users who have un-sanctioned(forbidden) files in their home directory.

catalint · May 11, 2011, 12:42pm

Hello guys,

I have to create a sh script which return users who have un-sanctioned(forbidden) files in their home directory.

I tried to do:

#!/bin/sh -x
SHADOW_FILE="/etc/shadow"
PASSWORD_FILE="/etc/passwd"

for i in `grep -v '^+' $PASSWORD_FILE | cut -d: -f1,6`
do
  username=`echo $i|cut -d: -f1`
  home_dir=`echo $i|cut -d: -f6`  

.....
done

Above is just a part of script.
I don't know how to get files rights from each home directory. Any hint it will be great.
Thanks.

ahamed101 · May 11, 2011, 12:47pm

Like this?

find . | xargs ls -ld | awk '{print $1 FS $9}'

[ahamed@ahamed study]$ find . | xargs ls -ld | awk '{print $1 FS $9}'
drwxr-xr-x. .
-rw-r--r--. ./a1
-rw-r--r--. ./a2
-rwxrwxr-x. ./a.out
-rwxr-xr-x. ./brun
-rw-r--r--. ./c

If Solaris, use /usr/xpg4/bin/awk

regards,
Ahamed

catalint · May 11, 2011, 1:02pm

Hi,

Yes, it is a solaris os but i need to display something like this:

User abcd has the following restricted files in home: a.file, b.file...etc (in /export/home i have many users)
Your script returns all files form all users? I don't understand very well the code. Could you give me more details or some links to some tutorials.

Thanks.

ahamed101 · May 11, 2011, 3:19pm

By "restricted files", what do you mean?
BTW, my previous post was just to give you an idea.

regards,
Ahamed

catalint · May 11, 2011, 4:29pm

As i understand, restricted means that the user john from /export/home/john doesn't have access to this file(when i say access this means , doesn't have rights to execute, modify or read the file).
It is possible to be wrong related to the understanding of "restricted file". What do you think about...do you have other opinion about it?

regards,
catalin

achenle · May 11, 2011, 5:34pm

If it's in a user's home directory, the user pretty much has permissions to do anything they want with it.

IIRC about the only thing a user can't do to finles and directories in a directory the user owns is delete a directory owned by another user that has the setgid-bit set on it.

What problem are you trying to solve?

catalint · May 12, 2011, 1:51am

But if the file was copied in the home directory by a user or by another program and its rights are very restrictive.
As I read "each file belongs to a specific user and group. Access to the files is controlled by user, group, and what is called other. The term, other, is used to refer to someone who is not the user (owner) of the file, nor is the person a member of the group the file belongs to. When talking about setting permissions for "other" users to use, it is commonly referred to as setting the world execute, read, or write bit since anyone in the world will be able to perform the operation if the permission is set in the other category. "

let's say that the user john belong to temp group and
in /export/home/john we have a file script.sh
-rw------- 1 root root 14233 Apr 24 10:32 script.sh

=> user john has NO rights to read/execute/modify script.sh file because the owner of the file is root and group also is root.

That's what I mean and the question is: is this possible to find out these kind of files for each user from /export/home?

Thanks.

regards,
catalin