Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello
I need help with bash scripting
" script finds for each user(chosen users/groups) files which belong to them and other users have access to those files(optional specifically groups) and mail to user list of these files. "
I dont use bash normally and in work i'm actually doing 3 large projects so i dont have enough time for doing this. Can someone help me? I know its easy for you but i'm not familar with programming and those things
I didn't even started. It's very confusing when i read about it, i had only PHP and HTML basics ;(
Then if you already know about PHP and HTML coding, this shouldn't be difficult to learn. But you need to read the "Question Guidelines" link in my posting signature. We are always happy to help you, but we WILL NOT write your scripts for you. You have to some at least SOME effort of your own. Post what you have written/done/tried and tell us where you're stuck.
Otherwise, lots of bash scripting tutorials/examples you can easily find with an internet search...much like how you found this site. And we will never do your homework for you either.
Hello
I need help with bash scripting
" script finds for each user(chosen users/groups) files which belong to them and other users have access to those files(optional specifically groups) and mail to user list of these files. "
I dont use bash normally and in work i'm actually doing 3 large projects so i dont have enough time for doing this. Can someone help me? I know its easy for you but i'm not familar with programming and those things
sorry for my english
Quote:
Originally Posted by Justaguy123
I didn't even started. It's very confusing when i read about it, i had only PHP and HTML basics ;(
OK well this seems to be part of your work and to me you should devote some time to learn how to use bash.
The intentions of LQ are that we are not paid support, we are all volunteers and we are here to help you, but also help you to learn about Linux, not to do your effort for you. Continued behavior where you ask people to just complete your work for you may result in you not being able to participate on the LQ site.
users=($(awk -F'[/:]' '{if ($3 >= 1000 && $3 != 65534) print $1}' /etc/passwd))
touch tmp
for user in $users
do
echo "###############################################">> tmp
echo "@@@@@@@@@@@@@@@@@@@@ $user @@@@@@@@@@@@@@@@@@@@">> tmp
echo "###############################################">> tmp
echo " ">> tmp
find / -type f -user $user -perm /333 >> tmp
echo " ">> tmp
done
this is what i made and i stucked
That script works. What exactly do you mean by it got stuck? Are you saying it never returns back to the prompt?
A couple of points:
Add "set -xv" as the second line of your script. This will enable verbose debug and show you what is happening.
If you are a regular user running this script, the find command is using the '/' directory and there will be a lot of files and directories where the command will not work, due to your permissions. There are options to use sudo and set up sudoers so that you would not have to use a password.
In the future, when posting code, please place it within [code][/code] tags to properly maintain the spacing and formatting.
Once again, this posted script, does work correctly. It however does not do exactly what you described. This script only finds the files owned by the current user, which have a specific permission.
Actually my problem is that running this script with no parameters is supposed to do list of files for every "human-made" accounts so there is any way to use this script in loop to run it for every account in OS and find how to find out that someone have access to file of these accounts? I must in first step find all files which i posses and then check permissions? My goal is in the first post
Last edited by Justaguy123; 12-21-2017 at 07:13 AM.
Enter the loop with the entire list of users from /etc/passwd, do not filter it down prior to entering the loop.
When inside the loop, perform your if test to determine if the id is greater than or equal to 1000.
If yes, then perform the find. Otherwise, no action.
I believe what your script is doing is that it takes /etc/passwd once, checks it once, finds the first occurrence of a user matching your if-test qualifications of >= 1000 && !65534, and that's it. It only ever finds the first occurrence.
When you enter your for loop, you have one entry in your list.
Instead make the list $users be the entirety of /etc/passwd.
Enter the loop.
