From nobody@FreeBSD.org  Thu Jan 20 06:16:35 2005
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0651616A4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 20 Jan 2005 06:16:35 +0000 (GMT)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E00DC43D31
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 20 Jan 2005 06:16:34 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j0K6GYYI013891
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 20 Jan 2005 06:16:34 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id j0K6GYAN013890;
	Thu, 20 Jan 2005 06:16:34 GMT
	(envelope-from nobody)
Message-Id: <200501200616.j0K6GYAN013890@www.freebsd.org>
Date: Thu, 20 Jan 2005 06:16:34 GMT
From: "Alexandr S. Tikhonoff" <tikhonoff@users.sourceforge.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Addition into /etc/security few new functions
X-Send-Pr-Version: www-2.3

>Number:         76491
>Category:       conf
>Synopsis:       Addition into /etc/security few new functions
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          suspended
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 20 06:20:24 GMT 2005
>Closed-Date:    
>Last-Modified:  Fri Jul 22 19:12:25 GMT 2005
>Originator:     Alexandr S. Tikhonoff
>Release:        
>Organization:
ASTI
>Environment:
>Description:
In this addition was realized tracing two errors. At first, there are file permission errors in important directories. At second - search crash records in system messages.
>How-To-Repeat:
      
>Fix:
--- securityadd	Sun Jan  9 12:31:46 2005
+++ security	Sun Jan  9 12:31:46 2005
@@ -33,6 +33,8 @@
 rc=0
 LOG=/var/log
 TMP=/var/run/_secure.$$
+stoday="/var/log/localsec.today" 		# path to today security log
+syester="/var/log/localsec.yesterday"		#path to yesterday security log
 
 separator () {
 	echo ''
@@ -232,5 +234,34 @@
 
 rm -f ${TMP}
 
+ rm $syester
+ mv $stoday $syester
+
+  echo "stoday Log for:" >> ${stoday}
+  date >> ${stoday}
+  cat /etc/passwd | grep "guest" >> ${stoday}
+  cat /etc/passwd | grep "anonymous" >> ${stoday}
+  echo "File permission errors in /bin" >> ${stoday}
+  ls -l /bin | grep "rwx  " >> ${stoday}
+  ls -l /bin | grep "rw-  " >> ${stoday}
+  echo "File permission errors in /sbin" >> ${stoday}
+  ls -l /sbin | grep "rwx  " >> ${stoday}
+  ls -l /sbin | grep "rw-  " >> ${stoday}
+  echo "File permission errors in /etc" >> ${stoday}
+  ls -l /etc | grep "rwx  " >> ${stoday}
+  ls -l /etc | grep "rw-  " >> ${stoday}
+  echo "File permission errors in /usr/bin" >> ${stoday}  
+  ls -l /usr/bin | grep "rwx  " >> ${stoday}
+  ls -l /usr/bin | grep "rw-  " >> ${stoday}
+  echo "File permission errors in /usr/sbin" >> ${stoday}  
+  ls -l /usr/sbin | grep "rwx  " >> ${stoday}
+  ls -l /usr/sbin | grep "rw-  " >> ${stoday}
+  echo "File permission errors in /root" >> ${stoday}  
+  ls -l /root | grep "rwx  " >> ${stoday}
+  ls -l /root | grep "rw-  " >> ${stoday}
+echo ""
+  echo "Crashes?" >> ${stoday}
+  last | grep "crash" >> ${stoday}  
+cat $stoday
 exit $rc
 

>Release-Note:
>Audit-Trail:

From: =?koi8-r?Q?=E1=CC=C5=CB=D3=C1=CE=C4=D2=20=F4=C9=C8=CF=CE=CF?=ff <tikhonoff@bk.ru>
To: FreeBSD-gnats-submit@FreeBSD.org
Cc:  
Subject: misc/76491
Date: Thu, 20 Jan 2005 09:23:29 +0300

 [PATCH]
 --- securityadd	Sun Jan  9 12:31:46 2005
 +++ security	Sun Jan  9 12:31:46 2005
 @@ -33,6 +33,8 @@
  rc=0
  LOG=/var/log
  TMP=/var/run/_secure.$$
 +stoday="/var/log/localsec.today" 		# path to today security log
 +syester="/var/log/localsec.yesterday"		#path to yesterday security log
  
  separator () {
  	echo ''
 @@ -232,5 +234,34 @@
  
  rm -f ${TMP}
  
 + rm $syester
 + mv $stoday $syester
 +
 +  echo "stoday Log for:" >> ${stoday}
 +  date >> ${stoday}
 +  cat /etc/passwd | grep "guest" >> ${stoday}
 +  cat /etc/passwd | grep "anonymous" >> ${stoday}
 +  echo "File permission errors in /bin" >> ${stoday}
 +  ls -l /bin | grep "rwx  " >> ${stoday}
 +  ls -l /bin | grep "rw-  " >> ${stoday}
 +  echo "File permission errors in /sbin" >> ${stoday}
 +  ls -l /sbin | grep "rwx  " >> ${stoday}
 +  ls -l /sbin | grep "rw-  " >> ${stoday}
 +  echo "File permission errors in /etc" >> ${stoday}
 +  ls -l /etc | grep "rwx  " >> ${stoday}
 +  ls -l /etc | grep "rw-  " >> ${stoday}
 +  echo "File permission errors in /usr/bin" >> ${stoday}  
 +  ls -l /usr/bin | grep "rwx  " >> ${stoday}
 +  ls -l /usr/bin | grep "rw-  " >> ${stoday}
 +  echo "File permission errors in /usr/sbin" >> ${stoday}  
 +  ls -l /usr/sbin | grep "rwx  " >> ${stoday}
 +  ls -l /usr/sbin | grep "rw-  " >> ${stoday}
 +  echo "File permission errors in /root" >> ${stoday}  
 +  ls -l /root | grep "rwx  " >> ${stoday}
 +  ls -l /root | grep "rw-  " >> ${stoday}
 +echo ""
 +  echo "Crashes?" >> ${stoday}
 +  last | grep "crash" >> ${stoday}  
 +cat $stoday
  exit $rc
  
 

From: Brooks Davis <brooks@one-eyed-alien.net>
To: "Alexandr S. Tikhonoff" <tikhonoff@users.sourceforge.net>
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: misc/76491: Addition into /etc/security few new functions
Date: Wed, 19 Jan 2005 22:32:31 -0800

 Thank you for your contribution.
 
 Unfortunatly, /etc/security has been defunct for nearly three years (it
 was removed in FreeBSD-4.6).  It has been replaced by a set of scripts
 in /etc/periodic/security.  A new script for that framework would be
 useful, but we can't do much with this patch as is.  I'd also suggest
 using find(1)'s perm option instead of parsing ls output.
 
 -- Brooks
State-Changed-From-To: open->suspended 
State-Changed-By: linimon 
State-Changed-When: Fri Jul 22 19:11:27 GMT 2005 
State-Changed-Why:  
Patch would need to be regenerated for current framework.  Is the 
submitter still interested in doing this?  If not, I'll leave the 
PR as suspended. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=76491 
>Unformatted:
