Created
May 19, 2025 02:34
-
-
Save aabccd021/bfb065909d7e7ff0a6d80c7ee5ff590c to your computer and use it in GitHub Desktop.
fs anomaly detection
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| find "$dir" 2>/dev/null | while read -r item; do | |
| # Get all stats at once for each item | |
| stats=$(stat --format "%F|%a|%u|%g" "$item" 2>/dev/null) | |
| # Parse the stats | |
| IFS='|' read -r type perms owner group <<< "$stats" | |
| # Set expected values based on whether it's a directory or file | |
| if [ "$type" = "directory" ]; then | |
| expected_perms="700" | |
| item_type="Directory" | |
| elif [ "$type" = "regular file" ]; then | |
| expected_perms="600" | |
| item_type="File" | |
| else | |
| continue # Skip if not a directory or regular file | |
| fi | |
| # Check permissions and ownership | |
| if [ "$perms" != "$expected_perms" ]; then | |
| echo "$item_type has incorrect permissions: $item ($perms instead of $expected_perms)" | |
| fi | |
| if [ "$owner" -ne "$uid" ]; then | |
| echo "$item_type has incorrect user ownership: $item (UID $owner instead of $uid)" | |
| fi | |
| if [ "$group" -ne "$gid" ]; then | |
| echo "$item_type has incorrect group ownership: $item (GID $group instead of $gid)" | |
| fi | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment