Check for stray users in /etc/group

From Cfwiki

Jump to: navigation, search

First of all, here is our helper script:

/var/cfengine/bin/check_for_stray_users_in_etc_group.sh: 

#!/bin/sh

# for each user that's listed as a group member, make
# sure there is corresponding /etc/passwd entry


for USER in `cat /etc/group|cut -d: -f4|tr , '\n' |sort|uniq|grep -v '^$' `
do
if ! grep ^${USER}: /etc/passwd > /dev/null; then echo $0 found stray user ${USER} in /etc/group. ; fi
done | xargs echo



cf.check_for_stray_users_in_etc_group: 


#!/var/cfengine/bin/cfagent -qvKf

control:

        list_of_stray_users = ( ExecResult(/var/cfengine/bin/check_for_stray_users_in_etc_group.sh) )


classes:

        stray_users_in_etc_group = ( RegCmp(".*stray.*",${list_of_stray_users}") )




alerts:

    stray_users_in_etc_group::

        "There are stray users in /etc/group - users with no corresponding entry in /etc/passwd.  Please check it out.   ${list_of_stray_users}"
Retrieved from "http://www.cfwiki.org/cfwiki/index.php/Check_for_stray_users_in_/etc/group"
Personal tools