I need to check whether user dot-files are not group or world writeable: The below command will list all the files:
find /home/ -name "\.*" -perm /g+w,o+w Output:
/home/system/.java /home/ldap/.java My query is, how do I SSH to the machine (multiple VM's) and then find these files using the above command and correct it using:
chmod go-w /home/<\USER><\FILE> chmod go-w /home/<\USER>/<\DIRECTORY> I need to write a shell script.
You can just use for loop to run chmod on all files/folder returned by find command.
for i in `find /home/ -name ".*" -perm /g+w,o+w`; do chmod go-w $i; done This will run chmod go-w on all files/folder which were found with the find command.
This is how it would look like a bash script.
#!/bin/bash for i in `find /home/ -name ".*" -perm /g+w,o+w`; do chmod go-w $i; done EDIT:
Appending just -exec chmod g-w,o-w "{}" \; to the end of find, as suggested by Drav Sloan in comment of question is lot more efficient then for loop.
So you can just use
find /home/ -name ".*" -perm /g+w,o+w -exec chmod g-w,o-w "{}" \; or as bash script:
#!/bin/bash find /home/ -name ".*" -perm /g+w,o+w -exec chmod g-w,o-w "{}" \; If you save it as script.sh, you can run it with:
bash script.sh If you want to run for loop remotely, something like this should work if you place script.sh on all machines:
ssh machine "bash script.sh" or if it is only locally
ssh machine 'bash -s' < script.sh If you want to run a script on multiple servers, you can either put ssh in for loop, or use pssh utility.
If you put all your servers in serverlist file, you can use pssh to run the local script on all those servers:
pssh -h serverlist -i -I < script.sh or with for loop and ssh:
for i in `cat serverslist`; do ssh $i 'bash -s' < script.sh; done If all you want to do is force the files be non-writable, whouldn't following be sufficient?
$ chmod g-w,o-w ~/.* 
-exec chmod g-w,o-w "{}" \;to the end of your find.