Audit Tools
Introduction
SME Server comes with a set of audit tools. These tools can assist you in getting information about your system, to help you troubleshoot or to provide valuable data to be attached to bug reports. The tools are located in the /sbin/e-smith/audittools/ folder of your server.
Available audit tools
Below is a list of available audittools, with their function.
# ls /sbin/e-smith/audittools/ aliases events groups-users newrpms pseudonyms repositories templates templates2expand users2domains virtualdomains2pseudonyms
aliases
This tools will check the content of qmail alias file (/var/qmail/alias) and add the Account appurtenance (Group/System/Alias...)
events
This tool will generate a list of events that are not part of the basic SME Server installation, it will also tell you if the events overrides a default template or if it is an addition.
This command has no output if no errors are identified
groups-users
The purpose of this tool is to verify correct GID and UID of essential groups and users of SME and to display all users, groups, ibays set in the collaboration panel of server-manager.
newrpms
This script provides you with a list of RPMs that are installed outside the default repositories. This can be used to determine what RPM packages you have installed additionally.
pseudonyms
Lists illegal or misconfigured pseudonyms found in the accounts db.
Tests include:
- If the pseudonym contains an '@', the '@' symbol must not be the last character (there must be a domain following the '@' (note: nothing is done to confirm that what follows the '@' is a valid email domain name)
- The pseudonym must have a property named 'Account' which is not empty
- The 'Account' property must point to an existing user account or to another pseudonym
- Pseudonyms can be nested at most once:
- Legal: pseudonym1 -> pseudonym2 -> USER
- Illegal: pseudonym1 -> pseudonym2 -> pseudonym3 -> USER
- Illegal: pseudonym1 -> pseudonym1 (circular)
When errors are found, a db command is recommended that changes the account type from 'pseudonym' to 'pseudonym-deleted' (preserving the details of the pseudonym but removing it from all pseudonym template expansions).
This command has no output if no errors are identified.
repositories
This tool generates a list of repositories setup on the server under test, and their status (i.e. enabled or disabled).
templates
This tool will generate a list of template fragments that are not part of the basic SME Server installation, it will also tell you if the template fragments overrides a default template or if it is an addition.
This command has no output if no errors are identified
templates2expand
This tool will list all template-based generated config files, ordered per event (called by the command line "signal-event").
users2domains
This tools will display the number of emails received by the server, sorted by users, groups, or mailing-list
virtualdomains2pseudonyms
This tools will check if email addresses in the qmail alias file "/var/qmail/control/virtualdomains", have a correct record in account database.
If not the script display DB commands to set correct records.
This command has no output if no errors are identified.
Usage
To run a report issue the command in this style
/sbin/e-smith/audittools/audittoolname
eg
/sbin/e-smith/audittools/newrpms /sbin/e-smith/audittools/groups-users
and so on...
Below is a list of available audittools, with their function.
# ls /sbin/e-smith/audittools/ aliases events groups-users newrpms pseudonyms repositories templates templates2expand users2domains virtualdomains2pseudonyms
If you are using Putty, you can copy the contents of the screen into the clipboard.
Alternatively issue the command like this
/sbin/e-smith/audittools/newrpms > /path/filename
where /path/filename is the path & filename (on your sme server) of where you want to save the report
