#!/bin/sh

ROOT_UID=0      # Only users with $UID 0 have root privileges.
E_NOTROOT=67    # Non-root exit error.

# Run as root, of course.
if [ "$UID" -ne "$ROOT_UID" ]; then
  echo "Must be root to run this script."
  exit $E_NOTROOT
fi

# Traditional Unix security relies heavily on file and directory permissions to prevent unauthorized users from
# reading or modifying files to which they should not have access. Adhere to the principle of least privilege —
# configure each file, directory, and filesystem to allow only the access needed in order for that file to serve its
# purpose.
# However, Linux systems contain a large number of files, so it is often prohibitively time-consuming to ensure that
# every file on a machine has exactly the permissions needed. This section introduces several permission restrictions
# which are almost always appropriate for system security, and which are easy to test and correct.
# Note: Several of the commands in this section search filesystems for files or directories with certain characteristics,
# and are intended to be run on every local ext2 or ext3 partition on a given machine. When the variable PART
# appears in one of the commands below, it means that the command is intended to be run repeatedly, with the
# name of each local partition substituted for PART in turn.
# The following command prints a list of ext2, ext3, and ext4 partitions on a given machine:
#  mount -t ext2,ext3 | awk '{print $3}'
# If your site uses a local filesystem type other than ext2, ext3, or ext4, you will need to modify this command.

mount -t ext2,ext3,ext4 | awk '{ print $3 }' | (cat <<EOF
This is an automated report of $0 on the server `hostname -s`.

mount -t ext2,ext3,ext4 | awk '{ print $3 }'
EOF
cat
) | /bin/mail -s "[mount -t]" root