Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Put this in your ~/.bash_profile
- #
- # OS Specifics
- # NB: Requires uname(1) -- from base system
- #
- : "${UNAME_s:=$( uname -s )}"
- unset Linux
- case "$UNAME_s" in
- Linux) Linux=$( lsb_release -si 2> /dev/null ) || Linux=1 ;;
- esac
- #
- # Security
- #
- ME=you@somewhere
- BASTION_LOC1="1.2.3.4 2.3.4.5"
- BASTION_LOC2="3.4.5.6 4.5.6.7 5.6.7.8"
- BASTIONS="$BASTION_LOC1 $BASTION_LOC2"
- if [ "$SSH_CLIENT" ]; then
- SSH_CLIENT_HOST="${SSH_CLIENT%%[$IFS]*}" # first word
- _expected=
- for _host in $BASTIONS; do
- [ "$SSH_CLIENT_HOST" = "$_host" ] || continue
- _expected=1
- break
- done
- [ "$_expected" ] ||
- mail -s "[SECOPS] Unexpected ssh" "$ME" <<-EOM
- From $SSH_CLIENT_HOST to $HOSTNAME
- Please forward to security
- Environment variables:
- $( set )
- EOM
- unset _expected _host
- elif [ "$Linux" ]; then
- SU_USER=$( ps auxwwf | awk -v pid=$$ 'BEGIN{getline hdr;
- lines[1]=hdr;match(hdr,"COMMAND");C=RSTART}{
- lines[NR]=$0}$2==pid{P=NR;U=$1}END{while(1){
- $0=lines[P];if($1!=U){if($1=="root")U=$1;else{found=1
- break}}if(substr($0,C,1)!=" ")break;if(--P<1)break}
- print found?$1:"root"}' )
- [ "$SU_USER" = "$USER" ] ||
- mail -s "[SECOPS] Unexpected su" "$ME" <<-EOM
- $SU_USER just became you on $HOSTNAME
- Please forward to security
- Environment variables:
- $( set )
- EOM
- fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
