Add check configured protocol in postfix config

README.md

@@ -9,7 +9,6 @@ Not finished, in progress....
 
 TO DO :
 - Reorganise script to limit text repetitions (make functions for example)
-- Check postfix config
 - Check if sending a mail works (find a way to check)
 - Check detailled DNS records (PTR, A, AAAA)
 - Check if files in etc need to be updated (etc-update)
@@ -31,4 +30,6 @@ Checked point :
 - MUNIN basic configuration (allow)
 - SNMP basic config (gentAddress, rocommunity and trapsink/trap2sink)
 - Mail alias configuration (root mail alias configured)
+- Check postfix config (inet_protocols)
+- Add to check service if they are enabled
 - Check if IPs are recorded in IPAM

recipe_gentoo.sh

@@ -11,7 +11,19 @@ export NC='\033[0m'
 
 REQUIREMENTS="CURL GREP ECHO EMERGE NSLOOKUP IP HOSTNAME AWK SED CUT TR PING JQ CURL"
 
-source vars.sh
+# Be sure only root can run the script
+if [ "$(id -u)" != "0" ]; then
+   echo "ERROR : This script must be run as root" 1>&2
+   exit 1
+fi
+
+VARS_FILE='./vars.sh'
+if [ -f ${VARS_FILE} ]; then
+	source ${VARS_FILE}
+else
+	echo "ERROR : vars file ${VARS_FILE} not found" 1>&2
+	exit 1
+fi
 
 # Check requirements
 for requirement in $REQUIREMENTS
@@ -29,11 +41,6 @@ do
     fi
 done
 
-# Be sure only root can run the script
-if [ "$(id -u)" != "0" ]; then
-   echo "ERROR : This script must be run as root" 1>&2
-   exit 1
-fi
 
 
 # Print packages not installed or with error at end script
@@ -60,6 +67,7 @@ export NRPE_CONFIG_CHECK_FAILED=""
 export MUNIN_CONFIG_CHECK_FAILED=""
 export MAIL_ALIAS_CONFIG_CHECK_FAILED=""
 export SNMP_CONFIG_CHECK_FAILED=""
+export POSTFIX_CONFIG_CHECK_FAILED=""
 export IPAM_CONFIG_CHECK_FAILED=""
 
 usage() {
@@ -118,6 +126,8 @@ echo -e "-------------------------------------------------\n"
 
 . recipes/recipe_check_mail_alias_config.sh
 
+. recipes/recipe_check_postfix_protocol_config.sh
+
 . recipes/recipe_check_ipam_config.sh
 
 . recipes/recipe_final_summary.sh

recipes/recipe_check_postfix_protocol_config.sh

@@ -0,0 +1,37 @@
+echo "-------------------------------------------------"
+echo -e "----------- ${BLUE}CHECK POSTFIX BASIC CONFIG${NC} ----------"
+echo -e "-------------------------------------------------\n"
+
+# This script just check the parameter inet_protocols
+echo -e "Check ${BLUE}Postfix${NC} config file /etc/postfix/main.cf (parameter inet_protocols)"
+
+# Check if inet_protocols exist but different than expected (success if return code = 1)
+grep "^[[:space:]]*inet_protocols" /etc/postfix/main.cf \
+	| grep -q -v -e "^[[:space:]]*inet_protocols[[:space:]]*=[[:space:]]*all[[:space:]]*$" 
+
+# Return Code
+RC=$?
+
+# inet_protocols has other value than expected
+if [ $RC -eq 0 ]
+then
+	POSTFIX_CONFIG_CHECK_FAILED="${POSTFIX_CONFIG_CHECK_FAILED} Postfix inet_protocols is not configured as expected, expected : 'inet_protocols = all'"
+	echo -e "${RED}Postfix inet_protocols is NOT CONFIGURED as EXPECTED : check KO${NC}\n"
+# inet_protocols hasn't unexpected value
+else
+	# Check if ALL protocols (IPv4 and IPv6) are configured (success if return code = 0)
+	grep -q "^[[:space:]]*inet_protocols[[:space:]]*=[[:space:]]*all[[:space:]]*$" /etc/postfix/main.cf
+	
+	# Return Code
+	RC=$?
+	
+	# All protocols not configured
+	if [ $RC -ne 0 ]
+	then
+		POSTFIX_CONFIG_CHECK_FAILED="${POSTFIX_CONFIG_CHECK_FAILED} Postfix inet_protocols is not configured as expected, expected : 'inet_protocols = all'"
+		echo -e "${RED}Postfix inet_protocols is NOT CONFIGURED as EXPECTED : check KO${NC}\n"
+	# All protocols configured
+	else
+		echo -e "${GREEN}POSTFIX inet_protocols is CONFIGURED as expected : check OK${NC}\n"
+	fi
+fi