103 lines
3.4 KiB
Bash
103 lines
3.4 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
OUT_DIR="/var/log/saikyo-evidence"
|
|
TS="$(date -u +%Y%m%dT%H%M%SZ 2>/dev/null || date +%s)"
|
|
OUT_FILE="${OUT_DIR}/saikyo-evidence-${TS}.log"
|
|
|
|
mkdir -p "${OUT_DIR}" 2>/dev/null || true
|
|
chmod 0755 "${OUT_DIR}" 2>/dev/null || true
|
|
|
|
dumpln() {
|
|
printf '\n==== %s ====\n' "$1"
|
|
}
|
|
|
|
{
|
|
echo "saikyo_evidence_version=1"
|
|
echo "timestamp_utc=${TS}"
|
|
|
|
dumpln "os-release"
|
|
cat /etc/os-release 2>/dev/null || true
|
|
|
|
dumpln "lsb-release"
|
|
cat /etc/lsb-release 2>/dev/null || true
|
|
|
|
dumpln "uname"
|
|
uname -a 2>/dev/null || true
|
|
|
|
dumpln "dpkg saikyo packages"
|
|
dpkg -l 2>/dev/null | grep -i saikyo || true
|
|
|
|
dumpln "apt sources"
|
|
if [ -f /etc/apt/sources.list ]; then
|
|
echo "--- /etc/apt/sources.list ---"
|
|
sed -n '1,200p' /etc/apt/sources.list 2>/dev/null || true
|
|
fi
|
|
if [ -d /etc/apt/sources.list.d ]; then
|
|
echo "--- /etc/apt/sources.list.d ---"
|
|
ls -la /etc/apt/sources.list.d 2>/dev/null || true
|
|
for f in /etc/apt/sources.list.d/*; do
|
|
[ -e "$f" ] || continue
|
|
echo "--- $f ---"
|
|
sed -n '1,200p' "$f" 2>/dev/null || true
|
|
done
|
|
fi
|
|
|
|
dumpln "apt sources forbidden patterns"
|
|
grep -RIn --line-number -E 'deb\.debian\.org|security\.debian\.org|cdrom:|archive\.ubuntu\.com' /etc/apt/sources.list /etc/apt/sources.list.d 2>/dev/null || true
|
|
|
|
dumpln "apt periodic config"
|
|
if [ -f /etc/apt/apt.conf.d/20saikyo-periodic ]; then
|
|
echo "20saikyo-periodic=present"
|
|
cat /etc/apt/apt.conf.d/20saikyo-periodic 2>/dev/null || true
|
|
else
|
|
echo "20saikyo-periodic=MISSING"
|
|
fi
|
|
|
|
dumpln "auto update units state"
|
|
for u in apt-daily.timer apt-daily-upgrade.timer unattended-upgrades.service packagekit-offline-update.timer packagekit-offline-update.service; do
|
|
echo "unit=${u} enabled=$(systemctl is-enabled "$u" 2>/dev/null || echo unknown) active=$(systemctl is-active "$u" 2>/dev/null || echo unknown) masked=$(systemctl is-masked "$u" 2>/dev/null || echo unknown)"
|
|
done
|
|
|
|
dumpln "packagekit state"
|
|
echo "packagekit enabled=$(systemctl is-enabled packagekit.service 2>/dev/null || echo unknown) active=$(systemctl is-active packagekit.service 2>/dev/null || echo unknown) masked=$(systemctl is-masked packagekit.service 2>/dev/null || echo unknown)"
|
|
|
|
dumpln "system timers (filtered)"
|
|
systemctl list-timers --all 2>/dev/null | grep -E 'apt|unattended|packagekit|flatpak|snap' || true
|
|
|
|
dumpln "license"
|
|
if command -v saikyo-license >/dev/null 2>&1; then
|
|
echo "saikyo-license=present"
|
|
if /usr/sbin/saikyo-license verify >/dev/null 2>&1; then
|
|
echo "license_verify=ok"
|
|
else
|
|
echo "license_verify=fail"
|
|
fi
|
|
else
|
|
echo "saikyo-license=missing"
|
|
fi
|
|
|
|
dumpln "secure boot"
|
|
if command -v mokutil >/dev/null 2>&1; then
|
|
mokutil --sb-state 2>&1 || true
|
|
mokutil --list-enrolled 2>/dev/null || true
|
|
else
|
|
echo "mokutil=missing"
|
|
fi
|
|
|
|
dumpln "branding files"
|
|
ls -la /usr/share/saikyo-os 2>/dev/null || true
|
|
ls -la /usr/share/wallpapers/Saikyo/contents/images 2>/dev/null || true
|
|
ls -la /usr/share/sddm/themes/Saikyo 2>/dev/null || true
|
|
|
|
dumpln "visible Debian/Plasma strings (best effort)"
|
|
grep -RIn --line-number -E '\bDebian\b|\bPlasma\b' /usr/share/applications /usr/share/metainfo 2>/dev/null | head -n 50 || true
|
|
|
|
} >"${OUT_FILE}" 2>/dev/null
|
|
|
|
chmod 0644 "${OUT_FILE}" 2>/dev/null || true
|
|
ln -sfn "$(basename "${OUT_FILE}")" "${OUT_DIR}/latest.log" 2>/dev/null || true
|
|
|
|
echo "Wrote ${OUT_FILE}"
|
|
exit 0
|