Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Tue, Aug 06, 2013 at 03:35:03PM -0400, Eric Chadbourne wrote: > I'm updating a couple of RedHat boxes for a client and see some most > likely legacy users. My first thoughts are, who are these users, do > they still need access, and what do they have access to? You can ask the client... If they don't know who the users are, disable the accounts and see who complains. > How do you check for users in such a situation? I like to do: You can use tools like last, who, and w to see who's logged in recently or right now... For example, last $username will tell you about the recent logins of $username, assuming that the user actually logs in via something that updates the utmp/wtmp database, going as far back as the last time your wtmp was rotated. > cat /etc/passwd |grep "/home" |cut -d: -f1 > > But I know this doesn't show everybody. I've created users with no > home before. Or users who have a home, but it's not in /home. > Also how can I tell if a user has root permissions or > able to access other stuff such as /var/www? Heavy handed, but something like: find / -uid $USERS_UID -o -gid $USERS_GID You probably really would want something that considers perms on the file, as just because it has group ownership for the user's group doesn't mean it is group readable/writable... but I leave that as an exercise for you. This will also search pseudo file systems like /proc, which you may want to avoid (as it's basically useless but potentially time-consuming). Note also that the user has group associations BOTH in /etc/passwd AND in /etc/group. You'd need to check them all. This is time-consuming work, if you want to be thorough... -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |