本文共 1831 字，大约阅读时间需要 6 分钟。

前言

有的时候，使用chattr未必可以保证passwd不被篡改。下面分享的是/etc/passwd的安全加固脚本，相对的解决篡改问题。

使用前提：

此脚本建议使用后台运行:

chmod +x /script/check_passwd.shnohup /script/check_passwd.sh  &

#!/bin/bash		    check() {			    	TIME=`date +%F-%R`	file1=/etc/back/passwd	file2=/etc/passwd      if [ -s $flie2 ];then	    lsattr $file2 | grep i > /dev/null 		if [ $? -eq 0 ];then			echo "$TIME passwd file rights is ok" >> /var/log/passwd_file.log	#当/etc/passwd中存在UID为0，且非root用户的用户，就删除改用户			awk -F ':' '($3==0){print $1}' $file2 |grep -v root > /var/log/userdel.log			                 			for duser in `cat  /var/log/userdel.log`			do				chattr -i /etc/passwd	        									                                   				userdel -r $duser				#sed -i "/$duser/d" /etc/passwd 				#sed -i "/$duser/d" /etc/group				#sed -i  "/$duser/d" /etc/shadow				rm -rf /home/$duser				rm -rf /var/spool/mail/$duser				#userdel -r $duser				chattr +i /etc/passwd													   			              			done 					else	   #下方是判断文件内容是否一致         		diff $file1 $file2 > /dev/null			if [ $? -eq 0 ]; then            	echo "$TIME  file are same"   >> /var/log/diff.log            else	        	echo "$TIME  file are different"  >> /var/log/diff.log			fi				tail -n1  /var/log/diff.log |grep different  > /dev/null			if   [ $? -eq 0 ]; then				chattr -i $file2				\cp $file1 $file2				chattr +i $file2				echo "$TIME ERROR: passwd file is update" >> /var/log/passwd_file.log    		fi	    	fi    else								\cp $file1 $file2				chattr +i $file2				echo "$TIME ERROR: passwd file does not exist；passwd file is update" >> /var/log/passwd_file.log    fi}while truedo	check	sleep 3600                                                     done

备注：当复制粘贴导致窜行时，建议手打。

转载地址：https://moxiao.blog.csdn.net/article/details/89187034 如侵犯您的版权，请留言回复原文章的地址，我们会给您删除此文章，给您带来不便请您谅解！