Tech blog: January 2014

Saturday, January 25, 2014

OPEN SSH

SSH

--> Pkg -openssh

Daemon -sshd

Portnum -22

Files -/etc/ssh/sshd_config

.ssh/*

---> vim /etc/ssh/sshd_config

1. line 13 -> change port num.

Port 53

service sshd restart

client connecting to your machine should connect giving like this

ssh -p 53 <server ip> ,Only then it connects.

2. line 37 -> Allow/stop user to ssh

AllowUsers u1

DenyUsers u2

service sshd restart

This stops a client to connect as u2 and can connect as only u1 user.

3. line 37 -> Allow/stop user to ssh

AllowGroups asia

DenyGroups america

service sshd restart

This stops a client to connect as any members of america, and can connect

as any member os america.

4. line 38 -> Login grace time.

LoginGraceTime 1m

service sshd restart

Once you connect to sshserver, you haf to provide passsword within a min,

or connection fails.

5. line 39 -> Root login allowed/not-allowed

PermitRootLogin no

service sshd restart

This stops a client to ssh as root user,anb can connect as normal user only

6. line 41 -> Password prompts

MaxAuthTries 1

service sshd restart

Password is prompted only twice within which he has to give right password

to authenticate.

7. line 96 -> Stop Gui Access

X11Forwarding no

service sshd restart

Thou the client connects to your server using ssh -X <server.ip>, they

wont be able to connect to GUI of Server

8. Generating Public/Private key

--> To generate the key ->Generates id_dsa,id_dsa.pub files under .ssh dir

ssh-keygen -t dsa

--> To copy key to client machine ->copies id_dsa to .ssh of clients machine

ssh-copy-id -i /root/.ssh/id_dsa <clients.ip>

Services which contain libwrap module can use hosts.deny to control Access
ldd /usr/sbin/vsftpd |grep libwrap
ldd /usr/sbin/sendmail |grep libwrap
ldd /usr/sbin/sshd |grep libwrap

To Restrict a host/network to control access to a Service.

1. Using Hostname/Domainname
vim /etc/hosts.deny
-> vsftpd *.example.com ->All hosts in example.com denied to access ftp
-> vsftpd server.example.com ->Host server in example.com denied to access

2. Using Ipaddress/Network
vim /etc/hosts.deny
-> vsftpd 192.168.1.0/255.255.255.0 ->All hosts in 1.0 N/W denied.
-> vsftpd 192.168.1.4 ->Host 1.4 denied.

3. To Deny all Except few.
vim /etc/hosts.deny
-> sshd:ALL EXCEPT matrix.com ->Any domain other than matrix.com are denied the Access to ssh.

4. To Allow all Except few.
vim /etc/hosts.allow
-> ALL *.example.com EXCEPT *.matrix.com ->Any domain other than matrix.com are Allowed to Access.

Both entries allow/deny can be given in either hosts.allow or hosts.deny file

SAMBA SERVER + LINUX

TO CONFIGURE SAMBA SERVER

1. mkdir /samba
2. chmod a+w /samba
3. yum install samba -y
4. vim /etc/samba/smb.conf
[public]
comment = Only users
path = /samba
public = yes
browseable=yes
writable = yes
printable = no
write list = +staff
5. service smb restart

OPTIONS THAT CAN B GIVEN IN FILE

1.If browseable=yes ->we CAN see the shared dir
If browseable=no -> we CANNOT see the shared dir

2.If public=yes ->Allows anonymous Login
If public=no ->Stops anonymous Login

3. writable = no ->uploading is denied for BOTH the users.
writable = yes ->uploading is allowed for BOTH the users

4a. writable =no + ->Allows only u1 to upload files, but
b. write list =u1 both writable=no and writelist=u1 shuld b enabled

5. hosts allow=127. 192.168.0.20 ->Allow only 192.168.0.20 ip to
access share, other ips are denied

CLIENT COMMANDS

1.smbclient -L //192.168.0.48/share ->List directories shared

2. smbclient //192.168.0.48/share ->Anonymous Login
get <file>
put <file>

3a. To generat passwd to allow for non-anonymous login
1. smbpasswd -a u1
2. service smb restart

3b. smbclient //192.168.0.48/share -U u1 ->Non Anonymous Login
get <file>
put <file>

TO INSTALL VMWARE ON LINUX

1.mount 192.168.0.154:/dumps /media
2.cd /media/VMWARE
3.rpm -ivh VMware-server-1.0.1-29996.i386.rpm
4.yum install gcc kernel-devel xinetd -y
5.vmware-config.pl
6.cat vmware-server.key

TO EXTRACT WINDOWS IMAGE

1.scp srinivas@192.168.0.154:/home/srinivas/raj.tar.bz2 .
2.tar jxvf raj.tar.bz2 -C /var/lib/vmware

FTP SERVER configuration

####### VSFTPD ################

SERVER :

1. yum install vsftpd -y
2. service vsftpd restart
3. setsebool -P ftp_home_dir on ->Do this to allow user to connect

CLIENTS :

ANONYMOUS LOGIN (connecting as anonymous or ftp user and blank passwor)

ftp <ftpserver>
name ftp
pass ........... (Blank Password)

ftp> pwd ->you connect to pub dir
ftp> ls ->shows remotes file list
ftp> !ls ->shows local file list
ftp> get <file> ->Copy/download files
ftp> put <file> ->Cannot UPLOAD files
ftp> cd /home ->NOT allowed to change dir
ftp> bye ->Log out from ftp prompt.

NON-ANONYMOUS LOGIN (connect as normal user of remote machine)

ftp <ftpserver>
name u1
pass 1

ftp> pwd ->you connect to home dir of u1
ftp> ls ->shows remotes file list
ftp> !ls ->shows local file list
ftp> get <file> ->Copy/download files
ftp> put <file> ->Copy/Upload files
ftp> cd /home ->Allowed to change dir
ftp> bye ->Log out from ftp prompt.

#### OPTIONS FOR /ETC/VSFTPD/VSFTPD.CONF####################

1. anonymous_enable=YES ->Allow anonymous login
anonymous_enable=NO ->Stop anonymous login

2. local_enable=YES ->Allow normal user to login
local_enable=NO ->Stop normal user to login

3. write_enable=YES ->Allow normal user to create files by default
write_enable=NO ->Stop normal user to create files

4. To allow Anonymous user to UPLOAD file.
a> #anon_upload_enable=YES ->uncomment this line +
b> chmod a+w /var/ftp/pub ->/var/ftp/pub dir should be writable
c> write_enable=YES ->write enable should b yes

5. If Anonymous user uploads file,owner of file is ftp by default,
but if you want u1 to be owner of file change here.
#chown_uploads=YES
#chown_username=u1 ->uncomment this 2 lines + user=u1

6.no_anon_password=YES ->Wont prompt the password for anonymous user
no_anon_password=NO ->Prompt the password for anonymous user

###### To stop many users from using ftp connection ############

1. Add the users whom you want to stop using ftp to this file +
2. And add this to /etc/vsftpd/vsftpd.conf userlist_deny=YES
3. service vsftpd restart

########### FTP USERS FILE ################

If you want to stop one or two users from using ftp
enter there names in this file. That stops that user
from connecting throu ftp.

NFS MOUNTING

TO CONFIGURE NFS SERVER

1. mkdir /share ->create a dir under / which you want to share.
2. chmod a+w /share ->Allow all to write to the /share dir
3. vim /etc/exports ->write entries of that share in this file
a. /abc *(rw,sync) //All Domain

b. /abc *.example.com(rw,sync)
/abc *.matrix.com(rw,sync) //Two Domains

c. /abc *.example.com(rw,sync) //Only Example domain

d. /abc 192.168.0.82(rw,sync) //Single Machine

e. /abc 192.168.0.82(rw,sync) 192.168.0.42(rw,sync) //Double Machine

f. /abc 192.168.0.1-10(rw,sync) //Range of ips

g. /abc 192.168.0.0/24(ro,sync) //Read-Only file,cant create file,after mounting

h. /abc *(rw,sync,no_root_squash) //When client creates file under /share dir, it gets created under roots name

4. service portmap restart
5. service nfs restart
6. rpcinfo -p ->Shows random port num

NFS CLIENT

showmount -e 192.168.0.38 -->shows dir shared by remote/server

1. TEMPORARY MOUNTING
mount 192.168.0.38:/songs /media
cd /media/
ls
mount
cd
umount /media

2. PERMANENT MOUNTING

->vim /etc/fstab
192.168.0.38:/songs /media nfs defaults 1 2
->mount -a
->mount

NIS server Configuration + Linux

################ NIS SERVER CONFIGURATION ##########################

1. yum install ypserv -y
2. nisdomainname SRINIVAS
3. vim /etc/sysconfig/network
NISDOMAIN=SRINIVAS

4. service network restart
5. vim /etc/exports
/home *(rw,sync)

6. service portmap restart
7. service nfs restart
8. service ypserv restart
9. cd /var/yp
10. /usr/lib/yp/ypinit -m

############ NIS CLIENT ####################

1. umount /home

2. comment home-dir line in /etc/fstab

3. authconfig-tui //Provide your nisdomain and nisservers ip

4. ypwhich ->shows niservers hostname/ip

5. vim /etc/auto.master

/home /etc/auto.misc

6. /etc/auto.misc

u1 -fstype=nfs 192.168.0.82:/home/u1 //Login as u1

* -fstype=nfs 192.168.0.82:/& //Login as any user

7. service autofs restart

8. Log out and login as u1 user.

# ##############MASTER ENTRY WHILE SETTING UP SLAVE ###################

1. vim /var/yp/Makefile

NOPUSH=False

2. /usr/lib/yp/ypint -m

3. service ypserv restart

########### SLAVE ENTRIES ###########

1. yum install ypserv

2. vim /etc/sysconfig/network

NISDOMAIN=SRINIVAS

3. service network restart

4. nisdomainname SRINIVAS

5. service ypserv restart

6. /usr/lib/yp/ypinit -s <master'shostname) //Better configure Dns or hosts file

NIS CLIENT

1. authconfig-tui (Bind to both master,slave ip)

2. ypwhich ->shows masters ip

3. Stop ypserv in master

4. ypwhich ->shows slave ip

Friday, January 24, 2014

Commonly Used Worksoft Functions

Below are the few worksoft functions which are commonly used:

1. Is Blank : This method is used to check whether a row is blank or not in a table / grid

2. Is Not Blank : This method is used to check whether a row is not blank in a table / Grid.

3. Search Empty Row : Method is used to search for an empty row in a Table / Grid

4. Select Node : Method is used to select a particular Node in the application

5.StoreProperty : Method is used to store particu;lar property value of an object

6. Store Parameter : Methos is used to store a particular value from a message / status bar message

7. Verify : Method is used to verify particular value in a table or any object

8. Click : Method is used to click on a particular object / at particular position

9. Press: Method is used to press a particular button / link

10. Input : Method is used to input a value in a table or textbox etc

Command to clear 15 days old data or files + LInux

Command to list 15days old files.

# find /sftp/home/ $ ! -regex '.*/\..*' $ -type f -mtime -15 -exec ls -l {} \;

Command to remove 15 days old files.

# find /sftp/home/ $ ! -regex '.*/\..*' $ -type f -mtime -15 -exec rm -rf {} \;

SVN RPMS

neon-0.28.4-1.x86_64.rpm
neon-devel-0.28.4-1.x86_64.rpm
sqlite-3.5.9-2.x86_64.rpm
sqlite-devel-3.5.9-2.x86_64.rpm
subversion-1.6.5-1.rhel5.x86_64.rpm
subversion-devel-1.7.5-1.rhel5.x86_64.rpm
subversion-perl-1.7.5-1.rhel5.x86_64.rpm
subversion-python-1.7.5-1.rhel5.x86_64.rpm

COMMAND TO CHECK MEMORY CPU USAGE + LInux

COMMAND TO CHECK MEMORY CPU USAGE. (PERFORMANCE MONITORING).
CPU MONITORING:

1. ps

2. Top

top -n 1 | grep "Cpu"
3. Vmstat

4. Sysstat

SAR

CPU Utilization: The central processing unit, as viewed from Linux, is always in one of the following states:
* idle: available for work, waiting
* user: high-level functions, data movement, math, etc.
* system: performing kernel functions, I/O and other hardware interaction
* nice: like user, a job with low priority will yield the CPU to another task with a higher priority

By noting the percentage of time spent in each state, we can discover overloading of one state or another. Too much idle means nothing is being done; too much system time indicates a need for faster I/O or additional devices to spread the load. Each system will have its own profile when running its workload, and by watching these numbers over time, we can determine what's normal for that system. Once a baseline is established, we can easily detect changes in the profile.

(System Activity Reporter)
Sysstat is actually a collection of utilities designed to collect information about the performance of a linux installation, and record them over time.

The sysstat package contains the sar, sadf, iostat, mpstat, and pidstat commands for Linux.
If sar package is activated the crontab for root should contain something like this:

# Collect measurements at 10-minute intervals //This script collects info
0/10 * * * * /usr/lib/sa/sa1
# Create daily reports and purge old files //This script produces report
0 9 * * * /usr/lib/sa/sa2 -A

MEMORY USAGE:

1. cat /proc/meminfo

Things to check system performace

THINGS THAT HAS TO BE CHECKED FOR SYSTEM PERFORMANCE.

1.CPU Utilization
2.Interrupts
3.Context Switching
4.Memory
5.Paging
6.Swapping
7.Disk I/O
8.Network I/O

CPU :

The central processing unit, as viewed from Linux, is always in one of the following states:
*idle: available for work, waiting
*user: high-level functions, data movement, math, etc.
*system: performing kernel functions, I/O and other hardware interaction
*nice: like user, a job with low priority will yield the CPU to another task with a higher priority
By noting the percentage of time spent in each state, we can discover overloading of one state or another. Too much idle means nothing is being done; too much system time indicates a need for faster I/O or additional devices to spread the load. Each system will have its own profile when running its workload, and by watching these numbers over time, we can determine what's normal for that system. Once a baseline is established, we can easily detect changes in the profile.

INTERRUPTS:

Most I/O devices use interrupts to signal the CPU when there is work for it to do. For example, SCSI controllers will raise an interrupt to signal that a requested disk block has been read and is available in memory. A serial port with a mouse on it will generate an interrupt each time a button is pressed/released or when the mouse is moved. Watching the count of each interrupt can give you a rough idea of how much load the associated device is handling.

CONTEXT SWITCHING:

Time slicing is the term often used to describe how computers can appear to be doing multiple jobs at once. Each task is given control of the system for a certain “slice” of time, and when that time is up, the system saves the state of the running process and gives control of the system to another process, making sure that the necessary resources are available. This administrative process is called context switching. In some operating systems, the cost of this switching can be fairly expensive, sometimes using more resources than the processes it is switching. Linux is very good in this respect, but by watching the amount of this activity, you will learn to recognize when a system has a lot of tasks actively consuming resources.

MEMORY:

When many processes are running and using up available memory, the system will slow down as processes get paged or swapped out to make room for other processes to run. When the time slice is exhausted, that task may have to be written out to the paging device to make way for the next process. Memory-utilization graphs help point out memory problems.

PAGING:

As mentioned above, when available memory begins to get scarce, the virtual memory system will start writing pages of real memory out to the swap device, freeing up space for active processes. Disk drives are fast, but when paging gets beyond a certain point, the system can spend all of its time shuttling pages in and out. Paging on a Linux system can also be increased by the loading of programs, as Linux “demand pages” each portion of an executable as needed.

SWAPPING:

Swapping is much like paging. However, it migrates entire process images, consisting of many pages of memory, from real memory to the swap devices rather than the usual page-by-page mechanism normally used for paging.

DISK I/O:

Linux keeps statistics on the first four disks; total I/O, reads, writes, block reads and block writes. These numbers can show uneven loading of multiple disks and show the balance of reads versus writes.

Network I/O: Network I/O can be used to diagnose problems and examine loading of the network interface(s). The statistics show traffic in and out, collisions, and errors encountered in both directions.

Sudden increases in activity can also be due to jobs run by crontab.

Hyperic Server Installation on Linux

create user 'hqadmin'@'localhost' identified by 'hqadmin';
create database HQ CHARACTER SET utf8 COLLATE utf8_bin;
grant all on HQ.* to 'hqadmin'@localhost;

use HQ;

REATE TABLE example (
id INT,
data VARCHAR(100)
);

show tables;

drop table example;

mkdir /home/hyperic
chown root.Srinivas /home/hyperic
cd /home/hyperic
cp -rf hyperic-hq-installer .
cd hyperic-hq-installer/
sh setup.sh -mysql

Enter the username to use to connect to the database:
hqadmin
Enter the password to use to connect to the database.: hqadmin

Repository Migration from CVS to SVN

cvs2svn --dumpfile=test.dmp test/

svnadmin create /svn/test

setfacl -R -m u:apache:rwx /svn/test/

svnadmin load /svn/test/ < test

cvs2svn --dumpfile=test2.dmp /backu/backup2/Repository/

svnadmin create /svn/test2
setfacl -R -m u:apache:rwx /svn/test2

svnadmin load /svn/test2 < test2.dmp

Commands to scan LUN and assign file system on Linux

echo "- - -" > /sys/class/scsi_host/host0/scan
echo "- - -" > /sys/class/scsi_host/host1/scan
echo "- - -" > /sys/class/scsi_host/host2/scan
fdisk /dev/sdf
create a Primary Disk
change Partition ID to 8e
Write the disk
partprobe
pvcreate /dev/sdf1
vgcreate vg0 /dev/sdf1
lvcreate -L 499G -n /dev/vg0/sdf1
/dev/sdf1 /svn ext3 defaults,acl 1 2
mount -o remount,rw /svn
cp -rpf /svn1/* /svn/

Command to Export Proxy Linux

Proxy 127.0.0.1
export http_proxy=http://127.0.0.1:8085
export http_proxy=ftp://127.0.0.1:8085

HPACUCLI commands In Linux

This document is a quick cheat sheet on how to use the hpacucli utility to add, delete, identify and repair logical and physical disks on the Smart array 5i plus controller, the server that these commands were tested on was a HP DL380 G3 server with a Smart Array 5i plus controller with 6 x 72GB hot swappable disks, the server had Oracle Enterprise Linux (OEL) installed.

After a fresh install of Linux I downloaded the file hpacucli-8.50-6.0.noarch.rpm (5MB), you may want to download the latest version from HP. Then install using the standard rpm command.

I am not going to list all the commands but here are the most common ones I have used thus far, this document may be updated as I use the utility more.
Utility Keyword abbreviations
Abbreviations chassisname = ch
controller = ctrl
logicaldrive = ld
physicaldrive = pd
drivewritecache = dwc
hpacucli utility
hpacucli # hpacucli

# hpacucli help

Note: you can use the hpacucli command in a script
Controller Commands
Display (detailed) hpacucli> ctrl all show config
hpacucli> ctrl all show config detail
Status hpacucli> ctrl all show status
Cache hpacucli> ctrl slot=0 modify dwc=disable
hpacucli> ctrl slot=0 modify dwc=enable
Rescan hpacucli> rescan

Note: detects newly added devices since the last rescan
Physical Drive Commands
Display (detailed) hpacucli> ctrl slot=0 pd all show
hpacucli> ctrl slot=0 pd 2:3 show detail

Note: you can obtain the slot number by displaying the controller configuration (see above)
Status

hpacucli> ctrl slot=0 pd all show status
hpacucli> ctrl slot=0 pd 2:3 show status

Erase hpacucli> ctrl slot=0 pd 2:3 modify erase
Blink disk LED hpacucli> ctrl slot=0 pd 2:3 modify led=on
hpacucli> ctrl slot=0 pd 2:3 modify led=off
Logical Drive Commands
Display (detailed) hpacucli> ctrl slot=0 ld all show [detail]
hpacucli> ctrl slot=0 ld 4 show [detail]
Status hpacucli> ctrl slot=0 ld all show status
hpacucli> ctrl slot=0 ld 4 show status
Blink disk LED hpacucli> ctrl slot=0 ld 4 modify led=on
hpacucli> ctrl slot=0 ld 4 modify led=off
re-enabling failed drive hpacucli> ctrl slot=0 ld 4 modify reenable forced
Create # logical drive - one disk
hpacucli> ctrl slot=0 create type=ld drives=1:12 raid=0

# logical drive - mirrored
hpacucli> ctrl slot=0 create type=ld drives=1:13,1:14 size=300 raid=1

# logical drive - raid 1+0
hpacucli> ctrl slot=0 create type=ld drives=1:13,1:14,1:15,1:16,1:17 raid=1+0

Note:
drives - specific drives, all drives or unassigned drives
size - size of the logical drive in MB
raid - type of raid 0, 1 , 1+0 and 5
Remove hpacucli> ctrl slot=0 ld 4 delete
Expanding hpacucli> ctrl slot=0 ld 4 add drives=2:3
Extending hpacucli> ctrl slot=0 ld 4 modify size=500 forced
Spare hpacucli> ctrl slot=0 array all add spares=1:5,1:7

Load Balancing Using Apache and Mod_jk

Configure load balancing using Apache and mod_jk

1. Configure Worker Nodes in mod_jk
2. Configuring JBoss to work with mod_jk

Follow the tasks in this chapter to correctly configure load balancing using Apache and the mod_jk connector.

Task: Configure Apache to Load mod_jk
Complete this task to configure Apache to load mod_jk.

Prerequisites

Apache and mod_jk installed .
Open HTTPD_DIST/conf/httpd.conf and add a single line at the end of the file.
# Include mod_jk's specific configuration file
Include conf/mod-jk.conf

Create a new file named HTTPD_DIST/conf/mod-jk.conf
Add the following configuration to the mod-jk.conf file.

