file premission checking

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

file premission checking

From:	Robertson, Richard J.
Subject:	file premission checking
Date:	Wed, 22 Jan 2003 13:24:48 +0100

I wish to find files and directories on local filesystems with the set uid,
set gid bit set.

I have been trying...

file::
   any:
       / m=ug-s r=inf ignore=/apps ignore=/local ignore=/nfs action=warnall

The output (snippet below) is listing directories with permissions 754 as
well as the expected warnings.

Does anyone know why this is or a better way of acheiving the same result
(only info on suid, sgid files and directories) ?

Regards,
Richard.

cfengine:ris-u-w071: /var/sadm/patch/108975-05 has permission 754
cfengine:ris-u-w071: [should be 755]
cfengine:ris-u-w071: /var/sadm/patch/109238-02 has permission 754
cfengine:ris-u-w071: [should be 755]
cfengine:ris-u-w071: /var/sadm/patch/108993-05 has permission 754
cfengine:ris-u-w071: [should be 755]
cfengine:ris-u-w071: /var/sadm/patch/112138-01 has permission 754
cfengine:ris-u-w071: [should be 755]
cfengine:ris-u-w071: /var/sadm/patch/109318-21 has permission 754
cfengine:ris-u-w071: [should be 755]
cfengine:ris-u-w071: /var/sadm/patch/108997-03 has permission 754
cfengine:ris-u-w071: [should be 755]
cfengine:ris-u-w071: /var/sadm/patch/109007-06 has permission 754
cfengine:ris-u-w071: [should be 755]
cfengine:ris-u-w071: /var/sadm/patch/108576-31 has permission 754
cfengine:ris-u-w071: [should be 755]
cfengine:ris-u-w071: /var/sadm/patch/108606-27 has permission 754
cfengine:ris-u-w071: [should be 755]
cfengine:ris-u-w071: /var/spool/calendar has permission 3775
cfengine:ris-u-w071: [should be 1775]
cfengine:ris-u-w071: WARNING setuid (root) flag on /usr/lib/fs/ufs/quota...

cfengine:ris-u-w071: /usr/lib/fs/ufs/quota has permission 4555
cfengine:ris-u-w071: [should be 555]
cfengine:ris-u-w071: WARNING setuid (root) flag on
/usr/lib/fs/ufs/ufsdump...

cfengine:ris-u-w071: /usr/lib/fs/ufs/ufsdump has permission 4555
cfengine:ris-u-w071: [should be 555]
cfengine:ris-u-w071: WARNING setuid (root) flag on
/usr/lib/fs/ufs/ufsrestore...

cfengine:ris-u-w071: /usr/lib/fs/ufs/ufsrestore has permission 4555
cfengine:ris-u-w071: [should be 555]
cfengine:ris-u-w071: WARNING setuid (root) flag on /usr/lib/pt_chmod...

cfengine:ris-u-w071: /usr/lib/pt_chmod has permission 4111
cfengine:ris-u-w071: [should be 111]
cfengine:ris-u-w071: WARNING setuid (root) flag on /usr/lib/utmp_update...

cfengine:ris-u-w071: /usr/lib/utmp_update has permission 4555
cfengine:ris-u-w071: [should be 555]
cfengine:ris-u-w071: WARNING setuid (root) flag on /usr/lib/lp/bin/netpr...

cfengine:ris-u-w071: /usr/lib/lp/bin/netpr has permission 4511
cfengine:ris-u-w071: [should be 511]
cfengine:ris-u-w071: WARNING setuid (root) flag on /usr/lib/sendmail...

[Prev in Thread]

Current Thread

[Next in Thread]

file premission checking, Robertson, Richard J. <=

Prev by Date: Re: defining vars based on groups
Next by Date: cfengine validation
Previous by thread: defining vars based on groups
Next by thread: passing all vars to module or shellcommand
Index(es):
- Date
- Thread