PNG  IHDR;IDATxܻn0K )(pA 7LeG{ §㻢|ذaÆ 6lذaÆ 6lذaÆ 6lom$^yذag5bÆ 6lذaÆ 6lذa{ 6lذaÆ `}HFkm,mӪôô! x|'ܢ˟;E:9&ᶒ}{v]n&6 h_tڠ͵-ҫZ;Z$.Pkž)!o>}leQfJTu іچ\X=8Rن4`Vwl>nG^is"ms$ui?wbs[m6K4O.4%/bC%t Mז -lG6mrz2s%9s@-k9=)kB5\+͂Zsٲ Rn~GRC wIcIn7jJhۛNCS|j08yiHKֶۛkɈ+;SzL/F*\Ԕ#"5m2[S=gnaPeғL lذaÆ 6l^ḵaÆ 6lذaÆ 6lذa; _ذaÆ 6lذaÆ 6lذaÆ RIENDB` #!/bin/bash -eu if [ $UID -ne 0 ]; then echo "WARNING: This script needs to run as root to be effective" exit 1 fi export SYSTEMD_NSS_BYPASS_SYNTHETIC=1 if [ "${1:-}" = "--ignore-journal" ]; then shift ignore_journal=1 else ignore_journal=0 fi echo "Checking processes..." if ps h -u 99 | grep .; then echo "ERROR: ps reports processes with UID 99!" exit 2 fi echo "... not found" echo "Checking UTMP..." if w -h 199 | grep . ; then echo "ERROR: w reports UID 99 as active!" exit 2 fi if w -h nobody | grep . ; then echo "ERROR: w reports user nobody as active!" exit 2 fi echo "... not found" echo "Checking the journal..." if [ "$ignore_journal" = 0 ] && journalctl -q -b -n10 _UID=99 | grep . ; then echo "ERROR: journalctl reports messages from UID 99 in current boot!" exit 2 fi echo "... not found" echo "Looking for files in /etc, /run, /tmp, and /var..." if find /etc /run /tmp /var -uid 99 -print | grep -m 10 . ; then echo "ERROR: found files belonging to UID 99" exit 2 fi echo "... not found" echo "Checking if nobody is defined correctly..." if getent passwd nobody | grep '^nobody:[x*]:65534:65534:.*:/:/sbin/nologin'; then echo "OK, nothing to do." exit 0 else echo "NOTICE: User nobody is not defined correctly" fi echo "Checking if nfsnobody or something else is using the uid..." if getent passwd 65534 | grep . ; then echo "NOTICE: will have to remove this user" else echo "... not found" fi if [ "${1:-}" = "-x" ]; then if getent passwd nobody >/dev/null; then # this will remove both the user and the group. ( set -x userdel nobody ) fi if getent passwd 65534 >/dev/null; then # Make sure the uid is unused. This should free gid too. name="$(getent passwd 65534 | cut -d: -f1)" ( set -x userdel "$name" ) fi if grep -qE '^(passwd|group):.*\bsss\b' /etc/nsswitch.conf; then echo "Sleeping, so sss can catch up" sleep 3 fi if getent group 65534; then # Make sure the gid is unused, even if uid wasn't. name="$(getent group 65534 | cut -d: -f1)" ( set -x groupdel "$name" ) fi # systemd-sysusers uses the same gid and uid ( set -x systemd-sysusers --inline 'u nobody 65534 "Kernel Overflow User" / /sbin/nologin' ) else echo "Pass '-x' to perform changes" fi