[英]Need to automate the manual task using shell script
# find / -xdev -type f -perm -4000 -o -perm -2000 2>/dev/null -> To list out the full path of setuid program #find / -xdev -type f -perm -4000 -o -perm -2000 2> / dev / null->列出setuid程序的完整路径
After run the above command I will get the path of the program 运行上面的命令后,我将获得程序的路径
/usr/bin/wall
/usr/bin/chfn
/usr/bin/chage
/usr/bin/gpasswd
/usr/bin/newgrp
===================
So whatever the path it's coming,
I need to add the rule "grep path /etc/audit/audit.rules" example : path /usr/bin/newgrp 我需要添加规则“ grep path /etc/audit/audit.rules”示例:path / usr / bin / newgrp
echo "-a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
echo "-a always,exit -F path=/usr/bin/write -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
echo "-a always,exit -F path=/usr/bin/locate -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
echo "-a always,exit -F path=/usr/bin/wall -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
Please let me know is there anyway to automate the process without adding
manually using echo.
Thanks
Try this: 尝试这个:
find / -xdev -type f -perm -4000 -o -perm -2000 | xargs -I {XXX} printf "'-a always,exit -F path='{XXX} ' -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged'\n" >>/etc/audit/audit.rules
It pipes the find command which searches for set suid stuff to xargs which puts it's stuff from stdin (the stuff from find) in the corresponding place {XXX} in the printf. 它使用find命令将搜索到的suid填充到xargs中,从而将来自stdin的填充(来自find的填充)放入printf中相应的位置{XXX}。
Edit: took out usr/bin/ 编辑:取出usr / bin /
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.