Crontab_check ()
{
if [ -r /etc/cron.allow ] && [ ! -r /etc/cron.deny ]; then
echo "waring!~ only cron.allow exist is not 合规"
echo "请删除/etc/cron.allow 并创建/etc/cron.deny"
elif [ ! -r /etc/cron.allow ] && [ -r /etc/cron.deny ]; then
cat /etc/passwd | awk -F : '{print $1}'|egrep -v "root|bin|daemon|lp|mail|games|wwwrun|ftp|nobody|messagebus|haldaemon|sshd|man|news|uucp|uuid|postfix|mysql|at|ntp|polkituser|pulse|suse-ncc|gdm" > utmpfile
cat ./utmpfile | while read valcron
do
grep $valcron /etc/cron.deny > /dev/null
if [ $? = 0 ]; then
echo "$valcron is in /etc/cron.deny"
else
echo "warning!~ $valcron is not in /etc/cron.deny " >> user.tmp
fi
done
cat ./user.tmp
echo "add these user in /etc/cron.deny"
rm -rf ./utmpfile
rm -rf ./user.tmp
elif [ ! -r /etc/cron.allow ] && [ ! -r /etc/cron.deny ]; then
echo "waring!~ all user can not use crontab includ root "
elif [ -r /etc/cron.allow ] && [ -r /etc/cron.deny ] ; then
echo "waring!~ cron.allow and cron.deny all exist is not 合规"
echo "请删除/etc/cron.allow"
fi
}
Crontab_check
本文转自 yuri_cto 51CTO博客,原文链接:http://blog.51cto.com/laobaiv1/1839567,如需转载请自行联系原作者
