#find / -xdev -type f -perm -4000 -o -perm -2000 2> / dev / null->列出 setuid程序的完整路径
运行上述命令后,我将获取程序的路径
/usr/bin/wall
/usr/bin/chfn
/usr/bin/chage
/usr/bin/gpasswd
/usr/bin/newgrp
===================
So whatever the path it's coming,
我需要添加规则“ grep path /etc/audit/audit.rules” 示例:路径/ usr / bin / newgrp
echo "-a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
echo "-a always,exit -F path=/usr/bin/write -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
echo "-a always,exit -F path=/usr/bin/locate -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
echo "-a always,exit -F path=/usr/bin/wall -F perm=x -F auid>=500 -F
auid!=4294967295 -k privileged" >> /etc/audit/audit.rules
Please let me know is there anyway to automate the process without adding
manually using echo.
Thanks
答案 0 :(得分:0)
尝试一下:
.select2-container--open {
z-index: 9999999
}
它将搜索命令集的搜索命令输入到xargs中,该命令将来自stdin的东西(来自find的东西)放到printf中的相应位置{XXX}。
编辑:取出usr / bin /