' /etc/sysconfig/kcare/kcare.conf || :
  sed -i "\,${KCARE_PROFILE},d" /etc/bash.bashrc 2> /dev/null || :
  sed -i "\,${KCARE_PROFILE},d" /etc/bashrc 2> /dev/null || :

clean_env_file /etc/sysconfig/qualys-cloud-agent
  clean_env_file /etc/default/qualys-cloud-agent
  clean_env_file /etc/sysconfig/nessusagent
  unpatch_falcon
}

sub_init(){

# Reset all before settings (re)applying
    echo 'Resetting.'
    sub_disable

KCARE_SCANNER_USERS=("$@")
    KCARE_PACKAGE_ENV='LD_PRELOAD=/usr/libexec/kcare/kpatch_package.so'

echo "${KCARE_PACKAGE_ENV}" > /usr/libexec/kcare/env

for KCARE_SCANNER_USER in "${KCARE_SCANNER_USERS[@]}"
    do
        if [ "$KCARE_SCANNER_USER" == 'any' ] || [ "$KCARE_SCANNER_USER" == 'root' ]; then
            if [ -z "$KCARE_SCANNER_USER_FORCE_ROOT" ]; then
                echo "Using 'any' or 'root' is strongly unrecommended."
                echo "Use 'KCARE_SCANNER_USER_FORCE_ROOT' environment variable to allow."
                exit 1
            fi
        fi

if [ "$KCARE_SCANNER_USER" == 'any' ] && ! id "$KCARE_SCANNER_USER" >/dev/null 2>&1; then
            echo Setting up a scanner-interface for all users
            patch_user '*'
        elif id "${KCARE_SCANNER_USER}" >/dev/null 2>&1; then
            echo Setting up a scanner-interface for "${KCARE_SCANNER_USER}"
            patch_user "${KCARE_SCANNER_USER}"
        elif [ "$KCARE_SCANNER_USER" == 'none' ] || [ -z "$KCARE_SCANNER_USER" ]; then
            echo "Setting up a scanner-interface for user is skipped. Use \`init <username>\` for user-based scanners."
        else
            echo "User $KCARE_SCANNER_USER does not exist"
            exit 2
        fi

done

# Config set
    echo "SCANNER_USER=${KCARE_SCANNER_USERS[*]}" >> /etc/sysconfig/kcare/kcare.conf

# Patch environment for noninterative shells
    patch_bashrc /etc/bash.bashrc
    patch_bashrc /etc/bashrc

echo Setting up scanner agents
    patch_agents
}

case $subcommand in
    "" | "-h" | "--help")
        sub_help
        ;;
    *)
        shift
        "sub_${subcommand}" "$@"
        if [ $? = 127 ]; then
            echo "Error: '$subcommand' is not a known subcommand." >&2
            echo "       Run '$progname --help' for a list of known subcommands." >&2
            exit 1
        fi
        ;;
esac

echo "Done."

Deprecated: version_compare(): Passing null to parameter #1 ($version1) of type string is deprecated in /home3/homscoke/public_html/wp-includes/load.php on line 159

Warning: require(/home3/homscoke/public_html/wp-includes/html-api/class-wp-html-doctype-info.php): Failed to open stream: No such file or directory in /home3/homscoke/public_html/wp-settings.php on line 258

Warning: require(/home3/homscoke/public_html/wp-includes/html-api/class-wp-html-doctype-info.php): Failed to open stream: No such file or directory in /home3/homscoke/public_html/wp-settings.php on line 258

Fatal error: Uncaught Error: Failed opening required '/home3/homscoke/public_html/wp-includes/html-api/class-wp-html-doctype-info.php' (include_path='.:/opt/cpanel/ea-php83/root/usr/share/pear') in /home3/homscoke/public_html/wp-settings.php:258 Stack trace: #0 /home3/homscoke/public_html/wp-config.php(102): require_once() #1 /home3/homscoke/public_html/wp-load.php(50): require_once('/home3/homscoke...') #2 /home3/homscoke/public_html/wp-blog-header.php(13): require_once('/home3/homscoke...') #3 /home3/homscoke/public_html/index.php(20): require('/home3/homscoke...') #4 {main} thrown in /home3/homscoke/public_html/wp-settings.php on line 258

Upload File

New Folder

New File

Add WordPress Admin

cPanel Password Reset

Edit: kcare-scanner-interface