Group File Problems
In this example, we report group file problems.
The GroupFileProblems script might send an alert message like the following:
PIKT ALERT
Wed Aug 13 02:19:34 2003
milan
WARNING:
GroupFileProblems
Report group file problems
the size of /etc/group has changed by >= 20%, was 43 lines, is now 24 lines
The script follows.
GroupFileProblems
init
status =piktstatus
level =piktlevel
task "Report group file problems"
input proc "=sort -t: +2n =group"
seps ":"
=groupdata
rule // system group?
set #sysgrp = #value($gid) < 100
rule // report bogus comment line
if $left($group,1) eq "#"
output mail "Bogus comment line: $inline"
next
endif
rule // non-root gid 0s
if $gid eq "0"
&& $group ne "root"
output mail "Group $group has GID OF 0!"
output syslog "Group $group has GID OF 0!"
endif
rule // no gid
if $gid eq ""
output mail "Group $group has NO GID!"
endif
rule // duplicate gids
if $gid eq @gid
&& ! #sysgrp
output mail "Groups $group and @group have duplicate gids"
endif
end // drastic change in group file size
set #lines = #innum()
if =deviated(lines, 20%)
output mail "the size of =group has changed by >= 20%,
was $text(%lines) lines,
is now $text(#lines)"
endif
This is just one program example. You could add rules, or write new scripts, for example to report: illegal group names, non-existent users, malformed lines, etc.
For more examples, see Samples.
