CVE-2016-4484

Admin/arch-update

@@ -5,7 +5,8 @@ date > $LOGFILE
 
 # Update
 echo == Updating Arch Packages == >> $LOGFILE
-pacman -Syu --noconfirm 2>&1 >> $LOGFILE
+# pacman -Syu --noconfirm 2>&1 >> $LOGFILE # I've been having troubles with this causing crashes while online.
+checkupdates >> $LOGFILE
 echo >> $LOGFILE
 
 # Get AUR list of update candidates
@@ -13,11 +14,6 @@ echo == AUR Candidate List == >> $LOGFILE
 cower -u >> $LOGFILE
 echo >> $LOGFILE
 
-# Clean cache
-echo == Cleaning Cache == >> $LOGFILE
-paccache -r >> $LOGFILE
-echo >> $LOGFILE
-
 # Generate list of installed packages
 echo == Generated installed-packages list == >> $LOGFILE
 pacman --color never -Qem > /var/log/installed-packages.txt
@@ -30,4 +26,4 @@ echo >> $LOGFILE
 date >> $LOGFILE
 printf '\n\n' >> $LOGFILE
 
-cat $LOGFILE | mail -s "AniNIX::$(hostname) update log" sh1k0b4@gmail.com
+cat $LOGFILE | mail -s "AniNIX::$(hostname) Update Candidates" sh1k0b4@gmail.com

Admin/silent-guardian

@@ -1,5 +1,5 @@
 #!/bin/bash
-
+DEPRIV=depriv
 if [ ! -f /usr/local/src/SharedLibraries/Bash/header ]; then
     echo This script requires the SharedLibraries package.
     exit 1;
@@ -7,27 +7,29 @@ fi
 source /usr/local/src/SharedLibraries/Bash/header
 export logfile="/var/log/silent-guardian.log"
 
-
 logstatement "Started $(date)"
 
 # Fix the Webserver permissions
-chown -R cxford:http /srv/http/*
+if [ -f /srv/http ]; then
+chown -R $DEPRIV:http /srv/http/*
 find /srv/http/* -type f -exec chmod 0640 {} \;
 find /srv/http/* -type d -exec chmod 0750 {} \;
+fi;
 
 # Fix the media permissions
-chown -R cxford:http /srv/yggdrasil
-find /srv/yggdrasil/ -type f -exec chmod 0440 {} \;
-find /srv/yggdrasil/ -type d -exec chmod 0550 {} \;
-chmod -R u+w /srv/yggdrasil/new_acquisition
-
+if [ -f /usr/lib/systemd/system/yggdrasil.service ]; then
+    chown -R $DEPRIV:http /srv/yggdrasil
+    /usr/local/bin/yggdrasil-lock
+fi
 # fix the WolfPack results location
-find /srv/WolfPackResults -type d -exec chmod 0755 {} \;
-find /srv/WolfPackResults -type f -exec chmod 0644 {} \;
+if [ -x /usr/local/bin/wolfpack ]; then 
+    find /srv/wolfpack -type d -exec chmod 0755 {} \;
+    find /srv/wolfpack -type f -exec chmod 0644 {} \;
+fi
 
 # Seal the special directories.
 for i in $(ls -a /srv/yggdrasil/Digital_Library/ | egrep '^\.[a-zA-Z0-9]+$'); do    
-    chown cxford:cxford -R $i;
+    chown $DEPRIV:$DEPRIV -R $i;
     find $i -type f -exec chmod 0400 {} \;
     find $i -type d -exec chmod 0500 {} \;
 done
@@ -39,11 +41,17 @@ find /root -type d -exec chmod 0700 {} \;
 
 # Guard home directories
 chmod 0750 /home/*
-chmod 0700 /home/.root-only/
 
 # Guard API's
-chmod 0750 /usr/local/bin/api-keys
-chown root:api /usr/local/bin/api-keys
+if [ -f /usr/local/bin/api-keys ]; then
+    chmod 0750 /usr/local/bin/api-keys
+    chown root:api /usr/local/bin/api-keys
+fi
+
+# Guard LDAP
+if [ -d /etc/openldap ]; then 
+    chown ldap:ldap /var/lib/openldap/openldap-data/*
+fi
 
 logstatement "Ended $(date)"
 logstatement " "