From f10ebe8cd6e9cf9079f8a49849cb1c6fedf9a592 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Thu, 28 Jul 2022 13:38:33 +0200
Subject: [PATCH] evocheck: upstream release 22.07

---
 CHANGELOG.md               |  1 +
 evocheck/files/evocheck.sh | 17 +++++++++++++----
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 627bbd3a..21319b1a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 
 ### Changed
 
+* evocheck: upstream release 22.07
 * evomaintenance: upstream release 22.07
 * mongodb: replace version_compare() with version()
 * nagios-nrpe: check_disk1 returns only alerts
diff --git a/evocheck/files/evocheck.sh b/evocheck/files/evocheck.sh
index 81c18061..1bc54d79 100644
--- a/evocheck/files/evocheck.sh
+++ b/evocheck/files/evocheck.sh
@@ -4,7 +4,7 @@
 # Script to verify compliance of a Debian/OpenBSD server
 # powered by Evolix
 
-VERSION="22.06.2"
+VERSION="22.07"
 readonly VERSION
 
 # base functions
@@ -610,6 +610,14 @@ check_evobackup() {
     evobackup_found=$(find /etc/cron* -name '*evobackup*' | wc -l)
     test "$evobackup_found" -gt 0 || failed "IS_EVOBACKUP" "missing evobackup cron"
 }
+# Vérification de la mise en place de la purge pour fail2ban
+check_purge_fail2ban() {
+    if is_debian_stretch || is_debian_buster; then
+      if is_installed fail2ban; then
+        test -f /etc/cron.daily/fail2ban_dbpurge || failed "IS_FAIL2BAN_PURGE" "missing script fail2ban_dbpurge cron"
+      fi
+    fi
+}
 # Vérification de l'exclusion des montages (NFS) dans les sauvegardes
 check_evobackup_exclude_mount() {
     excludes_file=$(mktemp --tmpdir="${TMPDIR:-/tmp}" "evocheck.evobackup_exclude_mount.XXXXX")
@@ -970,7 +978,7 @@ check_mongo_backup() {
         # You could change the default path in /etc/evocheck.cf
         MONGO_BACKUP_PATH=${MONGO_BACKUP_PATH:-"/home/backup/mongodump"}
         if [ -d "$MONGO_BACKUP_PATH" ]; then
-            for file in "${MONGO_BACKUP_PATH}"/*/*.{json,bson}.*; do
+            for file in "${MONGO_BACKUP_PATH}"/*/*.{json,bson}*; do
                 # Skip indexes file.
                 if ! [[ "$file" =~ indexes ]]; then
                     limit=$(date +"%s" -d "now - 2 day")
@@ -1227,8 +1235,8 @@ check_sshpermitrootno() {
         # -T doesn't require the additional -C.
 	sshd_args=
     fi
-    # XXX: We want parameter expension here
-    if ! (sshd -T $sshd_args | grep -q 'permitrootlogin no'); then
+    # shellcheck disable=SC2086
+    if ! (sshd -T ${sshd_args} | grep -q 'permitrootlogin no'); then
        failed "IS_SSHPERMITROOTNO" "PermitRoot should be set to no"
     fi
 }
@@ -1810,6 +1818,7 @@ while :; do
             IS_UPTIME=0
             IS_MELTDOWN_SPECTRE=0
             IS_CHECK_VERSIONS=0
+            IS_NETWORKING_SERVICE=0
             ;;
         -v|--verbose)
             VERBOSE=1