Important
The LoadModule directive must reference the mod_jk library directory location applicable to the native binary you installed.

Note :

The JkMount directive specifies which URLs Apache should forward to the mod_jk module. Based on the directive's configuration, mod_jk forwards the received URL onto the correct Servlet containers.
To enable Apache to serve static content (or PHP content) directly, and only use the load balancer for Java applications, the suggested configuration specifies all requests with URL path /application/* are sent to the mod_jk load-balancer.
If you only use mod_jk as a load balancer, forward all URLs to mod_jk by specifying /* in the directive.

# Load mod_jk module
# Specify the filename of the mod_jk lib
LoadModule jk_module modules/mod_jk.so

# Where to find workers.properties
JkWorkersFile conf/workers.properties

# Where to put jk logs
JkLogFile logs/mod_jk.log

# Set the jk log level [debug/error/info]
JkLogLevel info

# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"

# JkOptions indicates to send SSK KEY SIZE
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories

# JkRequestLogFormat
JkRequestLogFormat "%w %V %T"

# Mount your applications
JkMount /application/* loadbalancer

# Add shared memory.
# This directive is present with 1.2.10 and
# later versions of mod_jk, and is needed for
# for load balancing to work properly
JkShmFile logs/jk.shm

# Add jkstatus for managing runtime data
<Location /jkstatus/>
JkMount status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>

Optional: JKMountFile Directive
In addition to the JkMount directive, you can use the JkMountFile directive to specify a mount points configuration file. The configuration file contains multiple Tomcat forwarding URL mappings.
Navigate to HTTPD_DIST/conf.
Create a file named uriworkermap.properties.
Specify the URL to forward and the worker name using the following syntax example as a guide.
The example block will configure mod_jk to forward requests to /jmx-console and /web-console to Apache.
The syntax required takes the form /url=worker_name.

# Simple worker configuration file

# Mount the Servlet context to the ajp13 worker
/jmx-console=loadbalancer
/jmx-console/*=loadbalancer
/web-console=loadbalancer
/web-console/*=loadbalancer

In HTTPD_DIST/conf/mod-jk.conf, append the following directive.

# You can use external file for mount points.
# It will be checked for updates each 60 seconds.
# The format of the file is: /url=worker
# /examples/*=loadbalancer
JkMountFile conf/uriworkermap.properties

1. Configure Worker Nodes in mod_jk

Task: Configure mod_jk Worker Nodes
Complete this task to configure two mod_jk Worker node definitions in a weighted round robin configuration with sticky sessions active between two servlet containers.

Prerequisites

Understand the format of the workers.properties directives, as specified in Appendix A, workers.properties Reference.
Task: Configure Apache to Load mod_jk

Navigate to HTTPD_DIST/conf/.
Create a file named workers.properties.
Append the following information into the workers.properties file.

# Define list of workers that will be used
# for mapping requests
worker.list=loadbalancer,status

# Define dev1
# modify the host as your host IP or DNS name.
worker.dev1.port=8009
worker.dev1.host=dev1.srinivaslinux.com
worker.dev1.type=ajp13
worker.dev1.ping_mode=A
worker.dev1.lbfactor=1

# Define dev2
# modify the host as your host IP or DNS name.
worker.dev2.port=8009
worker.dev2.host=dev2.srinivaslinux.com
worker.dev2.type=ajp13
worker.dev2.ping_mode=A
worker.dev2.lbfactor=1

# Load-balancing behavior
worker.loadbalancer.type=lb
worker.loadbalancer.balance_workers=dev1,dev2
worker.loadbalancer.sticky_session=1

# Status worker for managing load balancer
worker.status.type=status

Good Luck :)

Set up Disk Quota On LInux

[root@srinivas ~]# vi /etc/fstab

# add "usrquota" for the line like follows

/dev/mapper/vg_dlp-lv_root / ext4 defaults 1 1

UUID=87d7a761-7c79-4cdf-869f-6adb50af67d9 /boot ext4 defaults 1 2

/dev/mapper/vg_data-lv_data /home ext4 defaults,usrquota 1 2

/dev/mapper/vg_dlp-lv_swap swap swap defaults 0 0

tmpfs /dev/shm tmpfs defaults 0 0

[root@srinivas ~]# reboot

[root@srinivas ~]# quotacheck -um /home # create a file for quota

[root@srinivas ~]# quotaon -uv /home # enable quota

/dev/mapper/vg_data-lv_data [/home]: user quotas turned on

[root@srinivas ~]# quotaon -p -a # make sure settings

group quota on /home (/dev/mapper/vg_data-lv_data) is off

user quota on /home (/dev/mapper/vg_data-lv_data) is on

# specify quota. the example below set 1G for it

Disk quotas for user ramani (uid 8035):

Filesystem blocks soft hard inodes soft hard

/dev/mapper/vg_data-lv_data 32 1024000 1024000 8 0 0

[root@srinivas ~]# repquota -a # make sure status

*** Report for user quotas on device /dev/mapper/vg_data-lv_data

Apply a setting for a user to another user.

[root@srinivas ~]# edquota -p ramani srini # apply quota for 'srinivas' to user 'srini'

[root@srinivas~]# repquota -a # make sure status

SFTP Server + JailKit on Linux

4. TO SET UP SFTP SERVER

1. scp localhost:/opt/jailkit-2.11.tar.gz /opt
2. cd /opt/
3. tar -zxvf jailkit-2.11.tar.gz
4. cd jailkit-2.11
5. ./configure
6. make
7. make install
8. cp extra/jailkit /etc/init.d/
9. chmod a+x /etc/init.d/jailkit
10. mkdir /sftp
11. chmod -R 701 /sftp/home/
12. jk_init -j /sftp jk_lsh
13. jk_init -j /sftp sftp
14. jk_init -j /sftp scp
15. jk_jailuser -j /sftp srinivas
16. passwd srinivas
17. vim /sftp/etc/jailkit/jk_lsh.ini
18. service jailkit restart
19. sftp srinivas@localhost
20. service jailkit restart

# create the account
adduser testftp

jk_jailuser -j /sftp testftp

# edit the jk_lsh configfile in the jail (man jk_lsh)

vim /sftp/etc/jailkit/jk_lsh.ini

[testuser]
paths= /usr/lib/
executables= /usr/libexec/openssh/sftp-server
allow_word_expansion =0
umask = 077

# now restart jk_socketd
/etc/init.d/jailkit restart
# test the account
sftp test@localhost
# check the logs if everything is correct
tail /var/log/daemon.log /var/log/auth.log

Linux Administarator Interview Questions

1. Difference between ext3 and ext4

Ans: The main benefits that ext4 has over ext3 are:

* faster timestamping
* faster file system checking
* journaling checksums
* extents (basically automatic space allocation to avoid fragmentation)

6. Set user ID, set group ID, sticky bit

In addition to the basic permissions discussed above, there are also three bits of information defined for files in Linux:

* SUID or setuid: change user ID on execution. If setuid bit is set, when the file will be executed by a user, the process will have the same rights as the owner of the file being executed.
* SGID or setgid: change group ID on execution. Same as above, but inherits rights of the group of the owner of the file on execution. For directories it also may mean that when a new file is created in the directory it will inherit the group of the directory (and not of the user who created the file).
* Sticky bit. It was used to trigger process to "stick" in memory after it is finished, now this usage is obsolete. Currently its use is system dependant and it is mostly used to suppress deletion of the files that belong to other users in the folder where you have "write" access to.

. Numeric representation
Octal digit Binary value Meaning
0 000 setuid, setgid, sticky bits are cleared
1 001 sticky bit is set
2 010 setgid bit is set
3 011 setgid and sticky bits are set
4 100 setuid bit is set
5 101 setuid and sticky bits are set
6 110 setuid and setgid bits are set
7 111 setuid, setgid, sticky bits are set

1.SUID ->set userid (4)
suid is special permission(4) set along with existing permissions, which
allows normal user to execute command with privilege of root.

ex:- chmod 4770 /bin/cat

2.GUID ->set groupid (2)
guid is special permission(2) in set to dir by which files created
under dir gets same owner of that of dir

ex:- chmod 2770 dir1

3.STICKYBIT ->STICKYBIT (1)
stickybit is special permission(1) which stops non-owner of file from
deleting the file from a dir for which stickybit is set.

ex:- chmod 1770 /var

M1012683 M1012687 M1012692

mount -t cifs //172.22.192.214/UNIX_RELATED -o username=administrator /mnt/

Difference between softlink and hard link

1. You cannot create a hardlink for a directory.
2. If you remove the original file of a hardlink, the link will still show you the content of the file.
3. A symlink can link to a directory.
4. A symlink, like a Windows shortcut, becomes useless when you remove the original file.

Script for Find Linux Server Vaunarabilities

#!/bin/sh
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
# 03/22/05 mk - Added /etc/ssh/sshd_config and /etc/ntp.conf
# 10/17/05 mk - Added /etc/inet/ntp.conf for Solaris systems
# 05/14/08 mk - Added /etc/login.defs
# 10/31/08 dmz - changed from /bin/bash to /bin/sh
# 10/31/08 dmz - changed an awk parameter from ] to }
# 10/31/08 dmz - removed shadow & password contents from report for security
# 01/27/09 dmz - changed find parameter -depth position so it would not give errors
# 01/27/09 dmz - added chkconfig to show default startup services
# 01/27/09 dmz - added checking of /etc/shadow for password / account settings
# 01/27/09 dmz - added lsof -i -P -n and netstat -tcp -udp -listening
# 01/27/09 dmz - added chage check for account
# 07/14/09 dmz - added pam.d files and remove pw has from cat master.passwd
# - get sudoers, a few syslogs (300lines), last few to logon
# - ifconfig
# 04/07/11 mk - added output of iptables

sys=`hostname`_`date|/usr/bin/awk '{print $2}'`-`date|/usr/bin/awk '{print $3}'`
SCRIPT_START_TIME=`date`

SCRIPT_OS=`uname -s`
os_flavor=`uname -a|awk '{print $2}'`

#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
#Start the "INTRODUCTION" routine
#
echo
echo
echo " DOES NOT need to be compiled, this is a shell script."
echo " should run on ALL Unix and Linux systems."
echo " This script makes no changes to the system."
echo " WILL provide a clean view of the system's SECURITY POSTURE."
echo
echo
echo

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " C U S T O M E R S E N S I T I V E " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "Security Posture Report" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo $SCRIPT_START_TIME >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
#
echo "Searching for System Identification"
#
echo "+++++ SYSTEM Identification +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ Uname: `uname -a` " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ Hostname: `hostname` " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ Domainname: `domainname` " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ Hostid: `hostid` " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

#
#-------------------------------------------------------------------
#echo " >>>> Accountability "
#-------------------------------------------------------------------
#

#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Account and Log file Attributes"
#
echo >>$sys.rpt 2>>errors.txt
echo "++++++ ACCOUNTING & LOG FILES ATTRIBUTES +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /usr/adm/lpacct,owner daemon,group daemon, 644" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/adm/lpacct >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/adm/lpacct >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/adm/lpacct >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo "+ /usr/adm/aculog,owner uucp,group daemon, 664" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/adm/aculog >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/adm/aculog >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/adm/aculog >>$sys.rpt 2>>errors.txt
fi

#
#-------------------------------------------------------------------
#echo " >>>> Access: Identification and Authentication "
#-------------------------------------------------------------------
#

echo "+++++ IDENTIFICATION & AUTHENTICATION +++++ " >>$sys.rpt 2>>errors.txt

#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for /etc/passwd file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/PASSWD FILE LISTING:" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/passwd ]
then
cat /etc/passwd >>$sys.rpt 2>>errors.txt
else
echo "File not found" >>$sys.rpt 2>>errors.txt
fi

#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
# echo "Checking for /etc/shadow file"
#
#echo " " >>$sys.rpt 2>>errors.txt
#echo " " >>$sys.rpt 2>>errors.txt
#echo "+ /ETC/SHADOW FILE LISTING" >>$sys.rpt 2>>errors.txt
#echo " " >>$sys.rpt 2>>errors.txt
# if [ -r /etc/shadow ]
# then
# cat /etc/shadow >>$sys.rpt 2>>errors.txt
# else
# echo "File not found" >>$sys.rpt 2>>errors.txt
# fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for /.secure/etc/passwd file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /.SECURE/ETC/PASSWD FILE LISTING" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /.secure/etc/passwd ]
then
cat /.secure/etc/passwd >>$sys.rpt 2>>errors.txt
else
echo "File not found" >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for /etc/passwd.adjunct file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/PASSWD.ADJUNCT FILE LISTING" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/passwd.adjunct ]
then
cat /etc/passwd.adjunct >>$sys.rpt 2>>errors.txt
else
echo "File not found" >>$sys.rpt 2>>errors.txt
fi

#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for /etc/master.passwd file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/MASTER.PASSWD FILE LISTING:" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/master.passwd ]
then
#cat /etc/master.passwd >>$sys.rpt 2>>errors.txt
awk < /etc/master.passwd -F: '{print $1,$3,$4,$5,$6,$7,$8,$9,$10}'
else
echo "File not found" >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Users with no Passwords"
#
echo >>$sys.rpt 2>>errors.txt
echo "+++ Users with no passwords: +++ " >>$sys.rpt 2>>errors.txt

if [ -r /etc/passwd ]
then
echo " " >>$sys.rpt 2>>errors.txt
echo "+ /ETC/PASSWD" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
awk -F: '{if($2=="") print $1}' /etc/passwd >>$sys.rpt 2>>errors.txt
else
echo "/etc/passwd : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for empty shadow password parameters (note: no password hashes gathered)"
echo >>$sys.rpt 2>>errors.txt
echo "+++ Empty Shadow Password parameters: +++ " >>$sys.rpt 2>>errors.txt
if [ -r /etc/shadow ]
then
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/SHADOW" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
awk -F: '{if($2=="") print $1}' /etc/shadow >>$sys.rpt 2>>errors.txt
else
echo "/etc/shadow : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking account chage"
cat /etc/passwd|grep home|grep -v false|cut -d":" -f 1|xargs -n 1 chage -l >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
if [ -r /.secure/etc/passwd ]
then
echo " " >>$sys.rpt 2>>errors.txt
echo "+ /.SECURE/ETC/PASSWD" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
awk -F: '{if($2=="") print $1}' /.secure/etc/passwd >>$sys.rpt 2>>errors.txt
else
echo "/.secure/etc/passwd : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
if [ -r /etc/security/passwd.adjunct ]
then
echo " " >>$sys.rpt 2>>errors.txt
echo "+ /ETC/SECURITY/PASSWD.ADJUNCT" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
awk -F: '{if($2=="") print $1}' /etc/security/passwd.adjunct >>$sys.rpt 2>>errors.txt
else
echo "/etc/security/passwd.adjunct : File not found " >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

if [ -r /etc/master.passwd ]
then
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/MASTER.PASSWD" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
awk -F: '{if($2=="") print $1}' /etc/master.passwd >>$sys.rpt 2>>errors.txt
else
echo "/etc/master.passwd : File not found " >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for I&A HP-UX style"
echo >>$sys.rpt 2>>errors.txt
echo "+++ HP-UX Style User Files +++ " >>$sys.rpt 2>>errors.txt

if [ -d /tcb/files/auth ]
then
SCRIPT_USERFILES=`find /tcb/files/auth -type f -print`

for USERFILE in $SCRIPT_USERFILES
do
ls -lL $USERFILE >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls $USERFILE >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl $USERFILE >>$sys.rpt 2>>errors.txt
fi
done
fi
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Duplicate UIDS"
#
echo >>$sys.rpt 2>>errors.txt
echo "+++ DUPLICATE UIDS +++ " >>$sys.rpt 2>>errors.txt

if [ -r /etc/passwd ]
then
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/PASSWD" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
cat /etc/passwd|/usr/bin/awk -F: '{print $1, " ", $3}' \
|sort +1|uniq -d -f 1 >>$sys.rpt 2>>errors.txt
else
echo "/etc/passwd : File not found " >>$sys.rpt 2>>errors.txt
fi

if [ -r /.secure/etc/passwd ]
then
echo >>$sys.rpt 2>>errors.txt
echo "+ /.SECURE/ETC/PASSWD" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
cat /.secure/etc/passwd|/usr/bin/awk -F: '{print $1, " ", $3}' \
|sort +1|uniq -d -f 1 >>$sys.rpt 2>>errors.txt
else
echo "/.secure/etc/passwd : File not found " >>$sys.rpt 2>>errors.txt
fi

if [ -r /etc/security/passwd.adjunct ]
then
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/SECURITY/PASSWD.ADJUNCT" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
cat /etc/security/passwd.adjunct|/usr/bin/awk -F: '{print $1, " ", $3}' \
|sort +1|uniq -d -f 1 >>$sys.rpt 2>>errors.txt
else
echo "/etc/security/passwd.adjunct : File not found " >>$sys.rpt 2>>errors.txt
fi

if [ -r /etc/master.passwd ]
then
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/MASTER.PASSWD" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
cat /etc/master.passwd|/usr/bin/awk -F: '{print $1, " ", $3}' \
|sort +1|uniq -d -f 1 >>$sys.rpt 2>>errors.txt
else
echo "/etc/master.passwd : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Users with no Shells"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++ USERS WITH NO SHELLS +++ " >>$sys.rpt 2>>errors.txt

if [ -r /etc/passwd ]
then
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/PASSWD" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
awk -F: '{if ($7=="") print $1}' /etc/passwd >>$sys.rpt 2>>errors.txt
else
echo "/etc/passwd : File not found " >>$sys.rpt 2>>errors.txt
fi

if [ -r /.secure/etc/passwd ]
then
echo >>$sys.rpt 2>>errors.txt
echo "+ /.SECURE/ETC/PASSWD" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
awk -F: '{if ($7=="") print $1}' /.secure/etc/passwd >>$sys.rpt 2>>errors.txt
else
echo "/.secure/etc/passwd : File not found " >>$sys.rpt 2>>errors.txt
fi

if [ -r /etc/security/passwd.adjunct ]
then
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/SECURITY/PASSWD.ADJUNCT" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
awk -F: '{if ($7=="") print $1}' /etc/security/passwd.adjunct >>$sys.rpt 2>>errors.txt
else
echo "/etc/security/passwd.adjunct : File not found " >>$sys.rpt 2>>errors.txt
fi

if [ -r /etc/master.passwd ]
then
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/MASTER.PASSWD" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
awk -F: '{if ($7=="") print $1}' /etc/master.passwd >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/master.passwd file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Getting the /etc/default/login file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/DEFAULT/LOGIN File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /etc/default/login ] >>$sys.rpt 2>>errors.txt
then
cat /etc/default/login >>$sys.rpt 2>>errors.txt
else
echo "/etc/default/login : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Getting the /etc/default/passwd file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/DEFAULT/PASSWD File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /etc/default/passwd ]
then
cat /etc/default/passwd >>$sys.rpt 2>>errors.txt
else
echo "/etc/default/passwd: File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Getting the /etc/login.defs file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /etc/login.defs File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /etc/login.defs ]
then
cat /etc/login.defs >>$sys.rpt 2>>errors.txt
else
echo "/etc/login.defs: File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Getting the /etc/pam.d files"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /etc/pam.d File Listings +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /etc/pam.d ]
then
find /etc/pam.d/ -type f -print -exec cat {} \; >>$sys.rpt 2>>errors.txt
else
echo "/etc/pam.d: Directory not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Getting the /etc/sudoers file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /etc/sudoers File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /etc/sudoers ]
then
cat /etc/sudoers >>$sys.rpt 2>>errors.txt
else
echo "/etc/sudoers: File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Login and password settings from /etc/shadow"
echo "Login and password settings from /etc/shadow" >>$sys.rpt 2>>errors.txt
#
if [ -r /etc/shadow ]
then
awk < /etc/shadow -F: '{print "user: ",$1,"\n sp_lstchg: ",$3,"\n sp_min: ",$4,"\n sp_max: ",$5,"\n sp_warn: ",$6,"\n sp_inact: ",$7," \n sp_expire: ",$8,"\n--------------------\n" }' >>$sys.rpt 2>>errors.txt
else
echo "/etc/shadow: File not found"
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Getting the /etc/group file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/GROUP File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /etc/group ]
then
cat /etc/group >>$sys.rpt 2>>errors.txt
else
echo "/etc/group : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Duplicate Group IDs"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++ DUPLICATE GROUP IDs +++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /etc/group ]
then
cat /etc/group|/usr/bin/awk -F: '{print $1, " ", $3}' \
|sort +1|uniq -d -f 1 >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/group file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Groups with no Members "
#
echo >>$sys.rpt 2>>errors.txt
echo "+++ GROUPS WITH NO MEMBERS +++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /etc/group ]
then
/usr/bin/awk -F: '{if ($4=="") print $1}' /etc/group >>$sys.rpt 2>>errors.txt
else
echo "/etc/group : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Getting the /etc/shell file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/SHELLS File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "Standard shells:sh,csh,ksh,rcsh,rsh " >>$sys.rpt 2>>errors.txt
echo "& /bin/tcsh. Check all other shells " >>$sys.rpt 2>>errors.txt
echo "Checking the /etc/shells file" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/shells ]
then
cat /etc/shells >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/shells file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for SUN EEPROM Settings"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ Checking for SUN EEPROM Security +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
eeprom | grep security >>$sys.rpt 2>>errors.txt

echo "Checking for IRIX NVRAM Settings"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ Checking for IRIX NVRAM Security +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
nvram -v >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting Running Process Information"
#
echo >>$sys.rpt 2>>errors.txt
echo "+++++ RUNNING PROCESSES +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
ps -ef >>$sys.rpt 2>>errors.txt
ps -xafw >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting Configured Services"
#
echo >>$sys.rpt 2>>errors.txt
chkconfig –list | grep on >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting Root Environment"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ ROOT ENVIRONMENT +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
set >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
#echo " Getting Files In Root Path"
#
#echo >>$sys.rpt 2>>errors.txt
#echo "+++++ FILES IN ROOT PATH +++++ " >>$sys.rpt 2>>errors.txt
#echo >>$sys.rpt 2>>errors.txt

#-------------------------------------------------------------------
#echo " >>>> Access: Discressionary Access Controls "
#-------------------------------------------------------------------

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking the Umask "
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The UMASK should be 022, 027, or 077 +++++" >>$sys.rpt 2>>errors.txt
echo "This is the UMASK: `umask`" >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for files without user ownership (Find)"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ FILES WITHOUT USER OWNERSHIP +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "Files with no associated uid in /etc/passwd:" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
find / ! -fstype nfs -depth -nouser -print >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for files without group ownership (Find)"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ FILES WITHOUT GROUP OWNERSHIP +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "Files with no associated uid in /etc/passwd:" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
find / ! -fstype nfs -depth -nogroup -print >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking File Systems and their Capabilities"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ FILE SYSTEMS & THEIR CAPABILITIES +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
df -k >>$sys.rpt 2>>errors.txt

echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/MNTTAB File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/mnttab ]
then
cat /etc/mnttab >>$sys.rpt 2>>errors.txt
else
echo "/etc/mnttab : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo >>$sys.rpt 2>>errors.txt
echo "+++ /ETC/DEFAULT/FS File Listing +++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /etc/default/fs ]
then
cat /etc/default/fs >>$sys.rpt 2>>errors.txt
else
echo "/etc/default/fs : File not found" >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Directories that should be Mode 511 or 711"
#
echo >>$sys.rpt 2>>errors.txt
echo "++ DIRECTORIES THAT SHOULD BE MODE 511 or 711 ++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

ls -lLd /bin >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /bin >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /bin >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

ls -lLd /usr/bin >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/bin >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/bin >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

ls -lLd /usr/ucb >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/ucb >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/ucb >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

ls -lLd /lib >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /lib >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /lib >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

ls -lLd /usr/lib >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/lib >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Files that should have the Sticky bit set "
#
echo >>$sys.rpt 2>>errors.txt
echo "+++++ FILES SHOULD HAVE THE STICKY BIT SET +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " /tmp, owner root, check for the sticky bit " >>$sys.rpt 2>>errors.txt
ls -lLd /tmp >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " /usr/tmp, owner root, check for the sticky bit " >>$sys.rpt 2>>errors.txt
ls -lLd /usr/tmp >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Owner Group & Mode Attributes"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ OWNER GROUP & MODE ATTRIBUTES +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo " The /usr/spool/mail file 'BSD', mode 777:" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/spool/mail >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/spool/mail >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/mail >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " The /usr/mail file 'ATT', mode 775:" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/mail >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/mail >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/mail >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " The /usr/etc/yp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/etc/yp >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/etc/yp >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/etc/yp >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " The /var/spool/yp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /var/spool/yp >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /var/spool/yp >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /var/spool/yp >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " The /export/root, mode 700" >>$sys.rpt 2>>errors.txt
ls -lLd /export/root >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /export/root >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /export/root >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/utmp, mode 644" >>$sys.rpt 2>>errors.txt
ls -lL /etc/utmp >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/utmp >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/utmp >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/sm, mode 2755" >>$sys.rpt 2>>errors.txt
ls -lLd /etc/sm >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /etc/sm >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/sm >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/sm.bak, mode 2755" >>$sys.rpt 2>>errors.txt
ls -lLd /etc/sm.bak >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /etc/sm.bak >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/sm.bak >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/state, mode 644" >>$sys.rpt 2>>errors.txt
ls -lLd /etc/state >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /etc/state >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/state >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/motd, mode 644" >>$sys.rpt 2>>errors.txt
ls -lLd /etc/motd >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /etc/motd >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/motd >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/mtab, mode 644" >>$sys.rpt 2>>errors.txt
ls -lLd /etc/mtab >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /etc/mtab >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/mtab >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/syslog.pid, mode 644" >>$sys.rpt 2>>errors.txt
ls -lLd /etc/syslog.pid >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /etc/sm >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/sm >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking Ownerships and Permissions on UUCP Files "
#
echo >>$sys.rpt 2>>errors.txt
echo "+++++ Ownership and Permissions of UUCP Files +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo " /usr/bin/uucp, owner uucp, mode 4111" >>$sys.rpt 2>>errors.txt
ls -lL /usr/bin/uucp >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/bin/uucp >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/bin/uucp >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/bin/cu, owner bin, mode 4111" >>$sys.rpt 2>>errors.txt
ls -lL /usr/bin/cu >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/bin/cu >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/bin/cu >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/bin/uudecode, owner bin, mode 755" >>$sys.rpt 2>>errors.txt
ls -lL /usr/bin/uudecode >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/bin/uudecode >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/bin/uudecode >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/bin/uuencode, owner bin, mode 755" >>$sys.rpt 2>>errors.txt
ls -lL /usr/bin/uuencode >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/bin/uuencode >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/bin/uuencode >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/bin/uuname, owner uucp, mode 4111" >>$sys.rpt 2>>errors.txt
ls -lL /usr/bin/uuname >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/bin/uuname >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/bin/uuname >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/bin/uusend, owner bin, mode 755" >>$sys.rpt 2>>errors.txt
ls -lL /usr/bin/uusend >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/bin/uusend >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/bin/uusend >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/bin/uustat, owner uucp, mode 4111" >>$sys.rpt 2>>errors.txt
ls -lL /usr/bin/uustat >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/bin/uustat >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/bin/uustat >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/bin/uuto, owner bin, mode 755" >>$sys.rpt 2>>errors.txt
ls -lL /usr/bin/uuto >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/bin/uuto >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/bin/uuto >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/bin/uux, owner uucp, mode 4111" >>$sys.rpt 2>>errors.txt
ls -lL /usr/bin/uux >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/bin/uux >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/bin/uux >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucppublic, owner uucp, mode 777" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/spool/uucppublic >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/spool/uucppublic >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucppublic >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp, owner uucp, mode 777" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/spool/uucp >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/spool/uucp >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp, owner uucp, mode 755" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/lib/uucp >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/lib/uucp >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/L-devices, owner uucp, group daemon, mode 444" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/lib/uucp/L-devices >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/lib/uucp/L-devices >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/L-devices >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/L.sys, owner uucp, group daemon, mode 400" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/lib/uucp/L.sys >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/lib/uucp/L.sys >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/L.sys >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/L.aliases, owner uucp, group daemon, mode 640" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/lib/uucp/L.aliases >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/lib/uucp/L.aliases >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/L.aliases >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/L.cmds, owner uucp, group daemon, mode 640" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/lib/uucp/L.cmds >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/lib/uucp/L.cmds >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/L.cmds >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/SEQF, owner uucp, group daemon, mode 640" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/SEQF >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/lib/uucp/SEQF >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/SEQF >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/SQFILE owner uucp, group daemon, mode 400" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/SQFILE >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/SQFILE >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/SQFILE >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/USERFILE owner uucp, group daemon, mode 400" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/USERFILE >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/USERFILE >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/USERFILE >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/Systems owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/Systems >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/Systems >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/Systems >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uucico, owner uucp, group daemon, mode 4111" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uucico >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uucico >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uucico >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uuclean, owner uucp, group daemon, mode 4111" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uuclean >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uuclean >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uuclean >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uuxqt, owner uucp, group daemon, mode 4111" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uuxqt >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uuxqt >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uuxqt >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/Devices, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/Devices >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/Devices >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/Devices >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/Dialcodes, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/Dialcodes >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/Dialcodes >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/Dialcodes >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/Dialers, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/Dialers >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/Dialers >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/Dialers >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/L-dialcodes, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/L-dialcodes >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/L-dialcodes >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/L-dialcodes >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/L_stat, owner uucp, mode 644" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/L_stat >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/L_stat >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/L_stat >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/L_sub, owner uucp, mode 644" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/L_sub >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/L_sub >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/L_sub >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/Maxuuscheds, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/Maxuuscheds >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/Maxuuscheds >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/Maxuuscheds >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/Maxuuxqts, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/Maxuuxqts >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/Maxuuxqts >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/Maxuuxqts >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/Permissions, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/Permissions >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/Permissions >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/Permissions >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/Poll, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/Poll >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/Poll >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/Poll >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/remote.unknown, owner uucp, mode 555" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/remote.unknown >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/remote.unknown >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/remote.unknown >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uucheck, owner uucp, mode 110" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uucheck >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uucheck >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uucheck >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uucleanup, owner uucp, mode 110" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uucleanup >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uucleanup >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uucleanup >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uudemon.admin, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uudemon.admin >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uudemon.admin >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uudemon.admin >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uudemon.clean, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uudemon.clean >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uudemon.clean >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uudemon.clean >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uudemon.day, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uudemon.day >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uudemon.day >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uudemon.day >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uudemon.hour, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uudemon.hour >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uudemon.hour >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uudemon.hour >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uudemon.hr, owner uucp, mode 400" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uudemon.hr >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uudemon.hr >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uudemon.hr >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uudemon.poll, owner uucp, mode 444" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uudemon.poll >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uudemon.poll >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uudemon.poll >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uudemon.wk, owner uucp, mode 400" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uudemon.wk >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uudemon.wk >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uudemon.wk >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uulog, owner uucp, mode 555" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uulog >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uulog >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uulog >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uupick, owner uucp, mode 555" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uupick >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uupick >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uupick >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uusched, owner uucp, mode 4111" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uusched >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uusched >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uusched >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uusub, owner uucp, mode 755" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uusub >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uusub >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uusub >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/uuto, owner uucp, mode 555" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/uuto >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/uuto >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/uuto >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/Uutry, owner uucp, mode 555" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/Uutry >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/Uutry >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/Uutry >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/.XQTDIR, owner uucp, mode 755" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/.XQTDIR >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/.XQTDIR >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/.XQTDIR >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp/ERRLOG, owner uucp, group daemon, mode 644" >>$sys.rpt 2>>errors.txt
ls -lL /usr/spool/uucp/ERRLOG >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/spool/uucp/ERRLOG >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp/ERRLOG >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp/LOGFILE, owner uucp, group daemon, mode 644" >>$sys.rpt 2>>errors.txt
ls -lL /usr/spool/uucp/LOGFILE >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/spool/uucp/LOGFILE >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp/LOGFILE >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp/SYSLOG, owner uucp, group daemon, mode 644" >>$sys.rpt 2>>errors.txt
ls -lL /usr/spool/uucp/SYSLOG >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/spool/uucp/SYSLOG >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp/SYSLOG >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp/.Admin, owner uucp, mode 777" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/spool/uucp/.Admin >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/spool/uucp/.Admin >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp/.Admin >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp/.Corrupt, owner uucp, mode 777" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/spool/uucp/.Corrupt >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/spool/uucp/.Corrupt >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp/.Corrupt >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp/.Log, owner uucp, mode 777" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/spool/uucp/.Log >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/spool/uucp/.Log >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp/.Log >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp/.Old, owner uucp, mode 777" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/spool/uucp/.Old >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/spool/uucp/.Old >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp/.Old >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp/.Sequence, owner uucp, mode 777" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/spool/uucp/.Sequence >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/spool/uucp/.Sequence >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp/.Sequence >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp/.Status, owner uucp, mode 777" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/spool/uucp/.Status >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/spool/uucp/.Status >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp/.Status >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/spool/uucp/.Workspace, owner uucp, mode 777" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/spool/uucp/.Workspace >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/spool/uucp/.Workspace >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/spool/uucp/.Workspace >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking user home directories"
#
echo >>$sys.rpt 2>>errors.txt
echo " ++ HOME DIRECTORY LISTING ++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
HOMEDIRS=`ls /home`
for HOME_ENTRY in $HOMEDIRS
do
ls -l /home/$HOME_ENTRY >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /home/$HOME_ENTRY >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /home/$HOME_ENTRY >>$sys.rpt 2>>errors.txt
fi
done
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for World Writable Directories that are not linked (Find)"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " ++ WORLD WRITABLE DIRS / NOT LINKED ++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
find /usr -depth -type d -type l -perm -2 -print >>wwnldirs
find /etc -depth -type d -type l -perm -2 -print >>wwnldirs
find /bin -depth -type d -type l -perm -2 -print >>wwnldirs
find /lib -depth -type d -type l -perm -2 -print >>wwnldirs
find /sbin -depth -type d -type l -perm -2 -print >>wwnldirs
echo >>$sys.rpt 2>>errors.txt
cat wwnldirs >>$sys.rpt 2>>errors.txt
rm wwnldirs
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for World Writable files (Find)"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " +++++ WORLD WRITABLE FILES +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
find /usr -depth -type f -perm -2 -print >>casefile.lst
find /etc -depth -type f -perm -2 -print >>casefile.lst
find /bin -depth -type f -perm -2 -print >>casefile.lst
find /lib -depth -type f -perm -2 -print >>casefile.lst
find /sbin -depth -type f -perm -2 -print >>casefile.lst
echo >>$sys.rpt 2>>errors.txt
cat casefile.lst >>$sys.rpt 2>>errors.txt
rm casefile.lst
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for World Writable .cshrc. .login, and .profiles (Find)"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " ++ WORLD WRITABLE .CSHRCs, LOGINs, & .PROFILEs ++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
find / ! -fstype nfs -depth -name .cshrc -perm -2 -print >>wwstartup
find / ! -fstype nfs -depth -name .login -perm -2 -print >>wwstartup
find / ! -fstype nfs -depth -name .profile -perm -2 -print >>wwstartup
echo >>$sys.rpt 2>>errors.txt
cat wwstartup >>$sys.rpt 2>>errors.txt
rm wwstartup

