#!/usr/bin/perl -w use strict; my $setuidtoday = "/var/log/setuid.today"; my $setuidyest = "/var/log/setuid.yesterday"; my $DIFF = "/usr/bin/diff"; print "Content-type: text/html\n\n"; print "SET SUID FILE CHECK \n"; print "SET SUID FILE CHECK\n"; if(-e $setuidtoday && $setuidyest) { print "Setuid lists exist!
\n"; print `$DIFF $setuidtoday $setuidyest`; } print "";
print `$DIFF $setuidtoday $setuidyest`;It works fine at the CLI but the output from diff is not displayed in the webpage, I can see why that is but dont know how to fix the issue... Also if anyone has any improvements please say. The reason I have not used any modules for HTML prasing etc... is because I haven't got that far in my study and i'd like to see what I can code with base perl before I branch out.
You say you know why, but don't elaborate. So, I suppose my first question is - why do you think it doesn't display in the webpage?
Without that information, my first guess is that diff isn't outputting HTML, so some of it may get lost by the webclient - but the data is still there. So I'd suggest something like:
print "The diff output is pre-formatted anyway. If you want to spice this up, you'll have to parse the output and deal with that yourself - but that's stage 4 or 5 of this process, I bet ;-)", `$DIFF ...`, "";
Minor nit: I think you mean if(-e $setuidtoday && -e $setuidyest). The -e operator doesn't go across the && the way you seem to think it does. Since $setuidyest is always true, the way you have it, that's a no-op. You probably want to test its existance.
It works fine at the CLI but the output from diff is not displayed in the webpage, I can see why that is but dont know how to fix the issue... Also if anyone has any improvements please say. The reason I have not used any modules for HTML prasing etc... is because I haven't got that far in my study and i'd like to see what I can code with base perl before I branch out.
If you don't use the modules for anything else -- use them for escaping the output from your diff command. Diff lines start with '<' and '>', which are special in HTML (as is '&') You need to encode them as : < > and &
Your other option is to serve the page as text/plain as opposed to text/html
my $out = `$DIFF $setuidtoday $setuidyest`; print $out;You might want to try:
use Data::Dumper; my $out = `$DIFF $setuidtoday $setuidyest`; print '', Data::Dumper->Dump([$out],['out']), '';
Code:
#!/usr/bin/perl -w use strict; my $setuidtoday = "/var/log/setuid.today"; my $setuidyest = "/var/log/setuid.yesterday"; my $DIFF = "/usr/bin/diff -u"; my $out = `$DIFF $setuidtoday $setuidyest`; print "Content-type: text/html\n\n"; print "SET SUID FILE CHECK \n"; print "\n"; print "SET SUID FILE CHECK
\n"; if(-e $setuidtoday && -e $setuidyest) { print "Setuid lists exist!
\n"; print "
\n"; print "$out\n"; } #print `$DIFF $setuidtoday $setuidyest`; print "";
CLI output:
Content-type: text/htmlSET SUID FILE CHECK SET SUID FILE CHECK
Setuid lists exist!
--- /var/log/setuid.today Wed Jul 12 03:03:52 2006 +++ /var/log/setuid.yesterday Fri Jun 30 03:03:13 2006 @@ -3,11 +3,11 @@ 31837 -r-sr-xr-x 1 root wheel 21792 Nov 3 08:10:37 2005 /sbin/ping 31838 -r-sr-xr-x 1 root wheel 28660 Nov 3 08:10:37 2005 /sbin/ping6 31850 -r-sr-x--- 1 root operator 10148 Nov 3 08:10:38 2005 /sbin/shutdown -1040389 -rws--x--x 1 root wheel 3348 Oct 12 20:39:40 2005 /usr/X11R6/bin/Eterm +1040389 -rws--x--x 1 root wheel 3348 Oct 12 20:39:40 2005 /usr/X11R6/bin/Eterm 1040154 -rws--x--x 1 root wheel 1664917 Oct 12 17:23:09 2005 /usr/X11R6/bin/Xorg -1040397 -rws--x--x 1 root wheel 94008 Oct 12 15:44:09 2005 /usr/X11R6/bin/aterm
WWW output:
SET SUID FILE CHECK SET SUID FILE CHECK
Setuid lists exist!
I really dont get this. file permissions are correct too.