/[smeserver]/rpms/smeserver-audittools/sme9/smeserver-audittools-1.4.0-groups-users.patch
ViewVC logotype

Contents of /rpms/smeserver-audittools/sme9/smeserver-audittools-1.4.0-groups-users.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Wed Dec 18 05:01:12 2013 UTC (10 years, 11 months ago) by wellsi
Branch: MAIN
CVS Tags: smeserver-audittools-1_4_0-3_el6_sme, smeserver-audittools-1_4_0-2_el6_sme, HEAD
* Tue Dec 17 2013 Ian Wells <esmith@wellsi.com> 1.4.0-2.sme
- Add an audit for groups, by Stephane de Labrusse [SME: 1208]

1 diff -Nur smeserver-audittools-1.4.0-old/root/sbin/e-smith/audittools/groups-users smeserver-audittools-1.4.0/root/sbin/e-smith/audittools/groups-users
2 --- smeserver-audittools-1.4.0-old/root/sbin/e-smith/audittools/groups-users 1970-01-01 01:00:00.000000000 +0100
3 +++ smeserver-audittools-1.4.0/root/sbin/e-smith/audittools/groups-users 2013-12-15 18:28:30.167798024 +0100
4 @@ -0,0 +1,133 @@
5 +#!/bin/bash
6 +#------------------------------------------------------------------------
7 +# The purpose of this tool is to verify correct GID and UID of essential
8 +# groups and users of SME and to display all users, groups, ibays set in
9 +# the collaboration panel of server-manager.
10 +#------------------------------------------------------------------------
11 +##admin
12 +a=`id admin`
13 +a1=`id admin -u`
14 +a2=`id admin -g`
15 +a4=`awk -F: '$1=="admin" { print $1,$3 }' /etc/group`
16 +##Test conditions
17 +if [ $a1 = "101" ] && [ $a2 = "101" ]
18 +then
19 +a3="....Good!!!"
20 +else
21 +a3="....Error!!!"
22 +fi
23 +if [[ -n "$a4" ]]; then
24 +a5="....Good!!!"
25 +else
26 +a5="....Error!!!"
27 +fi
28 +
29 +##www
30 +b=`id www`
31 +b1=`id www -u`
32 +b2=`id www -g`
33 +b4=`awk -F: '$1=="www" { print $1,$3 }' /etc/group`
34 +
35 +##Test conditions
36 +if [ $b1 = "102" ] && [ $b2 = "102" ]
37 +then
38 +b3="....Good!!!"
39 +else
40 +b3="....Error!!!"
41 +fi
42 +if [[ -n "$b4" ]]; then
43 +b5="....Good!!!"
44 +else
45 +b5="....Error!!!"
46 +fi
47 +
48 +##apache
49 +c=`id apache`
50 +c1=`id apache -u`
51 +c2=`id apache -g`
52 +c4=`awk -F: '$1=="apache" { print $1,$3 }' /etc/group`
53 +
54 +##Test conditions
55 +if [ $c1 = "102" ] && [ $c2 = "102" ]
56 +then
57 +c3="....Good!!!"
58 +else
59 +c3="....Error!!!"
60 +fi
61 +if [[ -n "$c4" ]]; then
62 +c5="....Good!!!"
63 +else
64 +c5="....Error!!!"
65 +fi
66 +
67 +##public
68 +d=`id public`
69 +d1=`id public -u`
70 +d2=`id public -g`
71 +d4=`awk -F: '$1=="public" { print $1,$3 }' /etc/group`
72 +
73 +##Test conditions
74 +if [ $d1 = "103" ] && [ $d2 = "103" ]
75 +then
76 +d3="....Good!!!"
77 +else
78 +d3="....Error!!!"
79 +fi
80 +if [[ -n "$d4" ]]; then
81 +d5="....Good!!!"
82 +else
83 +d5="....Error!!!"
84 +fi
85 +
86 +##smelog
87 +e=`id smelog`
88 +e1=`id smelog -u`
89 +e2=`id smelog -g`
90 +e4=`awk -F: '$1=="smelog" { print $1,$3 }' /etc/group`
91 +
92 +##Test conditions
93 +if [ $e1 = "1002" ] && [ $e2 = "1002" ]
94 +then
95 +e3="....Good!!!"
96 +else
97 +e3="....Error!!!"
98 +fi
99 +if [[ -n "$e4" ]]; then
100 +e5="....Good!!!"
101 +else
102 +e5="....Error!!!"
103 +fi
104 +
105 +##display uid/gid
106 +echo "* The user/group 'admin' needs a UID/GID of 101 : " $a3
107 +echo $a
108 +echo "* The group 'admin' needs to be written in /etc/group : " $a4 $a5
109 +echo ""
110 +echo "* The user/group 'www' needs a UID/GID of 102 : " $b3
111 +echo $b
112 +echo "* The group 'www' needs to be written in /etc/group : " $b4 $b5
113 +echo ""
114 +echo "* The user/group 'apache' needs a UID/GID of 102 : " $c3
115 +echo $c
116 +echo "* The group 'apache' needs to be written in /etc/group : " $c4 $c5
117 +echo ""
118 +echo "* The user/group 'public' needs a UID/GID of 103 : " $d3
119 +echo $d
120 +echo "* The group 'public' needs to be written in /etc/group : " $d4 $d5
121 +echo ""
122 +echo "* The user/group 'smelog' needs a UID/GID of 1002 : " $e3
123 +echo $e
124 +echo "* The group 'smelog' needs to be written in /etc/group : " $e4 $e5
125 +echo
126 +##display all users of server-manager
127 +echo "* All users created in the server-manager with their UID/GID"
128 +cat /etc/passwd | grep 'users' |sort| sed "s/:/ /g"| sed "s/x/ /g"
129 +echo ""
130 +##display all groups of server-manager
131 +echo "* All groups created in the server-manager with their GID"
132 +awk -F: '$3== '500' || $3 >= '5000' && $3 < '65534' { print $1,$3,$4 }' /etc/group | sort
133 +echo ""
134 +##display all ibays created
135 +echo "* All ibays created in the server-manager with their UID/GID"
136 +cat /etc/passwd | grep 'ibays' |sort | sed "s/:/ /g"| sed "s/x/ /g"| sed "s|/bin/false| |g"
137 +

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed