2020-09-29 11:08:10 +02:00
|
|
|
#!/bin/sh
|
|
|
|
|
2020-10-09 17:42:51 +02:00
|
|
|
# TODO Use \0 as a seprator
|
2020-09-24 17:21:30 +02:00
|
|
|
|
|
|
|
set -e
|
|
|
|
|
|
|
|
apache_dir=/etc/apache2
|
|
|
|
apache_conf=$apache_dir/apache2.conf
|
|
|
|
|
2020-09-29 11:40:55 +02:00
|
|
|
tmp_dir=/tmp/apache-require
|
2020-10-06 10:02:47 +02:00
|
|
|
mkdir -p "$tmp_dir"
|
2020-10-02 14:53:35 +02:00
|
|
|
confs=$tmp_dir/confs
|
2020-10-02 15:03:48 +02:00
|
|
|
confs_vhost=$tmp_dir/confs_vhost
|
|
|
|
confs_system=$tmp_dir/confs_system
|
|
|
|
confs_htaccess=$tmp_dir/confs_htaccess
|
2020-10-09 14:57:36 +02:00
|
|
|
confs_template=$tmp_dir/confs_template
|
2020-10-02 15:02:31 +02:00
|
|
|
result=$tmp_dir/result
|
2020-10-06 10:02:47 +02:00
|
|
|
summary=$tmp_dir/summary
|
2020-09-24 17:21:30 +02:00
|
|
|
|
|
|
|
module_loaded() {
|
|
|
|
apache2ctl -D DUMP_MODULES | grep -q access_compat_module
|
|
|
|
}
|
|
|
|
|
2020-10-06 10:02:47 +02:00
|
|
|
# Get all apache config files
|
2020-10-02 14:53:35 +02:00
|
|
|
get_confs() {
|
2020-09-24 17:21:30 +02:00
|
|
|
# Initialize le the list of configuration files with the default conf
|
2020-10-02 14:53:35 +02:00
|
|
|
test ! -e "$confs" && printf "%s\\n" $apache_conf > "$confs"
|
2020-09-24 17:21:30 +02:00
|
|
|
|
2020-09-29 11:08:10 +02:00
|
|
|
cd "$apache_dir"
|
|
|
|
# TODO: Refactor this mess
|
2020-10-02 14:53:35 +02:00
|
|
|
confs_size=0
|
|
|
|
while [ "$confs_size" -lt "$(stat -c %s "$confs")" ]; do
|
|
|
|
confs_size=$(stat -c %s "$confs")
|
|
|
|
for conf_file in $(cat "$confs"); do
|
2020-09-24 17:21:30 +02:00
|
|
|
# XXX: Expand the filenames
|
|
|
|
for glob in $(awk '/^[[:space:]]*Include/ {print $2}' "$conf_file"); do
|
2020-10-13 10:58:19 +02:00
|
|
|
realpath --canonicalize-existing --no-symlinks --quiet $glob >> "$confs"
|
2020-09-24 17:21:30 +02:00
|
|
|
done
|
|
|
|
done
|
2020-10-02 14:53:35 +02:00
|
|
|
sort "$confs" | uniq > "$confs"_tmp && mv "$confs"_tmp "$confs"
