def check_config_file(conf_file)
kasp_file = nil
begin
File.open((conf_file + "").untaint , 'r') {|file|
begin
doc = REXML::Document.new(file)
rescue Exception => e
log(LOG_CRIT, "Can't understand #{conf_file} - exiting")
exit(1)
end
begin
facility = doc.elements['Configuration/Common/Logging/Syslog/Facility'].text
syslog_facility = eval "Syslog::LOG_" + (facility.upcase+"").untaint
@syslog = syslog_facility
rescue Exception => e
print "Error reading syslog config : #{e}\n"
end
begin
kasp_file = doc.elements['Configuration/Common/PolicyFile'].text
rescue Exception
log(LOG_ERR, "Can't read KASP policy location from conf.xml - exiting")
end
warned_users = []
doc.root.each_element('//Privileges/User') {|user|
next if (warned_users.include?(user.text))
begin
Etc.getpwnam((user.text+"").untaint).uid
rescue ArgumentError
warned_users.push(user.text)
log(LOG_ERR, "User #{user.text} does not exist")
end
}
warned_groups = []
doc.root.each_element('//Privileges/Group') {|group|
next if (warned_groups.include?(group.text))
begin
Etc.getgrnam((group.text+"").untaint).gid
rescue ArgumentError
warned_groups.push(group.text)
log(LOG_ERR, "Group #{group.text} does not exist")
end
}
check_db(doc)
@repositories = {}
doc.elements.each('Configuration/RepositoryList/Repository') {|repository|
name = repository.attributes['name']
if (@repositories.keys.include?name)
log(LOG_ERR, "Two repositories exist with the same name (#{name})")
end
mod = repository.elements['Module'].text
if (!File.exist?((mod+"").untaint))
log(LOG_ERR, "Module #{mod} in Repository #{name} cannot be found")
end
tokenlabel = repository.elements['TokenLabel'].text
if (@repositories.values.include?([mod, tokenlabel]))
log(LOG_ERR, "Multiple Repositories in #{conf_file} have the same Module (#{mod}) and TokenLabel (#{tokenlabel}), for Repository #{name}")
end
@repositories[name] = [mod, tokenlabel]
}
["Enforcer/Interval", "Enforcer/RolloverNotification"].each {|element|
doc.root.each_element("//"+element) {|el| check_duration_element_proc(el, "conf.xml", element, conf_file)}
}
}
return ((kasp_file+"").untaint)
rescue Errno::ENOENT
log(LOG_ERR, "Can't find config file : #{conf_file}")
return nil
end
end