Scribd
Upload
50 views

Scriptsal

This document contains a series of Linux commands to check for various security issues and configuration problems including: - Checking permissions on directories in the $PATH and users' home directories - Verifying password and group files for duplicate or invalid entries - Checking for unused groups or users - Identifying permissions and ownership issues with users' home directories and files

Uploaded by

Sal N
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
50 views

Scriptsal

This document contains a series of Linux commands to check for various security issues and configuration problems including: - Checking permissions on directories in the $PATH and users' home directories - Verifying password and group files for duplicate or invalid entries - Checking for unused groups or users - Identifying permissions and ownership issues with users' home directories and files

Uploaded by

Sal N
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

for x in $(echo $PATH | tr ":" " ") ; do

if [ -d "$x" ] ; then
ls -ldH "$x" | awk '
$9 == "." {print "PATH contains current working directory (.)"}
$3 != "root" {print $9, "is not owned by root"}
substr($1,6,1) != "-" {print $9, "is group writable"}
substr($1,9,1) != "-" {print $9, "is world writable"}'
else
echo "$x is not a directory"
fi
done

grep '^\+:' /etc/shadow

grep '^\+:' /etc/group

awk -F: '($3 == 0) { print $1 }' /etc/passwd

grep -E -v '^(halt|sync|shutdown)' /etc/passwd | awk -F: '($7 != "'"$(which


nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while read user
dir; do
if [ ! -d "$dir" ]; then
echo "The home directory ($dir) of user $user does not exist."
else
dirperm=$(ls -ld $dir | cut -f1 -d" ")
if [ $(echo $dirperm | cut -c6) != "-" ]; then
echo "Group Write permission set on the home directory ($dir) of user
$user"
fi
if [ $(echo $dirperm | cut -c8) != "-" ]; then
echo "Other Read permission set on the home directory ($dir) of user
$user"
fi
if [ $(echo $dirperm | cut -c9) != "-" ]; then
echo "Other Write permission set on the home directory ($dir) of user
$user"
fi
if [ $(echo $dirperm | cut -c10) != "-" ]; then
echo "Other Execute permission set on the home directory ($dir) of user
$user"
fi
fi
done

grep -E -v '^(halt|sync|shutdown)' /etc/passwd | awk -F: '($7 != "'"$(which


nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while read user
dir; do
if [ ! -d "$dir" ]; then
echo "The home directory ($dir) of user $user does not exist."
else
owner=$(stat -L -c "%U" "$dir")
if [ "$owner" != "$user" ]; then
echo "The home directory ($dir) of user $user is owned by $owner."
fi
fi
done

grep -E -v '^(halt|sync|shutdown)' /etc/passwd | awk -F: '($7 != "'"$(which


nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while read user
dir; do
if [ ! -d "$dir" ]; then
echo "The home directory ($dir) of user $user does not exist."
else
for file in $dir/.[A-Za-z0-9]*; do
if [ ! -h "$file" -a -f "$file" ]; then
fileperm=$(ls -ld $file | cut -f1 -d" ")
if [ $(echo $fileperm | cut -c6) != "-" ]; then
echo "Group Write permission set on file $file"
fi
if [ $(echo $fileperm | cut -c9) != "-" ]; then
echo "Other Write permission set on file $file"
fi
fi
done
fi
done

grep -E -v '^(root|halt|sync|shutdown)' /etc/passwd | awk -F: '($7 !=


"'"$(which nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while
read user dir; do
if [ ! -d "$dir" ]; then
echo "The home directory ($dir) of user $user does not exist."
else
if [ ! -h "$dir/.forward" -a -f "$dir/.forward" ]; then
echo ".forward file $dir/.forward exists"
fi
fi
done

grep -E -v '^(root|halt|sync|shutdown)' /etc/passwd | awk -F: '($7 !=


"'"$(which nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while
read user dir; do
if [ ! -d "$dir" ]; then
echo "The home directory ($dir) of user $user does not exist."
else
if [ ! -h "$dir/.netrc" -a -f "$dir/.netrc" ]; then
echo ".netrc file $dir/.netrc exists"
fi
fi
done
grep -E -v '^(root|halt|sync|shutdown)' /etc/passwd | awk -F: '($7 !=
"'"$(which nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while
read user dir; do
if [ ! -d "$dir" ]; then
echo "The home directory ($dir) of user $user does not exist."
else
for file in $dir/.netrc; do
if [ ! -h "$file" -a -f "$file" ]; then
fileperm=$(ls -ld $file | cut -f1 -d" ")
if [ $(echo $fileperm | cut -c5) != "-" ]; then
echo "Group Read set on $file"
fi
if [ $(echo $fileperm | cut -c6) != "-" ]; then
echo "Group Write set on $file"
fi
if [ $(echo $fileperm | cut -c7) != "-" ]; then
echo "Group Execute set on $file"
fi
if [ $(echo $fileperm | cut -c8) != "-" ]; then
echo "Other Read set on $file"
fi
if [ $(echo $fileperm | cut -c9) != "-" ]; then
echo "Other Write set on $file"
fi
if [ $(echo $fileperm | cut -c10) != "-" ]; then
echo "Other Execute set on $file"
fi
fi
done
fi
done

grep -E -v '^(root|halt|sync|shutdown)' /etc/passwd | awk -F: '($7 !=


"'"$(which nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while
read user dir; do
if [ ! -d "$dir" ]; then
echo "The home directory ($dir) of user $user does not exist."
else
for file in $dir/.rhosts; do
if [ ! -h "$file" -a -f "$file" ]; then
echo ".rhosts file in $dir"
fi
done
fi
done

for i in $(cut -s -d: -f4 /etc/passwd | sort -u ); do


grep -q -P "^.*?:[^:]*:$i:" /etc/group
if [ $? -ne 0 ]; then
echo "Group $i is referenced by /etc/passwd but does not exist in
/etc/group"
fi
done

cut -f3 -d":" /etc/passwd | sort -n | uniq -c | while read x ; do


[ -z "$x" ] && break
set - $x
if [ $1 -gt 1 ]; then
users=$(awk -F: '($3 == n) { print $1 }' n=$2 /etc/passwd | xargs)
echo "Duplicate UID ($2): $users"
fi
done

cut -d: -f3 /etc/group | sort | uniq -d | while read x ; do


echo "Duplicate GID ($x) in /etc/group"
done

cut -d: -f1 /etc/passwd | sort | uniq -d | while read x


do echo "Duplicate login name ${x} in /etc/passwd"
done

cut -d: -f1 /etc/group | sort | uniq -d | while read x


do echo "Duplicate group name ${x} in /etc/group"
done

grep ^shadow:[^:]*:[^:]*:[^:]+ /etc/group AND awk -F: '($4 == "<shadow-gid>")


{ print }' /etc/passwd

grep -E -v '^(halt|sync|shutdown)' /etc/passwd | awk -F: '($7 != "'"$(which


nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while read -r user
dir; do
if [ ! -d "$dir" ]; then
echo "The home directory ($dir) of user $user does not exist."
fi
done

You might also like