From Audit point of view, I need to add a script to my production Solaris servers. That should be able to mail me, if any user is added or removed.
That means, I should get a mail, what user is deleted or added in /etc/passwd, i.e. if there is a change in this file, I should be notified via mail.
I am not expert in scripting. Please help me in best possible way to implement.
This script works well. Thanks a lot for providing it. But only issue is, if I run the script, it will keep on going, untill we do Control+C.
I want to configure it on mutiple servers.
ShawnD41 :- We are not using Network Management System
jim mcnamara :- When I run this script, it was not sending mail. Its logs saying as below -
/root/myscript.sh[6]: /usr/bin: cannot execute
/root/myscript.sh[6]: /usr/bin: cannot execute
Hi solaris_1977,
how do you wish to control the termination of the script ? kill ? run for some period ?
To run it permanently on a remote server, you may start it like this:
nohup /path/to/script &
Then it will continue running after logout from the remote server.
Hi jim mcnamara,
I don't know why you get the "cannot execute" message. You my try run the mailx separately in order to check if it is correctly installed or your configuration is correct, respectively:
If you run it in nohup, it will keep on running, which will eat CPU time as well.
For jim mcnamara's script, it do not give me deleted or added user-name in my mail.
I wanted something like, script should check once a day (may be through cron), which user is added or deleted from original /etc/passwd file. May be I can get a mail like
"user123 deleted from /etc/passwd: Server456"
"user321 added to /etc/passwd: Server456"
Actually if you used only the command line progs `useradd`, `usermod` or `userdel`, via a shell script and using the return values, then that would be all you need. useradd(8) - Linux man page
However for verification, apart from comparing the xcheksum, you might like put the information in an array and compare the contents.