#!/bin/csh -f
# tripwirereview
# -----------------------------------------------------------------------------
# Shell script to update Tripwire DB from latest Tripwire report
# -----------------------------------------------------------------------------
# Usage:  See Usage section below.
# Assumptions:
# Effects:
# - Updates Tripwire DB, after prompting user for changes to accept/reject.
# Notes:
# Implementation Notes:
# Portability Issues:
# Revision History:
#   $Log$
# -----------------------------------------------------------------------------

if ("$1" == "-h" || "$1" == "--help") then
   echo "Usage: $0:t [options]"
   echo "Where options can be any of the following:"
   echo "   -c   Run tripwire --check again after tripwire --update"
   exit 1
endif

# Re-run as root, if not already root
if ("`whoami`" != "root") then
    sudo $0:q $*:q
    exit $status
endif

# Find tripwire, in case it's not on the PATH
set tripwire_command = `whereis tripwire | cut -f 2 -d " "`

# Generate a current tripwire report, instead of just using the latest
# one.  This is in case more changes have been made since the last daily
# run of tripwire.
echo "$tripwire_command --check > /dev/null"
      $tripwire_command --check > /dev/null

set latest_tripwire_report=`ls -t /var/lib/tripwire/report/*.twr | head -1`

echo "$tripwire_command --update --twrfile $latest_tripwire_report"
      $tripwire_command --update --twrfile $latest_tripwire_report
if ("$1" == "-c") then
    echo "$tripwire_command --check"
          $tripwire_command --check
endif