|
2020-09-24 17:21:30 +02:00
|
|
|
done
|
2020-09-29 11:08:10 +02:00
|
|
|
cd - 1>/dev/null
|
2020-09-24 17:21:30 +02:00
|
|
|
}
|
|
|
|
|
2020-10-06 12:12:37 +02:00
|
|
|
# Find all the .htaccess under each DocumentRoot
|
2020-10-02 15:03:48 +02:00
|
|
|
get_htaccess() {
|
2020-10-06 12:12:37 +02:00
|
|
|
xargs \
|
2020-10-02 16:30:03 +02:00
|
|
|
awk 'sub("^[[:space:]]*DocumentRoot[[:space:]]*", "")' \
|
|
|
|
< "$confs" \
|
|
|
|
| sort -u \
|
2020-10-06 12:12:37 +02:00
|
|
|
| xargs -I _ find _ -type f -name .htaccess || true
|
2020-10-06 10:06:41 +02:00
|
|
|
}
|
|
|
|
|
2020-10-09 14:57:36 +02:00
|
|
|
# Find directives in non apache location. It can be configuration for
|
|
|
|
# phpmyadmin or the default vhost template for example.
|
|
|
|
get_template() {
|
|
|
|
template_dirs="/etc /usr/share/scripts"
|
2020-10-13 10:59:25 +02:00
|
|
|
grep -lRE '^[[:space:]]*(Order|Allow|Deny|Satisfy)[[:space:]]' \
|
2020-10-13 09:41:22 +02:00
|
|
|
--exclude-dir=apache2 --exclude-dir=squid3 $template_dirs \
|
2020-10-09 17:42:51 +02:00
|
|
|
|| true
|
2020-10-09 14:57:36 +02:00
|
|
|
}
|
|
|
|
|
2020-10-06 10:06:41 +02:00
|
|
|
# Put different type of configs in different files
|
|
|
|
categorize_confs() {
|
2020-10-09 14:57:36 +02:00
|
|
|
get_template > "$confs_template"
|
2020-10-06 10:06:41 +02:00
|
|
|
get_htaccess > "$confs_htaccess"
|
|
|
|
grep -E "^${apache_dir}/sites-enabled/.*\\.conf" "$confs" > "$confs_vhost"
|
|
|
|
grep -Ev "^${apache_dir}/sites-enabled/.*\\.conf" "$confs" > "$confs_system"
|
2020-10-02 15:03:48 +02:00
|
|
|
}
|
|
|
|
|
2020-10-06 12:12:10 +02:00
|
|
|
# Takes argument: file type
|
2020-09-24 17:21:30 +02:00
|
|
|
count_directives() {
|
|
|
|
directives="Allow Order Deny Satisfy"
|
|
|
|
|
|
|
|
for directive in $directives; do
|
|
|
|
export "$directive"="$(grep -Ec "^[[:blank:]]*$directive\\s" "$1")"
|
|
|
|
done
|
2020-10-09 17:42:51 +02:00
|
|
|
# FIXME: There are probably a lot of flase negative
|
2020-10-06 12:12:10 +02:00
|
|
|
export CGI="$(grep -Ec "^[[:blank:]]*# CGI" "$1")"
|
2020-09-29 11:41:30 +02:00
|
|
|
|
2020-09-24 17:21:30 +02:00
|
|
|
# shellcheck disable=SC2154
|
2020-09-29 11:41:30 +02:00
|
|
|
if [ "$Allow" -ne 0 ] || [ "$Order" -ne 0 ] || \
|
|
|
|
[ "$Deny" -ne 0 ] || [ "$Satisfy" -ne 0 ]; then
|
2020-10-06 12:12:10 +02:00
|
|
|
export Total=$(( $Allow + $Order + $Deny + $Satisfy ))
|
|
|
|
printf "%s %d %d %d %d %d %d %s\\n" "$1" \
|
|
|
|
"$Allow" "$Order" "$Deny" "$Satisfy" "$Total" "$CGI" "$2"
|
2020-09-29 11:41:30 +02:00
|
|
|
fi
|
2020-09-24 17:21:30 +02:00
|
|
|
}
|
|
|
|
|
2020-10-06 10:02:47 +02:00
|
|
|
# Results per files
|
2020-09-29 11:08:10 +02:00
|
|
|
display_results() {
|
2020-10-02 15:02:31 +02:00
|
|
|
mv -b "$result" "$result".bak || true
|
2020-09-29 11:43:05 +02:00
|
|
|
|
2020-10-09 14:57:36 +02:00
|
|
|
# Types: Vhost, System, Htaccess, Template
|
2020-10-13 10:56:49 +02:00
|
|
|
# printf 'File\tAllow\tOrder\tDeny\tSatisfy\tTotal (directives)\tCGI\tType (V|S|H|T)\n' >&2
|
2020-10-09 15:06:05 +02:00
|
|
|
|
|
|
|
set -- \
|
|
|
|
"$confs_vhost" V \
|
|
|
|
"$confs_system" S \
|
|
|
|
"$confs_htaccess" H \
|
|
|
|
"$confs_template" T
|
|
|
|
# For each types of confs
|
|
|
|
while [ "$#" -gt 0 ]; do
|
|
|
|
# For each confs file of that type
|
|
|
|
while IFS= read -r file; do
|
2020-10-13 10:57:45 +02:00
|
|
|
count_directives "$file" "$2" >> "$result"
|
2020-10-09 15:06:05 +02:00
|
|
|
done < "$1"
|
|
|
|
shift 2
|
|
|
|
done
|
2020-10-06 12:12:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
# One line machine summary of the results
|
|
|
|
display_summary() {
|
2020-10-13 10:59:00 +02:00
|
|
|
mv -b "$summary" "$summary".bak || true
|
|
|
|
|
2020-10-09 17:42:51 +02:00
|
|
|
# Types: Vhost, System, Htaccess, Template
|
2020-10-13 10:56:49 +02:00
|
|
|
# printf 'Hostname:\tVhost\tSystem\tHtaccess\tTemplate\tTotal\tCGI\n' >&2
|
2020-10-09 17:42:51 +02:00
|
|
|
|
2020-10-13 10:57:45 +02:00
|
|
|
printf "%s " "$(hostname)"; awk -f - "$result" <<EOF > "$summary"
|
2020-10-09 17:42:51 +02:00
|
|
|
BEGIN {
|
|
|
|
total["V"] = 0;
|
|
|
|
total["S"] = 0;
|
|
|
|
total["H"] = 0;
|
|
|
|
total["T"] = 0;
|
|
|
|
cgi = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
{
|
|
|
|
total[\$NF] += \$(NF-2);
|
|
|
|
cgi += \$(NF-1);
|
|
|
|
}
|
|
|
|
|
|
|
|
END {
|
|
|
|
print total["V"] " " \
|
|
|
|
total["S"] " " \
|
|
|
|
total["H"] " " \
|
|
|
|
total["T"] " " \
|
|
|
|
total["V"] + total["S"] + total["H"] + total["T"] " " \
|
|
|
|
cgi;
|
|
|
|
}
|
|
|
|
EOF
|
|
|
|
|
2020-09-29 11:08:10 +02:00
|
|
|
}
|
2020-09-24 17:21:30 +02:00
|
|
|
|
2020-10-02 14:53:35 +02:00
|
|
|
get_confs
|
2020-10-06 10:06:41 +02:00
|
|
|
categorize_confs
|
2020-09-29 11:08:10 +02:00
|
|
|
display_results
|
2020-10-09 17:42:51 +02:00
|
|
|
display_summary
|