Bash: how to check if there is only one root id an

2019-09-20 13:28发布

i have this bash script here that i'm trying to modify to check if there is only one root id, is it vulnerable and currently, this script only checks if there is a duplicate uid and display the users that shares the same uid. Thanks in advance! :)

Bash Script:

#!/bin/bash
/bin/cat /etc/passwd| /bin/cut -f3 -d":" | /bin/sort -n | /usr/bin/uniq-c | while 
read x ; do
  [ -z "${x}" ] && break
  set -$x
  if [ $1 -gt1 ]; then
       users=`/bin/gawk -F: '($3 == n) { print $1 }' n=$2 /etc/passwd| /usr/bin/xargs`
       echo "Duplicate UID ($2): ${users}"
  fi
done

Expected Output:

Audit criteria: There is only one root id

Vulnerability: Yes

Details: See below


root:!:0:0::/:/usr/bin/bash

jdoe:*:0:1:John Doe:/home/jdoe:/usr/bin/bash

标签： linux bash scripting rhel audit

2条回答

我只想做你的唯一

2楼-- · 2019-09-20 13:54

You can use awk to find that out:

if ! awk -F: '$3==0{c++}END{exit !(c<2)}' /etc/passwd ; then
    echo "More than one user with uid 0"
fi

0人赞添加讨论(0) 举报

相关推荐>>

3楼-- · 2019-09-20 14:06

You can simplify your script greatly because all you are looking for is user id 0, which is root:

#!/bin/bash
root_count=$(cut -f3 -d":" /etc/passwd | grep -wc 0)
if [[ $root_count > 1 ]]; then
  users=$(awk -F: '($3 == 0) { print $1 }' /etc/passwd | xargs)
  echo "Duplicate roots: ${users}"
fi

0人赞添加讨论(0) 举报

Bash: how to check if there is only one root id an

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间