• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 495
  • Last Modified:

Shell script

Hi

    I have a script that perform security settings  on Solaris servers
And I need to modify it so that I can import the results to a mysql db
It is a very long script separated into many modual.

What I need to do is echo the output of individual command and log them
To a file with notations.

Here is a example of one loop  (there a several)
echo Enable stack protection
if [ ! "`grep noexec_user_stack /etc/system`" ]; then
cat <<END_CFG >>/etc/system
* Attempt to prevent and log stack-smashing attacks
set noexec_user_stack = 1
set noexec_user_stack_log = 1
cat /etc/system | grep noexec_user_stack >> /var/tmp/`hostname`-security-setup.log
cat /etc/system | grep noexec_user_stack_log >> /var/tmp/`hostname`-security-setup.log
END_CFG set noexec_user_stack=1
fi
and this sends to a log file in thi format
set noexec_user_stack=1
set noexec_user_stack_log=1

But what I need is this
“ test-num“,”set noexec_user_stack =1”,” Setting is noexec_user_stack=1”
0
d_asselin
Asked:
d_asselin
  • 3
  • 2
1 Solution
 
sds9985Commented:
How about something like:
grep noexec_user_stack /etc/system >/dev/null 2>&1
if [ "$?" != "0" ] ; then
   echo "* Attempt to prevent and log stack-smashing attacks" >>/etc/system
   echo set noexec_user_stack=1 >>/etc/system
   echo set noexec_user_stack_log=1 >>/etc/system
   grep noexec_user_stack=  /etc/system >>/var/tmp/`hostname`-security-setup.log
   grep noexec_user_stack_log=  /etc/system >>/var/tmp/`hostname`-security-setup.log
fi
0
 
d_asselinAuthor Commented:
Yes and no

I still need to insert in to the log some fields like so
“ test-num“,”set noexec_user_stack =1”,” Setting is noexec_user_stack=1”
 to break it down

  I still need to insert in to the log some fields like so
“ test-num“,”set noexec_user_stack =1”,” Setting is noexec_user_stack=1”
 
Single quote beginning of line “,” field separator “ end of line
 “ Required setting”,” actual setting"
0
 
sds9985Commented:
How about something like:
grep noexec_user_stack /etc/system >/dev/null 2>&1
if [ "$?" != "0" ] ; then
   echo "* Attempt to prevent and log stack-smashing attacks" >>/etc/system
   echo set noexec_user_stack=1 >>/etc/system
   echo set noexec_user_stack_log=1 >>/etc/system
   grep noexec_user_stack=  /etc/system >>/var/tmp/`hostname`-security-setup.log
   grep noexec_user_stack_log=  /etc/system >>/var/tmp/`hostname`-security-setup.log
   echo "insert anything else you like into the log here" >>/var/tmp/`hostname`-security-setup.log
fi
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

 
d_asselinAuthor Commented:
That will not work

  I think  I’m not explaining myself properly

 It is not a question of inserting something in a log!  But inserting text into a single
 I need the results of a command  plus some text in a single line of text
Beginning with  a quote and fields separated commas
Line like so

“Hostname”,”“Text1 here”,” text2 here”,” result here”
  “  Field1   “,”           Field2   “,”          field3  “,”        field4”
Dan
0
 
simon3270Commented:
You can output multiple back-quoted commands on a single line, with something like this (all on one line):

echo \"`hostname`\",\"set noexec_user_stack=1\",\"Setting is `grep noexec_user_stack=  /etc/system`\" >>/var/tmp/`hostname`-security-setup.log

That would write this to the log file (assuming your machine was called testhost!):

"testhost", "set noexec_user_stack=1","Settign is set noexec_user_stack=1"

I have escaped all of the "s so that the shell doesn't interpret them.  You would repeat the above line for all of the vars you are setting (e.g. one more line for noexec_user_stack_log here).

I'd also make a couple of other changes to the script, so that it ends up as the attached.  It simplifies the "grep" line, and does the value check outside the "if" test (that way, you will pick up systems where the noexec_user_stack entry is already defined, so that you can check that the value is indeed 1).  If you only want to write to the log if you actually added the lines in this script, then move the last two lines to before the "fi" line.


if ! grep noexec_user_stack /etc/system >/dev/null
then
cat <<END_CFG >>/etc/system
* Attempt to prevent and log stack-smashing attacks
set noexec_user_stack = 1
set noexec_user_stack_log = 1
END_CFG
fi
echo \"`hostname`\",\"set noexec_user_stack=1\",\"Setting is `grep noexec_user_stack=  /etc/system`\" >>/var/tmp/`hostname`-security-setup.log
echo \"`hostname`\",\"set noexec_user_stack_log=1\",\"Setting is `grep noexec_user_stack_log=  /etc/system`\" >>/var/tmp/`hostname`-security-setup.log

Open in new window

0
 
d_asselinAuthor Commented:
This works very well
  Very much very much appreciated
Dan
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now