Bash脚本:如何检查是否只有一个root id?
问题描述:
如何编辑我的脚本,以便检查是否只有一个根ID?Bash脚本:如何检查是否只有一个root id?
期望输出
Audit criteria: There is only one root id
Vulnerability: Yes
Details: See below
root:!:0:0::/:/usr/bin/bash
jdoe:*:0:1:John Doe:/home/jdoe:/usr/bin/bash
脚本
#!/bin/bash
isVulnerable="No"
isVulnerable="Yes"
cat /etc/passwd | cut -f3 -d":" | sort -n | /usr/bin/uniq -c | while read x ;
do
[ -z "${x}" ] && break
set - $x
if [ "$1" -gt 1 ]; then
users=`/bin/gawk -F: '($3 == n) { print $1 }' n=$2 /etc/passwd | /usr/bin/xargs`
echo "Audit Criteria: Duplicate UID ($2): ${users}"
echo "Vulnerability: ${isVulnerable}"
echo "Details: see below"
echo
grep "x:0:" /etc/passwd
else
echo "All user id are unique"
fi
done
答
这是很方便的使用,以收集与重复字段行AWK:
get_dups() {
awk -F':' '$3 == 0 { if (dup++) print } END { exit(dup > 1) }' /etc/passwd
}
如果在/etc/passwd
文件多个零的用户ID,功能与非零退出状态,并将具有重复的root用户标识的行打印到标准输出。否则,退出状态为零。
用法:
dups="$(get_dups)"
if [ $? -eq 0 ]; then
vulnerability='No'
msg='There is only one root ID'
else
vulnerability='Yes'
msg='There are multiple root IDs'
fi
printf '%15s: %s\n' 'Audit criteria' "$msg"
printf '%15s: %s\n' 'Vulnerability' "$vulnerability"
[ -z "$dups" ] && dups='All user IDs are unique'
printf '\n%s\n' "$dups"
答
你可以这样做:
ROOT_COUNT=$(cut -f3 -d":" </etc/passwd | grep -c ^0$)
然后,如果ROOT_COUNT
含有一种大于1,你^ h AVE多个用户使用UID 0
或'的grep -c'代替'WC -l'。或者你可以用一个小awk脚本替换整个管道。 – ghoti
@ghoti我更新了我的答案,之前从未注意到这个grep选项。谢谢! – Fred