#!/bin/bash
#######################################################################
# Purpose : This script contains commands that will check various
# : settings on Solaris 10 systems
# :
# Authors : Kevin Waldron
# : Scott Everard
# :
# :
# Date : May 23, 2007
# Version : 1.00
# :
# Revision : 1.00.
# :
# Filename : seccheck_zones.sh
# :
# Location : CD-ROM
#
###############################################################################
AWK="/usr/bin/awk"
ECHO="/bin/echo"
GREP="/usr/bin/grep"
ID="/usr/xpg4/bin/id"
LS="/bin/ls"
SED="/usr/bin/sed"
SVCADM="/usr/sbin/svcadm"
SVCCFG="/usr/sbin/svccfg"
SVCS="/usr/bin/svcs"
UNAME="/bin/uname"
WC="/bin/wc"
OS="unknown"
OS_VERSION="unknown"
BOLD=`tput smso`
BOLDOFF=`tput rmso`
SUCCESS=0
ERROR=1
function print_error {
${ECHO} "Error: $@" >&2
}
function print_warn {
${ECHO} "NOT OK: $@"
}
function print_info {
${ECHO} " INFO: $@"
}
function print_ok {
${ECHO} "OK: $@"
}
function print_banner {
${ECHO} "$BOLD[ $@ ]$BOLDOFF"
}
function print_divider {
${ECHO} "=========="
}
function check_os {
OPERATING_SYSTEM=$( ${UNAME} -s )
OS_REVISION=$( ${UNAME} -r )
case "${OPERATING_SYSTEM}" in
"SunOS") OS="Solaris"
case "${OS_REVISION}" in
"5.10") OS_VERSION="10" ;;
"5.9" ) OS_VERSION="9" ;;
"5.8" ) OS_VERSION="8" ;;
"5.7" ) OS_VERSION="7" ;;
* ) OS_VERSION="UNSUPPORTED" ;;
esac ;;
* ) OS="UNSUPPORTED" ;;
esac
if [ "${OS}" = "UNSUPPORTED" -o "${OS_VERSION}" = "UNSUPPORTED" ]; then
print_error "Sorry, ${OPERATING_SYSTEM} ${OS_REVISION} is not supported"
exit ${ERROR}
elif [ "${OS_VERSION}" -ne "10" ]; then # temporary....
print_error "Sorry, only Solaris 10 supported at present"
exit ${ERROR}
fi
}
function check_user {
MY_UID=$( ${ID} -u )
if [ "${MY_UID}" -ne "0" ]; then
print_error "This script must be executed as root"
exit ${ERROR}
fi
}
function check_zones {
print_banner "Checking Zones"
print_divider
VALUE=`zoneadm list | wc -l`
if [ ${VALUE} -gt 1 ]
then
print_ok "This system has ${VALUE} zones configured."
zoneadm list
print_divider
for zone in `zoneadm list -v | grep -v ID | awk '{ print $2 }'`
do
if [ "$zone" = "global" ]; then continue; fi
# echo $zone
zonepath=`zoneadm -z $zone list -v | grep -v ID | awk '{ print $4 }'`
# echo $zonepath
sparsezone=`zonecfg -z "$zone" info inherit-pkg-dir 2> /dev/null`
if [ -n "$sparsezone" ]
then
echo "${zone} is a sparse zone."
echo " "
else
echo "${zone} is a whole root zone."
fi
done
else
print_warn "Global is the only zone configured on this system."
fi
}
check_os
print_divider
check_zones
print_divider
exit 0