Fix various shellcheck violations

This commit is contained in:
Jérémy Dubois 2022-06-16 17:25:52 +02:00
parent 962eefe3d7
commit e5d1dc96bb
11 changed files with 42 additions and 53 deletions

View File

@ -29,7 +29,7 @@ mkdir -p "${_TMPDIR}"
# Don't try to run if it's already running
if [ -e "${_PIDFILE}" ]; then
echo "$(date)" >> "${_TMPDIR}"/log
date >> "${_TMPDIR}"/log
exit 1
else
echo $$ >> "${_PIDFILE}"
@ -46,16 +46,14 @@ fi
# List peers and loops on them to list them and their BGP state
bgpctl show neighbor | grep Description {{ bgp_exclude_grep_command }} | sed s,\ Description:\ ,,g > "${_TMPDIR}"/peers-list
while read _PEER
while read -r _PEER
do
_STATUS=$(/usr/sbin/bgpctl show neighbor "${_PEER}" | grep state | awk '{print $4}' |tr -d ',')
echo -n "${_PEER}" >> "${_TMPDIR}"/bgp-status
echo -n " " >> "${_TMPDIR}"/bgp-status
# we note only if it's established or not
if ! [[ "${_STATUS}" = "Established" ]] ; then
_STATUS="NotEstablished"
fi
echo "${_STATUS}" >> "${_TMPDIR}"/bgp-status
echo "${_PEER} ${_STATUS}" >> "${_TMPDIR}"/bgp-status
done <"${_TMPDIR}"/peers-list
@ -74,7 +72,7 @@ mkdir -p "${_TMPMAILDIR}"
# go through sessions and list them depending on their BGP state
echo "*** Session(s) OK ***\n" >> "${_TMPMAILDIR}"/bodyok
while read _LINE
while read -r _LINE
do
# _LINE is session + status
_STATUS=$(echo "${_LINE##* }")

View File

@ -48,15 +48,13 @@ if [ -z "$2" ];then
fi
# check if the carp interface exists or not
ifconfig $1 > /dev/null
if [ $? != "0" ];then
if ! ifconfig "$1" > /dev/null; then
echo "carp interface $1 does not exist. Exiting ...."
exit "$STATE_CRITICAL"
fi
# check state
ifconfig $1 | grep -i $2 > /dev/null
if [ $? != "0" ];then
if ! ifconfig "$1" | grep -i "$2" > /dev/null; then
echo "NOT_OK - $1 should be $2"
exit "$STATE_CRITICAL"
else

View File

@ -26,8 +26,7 @@ fi
# If main connection is UP but not used => critical and continue
# If main connection is DOWN (used or not) => warning and exit
/sbin/ping -c1 -w1 ${MAIN_CONNECTION_PINGABLE_IP} >/dev/null 2>&1
if [ $? = 0 ]; then
if /sbin/ping -c1 -w1 ${MAIN_CONNECTION_PINGABLE_IP} >/dev/null 2>&1; then
if [ "${CURRENT_GATEWAY}" != "${MAIN_CONNECTION_GATEWAY}" ]; then
echo "Main connection is UP but not used as gateway !"
STATE=2
@ -42,16 +41,14 @@ else
fi
# If second connection is DOWN => critical and continue
/sbin/ping -c1 -w1 ${SECOND_CONNECTION_PINGABLE_IP} >/dev/null 2>&1
if [ $? != 0 ]; then
if ! /sbin/ping -c1 -w1 ${SECOND_CONNECTION_PINGABLE_IP} >/dev/null 2>&1; then
echo "Second connection (${INFO_SECOND_CONNECTION}) is down"
STATE=2
fi
# Check whether /etc/mygate has the IP of main connection
if [ "${IS_GATEWAY_IN_FILE}" = 1 ]; then
/usr/bin/grep -q "${MAIN_CONNECTION_GATEWAY}" /etc/mygate
if [ $? != 0 ]; then
if ! /usr/bin/grep -q "${MAIN_CONNECTION_GATEWAY}" /etc/mygate; then
echo "Main connection is not set in /etc/mygate"
STATE=2
fi
@ -59,8 +56,7 @@ fi
# Check whether ipsecctl use the main connection
if [ "${IS_VPN_USING_MAIN_CONNECTION}" = 1 ]; then
/sbin/ipsecctl -sa | /usr/bin/grep -q "${MAIN_CONNECTION_IP}"
if [ $? != 0 ]; then
if ! /sbin/ipsecctl -sa | /usr/bin/grep -q "${MAIN_CONNECTION_IP}"; then
echo "VPN is not using the main connection !"
STATE=2
fi
@ -68,8 +64,7 @@ fi
# Check whether PacketFilter has route-to using the main connection
if [ "${IS_PF_USING_MAIN_CONNECTION}" = 1 ]; then
/sbin/pfctl -sr | /usr/bin/grep "route-to" | /usr/bin/grep -q "${MAIN_CONNECTION_GATEWAY}"
if [ $? != 0 ]; then
if ! /sbin/pfctl -sr | /usr/bin/grep "route-to" | /usr/bin/grep -q "${MAIN_CONNECTION_GATEWAY}"; then
echo "PF is not using the main connection !"
STATE=2
fi

