113 lines
5.4 KiB
Bash
113 lines
5.4 KiB
Bash
|
#!/bin/bash
|
||
|
#The hole idea of how to get the origin files' permission is learned from http://sysadminnotebook.blogspot.com/2012/06/how-to-reset-folder-permissions-to.html
|
||
|
|
||
|
TDIR=`mktemp -d`
|
||
|
cd $TDIR
|
||
|
aptitude download auditd
|
||
|
FILES=`dpkg -c auditd*.deb | sed -e '/^d/d' | \
|
||
|
sed '/audit.rules$/p;s/\/etc\/audit\/rules.d\/audit.rules$/\/etc\/audit\/audit.rules/'`
|
||
|
DIRECTORY=`dpkg -c auditd*.deb | sed -n '/^d/p' | \
|
||
|
sed -e '/\/usr\/share\/man/d'`
|
||
|
case $1 in
|
||
|
permission)
|
||
|
echo "$FILES" | while read FILE;
|
||
|
do
|
||
|
echo "$FILE" | awk '{print $6}' | sed -e 's/^.//g' | while read line;
|
||
|
do
|
||
|
ORIGIN=$(echo "$FILE" | awk '{print $1}')
|
||
|
CURRENT=$(ls -l "$line" | awk '{print $1}')
|
||
|
if [ "$CURRENT" != "$ORIGIN" ];then
|
||
|
echo "ORIGIN:$FILE"
|
||
|
echo "CURRENT:$(ls -l $line)"
|
||
|
exit 1
|
||
|
fi
|
||
|
done
|
||
|
done
|
||
|
echo "$DIRECTORY" | while read DIR;
|
||
|
do
|
||
|
echo "$DIR" | awk '{print $6}' | sed -e 's/^.//g' | while read line;
|
||
|
do
|
||
|
ORIGIN=$(echo "$DIR" | awk '{print $1}' )
|
||
|
CURRENT=$(ls -dl "$line" | awk '{print $1}' )
|
||
|
if [ "$CURRENT" != "$ORIGIN" ];then
|
||
|
echo "$ORIGIN:$DIR"
|
||
|
echo "$CURRENT:$(ls -dl $line)"
|
||
|
exit 1
|
||
|
fi
|
||
|
done
|
||
|
done
|
||
|
;;
|
||
|
owner)
|
||
|
echo "$FILES" | while read FILE;
|
||
|
do
|
||
|
echo "$FILE" | awk '{print $6}' | sed -e 's/^.//g' | while read line;
|
||
|
do
|
||
|
ORIGIN=$(echo "$FILE" | awk '{print $2}' | awk -F '/' '{print $1}')
|
||
|
CURRENT=$(ls -l "$line" | awk '{print $3}')
|
||
|
if [ "$CURRENT" != "$ORIGIN" ];then
|
||
|
echo "ORIGIN:$FILE"
|
||
|
echo "CURRENT:$(ls -l $line)"
|
||
|
exit 1
|
||
|
fi
|
||
|
done
|
||
|
done
|
||
|
echo "$DIRECTORY" | while read DIR;
|
||
|
do
|
||
|
echo "$DIR" | awk '{print $6}' | sed -e 's/^.//g' | while read line;
|
||
|
do
|
||
|
ORIGIN=$(echo "$DIR" | awk '{print $2}' | awk -F '/' '{print $1}' )
|
||
|
CURRENT=$(ls -dl "$line" | awk '{print $3}' )
|
||
|
if [ "$CURRENT" != "$ORIGIN" ];then
|
||
|
echo "$ORIGIN:$DIR"
|
||
|
echo "$CURRENT:$(ls -dl $line)"
|
||
|
exit 1
|
||
|
fi
|
||
|
done
|
||
|
done
|
||
|
;;
|
||
|
group-owner)
|
||
|
echo "$FILES" | while read FILE;
|
||
|
do
|
||
|
echo "$FILE" | awk '{print $6}' | sed -e 's/^.//g' | while read line;
|
||
|
do
|
||
|
ORIGIN=$(echo "$FILE" | awk '{print $2}' | awk -F '/' '{print $2}')
|
||
|
CURRENT=$(ls -l "$line" | awk '{print $4}')
|
||
|
if [ "$CURRENT" != "$ORIGIN" ];then
|
||
|
echo "ORIGIN:$FILE"
|
||
|
echo "CURRENT:$(ls -l $line)"
|
||
|
exit 1
|
||
|
fi
|
||
|
done
|
||
|
done
|
||
|
echo "$DIRECTORY" | while read DIR;
|
||
|
do
|
||
|
echo "$DIR" | awk '{print $6}' | sed -e 's/^.//g' | while read line;
|
||
|
do
|
||
|
ORIGIN=$(echo "$DIR" | awk '{print $2}' | awk -F '/' '{print $2}' )
|
||
|
CURRENT=$(ls -dl "$line" | awk '{print $4}' )
|
||
|
if [ "$CURRENT" != "$ORIGIN" ];then
|
||
|
echo "$ORIGIN:$DIR"
|
||
|
echo "$CURRENT:$(ls -dl $line)"
|
||
|
exit 1
|
||
|
fi
|
||
|
done
|
||
|
done
|
||
|
;;
|
||
|
file-hashes)
|
||
|
dpkg-deb -R audit*.deb .
|
||
|
echo "$FILES" | grep "bin/" | while read FILE;
|
||
|
do
|
||
|
echo "$FILE" | awk '{print $6}' | sed -e 's/^.//g' | while read line;
|
||
|
do
|
||
|
ORIGIN=$(sha512sum "$(echo "$line" | sed -e 's/^.\///g')" | awk '{print $1}')
|
||
|
CURRENT=$(sha512sum "$line" | awk '{print $1}')
|
||
|
if [ "$CURRENT" != "$ORIGIN" ];then
|
||
|
echo "ORIGIN:$FILE"
|
||
|
echo "CURRENT:$(ls -l $line)"
|
||
|
exit 1
|
||
|
fi
|
||
|
done
|
||
|
done
|
||
|
;;
|
||
|
esac
|