Hi everyone. I'm doing some SysAdmin work and I recently wrote a script which some people might find useful.
The script checks a directory for ownership and group membership as well as permissions, and compares them to expected values.
When the values are correct, a message is output to Stdout, when they are incorrect, then an email is set to a set address.
Here is the script:
#!/bin/bash
RED='\033[0;31m'
YELLOW='\033[0;33m'
NC='\033[0m' # No Color
host=$(hostname)
checkdir=/var/named
perms=$(stat $checkdir | sed -n '/^Access: (/{s/Access: (([0-9]+).*$/\1/;p}')
owner=$(ls -ld $checkdir | awk '{print $3}')
group=$(ls -ld $checkdir | awk '{print $4}')
targetperms='0770'
targetowner='root'
targetgroup='named'
warn=false
printf "File permissions for directory $checkdir are: \t ${YELLOW} $perms ${NC} \n"
printf "Ownership for directory $checkdir are: \t ${YELLOW} $owner ${NC} \n"
printf "Group membership for directory $checkdir are: \t ${YELLOW} $group ${NC} \n"
if [[ $perms != $targetperms ]]; then
printf "Warning: bad permissions on $checkdir. Currently${RED} $perms${NC}, but should be $targetperms \n"
warn=true
fi
if [[ $owner != $targetowner ]]; then
printf "Warning: bad ownership of $checkdir. Currently owner is${RED} $owner${NC}, but should be $targetowner \n"
warn=true
fi
if [[ $group != $targetgroup ]]; then
printf "Warning: bad group membership of $checkdir. Currently group is${RED} $group${NC}, but should be $targetgroup \n"
warn=true
fi
if [[ $warn == 'true' ]]; then
printf "${RED}Please check the ownership, group and file permissions of $checkdir ${NC} \n"
echo "Please check $host permissions on /var/named/ for user named" | /bin/mail -s "$host - ERROR - /var/named permissions will not allow named to write." [email protected]
else
printf "Everything on $host appears to be OK. \n"
fi