File seccheck-2.0.diff of Package seccheck.import5707
--- README
+++ README 2002/11/11 08:50:12
@@ -24,8 +24,12 @@
last daily and weekly report via email.
Please note that you can change the receiver of the seccheck mails from root
-to anyone else if you add an entry like this one to /etc/rc.config:
+to anyone else if you add an entry like this one to /etc/sysconfig/seccheck:
SECCHK_USER="firewall" # exchange firewall is an admin user's account name
+
+Please also note that the START_SECCHK variable from /etc/sysconfig/seccheck
+controls whether the security check will be run from cron. (It's ignored, if
+you call security-control manually.)
The following daily checks are done:
/etc/passwd check : length/number/contents of fields, accounts with same uid
--- security-control.sh
+++ security-control.sh 2002/11/11 08:51:44
@@ -7,10 +7,16 @@
####
VERSION="v2.0"
-test -e /etc/rc.config || touch /etc/rc.config # prevent errors on non-SuSE
-. /etc/rc.config
+test -e /etc/sysconfig/seccheck && . /etc/sysconfig/seccheck
+
test -z "$SECCHK_USER" && SECCHK_USER="root"
+CRON=`ps ax|grep $PPID|grep -v grep| grep -i cron`
+if test "$START_SECCHK" != yes -a ! -z "$CRON"; then
+ echo "seccheck disabled by START_SECCHK"
+ exit 0
+fi
+
function syntax () {
/bin/echo "Syntax: $0 "'daily|weekly|monthly'
exit 1
@@ -26,7 +32,6 @@
}
test -z "$1" && syntax
-. /etc/rc.config
export PATH="/sbin:/usr/sbin:/bin:/usr/bin"
umask 077
@@ -66,7 +71,7 @@
{
echo "To: $SECCHK_USER"
echo -e "Subject: Local Daily Security for `hostname`: Changes\n"
- echo "SuSE daily security check $VERSION by Marc Heuse <marc@suse.de>"
+ echo "Daily security check $VERSION by Marc Heuse <marc@suse.de>"
echo "This is an automated mail by the seccheck tool. If you want to disable this"
echo "service, just type \"mv /etc/cron.d/seccheck /etc/cron.d_seccheck.save\"."
disclaimer
@@ -86,7 +91,7 @@
{
echo "To: $SECCHK_USER"
echo -e "Subject: Local Weekly Security for `hostname`: Changes\n"
- echo "SuSE weekly security check $VERSION by Marc Heuse <marc@suse.de>"
+ echo "Weekly security check $VERSION by Marc Heuse <marc@suse.de>"
echo "This is an automated mail by the seccheck tool. If you want to disable this"
echo "service, just type \"mv /etc/cron.d/seccheck /etc/cron.d_seccheck.save\"."
disclaimer
@@ -104,7 +109,7 @@
{
echo "To: $SECCHK_USER"
echo -e "Subject: Local Monthly Security for `hostname`: Complete\n"
- echo "SuSE monthly security check $VERSION by Marc Heuse <marc@suse.de>"
+ echo "Monthly security check $VERSION by Marc Heuse <marc@suse.de>"
echo "This is an automated mail by the seccheck tool. If you want to disable this"
echo "service, just type \"mv /etc/cron.d/seccheck /etc/cron.d_seccheck.save\"."
disclaimer
--- security-daily.sh
+++ security-daily.sh 2002/11/11 08:50:12
@@ -297,7 +297,7 @@
rhost=`ls -lcdbg ${homedir}/$j|sed 's/[%\]/_/g'`
printf "$uid: $rhost\n"
test -f "$j" && { # still a race, however ...
- if egrep + ${homedir}/$j > /dev/null ; then
+ if egrep \\+ ${homedir}/$j > /dev/null ; then
printf "\t(has got a plus (+) sign!)\n"
fi
}