From 9f0538841d2efa25f724108720d84f88e25c7070 Mon Sep 17 00:00:00 2001 From: nemo Date: Sat, 29 Jun 2019 11:26:10 +0200 Subject: [PATCH] Check if files exists before other tests --- recipes/recipe_check_autobackup_config.sh | 159 +++---- recipes/recipe_check_autoupdate_config.sh | 54 +-- recipes/recipe_check_mail_alias_config.sh | 82 ++-- recipes/recipe_check_munin_config.sh | 82 ++-- recipes/recipe_check_nrpe_config.sh | 119 ++--- recipes/recipe_check_portage.sh | 411 +++++++++--------- .../recipe_check_postfix_protocol_config.sh | 83 ++-- recipes/recipe_check_snmp_config.sh | 232 +++++----- recipes/recipe_check_ssh_config.sh | 118 ++--- 9 files changed, 705 insertions(+), 635 deletions(-) diff --git a/recipes/recipe_check_autobackup_config.sh b/recipes/recipe_check_autobackup_config.sh index 52f1566..bf1149b 100644 --- a/recipes/recipe_check_autobackup_config.sh +++ b/recipes/recipe_check_autobackup_config.sh @@ -5,86 +5,87 @@ echo "Check if auto-update script is present" if [[ -f "${BACKUP_SCRIPT}" ]] then echo -e "${GREEN}The auto-backup script is present : check OK${NC}\n" + + # Check the script (content) + echo "Check the script (content)" + grep -q 'borg prune -v backup@loth.grifon.fr' ${BACKUP_SCRIPT} + RCa=${?} # First Return Code + grep -q 'borg create --info .* backup@loth.grifon.fr:$(hostname -s)::$(date +%F)' ${BACKUP_SCRIPT} + RCb=${?} # Second Return Code + if [[ ${RCa} -ne 0 ]] || [[ ${RCb} -ne 0 ]] + then + AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" Auto-backup script ${BACKUP_SCRIPT} does NOT CONTAIN valid 'borg prune' OR 'borg create', check manually;" + echo -e "${RED}Auto-backup script does NOT CONTAIN valid 'borg prune' OR 'borg create' : check KO${NC}\n" + # Service started without error + else + echo -e "${GREEN}Auto-backup script seems contain valid 'borg prune' and 'borg create' : check OK${NC}\n" + fi + + + # Check if the script is executable + echo "Check if the script is executable" + if [[ -x "${BACKUP_SCRIPT}" ]] + then + echo -e "${GREEN}The auto-backup script is executable : check OK${NC}\n" + else + AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" The auto-backup script is NOT executable;" + echo -e "${RED}The auto-backup script is NOT executable: check KO${NC}\n" + fi + + # Check the ssh connection to the backup server + echo "Check the ssh connection to the backup server" + ssh -q ${BACKUP_REMOTE_USER}@${BACKUP_REMOTE_SERVER} exit + if [[ ${?} -ne 0 ]] + then + AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" The SSH connection to the backup server failed, check manually;" + echo -e "${RED}SSH Connection to the backup server does NOT WORK : check KO${NC}\n" + # Service started without error + else + echo -e "${GREEN}SSH Connection to the backup server works : check OK${NC}\n" + fi + + # Check if the remote repertory exist and is writable + echo "Check if the remote repertory exist and is writable" + ssh ${BACKUP_REMOTE_USER}@${BACKUP_REMOTE_SERVER} "test -w ${BACKUP_REMOTE_REPERTORY}/$(hostname -s)" &>/dev/null + if [[ ${?} -ne 0 ]] + then + AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" The remote backup repertory ${BACKUP_REMOTE_REPERTORY}/$(hostname -s) does not exit, create it;" + echo -e "${RED}The remote backup repertory DOES NOT exit : check KO${NC}\n" + # Service started without error + else + echo -e "${GREEN}The remote backup repertory exist : check OK${NC}\n" + fi + + # Check if the remote link exist and is writable : when a backup is done, the script set the destination : ~/$(hostname -s) which is a link to ${BACKUP_REMOTE_REPERTORY}/$(hostname -s) + echo "Check if the remote link exist and is writable" + ssh ${BACKUP_REMOTE_USER}@${BACKUP_REMOTE_SERVER} "test -w $(hostname -s)" &>/dev/null + if [[ ${?} -ne 0 ]] + then + AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" The remote backup symbolic link ~/$(hostname -s) does not exit, create it;" + echo -e "${RED}The remote backup symbolic link does not exist : check KO${NC}\n" + # Service started without error + else + echo -e "${GREEN}The remote backup symbolic link exist : check OK${NC}\n" + fi + + # Check if the cron task is configured + echo "Check if the cron task is configured" + crontab -l 2>/dev/null | grep -q "${BACKUP_SCRIPT}" + RCa=${?} # First Return Code + grep -q "${BACKUP_SCRIPT}" /etc/cron.d/* + RCb=${?} # Second Return Code + grep -q "${BACKUP_SCRIPT}" /etc/crontab + RCc=${?} # Third Return Code + if [[ ${RCa} -ne 0 ]] && [[ ${RCb} -ne 0 ]] && [[ ${RCc} -ne 0 ]] + then + AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" No cron entry for auto-backup, configure it;" + echo -e "${RED}NO cron entry for auto-backup : check KO${NC}\n" + # Service started without error + else + echo -e "${GREEN}Cron entry for auto-backup exist: check OK${NC}\n" + fi + else AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" The auto-backup script is NOT on the system;" echo -e "${RED}The auto-backup is NOT on the system : check KO${NC}\n" fi - -# Check the script (content) -echo "Check the script (content)" -grep -q 'borg prune -v backup@loth.grifon.fr' ${BACKUP_SCRIPT} -RCa=${?} # First Return Code -grep -q 'borg create --info .* backup@loth.grifon.fr:$(hostname -s)::$(date +%F)' ${BACKUP_SCRIPT} -RCb=${?} # Second Return Code -if [[ ${RCa} -ne 0 ]] || [[ ${RCb} -ne 0 ]] -then - AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" Auto-backup script ${BACKUP_SCRIPT} does NOT CONTAIN valid 'borg prune' OR 'borg create', check manually;" - echo -e "${RED}Auto-backup script does NOT CONTAIN valid 'borg prune' OR 'borg create' : check KO${NC}\n" -# Service started without error -else - echo -e "${GREEN}Auto-backup script seems contain valid 'borg prune' and 'borg create' : check OK${NC}\n" -fi - - -# Check if the script is executable -echo "Check if the script is executable" -if [[ -x "${BACKUP_SCRIPT}" ]] -then - echo -e "${GREEN}The auto-backup script is executable : check OK${NC}\n" -else - AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" The auto-backup script is NOT executable;" - echo -e "${RED}The auto-backup script is NOT executable: check KO${NC}\n" -fi - -# Check the ssh connection to the backup server -echo "Check the ssh connection to the backup server" -ssh -q ${BACKUP_REMOTE_USER}@${BACKUP_REMOTE_SERVER} exit -if [[ ${?} -ne 0 ]] -then - AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" The SSH connection to the backup server failed, check manually;" - echo -e "${RED}SSH Connection to the backup server does NOT WORK : check KO${NC}\n" -# Service started without error -else - echo -e "${GREEN}SSH Connection to the backup server works : check OK${NC}\n" -fi - -# Check if the remote repertory exist and is writable -echo "Check if the remote repertory exist and is writable" -ssh ${BACKUP_REMOTE_USER}@${BACKUP_REMOTE_SERVER} "test -w ${BACKUP_REMOTE_REPERTORY}/$(hostname -s)" &>/dev/null -if [[ ${?} -ne 0 ]] -then - AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" The remote backup repertory ${BACKUP_REMOTE_REPERTORY}/$(hostname -s) does not exit, create it;" - echo -e "${RED}The remote backup repertory DOES NOT exit : check KO${NC}\n" -# Service started without error -else - echo -e "${GREEN}The remote backup repertory exist : check OK${NC}\n" -fi - -# Check if the remote link exist and is writable : when a backup is done, the script set the destination : ~/$(hostname -s) which is a link to ${BACKUP_REMOTE_REPERTORY}/$(hostname -s) -echo "Check if the remote link exist and is writable" -ssh ${BACKUP_REMOTE_USER}@${BACKUP_REMOTE_SERVER} "test -w $(hostname -s)" &>/dev/null -if [[ ${?} -ne 0 ]] -then - AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" The remote backup symbolic link ~/$(hostname -s) does not exit, create it;" - echo -e "${RED}The remote backup symbolic link does not exist : check KO${NC}\n" -# Service started without error -else - echo -e "${GREEN}The remote backup symbolic link exist : check OK${NC}\n" -fi - -# Check if the cron task is configured -echo "Check if the cron task is configured" -crontab -l 2>/dev/null | grep -q "${BACKUP_SCRIPT}" -RCa=${?} # First Return Code -grep -q "${BACKUP_SCRIPT}" /etc/cron.d/* -RCb=${?} # Second Return Code -grep -q "${BACKUP_SCRIPT}" /etc/crontab -RCc=${?} # Third Return Code -if [[ ${RCa} -ne 0 ]] && [[ ${RCb} -ne 0 ]] && [[ ${RCc} -ne 0 ]] -then - AUTOBACKUP_CONFIG_CHECK_FAILED=${AUTOBACKUP_CONFIG_CHECK_FAILED}" No cron entry for auto-backup, configure it;" - echo -e "${RED}NO cron entry for auto-backup : check KO${NC}\n" -# Service started without error -else - echo -e "${GREEN}Cron entry for auto-backup exist: check OK${NC}\n" -fi diff --git a/recipes/recipe_check_autoupdate_config.sh b/recipes/recipe_check_autoupdate_config.sh index e787f75..d26b2b7 100644 --- a/recipes/recipe_check_autoupdate_config.sh +++ b/recipes/recipe_check_autoupdate_config.sh @@ -5,34 +5,38 @@ echo "Check if auto-update script is present" if [[ -f "${AUTOUPDATE_SCRIPT}" ]] then echo -e "${GREEN}The auto-update script is present : check OK${NC}\n" + + # Check if the auto-update script is executable + echo "Check if the auto-update script is executable" + if [[ -x "${AUTOUPDATE_SCRIPT}" ]] + then + echo -e "${GREEN}The auto-update script is executable : check OK${NC}\n" + else + AUTOUPDATE_CONFIG_CHECK_FAILED=${AUTOUPDATE_CONFIG_CHECK_FAILED}" The auto-update script is NOT executable;" + echo -e "${RED}The auto-update script is NOT executable: check KO${NC}\n" + fi + + # Check if the auto-update cron task is configured + echo "Check if the cron task is configured" + crontab -l 2>/dev/null | grep -q "${AUTOUPDATE_SCRIPT}" + RCa=${?} # First Return Code + grep -q "${AUTOUPDATE_SCRIPT}" /etc/cron.d/* + RCb=${?} # Second Return Code + grep -q "${AUTOUPDATE_SCRIPT}" /etc/crontab + RCc=${?} # Third Return Code + if [[ ${RCa} -ne 0 ]] && [[ ${RCb} -ne 0 ]] && [[ ${RCc} -ne 0 ]] + then + AUTOUPDATE_CONFIG_CHECK_FAILED=${AUTOUPDATE_CONFIG_CHECK_FAILED}" No cron entry for auto-update, configure it;" + echo -e "${RED}NO cron entry for auto-update : check KO${NC}\n" + # Service started without error + else + echo -e "${GREEN}Cron entry for auto-update exist: check OK${NC}\n" + fi + else AUTOUPDATE_CONFIG_CHECK_FAILED=${AUTOUPDATE_CONFIG_CHECK_FAILED}" The auto-update script is NOT on the system;" echo -e "${RED}The auto-update is NOT on the system : check KO${NC}\n" fi -# Check if the auto-update script is executable -echo "Check if the auto-update script is executable" -if [[ -x "${AUTOUPDATE_SCRIPT}" ]] -then - echo -e "${GREEN}The auto-update script is executable : check OK${NC}\n" -else - AUTOUPDATE_CONFIG_CHECK_FAILED=${AUTOUPDATE_CONFIG_CHECK_FAILED}" The auto-update script is NOT executable;" - echo -e "${RED}The auto-update script is NOT executable: check KO${NC}\n" -fi -# Check if the auto-update cron task is configured -echo "Check if the cron task is configured" -crontab -l 2>/dev/null | grep -q "${AUTOUPDATE_SCRIPT}" -RCa=${?} # First Return Code -grep -q "${AUTOUPDATE_SCRIPT}" /etc/cron.d/* -RCb=${?} # Second Return Code -grep -q "${AUTOUPDATE_SCRIPT}" /etc/crontab -RCc=${?} # Third Return Code -if [[ ${RCa} -ne 0 ]] && [[ ${RCb} -ne 0 ]] && [[ ${RCc} -ne 0 ]] -then - AUTOUPDATE_CONFIG_CHECK_FAILED=${AUTOUPDATE_CONFIG_CHECK_FAILED}" No cron entry for auto-update, configure it;" - echo -e "${RED}NO cron entry for auto-update : check KO${NC}\n" -# Service started without error -else - echo -e "${GREEN}Cron entry for auto-update exist: check OK${NC}\n" -fi + diff --git a/recipes/recipe_check_mail_alias_config.sh b/recipes/recipe_check_mail_alias_config.sh index 975511b..6b8cdf3 100755 --- a/recipes/recipe_check_mail_alias_config.sh +++ b/recipes/recipe_check_mail_alias_config.sh @@ -3,43 +3,53 @@ print_config_title 'CHECK MAIL ALIAS CONFIG' # This does not check if send mail works and if alias have been reloaded # Check /etc/mail/aliases config file, checked param : root/operator -# root -check_value_in_conf_file "MUNIN" "/etc/mail/aliases" "root" "${MAIL_ALIAS_ROOT}" +conf_file_to_test="/etc/mail/aliases" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error during root alias check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" root alias is not well configured or has other value, set root: ${MAIL_ALIAS_ROOT};" - ;; -3) # All expected values are NOT configured - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" root alias is not well configured, set root: ${MAIL_ALIAS_ROOT};" - ;; -*) # Unknown return code... - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check root alias;" - ;; -esac +# Check if conf file exist +if [[ ! -f "${conf_file_to_test}" ]] +then + echo -e "${RED}ERROR : file ${conf_file_to_test} NOT FOUND.${NC}\n" + MAIL_ALIAS_CONFIG_CHECK_FAILED=${MAIL_ALIAS_CONFIG_CHECK_FAILED}" Error, file ${conf_file_to_test} not found;" +else + + # root + check_value_in_conf_file "ALIAS" "${conf_file_to_test}" "root" "${MAIL_ALIAS_ROOT}" + + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + MAIL_ALIAS_CONFIG_CHECK_FAILED=${MAIL_ALIAS_CONFIG_CHECK_FAILED}" Error during root alias check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + MAIL_ALIAS_CONFIG_CHECK_FAILED=${MAIL_ALIAS_CONFIG_CHECK_FAILED}" root alias is not well configured or has other value, set root: ${MAIL_ALIAS_ROOT};" + ;; + 3) # All expected values are NOT configured + MAIL_ALIAS_CONFIG_CHECK_FAILED=${MAIL_ALIAS_CONFIG_CHECK_FAILED}" root alias is not well configured, set root: ${MAIL_ALIAS_ROOT};" + ;; + *) # Unknown return code... + MAIL_ALIAS_CONFIG_CHECK_FAILED=${MAIL_ALIAS_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check root alias;" + ;; + esac -# root -check_value_in_conf_file "MUNIN" "/etc/mail/aliases" "operator" "${MAIL_ALIAS_ROOT}" + # root + check_value_in_conf_file "ALIAS" "${conf_file_to_test}" "operator" "${MAIL_ALIAS_ROOT}" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error during operator alias check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" operator alias is not well configured or has other value, set operator: ${MAIL_ALIAS_ROOT};" - ;; -3) # All expected values are NOT configured - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" operator alias is not well configured, set operator: ${MAIL_ALIAS_ROOT};" - ;; -*) # Unknown return code... - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check operator alias;" - ;; -esac + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + MAIL_ALIAS_CONFIG_CHECK_FAILED=${MAIL_ALIAS_CONFIG_CHECK_FAILED}" Error during operator alias check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + MAIL_ALIAS_CONFIG_CHECK_FAILED=${MAIL_ALIAS_CONFIG_CHECK_FAILED}" operator alias is not well configured or has other value, set operator: ${MAIL_ALIAS_ROOT};" + ;; + 3) # All expected values are NOT configured + MAIL_ALIAS_CONFIG_CHECK_FAILED=${MAIL_ALIAS_CONFIG_CHECK_FAILED}" operator alias is not well configured, set operator: ${MAIL_ALIAS_ROOT};" + ;; + *) # Unknown return code... + MAIL_ALIAS_CONFIG_CHECK_FAILED=${MAIL_ALIAS_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check operator alias;" + ;; + esac +fi diff --git a/recipes/recipe_check_munin_config.sh b/recipes/recipe_check_munin_config.sh index 00e5d54..7bf212f 100755 --- a/recipes/recipe_check_munin_config.sh +++ b/recipes/recipe_check_munin_config.sh @@ -4,46 +4,54 @@ print_config_title 'CHECK MUNIN BASIC CONFIG' # This does not check if MUNIN 'monitoring server' has configured this machine # Check /etc/munin/munin-node.conf config file, checked parameters : allow/port +conf_file_to_test="/etc/munin/munin-node.conf" -# allow -check_value_in_conf_file "MUNIN" "/etc/munin/munin-node.conf" "allow" '\^127\\\.0\\\.0\\\.1\$ \^::1\$'" ${IPV4_MASTER_MUNIN} ${IPV6_MASTER_MUNIN}" +# Check if conf file exist +if [[ ! -f "${conf_file_to_test}" ]] +then + echo -e "${RED}ERROR : file ${conf_file_to_test} NOT FOUND.${NC}\n" + MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error, file ${conf_file_to_test} not found;" +else -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error during allow check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" allow param is not well configured or has other value, set allow param (IPv6+IPv4) for localhost and Munin server;" - ;; -3) # All expected values are NOT configured - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" allow param is not well configured, set allow param (IPv6+IPv4) for localhost and Munin server;" - ;; -*) # Unknown return code... - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check allow param;" - ;; -esac + # allow + check_value_in_conf_file "MUNIN" "${conf_file_to_test}" "allow" '\^127\\\.0\\\.0\\\.1\$ \^::1\$'" ${IPV4_MASTER_MUNIN} ${IPV6_MASTER_MUNIN}" + + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error during allow check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" allow param is not well configured or has other value, set allow param (IPv6+IPv4) for localhost and Munin server;" + ;; + 3) # All expected values are NOT configured + MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" allow param is not well configured, set allow param (IPv6+IPv4) for localhost and Munin server;" + ;; + *) # Unknown return code... + MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check allow param;" + ;; + esac -# port -check_value_in_conf_file "MUNIN" "/etc/munin/munin-node.conf" "port" "4949" - -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error during port check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" port is not well configured or has other value, set 'port 4949';" - ;; -3) # All expected values are NOT configured - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" port is not well configured, set 'port 4949';" - ;; -*) # Unknown return code... - MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check port;" - ;; -esac + # port + check_value_in_conf_file "MUNIN" "${conf_file_to_test}" "port" "4949" + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error during port check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" port is not well configured or has other value, set 'port 4949';" + ;; + 3) # All expected values are NOT configured + MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" port is not well configured, set 'port 4949';" + ;; + *) # Unknown return code... + MUNIN_CONFIG_CHECK_FAILED=${MUNIN_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check port;" + ;; + esac +fi diff --git a/recipes/recipe_check_nrpe_config.sh b/recipes/recipe_check_nrpe_config.sh index 170f435..52a93f3 100755 --- a/recipes/recipe_check_nrpe_config.sh +++ b/recipes/recipe_check_nrpe_config.sh @@ -3,65 +3,74 @@ print_config_title 'CHECK NRPE BASIC CONFIG' # Check /etc/nagios/nrpe.cfg config file, checked parameters : allowed_hosts/nrpe_user/nrpe_group # This does not check if NRPE 'monitoring server' has configured this machine -# allowed_hosts -check_value_in_conf_file "NRPE" "/etc/nagios/nrpe.cfg" "allowed_hosts" "127.0.0.1,[[:space:]]*${IPV4_ADMIN_NETWORK}0/24,[[:space:]]*${IPV6_ADMIN_NETWORK}:/64" +conf_file_to_test="/etc/nagios/nrpe.cfg" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error during allowed_hosts check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" allowed_hosts are not well configured or has other value, set 'allowed_hosts=127.0.0.1, ${IPV4_ADMIN_NETWORK}0/24, ${IPV6_ADMIN_NETWORK}:/64';" - ;; -3) # All expected values are NOT configured - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" allowed_hosts are not well configured, set 'allowed_hosts=127.0.0.1, ${IPV4_ADMIN_NETWORK}0/24, ${IPV6_ADMIN_NETWORK}:/64';" - ;; -*) # Unknown return code... - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check allowed_hosts;" - ;; -esac +# Check if conf file exist +if [[ ! -f "${conf_file_to_test}" ]] +then + echo -e "${RED}ERROR : file ${conf_file_to_test} NOT FOUND.${NC}\n" + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error, file ${conf_file_to_test} not found;" +else + + # allowed_hosts + check_value_in_conf_file "NRPE" "${conf_file_to_test}" "allowed_hosts" "127.0.0.1,[[:space:]]*${IPV4_ADMIN_NETWORK}0/24,[[:space:]]*${IPV6_ADMIN_NETWORK}:/64" + + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error during allowed_hosts check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" allowed_hosts are not well configured or has other value, set 'allowed_hosts=127.0.0.1, ${IPV4_ADMIN_NETWORK}0/24, ${IPV6_ADMIN_NETWORK}:/64';" + ;; + 3) # All expected values are NOT configured + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" allowed_hosts are not well configured, set 'allowed_hosts=127.0.0.1, ${IPV4_ADMIN_NETWORK}0/24, ${IPV6_ADMIN_NETWORK}:/64';" + ;; + *) # Unknown return code... + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check allowed_hosts;" + ;; + esac -# nrpe_user -check_value_in_conf_file "NRPE" "/etc/nagios/nrpe.cfg" "nrpe_user" "nagios" + # nrpe_user + check_value_in_conf_file "NRPE" "${conf_file_to_test}" "nrpe_user" "nagios" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error during nrpe_user check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" nrpe_user is not well configured or has other value, set 'nrpe_user=nagios';" - ;; -3) # All expected values are NOT configured - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" nrpe_user is not well configured, set 'nrpe_user=nagios';" - ;; -*) # Unknown return code... - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check nrpe_user;" - ;; -esac + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error during nrpe_user check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" nrpe_user is not well configured or has other value, set 'nrpe_user=nagios';" + ;; + 3) # All expected values are NOT configured + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" nrpe_user is not well configured, set 'nrpe_user=nagios';" + ;; + *) # Unknown return code... + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check nrpe_user;" + ;; + esac -# nrpe_group -check_value_in_conf_file "NRPE" "/etc/nagios/nrpe.cfg" "nrpe_group" "nagios" - -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error during nrpe_group check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" nrpe_group is not well configured or has other value, set 'nrpe_group=nagios';" - ;; -3) # All expected values are NOT configured - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" nrpe_group is not well configured, set 'nrpe_group=nagios';" - ;; -*) # Unknown return code... - NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check nrpe_group;" - ;; -esac + # nrpe_group + check_value_in_conf_file "NRPE" "${conf_file_to_test}" "nrpe_group" "nagios" + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error during nrpe_group check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" nrpe_group is not well configured or has other value, set 'nrpe_group=nagios';" + ;; + 3) # All expected values are NOT configured + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" nrpe_group is not well configured, set 'nrpe_group=nagios';" + ;; + *) # Unknown return code... + NRPE_CONFIG_CHECK_FAILED=${NRPE_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check nrpe_group;" + ;; + esac +fi diff --git a/recipes/recipe_check_portage.sh b/recipes/recipe_check_portage.sh index d883781..e5e1756 100644 --- a/recipes/recipe_check_portage.sh +++ b/recipes/recipe_check_portage.sh @@ -1,222 +1,233 @@ print_config_title 'CHECK PORTAGE CONFIG' -# Check if make.conf includes FEATURES="getbinpkg" -echo "Check if /etc/portage/make.conf includes FEATURES=\"getbinpkg\"" -grep -q "^[[:space:]]*FEATURES=\"getbinpkg\"[[:space:]]*$" /etc/portage/make.conf +conf_file_to_test="/etc/portage/make.conf" -# Return Code -RC=$? - -# Portage conf does NOT include getbinpkg FEATURE -if [ $RC -ne 0 ] +# Check if conf file exist +if [[ ! -f "${conf_file_to_test}" ]] then - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Portage binpkg feature not configured, add FEATURES=\"getbinpkg\" in /etc/portage/make.conf ;" - echo -e "${RED}Portage getbinpkg feature is NOT CONFIGURED in /etc/portage/make.conf : check KO${NC}\n" -# Portage conf includes getbinpkg FEATURE + echo -e "${RED}ERROR : file ${conf_file_to_test} NOT FOUND.${NC}\n" + PORTAGE_CONFIG_CHECK_FAILED=${PORTAGE_CONFIG_CHECK_FAILED}" Error, file ${conf_file_to_test} not found;" else - # If there are multiple definitions of FEATURE variable, KO - FEATURE_DEFINITION_NUMBER="$(grep \"^[[:space:]]*FEATURES\" /etc/portage/make.conf | wc -l)" - if [ "${FEATURE_DEFINITION_NUMBER}" -gt "1" ] - then - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Multiple definitions of FEATURE variable in /etc/portage/make.conf, define the variable FEATURE only once in /etc/portage/make.conf ;" - echo -e "${RED}Multiple definitions of FEATURE variable in /etc/portage/make.conf : check KO${NC}\n" - # Else it's OK - else - echo -e "${GREEN}Portage getbinpkg feature CONFIGURED in /etc/portage/make.conf : check OK${NC}\n" - fi -fi -# Check if make.conf includes well configured PORTAGE_BINHOST -echo "Check if /etc/portage/make.conf includes well configured PORTAGE_BINHOST" -grep -q "^[[:space:]]*PORTAGE_BINHOST=\"${BINPKGREPO}\"[[:space:]]*$" /etc/portage/make.conf - -# Return Code -RC=$? - -# Portage PORTAGE_BINHOST NOT well CONFIGURED -if [ $RC -ne 0 ] -then - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Portage PORTAGE_BINHOST not configured, add PORTAGE_BINHOST=\"${BINPKGREPO}\" in /etc/portage/make.conf ;" - echo -e "${RED}Portage PORTAGE_BINHOST is NOT well CONFIGURED in /etc/portage/make.conf : check KO${NC}\n" -# Portage PORTAGE_BINHOST well CONFIGURED -else - # If there are multiple definitions of PORTAGE_BINHOST variable, KO - PORTAGE_BINHOST_DEFINITION_NUMBER="$(grep "^[[:space:]]*PORTAGE_BINHOST" /etc/portage/make.conf | wc -l)" - if [ "${PORTAGE_BINHOST_DEFINITION_NUMBER}" -gt "1" ] - then - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Multiple definitions of PORTAGE_BINHOST variable in /etc/portage/make.conf, define the variable PORTAGE_BINHOST only once in /etc/portage/make.conf ;" - echo -e "${RED}Multiple definitions of PORTAGE_BINHOST variable in /etc/portage/make.conf : check KO${NC}\n" - # Else it's OK - else - echo -e "${GREEN}Portage PORTAGE_BINHOST variable well CONFIGURED in /etc/portage/make.conf : check OK${NC}\n" - fi -fi - - -# Check if make.conf includes well configured ACCEPT_LICENSE -echo "Check if /etc/portage/make.conf includes well configured ACCEPT_LICENSE" -grep -q "^[[:space:]]*ACCEPT_LICENSE=\"${PORTAGE_ACCEPTLICENSE}\"[[:space:]]*$" /etc/portage/make.conf - -# Return Code -RC=$? - -# Portage ACCEPT_LICENSE NOT well CONFIGURED -if [ $RC -ne 0 ] -then - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Portage ACCEPT_LICENSE not configured, add ACCEPT_LICENSE=\"$(echo ${PORTAGE_ACCEPTLICENSE} | tr -d '\\')\" in /etc/portage/make.conf ;" - echo -e "${RED}Portage ACCEPT_LICENSE feature is NOT well CONFIGURED in /etc/portage/make.conf : check KO${NC}\n" -# Portage ACCEPT_LICENSE well CONFIGURED -else - # If there are multiple definitions of ACCEPT_LICENSE variable, KO - ACCEPT_LICENSE_DEFINITION_NUMBER="$(grep "^[[:space:]]*ACCEPT_LICENSE" /etc/portage/make.conf | wc -l)" - if [ "${ACCEPT_LICENSE_DEFINITION_NUMBER}" -gt "1" ] - then - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Multiple definitions of ACCEPT_LICENSE variable in /etc/portage/make.conf, define the variable ACCEPT_LICENSE only once in /etc/portage/make.conf ;" - echo -e "${RED}Multiple definitions of ACCEPT_LICENSE variable in /etc/portage/make.conf : check KO${NC}\n" - # Else it's OK - else - echo -e "${GREEN}Portage ACCEPT_LICENSE variable well CONFIGURED in /etc/portage/make.conf : check OK${NC}\n" - fi -fi - - -# Check if global USE flags is well configured in /etc/portage/make.conf -echo "Check if global USE flags is well configured in /etc/portage/make.conf" - -# Check if USE variable has multiple definiton -USE_DEFINITION_NUMBER="$(grep "^[[:space:]]*USE" /etc/portage/make.conf | wc -l)" - -# If there is only one definition, it's OK -if [ "${USE_DEFINITION_NUMBER}" -eq "1" ] -then - # Get actual global USE flags in /etc/portage/make.conf and format to compare - ACTUAL_PORTAGE_USE="$(sed -n '/^[[:space:]]*USE=\"/,/\"/p' /etc/portage/make.conf | tr -d '\n' | cut -d'"' -f2 | sed 's/ /\n/g' | sort | tr '\n' ' ' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')" - PORTAGE_USE_SORTED="$(echo ${PORTAGE_USE} | sed 's/ /\n/g' | sort | tr '\n' ' ' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')" - - # Global USE flags in /etc/portage/make.conf is well configured - if [ "$ACTUAL_PORTAGE_USE" == "$PORTAGE_USE_SORTED" ] - then - echo -e "${GREEN}Global USE flags in /etc/portage/make.conf is well configured : check OK${NC}\n" - # Global USE flags in /etc/portage/make.conf is NOT well configured - else - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Global USE flags in /etc/portage/make.conf is NOT well CONFIGURED, set USE=\"${PORTAGE_USE_SORTED}\" in /etc/portage/make.conf ;" - echo -e "${RED}Global USE flags in /etc/portage/make.conf is NOT well CONFIGURED : check KO${NC}\n" - fi -else - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Global USE flags in /etc/portage/make.conf has multiple definitions OR there is NO USE variable, define USE variable and only once in /etc/portage/make.conf ;" - echo -e "${RED}Global USE flags in /etc/portage/make.conf has multiple definitions OR USE variable is not defined : check KO${NC}\n" -fi - - -# Check if make.conf includes well configured CHOST -echo "Check if /etc/portage/make.conf includes well configured CHOST" -grep -q "^[[:space:]]*CHOST=\"${PORTAGE_CHOST}\"[[:space:]]*$" /etc/portage/make.conf - -# Return Code -RC=$? - -# Portage CHOST NOT well CONFIGURED -if [ $RC -ne 0 ] -then - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Portage CHOST not configured, add CHOST=\"${PORTAGE_CHOST}\" in /etc/portage/make.conf ;" - echo -e "${RED}Portage CHOST feature is NOT well CONFIGURED in /etc/portage/make.conf : check KO${NC}\n" -# Portage CHOST well CONFIGURED -else - # If there are multiple definitions of CHOST variable, KO - CHOST_DEFINITION_NUMBER="$(grep "^[[:space:]]*CHOST" /etc/portage/make.conf | wc -l)" - if [ "${CHOST_DEFINITION_NUMBER}" -gt "1" ] - then - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Multiple definitions of CHOST variable in /etc/portage/make.conf, define the variable CHOST only once in /etc/portage/make.conf ;" - echo -e "${RED}Multiple definitions of CHOST variable in /etc/portage/make.conf : check KO${NC}\n" - # Else it's OK - else - echo -e "${GREEN}Portage CHOST variable well CONFIGURED in /etc/portage/make.conf : check OK${NC}\n" - fi -fi - - -# Check if make.conf includes well configured GRUB_PLATFORMS -echo "Check if /etc/portage/make.conf includes well configured GRUB_PLATFORMS" -grep -q "^[[:space:]]*GRUB_PLATFORMS=\"${PORTAGE_GRUB_PLATFORMS}\"[[:space:]]*$" /etc/portage/make.conf - -# Return Code -RC=$? - -# Portage GRUB_PLATFORMS NOT well CONFIGURED -if [ $RC -ne 0 ] -then - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Portage CHOST not configured, add GRUB_PLATFORMS=\"${PORTAGE_GRUB_PLATFORMS}\" in /etc/portage/make.conf ;" - echo -e "${RED}Portage GRUB_PLATFORMS feature is NOT well CONFIGURED in /etc/portage/make.conf : check KO${NC}\n" -# Portage GRUB_PLATFORMS well CONFIGURED -else - # If there are multiple definitions of CHOST variable, KO - GRUB_PLATFORMS_DEFINITION_NUMBER="$(grep "^[[:space:]]*GRUB_PLATFORMS" /etc/portage/make.conf | wc -l)" - if [ "${GRUB_PLATFORMS_DEFINITION_NUMBER}" -gt "1" ] - then - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Multiple definitions of GRUB_PLATFORMS variable in /etc/portage/make.conf, define the variable GRUB_PLATFORMS only once in /etc/portage/make.conf ;" - echo -e "${RED}Multiple definitions of GRUB_PLATFORMS variable in /etc/portage/make.conf : check KO${NC}\n" - # Else it's OK - else - echo -e "${GREEN}Portage GRUB_PLATFORMS variable well CONFIGURED in /etc/portage/make.conf : check OK${NC}\n" - fi -fi - - -# Check if portage organization mirror is configured in /etc/portage/make.conf -echo "Check if portage oragnization mirror is configured in /etc/portage/make.conf" - -# Check if GENTOO_MIRRORS variable has multiple definiton -GENTOO_MIRRORS_DEFINITION_NUMBER="$(grep "^[[:space:]]*GENTOO_MIRRORS" /etc/portage/make.conf | wc -l)" - -# If there is only one definition, it's OK -if [ "${GENTOO_MIRRORS_DEFINITION_NUMBER}" -eq "1" ] -then - # Check if GENTOO_MIRRORS value in /etc/portage/make.conf includes organization mirror - sed -n '/^[[:space:]]*GENTOO_MIRRORS=\"/,/\"/p' /etc/portage/make.conf | grep -q "${PORTAGE_ORGANIZATION_MIRROR}" + # Check if make.conf includes FEATURES="getbinpkg" + echo "Check