PIKT

Samples: Shadow File Problems

PIKT Logo
Home FAQ News Intro Samples Tutorial Reference Software Authors Licensing SiteSearch


In this example, we report shadow file problems.

The ShadowFileProblemsUrgent script might send an alert message like the following:

-------------------------------------------------------------------------------

                                PIKT ALERT
                         Tue Nov 25 11:53:05 2003
                                  kiev2

URGENT:
    ShadowFileProblemsUrgent
        Report /etc/shadow file problems

        User smetana has NO PASSWORD!

-------------------------------------------------------------------------------
The script follows.

///////////////////////////////////////////////////////////////////////////////
//
// accounts_alarms.cfg
//
///////////////////////////////////////////////////////////////////////////////

[other alarms omitted...]

///////////////////////////////////////////////////////////////////////////////

ShadowFileProblemsUrgent

        init
                status active
                level urgent
                task "Report /etc/shadow file problems"
                input file "=shadow"
                seps ":"
                dat $username  [1]
                dat $password [2]
                keys $username

        begin   // assume no crisis (yet)
                set #crisis = #false()

        rule
                if #length($password) == 0
                        output mail "User $username has NO PASSWORD!"
                        output syslog "User $username has NO PASSWORD!"
                        if $username eq "root"
                                set #crisis = #true()
                        endif
                endif

#  ifdef page
        end
                if #crisis
#    if misscritsys
                        =page($hostname() urgent shadow problem (see alert email),
                              =pagesysadmins, =allhours(#now()))
#    else
                        =page($hostname() urgent shadow problem (see alert email),
                              =pagesysadmins, ! =offhours(#now()))
#    endif  // misscritsys
                endif
#  endifdef  // page

///////////////////////////////////////////////////////////////////////////////

[other alarms omitted...]

///////////////////////////////////////////////////////////////////////////////
This is just one program example.  You could add rules, or write new scripts, for example to report:  frozen (starred out) accounts, password changes for certain key accounts, missing fields, malformed lines, violations of expiration rules, etc.

[For more examples, see Samples.]

Home | FAQ | News | Intro | Samples | Tutorial | Reference | Software | Authors | Licensing | SiteSearch
Links | SiteIndex | Pikt-Users | Pikt-Workers | Contribute | ContactUs | Top of Page
Page best viewed at 1024x768.   Page last updated 2005-06-22.
This site is PIKT® powered.
PIKT® is a registered trademark of the University of Chicago.
Copyright © 1998-2005 Robert Osterlund.  All rights reserved.

Computer Books at Amazon.com

Securing Web Services with WS-Security
Securing Web Services with WS-Security

The Best Damn Firewall Book Period
The Best Damn Firewall Book Period

Crackproof Your Software
Crackproof Your Software

Computer Network Security
Computer Network Security

Introduction to Computer Security
Introduction to Computer Security