Re: need help with a script to check if /etc/mail/aliases file has 600 permission
hi pete
am not kidding!!
i know u just have to do ll... but u cn use it in the script if possible . this is to keep a track .. then later may be cron be implemented to get the periodic output of the changes..
Re: need help with a script to check if /etc/mail/aliases file has 600 permission
thanks Pete
but this is not what i want ur solution is directing to logs..
but i want to keep a track in real time...
my aim is to create a script to check if /etc/mail/aliases has the file permission has 600 permission(The aliases file is owned by root programs executed & aliases file entry should be owned by root & resides in a directory that is owned by root)
if its any thing other than 600 then it will give an output of Error . that will be done by a GUI tool which will be triggered by cron messeges.
but before that we need a script in place to this check. when the script is run it will give an error which in return give an error in the tool thruogh cron
Re: need help with a script to check if /etc/mail/aliases file has 600 permission
I assume this is part of a security check?
Do you know that sendmail (newaliases) will refuse to process the /etc/mail/aliases file if it does NOT have the right ownership and permission. (although the file can still be readable and the directory can be traversed).
What are you going to do if the directory itself /etc/mail changes permissions?
What about /etc/mail/aliases.db? This file is worth more than /etc/mail/aliases
Anyway this ought to do it. Even if the file does not exist it will echo NOK. /usr/bin/sh if [ -f /etc/mail/aliases ] then aliasesmode=`ll /etc/mail/aliases | cut -c 1-10` [ "$aliasesmode" = "-rw-------" ] && echo OK || echo NOK else echo NOK #file does not exist fi
Re: need help with a script to check if /etc/mail/aliases file has 600 permission
Hi:
I'm sorry to say that I agree with Pete.
Your questions have great similarity insofar as you want to perform simple queries of files or command output and print "OK" or "NOT_OK". I gave you an example yesterday in your thread:
