diff options
Diffstat (limited to 'os/linux/report')
| -rwxr-xr-x | os/linux/report/linux.sh | 135 |
1 files changed, 135 insertions, 0 deletions
diff --git a/os/linux/report/linux.sh b/os/linux/report/linux.sh new file mode 100755 index 0000000..b5576a1 --- /dev/null +++ b/os/linux/report/linux.sh @@ -0,0 +1,135 @@ +#!/bin/bash + +# Default report file +REPORT_FILE="report.txt" +TRIM_COMMENTS=false + +# Function to log section header +log_section() { + echo -e "\n\n" >> "$REPORT_FILE" + echo "==========================================" >> "$REPORT_FILE" + echo "# SECTION $1: $2" >> "$REPORT_FILE" + echo "==========================================" >> "$REPORT_FILE" +} + +# Function to log file content +log_file_content() { + FILE_PATH="$1" + FILE_NAME=$(basename "$FILE_PATH") + echo "## $FILE_NAME" >> "$REPORT_FILE" + if [[ -f $FILE_PATH ]]; then + if $TRIM_COMMENTS; then + # Trim comments (lines starting with # or empty lines) + grep -vE '^\s*#|^\s*$' "$FILE_PATH" >> "$REPORT_FILE" + else + cat "$FILE_PATH" >> "$REPORT_FILE" + fi + else + echo "File $FILE_PATH not found!" >> "$REPORT_FILE" + fi +} + +# Function to log command output +log_command_output() { + echo "## $1" >> "$REPORT_FILE" + $2 >> "$REPORT_FILE" 2>&1 +} + +# Check for sudo privileges +if [[ $EUID -ne 0 ]]; then + echo "This script requires sudo privileges. Please enter your password." + exec sudo "$0" "$@" +fi + +# Parse command-line arguments +while getopts "t" opt; do + case $opt in + t) + TRIM_COMMENTS=true + REPORT_FILE="report_trimmed.txt" + ;; + *) + echo "Usage: $0 [-t] # Use -t to trim comments from files" + exit 1 + ;; + esac +done + +# Initialize report file +> "$REPORT_FILE" # Clear the file if it exists + +# ASCII Header +cat << "EOF" >> "$REPORT_FILE" + _ ___ _ _ _ ___ __ ___ ____ ____ _____ ____ ___ ____ _____ + | | |_ _| \ | | | | \ \/ / / _ \/ ___| | _ \| ____| _ \ / _ \| _ \_ _| + | | | || \| | | | |\ / | | | \___ \ | |_) | _| | |_) | | | | |_) || | + | |___ | || |\ | |_| |/ \ | |_| |___) | | _ <| |___| __/| |_| | _ < | | + |_____|___|_| \_|\___//_/\_\ \___/|____/ |_| \_\_____|_| \___/|_| \_\|_| +EOF + +# Log Script Info +log_section "00" "Script Info" +echo "Execution Date and Time: $(date)" >> "$REPORT_FILE" +echo "Script Name: $0" >> "$REPORT_FILE" + +if [[ $(whoami) == "root" ]]; then + echo "User Running the Script: root (called by: $SUDO_USER)" >> "$REPORT_FILE" +else + echo "User Running the Script: $(whoami)" >> "$REPORT_FILE" +fi + +# Log System Info +log_section "01" "System Info" +log_command_output "Hostname" "hostname" +log_command_output "Kernel Version" "uname -r" +log_file_content "/etc/os-release" +log_command_output "IP Address" "hostname -I" + +# Log Password Parameters +log_section "02" "Password Parameters" +log_file_content "/etc/pam.d/system-auth" +log_file_content "/etc/login.defs" + +# Log Users +log_section "03" "Users" +log_file_content "/etc/passwd" +log_file_content "/etc/group" + +# Log Admins +log_section "04" "Admins" +log_file_content "/etc/sudoers" +log_command_output "Sudo Group" "getent group sudo" +log_command_output "Wheel Group" "getent group wheel" +log_command_output "Root User" "getent passwd 0" + +# Log SSH Configuration +log_section "05" "SSH Configuration" +log_file_content "/etc/ssh/sshd_config" + +# Log Logging Configuration +log_section "06" "Logging Configuration" +log_file_content "/etc/syslog.conf" +log_file_content "/etc/logrotate.conf" + +# Log Jobs +log_section "07" "Jobs" +log_command_output "Sudo Crontab" "sudo crontab -l" +log_file_content "/etc/cron.allow" + +# Log Security Status +log_section "08" "Security Status" +log_command_output "SELinux Status" "sestatus" +log_command_output "AppArmor Status" "aa-status" + +# Log Firewall Rules +log_section "09" "Firewall Rules" +log_command_output "Iptables Rules" "sudo iptables -L" + +# Log Open Ports +log_section "10" "Open Ports" +log_command_output "Netstat" "netstat -tuln" + +# Set report ownership +if [[ $(whoami) == "root" ]]; then + chown "$SUDO_USER" "$REPORT_FILE" +fi |