O'Reilly logo

Solaris™ Operating Environment Boot Camp by Dominic Butler, David Rhodes

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

The Implementation

To help us administer our systems, we have written a few short scripts (which can go in our standard toolset). The first will search for root-owned files with ACLs and report the filename along with the actual ACL to a log file. If we run this script from cron regularly and examine the log file, we can be sure that no one will hide anything in a file's ACL. The script is cumbersome in the way it finds the ACLs, so it is advisable to run it during a quiet time. The script is as follows:

 #!/bin/ksh # shell script called from the root crontab to # search for files owned by root, but with ACLs set # and report them to a log # date=$(date +%d%m%y) aclLog=/usr/local/utils/logs/acl_${date}.log prog=$(basename $0) # for each file ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required