bash: passing asterisk to variable command

Dr_Death_UAE · 11-23-2008, 04:03 AM

Hello, I want to pass asterisk to a variable:

Code:

#!/bin/bash
log=`cat /etc/httpd/conf/httpd.conf | grep ErrorLog | grep -v "#"| awk '{print $3}'`
ls -l $log*

i know it will work if i quote the variable "", but the variable is a command it will not work if i quote it.

any idea!

pixellany · 11-23-2008, 04:58 AM

I'm not grasping what you are doing...

The first statement assigns <<something>> to the variable named "log". What is the second statement supposed to do?

If you are trying to add a literal "*" to the contents of log, have you tried escaping it?
ls -l $log\*

ls -l stuff* ##lists the contents of all directories with names beginning with "stuff"

ls -l stuff\* ##lists the contents of the directory named literally "stuff*"

Dr_Death_UAE · 11-23-2008, 05:20 AM

Hello, i escape the asterisk with slash but didnt work.

Quote:

bash-3.00# ./script.sh
ls: 0653-341 The file /var/logs/error_log does not exist.
ls: 0653-341 The file /var/logs/error_log does not exist.
ls: 0653-341 The file /var/logs/error_log* does not exist.

it should give me:

Quote:

bash-3.00# ls -l /var/logs/error_log*
-rw-rw-r-- 1 apache apache 296 Aug 20 17:39 /var/logs/error_log.1219233600
-rw-r--r-- 1 apache apache 296 Aug 28 14:55 /var/logs/error_log.1219881600
-rw-r--r-- 1 apache apache 1111 Nov 08 15:42 /var/logs/error_log.1226102400
-rw-r--r-- 1 apache apache 370 Nov 10 09:14 /var/logs/error_log.1226275200
-rw-r--r-- 1 apache apache 592 Nov 12 15:50 /var/logs/error_log.1226448000
bash-3.00#

pixellany · 11-23-2008, 05:33 AM

Hmmmmm.....back to my original question: What are you trying to do?

Dr_Death_UAE · 11-23-2008, 05:37 AM

I modify a script to audit apache config on AIX

this is the script:

Code:

#! /bin/bash

ps -ef | grep 'httpd' | cut -d " " -f 1 | grep -v 'root' | sed -n 1p >> webuseracct.txt

Path=`ps -ef | grep 'httpd' | sed -n 1p | awk '{print $11}'`



   find $Path -type f -name httpd.conf >> httpd.txt
   find $Path -type f -name *.conf >> httpd.txt


file1=`cat webuseracct.txt`
file2=`cat httpd.txt`

exec > apache_output.txt

 echo File Security
 echo =============
 echo
 echo "APC_01 - Weak permissions on files in Document Root"
 echo ---------------------------------------------------
 echo
 DocRoot=`cat $file2 | grep DocumentRoot  | grep -v "#"| awk '{print $2}'|sed 's/"//g'`
 ls -dl $DocRoot
 echo
 echo "APC_02 - Weak permissions on Server Configuration files"
 echo -------------------------------------------------------
 echo
 ls -l $file2
 echo
 echo "APC_03 - Weak permissions on log files"
 echo --------------------------------------
 echo
log=`cat $file2 | grep ErrorLog | grep -v "#"| awk '{print $3}'`
echo
ls -l $log*

