Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Users are stored in /etc/passwd which is a colon delimited file. (Typing "man 5 passwd" will give you documentation about this file.) The first field is the user name.
You can get the information you requested by running "id <user name>" for any give user e.g.
id root
To get it for all users you can run a for loop:
for user in $(awk -F: '{print $1}' /etc/passwd); do id $user; done
That says to use colon as field delimiter for awk command then print first field from /etc/passwd and for each first field found run the id command on it.
You can get more details on "id" command and "awk" by typing "man id" and "man awk" respectively.
The d is directory. First 3 characters after that are permissions for owner. Next 3 are permissions for group and the last 3 are permissions for everyone else. rwx = full permissions to read/write/execute (or access when talking about directories). r-x = read and execute but don't allow write. After permissions is number of links then owner (root) then group (root).
Typing "man chmod" and "man chown" will give you more information on mode (permissions) and owner/group settings. Typing "man ls" will give you more information on the ls command.
Would tell CentOS (or any yum based distro) to search its repositories for the file tree which would in turn show you which package includes that file.
On my CentOS 5 tree is already installed and is part the "tree" package so "yum install tree" ought to install it for you.
Adding a package may be a challenge as these systems have the least possible packages installed. I may be limited to writing a script that will collect the audit data. Thanks for your quick responses. I really appreciate it.
Hopefully you do have the find command installed. It has options to search by group and by user. The groups are in /etc/group.
You could run:
Code:
for groupname in $(awk -F: '{print $1}' /etc/group)
do echo GROUP is $groupname
find / -group $groupname
echo "==================================================================="
done
That would give you a list of files for each group. Similar script could do it for each user.
The find command generates a lot of context switches so the above process wouldn't be quick and on a sluggish system could cause problems. To avoid that you could work out doing an array and parsing it (which would likely work best in perl as it is more efficient in most cases than standard shell scripting).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.