Improved configuration for version 1.1.0

cfg/1.1.0/6.2.10.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+cat /etc/passwd | egrep -v '^(root|halt|sync|shutdown)' | awk -F: '($7 != "/sbin/nologin" && $7 != "/bin/false") { print $1 " " $6 }' | while read user dir; do
+	if [ ! -d "$dir" ]; then 
+		echo "The home directory ($dir) of user $user does not exist." 
+	else 
+		for file in $dir/.[A-Za-z0-9]*; do 
+			if [ ! -h "$file" -a -f "$file" ]; then 
+				fileperm=`ls -ld $file | cut -f1 -d" "` 
+				if [ `echo $fileperm | cut -c6` != "-" ]; then 
+					echo "Group Write permission set on file $file" 
+				fi 
+				if [ `echo $fileperm | cut -c9` != "-" ]; then 
+					echo "Other Write permission set on file $file" 
+				fi 
+			fi 
+		done 
+	fi 
+done

cfg/1.1.0/6.2.11.sh

@@ -0,0 +1,11 @@
+#!/bin/bash 
+
+cat /etc/passwd | egrep -v '^(root|halt|sync|shutdown)' | awk -F: '($7 != "/sbin/nologin" && $7 != "/bin/false") { print $1 " " $6 }' | while read user dir; do 
+	if [ ! -d "$dir" ]; then 
+		echo "The home directory ($dir) of user $user does not exist." 
+	else 
+		if [ ! -h "$dir/.forward" -a -f "$dir/.forward" ]; then 
+			echo ".forward file $dir/.forward exists" 
+		fi 
+	fi 
+done

cfg/1.1.0/6.2.12.sh

@@ -0,0 +1,11 @@
+#!/bin/bash 
+
+cat /etc/passwd | egrep -v '^(root|halt|sync|shutdown)' | awk -F: '($7 != "/sbin/nologin" && $7 != "/bin/false") { print $1 " " $6 }' | while read user dir; do 
+	if [ ! -d "$dir" ]; then 
+		echo "The home directory ($dir) of user $user does not exist." 
+	else 
+		if [ ! -h "$dir/.netrc" -a -f "$dir/.netrc" ]; then 
+			echo ".netrc file $dir/.netrc exists" 
+		fi 
+	fi 
+done

cfg/1.1.0/6.2.13.sh

@@ -0,0 +1,31 @@
+#!/bin/bash 
+
+cat /etc/passwd | egrep -v '^(root|halt|sync|shutdown)' | awk -F: '($7 != "/sbin/nologin" && $7 != "/bin/false") { print $1 " " $6 }' | while read user dir; do 
+	if [ ! -d "$dir" ]; then 
+		echo "The home directory ($dir) of user $user does not exist." 
+	else 
+		for file in $dir/.netrc; do 
+			if [ ! -h "$file" -a -f "$file" ]; then 
+				fileperm=`ls -ld $file | cut -f1 -d" "` 
+				if [ `echo $fileperm | cut -c5` != "-" ]; then 
+					echo "Group Read set on $file" 
+				fi 
+				if [ `echo $fileperm | cut -c6` != "-" ]; then 
+					echo "Group Write set on $file" 
+				fi 
+				if [ `echo $fileperm | cut -c7` != "-" ]; then 
+					echo "Group Execute set on $file" 
+				fi 
+				if [ `echo $fileperm | cut -c8` != "-" ]; then 
+					echo "Other Read set on $file" 
+				fi 
+				if [ `echo $fileperm | cut -c9` != "-" ]; then 
+					echo "Other Write set on $file" 
+				fi 
+				if [ `echo $fileperm | cut -c10` != "-" ]; then 
+					echo "Other Execute set on $file" 
+				fi
+			fi 
+		done 
+	fi 
+done

cfg/1.1.0/6.2.14.sh

@@ -0,0 +1,13 @@
+#!/bin/bash 
+
+cat /etc/passwd | egrep -v '^(root|halt|sync|shutdown)' | awk -F: '($7 != "/sbin/nologin" && $7 != "/bin/false") { print $1 " " $6 }' | while read user dir; do 
+	if [ ! -d "$dir" ]; then 
+		echo "The home directory ($dir) of user $user does not exist." 
+	else 
+		for file in $dir/.rhosts; do 
+			if [ ! -h "$file" -a -f "$file" ]; then 
+				echo ".rhosts file in $dir" 
+			fi 
+		done 
+	fi 
+done

cfg/1.1.0/6.2.15.sh

@@ -0,0 +1,8 @@
+#!/bin/bash 
+
+for i in $(cut -s -d: -f4 /etc/passwd | sort -u ); do 
+	grep -q -P "^.*?:[^:]*:$i:" /etc/group 
+	if [ $? -ne 0 ]; then 
+		echo "Group $i is referenced by /etc/passwd but does not exist in /etc/group" 
+	fi 
+done

cfg/1.1.0/6.2.16.sh

@@ -0,0 +1,9 @@
+#!/bin/bash 
+
+cat /etc/passwd | cut -f3 -d":" | sort -n | uniq -c | while read x ; do 
+	[ -z "${x}" ] && break set - $x 
+	if [ $1 -gt 1 ]; then 
+		users=`awk -F: '($3 == n) { print $1 }' n=$2 /etc/passwd | xargs` 
+		echo "Duplicate UID ($2): ${users}" 
+	fi 
+done

cfg/1.1.0/6.2.17.sh

@@ -0,0 +1,10 @@
+#!/bin/bash 
+
+cat /etc/group | cut -f3 -d":" | sort -n | uniq -c | while read x ; do 
+	[ -z "${x}" ] && break 
+	set - $x 
+	if [ $1 -gt 1 ]; then 
+		groups=`awk -F: '($3 == n) { print $1 }' n=$2 /etc/group | xargs` 
+		echo "Duplicate GID ($2): ${groups}" 
+	fi 
+done

cfg/1.1.0/6.2.18.sh

@@ -0,0 +1,10 @@
+#!/bin/bash 
+
+cat /etc/passwd | cut -f1 -d":" | sort -n | uniq -c | while read x ; do 
+	[ -z "${x}" ] && break 
+	set - $x 
+	if [ $1 -gt 1 ]; then 
+		uids=`awk -F: '($1 == n) { print $3 }' n=$2 /etc/passwd | xargs` 
+		echo "Duplicate User Name ($2): ${uids}" 
+	fi 
+done

cfg/1.1.0/6.2.19.sh

@@ -0,0 +1,10 @@
+#!/bin/bash 
+
+cat /etc/group | cut -f1 -d":" | sort -n | uniq -c | while read x ; do 
+	[ -z "${x}" ] && break 
+	set - $x 
+	if [ $1 -gt 1 ]; then 
+		gids=`gawk -F: '($1 == n) { print $3 }' n=$2 /etc/group | xargs` 
+		echo "Duplicate Group Name ($2): ${gids}" 
+	fi 
+done

cfg/1.1.0/6.2.6.sh

@@ -0,0 +1,34 @@
+#!/bin/bash 
+if [ "`echo $PATH | grep ::`" != "" ]; then 
+	echo "Empty Directory in PATH (::)" 
+fi 
+
+if [ "`echo $PATH | grep :$`" != "" ]; then 
+	echo "Trailing : in PATH" 
+fi 
+
+p=`echo $PATH | sed -e 's/::/:/' -e 's/:$//' -e 's/:/ /g'` 
+set -- $p 
+while [ "$1" != "" ]; do
+	if [ "$1" = "." ]; then 
+		echo "PATH contains ." 
+		shift 
+		continue 
+	fi
+	if [ -d $1 ]; then
+		dirperm=`ls -ldH $1 | cut -f1 -d" "` 
+		if [ `echo $dirperm | cut -c6` != "-" ]; then 
+			echo "Group Write permission set on directory $1" 
+		fi 
+		if [ `echo $dirperm | cut -c9` != "-" ]; then 
+			echo "Other Write permission set on directory $1" 
+		fi 
+		dirown=`ls -ldH $1 | awk '{print $3}'` 
+		if [ "$dirown" != "root" ] ; then 
+			echo $1 is not owned by root
+		fi 
+	else 
+		echo $1 is not a directory 
+	fi 
+	shift 
+done

cfg/1.1.0/6.2.7.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+cat /etc/passwd | egrep -v '^(root|halt|sync|shutdown)' | awk -F: '($7 !="/sbin/nologin" && $7 != "/bin/false") { print $1 " " $6 }' | while read user dir; do
+	if [ ! -d "$dir" ]; then
+		echo "The home directory ($dir) of user $user does not exist."
+	fi
+done

cfg/1.1.0/6.2.8.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+cat /etc/passwd | egrep -v '^(root|halt|sync|shutdown)' | awk -F: '($7 !=
+"/sbin/nologin" && $7 != "/bin/false") { print $1 " " $6 }' | while read user
+dir; do
+	if [ ! -d "$dir" ]; then
+		echo "The home directory ($dir) of user $user does not exist."
+	else
+		dirperm=`ls -ld $dir | cut -f1 -d" "`
+		if [ `echo $dirperm | cut -c6` != "-" ]; then
+			echo "Group Write permission set on the home directory ($dir) of user $user"
+		fi
+		if [ `echo $dirperm | cut -c8` != "-" ]; then
+			echo "Other Read permission set on the home directory ($dir) of user $user"
+		fi
+		if [ `echo $dirperm | cut -c9` != "-" ]; then
+			echo "Other Write permission set on the home directory ($dir) of user $user"
+		fi
+		if [ `echo $dirperm | cut -c10` != "-" ]; then
+			echo "Other Execute permission set on the home directory ($dir) of user $user"
+		fi
+	fi
+done
+		

cfg/1.1.0/6.2.9.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+cat /etc/passwd | egrep -v '^(root|halt|sync|shutdown)' | awk -F: '($7 != "/sbin/nologin" && $7 != "/bin/false") { print $1 " " $6 }' | while read user dir; do
+	if [ ! -d "$dir" ]; then
+		echo "The home directory ($dir) of user $user does not exist." 
+	else 
+		owner=$(stat -L -c "%U" "$dir") 
+		if [ "$owner" != "$user" ]; then 
+			echo "The home directory ($dir) of user $user is owned by $owner." 
+		fi 
+	fi 
+done