Solved

Shell script

Posted on 2010-08-25
6
463 Views
Last Modified: 2013-12-26
Hi

    I have a script that perform security settings  on Solaris servers
And I need to modify it so that I can import the results to a mysql db
It is a very long script separated into many modual.

What I need to do is echo the output of individual command and log them
To a file with notations.

Here is a example of one loop  (there a several)
echo Enable stack protection
if [ ! "`grep noexec_user_stack /etc/system`" ]; then
cat <<END_CFG >>/etc/system
* Attempt to prevent and log stack-smashing attacks
set noexec_user_stack = 1
set noexec_user_stack_log = 1
cat /etc/system | grep noexec_user_stack >> /var/tmp/`hostname`-security-setup.log
cat /etc/system | grep noexec_user_stack_log >> /var/tmp/`hostname`-security-setup.log
END_CFG set noexec_user_stack=1
fi
and this sends to a log file in thi format
set noexec_user_stack=1
set noexec_user_stack_log=1

But what I need is this
“ test-num“,”set noexec_user_stack =1”,” Setting is noexec_user_stack=1”
0
Comment
Question by:d_asselin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 

Expert Comment

by:sds9985
ID: 33525366
How about something like:
grep noexec_user_stack /etc/system >/dev/null 2>&1
if [ "$?" != "0" ] ; then
   echo "* Attempt to prevent and log stack-smashing attacks" >>/etc/system
   echo set noexec_user_stack=1 >>/etc/system
   echo set noexec_user_stack_log=1 >>/etc/system
   grep noexec_user_stack=  /etc/system >>/var/tmp/`hostname`-security-setup.log
   grep noexec_user_stack_log=  /etc/system >>/var/tmp/`hostname`-security-setup.log
fi
0
 

Author Comment

by:d_asselin
ID: 33525669
Yes and no

I still need to insert in to the log some fields like so
“ test-num“,”set noexec_user_stack =1”,” Setting is noexec_user_stack=1”
 to break it down

  I still need to insert in to the log some fields like so
“ test-num“,”set noexec_user_stack =1”,” Setting is noexec_user_stack=1”
 
Single quote beginning of line “,” field separator “ end of line
 “ Required setting”,” actual setting"
0
 

Expert Comment

by:sds9985
ID: 33530243
How about something like:
grep noexec_user_stack /etc/system >/dev/null 2>&1
if [ "$?" != "0" ] ; then
   echo "* Attempt to prevent and log stack-smashing attacks" >>/etc/system
   echo set noexec_user_stack=1 >>/etc/system
   echo set noexec_user_stack_log=1 >>/etc/system
   grep noexec_user_stack=  /etc/system >>/var/tmp/`hostname`-security-setup.log
   grep noexec_user_stack_log=  /etc/system >>/var/tmp/`hostname`-security-setup.log
   echo "insert anything else you like into the log here" >>/var/tmp/`hostname`-security-setup.log
fi
0
On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

 

Author Comment

by:d_asselin
ID: 33530531
That will not work

  I think  I’m not explaining myself properly

 It is not a question of inserting something in a log!  But inserting text into a single
 I need the results of a command  plus some text in a single line of text
Beginning with  a quote and fields separated commas
Line like so

“Hostname”,”“Text1 here”,” text2 here”,” result here”
  “  Field1   “,”           Field2   “,”          field3  “,”        field4”
Dan
0
 
LVL 19

Accepted Solution

by:
simon3270 earned 500 total points
ID: 33539901
You can output multiple back-quoted commands on a single line, with something like this (all on one line):

echo \"`hostname`\",\"set noexec_user_stack=1\",\"Setting is `grep noexec_user_stack=  /etc/system`\" >>/var/tmp/`hostname`-security-setup.log

That would write this to the log file (assuming your machine was called testhost!):

"testhost", "set noexec_user_stack=1","Settign is set noexec_user_stack=1"

I have escaped all of the "s so that the shell doesn't interpret them.  You would repeat the above line for all of the vars you are setting (e.g. one more line for noexec_user_stack_log here).

I'd also make a couple of other changes to the script, so that it ends up as the attached.  It simplifies the "grep" line, and does the value check outside the "if" test (that way, you will pick up systems where the noexec_user_stack entry is already defined, so that you can check that the value is indeed 1).  If you only want to write to the log if you actually added the lines in this script, then move the last two lines to before the "fi" line.


if ! grep noexec_user_stack /etc/system >/dev/null
then
cat <<END_CFG >>/etc/system
* Attempt to prevent and log stack-smashing attacks
set noexec_user_stack = 1
set noexec_user_stack_log = 1
END_CFG
fi
echo \"`hostname`\",\"set noexec_user_stack=1\",\"Setting is `grep noexec_user_stack=  /etc/system`\" >>/var/tmp/`hostname`-security-setup.log
echo \"`hostname`\",\"set noexec_user_stack_log=1\",\"Setting is `grep noexec_user_stack_log=  /etc/system`\" >>/var/tmp/`hostname`-security-setup.log

Open in new window

0
 

Author Closing Comment

by:d_asselin
ID: 33541044
This works very well
  Very much very much appreciated
Dan
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the years I've spent many an hour playing on hardened, DMZ'd servers, with only a sub-set of the usual GNU toy's to keep me company; frequently I've needed to save and send log or data extracts from these server back to my PC, or to others, and…
Recently, an awarded photographer, Selina De Maeyer (http://www.selinademaeyer.com/), completed a photo shoot of a beautiful event (http://www.sintjacobantwerpen.be/verslag-en-fotoreportage-van-de-sacramentsprocessie-door-antwerpen#thumbnails) in An…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question