Audit Tools

From SME Server
Jump to navigationJump to search


Incomplete.png Incomplete:
This article or section needs to be expanded. Please help to fill the gaps or discuss the issue on the talk page


Introduction

SME Server comes with a set of audit tools. These tools can assist you in getting information about your system, to help you troubleshoot or to provide valuable data to be attached to bug reports. The tools are located in the /sbin/e-smith/audittools/ folder of your server.

Available audit tools

Below is a list of available audittools, with their function.

# ls /sbin/e-smith/audittools/
aliases 
events 
groups-users
newrpms 
pseudonyms 
repositories 
templates 
templates2expand 
users2domains 
virtualdomains2pseudonyms

aliases

This tools will check the content of qmail alias file (/var/qmail/alias) and add the Account appurtenance (Group/System/Alias...)

events

This tool will generate a list of events that are not part of the basic SME Server installation, it will also tell you if the events overrides a default template or if it is an addition.

This command has no output if no errors are identified

groups-users

The purpose of this tool is to verify correct GID and UID of essential groups and users of SME and to display all users, groups, ibays set in the collaboration panel of server-manager.

newrpms

This script provides you with a list of RPMs that are installed outside the default repositories. This can be used to determine what RPM packages you have installed additionally.

pseudonyms

Lists illegal or misconfigured pseudonyms found in the accounts db.

Tests include:

  • If the pseudonym contains an '@', the '@' symbol must not be the last character (there must be a domain following the '@' (note: nothing is done to confirm that what follows the '@' is a valid email domain name)
  • The pseudonym must have a property named 'Account' which is not empty
  • The 'Account' property must point to an existing user account or to another pseudonym
  • Pseudonyms can be nested at most once:
    • Legal: pseudonym1 -> pseudonym2 -> USER
    • Illegal: pseudonym1 -> pseudonym2 -> pseudonym3 -> USER
    • Illegal: pseudonym1 -> pseudonym1 (circular)

When errors are found, a db command is recommended that changes the account type from 'pseudonym' to 'pseudonym-deleted' (preserving the details of the pseudonym but removing it from all pseudonym template expansions).

This command has no output if no errors are identified.

repositories

This tool generates a list of repositories setup on the server under test, and their status (i.e. enabled or disabled).

templates

This tool will generate a list of template fragments that are not part of the basic SME Server installation, it will also tell you if the template fragments overrides a default template or if it is an addition.

This command has no output if no errors are identified

templates2expand

This tool will list all template-based generated config files, ordered per event (called by the command line "signal-event").

users2domains

This tools will display the number of emails received by the server, sorted by users, groups, or mailing-list

virtualdomains2pseudonyms

This tools will check if email addresses in the qmail alias file "/var/qmail/control/virtualdomains", have a correct record in account database.

If not the script display DB commands to set correct records.
This command has no output if no errors are identified.

Usage

To run a report issue the command in this style

/sbin/e-smith/audittools/audittoolname

eg

/sbin/e-smith/audittools/newrpms
/sbin/e-smith/audittools/groups-users

and so on...

Below is a list of available audittools, with their function.

# ls /sbin/e-smith/audittools/
aliases 
events 
groups-users
newrpms 
pseudonyms 
repositories 
templates 
templates2expand 
users2domains 
virtualdomains2pseudonyms

If you are using Putty, you can copy the contents of the screen into the clipboard.

Alternatively issue the command like this

/sbin/e-smith/audittools/newrpms > /path/filename

where /path/filename is the path & filename (on your sme server) of where you want to save the report