45 lines
943 B
Bash
45 lines
943 B
Bash
#!/usr/bin/env bash
|
|
|
|
# Define the files to check
|
|
FILES=("/etc/cron.allow" "/etc/cron.deny")
|
|
|
|
# Function to check a file
|
|
check_file() {
|
|
local file=$1
|
|
|
|
# Check if the file exists
|
|
if [ ! -e "$file" ]; then
|
|
echo "File $file does not exist. Ignoring."
|
|
return 0
|
|
fi
|
|
|
|
# Get the file permissions in numeric format
|
|
local permissions=$(stat -c "%a" "$file")
|
|
local owner=$(stat -c "%U" "$file")
|
|
local group=$(stat -c "%G" "$file")
|
|
|
|
# Check if the file permissions are 0640 or more restrictive
|
|
if [ "$permissions" -gt 640 ]; then
|
|
echo "File $file permissions are not 0640 or more restrictive."
|
|
return 1
|
|
fi
|
|
|
|
# Check if the owner is root and group is root
|
|
if [ "$owner" != "root" ] || [ "$group" != "root" ]; then
|
|
echo "File $file owner or group is not root."
|
|
return 1
|
|
fi
|
|
|
|
return 0
|
|
}
|
|
|
|
# Check each file
|
|
for file in "${FILES[@]}"; do
|
|
if ! check_file "$file"; then
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
# If all checks pass, exit with status 0
|
|
exit 0
|