Need to automate the manual task using shell script


Need to automate the manual task using shell script



# find / -xdev -type f -perm -4000 -o -perm -2000 2>/dev/null -> To list out
the full path of setuid program



After run the above command I will get the path of the program


/usr/bin/wall
/usr/bin/chfn
/usr/bin/chage
/usr/bin/gpasswd
/usr/bin/newgrp
===================
So whatever the path it's coming,



I need to add the rule "grep path /etc/audit/audit.rules"
example : path /usr/bin/newgrp


echo "-a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
echo "-a always,exit -F path=/usr/bin/write -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
echo "-a always,exit -F path=/usr/bin/locate -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
echo "-a always,exit -F path=/usr/bin/wall -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules

Please let me know is there anyway to automate the process without adding
manually using echo.

Thanks




1 Answer
1



Try this:


find / -xdev -type f -perm -4000 -o -perm -2000 | xargs -I {XXX} printf "'-a always,exit -F path='{XXX} ' -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged'n" >>/etc/audit/audit.rules



It pipes the find command which searches for set suid stuff to xargs which puts it's stuff from stdin (the stuff from find) in the corresponding place {XXX} in the printf.



Edit: took out usr/bin/





Much appreciated :)
– Manikandan
Jul 3 at 6:22





But if I ran the command multiple time it's keep on appending the same content on the file, Is there any way to copy the content only one time
– Manikandan
Jul 3 at 6:22






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

-

Popular posts from this blog

api-platform.com Unable to generate an IRI for the item of type

api-platform.com Unable to generate an IRI for the item of type I'm trying to setup my first api-platform instance and have run into some presumably noob questions around IDE. What i'm trying to do is setting up an register and reset entity in order to deal with registrations and password reminders from an app. And then have the entity's passed to a custom controller to do some checks, balances and mails afterwards (haven’t gotten around to that yet). But I keep running into this error when posting to my custom entities: { "@context": "/api/contexts/Error", "@type": "hydra:Error", "hydra:title": "An error occurred", "hydra:description": "Unable to generate an IRI for the item of type "AppXXXUserBundleEntityRegister"", "trace": [ { "namespace": "", "short_class": "", "c
Read more

How to set up datasource with Spring for HikariCP?

How to set up datasource with Spring for HikariCP? Hi I'm trying to use HikariCP with Spring for connection pool. I'm using jdbcTempLate and JdbcdaoSupport. This is my spring configuration file for datasource: <bean id="dataSource" class="com.zaxxer.hikari.HikariDataSource"> <property name="dataSourceClassName" value="oracle.jdbc.driver.OracleDriver"/> <property name="dataSource.url" value="jdbc:oracle:thin:@localhost:1521:XE"/> <property name="dataSource.user" value="username"/> <property name="dataSource.password" value="password"/> </bean> But unfortunately the following error message is generating: Cannot resolve reference to bean 'dataSource' while setting bean property 'dataSource'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'dataSource'
Read more

Display dokan vendor name on Woocommerce single product pages

Display dokan vendor name on Woocommerce single product pages With woocommerce I am using Dokan plugin and I am trying to display the vendor name, rating and vendor location on single product pages. I tried this code to display vendor name but no luck: //show store name add_action( 'woocommerce_single_product_summary', 'show_store_name', 20 ); function show_store_name() { printf( '<b>Seller Name:</b> <a href="%s">%s</a>', dokan_get_store_url( $author->ID ), $store_info['store_name'] ); } Any help is appreciated. 1 Answer 1 I don't use dokan plugin. Here is the way to get the (post) author ID and to make your code work: add_action( 'woocommerce_single_product_summary', 'display_author_name', 20 ); function display_author_name() { // Get the author ID (the vendor ID) $vendor_id = get_post_field( &#
Read more