 echo
 echo Logging and Server Information Handling
 echo =======================================
 echo
 echo "APC_04 - Server Version Information Parameters are turned on"
 echo ------------------------------------------------------------
 echo
 cat $file2 | grep -w ServerTokens | grep -v "#"
 cat $file2 | grep ServerSignature | grep -v "#"
 echo
 echo "APC_05 - Logging directives not configured securely"
 echo ------------------------------------------
 echo
 cat $file2 | grep LogLevel | grep -v "#"
 cat $file2 | grep ErrorLog | grep -v "#"
 cat $file2 | grep CustomLog | grep -v "#"
 cat $file2 | grep LogFormat | grep combined | grep -v "#"
 echo
 echo Directory Access Permissions
 echo ============================
 echo 
 echo "APC_06 - Insecure directory access permissions"
 echo --------------------------------------------------
 echo
 cat  $file2 | grep Options | grep -v "#"
 echo
 echo "APC_07 - cgi-bin directory is not disabled"
 echo ------------------------------------------
 echo
 cat  $file2 | grep -w cgi-bin | grep -v "#"
 echo
 echo "APC_08 - Insecure User Oriented Directives"
 echo ------------------------------------------
 echo
 cat $file2 | fgrep -w User | grep -v "#"
 cat $file2 | fgrep -w Group | grep -v "#"
 echo
 echo
 echo Denial of Service Protection
 echo ============================
 echo
 echo "APC_09 - High timeout value"
 echo ---------------------------
 echo
 cat $file2 | grep -w Timeout | grep -v "#"
 echo
 echo "APC_10 - Keep Alive setting not configured"
 echo ------------------------------------------
 echo
 cat $file2 | grep -w KeepAlive | grep -v "#"
 echo 
 echo "APC_11 - Keep Alive Timeout setting not configured"
 echo --------------------------------------------------
 echo
 cat $file2 | grep -w KeepAliveTimeout | grep -v "#"
 echo
 echo "APC_12 - MaxKeepAliveRequests Parameter not set"
 echo -----------------------------------------------
 echo
 cat $file2 | grep -w MaxKeepAliveRequests | grep -v "#"
 echo
 echo "APC_13 - StartServers Parameter not set"
 echo ---------------------------------------
 echo
 cat $file2 | grep -w StartServers | grep -v "#"
 echo
 echo "APC_14 - MinSpareServers Parameter not set"
 echo ------------------------------------------
 echo
 cat $file2 | grep -w MinSpareServers | grep -v "#"
 echo
 echo "APC_15 - MaxSpareServers Parameter not set"
 echo ------------------------------------------
 echo
 cat $file2 | grep -w MaxSpareServers | grep -v "#"
 echo
 echo "APC_16 - MaxClients Parameter not set"
 echo -------------------------------------
 echo
 cat $file2 | grep -w MaxClients | grep -v "#"
 echo
 echo Other Checks
 echo ============
 echo
 echo "APC_17 - Web User Account not Locked Down"
 echo -----------------------------------------
 echo
 cat /etc/passwd | grep $file1
 echo
 echo
 echo "APC_18 - Non Essentail Modules are not removed"
 echo ----------------------------------------------
 echo
 cat $file2 | grep -w LoadModule | grep -v "#"
 echo
 echo "APC_19 - Mod_Security module not installed"
 echo ------------------------------------------
 echo
 cat $file2 | grep mod_security.so | grep -v "#"
 echo 
 echo "APC_20 - HTTP Methods not limited"
 echo ---------------------------------
 echo 
 cat $file2 | grep LimitExcept | grep -v "#"
 echo 
 echo "APC_21 - HTTP method TRACE not disabled"
 echo ---------------------------------------
 echo
 cat $file2 | grep Rewrite | grep -v "#"
 echo 
 echo "APC_22 - Buffer overflow protection not configured"
 echo --------------------------------------------------
 echo 
 cat $file2 | grep LimitRequest | grep -v "#"
 echo
 echo "APC_23 - Insecure Version of Apache used"
 echo --------------------------------------------------
 version=`ps -ef | grep 'httpd' | sed -n 1p | awk '{print $9}'`
 $version -v 
 echo 
 echo 
rm webuseracct.txt
rm httpd.txt
echo
echo ---------------End of output------------------

pixellany · 11-23-2008, 05:53 AM

Sorry, that does not tell me anything......I'm quite elderly, and have a limited attention span. Going back to your original post, I simply need to know what "ls -l $log*" is supposed to do (in the context of the problem you are trying to solve.)