if ${conf_file_to_test} includes FEATURES=\"getbinpkg\"" + grep -q "^[[:space:]]*FEATURES=\"getbinpkg\"[[:space:]]*$" ${conf_file_to_test} # Return Code RC=$? - # GENTOO_MIRRORS in /etc/portage/make.conf includes organization mirror - if [ $RC -eq 0 ] + # Portage conf does NOT include getbinpkg FEATURE + if [ $RC -ne 0 ] then - echo -e "${GREEN}GENTOO_MIRRORS in /etc/portage/make.conf includes organization mirror : check OK${NC}\n" - # GENTOO_MIRRORS in /etc/portage/make.conf does NOT includes organization mirror + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Portage binpkg feature not configured, add FEATURES=\"getbinpkg\" in ${conf_file_to_test} ;" + echo -e "${RED}Portage getbinpkg feature is NOT CONFIGURED in ${conf_file_to_test} : check KO${NC}\n" + # Portage conf includes getbinpkg FEATURE else - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} GENTOO_MIRRORS in /etc/portage/make.conf does NOT includes organization mirror, add ${PORTAGE_ORGANIZATION_MIRROR} mirror in GENTOO_MIRRORS variable in /etc/portage/make.conf ;" - echo -e "${RED}GENTOO_MIRRORS in /etc/portage/make.conf does NOT includes organization mirror : check KO${NC}\n" + # If there are multiple definitions of FEATURE variable, KO + FEATURE_DEFINITION_NUMBER="$(grep \"^[[:space:]]*FEATURES\" ${conf_file_to_test} | wc -l)" + if [ "${FEATURE_DEFINITION_NUMBER}" -gt "1" ] + then + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Multiple definitions of FEATURE variable in ${conf_file_to_test}, define the variable FEATURE only once in ${conf_file_to_test} ;" + echo -e "${RED}Multiple definitions of FEATURE variable in ${conf_file_to_test} : check KO${NC}\n" + # Else it's OK + else + echo -e "${GREEN}Portage getbinpkg feature CONFIGURED in ${conf_file_to_test} : check OK${NC}\n" + fi fi -else - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} GENTOO_MIRRORS in /etc/portage/make.conf has multiple definitions OR there is NO GENTOO_MIRRORS variable, define GENTOO_MIRRORS variable and only once in /etc/portage/make.conf ;" - echo -e "${RED}GENTOO_MIRRORS in /etc/portage/make.conf has multiple definitions OR GENTOO_MIRRORS variable is not defined : check KO${NC}\n" -fi + # Check if make.conf includes well configured PORTAGE_BINHOST + echo "Check if ${conf_file_to_test} includes well configured PORTAGE_BINHOST" + grep -q "^[[:space:]]*PORTAGE_BINHOST=\"${BINPKGREPO}\"[[:space:]]*$" ${conf_file_to_test} -# Check if global CPU_FLAGS_X86 flags is well configured in /etc/portage/make.conf -echo "Check if global CPU_FLAGS_X86 flags is well configured in /etc/portage/make.conf" + # Return Code + RC=$? -# Check if CPU_FLAGS_X86 variable has multiple definiton -CPU_FLAGS_X86_DEFINITION_NUMBER="$(grep "^[[:space:]]*CPU_FLAGS_X86" /etc/portage/make.conf | wc -l)" - -# If there is only one definition, it's OK -if [ "${CPU_FLAGS_X86_DEFINITION_NUMBER}" -eq "1" ] -then - # Get actual global CPU_FLAGS_X86 flags in /etc/portage/make.conf and format to compare - ACTUAL_PORTAGE_CPU_FLAGS_X86="$(sed -n '/^[[:space:]]*CPU_FLAGS_X86=\"/,/\"/p' /etc/portage/make.conf | tr -d '\n' | cut -d'"' -f2 | sed 's/ /\n/g' | sort | tr '\n' ' ' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')" - PORTAGE_CPU_FLAGS_X86_SORTED="$(echo ${PORTAGE_CPU_FLAGS_X86} | sed 's/ /\n/g' | sort | tr '\n' ' ' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')" - - # Global CPU_FLAGS_X86 flags in /etc/portage/make.conf is well configured - if [ "$ACTUAL_PORTAGE_CPU_FLAGS_X86" == "$PORTAGE_CPU_FLAGS_X86_SORTED" ] + # Portage PORTAGE_BINHOST NOT well CONFIGURED + if [ $RC -ne 0 ] then - echo -e "${GREEN}Global CPU_FLAGS_X86 flags in /etc/portage/make.conf is well configured : check OK${NC}\n" - # Global CPU_FLAGS_X86 flags in /etc/portage/make.conf is NOT well configured + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Portage PORTAGE_BINHOST not configured, add PORTAGE_BINHOST=\"${BINPKGREPO}\" in ${conf_file_to_test} ;" + echo -e "${RED}Portage PORTAGE_BINHOST is NOT well CONFIGURED in ${conf_file_to_test} : check KO${NC}\n" + # Portage PORTAGE_BINHOST well CONFIGURED else - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Global CPU_FLAGS_X86 flags in /etc/portage/make.conf is NOT well CONFIGURED, set CPU_FLAGS_X86=\"${PORTAGE_CPU_FLAGS_X86_SORTED}\" in /etc/portage/make.conf ;" - echo -e "${RED}Global CPU_FLAGS_X86 flags in /etc/portage/make.conf is NOT well CONFIGURED : check KO${NC}\n" + # If there are multiple definitions of PORTAGE_BINHOST variable, KO + PORTAGE_BINHOST_DEFINITION_NUMBER="$(grep "^[[:space:]]*PORTAGE_BINHOST" ${conf_file_to_test} | wc -l)" + if [ "${PORTAGE_BINHOST_DEFINITION_NUMBER}" -gt "1" ] + then + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Multiple definitions of PORTAGE_BINHOST variable in ${conf_file_to_test}, define the variable PORTAGE_BINHOST only once in ${conf_file_to_test} ;" + echo -e "${RED}Multiple definitions of PORTAGE_BINHOST variable in ${conf_file_to_test} : check KO${NC}\n" + # Else it's OK + else + echo -e "${GREEN}Portage PORTAGE_BINHOST variable well CONFIGURED in ${conf_file_to_test} : check OK${NC}\n" + fi + fi + + + # Check if make.conf includes well configured ACCEPT_LICENSE + echo "Check if ${conf_file_to_test} includes well configured ACCEPT_LICENSE" + grep -q "^[[:space:]]*ACCEPT_LICENSE=\"${PORTAGE_ACCEPTLICENSE}\"[[:space:]]*$" ${conf_file_to_test} + + # Return Code + RC=$? + + # Portage ACCEPT_LICENSE NOT well CONFIGURED + if [ $RC -ne 0 ] + then + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Portage ACCEPT_LICENSE not configured, add ACCEPT_LICENSE=\"$(echo ${PORTAGE_ACCEPTLICENSE} | tr -d '\\')\" in ${conf_file_to_test} ;" + echo -e "${RED}Portage ACCEPT_LICENSE feature is NOT well CONFIGURED in ${conf_file_to_test} : check KO${NC}\n" + # Portage ACCEPT_LICENSE well CONFIGURED + else + # If there are multiple definitions of ACCEPT_LICENSE variable, KO + ACCEPT_LICENSE_DEFINITION_NUMBER="$(grep "^[[:space:]]*ACCEPT_LICENSE" ${conf_file_to_test} | wc -l)" + if [ "${ACCEPT_LICENSE_DEFINITION_NUMBER}" -gt "1" ] + then + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Multiple definitions of ACCEPT_LICENSE variable in ${conf_file_to_test}, define the variable ACCEPT_LICENSE only once in ${conf_file_to_test} ;" + echo -e "${RED}Multiple definitions of ACCEPT_LICENSE variable in ${conf_file_to_test} : check KO${NC}\n" + # Else it's OK + else + echo -e "${GREEN}Portage ACCEPT_LICENSE variable well CONFIGURED in ${conf_file_to_test} : check OK${NC}\n" + fi + fi + + + # Check if global USE flags is well configured in ${conf_file_to_test} + echo "Check if global USE flags is well configured in ${conf_file_to_test}" + + # Check if USE variable has multiple definiton + USE_DEFINITION_NUMBER="$(grep "^[[:space:]]*USE" ${conf_file_to_test} | wc -l)" + + # If there is only one definition, it's OK + if [ "${USE_DEFINITION_NUMBER}" -eq "1" ] + then + # Get actual global USE flags in ${conf_file_to_test} and format to compare + ACTUAL_PORTAGE_USE="$(sed -n '/^[[:space:]]*USE=\"/,/\"/p' ${conf_file_to_test} | tr -d '\n' | cut -d'"' -f2 | sed 's/ /\n/g' | sort | tr '\n' ' ' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')" + PORTAGE_USE_SORTED="$(echo ${PORTAGE_USE} | sed 's/ /\n/g' | sort | tr '\n' ' ' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')" + + # Global USE flags in ${conf_file_to_test} is well configured + if [ "$ACTUAL_PORTAGE_USE" == "$PORTAGE_USE_SORTED" ] + then + echo -e "${GREEN}Global USE flags in ${conf_file_to_test} is well configured : check OK${NC}\n" + # Global USE flags in ${conf_file_to_test} is NOT well configured + else + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Global USE flags in ${conf_file_to_test} is NOT well CONFIGURED, set USE=\"${PORTAGE_USE_SORTED}\" in ${conf_file_to_test} ;" + echo -e "${RED}Global USE flags in ${conf_file_to_test} is NOT well CONFIGURED : check KO${NC}\n" + fi + else + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Global USE flags in ${conf_file_to_test} has multiple definitions OR there is NO USE variable, define USE variable and only once in ${conf_file_to_test} ;" + echo -e "${RED}Global USE flags in ${conf_file_to_test} has multiple definitions