-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauditusers2.pl
More file actions
executable file
·69 lines (62 loc) · 2.18 KB
/
auditusers2.pl
File metadata and controls
executable file
·69 lines (62 loc) · 2.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/usr/bin/perl -w
#
# Script to Audit the monthly user list for Internal Controls
# 1/7/05 Jeff Leggett Security Engineering
#
# Modified 1/21/05 to add Group membership listings
use strict;
my %USERS;
my @TMP;
my $LNAME;
# Create the inital hash....
# This allows us to make sure that the entire alphabet is there.
# This way, you won't have any gaps in the hash but you may have
# empty letters, which is fine.
foreach ("a".."z") {
$USERS{$_} = undef;
}
open (READ_PW, "/etc/passwd") or die "Can't open /etc/passwd:$!\n";
while (<READ_PW>) {
@TMP = split(/:/, $_);
$TMP[0] =~ /^.(.)/; # Grab the second letter of the username.
# Create a complex hash that is:
# SecondLetterOfName -> Username = GCOS
$USERS{$1}{$TMP[0]} = $TMP[4];
}
close (READ_PW);
#
# Slurp the Group file
#
my @GRP;
open GRPFILE, "< /etc/group" or die "Can't open /etc/group:$!\n";
while (<GRPFILE>) { push @GRP, $_; } close GRPFILE;
# Work through each letter of the alphabet and print the upper case
# version of the letter that you're working with because UC is easier to
# read than lc in this case...
open AUDITFILE, "> /tmp/userlist.txt" or die "Can't open output file:$!\n";
foreach my $LETTER (sort keys %USERS) {
print AUDITFILE uc($LETTER) . "\n";
# For each letter, there will be a sub-hash (or empty key)
# that we can run through and print the usernames and GCOS information.
foreach my $LASTNAME (sort keys %{$USERS{$LETTER}}) {
print AUDITFILE "\t$LASTNAME : $USERS{$LETTER}{$LASTNAME}\n";
foreach my $LINE ( @GRP ) {
if ($LINE =~ /$LASTNAME/) {
(my $GRPNAME, my $JUNK, my $GID, my $USERS) = split /:/, $LINE;
if ($GRPNAME ne $LASTNAME) {
print AUDITFILE "\t Member of Group: $GRPNAME\n";
}
}
}
}
}
close AUDITFILE;
my $MAILPRG = undef;
my $HOSTNAME = `hostname -s`;
my $MAILTOLIST = "internalcontrols\@interland.com";
# For testing
# my $MAILTOLIST = "jleggett\@interland.com";
if ( -e "/bin/mail" ) { $MAILPRG = "/bin/mail"; }
elsif ( -e "/usr/bin/mail" ) { $MAILPRG = "/usr/bin/mail"; }
system ("$MAILPRG -s \"$HOSTNAME User Audit\" $MAILTOLIST < /tmp/userlist.txt");
system ("rm /tmp/userlist.txt");