The following monster will parse the mail log and report on unique host connections along with a count.
cat /var/log/mail.log | \
grep ' connect from unknown' | \
awk '{ print $8 }' | \
sort | \
sed -n 's/.*\[\([0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\)\].*/\1/p' | \
awk '{count[$1]++} END {for (word in count) print count[word], word}' | \
sort -n
I wrote the below BASH function today. It’s good because it performs super well compared to the alternative commands (which are commented out below above the new commands):
own() {
echo "Taking ownership..."
#chown -R jj5:jj5 .
find . \! -user jj5 -or \! -group jj5 -execdir chown jj5:jj5 "{}" \;
[ "$?" = 0 ] || { echo "Could not take ownership in '$PWD'."; exit 1; }
echo "Fixing directory permissions..."
#find . -type d -execdir chmod u+rwx "{}" \;
find . -type d -and \( \! -perm /u=r -or \! -perm /u=w -or \! -perm /u=x \) -execdir chmod u+rwx "{}" \;
[ "$?" = 0 ] || { echo "Could not fix directory permissions in '$PWD'."; exit 1; }
echo "Fixing file permissions..."
#find . -type f -execdir chmod u+rw "{}" \;
find . -type f -and \( \! -perm /u=r -or \! -perm /u=w \) -execdir chmod u+rw "{}" \;
[ "$?" = 0 ] || { echo "Could not fix file permissions in '$PWD'."; exit 1; }
}
The basic premise is don’t do work which doesn’t need to be done!
I learned about the Mailman check_perms program today. Basically it reports on permission issues with the mailman database, which is good because I was having trouble with the permissions on the mailman database. Basically email for a new list wasn’t being added to the web archive because the right permissions weren’t in place to allow the mailman process to write there. Anyway, with the help of /usr/lib/mailman/bin/check_perms and the judicious use of “chgrp -h list” and “chown -R -h www-data:list” I think I managed to fix everything up.
Update: I had a problem after applying the above changes whereby I couldn’t access the web archive for Mailman lists anymore. But… I figured out how to fix it. Basically I added the www-data to the list group with the following command (and then rebooted):
sudo adduser www-data list
To disable a user login:
$ sudo passwd -l username
To unlock a disabled user login:
$ sudo passwd -u username
To specify all the secondary groups a user should be in (if they’re already in a group not in this list they will be removed from it) you use:
$ sudo usermod -G grp_a,grp_b username
To append to the list of secondary groups:
$ sudo usermod -a -G grp_c username
To show what users are in a group:
$ grep ^group: /etc/group
E.g. to show which users are in the sudo group:
$ grep ^sudo: /etc/group
You also need to check primary groups by grepping for the gid in the passwd file. For instance the gid for the sudo group is 27, so to see who’s in sudo you also have to:
$ grep 27 /etc/passwd
Of course you should take all of the above with a grain of salt because there are a thousand caveats.