Mail-Toaster
13 results

 view release on metacpan or  search on metacpan

bin/toaster_audit.pl  view on Meta::CPAN 


    print "checking qmail...";
    sleep 1;

    if ( ! -d "/var/qmail" ) {     # qmail is not installed
        print "ok (not installed).\n";
        return;
    };

    my $changes = 0;

    if ( ! -s "/var/qmail/control/me" ) {
        print "    echo `hostname` > /var/qmail/control/me\n";
        $changes++;
    };
    if ( ! -f "/var/qmail/rc" ) {
        print "cp /var/qmail/boot/maildir /var/qmail/rc\n";
        $changes++;
    };
    if ( ! -s "/var/qmail/control/smtproutes" ) {
        print "    echo ':relay.example.com' > /var/qmail/control/smtproutes\n";
    }

    _changes($changes);
};

sub lighttpd {

    my $http_conf = "/usr/local/etc/lighttpd.conf";
    if ( ! -e $http_conf ) {
        $http_conf = "/usr/local/etc/lighttpd/lighttpd.conf";
    }

    print "\nchecking lighttpd...";
    sleep 1;

    if ( ! -e $http_conf ) {
        print "not found, skipping.\n";
        return;
    };

    my $changes = 0;


    if ( `grep '^accesslog.format' $http_conf` !~ /%v/ ) {
        print <<'EO_LIGHT'

   accesslog.format      = "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %v"
   accesslog.filename    = "|/usr/local/sbin/cronolog /var/log/http/%Y/%m/%d/access.log"
EO_LIGHT
;
        $changes++;
    }

    if ( ! `grep errorlog $http_conf` ) {
        print '   server.errorlog       = "/var/log/http/error.log"';
    };

    if ( ! -d "/var/log/http" ) {
        print "    mkdir /var/log/http\n";
        print "    chown www:www /var/log/http\n";
        $changes++;
    };

    my $mess = "Consider making the changes shown above to $http_conf\n";
    _changes($changes, $mess);
    sleep 2;
};

sub interface_polling {
    return 0 unless $OSNAME eq "freebsd";

    print "
    man polling
    http://taosecurity.blogspot.com/2006/09/freebsd-device-polling.html
    http://silverwraith.com/papers/freebsd-tuning.php
";
};

sub var_cron 
{
    print "\nchecking cron...";
    sleep 1;

    my $changes = 0;

    if ( -d "/var/cron" ) {
        if ( ! -f "/var/cron/allow" ) {
            print <<EO_CRON
"     RESTRICT CRON: Consider restricting cron use. 
      Create /var/cron/allow and add only users that need cron access. eg:

          echo "root" > /var/cron/allow
          chmod o-rwx /var/cron/allow
EO_CRON
;
            $changes++;
        };
    };

    _changes($changes);
};

sub sysctl_conf_settings
{
    my $changes = 0;
    my $sysconf = "/etc/sysctl.conf";

    print "\nchecking $sysconf settings...";
    sleep 1;

    # disable core dumps
    if ( ! `grep coredump $sysconf` && ! am_i_jailed() ) {
        print <<EO_COREDUMP

echo "# don't dump core files unless we specifically ask for it!" >> $sysconf
echo "kern.coredump=0" >> $sysconf
EO_COREDUMP
;
        $changes++;
    };



( run in 1.518 second using v1.01-cache-2.11-cpan-71847e10f99 )