#!/usr/bin/perl

# tmp directories
my $tmpParts = `cat /etc/fstab | grep tmp | grep -v tmpfs | wc -l`;
chomp($tmpParts);

if($tmpParts > 0) {
        print " !! Unsupported tmp directory configuration, skipping /tmp hardening !! \n";
	exit;
}

print " * Securing /tmp directories\n";

print "  - Removing existing /var/tmp\n";
system('rm -fr /var/tmp');
print "  - Linking /var/tmp to /tmp\n";
system('ln -s /tmp /var/tmp');
print "  - Generating tmp loop file at /home/tmpMnt\n";
system('cd /home/');
chdir("/home");
system('dd if=/dev/zero of=tmpMnt bs=1024 count=200000');
print "  - Formating tmp loop file\n";
system('mke2fs -F /home/tmpMnt');
print "  - Making backup of existing /tmp to /tmp.bak\n";
system('cp -Rp /tmp /tmp.bak');
print "  - Nuking existing /tmp and recreating + add permissions\n";
system('rm -fr /tmp');
system('mkdir /tmp');
system('chmod 1777 /tmp');
print "  - Adding /tmp mount to fstab\n";
system("echo \"/home/tmpMnt\t/tmp\text2\tloop,noexec,rw\t0 0\" >> /etc/fstab");
print "  - Mounting /tmp\n";
system("mount /tmp");
print "  - Transfer /tmp backup over and remove backup directory\n";
system('cp -Rp /tmp.bak/* /tmp');
system('rm -fr /tmp.bak');
system('chmod 1777 /tmp');