%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /opt/hgmods/activity/
Upload File :
Create Path :
Current File : //opt/hgmods/activity/pcount.pl

#!/usr/bin/perl
# process counting + logging, never guess again! patrick p hostgator llc
use POSIX qw(strftime);
use lib '/opt/hgmods/activity';
my @protUsers = ("root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "news", "uucp", "operator", "games", "gopher", "nobody", "ftp", "dbus", "vcsa", "rpm", "haldaemon", "netdump", "nscd", "sshd", "rpc", "mailnull", "smmsp", "rpcuser", "nfsnobody", "pcap", "xfs", "ntp", "pegasus", "htt", "canna", "wnn", "dovecot", "cpanel", "named", "mysql", "mailman", "cpanel-horde", "cpanel-phpmyadmin", "cpanel-phppgadmin", "hgdaemon", "zabbix");

unlink('/etc/logrotate.d/pcount');
open(DAT, ">/etc/logrotate.d/pcount");
my $logrotate = '/opt/hgmods/hg_processcount.log {
	missingok
	notifempty
	size 10M
	nocompress
	rotate 5
	}
	';
$logrotate =~ s/^\s+//gm;
print DAT $logrotate;
close(DAT);

open(DAT, "/var/spool/cron/root");
my @origcron = <DAT>;
close(DAT);

foreach my $thisline (@origcron) {
        if ($thisline =~ /activity\/hg_processcount.log/) {
                print "[*] removing bad cron\n";
                $thisline = '';
        }
        if ($thisline =~ /home\/hg_processcount.log/) {
                print "[*] removing bad cron\n";
                $thisline = '';
        }
}

if (!grep(/pcount/,@origcron)) { 
	print "[*] pcount cron not found, lets add it\n";
	my $cronline = "* * * * * cd /opt/hgmods/activity ; /usr/local/bin/perl /opt/hgmods/activity/pcount.pl 1>>/opt/hgmods/hg_processcount.log 2>>/opt/hgmods/hg_processcount.log 3>>/opt/hgmods/hg_processcount.log\n";
	push(@origcron,$cronline);
	open(WRITE, ">/var/spool/cron/root");
	print WRITE @origcron;
	close(WRITE);
	print "[*] Cron written.\n";
	system("touch /opt/hgmods/hg_processcount.log");
	system("chmod 600 /opt/hgmods/hg_processcount.log");
}

if ( -e "/opt/hgmods/activity/hg_processcount.log") {
	print "[*] old log found [/opt/hgmods/activity/hg_processcount.log], appending and unlinking.\n";
	system("cat /opt/hgmods/activity/hg_processcount.log >> /opt/hgmods/hg_processcount.log");
	unlink("/opt/hgmods/activity/hg_processcount.log");
}

if ( -e "/home/hg_processcount.log") {
	print "[*] old log found [/home/hg_processcount.log], appending and unlinking.\n";
	system("cat /home/hg_processcount.log >> /opt/hgmods/hg_processcount.log");
	unlink("/home/hg_processcount.log");
}


my %uidhash;

use Proc::ProcessTable;

$t = new Proc::ProcessTable;
foreach $p (@{$t->table}) {
	my $skip = 0;
	my $uid = $p->uid;
	foreach(@protUsers) {
		my $user = getpwuid($uid);
		if ($user eq $_) { $skip = 1; last; }
	}
	unless($skip) {
        	my $pid = $p->pid;
	        my $cmdline = $p->cmndline;
		$uidhash{$uid} .= "$pid:";
		$cmdhash{$uid} .= "$cmdline:";
	}
}

chomp(my $timestamp = strftime('[%a %b %d %H:%M:%S %Y]',localtime));
foreach my $key (keys %uidhash) {
	my @pcount = split(':',$uidhash{$key});
	my $scalarcount = scalar(@pcount);
	my $name = getpwuid($key);
	if ($scalarcount > 20) {
		print "$timestamp uid $key ($name) has more than 20 processes (danger zone) TOTAL: $scalarcount\n";
		print "$timestamp uid $key ($name) processes:\n";
		my @procs = split(':',$cmdhash{$key});
		foreach my $thisproc (@procs) {
			print "`---> ($name) $thisproc\n";
		}
	}
}

Zerion Mini Shell 1.0