And then perform your if-test and use that outcome to run or not run the find command.
the script seems to be doing what it is supposed to do: find all files that belong to a certain user and spit them out.
the permission thingy is new to me; i hope it finds what it is supposed to find.
of course there is no mailing yet.
a few points:
if not performed with su privileges, it will spit out a lot of permissiondenied errors, hence i added "2>/dev/null"
"tmp" is not a good filename, because it might well ne in use already. use something more descriptive.
users doesn't have to be an array afaics, but should be enclosed in doublequotes.
here's what i used for testing:
Code:
#!/bin/bash
users="$(awk -F'[/:]' '{if ($3 >= 1000 && $3 != 65534) print $1}' /etc/passwd)"
echo $users
for user in $users
do
echo "$user:" && find / -type f -user $user -perm /333 2>/dev/null
done
Scanning / is expensive.
I would do this once and save the output in a file.
A -ls keeps the user information along with the file names.
Then loop over the users and grep them in the file.
Example script:
Code:
#!/bin/bash
# set the PATH (do not inherit from environment)
export PATH=/bin:/usr/bin:/sbin:/usr/sbin
# variables, allows an easy change here
startdir=/
badfiles=badfiles
# create badfiles only if +24 hours old
if [ ! -s $badfiles ] || find $badfiles -prune -mtime +0 | grep .
then
echo "scanning / and creating $badfiles"
find $startdir -type d -name .snapshot -prune -o -type f -perm /033 -ls > $badfiles
fi
# criteria for valid users: UID range and /home/ directory
users=$(getent passwd | awk -F':' '{if ($3 >= 1000 && $3 != 65534 && $6 ~ /^\/home\//) print $1}')
# look up each user in badfiles
for user in $users
do
awk -v user="$user" '$5==user { if (!title) { print "Bad files for", user, ":"; title=1 } print }' $badfiles
done
#!/bin/bash
argc=$#
host=$(hostname)
if test $argc -lt 0 ; #SPRAWDZAM CZY JEST JAKIS PARAMETR / PARAMETERS QUANTITY CHECK
then
if test $1 -eq -u ; #SPRAWDZANIE CZY PODAJEMY USERA / USER CHECK
then
if test $3 lt 0; # SPRAWDZANIE CZY USEROW JEST WIECEJ NIZ 1 / CHECKING WHETHER THERE IS MORE THAN 1 USER
then
#OPERACJE DLA WIELU USEROW / OPERATIONS FOR MULTIPLE USERS
else
#OPERACJE DLA JEDNEGO USERA / OPERATIONS FOR SINGLE USERS
fi
else
if test $1 -eq -g ; #SPRAWDZANIE CZY PODAJEMY GRUPY / GROUP CHECK
then
if test $3 lt 0; # SPRAWDZANIE CZY GRUP JEST WIECEJ NIZ 1 / CHECKING WHETHER THERE IS MORE THAN 1 USER
then
#OPERACJE DLA WIELU GRUP / OPERATIONS FOR MULTIPLE GROUPS
else
#OPERACJE DLA JEDNEJ GRUPY / OPERATIONS FOR SINGLE GROUP
fi
else
echo "WRONG FIRST PARAMETER"
exit
fi
fi
#OPERACJE DLA BEZ PARAMETRÓW
if test $argc -eq 0 ;
then
users="$(awk -F'[/:]' '{if ($3 >= 1000 && $3 != 65534) print $1}' /etc/passwd)"
echo $users
for user in $users
do
FWOA_tmp.txt >> "######################$user#####################" && find / -type f -user $user -perm /333 2>/dev/null
done
fi
echo "THIS IS FILE ACCESS RAPORT FROM $(date)" | mailx -s 'FILE ACCESS $(host)' -a FWOA_tmp.txt mail@domain.com
rm FWOA_tmp.txt
I made this divisions becouse i think that i won't be able to use the same instructions for single and multiple objects(users or groups). I'm right? I didn't take into account that user want to specify users which he want to check if they have access to his files.
format of command will be someting like sh script.sh (-u or -g) (multiply or single user or groups) -c(check) (users which he want to check if they have access to his files.) (mail address) it is ok?
Last edited by Justaguy123; 12-22-2017 at 08:44 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.