tis-audit-local-admins icon

Audit Local Admins

Silent install package for Audit Local Admins

70-1
Security
Security
Luti Build VirusTotal

tis-audit-local-admins

This script checks the local administrators configured on the system by comparing them to a whitelist (allowed_admins_list).

It is therefore necessary to define the authorized users in this list beforehand.

Any administrator not included in this list will be flagged during the audit.

  • package: tis-audit-local-admins
  • name: Audit Local Admins
  • version: 70-1
  • categories: Security
  • maintainer: WAPT Team,Tranquil IT,Simon Fonteneau,Jimmy PELÉ
  • locale: all
  • target_os: linux
  • architecture: all
  • signature_date:
  • size: 7.90 Ko

package           : tis-audit-local-admins
version           : 70-1
architecture      : all
section           : base
priority          : optional
name              : Audit Local Admins
categories        : Security
maintainer        : WAPT Team,Tranquil IT,Simon Fonteneau,Jimmy PELÉ
description       : Audits local administrators
depends           : 
conflicts         : 
maturity          : PROD
locale            : all
target_os         : linux
min_wapt_version  : 2.3
sources           : 
installed_size    : 
impacted_process  : 
description_fr    : Audite les administrateurs locaux
description_pl    : Audyty lokalnych administratorów
description_de    : prüft lokale Verwalter
description_es    : Audita a los administradores locales
description_pt    : Audita os administradores locais
description_it    : Verifica gli amministratori locali
description_nl    : Audits van lokale beheerders
description_ru    : Проверяет локальных администраторов
audit_schedule    : 2h
editor            : 
keywords          : 
licence           : 
homepage          : 
package_uuid      : 3f52cf72-3c4c-4a63-9410-cddc1a277e91
valid_from        : 
valid_until       : 
forced_install_on : 
changelog         : 
min_os_version    : 
max_os_version    : 
icon_sha256sum    : 4e424cf16b749d1dff5b232130000cd4b633399ee5dddce76f8d8a95117ae105
signer            : Tranquil IT
signer_fingerprint: 8c5127a75392be9cc9afd0dbae1222a673072c308c14d88ab246e23832e8c6bb
signature_date    : 2026-01-19T19:33:03.000000
signed_attributes : package,version,architecture,section,priority,name,categories,maintainer,description,depends,conflicts,maturity,locale,target_os,min_wapt_version,sources,installed_size,impacted_process,description_fr,description_pl,description_de,description_es,description_pt,description_it,description_nl,description_ru,audit_schedule,editor,keywords,licence,homepage,package_uuid,valid_from,valid_until,forced_install_on,changelog,min_os_version,max_os_version,icon_sha256sum,signer,signer_fingerprint,signature_date,signed_attributes
signature         : WnBZ/DlHWkR3qb3Bo5VXweKLtakgTj+k7QIFB8b8lPVPV64wYV2vF7+rh4UjJXlnw0E3f0DnFuWPzVuhrmaYm1C3d4ypwLReIT8HfHMvTmG6+/iPQTpvP0RL6eT95Rob/nMpuRc/Uqp5g5S0vv0hDJkDrqquEnKcEFt4E3oz8qoM/jFBI+xF9HKQDPOkl0ZN+yYFISit9PXgzIuPS39nSVFLFzbn7kV1mg/6+T1BMvfbdmEI7LVpUglZfJ1SRmEPFme2NJRf9xrM/Go5dcQvSO8hwBBbLT4T40Ce11crqUY2bCuSZbtiE/o9StvYPhoFQ6MhB/uR2SSB9L2WKo6tQQ==

# -*- coding: utf-8 -*-
from setuphelpers import *

# List to define allowed users in admin group
allowed_admins_list = [
    r'admin-user',
    r'other-admin-user'
]

def install():
    pass

def audit():

    if is_rhel_based():
        admin_group = r'wheel'
    elif is_debian_based():
        admin_group = r'sudo'
    else:
        print(r'Unsupported Linux distribution %s' % get_distrib_linux())
        return "ERROR"

    admins_users = run(r'getent group %s' % admin_group).split(':')[3].strip('\n').strip().split(',')
    unallowed_user_in_admins_group = False
    listerror = []
    admins_dict = {"unallowed": [], "allowed": []}

    for user in admins_users:
        if not user.lower() in allowed_admins_list:
            listerror.append(user)
            admins_dict["unallowed"].append(user)
        else:
            admins_dict["allowed"].append(user)

    print("ADMINS LIST : %s" % ",".join(admins_users))  # Allowed users in admin list
    if listerror:
        print("UNALLOWED ADMINS LIST : %s" % ",".join(listerror))  # Wrong users in admin list
        unallowed_user_in_admins_group = True 

    WAPT.write_audit_data_if_changed("audit-local-admins-linux", "audit-local-admins-linux", admins_dict)

    if unallowed_user_in_admins_group:
        return "ERROR"

    return "OK"

e08f8bb85879845866306ff7179e8c838df7aca9c47bee9c29175f02f0c9901b : WAPT/README.md
dd36f4c929a06b123e026f2930ebefa747acc9428b321e7b0d17708b3cf39142 : WAPT/README_fr.md
38d056ab130f7bf7c481c12636a4e9959de36561d3dfcbe54c6e3571bc0c1dc3 : WAPT/certificate.crt
b055d240bf680233e6476806b309a9e903c36369f6cca81ad6ced64a766b2c6e : WAPT/control
4e424cf16b749d1dff5b232130000cd4b633399ee5dddce76f8d8a95117ae105 : WAPT/icon.png
2ac9456bf9fe75d427fe0afeca6f2c00f595c42ebb098142035239af0ed3e56a : luti.json
28332a5e3ec1066b79bcb046931ee9ebe6641270fe192c6aad5edc8ee55cd3f2 : setup.py