Dr_Death_UAE · 11-23-2008, 06:04 AM

Hello,

this line will grep the apache error_log path

Quote:

log=`cat /etc/httpd/conf/httpd.conf | grep ErrorLog | grep -v "#"| awk '{print $3}'`

in apache httpd.conf, this is the line the variable $log should grep:

Quote:

ErrorLog "|/usr/bin/rotatelogs /var/logs/error_log 43200"

this is $log output:

Quote:

/var/logs/error_log

and this suppose to show all the error_logs files (the rotated files)

Quote:

ls -l $log*

this should be the output of "ls -l $log*"

Quote:

-rw-rw-r-- 1 apache apache 296 Aug 20 17:39 /var/logs/error_log.1219233600
-rw-r--r-- 1 apache apache 296 Aug 28 14:55 /var/logs/error_log.1219881600
-rw-r--r-- 1 apache apache 1111 Nov 08 15:42 /var/logs/error_log.1226102400
-rw-r--r-- 1 apache apache 370 Nov 10 09:14 /var/logs/error_log.1226275200
-rw-r--r-- 1 apache apache 592 Nov 12 15:50 /var/logs/error_log.1226448000

my question is how to make the asterisk work with variable $log, it work fine if i put $log as:

Quote:

log="/var/logs/error_log"
ls -l $log*

jschiwal · 11-23-2008, 06:17 AM

The line "ls -l $log*" doesn't pass anything to a variable.

If you need to separate the part that is a variable name from what follows, put the
variable in brackets:
ls -l ${log}*

Since this is a script, you might want to include the full path to the ls command so that
you don't run an alias instead.

Check that the value of $log is what you think it is.

Dr_Death_UAE · 11-23-2008, 06:25 AM

ls -l ${log}* didnt work, i wont to use this script on many AIX systems and the apache config for them is different.

H_TeXMeX_H · 11-23-2008, 07:22 AM

Sorry, but I just tried this and it works fine for me:

Code:

# in script
log=/var/log/rkhunter
ls -l $log*

# ouput
-rw------- 1 root root 76632 2008-08-24 14:59 /var/log/rkhunter.log
-rw------- 1 root root  3739 2008-08-24 14:56 /var/log/rkhunter.log.old

I don't know why it doesn't work for ya.

pixellany · 11-23-2008, 07:33 AM

Creak, squeek, groooooooooan....
(sound of brain trying to figure this out.......)

I made five directories--dir1 thru dir5. In each one, I put a file (in dir1: file1, etc.)

Code:

[mherring@Ath ~]$ name=dir
[mherring@Ath ~]$ ls $name*
dir1:
file1

dir2:
file2

dir3:
file3

dir4:
file4

dir5:
file5

This seems to work as one would expect.

dxqcanada · 11-23-2008, 07:45 AM

If you add an echo you can see what is being resolved as $log:

Code:

#!/bin/bash
log=`cat /etc/httpd/conf/httpd.conf | grep ErrorLog | grep -v "#"| awk '{print $3}'`
echo $log
ls -l $log*

or run the script as:

Code:

bash-3.00# sh -x ./script.sh

jcookeman · 11-23-2008, 08:06 AM

What is your shell options set to? Just as an example:

Code:

[jc@home ~]$ test=test
[jc@home ~]$ echo $test*
test.c test.py test.sh test_ssh.sh test.txt test.xml
[jc@home ~]$ shopt -o -s noglob
[jc@home ~]$ echo $test*
test*

Dr_Death_UAE · 11-23-2008, 10:27 AM

hmmmmm guys, i just went back to home and test the script on my linux machine, its work fine!!!

it seem the issue is from the AIX bash3. strange

i will search and read about bash scripting under AIX.

Thanks guys for your help.

nehaandrew · 11-26-2008, 10:04 AM

Wow ... A Bash shell error held 7 people hostage ...

Don't you just love it when that happens!!!

Linux