a

2026-05-11 09:15:08 +02:00
parent 9bec2b9e42
commit 404ee3fec4
641 changed files with 416825 additions and 0 deletions
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+{
+    RUNNING=$(auditctl -l)
+    [ -n "${RUNNING}" ] && for PARTITION in $(findmnt -n -l -k -it $(awk '/nodev/ { print $2 }' /proc/filesystems | paste -sd,) | grep -Pv "noexec|nosuid" | awk '{print $1}'); do
+        for PRIVILEGED in $(find "${PARTITION}" -xdev -perm /6000 -type f); do
+            printf -- "${RUNNING}" | grep -q "${PRIVILEGED}" && printf "OK: '${PRIVILEGED}' found in auditing rules.\n" || printf "Warning: '${PRIVILEGED}' not found in running configuration.\n"
+        done
+    done || printf "ERROR: Variable 'RUNNING' is unset.\n"
+}