1 #!/bin/bash |
1 #!/bin/bash |
2 # |
2 # |
3 ############################################################################# |
3 ############################################################################# |
4 # Copyright (C) 2005-2012 |
4 # Copyright (C) 2005-2013 |
5 # |
5 # |
6 # Michiel Broek <mbse@mbse.dds.nl> |
6 # Michiel Broek <mbse at mbse.eu> |
7 # the Netherlands |
7 # the Netherlands |
8 # |
8 # |
9 # This file is part of SlackSecCheckScripts. |
9 # This file is part of SlackSecCheckScripts. |
10 # |
10 # |
11 # This package is free software; you can redistribute it and/or modify it |
11 # This package is free software; you can redistribute it and/or modify it |
39 exit 1 |
39 exit 1 |
40 fi |
40 fi |
41 |
41 |
42 TMP2=secure1.$$ |
42 TMP2=secure1.$$ |
43 OUTPUT=secure4.$$ |
43 OUTPUT=secure4.$$ |
|
44 YESTER=$(date '+%b %d' -d yesterday) |
44 |
45 |
45 egrep ' useradd\[' /var/log/secure > $TMP2 |
46 grep -e ' useradd\[' /var/log/secure | grep -e "${YESTER}" > $TMP2 |
46 egrep ' userdel\[' /var/log/secure >> $TMP2 |
47 grep -e ' userdel\[' /var/log/secure | grep -e "${YESTER}" >> $TMP2 |
47 egrep ' usermod\[' /var/log/secure >> $TMP2 |
48 grep -e ' usermod\[' /var/log/secure | grep -e "${YESTER}" >> $TMP2 |
48 egrep ' groupadd\[' /var/log/secure >> $TMP2 |
49 grep -e ' groupadd\[' /var/log/secure | grep -e "${YESTER}" >> $TMP2 |
49 egrep ' groupdel\[' /var/log/secure >> $TMP2 |
50 grep -e ' groupdel\[' /var/log/secure | grep -e "${YESTER}" >> $TMP2 |
50 egrep ' groupmod\[' /var/log/secure >> $TMP2 |
51 grep -e ' groupmod\[' /var/log/secure | grep -e "${YESTER}" >> $TMP2 |
51 egrep ' passwd\[' /var/log/secure >> $TMP2 |
52 grep -e ' passwd\[' /var/log/secure | grep -e "${YESTER}" >> $TMP2 |
52 egrep ' sudo:' /var/log/messages >> $TMP2 |
53 grep -e ' sudo:' /var/log/messages | grep -e "${YESTER}" >> $TMP2 |
53 |
54 |
54 cat $TMP2 | sort > $OUTPUT |
55 cat $TMP2 | sort > $OUTPUT |
55 |
56 |
56 if [ -s $OUTPUT ] ; then |
57 if [ -s $OUTPUT ] ; then |
57 printf "\nImportant logfile entries:\n" |
58 printf "\nImportant logfile entries:\n" |