View File

@ -2,19 +2,19 @@
IPSECCTL="/sbin/ipsecctl -s sa"
STATUS=0
LINE1=`$IPSECCTL | grep "from $1 to $2" `
$IPSECCTL | grep -q "from $1 to $2"
if [ $? -eq 1 ]; then
STATUS=2;
OUTPUT1="No VPN from $1 to $2 "
fi
LINE2=`$IPSECCTL | grep "from $2 to $1" `
$IPSECCTL | grep -q "from $2 to $1"
if [ $? -eq 1 ]; then
STATUS=2;
OUTPUT2="No VPN from $2 to $1"
fi
if [ $STATUS -eq 0 ]; then
if [ "$STATUS" -eq 0 ]; then
echo "VPN OK - $3 is up"
exit $STATUS
else

View File

@ -12,7 +12,7 @@ STATUS=0
VPN_KO=""
default_int=$(route -n show -inet | grep default | awk '{ print $8 }' | grep -v pppoe0)
default_ip=$(ifconfig $default_int | grep inet | head -1 | awk '{ print $2 }')
default_ip=$(ifconfig "$default_int" | grep inet | head -1 | awk '{ print $2 }')
# No check if CARP backup
@ -40,11 +40,10 @@ fi
# Check with "ipsecctl -sa"
for vpn in $(cat /etc/ipsec.conf | grep -v "^#" | awk '{print $2}'); do
vpn=$(basename $vpn .conf\")
vpn=$(basename "$vpn" .conf\")
local_ip=$default_ip
remote_ip=$(grep -E "remote_ip" /etc/ipsec/${vpn}.conf | grep -v "^#" | grep -o "[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*")
$CHECK_IPSECCTL $local_ip $remote_ip "$vpn" > /dev/null
if [ $? -ne 0 ]; then
remote_ip=$(grep -E "remote_ip" /etc/ipsec/"${vpn}".conf | grep -v "^#" | grep -o "[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*")
if ! "$CHECK_IPSECCTL" "$local_ip" "$remote_ip" "$vpn" > /dev/null; then
STATUS=2
VPN_KO="$VPN_KO $vpn"
fi
@ -67,12 +66,12 @@ if [ $STATUS -eq 0 ]; then
for vpn in $VPNS; do
# dst_ip takes the value of VPNS_IP
eval dst_ip=\$${vpn}_IP
eval dst_ip=\$"${vpn}"_IP
# Definition of the source IP of the ping according to the source network used (our side, adjust the -I option)
case $vpn in
*vlan1*) ping -q -i 0.1 -I 192.168.5.5 -c 3 -w 1 $dst_ip >/dev/null ;;
*vlan2*) ping -q -i 0.1 -I 172.16.2.5 -c 3 -w 1 $dst_ip >/dev/null ;;
*vlan1*) ping -q -i 0.1 -I 192.168.5.5 -c 3 -w 1 "$dst_ip" >/dev/null ;;
*vlan2*) ping -q -i 0.1 -I 172.16.2.5 -c 3 -w 1 "$dst_ip" >/dev/null ;;
esac
if [ $? -ne 0 ]; then

View File

@ -4,7 +4,7 @@
carp=$(/sbin/ifconfig carp0 | /usr/bin/grep 'status' |cut -d' ' -f2)
if [ $carp = 'backup' ]; then
if [ "$carp" = 'backup' ]; then
echo "No check, I'm a backup"
return 0
else

