问题
i have this bash script here that i'm trying to modify to check if there is only one root id, is it vulnerable and currently, this script only checks if there is a duplicate uid and display the users that shares the same uid. Thanks in advance! :)
Bash Script:
#!/bin/bash
/bin/cat /etc/passwd| /bin/cut -f3 -d":" | /bin/sort -n | /usr/bin/uniq-c | while
read x ; do
[ -z "${x}" ] && break
set -$x
if [ $1 -gt1 ]; then
users=`/bin/gawk -F: '($3 == n) { print $1 }' n=$2 /etc/passwd| /usr/bin/xargs`
echo "Duplicate UID ($2): ${users}"
fi
done
Expected Output:
Audit criteria: There is only one root id
Vulnerability: Yes
Details: See below
root:!:0:0::/:/usr/bin/bash
jdoe:*:0:1:John Doe:/home/jdoe:/usr/bin/bash
回答1:
You can simplify your script greatly because all you are looking for is user id 0, which is root:
#!/bin/bash
root_count=$(cut -f3 -d":" /etc/passwd | grep -wc 0)
if [[ $root_count > 1 ]]; then
users=$(awk -F: '($3 == 0) { print $1 }' /etc/passwd | xargs)
echo "Duplicate roots: ${users}"
fi
回答2:
You can use awk to find that out:
if ! awk -F: '$3==0{c++}END{exit !(c<2)}' /etc/passwd ; then
echo "More than one user with uid 0"
fi
来源:https://stackoverflow.com/questions/41788637/bash-how-to-check-if-there-is-only-one-root-id-and-all-user-uids-are-unique