Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Creating Shell Script for STIG Checklist MAC OSX 10.6
Operating Systems OS X (Apple) Creating Shell Script for STIG Checklist MAC OSX 10.6 Post 302565678 by john3j04 on Tuesday 18th of October 2011 01:01:10 PM
Old 10-18-2011
Error Creating Shell Script for STIG Checklist MAC OSX 10.6
Hello,

I am new to Mac OSX and shell scripting all together. I was wondering if anyone could help get me started in a few scenarios so that I would be able to automate checking a system against a STIG checklist. A STIG Checklist is a DoD Guideline for securing systems. Here is the first instance I would like to learn how to automate:

Open a terminal session and use the following command to view the setting for password history.

sudo pwpolicy -n -getglobalpolicy | tr " " "\n" | grep usingHistory

If the value of usingHistory is less than 15, this is a finding.

NOTE: If the command returns a response of password server is not configured, the system is not managed. Use the following command for non-managed systems.

pwpolicy -n /Local/Default -getglobalpolicy | tr " " "\n" | grep usingHistory


Now, I know that it tells you what to check and makes it so that anyone can perform this check, so please excuse my stupidity. We all have to start somewhere.

I am not interested in fixing a system, just running a script against a system to see if it conforms to the guideline or not. It would be nice if output could be printed telling me if it passes or not, or even print the output into a log file. There will be a couple of hundred checks that I will have to do, so all output will have to go to a log file.

Thank you for your time and assistance!
 

10 More Discussions You Might Find Interesting

1. Cybersecurity

ssh and Mac OSX

Please help if you are familiar with Mac OSX. I downloaded OpenSSH for a newer version of SSH than what comes with OS 10.1. What a mistake! Now every time I try to make a connection to my remote server I get an message that ssh was built against version such and such and I have version such and... (2 Replies)
Discussion started by: glfisfn
2 Replies

2. UNIX Desktop Questions & Answers

Mac Osx.2

I finally broke down and decided to buy a new piece of hardware. I think I made the right decision when I chose an Apple iBook - OSX is incredible! I haven't used a Mac since System7.5, and 10.2 is just blowing me away! Best of all, it's easy to use for people who are not used to Mac, but if I... (5 Replies)
Discussion started by: LivinFree
5 Replies

3. Shell Programming and Scripting

Checklist for Shell Script reqd

Hi, Can anyone provide me with the Code Review Checklist for Shell scripts ?? Thanks in advance. (2 Replies)
Discussion started by: Shivdatta
2 Replies

4. OS X (Apple)

Mac OSX kernel

is there anyway of looking at, and if possible, modifying it? (2 Replies)
Discussion started by: cleansing_flame
2 Replies

5. Shell Programming and Scripting

#!/bin/bash and #1bin/sh command not found error on mac osx terminal/shell script

i am having a weird error on mac os x running some shell scripts. i am a complete newbie at this and this question concerns 2 scripts. one of which a friend of mine wrote (videochecker.sh) a couple weeks ago and it's been running fine on another machine. then last week i wrote capture.sh and it... (2 Replies)
Discussion started by: danpaluska
2 Replies

6. OS X (Apple)

Cron on Mac OSX

Hello, I was wondering about my Cron Script: HELL=/bin/tcsh PATH=/sbin:/bin:/usr/sbin:/usr/bin HOME=/var/log MAILTO=jwillis 25 1 * * * root /Users/jwillis/Fbcmd\Scripts/DailyBirthday.scrmy returned message is: Subject: Cron <jwillis@Macintosh-66> root ... (1 Reply)
Discussion started by: jwillis0720
1 Replies

7. UNIX for Dummies Questions & Answers

Mac OSX Cron Script Execution

Hello, On Mac OSX, I was wondering about my Cron Script: HELL=/bin/tcsh PATH=/sbin:/bin:/usr/sbin:/usr/bin HOME=/var/log MAILTO=jwillis 25 1 * * * root /Users/jwillis/Fbcmd\Scripts/DailyBirthday.scrmy returned message is: Subject: Cron... (3 Replies)
Discussion started by: jwillis0720
3 Replies

8. UNIX for Advanced & Expert Users

UML on MAC OSX

Hey guyz, Is it possible to build user-mode linux kernel on MAC OSX? Please I need a reply asap as I have an assignment that I need to do. Thanks! Adel (1 Reply)
Discussion started by: aje02
1 Replies

9. UNIX Desktop Questions & Answers

X11 Display Problem with Mac OSX after creating new account

For preliminaries, I am on a Mac Pro running 10.5. I am trying to run a program that opens an X11 graphic and plots a mesh. The little program is called showme. It has worked just fine in the past. Up until I had to make a new user account on this machine for myself. Now every time I try to... (8 Replies)
Discussion started by: Bocephus85
8 Replies

10. Shell Programming and Scripting

Creating an script to automate on mac

First of all, i'm sorry if this topic isn't in the right place, I have a Mac and I've read that is unix based, that's why I'm writing here. I'm trying to "create" a script with which i will be able to download any Tv Show automatically and then rename it. I'm using for that goal the following... (1 Reply)
Discussion started by: Qyles
1 Replies

LEARN ABOUT SUSE

split

SPLIT(1)							   User Commands							  SPLIT(1)

NAME

       split - split a file into pieces

SYNOPSIS

       split [OPTION]... [INPUT [PREFIX]]

DESCRIPTION

       Output  fixed-size  pieces  of  INPUT to PREFIXaa, PREFIXab, ...; default size is 1000 lines, and default PREFIX is `x'.  With no INPUT, or
       when INPUT is -, read standard input.

       Mandatory arguments to long options are mandatory for short options too.

       -a, --suffix-length=N
	      use suffixes of length N (default 2)

       -b, --bytes=SIZE
	      put SIZE bytes per output file

       -C, --line-bytes=SIZE
	      put at most SIZE bytes of lines per output file

       -d, --numeric-suffixes
	      use numeric suffixes instead of alphabetic

       -l, --lines=NUMBER
	      put NUMBER lines per output file

       --verbose
	      print a diagnostic just before each output file is opened

       --help display this help and exit

       --version
	      output version information and exit

       SIZE may have a multiplier suffix: b 512, kB 1000, K 1024, MB 1000*1000, M 1024*1024, GB 1000*1000*1000, G 1024*1024*1024, and so on for T,
       P, E, Z, Y.

AUTHOR

       Written by Torbjorn Granlund and Richard M. Stallman.

REPORTING BUGS

       Report split bugs to bug-coreutils@gnu.org
       GNU coreutils home page: <http://www.gnu.org/software/coreutils/>
       General help using GNU software: <http://www.gnu.org/gethelp/>

COPYRIGHT

       Copyright (C) 2009 Free Software Foundation, Inc.  License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
       This is free software: you are free to change and redistribute it.  There is NO WARRANTY, to the extent permitted by law.

SEE ALSO

       The  full  documentation  for split is maintained as a Texinfo manual.  If the info and split programs are properly installed at your site,
       the command

	      info coreutils 'split invocation'

       should give you access to the complete manual.

GNU coreutils 7.1						     July 2010								  SPLIT(1)
All times are GMT -4. The time now is 08:25 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy