Server : Apache System : Linux host44.registrar-servers.com 4.18.0-513.18.1.lve.2.el8.x86_64 #1 SMP Sat Mar 30 15:36:11 UTC 2024 x86_64 User : vapecompany ( 2719) PHP Version : 7.4.33 Disable Function : NONE Directory : /proc/self/root/proc/self/root/proc/self/root/lib64/nagios/plugins/nccustom/ |
Upload File : |
#!/usr/libexec/platform-python # # written by Vladimir Burov, vladimir.burov@namecheap.com # version: 1.0-3 2017/12/05 # short description: checking accounts that may still in the system after not proper removing by cPanel # link to documentation: TO-2944 # RPM package: nc-check-excess-accounts # # update: RPM package: nc-nrpe-check_extra_accts import configparser import argparse import re import os import pwd import sys from subprocess import Popen, PIPE VERSION = '1.0-3 2017/12/05' CONFIG = ['/usr/share/nc_nagios/check_extra_accts/check_extra_accts_ignore.conf'] DESCRIPTION = "Checking accounts that left in the system after incorrect removing from cPanel.\n" \ "Config: %s\nVersion %s %s" % (CONFIG[0], VERSION, "vladimir.burov@namecheap.com") CONFIG = ['/usr/share/nc_nagios/check_extra_accts/check_extra_accts_ignore.conf', '/usr/share/nc_nagios/check_extra_accts/check_extra_accts_regex_ignore.conf'] HOSTNAME = os.uname()[1] CPANELACCTSCMD = '/usr/sbin/whmapi1 listaccts want=user\,unix_startdate|grep "user:"|awk "{print\$2}"' SYSTEMACCTSCMD = 'cat /etc/passwd|awk -F: "{print\$1}"|sort' if __name__ == "__main__": parser = argparse.ArgumentParser(formatter_class=argparse.RawDescriptionHelpFormatter, description=DESCRIPTION) parser.add_argument("-v", "--verbose", default=False, action="store_true", help="more verbose output") args = parser.parse_args() config = configparser.ConfigParser(allow_no_value=True) config.read(CONFIG) exclude = [u[0] for u in config.items('default')] re_exclude = [r[0] for r in config.items('regex')] for pattern in filter(lambda p: not p == 'default', config.sections()): if re.match(pattern, HOSTNAME): for u in config.items(pattern): exclude.append(u[0]) systemaccts = Popen(SYSTEMACCTSCMD, stdout=PIPE, encoding="utf8", shell=True).stdout.read().rstrip().split('\n') cpanelaccts = Popen(CPANELACCTSCMD, stdout=PIPE, encoding="utf8", shell=True).stdout.read().rstrip().split('\n') cpanelhomedirs = [os.path.expanduser('~'+u) for u in cpanelaccts] nouserhome = [] cpanelhomesownroot = [] for homedir in cpanelhomedirs: homedir_uid = os.stat(homedir).st_uid try: if pwd.getpwuid(homedir_uid).pw_name == 'root': cpanelhomesownroot.append(homedir) except KeyError: nouserhome.append(homedir) var_cpanel_users = os.listdir('/var/cpanel/users') if args.verbose: print("Exclude: %s" % (' '.join(exclude))) print("RE Exclude: %s" % (' '.join(re_exclude))) print("System: %s" % (' '.join(systemaccts))) print("cPanel: %s" % (' '.join(cpanelaccts))) print("/var/cpanel/users: %s" % (' '.join(var_cpanel_users))) excess = [a for a in systemaccts if a not in cpanelaccts and a not in exclude] if re_exclude: big_re = re.compile('|'.join(re_exclude)) if filter(big_re.match, excess): excess = list(set(excess) - set((filter(big_re.match, excess)))) excess_var_cpanel_users = [a for a in var_cpanel_users if a not in cpanelaccts and a not in exclude and not a == 'system'] warn = [] if excess: warn.append("Extra accounts: %s;" % (' '.join(excess))) if args.verbose: print("Extra: %s" % (' '.join(excess))) if excess_var_cpanel_users: warn.append("Extra /var/cpanel/users/<file>: %s;" % (' '.join(excess_var_cpanel_users))) if args.verbose: print("Cpanel account do not exist but /var/cpanel/users/<file> exists: %s"\ % (' '.join(excess_var_cpanel_users))) if cpanelhomesownroot: warn.append("Acct home owned by root: %s;" % (' '.join(cpanelhomesownroot))) if args.verbose: print("cPanel account home is owned by root: %s" % (' '.join(cpanelhomesownroot))) if nouserhome: warn.append("Acct home owned by nouser: %s;" % (' '.join(nouserhome))) if args.verbose: print("cPanel account home is owned by nouser: %s" % (' '.join(nouserhome))) if warn: print("CRITICAL - %s" % ' '.join(warn)) sys.exit(2) else: print("OK - There's no extra accounts") sys.exit(0)