#!/bin/sh
#SYSTEMS: Solaris, Linux
MSG="# Checking core size setting in /etc/system..."
SYSTEM=`uname -s`
######Solaris######
if [ "$SYSTEM" = "SunOS" ]; then
  echo ""; echo "$MSG"
  case "`uname -r`" in 
  5.[456789]*) ;; 
  *) 
    #Only supported on Solaris 2.4 and newer
    exit 0;; 
  esac
  #
  if [ -f /etc/system ] ; then
    SIZE=`grep "set sys:coredumpsize" /etc/system | awk -F= '{print $2}'`
    if [ "$SIZE" = "" ]; then
      echo "--INFO-- [CORE001i] Core dump size is not set in /etc/system."
    elif [ $SIZE -ne 0 ]; then
      echo "--INFO-- [CORE001i] Core dump size is not set to zero in /etc/system."
    fi
  fi
fi
######Linux######
if [ "$SYSTEM" = "Linux" ]; then
  echo ""; echo "$MSG"
  PAMLIMITS="0"
  LOGIN=/etc/pam.d/login
  PAMCONF=/etc/pam.conf
  if [ -f $LOGIN ]; then #The /etc/pam.d/login file exists, use it...
    CHK=`grep -c "^session" $LOGIN | grep "pam.limits.so"`
    if [ "$CHK" != "" ]; then #PAM is set up to use limits.conf file...
       PAMLIMITS="1"
    fi
  elif [ -f $PAMCONF ]; then #The /etc/pam.conf file exists...
    CHK=`grep "^login" $PAMCONF | awk '{print $2 $4}' | grep "session" | grep "pam.limits.so"`
    if [ "$CHK" != "" ]; then #PAM is set up to use limits.conf file...
       PAMLIMITS="1"
    fi
  fi
  #
  LIMITS=/etc/security/limits.conf
  if [ -f $LIMITS ] && [ "$PAMLIMITS" = "1" ]; then
    CORELIMIT=`grep -v "^#" $LIMITS | grep " core "`
    DOMAIN=`echo "$CORELIMIT" | awk '{print $1}'`
    TYPE=`echo "$CORELIMIT" | awk '{print $2}'`
    ITEM=`echo "$CORELIMIT" | awk '{print $3}'`
    VALUE=`echo "$CORELIMIT" | awk '{print $4}'`
    if [ "$ITEM" = "core" ]; then #Core limit is present...
      if [ "$DOMAIN" != "*" ]; then #Domain not set to all...
        echo "--INFO-- [CORE002i] Core size limit 'domain' is not set to 'all' in /etc/security/limits.conf."
      fi
      if [ "$TYPE" != "hard" ]; then #Type not set to hard...
        echo "--INFO-- [CORE002i] Core size limit 'type' is not set to 'hard' in /etc/security/limits.conf."
      fi
      if [ "$VALUE" != "0" ]; then #Value not set to zero...
        echo "--INFO-- [CORE002i] Core size limit 'value' is not set to '0' in /etc/security/limits.conf."
      fi
     else
       echo "--INFO-- [CORE002i] Core size limit is not set in /etc/security/limits.conf."
     fi
  else
    echo "--INFO-- [CORE002i] PAM not set up to limit core size."
  fi
fi