OR USE variable is not defined : check KO${NC}\n" + fi + + + # Check if make.conf includes well configured CHOST + echo "Check if ${conf_file_to_test} includes well configured CHOST" + grep -q "^[[:space:]]*CHOST=\"${PORTAGE_CHOST}\"[[:space:]]*$" ${conf_file_to_test} + + # Return Code + RC=$? + + # Portage CHOST NOT well CONFIGURED + if [ $RC -ne 0 ] + then + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Portage CHOST not configured, add CHOST=\"${PORTAGE_CHOST}\" in ${conf_file_to_test} ;" + echo -e "${RED}Portage CHOST feature is NOT well CONFIGURED in ${conf_file_to_test} : check KO${NC}\n" + # Portage CHOST well CONFIGURED + else + # If there are multiple definitions of CHOST variable, KO + CHOST_DEFINITION_NUMBER="$(grep "^[[:space:]]*CHOST" ${conf_file_to_test} | wc -l)" + if [ "${CHOST_DEFINITION_NUMBER}" -gt "1" ] + then + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Multiple definitions of CHOST variable in ${conf_file_to_test}, define the variable CHOST only once in ${conf_file_to_test} ;" + echo -e "${RED}Multiple definitions of CHOST variable in ${conf_file_to_test} : check KO${NC}\n" + # Else it's OK + else + echo -e "${GREEN}Portage CHOST variable well CONFIGURED in ${conf_file_to_test} : check OK${NC}\n" + fi + fi + + + # Check if make.conf includes well configured GRUB_PLATFORMS + echo "Check if ${conf_file_to_test} includes well configured GRUB_PLATFORMS" + grep -q "^[[:space:]]*GRUB_PLATFORMS=\"${PORTAGE_GRUB_PLATFORMS}\"[[:space:]]*$" ${conf_file_to_test} + + # Return Code + RC=$? + + # Portage GRUB_PLATFORMS NOT well CONFIGURED + if [ $RC -ne 0 ] + then + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Portage CHOST not configured, add GRUB_PLATFORMS=\"${PORTAGE_GRUB_PLATFORMS}\" in ${conf_file_to_test} ;" + echo -e "${RED}Portage GRUB_PLATFORMS feature is NOT well CONFIGURED in ${conf_file_to_test} : check KO${NC}\n" + # Portage GRUB_PLATFORMS well CONFIGURED + else + # If there are multiple definitions of CHOST variable, KO + GRUB_PLATFORMS_DEFINITION_NUMBER="$(grep "^[[:space:]]*GRUB_PLATFORMS" ${conf_file_to_test} | wc -l)" + if [ "${GRUB_PLATFORMS_DEFINITION_NUMBER}" -gt "1" ] + then + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Multiple definitions of GRUB_PLATFORMS variable in ${conf_file_to_test}, define the variable GRUB_PLATFORMS only once in ${conf_file_to_test} ;" + echo -e "${RED}Multiple definitions of GRUB_PLATFORMS variable in ${conf_file_to_test} : check KO${NC}\n" + # Else it's OK + else + echo -e "${GREEN}Portage GRUB_PLATFORMS variable well CONFIGURED in ${conf_file_to_test} : check OK${NC}\n" + fi + fi + + + # Check if portage organization mirror is configured in ${conf_file_to_test} + echo "Check if portage oragnization mirror is configured in ${conf_file_to_test}" + + # Check if GENTOO_MIRRORS variable has multiple definiton + GENTOO_MIRRORS_DEFINITION_NUMBER="$(grep "^[[:space:]]*GENTOO_MIRRORS" ${conf_file_to_test} | wc -l)" + + # If there is only one definition, it's OK + if [ "${GENTOO_MIRRORS_DEFINITION_NUMBER}" -eq "1" ] + then + # Check if GENTOO_MIRRORS value in ${conf_file_to_test} includes organization mirror + sed -n '/^[[:space:]]*GENTOO_MIRRORS=\"/,/\"/p' ${conf_file_to_test} | grep -q "${PORTAGE_ORGANIZATION_MIRROR}" + + # Return Code + RC=$? + + # GENTOO_MIRRORS in ${conf_file_to_test} includes organization mirror + if [ $RC -eq 0 ] + then + echo -e "${GREEN}GENTOO_MIRRORS in ${conf_file_to_test} includes organization mirror : check OK${NC}\n" + # GENTOO_MIRRORS in ${conf_file_to_test} does NOT includes organization mirror + else + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} GENTOO_MIRRORS in ${conf_file_to_test} does NOT includes organization mirror, add ${PORTAGE_ORGANIZATION_MIRROR} mirror in GENTOO_MIRRORS variable in ${conf_file_to_test} ;" + echo -e "${RED}GENTOO_MIRRORS in ${conf_file_to_test} does NOT includes organization mirror : check KO${NC}\n" + fi + else + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} GENTOO_MIRRORS in ${conf_file_to_test} has multiple definitions OR there is NO GENTOO_MIRRORS variable, define GENTOO_MIRRORS variable and only once in ${conf_file_to_test} ;" + echo -e "${RED}GENTOO_MIRRORS in ${conf_file_to_test} has multiple definitions OR GENTOO_MIRRORS variable is not defined : check KO${NC}\n" + fi + + + + # Check if global CPU_FLAGS_X86 flags is well configured in ${conf_file_to_test} + echo "Check if global CPU_FLAGS_X86 flags is well configured in ${conf_file_to_test}" + + # Check if CPU_FLAGS_X86 variable has multiple definiton + CPU_FLAGS_X86_DEFINITION_NUMBER="$(grep "^[[:space:]]*CPU_FLAGS_X86" ${conf_file_to_test} | wc -l)" + + # If there is only one definition, it's OK + if [ "${CPU_FLAGS_X86_DEFINITION_NUMBER}" -eq "1" ] + then + # Get actual global CPU_FLAGS_X86 flags in ${conf_file_to_test} and format to compare + ACTUAL_PORTAGE_CPU_FLAGS_X86="$(sed -n '/^[[:space:]]*CPU_FLAGS_X86=\"/,/\"/p' ${conf_file_to_test} | tr -d '\n' | cut -d'"' -f2 | sed 's/ /\n/g' | sort | tr '\n' ' ' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')" + PORTAGE_CPU_FLAGS_X86_SORTED="$(echo ${PORTAGE_CPU_FLAGS_X86} | sed 's/ /\n/g' | sort | tr '\n' ' ' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')" + + # Global CPU_FLAGS_X86 flags in ${conf_file_to_test} is well configured + if [ "$ACTUAL_PORTAGE_CPU_FLAGS_X86" == "$PORTAGE_CPU_FLAGS_X86_SORTED" ] + then + echo -e "${GREEN}Global CPU_FLAGS_X86 flags in ${conf_file_to_test} is well configured : check OK${NC}\n" + # Global CPU_FLAGS_X86 flags in ${conf_file_to_test} is NOT well configured + else + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Global CPU_FLAGS_X86 flags in ${conf_file_to_test} is NOT well CONFIGURED, set CPU_FLAGS_X86=\"${PORTAGE_CPU_FLAGS_X86_SORTED}\" in ${conf_file_to_test} ;" + echo -e "${RED}Global CPU_FLAGS_X86 flags in ${conf_file_to_test} is NOT well CONFIGURED : check KO${NC}\n" + fi + else + PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Global CPU_FLAGS_X86 flags in ${conf_file_to_test} has multiple definitions OR there is NO CPU_FLAGS_X86 variable, define CPU_FLAGS_X86 variable and only once in ${conf_file_to_test} ;" + echo -e "${RED}Global CPU_FLAGS_X86 flags in ${conf_file_to_test} has multiple definitions OR CPU_FLAGS_X86 variable is not defined : check KO${NC}\n" fi -else - PORTAGE_CONFIG_CHECK_FAILED="${PORTAGE_CONFIG_CHECK_FAILED} Global CPU_FLAGS_X86 flags in /etc/portage/make.conf has multiple definitions OR there is NO CPU_FLAGS_X86 variable, define CPU_FLAGS_X86 variable and only once in /etc/portage/make.conf ;" - echo -e "${RED}Global CPU_FLAGS_X86 flags in /etc/portage/make.conf has multiple definitions OR CPU_FLAGS_X86 variable is not defined : check KO${NC}\n" fi diff --git a/recipes/recipe_check_postfix_protocol_config.sh b/recipes/recipe_check_postfix_protocol_config.sh index 29325c1..93f2da5 100644 --- a/recipes/recipe_check_postfix_protocol_config.sh +++ b/recipes/recipe_check_postfix_protocol_config.sh @@ -2,44 +2,55 @@ print_config_title 'CHECK POSTFIX BASIC CONFIG' # Check /etc/postfix/main.cf config file mail_owner/inet_protocols parameters -# mail_owner -check_value_in_conf_file "POSTFIX" "/etc/postfix/main.cf" "mail_owner" "postfix" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" Error during mail_owner check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" mail_owner is not well configured or has other value, set 'mail_owner = postfix';" - ;; -3) # All expected values are NOT configured - POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" mail_owner is not well configured, set 'mail_owner = postfix';" - ;; -*) # Unknown return code... - POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check mail_owner;" - ;; -esac +conf_file_to_test="/etc/postfix/main.cf" + +# Check if conf file exist +if [[ ! -f "${conf_file_to_test}" ]] +then + echo -e "${RED}ERROR : file ${conf_file_to_test} NOT FOUND.