From 912d374d6d0e8ad37ee4e9599dc30282c08648d5 Mon Sep 17 00:00:00 2001 From: nemo Date: Sat, 1 Jun 2019 09:30:07 +0200 Subject: [PATCH] Add two points tolerance in config files and simplify the params you have to send to the function --- recipes/common_functions.sh | 23 ++++++++++++----------- recipes/recipe_check_ssh_config.sh | 6 +++--- 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/recipes/common_functions.sh b/recipes/common_functions.sh index 394d208..cbde74a 100644 --- a/recipes/common_functions.sh +++ b/recipes/common_functions.sh @@ -23,15 +23,15 @@ check_value_in_conf_file () { # Get parameters local name=${1} local conf_file=${2} - local search_ok=${3} - local param_key=${4} + local param_key=${3} + local search_ok=${4} # Print message to explain this check echo -e "Check ${BLUE}${name} ${param_key}${NC} config file ${conf_file} ..." # If multiple expected values local list_search_ok=(${search_ok}) - local search_ok_to_grep="^[[:space:]]*"${search_ok}"[[:space:]]*$" + local search_ok_to_grep="^[[:space:]]*"${param_key}"[[:space:]]*:\?[[:space:]]*"${search_ok}"[[:space:]]*$" # If there is more than one unexpected values if [ ${#list_search_ok[@]} -gt 1 ] @@ -39,16 +39,16 @@ check_value_in_conf_file () { search_ok_to_grep="" for var_search_ok in ${list_search_ok[@]} do - search_ok_to_grep=${search_ok_to_grep}'-e '"^[[:space:]]*${var_search_ok}[[:space:]]*$"' ' + search_ok_to_grep=${search_ok_to_grep}'-e '"^[[:space:]]*${param_key}[[:space:]]*:\?[[:space:]]*${var_search_ok}[[:space:]]*$"' ' done fi - + echo 1 # Check if unexpected value is set (grep -v) (success if return code = 1) grep "^[[:space:]]*"${param_key} ${conf_file} | grep -q -v ${search_ok_to_grep} # Return Code local RC=${?} - + # Unexpected value is set if [ ${RC} -eq 0 ] then @@ -56,9 +56,10 @@ check_value_in_conf_file () { return 2 # Unexpected value is not set else - - search_ok_to_grep="^[[:space:]]*"${search_ok}"[[:space:]]*$" - + + echo 2 + search_ok_to_grep="^[[:space:]]*"${param_key}"[[:space:]]*:\?[[:space:]]*"${search_ok}"[[:space:]]*$" + # Boolean for final Return Code, if one return code in the loop -ne 0 -> set finalRC=1 local finalRC=0 @@ -67,7 +68,7 @@ check_value_in_conf_file () { then for var_search_ok in ${list_search_ok[@]} do - grep -q "^[[:space:]]*"${var_search_ok}"[[:space:]]*$" ${conf_file} + grep -q "^[[:space:]]*"${param_key}"[[:space:]]*:\?[[:space:]]*"${var_search_ok}"[[:space:]]*$" ${conf_file} RC=${?} @@ -81,7 +82,7 @@ check_value_in_conf_file () { # Else : do classical check else # Check if OK value is set (success if return code = 0) - grep -q "^[[:space:]]*"${search_ok}"[[:space:]]*$" ${conf_file} + grep -q "^[[:space:]]*"${param_key}"[[:space:]]*:\?[[:space:]]*"${search_ok}"[[:space:]]*$" ${conf_file} # Return Code finalRC=${?} diff --git a/recipes/recipe_check_ssh_config.sh b/recipes/recipe_check_ssh_config.sh index b9e8f8d..6534766 100755 --- a/recipes/recipe_check_ssh_config.sh +++ b/recipes/recipe_check_ssh_config.sh @@ -1,6 +1,6 @@ print_config_title 'CHECK SSH CONFIG' -check_value_in_conf_file "SSH" "/etc/ssh/sshd_config" "PasswordAuthentication[[:space:]]*no" "PasswordAuthentication" +check_value_in_conf_file "SSH" "/etc/ssh/sshd_config" "PasswordAuthentication" "no" case ${?} in 0) # OK, nothing to do @@ -19,7 +19,7 @@ case ${?} in ;; esac -check_value_in_conf_file "SSH" "/etc/ssh/sshd_config" "PermitRootLogin[[:space:]]*no" "PermitRootLogin" +check_value_in_conf_file "SSH" "/etc/ssh/sshd_config" "PermitRootLogin" "no" case ${?} in 0) # OK, nothing to do @@ -38,7 +38,7 @@ case ${?} in ;; esac -check_value_in_conf_file "SSH" "/etc/ssh/sshd_config" "ListenAddress[[:space:]]*${IPV4_ADMIN_LAN_IP} ListenAddress[[:space:]]*${IPV6_ADMIN_LAN_IP}" "ListenAddress" +check_value_in_conf_file "SSH" "/etc/ssh/sshd_config" "ListenAddress" "${IPV4_ADMIN_LAN_IP} ${IPV6_ADMIN_LAN_IP}" case ${?} in 0) # OK, nothing to do