diff --git a/README.md b/README.md index fdcb580..73a4caa 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,6 @@ Not finished, in progress.... TO DO : - Reorganise script to limit text repetitions (make functions for example) -- Check postfix config - Check if sending a mail works (find a way to check) - Check detailled DNS records (PTR, A, AAAA) - Check if files in etc need to be updated (etc-update) @@ -31,4 +30,6 @@ Checked point : - MUNIN basic configuration (allow) - SNMP basic config (gentAddress, rocommunity and trapsink/trap2sink) - Mail alias configuration (root mail alias configured) +- Check postfix config (inet_protocols) +- Add to check service if they are enabled - Check if IPs are recorded in IPAM diff --git a/recipe_gentoo.sh b/recipe_gentoo.sh index 0c4a0ad..f6161c7 100755 --- a/recipe_gentoo.sh +++ b/recipe_gentoo.sh @@ -11,7 +11,19 @@ export NC='\033[0m' REQUIREMENTS="CURL GREP ECHO EMERGE NSLOOKUP IP HOSTNAME AWK SED CUT TR PING JQ CURL" -source vars.sh +# Be sure only root can run the script +if [ "$(id -u)" != "0" ]; then + echo "ERROR : This script must be run as root" 1>&2 + exit 1 +fi + +VARS_FILE='./vars.sh' +if [ -f ${VARS_FILE} ]; then + source ${VARS_FILE} +else + echo "ERROR : vars file ${VARS_FILE} not found" 1>&2 + exit 1 +fi # Check requirements for requirement in $REQUIREMENTS @@ -29,11 +41,6 @@ do fi done -# Be sure only root can run the script -if [ "$(id -u)" != "0" ]; then - echo "ERROR : This script must be run as root" 1>&2 - exit 1 -fi # Print packages not installed or with error at end script @@ -60,6 +67,7 @@ export NRPE_CONFIG_CHECK_FAILED="" export MUNIN_CONFIG_CHECK_FAILED="" export MAIL_ALIAS_CONFIG_CHECK_FAILED="" export SNMP_CONFIG_CHECK_FAILED="" +export POSTFIX_CONFIG_CHECK_FAILED="" export IPAM_CONFIG_CHECK_FAILED="" usage() { @@ -118,6 +126,8 @@ echo -e "-------------------------------------------------\n" . recipes/recipe_check_mail_alias_config.sh +. recipes/recipe_check_postfix_protocol_config.sh + . recipes/recipe_check_ipam_config.sh . recipes/recipe_final_summary.sh diff --git a/recipes/recipe_check_postfix_protocol_config.sh b/recipes/recipe_check_postfix_protocol_config.sh new file mode 100644 index 0000000..44c1872 --- /dev/null +++ b/recipes/recipe_check_postfix_protocol_config.sh @@ -0,0 +1,37 @@ +echo "-------------------------------------------------" +echo -e "----------- ${BLUE}CHECK POSTFIX BASIC CONFIG${NC} ----------" +echo -e "-------------------------------------------------\n" + +# This script just check the parameter inet_protocols +echo -e "Check ${BLUE}Postfix${NC} config file /etc/postfix/main.cf (parameter inet_protocols)" + +# Check if inet_protocols exist but different than expected (success if return code = 1) +grep "^[[:space:]]*inet_protocols" /etc/postfix/main.cf \ + | grep -q -v -e "^[[:space:]]*inet_protocols[[:space:]]*=[[:space:]]*all[[:space:]]*$" + +# Return Code +RC=$? + +# inet_protocols has other value than expected +if [ $RC -eq 0 ] +then + POSTFIX_CONFIG_CHECK_FAILED="${POSTFIX_CONFIG_CHECK_FAILED} Postfix inet_protocols is not configured as expected, expected : 'inet_protocols = all'" + echo -e "${RED}Postfix inet_protocols is NOT CONFIGURED as EXPECTED : check KO${NC}\n" +# inet_protocols hasn't unexpected value +else + # Check if ALL protocols (IPv4 and IPv6) are configured (success if return code = 0) + grep -q "^[[:space:]]*inet_protocols[[:space:]]*=[[:space:]]*all[[:space:]]*$" /etc/postfix/main.cf + + # Return Code + RC=$? + + # All protocols not configured + if [ $RC -ne 0 ] + then + POSTFIX_CONFIG_CHECK_FAILED="${POSTFIX_CONFIG_CHECK_FAILED} Postfix inet_protocols is not configured as expected, expected : 'inet_protocols = all'" + echo -e "${RED}Postfix inet_protocols is NOT CONFIGURED as EXPECTED : check KO${NC}\n" + # All protocols configured + else + echo -e "${GREEN}POSTFIX inet_protocols is CONFIGURED as expected : check OK${NC}\n" + fi +fi