check-rsyslog.sh 1.7KB

12345678910111213141516171819202122232425262728293031323334353637
  1. #!/bin/bash
  2. case "$1" in
  3. owned)
  4. if [ "$(sed -e '/^#/d' -e '/^[ \t][ \t]*#/d' -e 's/#.*$//' -e '/^$/d' /etc/rsyslog.conf | grep FileOwner | awk '{print $2}')" != "root" ];then
  5. exit 1
  6. fi
  7. sed -e '/^#/d' -e '/^[ \t][ \t]*#/d' -e 's/#.*$//' -e '/^$/d' /etc/rsyslog.conf | sed -e '/\$/d' | awk '{print $2}' | sed -e '/^:/d' -e '/|/d' -e 's/^-//g' -e '/^$/d' | \
  8. while read line;do
  9. if [ -f $line ] && [ "$(ls -alh $line | awk '{print $3}')" != "root" ];then
  10. exit 1
  11. fi
  12. done
  13. ;;
  14. group-owned)
  15. if [ "$(sed -e '/^#/d' -e '/^[ \t][ \t]*#/d' -e 's/#.*$//' -e '/^$/d' /etc/rsyslog.conf | grep FileGroup | awk '{print $2}')" != "root" ];then
  16. exit 1
  17. fi
  18. sed -e '/^#/d' -e '/^[ \t][ \t]*#/d' -e 's/#.*$//' -e '/^$/d' /etc/rsyslog.conf | sed -e '/\$/d' | awk '{print $2}' | sed -e '/^:/d' -e '/|/d' -e 's/^-//g' -e '/^$/d' | \
  19. while read line;do
  20. if [ -f $line ] && [ "$(ls -alh $line | awk '{print $4}')" != "root" ];then
  21. exit 1
  22. fi
  23. done
  24. ;;
  25. mode)
  26. sed -e '/^#/d' -e '/^[ \t][ \t]*#/d' -e 's/#.*$//' -e '/^$/d' /etc/rsyslog.conf | sed -e '/\$/d' | awk '{print $2}' | sed -e '/^:/d' -e '/|/d' -e 's/^-//g' -e '/^$/d' | \
  27. while read line;do
  28. bash check-mode.sh $line 600
  29. if [ $? -eq 1 ];then
  30. exit 1
  31. fi
  32. done
  33. ;;
  34. esac