${NC}\n" + POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" Error, file ${conf_file_to_test} not found;" +else -# inet_protocols -check_value_in_conf_file "POSTFIX" "/etc/postfix/main.cf" "inet_protocols" "all" + # mail_owner + check_value_in_conf_file "POSTFIX" "${conf_file_to_test}" "mail_owner" "postfix" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" Error during inet_protocols check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" inet_protocols are not well configured or has other value, set 'inet_protocols = all';" - ;; -3) # All expected values are NOT configured - POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" inet_protocols are not well configured, set 'inet_protocols = all';" - ;; -*) # Unknown return code... - POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check inet_protocols;" - ;; -esac + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" Error during mail_owner check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" mail_owner is not well configured or has other value, set 'mail_owner = postfix';" + ;; + 3) # All expected values are NOT configured + POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" mail_owner is not well configured, set 'mail_owner = postfix';" + ;; + *) # Unknown return code... + POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check mail_owner;" + ;; + esac + + # inet_protocols + check_value_in_conf_file "POSTFIX" "${conf_file_to_test}" "inet_protocols" "all" + + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" Error during inet_protocols check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" inet_protocols are not well configured or has other value, set 'inet_protocols = all';" + ;; + 3) # All expected values are NOT configured + POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" inet_protocols are not well configured, set 'inet_protocols = all';" + ;; + *) # Unknown return code... + POSTFIX_CONFIG_CHECK_FAILED=${POSTFIX_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check inet_protocols;" + ;; + esac +fi diff --git a/recipes/recipe_check_snmp_config.sh b/recipes/recipe_check_snmp_config.sh index 24b7eea..32a8114 100755 --- a/recipes/recipe_check_snmp_config.sh +++ b/recipes/recipe_check_snmp_config.sh @@ -3,132 +3,138 @@ print_config_title 'CHECK SNMP BASIC CONFIG' # This does NOT check if SNMP 'monitoring server' has configured this machine # Check /etc/snmp/snmpd.conf config file rocommunity/agentAddress/trap2sink/informsink/sysLocation/sysContact parameters -#agentAddress -check_value_in_conf_file "SNMP" "/etc/snmp/snmpd.conf" "agentAddress" "udp:127.0.0.1:161 udp:${IPV4_ADMIN_LAN_IP}:161 udp6:\[::1\]:161 udp6:\[${IPV6_ADMIN_LAN_IP}\]:161" +conf_file_to_test="/etc/snmp/snmpd.conf" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during agentAddress check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" agentAddress are not well configured or has other value, set agentAddress for IPv4 and IPv6 in Admin LAN and localhost;" - ;; -3) # All expected values are NOT configured - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" agentAddress are not well configured, set agentAddress for IPv4 and IPv6 in Admin LAN and localhost;" - ;; -*) # Unknown return code... - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check agentAddress;" - ;; -esac +# Check if conf file exist +if [[ ! -f "${conf_file_to_test}" ]] +then + echo -e "${RED}ERROR : file ${conf_file_to_test} NOT FOUND.${NC}\n" + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, file ${conf_file_to_test} not found;" +else + + #agentAddress + check_value_in_conf_file "SNMP" "${conf_file_to_test}" "agentAddress" "udp:127.0.0.1:161 udp:${IPV4_ADMIN_LAN_IP}:161 udp6:\[::1\]:161 udp6:\[${IPV6_ADMIN_LAN_IP}\]:161" + + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during agentAddress check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" agentAddress are not well configured or has other value, set agentAddress for IPv4 and IPv6 in Admin LAN and localhost;" + ;; + 3) # All expected values are NOT configured + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" agentAddress are not well configured, set agentAddress for IPv4 and IPv6 in Admin LAN and localhost;" + ;; + *) # Unknown return code... + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check agentAddress;" + ;; + esac -#rocommunity -# No IPv6 here.... -check_value_in_conf_file "SNMP" "/etc/snmp/snmpd.conf" "rocommunity" "public[[:space:]]*127.0.0.1 public[[:space:]]*${IPV4_ADMIN_NETWORK}0/24" + #rocommunity + # No IPv6 here.... + check_value_in_conf_file "SNMP" "${conf_file_to_test}" "rocommunity" "public[[:space:]]*127.0.0.1 public[[:space:]]*${IPV4_ADMIN_NETWORK}0/24" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during rocommunity check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" rocommunity are not well configured or has other value, set 'rocommunity public 127.0.0.1' and 'rocommunity public ${IPV4_ADMIN_NETWORK}0/24';" - ;; -3) # All expected values are NOT configured - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" rocommunity are not well configured, set 'rocommunity public 127.0.0.1' and 'rocommunity public ${IPV4_ADMIN_NETWORK}0/24';" - ;; -*) # Unknown return code... - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check rocommunity;" - ;; -esac + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during rocommunity check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" rocommunity are not well configured or has other value, set 'rocommunity public 127.0.0.1' and 'rocommunity public ${IPV4_ADMIN_NETWORK}0/24';" + ;; + 3) # All expected values are NOT configured + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" rocommunity are not well configured, set 'rocommunity public 127.0.0.1' and 'rocommunity public ${IPV4_ADMIN_NETWORK}0/24';" + ;; + *) # Unknown return code... + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check rocommunity;" + ;; + esac -# trap2sink -check_value_in_conf_file "SNMP" "/etc/snmp/snmpd.conf" "trap2sink" "${NAME_MASTER_MONITORING}[[:space:]]*public" + # trap2sink + check_value_in_conf_file "SNMP" "${conf_file_to_test}" "trap2sink" "${NAME_MASTER_MONITORING}[[:space:]]*public" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during trap2sink check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" trap2sink is not well configured or has other value, set 'trap2sink ${NAME_MASTER_MONITORING} public;" - ;; -3) # All expected values are NOT configured - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" trap2sink is not well configured, set 'trap2sink ${NAME_MASTER_MONITORING} public';" - ;; -*) # Unknown return code... - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check trap2sink;" - ;; -esac + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during trap2sink check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" trap2sink is not well configured or has other value, set 'trap2sink ${NAME_MASTER_MONITORING} public;" + ;; + 3) # All expected values are NOT configured + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" trap2sink is not well configured, set 'trap2sink ${NAME_MASTER_MONITORING} public';" + ;; + *) # Unknown return code... + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check trap2sink;" + ;; + esac -# informsink -check_value_in_conf_file "SNMP" "/etc/snmp/snmpd.conf" "informsink" "${NAME_MASTER_MONITORING}[[:space:]]*public" + # informsink + check_value_in_conf_file "SNMP" "${conf_file_to_test}" "informsink" "${NAME_MASTER_MONITORING}[[:space:]]*public" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during informsink check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" informsink is not well configured or has other value, set 'informsink ${NAME_MASTER_MONITORING} public;" - ;; -3) # All expected values are NOT configured - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" informsink is not well configured, set 'informsink ${NAME_MASTER_MONITORING} public';" - ;; -*) # Unknown return code... - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check informsink;" - ;; -esac + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during informsink check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" informsink is not well configured or has other value, set 'informsink ${NAME_MASTER_MONITORING} public;" + ;; + 3) # All expected values are NOT configured + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" informsink is not well configured, set 'informsink ${NAME_MASTER_MONITORING} public';" + ;; + *) # Unknown return code... + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check informsink;" + ;; + esac -# sysLocation -check_value_in_conf_file "SNMP" "/etc/snmp/snmpd.conf" "sysLocation" "${DC_for_function_check_value_in_conf_file}" - -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during sysLocation check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" sysLocation is not well configured or has other value, set 'sysLocation ${DC}';" - ;; -3) # All expected values are NOT configured - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" sysLocation is not well configured, set 'sysLocation ${DC}';" - ;; -*) # Unknown return code... - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check sysLocation;" - ;; -esac - - -# sysContact -check_value_in_conf_file "SNMP" "/etc/snmp/snmpd.conf" "sysContact" "${ENTITY_for_function_check_value_in_conf_file}[[:space:]]*<${MAIL_ALIAS_ROOT}>" - -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during sysContact check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" sysContact is not well configured or has other value, set 'sysContact ${ENTITY} <${MAIL_ALIAS_ROOT}>';" - ;; -3) # All expected values are NOT configured - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" sysContact is not well configured, set 'sysContact ${ENTITY} <${MAIL_ALIAS_ROOT}>';" - ;; -*) # Unknown return code... - SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check sysContact;" - ;; -esac + # sysLocation + check_value_in_conf_file "SNMP" "${conf_file_to_test}" "sysLocation" "${DC_for_function_check_value_in_conf_file}" + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during sysLocation check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" sysLocation is not well configured or has other value, set 'sysLocation ${DC}';" + ;; + 3) # All expected values are NOT configured + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" sysLocation is not well configured, set 'sysLocation ${DC}';" + ;; + *) # Unknown return code... + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check sysLocation;" + ;; + esac + # sysContact + check_value_in_conf_file "SNMP" "${conf_file_to_test}" "sysContact" "${ENTITY_for_function_check_value_in_conf_file}[[:space:]]*<${MAIL_ALIAS_ROOT}>" + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error during sysContact check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" sysContact is not well configured or has other value, set 'sysContact ${ENTITY} <${MAIL_ALIAS_ROOT}>';" + ;; + 3) # All expected values are NOT configured + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" sysContact is not well configured, set 'sysContact ${ENTITY} <${MAIL_ALIAS_ROOT}>';" + ;; + *) # Unknown return code... + SNMP_CONFIG_CHECK_FAILED=${SNMP_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check sysContact;" + ;; + esac +fi diff --git a/recipes/recipe_check_ssh_config.sh b/recipes/recipe_check_ssh_config.sh index 9eb3475..fb84dbb 100755 --- a/recipes/recipe_check_ssh_config.sh +++ b/recipes/recipe_check_ssh_config.sh @@ -1,64 +1,74 @@ print_config_title 'CHECK SSH CONFIG' -# PasswordAuthentication -check_value_in_conf_file "SSH" "/etc/ssh/sshd_config" "PasswordAuthentication" "no" +conf_file_to_test="/etc/snmp/snmpd.conf" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error during PasswordAuthentication with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" PasswordAuthentication is not set to 'no' or has other value, set 'PasswordAuthentication no' ;" - ;; -3) # All expected values are NOT configured - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" PasswordAuthentication is not set to 'no', set 'PasswordAuthentication no' ;" - ;; -*) # Unknown return code... - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check PasswordAuthentication;" - ;; -esac +# Check if conf file exist +if [[ ! -f "${conf_file_to_test}" ]] +then + echo -e "${RED}ERROR : file ${conf_file_to_test} NOT FOUND.${NC}\n" + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error, file ${conf_file_to_test} not found;" +else + + # PasswordAuthentication + check_value_in_conf_file "SSH" "${conf_file_to_test}" "PasswordAuthentication" "no" + + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error during PasswordAuthentication with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" PasswordAuthentication is not set to 'no' or has other value, set 'PasswordAuthentication no' ;" + ;; + 3) # All expected values are NOT configured + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" PasswordAuthentication is not set to 'no', set 'PasswordAuthentication no' ;" + ;; + *) # Unknown return code... + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check PasswordAuthentication;" + ;; + esac -# PermitRootLogin -check_value_in_conf_file "SSH" "/etc/ssh/sshd_config" "PermitRootLogin" "no" + # PermitRootLogin + check_value_in_conf_file "SSH" "${conf_file_to_test}" "PermitRootLogin" "no" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error during PermitRootLogin with function check_value_in_conf_file, maybe incorrect number of parameter or incorrect parameter;" - ;; -2) # Unexpected value is set - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" PermitRootLogin is not set to 'no' or has other value, set 'PermitRootLogin no' ;" - ;; -3) # All expected values are NOT configured - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" PermitRootLogin is not set to 'no', set 'PermitRootLogin no' ;" - ;; -*) # Unknown return code... - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check PermitRootLogin;" - ;; -esac + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error during PermitRootLogin with function check_value_in_conf_file, maybe incorrect number of parameter or incorrect parameter or file not found;" + ;; + 2) # Unexpected value is set + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" PermitRootLogin is not set to 'no' or has other value, set 'PermitRootLogin no' ;" + ;; + 3) # All expected values are NOT configured + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" PermitRootLogin is not set to 'no', set 'PermitRootLogin no' ;" + ;; + *) # Unknown return code... + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check PermitRootLogin;" + ;; + esac -# ListenAddress -check_value_in_conf_file "SSH" "/etc/ssh/sshd_config" "ListenAddress" "${IPV4_ADMIN_LAN_IP} ${IPV6_ADMIN_LAN_IP}" + # ListenAddress + check_value_in_conf_file "SSH" "${conf_file_to_test}" "ListenAddress" "${IPV4_ADMIN_LAN_IP} ${IPV6_ADMIN_LAN_IP}" -case ${?} in -0) # OK, nothing to do - ;; -1) # Error (wrong number of param or other) - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error during ListenAddress check with function check_value_in_conf_file, maybe incorrect number of parameter;" - ;; -2) # Unexpected value is set - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" ListenAddress are not well configured or has other value, set ListenAddress for IPv4 and IPv6;" - ;; -3) # All expected values are NOT configured - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" ListenAddress are not well configured, set ListenAddress for IPv4 and IPv6;" - ;; -*) # Unknown return code... - SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check ListenAddress;" - ;; -esac + case ${?} in + 0) # OK, nothing to do + ;; + 1) # Error (wrong number of param or other) + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error during ListenAddress check with function check_value_in_conf_file, maybe incorrect number of parameter or file not found;" + ;; + 2) # Unexpected value is set + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" ListenAddress are not well configured or has other value, set ListenAddress for IPv4 and IPv6;" + ;; + 3) # All expected values are NOT configured + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" ListenAddress are not well configured, set ListenAddress for IPv4 and IPv6;" + ;; + *) # Unknown return code... + SSH_CONFIG_CHECK_FAILED=${SSH_CONFIG_CHECK_FAILED}" Error, unknown return code when calling check_value_in_conf_file to check ListenAddress;" + ;; + esac +fi