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Core Dump Files (Find)"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ CORE DUMP FILES +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
find / ! -fstype nfs -depth -name core -print> core.case >>$sys.rpt 2>>errors.txt
#
#-------------------------------------------------------------------
#echo " >>>> Markings - Warning Banner "
#-------------------------------------------------------------------
#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for /etc/motd file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ /ETC/MOTD File +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "should not be world-writable" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/motd ]
then
ls -lL /etc/motd >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/motd >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/motd >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo "motd statement: " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
cat /etc/motd >>$sys.rpt 2>>errors.txt

else
echo "The file: /etc/motd file not found " >>$sys.rpt 2>>errors.txt
fi

#
#-------------------------------------------------------------------
#
echo "Checking for /etc/issue file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ /ETC/ISSUE File +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "should not be world-writable" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/issue ]
then
ls -lL /etc/issue >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/issue >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/issue >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt
echo "issue statement: " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
cat /etc/issue >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/issue file not found " >>$sys.rpt 2>>errors.txt
fi

#
#-------------------------------------------------------------------
#echo " >>>> Least Privilege "
#-------------------------------------------------------------------
#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Users that know the Root Password"
#
echo " " >>$sys.rpt 2>>errors.txt
echo "+++++ USERs WHO KNOW THE ROOT PASSWORD +++++ " >>$sys.rpt 2>>errors.txt
echo " AND " >>$sys.rpt 2>>errors.txt
echo "+++++ USERs WHO KNOW OTHER USERs PASSWORDS +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /usr/adm/sulog ]
then
tail -30 /usr/adm/sulog >>$sys.rpt 2>>errors.txt
else
echo "The file: /usr/adm/sulog file not found " >>$sys.rpt 2>>errors.txt
fi
if [ -r /var/adm/sulog ]
then
tail -30 /var/adm/sulog >>$sys.rpt 2>>errors.txt
else
echo "The file: /var/adm/sulog file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Getting the default SU settings"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/DEFAULT/SU File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/default/su ]
then
cat /etc/default/su >>$sys.rpt 2>>errors.txt
else
echo " /etc/default/su : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Users with a UID of 0 "
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " +++++ USERs WITH A UID=0 'ROOT' +++++ " >>$sys.rpt 2>>errors.txt
echo "Checking the /etc/passwd file" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/passwd ]
then
awk -F: '{if($3=="0") print $1}' /etc/passwd >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/passwd file not found " >>$sys.rpt 2>>errors.txt
fi

echo "Checking the /.secure/etc/passwd file" >>$sys.rpt 2>>errors.txt
if [ -r /.secure/etc/passwd ]
then
echo "/.secure/etc/passwd:" >>$sys.rpt 2>>errors.txt
awk -F: '{if($3=="0") print $1}' /.secure/etc/passwd >>$sys.rpt 2>>errors.txt
else
echo "The file: /.secure/etc/passwd file not found " >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo "Checking the /etc/security/passwd.adjunct file" >>$sys.rpt 2>>errors.txt
if [ -r /etc/security/passwd.adjunct ]
then
awk -F: '{if($3=="0") print $1}' /etc/security/passwd.adjunct >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/security/passwd.adjunct file not found ">>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo "Checking the /etc/master.passwd file" >>$sys.rpt 2>>errors.txt
if [ -r /etc/master.passwd ]
then
awk -F: '{if($3=="0") print $1}' /etc/master.passwd >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/master.passwd file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Root SUID Files (FIND)"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ ROOT SUID FILES +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
find / ! -fstype nfs -user root -perm -4000 -print > rootsuid.case
cat rootsuid.case >>$sys.rpt 2>>errors.txt
rm rootsuid.case
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Root SGID Files (FIND)"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ ROOT SGID FILES +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
find / ! -fstype nfs -user root -perm -2000 -print > rootsgid.case
cat rootsgid.case >>$sys.rpt 2>>errors.txt
rm rootsgid.case
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for files that should not be suid"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ FILES THAT SHOULD NOT BE 'SUID' +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
ls -lL /etc/restore >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/restore >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/restore >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
ls -lL /usr/etc/restore >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/etc/restore >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/etc/restore >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Directories that should be Owned by Root"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ ROOT SHOULD OWN THESE DIRECTORIES +++++ " >>$sys.rpt 2>>errors.txt
echo " /etc, /bin, /dev, and /usr/etc owner root:" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
ls -lLd /etc >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
ls -lLd /bin >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
ls -lLd /dev >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
ls -lLd /usr/etc >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for files that should be Owned by Root"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ ROOT SHOULD OWN THESE FILES +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo " /usr/adm/acct, owner root, group system, mode 644" >>$sys.rpt 2>>errors.txt
ls -lLd /usr/adm/acct >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/adm/account >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/adm/account >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/adm/wtmp, owner root, group system, mode 644" >>$sys.rpt 2>>errors.txt
ls -lL /usr/adm/wtmp >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/adm/wtmp >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/adm/wtmp >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/adm/messages, owner root, group system, mode 664" >>$sys.rpt 2>>errors.txt
ls -lL /usr/adm/messages >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/adm/messages >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/adm/messages >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/adm shutdownlog, owner root, group system, mode 664" >>$sys.rpt 2>>errors.txt
ls -lL /usr/adm/shutdownlog >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/adm/shutdownlog >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/adm/shutdownlog >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/adm/timed.log, owner root, group system, mode 644" >>$sys.rpt 2>>errors.txt
ls -lL /usr/adm/timed.log >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/adm/timed.log >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/adm/timed.log >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/adm/gatelog, owner root, group system, mode 644" >>$sys.rpt 2>>errors.txt
ls -lL /usr/adm/gatelog >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/adm/gatelog >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/adm/gatelog >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /usr/lib/uucp/acucntrl, owner root, group daemon, ---s--x---" >>$sys.rpt 2>>errors.txt
ls -lL /usr/lib/uucp/acucntrl >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/lib/uucp/acucntrl >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/uucp/acucntrl >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /dev/kmem, owner root, group kmem, mode 640 " >>$sys.rpt 2>>errors.txt
ls -lL /dev/kmem >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /dev/kmem >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /dev/kmem >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /dev/mem, owner root, group mem, mode 640 " >>$sys.rpt 2>>errors.txt
ls -lL /dev/mem >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /dev/mem >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /dev/mem >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/hosts.equiv, owner root, mode 600 " >>$sys.rpt 2>>errors.txt
ls -lL /etc/hosts.equiv >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/hosts.equiv >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/hosts.equiv >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/exports, owner root, mode 644 " >>$sys.rpt 2>>errors.txt
ls -lL /etc/exports >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/exports >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/exports >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/hosts.lpd, owner root, mode 600 " >>$sys.rpt 2>>errors.txt
ls -lL /etc/hosts.lpd >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/hosts.lpd >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/hosts.lpd >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /etc/services, owner root, mode 644 " >>$sys.rpt 2>>errors.txt
ls -lL /etc/services >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/services >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/services >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " The /etc/passwd file, owner root, group daemon, mode 644:" >>$sys.rpt 2>>errors.txt
ls -lL /etc/passwd >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/passwd >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/passwd >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

#echo " The /etc/shadow file, owner root, group daemon, mode 600:" >>$sys.rpt 2>>errors.txt
#ls -lL /etc/shadow >>$sys.rpt 2>>errors.txt
#if [ $SCRIPT_OS = "IRIX" ]
#then
#eagls /etc/shadow >>$sys.rpt 2>>errors.txt
#fi
#if [ $SCRIPT_OS = "HP-UX" ]
#then
#lsacl /etc/shadow >>$sys.rpt 2>>errors.txt
#fi
#echo >>$sys.rpt 2>>errors.txt

echo " The /etc/group file, owner root, group daemon, mode 644:" >>$sys.rpt 2>>errors.txt
ls -lL /etc/group >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/group >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/group >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " The /bin/passwd file, owner root, mode -rwsr-xr-x:" >>$sys.rpt 2>>errors.txt
ls -lL /bin/passwd >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /bin/passwd >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /bin/passwd >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " /dev/printer file, owner root:" >>$sys.rpt 2>>errors.txt
ls -lL /dev/printer >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /dev/printer >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /dev/printer >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking LIB File Permissions"
#
echo >>$sys.rpt 2>>errors.txt
echo "+ /USR/LIB File Permissions + " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
SCRIPT_LIB=`ls /usr/lib`
for LIB_ENTRY in $SCRIPT_LIB
do
ls -ld /usr/lib/$LIB_ENTRY >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls -d /usr/lib/$LIB_ENTRY >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/lib/$LIB_ENTRY >>$sys.rpt 2>>errors.txt
fi
done

