So yea another day at work. It sometimes happens that someone makes a fuck up by either leaving dump files on a server. It also happens that a file gets placed as root-user instead of the correct sudo’d user where apache is running with.
Ill be fair to say that these are some edge-cases mostly for some older servers and wordpress installations.
Anyway I wanted to “fix” this fairly easy by providing some warning. As we use slack as a really important messaging system I thought of implementing some script/cronjob to warn us if above examples may happen.
I’m aware that there are somewhat more professional tools (Like implementing something in Nagios) but who cares, this is fun.
After some searching I found this awesome bash slack script that can post messages to slack 😀
You can find it here: https://github.com/course-hero/slacktee
So, the only thing that rested me was creating a cronjob that find files that should not be there.
#!/bin/bash files=$(find /home/production/www/ -user root -regex ".*\.\(php\|json\|html\|htaccess\)" -mmin -6) text="FAILURE ON X-CLOUD AT $HOSTNAME : I have found ROOT files on PRODUCTION!" if [[ $? != 0 ]]; then echo "bad command" elif [[ $files ]]; then echo -e $text"\n" $files | /usr/local/bin/slacktee.sh -a "danger" fi
It is really that simple. I also extended it a little bit but the result is something like this: