#! /bin/csh -f # # Rupert - Check system configuration (non-security issues) # # Rupert ckecks system configuration for problems which are not # related to security but which are still important to proper # system function. This is mainly for Red Hat Linux systems, # though the daemon tests apply to other systems. # # Eric Myers - 31 December 1999 # Department of Physics, University of Michigan, Ann Arbor # @(#) $Id: Rupert,v 2.7 2005/09/05 14:13:47 myers Exp myers $ ####################################################################### # Set the path just to what is needed, nothing else. set path=( /usr/local/adm /usr/local/bin /usr/local/gnu/bin ) set path=( $path /bin /usr/bin /usr/sbin /usr/ucb /usr/etc /etc ) umask 037 set TMP=/tmp/Rupert.$$ set TMP2=/tmp/Rupert.$$-2 set LOG=/tmp/Rupert.out /bin/rm -f ${LOG} set RCSVERS = \ `echo '$Revision: 2.7 $' | sed -e 's/Revision: //' -e 's/$\(.*\) \$/\1/'` set HOSTNAME = `hostname` set INDENT="pr -o 8 -t " ## # MAILX is mail/mailx or mush, with -s for subject # set MAILX="mail -s " # NeXT/Linux/Sun if ( -x /usr/bin/mailx ) set MAILX="mailx -s " # HP-UX if ( -x /usr/local/bin/mush ) set MAILX="mush -s " # mush is prefered # general arguments for Unix find command: set FARG=" -xdev" if ( -f /hp-ux ) set FARG="-xdev -hidden " # HP-UX 9.x hidden files #################### ## @(#)* Check for running daemons alias findproc 'ps ax|grep "\!*"|grep -v grep|sed -e "s/^ *//" -e "s/ .*//"' set UNAME=`uname` if ( "$UNAME" == "HP-UX" ) \ alias findproc 'ps -e|grep "\!*"|grep -v grep|sed -e "s/^ *//" -e "s/ .*//"' if ( "$UNAME" == "Ultrix" ) \ alias findproc `ps -acx | awk '$5 ~ /\!*/ {print $1}'` cat /dev/null > $TMP set WATCHLIST=( xntpd ntpd crond mysqld ) if ( "$UNAME" == "Linux") set WATCHLIST=($WATCHLIST xscreensaver ) foreach DAEMON ( $WATCHLIST ) if ( `findproc $DAEMON` == "" ) then echo "$DAEMON" >>$TMP else echo "$DAEMON" >>$TMP2 endif end if ( ! -z $TMP2 ) then cat <>${LOG} ### Running daemon processes: The following daemon processes are running: EOT $INDENT $TMP2 >>${LOG} endif if ( ! -z $TMP ) then cat <>${LOG} ### Missing/disabled daemon processes: The following daemon processes are NOT running (which may or may not be a problem): EOT $INDENT $TMP >>${LOG} endif rm -f $TMP $TMP2 #################### ## @(#)* Check for old files from rpm installation cat /dev/null > $TMP find / ${FARG} -name "*rpmorig" -print >>$TMP find / ${FARG} -name "*rpmnew" -print >>$TMP find / ${FARG} -name "*rpmsave" -print >>$TMP if ( ! -z $TMP ) then cat <>${LOG} ### Old files from rpm installation The following files have been left on the system from an installation using the rpm program. You may either want to delete them or use the information in them to fix the new files. EOT $INDENT $TMP >>${LOG} cat <>$LOG If you don't need these files then it's a good idea to delete them. EOT endif rm -f $TMP #################### ## @(#)* Check for updated RPM's cat /dev/null > $TMP if ( -x /usr/bin/rpmwatcher ) /usr/bin/rpmwatcher > $TMP if ( ! -z $TMP ) then cat <>${LOG} ### Updated RPM's: New RPM packages are now available for the following packages: EOT $INDENT $TMP >>${LOG} cat <>$LOG You should update these packages as soon as possible. The easiest way to copy them over is simply to say \`rpmwatcher -c \' . EOT endif rm -f $TMP #################### ## @(#)* List local packages in /usr/src/redhat: cat /dev/null > $TMP find /usr/src/redhat/SRPMS -type f -print > $TMP if ( ! -z $TMP ) then cat <>${LOG} ### List of Source Packages (SRPMS): The following source packages (SRPMS) were found on this system: EOT $INDENT $TMP >>${LOG} endif find /usr/src/redhat/RPMS -type f -print > $TMP if ( ! -z $TMP ) then cat <>${LOG} ### List of additional packages (RPMS): The following packages (RPMS) were found on this system: EOT $INDENT $TMP >>${LOG} endif #################### ## @(#)* Verify all RPM packages cat /dev/null > $TMP if ( -x /bin/rpm ) then cat <>${LOG} ### Verify all RPM packages: The packages listed below had problems during the verification process. Legend: The tests are labeled "SM5LDUGT" with the following meanings: 5 MD5 sum S file Size L SymLink T modification Time D Device U User G Group M Modes (includes permissions and file type) A "." for a test result indicates the test passed. A "c" after the test results indicates a configuration file. These are likely to have changed and should not be a concern. EOT # list all installed rpm's set RPMLIST=`/bin/rpm -qa| sort` # verify each one, list the ones that fail foreach PACKAGE ( $RPMLIST ) # skip these set X=`echo $PACKAGE | egrep "^dev-"` if ( "$X" != "" ) continue /bin/rpm -V $PACKAGE > $TMP if ( ! -z $TMP ) then echo " " >>$LOG echo "> ${PACKAGE}: " >>$LOG $INDENT $TMP >>$LOG endif end endif ################################################## ## @(#)* Mail a report to root of anything found if ( -f $LOG && ! -z $LOG ) then ( echo "#### System Configuration report for $HOSTNAME from Rupert $RCSVERS "; \ cat $LOG ) | $MAILX "System Configuration Report for $HOSTNAME" root endif ################################################## ## Clean up /bin/rm -f ${LOG} >/dev/null /bin/rm -f ${TMP} >/dev/null ##