diff options
Diffstat (limited to 'cron-sh')
-rwxr-xr-x | cron-sh/security.sh | 13 | ||||
-rwxr-xr-x | cron-sh/security_check.sh | 10 |
2 files changed, 13 insertions, 10 deletions
diff --git a/cron-sh/security.sh b/cron-sh/security.sh index b6636b5..01d3e4c 100755 --- a/cron-sh/security.sh +++ b/cron-sh/security.sh @@ -7,6 +7,8 @@ fi . /etc/security/msec/security.conf +[[ ${MAIL_WARN} == yes ]] && [ -z ${MAIL_USER} ] && MAIL_USER="root" + export SUID_ROOT_TODAY="/var/log/security/suid_root.today" SUID_ROOT_YESTERDAY="/var/log/security/suid_root.yesterday" SUID_ROOT_DIFF="/var/log/security/suid_root.diff" @@ -130,12 +132,13 @@ Maillog() { text=${2} if [[ ${MAIL_WARN} == yes ]]; then - if [[ ! -z ${MAIL_USER} ]]; then - if [[ -x /bin/mail ]]; then - cat ${text} | /bin/mail -s "${subject}" "${MAIL_USER}" - fi - fi + if [[ -z ${MAIL_USER} ]]; then + MAIL_USER="root" + fi + if [[ -x /bin/mail ]]; then + cat ${text} | /bin/mail -s "${subject}" "${MAIL_USER}" fi + fi } ################## diff --git a/cron-sh/security_check.sh b/cron-sh/security_check.sh index a5ad71c..5055b52 100755 --- a/cron-sh/security_check.sh +++ b/cron-sh/security_check.sh @@ -62,7 +62,7 @@ while read username uid homedir; do for f in ${list} ; do file="${homedir}/${f}" if [[ -f ${file} ]] ; then - printf "${uid} ${username} ${file} `ls -ldcgn ${file}`\n" + printf "${uid} ${username} ${file} `ls -Lldcgn ${file}`\n" fi done done | awk '$1 != $6 && $6 != "0" \ @@ -91,7 +91,7 @@ while read username uid homedir; do for f in ${list} ; do file=${homedir}/${f} if [[ -f ${file} ]] ; then - printf "${uid} ${username} ${file} `ls -ldcgn ${file}`\n" + printf "${uid} ${username} ${file} `ls -Lldcgn ${file}`\n" fi done done | awk '$1 != $6 && $6 != "0" \ @@ -110,9 +110,9 @@ fi awk -F: '/^[^+-]/ { print $1 " " $3 " " $6 }' /etc/passwd | \ while read username uid homedir; do if [[ -d ${homedir} ]] ; then - realuid=`ls -ldgn ${homedir}| awk '{ print $3 }'` - realuser=`ls -ldg ${homedir}| awk '{ print $3 }'` - permissions=`ls -ldg ${homedir}| awk '{ print $1 }'` + realuid=`ls -Lldgn ${homedir}| awk '{ print $3 }'` + realuser=`ls -Lldg ${homedir}| awk '{ print $3 }'` + permissions=`ls -Lldg ${homedir}| awk '{ print $1 }'` printf "${permissions} ${username} (${uid}) ${realuser} (${realuid})\n" fi done | awk '$3 != $5 && $5 != "(0)" \ |