On 05-09-18 15:04, Luc Pardon wrote:
> The Q&D shell scriptlet below my sig would probably do the trick
>
> ==================================
> #!/bin/sh
>
> # This would not be needed if integrated into postfix-script:
> BASE=$(postconf -hx config_directory | sed "s/\n$//")
>
> # Search for dangerous symlinks in $1 and its subdirs
> function inspect
> {
> DIR=$1
>
> for f in $DIR/* ; do
> if [ -L $f ]; then
> # if it points outside $BASE, it starts with "../.."
> DOT=$(realpath --relative-to $BASE $f | cut -d'/' -f1)
> if [ $DOT = ".." ]; then
> echo "ALARM: $f is a symlink to $(realpath $f)"
> fi
> elif [ -d $f ]; then
> inspect $f
> fi
> done
> }
>
> inspect $BASE
> ==================================
>
Q&D for sure.
Of course that two lines about "DOT" should better read:
DOT=$(realpath --relative-to $BASE $f | cut -d'/' -f1-2)
if [ $DOT = "../.." ]; then
Sorry about that, and also about breaking the message thread.
Luc
