Granting su rights to users? Using PAM and Kerberos...

Daniel B. Thurman dant at cdkkt.com
Tue Nov 22 19:08:08 UTC 2005 

>-----Original Message-----
>From: fedora-list-bounces at redhat.com
>[mailto:fedora-list-bounces at redhat.com]On Behalf Of Tony Nelson
>Sent: Tuesday, November 22, 2005 10:01 AM
>To: fedora-list at redhat.com
>Subject: Re: Granting su rights to users? Using PAM and Kerberos...
>
>
>At 3:46 PM +0000 11/22/05, Andy Green wrote:
>>Content-Type: multipart/signed; 
>protocol="application/x-pkcs7-signature";
>>	micalg=sha1; boundary="------------ms080409080102040309020104"
>>
>>
>>> Super!  But... what about files you have NO IDEA which
>>> are properly set in the filesystems...  that seems to
>>> be a nightmare?  I wonder if anyone has a filesystem
>>> checker in cases that they get changed by mistake?
>>>
>>> Thanks for your suggestions tho!
>>
>>What else would such a "checker" have to check against but 
>the RPM database?
>>
>>for i in `rpm -qa --queryformat "%{NAME} "` ; do rpm -q -V $i ; done
> ...
>
>Or just:
>
>    # rpm -Va
>____________________________________________________________________
>TonyN.:'                       <mailto:tonynelson at georgeanelson.com>
>      '                              <http://www.georgeanelson.com/>
>


Thanks for all who responded with your suggestions!

Since google had some who asked the same question, when
accidently chmod/chown with the dreaded -R argument, I
have provided a script that will verify your files
against the rpm package but since it is a very simple
script, please use at your own risk!

Kind regards,
Dan

============================================================

#!/bin/bash

# ======================================================
# Checks permission/ownership changes by comparing
# package against the modified file in question
# ======================================================

if [ $# -gt 0 ]; then
  # If argument supplied, use the file created by output of 'rpm -Va'
  list=`cat $* | egrep -e "^.M......." | sed -e "s/.* \(.*\)$/\1/"`
else
  # If no argument supplied, do self-generated rpm verify
  list=`rpm -Va | egrep -e "^.M......." | sed -e "s/.* \(.*\)$/\1/"`
fi

for item in $list ; do
  base=`basename $item 2>/dev/null`
  if [ -z "$base" ]; then continue; fi
  file=`which $base 2>/dev/null`
  if [ -z "$file" ]; then continue; fi
  pack=`rpm -q --whatprovides $file 2>/dev/null`
  if [ -z "$pack" ]; then continue; fi
  echo '========================================================'
  echo ' <f> '$base' ==> <p> Package: '$pack
  echo '========================================================'
  prog="rpm -qlv $pack | egrep -e \"${file}\""
  rfp=`eval $prog`
  echo ' <p>: '`eval $prog`
  echo ' <f>: '`ls -l $file`
done

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.13.5/177 - Release Date: 11/21/2005

More information about the users mailing list