#!/bin/bash
#
# Bash strict mode.
set -uo pipefail
# State file to check.
STATE_FILE="/root/etc/exec_file_poisoning_detector/last_run_summary.state"
# Allowed time difference in seconds. Default: 43200 seconds (12 hours).
ALLOWED_TIME_DIFF=43200

# Check if the state file exists and is not empty.
if [[ ! -e "${STATE_FILE}" ]]; then
  echo "ERROR: State file ${STATE_FILE} does not exist."
  exit 2
fi

# Check the last modification time of the state file and if it is empty.
current_time=$(date +%s)
state_file_mod_time=$(stat -c %Y "${STATE_FILE}")
time_diff=$((current_time - state_file_mod_time))
if [[ ! -s "${STATE_FILE}" ]]; then
  if (( time_diff > ALLOWED_TIME_DIFF )); then
    echo "CRITICAL: State file ${STATE_FILE} is empty and was modified more than $((ALLOWED_TIME_DIFF / 3600)) hours ago."
    exit 2
  else
    echo "WARNING: State file ${STATE_FILE} is empty."
    exit 1
  fi
elif (( time_diff > ALLOWED_TIME_DIFF )); then
  echo "CRITICAL!: State file ${STATE_FILE} was modified more than $((ALLOWED_TIME_DIFF / 3600)) hours ago."
  exit 2
fi

# Get the last line of the state file.
last_line=$(tail -n 1 "${STATE_FILE}")
if [[ "${last_line}" == *"OK!"* ]]; then
  echo "${last_line}"
  exit 0
elif [[ "${last_line}" == *"WARNING!"* ]]; then
  echo "${last_line}"
  exit 1
elif [[ "${last_line}" == *"CRITICAL!"* ]]; then
  echo "${last_line}"
  exit 2
elif [[ "${last_line}" == *"ERROR!"* ]]; then
  echo "${last_line}"
  exit 2
else
  echo "UNKNOWN: ${last_line}"
  exit 3
fi