notes for nerds – pc, server, phones, apps

notes4nerds

— notes.h87.at —

onlyroot – Bashscript to secure sensitive data

#!/bin/bash
## this file have to be saved as onlyroot with no file extnsion otherwse there will be an error!
echo "---------------------------------------------------------------------"
echo "change owner and permission of file to root and only readable by root"
echo "proudly presentet by kemi pixelshifter"
echo "---------------------------------------------------------------------"
echo " "

# check if running as root
if [ "$(id -u)" != "0" ];
then
echo "run this script as root!"
exit 1
fi

# check if file is in /bin directory if not aks to copy it there
if ! test -f /bin/onlyroot; then
echo " "
read -p "WARNING onlyroot is not in /bin directory, should i take care of this? decide Yes or No " -n 1 -r
if [[ $REPLY =~ ^[Yy]$ ]]
then
SCRIPT_DIR="$(pwd)"
sudo cp $SCRIPT_DIR/onlyroot /bin
echo " "
echo "---------------------------------------------------------------------"
echo "done copying file onylroot is systemwide accessable now"
echo "run again from any directory now :D"
exit
fi
fi

# check if a command argument is given otherwise exit and give a hint
if [ "$1" == "" ];
then
echo "you have to specify a file!"
echo "try again like: sudo onlyroot sensitive_file"
exit
fi

# change ownership to root and filepermission to rw only for root
sudo chown root:root $1
sudo chmod 600 $1
echo "$1 is now only accessable by root!"
ls -lh $1

Save file as

onlyroot

with no extension and make executeable with chmod +x onlyroot

do not run this programm with different filename!!!

#!/bin/bash
## this file have to be saved as onlyroot with no file extnsion otherwse there will be an error!
echo ""$(tput setaf 38)---------------------------------------------------------------------""
echo ""$(tput setaf 155)change owner and permission of file to only readable by" $(tput setaf 1)root!"
echo ""$(tput setaf 155)proudly presentet by" $(tput setaf 200)kemi pixelshifter"
echo ""$(tput setaf 38)---------------------------------------------------------------------""
echo " "

# check if running as root
if [ "$(id -u)" != "0" ];
then
echo ""$(tput setaf 38)run this script as" $(tput setaf 1)root!"
exit 1
fi

# check if file is in /bin directory if not aks to copy it there
if ! test -f /bin/onlyroot; then
echo ""$(tput setaf 155)WARNING onlyroot is not in /bin directory, should i take care of this? decide""$(tput setaf 125)
read -p " Yes or No " -n 1 -r
if [[ $REPLY =~ ^[Yy]$ ]]
then
SCRIPT_DIR="$(pwd)"
sudo cp $SCRIPT_DIR/onlyroot /bin
echo " "
echo ""$(tput setaf 128)---------------------------------------------------------------------""
echo ""$(tput setaf 155)done copying file onylroot is systemwide accessable now""
echo "run again from any directory now :D"
exit
fi
fi

# check if a command argument is given otherwise exit and give a hint
if [ "$1" == "" ];
then
echo ""$(tput setaf 155)you have to specify a file!""
echo "try again like: "$(tput setaf 140)sudo onlyroot sensitive_file""
exit
fi

# change ownership to root and filepermission to rw only for root
sudo chown root:root $1
sudo chmod 600 $1
echo ""
echo ""$(tput setaf 177)$1 $(tput setaf 38)is now only accessable by $(tput setaf 1)root!""$(tput setaf 177)
ls -lh $1

same script but with fancy color 🙂


Beitrag veröffentlicht

in

, , ,

von

Kommentare

Schreibe einen Kommentar