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking MAN File Permissions"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /USR/MAN Files with permissive modes + " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

find /usr/man $ -depth -perm -2 -o -perm -20 -o -perm -200 -o -perm -1 -o -perm -10 -o -perm -100 -o -perm -4000 -o -perm -2000 -o -perm -1000 $ -type f -print -exec ls -lL {} \; >>$sys.rpt 2>>errors.txt

find /usr/share/man $ -depth -perm -2 -o -perm -20 -o -perm -200 -o -perm -1 -o -perm -10 -o -perm -100 -o -perm -4000 -o -perm -2000 -o -perm -1000 $ -type f -print -exec ls -lL {} \; >>$sys.rpt 2>>errors.txt

find /usr/share/catman $ -depth -perm -2 -o -perm -20 -o -perm -200 -o -perm -1 -o -perm -10 -o -perm -100 -o -perm -4000 -o -perm -2000 -o -perm -1000 $ -type f -print -exec ls -lL {} \; >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking CRON settings"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/CRON.D/CRON.DENY Permissions +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/cron.d/cron.deny ]
then
ls -lL /etc/cron.d/cron.deny >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/cron.d/cron.deny >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/cron.d/cron.deny >>$sys.rpt 2>>errors.txt
fi
else
echo "/etc/cron.d/cron.deny : File not found" >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/CRON.D/CRON.DENY listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/cron.d/cron.deny ]
then
cat /etc/cron.d/cron.deny >>$sys.rpt 2>>errors.txt
else
echo "/etc/cron.d/cron.deny : File not found" >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/CRON.D/CRON.ALLOW Permissions +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/cron.d/cron.allow ]
then
ls -lL /etc/cron.d/cron.allow >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/cron.d/cron.allow >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/cron.d/cron.allow >>$sys.rpt 2>>errors.txt
fi
else
echo "/etc/cron.d/cron.allow : File not found" >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/CRON.D/CRON.ALLOW listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/cron.d/cron.allow ]
then
cat /etc/cron.d/cron.allow >>$sys.rpt 2>>errors.txt
else
echo "/etc/cron.d/cron.allow : File not found" >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/CRON.D/AT.DENY Permissions +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/cron.d/at.deny ]
then
ls -lL /etc/cron.d/at.deny >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/cron.d/at.deny >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/cron.d/at.deny >>$sys.rpt 2>>errors.txt
fi
else
echo "/etc/cron.d/at.deny : File not found" >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/CRON.D/AT.DENY listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/cron.d/at.deny ]
then
cat /etc/cron.d/at.deny >>$sys.rpt 2>>errors.txt
else
echo "/etc/cron.d/at.deny : File not found" >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/CRON.D/AT.ALLOW Permissions +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/cron.d/at.allow ]
then
ls -lL /etc/cron.d/at.allow >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/cron.d/at.allow >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/cron.d/at.allow >>$sys.rpt 2>>errors.txt
fi
else
echo "/etc/cron.d/at.allow : File not found" >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/CRON.D/AT.ALLOW listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/cron.d/at.allow ]
then
cat /etc/cron.d/at.allow >>$sys.rpt 2>>errors.txt
else
echo "/etc/cron.d/at.allow : File not found" >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/CRON.D/LOGCHECKER Permissions +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/cron.d/logchecker ]
then
ls -lL /etc/cron.d/logchecker >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/cron.d/logchecker >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/cron.d/logchecker >>$sys.rpt 2>>errors.txt
fi
else
echo "/etc/cron.d/ logchecker : File not found" >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/CRON.D/LOGCHECKER Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/cron.d/logchecker ]
then
cat /etc/cron.d/logchecker >>$sys.rpt 2>>errors.txt
else
echo "/etc/cron.d/ logchecker : File not found" >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking /etc/profile settings"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+ /ETC/PROFILE listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/profile ]
then
cat /etc/profile >>$sys.rpt 2>>errors.txt
else
echo "/etc/profile: File not found" >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for files that are Writable by Root Only"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ FILES WRITABLE BY ROOT ONLY +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo " The /etc/profile file, writable by root only" >>$sys.rpt 2>>errors.txt
ls -lL /etc/profile >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/profile >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/profile >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " The /etc/environment file, writable by root only" >>$sys.rpt 2>>errors.txt
ls -lL /etc/environment >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/environment >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/environmnent >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " The /etc/csh.cshrc file, writable by root only" >>$sys.rpt 2>>errors.txt
ls -lL /etc/csh.cshrc >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/csh.cshrc >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/csh.cshrc >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " The /etc/csh.login file, writable by root only" >>$sys.rpt 2>>errors.txt
ls -lL /etc/csh.login >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/csh.login >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/csh.login >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " The /etc/group file, writable by root only" >>$sys.rpt 2>>errors.txt
ls -lL /etc/group >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/group >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/group >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

#
#-------------------------------------------------------------------
#echo " >>>> Data Continuity "
#-------------------------------------------------------------------
#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "O/S version and installed patches "
#
echo >>$sys.rpt 2>>errors.txt

echo "O/S version and installed patches " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

# SUN
showrev -p >>$sys.rpt 2>>errors.txt

# HP-UX
if [ $SCRIPT_OS = "HP-UX" ]
then
swlist -l fileset >>$sys.rpt 2>>errors.txt
fi

# Linux
rpm -qa >>$sys.rpt 2>>errors.txt

# Debian Linux (added June 14, 2007 by MK)
# if [ $SCRIPT_OS = "Linux" ] and [ $os_flavor = "debian" ]
# then
dpkg -l >>$sys.rpt 2>>errors.txt
# fi

# IRIX
versions >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo "Software versions" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
/bin/pkginfo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

#
#-------------------------------------------------------------------
#echo " >>>> AUDIT Checking "
#-------------------------------------------------------------------
#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Getting the /etc/syslog.conf file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/SYSLOG.CONF File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/syslog.conf ]
then
cat /etc/syslog.conf >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/syslog.conf file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for Audit log files "
#
# looking for lastlog, loginlog, utmp, wtmp
# aculog, sulog, xferlog
# messages
# acct, pacct
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ Audit Log Listings +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo " Audit log files located in /usr/adm " >>$sys.rpt 2>>errors.txt
SCRIPT_LOGS=`ls /usr/adm`
for LOG_FILE in $SCRIPT_LOGS
do
ls -lL /usr/adm/$LOG_FILE >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/adm/$LOG_FILE >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/adm/$LOG_FILE >>$sys.rpt 2>>errors.txt
fi
done
echo >>$sys.rpt 2>>errors.txt

echo " Audit log files located in /var/adm " >>$sys.rpt 2>>errors.txt
SCRIPT_LOGS=`ls /var/adm`
for LOG_FILE in $SCRIPT_LOGS
do
ls -lL /var/adm/$LOG_FILE >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /var/adm/$LOG_FILE >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /var/adm/$LOG_FILE >>$sys.rpt 2>>errors.txt
fi
done
echo >>$sys.rpt 2>>errors.txt

echo " Audit log files located in /var/log " >>$sys.rpt 2>>errors.txt
SCRIPT_LOGS=`ls /var/log`
for LOG_FILE in $SCRIPT_LOGS
do
ls -lL /var/log/$LOG_FILE >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /var/log/$LOG_FILE >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /var/log/$LOG_FILE >>$sys.rpt 2>>errors.txt
fi
done
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Sample system logs"
#
echo " " >>$sys.rpt 2>>errors.txt
echo "+++++ Sample system logs +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /var/log/syslog ]
then
tail -300 /var/log/syslog >>$sys.rpt 2>>errors.txt
else
echo "The file: /var/log/syslog file not found " >>$sys.rpt 2>>errors.txt
fi
if [ -r /var/log/messages ]
then
tail -300 /var/log/messages >>$sys.rpt 2>>errors.txt
else
echo "The file: /var/log/messages file not found " >>$sys.rpt 2>>errors.txt
fi
if [ -r /var/log/auth.log ]
then
tail -300 /var/log/auth.log >>$sys.rpt 2>>errors.txt
else
echo "The file: /var/log/auth.log file not found " >>$sys.rpt 2>>errors.txt
fi

# need to verify auditing is occuring
#
echo >>$sys.rpt 2>>errors.txt
echo " Tail - 100 of messages log file " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
tail -100 /var/adm/messages >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " Tail - 100 of SYSLOG log file " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
tail -100 /var/adm/SYSLOG >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " Tail - 100 of syslog log file " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
tail -100 /var/adm/syslog >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

#
# looking for access_log that records all http transactions
#

echo " Audit log file for HTTP " >>$sys.rpt 2>>errors.txt
ls -lL /usr/local/etc/http/log >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/local/etc/http/log >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/local/etc/http/log >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt

echo " Audit Events " >>$sys.rpt 2>>errors.txt
cat /etc/security/audit_event >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo " Audit Class " >>$sys.rpt 2>>errors.txt
cat /etc/security/audit_class >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo " Audit Control " >>$sys.rpt 2>>errors.txt
cat /etc/security/audit_control >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo " Audit User " >>$sys.rpt 2>>errors.txt
cat /etc/security/audit_user >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo " Audit Warnings " >>$sys.rpt 2>>errors.txt
cat /etc/security/audit_warn >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

echo " AuditConfig - getcond " >>$sys.rpt 2>>errors.txt
auditconfig -getcond >>$sys.rpt 2>>$sys.rpt
echo >>$sys.rpt 2>>errors.txt

echo " AuditConfig - chkconf " >>$sys.rpt 2>>errors.txt
auditconfig -chkconf >>$sys.rpt 2>>$sys.rpt
echo >>$sys.rpt 2>>errors.txt

#
#-------------------------------------------------------------------
#echo " >>>> Data Integrity "
#-------------------------------------------------------------------
#
# put test for tripwire here
#
#-------------------------------------------------------------------
#echo " >>>> C2 Option "
#-------------------------------------------------------------------

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking for C2 Files"

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ Checking for C2 Files +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

ls -lLa /etc/security >>$sys.rpt 2>>errors.txt

#ls -lLg /usr/etc/C2conv >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/etc/C2unconv >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/lib/C2convert >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/etc/audit >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/etc/praudit >>$sys.rpt 2>>errors.txt
##ls -lLg /usr/etc/rpc.pedauthd >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/etc/audit-warm >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/etc/auditd >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/include/grpadj.h >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/include/pwdadj.h >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/include/auevents.h >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/include/sys/audit.h >>$sys.rpt 2>>errors.txt
#ls -lLg /usr/include/sys/label.h >>$sys.rpt 2>>errors.txt
#
#-------------------------------------------------------------------
#echo " >>>> Networking "
#-------------------------------------------------------------------
#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking Networking"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " ++ Networking ++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
arp `hostname` >>$sys.rpt 2>>errors.txt
#
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Checking for .exrc, & .netrc files (Find)"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ EXRC & NETRC Files +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo ".netrc files found:" >>$sys.rpt 2>>errors.txt
find / ! -fstype nfs -depth -name .netrc -print >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo ".exrc files found:" >>$sys.rpt 2>>errors.txt
find / ! -fstype nfs -depth -name .exrc -print >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting the network config"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ Network Config +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
/sbin/ifconfig -a >>$sys.rpt 2>>errors.txt
/bin/netstat -rn >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting iptables firewall configuration"
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
/sbin/iptables -n -L >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting the /etc/protocols file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/PROTOCOLS File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/protocols ]
then
cat /etc/protocols >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/protocols file not found " >>$sys.rpt 2>>errors.txt
fi
#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting the /etc/services file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The Internet Services Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/services ]
then
echo "-- Running Services-- " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
# SUN
/bin/netstat -a >>$sys.rpt 2>>errors.txt
# IRIX
/usr/etc/netstat -a >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "-- Contents of /etc/services --" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
cat /etc/services >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/services file not found " >>$sys.rpt 2>>errors.txt
fi
echo " Performing lsof & other service checks"
echo " Performing lsof & other service checks" >>$sys.rpt 2>>errors.txt
if [ -x /usr/bin/lsof ]
then
lsof -i -P -n >>$sys.rpt 2>>errors.txt
netstat –tcp –udp –listening >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting the /etc/inetd.conf file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/INETD.CONF File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/inetd.conf ]
then
cat /etc/inetd.conf >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/inetd.conf file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting the /etc/default/inetinit file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/DEFAULT/INETINIT File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/default/inetinit ]
then
cat /etc/default/inetinit >>$sys.rpt 2>>errors.txt
else
echo "/etc/default/inetinit : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting the /etc/host.equiv file"
#
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/HOSTS.EQUIV File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/hosts.equiv ]
then
cat /etc/hosts.equiv >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/hosts.equiv file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting the /.rhosts file"
#
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /.RHOSTS File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo " should not contain: " >>$sys.rpt 2>>errors.txt
echo " a lone + or ++ " >>$sys.rpt 2>>errors.txt
echo " first char is not a minus sign (-) " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /.rhosts ]
then
cat /.rhosts >>$sys.rpt 2>>errors.txt
else
echo "The file: /.rhosts file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting the /etc/ftpusers file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/FTPUSERS File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "The /etc/ftpusers file, entries are denied ftp " >>$sys.rpt 2>>errors.txt
echo "root, nobody, bin, daemon, news, sync, sys, uucp" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/ftpusers ]
then
cat /etc/ftpusers >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/ftpusers file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting the /etc/ssh/sshd_config file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /etc/ssh/sshd_config File Listing +++++ ">>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "The /etc/ssh/sshd_config file detail the config " >>$sys.rpt 2>>errors.txt
echo "of the ssh server - Look for only protocol 2 " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/ssh/sshd_config ]
then
cat /etc/ssh/sshd_config >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/ssh/sshd_config file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Getting the /etc/ntp.conf file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /etc/ntp.conf File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "The /etc/ntp.conf file configures NTPD" >>$sys.rpt 2>>errors.txt
echo "Look for restrictions" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/ntp.conf ]
then
cat /etc/ntp.conf >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/ntp.conf file not found " >>$sys.rpt 2>>errors.txt
fi

if [ -r /etc/inet/ntp.conf ]
then
cat /etc/inet/ntp.conf >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/inet/ntp.conf file not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Checking TCP_WRAPPERS configuration"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ TCP Wrappers +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /usr/sbin/tcpd ]
then
ls -lL /usr/sbin/tcpd >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/sbin/tcpd >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/sbin/tcpd >>$sys.rpt 2>>errors.txt
fi
else
echo "The file: /usr/sbin/tcpd not found " >>$sys.rpt 2>>errors.txt
fi

if [ -r /etc/hosts ]
then
echo >>$sys.rpt 2>>errors.txt
ls -lL /etc/hosts >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
cat /etc/hosts >>$sys.rpt 2>>errors.txt
else
echo >>$sys.rpt 2>>errors.txt
echo "The file: /etc/hosts not found " >>$sys.rpt 2>>errors.txt
fi

if [ -r /etc/hosts.allow ]
then
echo >>$sys.rpt 2>>errors.txt
ls -lL /etc/hosts.allow >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/hosts.allow >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/hosts.allow >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt
cat /etc/hosts.allow >>$sys.rpt 2>>errors.txt
else
echo >>$sys.rpt 2>>errors.txt
echo "The file: /etc/hosts.allow not found " >>$sys.rpt 2>>errors.txt
fi

if [ -r /etc/hosts.deny ]
then
echo >>$sys.rpt 2>>errors.txt
ls -lL /etc/hosts.deny >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /etc/hosts.deny >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /etc/hosts.deny >>$sys.rpt 2>>errors.txt
fi
echo >>$sys.rpt 2>>errors.txt
cat /etc/hosts.deny >>$sys.rpt 2>>errors.txt
else
echo >>$sys.rpt 2>>errors.txt
echo "The file: /etc/hosts.deny not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Checking hosts.lpd "
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /etc/hosts.lpd file listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/hosts.lpd ]
then
cat /etc/hosts.lpd >>$sys.rpt 2>>errors.txt
else
echo "/etc/hosts.lpd : File not found" >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " X-Windows & Getting the /etc/X*.hosts file"
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ X - Windows +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -x /usr/openwin/bin/xhost ]
then
/usr/openwin/bin/xhost >>$sys.rpt 2>>errors.txt
fi
if [ -x /usr/bin/X11/xhost ]
then
/usr/bin/X11/xhost >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/X*.hosts Files +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
ls -lL /etc/X*.hosts >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " RPC & Getting the rpcinfo results "
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ Remote Procedure Calls (RPC) +++++ " >>$sys.rpt 2>>errors.txt
echo " Look for rexd & ypupdated These allow remote users to" >>$sys.rpt 2>>errors.txt
echo " execute commands" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
rpcinfo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " NFS & Getting the /etc/exports file"
#
echo >>$sys.rpt 2>>errors.txt
echo "+++++ List of all File systems that are exported" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
showmount -e >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/EXPORTS File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/exports ]
then
cat /etc/exports >>$sys.rpt 2>>errors.txt
else
echo "The file: /etc/exports file not found " >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo "+++++ The /ETC/DFS/DFSTAB File Listing +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/dfs/dfstab ]
then
cat /etc/dfs/dfstab >>$sys.rpt 2>>errors.txt
else
echo "/etc/dfs/dfstab : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Checking Sendmail "
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ Checking Send mail for unwanted commands +++++" >>$sys.rpt 2>>errors.txt
echo " cmds : wiz, debug, kill " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
telnet localhost 25 >>tempfile 2>>temp2file <<-EOF
wiz
debug
kill
quit
EOF
cat tempfile >>$sys.rpt 2>>errors.txt
cat temp2file >>$sys.rpt 2>>errors.txt
rm tempfile
rm temp2file
echo >>$sys.rpt 2>>errors.txt

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo "+++++ /ETC/MAIL/SENDMAIL.CF File Listing +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
if [ -r /etc/mail/sendmail.cf ]
then
cat /etc/mail/sendmail.cf >>$sys.rpt 2>>errors.txt
else
echo "/etc/mail/sendmail: File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Last few logged on"
#
echo " " >>$sys.rpt 2>>errors.txt
echo "+++++ Last to logon +++++ " >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
last >>$sys.rpt 2>>errors.txt

#
#-------------------------------------------------------------------
#echo " >>>> ASET "
#-------------------------------------------------------------------
#

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "Checking ASET settings"
#

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Checking asetenv"

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " +++++ /USR/ASET/ASETENV PERMISSIONS +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /usr/aset/asetenv ]
then
ls -lL /usr/aset/asetenv >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/aset/asetenv >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/aset/asetenv >>$sys.rpt 2>>errors.txt
fi
else
echo "/usr/aset/asetenv : File not found" >>$sys.rpt 2>>errors.txt
fi

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " +++++ /USR/ASET/ASETENV FILE LISTING +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /usr/aset/asetenv ]
then
cat /usr/aset/asetenv >>$sys.rpt 2>>errors.txt
else
echo "/usr/aset/asetenv : File not found" >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo " Checking userlist"

echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " +++++ /USR/ASET/USERLIST FILE LISTING +++++" >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt

if [ -r /usr/aset/userlist ]
then
ls -lL /usr/aset/userlist >>$sys.rpt 2>>errors.txt
if [ $SCRIPT_OS = "IRIX" ]
then
eagls /usr/aset/userlist >>$sys.rpt 2>>errors.txt
fi
if [ $SCRIPT_OS = "HP-UX" ]
then
lsacl /usr/aset/userlist >>$sys.rpt 2>>errors.txt
fi
else
echo "/usr/aset/userlist : File not found " >>$sys.rpt 2>>errors.txt
fi

#* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
#
echo "NORMAL END OF JOB "
#
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " +++++ NORMAL END OF JOB +++++ " >>$sys.rpt 2>>errors.txt
SCRIPT_END_TIME=`date`
echo $SCRIPT_END_TIME >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo >>$sys.rpt 2>>errors.txt
echo " C U S T O M E R S E N S I T I V E " >>$sys.rpt 2>>errors.txt
rm errors.txt
rm core.case

# Remove SCRIPT from the system
if [ -r unix-script ]
then
rm unix-script
fi
if [ -r UNIX-SCRIPT ]
then
rm UNIX-SCRIPT
fi
exit 0

Tech blog

My Pages

Saturday, January 25, 2014

OPEN SSH

TCP WRAPPERS

SAMBA SERVER + LINUX

FTP SERVER configuration

NFS MOUNTING

NIS server Configuration + Linux

Friday, January 24, 2014

Commonly Used Worksoft Functions

Command to clear 15 days old data or files + LInux

SVN RPMS

COMMAND TO CHECK MEMORY CPU USAGE + LInux

Things to check system performace

Hyperic Server Installation on Linux

Repository Migration from CVS to SVN

Commands to scan LUN and assign file system on Linux

Command to Export Proxy Linux

HPACUCLI commands In Linux

Load Balancing Using Apache and Mod_jk

Set up Disk Quota On LInux

SFTP Server + JailKit on Linux

Linux Administarator Interview Questions

Script for Find Linux Server Vaunarabilities