Audit log found that some of the servers had somehow incorrect permission - complaining about:-
The mode is too permissive.
To correct this permission, you have to login to each system, make change to each file one by one. If you have ansible environment, you have an easy solution. You can use ansible one liner
1. Existing permission
[root@worker1 ~]# ls -l /etc/shadow
-rwxr-xr-x. 1 root root 244 Jul 22 08:58 /etc/shadow
2. Run ansoble to fix this problem
[sam@master html]$ sudo ansible -i /root/myhosts all -a "chmod 0600 -v /etc/shadow" -b -K -o
BECOME password:
worker1 | CHANGED | rc=0 | (stdout) mode of '/etc/audit/rules.d/audit.rules' changed from 0755 (rwxr-xr-x) to 0600 (rw-------)
master | CHANGED | rc=0 | (stdout) mode of '/etc/audit/rules.d/audit.rules' retained as 0600 (rw-------)
worker2 | UNREACHABLE!: Failed to connect to the host via ssh: ssh: connect to host worker2 port 22: No route to host
[sam@master html]$
3. Verify the permission
[root@worker1 ~]# ls -l /etc/shadow
-rw-------. 1 root root 244 Jul 22 08:58 /etc/shadow
No comments:
Post a Comment