Difference between revisions of "Audit Tools"
| Line 45: | Line 45: | ||
When errors are found, a db command is recommended that changes the account type from 'pseudonym' to 'pseudonym-deleted' (preserving the details of the pseudonym but removing it from all pseudonym template expansions). | When errors are found, a db command is recommended that changes the account type from 'pseudonym' to 'pseudonym-deleted' (preserving the details of the pseudonym but removing it from all pseudonym template expansions). | ||
| + | |||
| + | This command has no output if no errors are identified. | ||
====repositories==== | ====repositories==== | ||
Revision as of 17:28, 19 January 2014
Introduction
SME Server comes with a set of audit tools. These tools can assist you in getting information about your system, to help you troubleshoot or to provide valuable data to be attached to bug reports. The tools are located in the /sbin/e-smith/audittools/ folder of your server.
Available audit tools
Below is a list of available audittools, with their function.
# ls /sbin/e-smith/audittools/ aliases events groups-users newrpms pseudonyms repositories templates templates2expand users2domains virtualdomains2pseudonyms
aliases
|
[Need description] |
events
This tool will generate a list of events that are not part of the basic SME Server installation, it will also tell you if the events overrides a default template or if it is an addition.
groups-users
The purpose of this tool is to verify correct GID and UID of essential groups and users of SME and to display all users, groups, ibays set in the collaboration panel of server-manager.
newrpms
This script provides you with a list of RPMs that are installed outside the default repositories. This can be used to determine what RPM packages you have installed additionally.
pseudonyms
Lists illegal or misconfigured pseudonyms found in the accounts db.
Tests include:
- If the pseudonym contains an '@', the '@' symbol must not be the last character (there must be a domain following the '@' (note: nothing is done to confirm that what follows the '@' is a valid email domain name)
- The pseudonym must have a property named 'Account' which is not empty
- The 'Account' property must point to an existing user account or to another pseudonym
- Pseudonyms can be nested at most once:
- Legal: pseudonym1 -> pseudonym2 -> USER
- Illegal: pseudonym1 -> pseudonym2 -> pseudonym3 -> USER
- Illegal: pseudonym1 -> pseudonym1 (circular)
When errors are found, a db command is recommended that changes the account type from 'pseudonym' to 'pseudonym-deleted' (preserving the details of the pseudonym but removing it from all pseudonym template expansions).
This command has no output if no errors are identified.
repositories
This tool generates a list of repositories setup on the server under test, and their status (i.e. enabled or disabled).
templates
This tool will generate a list of template fragments that are not part of the basic SME Server installation, it will also tell you if the template fragments overrides a default template or if it is an addition.
templates2expand
This tools will list all template generated config files, ordered per event.
users2domains
|
[Need description] |
virtualdomains2pseudonyms
|
[Need description] |
Usage
To run a report issue the command in this style
/sbin/e-smith/audittools/audittoolname
eg
/sbin/e-smith/audittools/newrpms /sbin/e-smith/audittools/groups-users
and so on...
If you are using Putty, you can copy the contents of the screen into the clipboard.
Alternatively issue the command like this
/sbin/e-smith/audittools/newrpms > /path/filename
where /path/filename is the path & filename (on your sme server) of where you want to save the report