View File

@ -10,10 +10,10 @@ _CRTICAL_STATES_LIMIT=$((_MAX_STATES_LIMIT*65/100))
_CHECK_STATES=$(/sbin/pfctl -si | /usr/bin/grep current | awk '{print $3}')
if [ $_CHECK_STATES -lt $_WARNING_STATES_LIMIT ];then
if [ "$_CHECK_STATES" -lt "$_WARNING_STATES_LIMIT" ];then
echo "OK: States number ($_CHECK_STATES) is below threshold (warn : $_WARNING_STATES_LIMIT / crit : $_CRTICAL_STATES_LIMIT / max : $_MAX_STATES_LIMIT)"
exit "$STATE_OK"
elif [ $_CHECK_STATES -ge $_WARNING_STATES_LIMIT ] && [ $_CHECK_STATES -lt $_CRTICAL_STATES_LIMIT ];then
elif [ "$_CHECK_STATES" -ge "$_WARNING_STATES_LIMIT" ] && [ "$_CHECK_STATES" -lt "$_CRTICAL_STATES_LIMIT" ];then
echo "WARNING: States number is $_CHECK_STATES (threshold WARNING = $_WARNING_STATES_LIMIT, max = $_MAX_STATES_LIMIT)"
exit "$STATE_WARNING"
else

View File

@ -29,7 +29,7 @@ mkdir -p "${_TMPDIR}"
# Don't try to run if it's already running
if [ -e "${_PIDFILE}" ]; then
echo "$(date)" >> "${_TMPDIR}"/log
date >> "${_TMPDIR}"/log
exit 1
else
echo $$ >> "${_PIDFILE}"
@ -46,12 +46,12 @@ fi
# List peers and loops on them to list them and their OSPF6 state
ospf6ctl show neighbor | grep -v "^$" | grep -v "Uptime" | awk {'print $1'} > "${_TMPDIR}"/peers-list
while read _PEER
while read -r _PEER
do
_STATUS=$(/usr/sbin/ospf6ctl show neighbor | grep "${_PEER} " | awk {'print $3'})
echo -n "${_PEER}" >> "${_TMPDIR}"/ospf6-status
echo -n " " >> "${_TMPDIR}"/ospf6-status
if ([[ "${_STATUS}" = "FULL/BCKUP" ]] || [[ "${_STATUS}" = "FULL/DR" ]] || [[ "${_STATUS}" = "2-WAY/OTHER" ]] || [[ "${_STATUS}" = "FULL/OTHER" ]]) ; then
if [[ "${_STATUS}" = "FULL/BCKUP" ]] || [[ "${_STATUS}" = "FULL/DR" ]] || [[ "${_STATUS}" = "2-WAY/OTHER" ]] || [[ "${_STATUS}" = "FULL/OTHER" ]] ; then
_STATUS="UP"
else
_STATUS="DOWN"
@ -75,7 +75,7 @@ mkdir -p "${_TMPMAILDIR}"
# go through sessions and list them depending on their OSPF6 state
echo "*** Session(s) OK ***\n" >> "${_TMPMAILDIR}"/bodyok
while read _LINE
while read -r _LINE
do
# _LINE is session + status
_STATUS=$(echo "${_LINE}" | awk {'print $2'})

View File

@ -29,7 +29,7 @@ mkdir -p "${_TMPDIR}"
# Don't try to run if it's already running
if [ -e "${_PIDFILE}" ]; then
echo "$(date)" >> "${_TMPDIR}"/log
date >> "${_TMPDIR}"/log
exit 1
else
echo $$ >> "${_PIDFILE}"
@ -46,12 +46,12 @@ fi
# List peers and loops on them to list them and their OSPF state
ospfctl show neighbor | grep -v "^$" | grep -v "Uptime" | awk {'print $1'} > "${_TMPDIR}"/peers-list
while read _PEER
while read -r _PEER
do
_STATUS=$(/usr/sbin/ospfctl show neighbor | grep "${_PEER} " | awk {'print $3'})
echo -n "${_PEER}" >> "${_TMPDIR}"/ospf-status
echo -n " " >> "${_TMPDIR}"/ospf-status
if ([[ "${_STATUS}" = "FULL/BCKUP" ]] || [[ "${_STATUS}" = "FULL/DR" ]] || [[ "${_STATUS}" = "2-WAY/OTHER" ]] || [[ "${_STATUS}" = "FULL/OTHER" ]]) ; then
if [[ "${_STATUS}" = "FULL/BCKUP" ]] || [[ "${_STATUS}" = "FULL/DR" ]] || [[ "${_STATUS}" = "2-WAY/OTHER" ]] || [[ "${_STATUS}" = "FULL/OTHER" ]] ; then
_STATUS="UP"
else
_STATUS="DOWN"
@ -75,7 +75,7 @@ mkdir -p "${_TMPMAILDIR}"
# go through sessions and list them depending on their OSPF state
echo "*** Session(s) OK ***\n" >> "${_TMPMAILDIR}"/bodyok
while read _LINE
while read -r _LINE
do
# _LINE is session + status
_STATUS=$(echo "${_LINE}" | awk {'print $2'})

View File

@ -1,6 +1,6 @@
#!/bin/sh
VERSION=22.01
VERSION=22.06
if [ ! -f /etc/motd-original ]; then
cp /etc/motd /etc/motd-original
@ -18,7 +18,7 @@ ifconfig carp0 | grep -q backup
backup=$?
if [ "$master" -eq 0 ]; then
if [ $(cat /tmp/carp.state) = "master" ]; then
if [ "$(cat /tmp/carp.state)" = "master" ]; then
# We already were master, no change
exit 0
fi
@ -32,7 +32,7 @@ cat /etc/motd-original - << EOF > /etc/motd
EOF
echo "master" > /tmp/carp.state
elif [ "$backup" -eq 0 ]; then
if [ $(cat /tmp/carp.state) = "backup" ]; then
if [ "$(cat /tmp/carp.state)" = "backup" ]; then
# We already were backup, no change
exit 0
fi

View File

@ -8,13 +8,13 @@ computerIP=$(ifconfig egress | grep inet | awk -v OFS="\n" '{ print $2, $NF }'|
computerKernel=$(sysctl kern.osrelease | sed 's#kern.osrelease=##')
computerOS="OpenBSD $computerKernel"
HardwareSerial=$(sysctl hw.serialno 2>/dev/null | sed 's#hw.serialno=##')
if [ -z $HardwareSerial ]; then sysctl hw | grep -qi qemu && HardwareSerial="Not Specified"; fi
if [ -z "$HardwareSerial" ]; then sysctl hw | grep -qi qemu && HardwareSerial="Not Specified"; fi
clientNumber="{{ client_number | mandatory }}"
monitoringMode="{{ monitoring_mode | mandatory }}"
cpuMark=$(sysctl hw.model| sed 's#hw.model=##')
cpuModel=$(sysctl hw.model| sed 's#hw.model=##')
cpuFreq=$(sysctl hw.cpuspeed| sed 's#hw.cpuspeed=##')
mem=$(expr $(sysctl hw.physmem| sed 's#hw.physmem=##') / 1000000)Mo
mem="$(($(sysctl hw.physmem | sed 's#hw.physmem=##') / 1000000))"Mo
eth0Mark=unknown
eth0Model=unknown
eth0MAC=$(ifconfig egress | awk -v OFS="\n" '{ print $2, $NF }' | head -3 | tail -1)
@ -25,19 +25,18 @@ sdaSize=100G
sdaModel=unknown
swap=unknown
nrpeVersion=$(pkg_info nrpe | head -1 | sed 's/Information for inst://')
openvpnVersion=$(pkg_info openvpn | head -1 | sed 's/Information for inst://')
opensshFingerprintRSA=$(ssh-keyscan -t rsa localhost 2>/dev/null\
| sed -e 's/localhost //' -e 's/ssh-rsa /ssh-rsa,/')
opensshFingerprintED25519=$(ssh-keyscan -t ed25519 localhost 2>/dev/null\
| sed -e 's/localhost //' -e 's/ssh-ed25519 /ssh-ed25519,/')
opensshFingerprintECDSA=$(ssh-keyscan -t ecdsa-sha2-nistp256 localhost 2>/dev/null\
| sed -e 's/localhost //' -e 's/ecdsa-sha2-nistp256 /ecdsa-sha2-nistp256,/')
Fingerprint="${opensshFingerprintRSA}${opensshFingerprintRSA:+;}"\
"${opensshFingerprintED25519}${opensshFingerprintED25519:+;}${opensshFingerprintECDSA}"
Fingerprint="${opensshFingerprintRSA}${opensshFingerprintRSA:+;}\
${opensshFingerprintED25519}${opensshFingerprintED25519:+;}${opensshFingerprintECDSA}"
ldif_file="/root/${EvoComputerName}.$(date +"%Y%m%d%H%M%S").ldif"
cat<<EOT>${ldif_file}
cat<<EOT>"${ldif_file}"
# ldapvi --profile evolix --add --in ${ldif_file}
dn: EvoComputerName=${EvoComputerName},ou=computer,dc=evolix,dc=net
@ -150,8 +149,8 @@ ServiceVersion: packetfilter
EOT
if egrep -q 'sd.*RAID' /var/run/dmesg.boot; then
cat<<EOT>>${ldif_file}
if grep -Eq 'sd.*RAID' /var/run/dmesg.boot; then
cat<<EOT>>"${ldif_file}"
dn: ServiceName=bioctl,EvoComputerName=${EvoComputerName},ou=computer,dc=evolix,dc=net
objectClass: EvoService
NagiosEnabled: TRUE