#!/bin/sh

ROOT_UID=0      # Only users with $UID 0 have root privileges.
E_NOTROOT=67    # Non-root exit error.

# Run as root, of course.
if [ "$UID" -ne "$ROOT_UID" ]; then
  echo "Must be root to run this script."
  exit $E_NOTROOT
fi

# The following command will discover and print any files on local partitions which do not belong to a valid
# user and a valid group. Run it once for each local partition PART:
#  find PART -xdev \( -nouser -o -nogroup \) -print
# If this command prints any results, investigate each reported file and either assign it to an appropriate user
# and group or remove it.
# Unowned files are not directly exploitable, but they are generally a sign that something is wrong with some
# system process. They may be caused by an intruder, by incorrect software installation or incomplete software
# removal, or by failure to remove all files belonging to a deleted account. The files should be repaired so that they
# will not cause problems when accounts are created in the future, and the problem which led to unowned files
# should be discovered and addressed.

find / -xdev \( -nouser -o -nogroup \) -print | (cat <<EOF
This is an automated report of $0 on the server `hostname -s`.

find / -xdev \( -nouser -o -nogroup \) -print
EOF
cat
) | /bin/mail -s "[Find and Repair Unowned Files]" root