Tested on RedHat, Ubuntu up to Trusty Tahr (14.04), and Solaris.
-
Log into the server using a root account
-
Verify file hash. Something like
$ echo "FILEHASH filename" | md5sum -c
-
Copy lin_audit.sh to /
-
cd to /
-
Make lin_audit.sh executable:
chmod +x lin_audit.sh
-
Run:
./lin_audit.sh
The audit script will place an output report when it finishes in /tmp/audit/
The report name will be in this format:
$HOSTNAME.audit.tgz(in the case of Solaris, it will be a .tar.gz)