#!/usr/local/bin/perl # # $Header: ohExeBinPerm.pl 12-jan-2007.12:11:51 manosing Exp $ # # ohExeBinPerm.pl # # Copyright (c) 2004, 2006, Oracle. All rights reserved. # # NAME # ohExeBinPerm.pl - # # DESCRIPTION # # # NOTES # # # MODIFIED (MM/DD/YY) # manosing 01/12/07 - XbranchMerge manosing_lastpols from main # manosing 12/28/06 - flood control for windows policy # manosing 12/21/06 - adding check for "0()" # dkjain 07/03/05 - Fixed the em_error with print # dsukhwal 05/12/05 - limit number of rows pushed # dsukhwal 05/05/05 - handle win32 cases # dkjain 03/22/05 - perm mask filter for the group. # dkjain 02/28/05 - Fixed bug-4191040 # dsukhwal 02/15/05 - exceptional cases in file_perm usage # dkjain 12/28/04 - # dkjain 10/31/04 - Bug-3977629 # dkjain 10/08/04 - dkjain_esa_impl_init # dkjain 10/08/04 - Creation # use strict ; require "$ENV{EMDROOT}/sysman/admin/scripts/db/esaDbUtils.pl"; require "$ENV{EMDROOT}/sysman/admin/scripts/db/esaUtils.pl"; require "emd_common.pl"; require "semd_common.pl"; my $oracleHome = $ENV{EM_TARGET_ORACLE_HOME}; my $property = "oh_exebin_files_perm"; my $dsn = "dbi:Oracle:" ; my $ed9i = 0 ; my $limit = 0 ; my $maxCount; my %stdinArgs = get_stdinvars(); my $username = $stdinArgs{"EM_TARGET_USERNAME"}; my $password = $stdinArgs{"EM_TARGET_PASSWORD"}; my $address = $ENV{EM_TARGET_ADDRESS}; my $role = $ENV{EM_TARGET_ROLE}; my $mode = 0; if($^O eq "MSWin32"){ $maxCount = $ENV{'NOHEXEPERM'}; }else{ $maxCount = $ENV{'OHEXEPERM'}; } if($role =~ /SYSDBA/i) { $mode = 2; } elsif($role =~ /SYSOPER/i) { $mode = 4; } my $dbh; my $table; my $banner; my $sth; $dbh = open_db_connection("dbi:Oracle:", "$username@".$address,$password,$mode); $table = "v\$version" ; $banner = "banner" ; $sth = $dbh->prepare_cached("SELECT $banner FROM $table where $banner like '%Oracle%' ") or die print "em_error=Couldn't prepare statement: $dbh->errstr"; $sth->execute() or die print "em_error=Couldn't execute statement: $sth->errstr"; close_db_connection($dbh) ; my @edition = $sth->fetchrow_array(); #if($edition[0]=~ "9i") #{ # $ed9i = 1 ; #} if($^O =~ "linux") { #find(\&verify_files_perm,qq($oracleHome/bin) ); my %h=(wanted=>\&verify_files_perm, follow=>1, follow_skip=>2); find(\%h, qq($oracleHome/bin)); } elsif($^O eq "MSWin32"){ find(\&verify_files_perm_win32, qq($oracleHome/bin)); } #This is to verify perm of a given pathname recursively. sub verify_files_perm{ my $fpath=$File::Find::name; my $retModeCrude = file_perm($fpath); my $retMode = $retModeCrude & 0777; if( ($retModeCrude >=0 ) && ($retMode & 002) ){ $fpath = check_512char($fpath); printf "em_result=$property|%03o|$fpath\n",$retMode; $limit++ ; if( ($limit > $maxCount-1) && ($maxCount != -1) ){ exit(0); } } } sub verify_files_perm_win32{ my $fpath=$File::Find::name; $fpath =~ s/\//\\/g;#perl find will always attach forward slash as directory separator #converting it into backslash for mswin32, for want of a better alternative if(!compareNegInf($limit, $maxCount)){ exit(0); } my $users = win32_file_perm($fpath); if($users != -1){ if($users ne "0()"){ print "em_result=nt_$property|$users|$fpath\n"; $limit++; } } }