Browse Source

Install default check_policy file on init

master
Jérémy Lecour 2 days ago
committed by Jérémy Lecour
parent
commit
21f4544016
4 changed files with 24 additions and 3 deletions
  1. +1
    -0
      CHANGELOG.md
  2. +10
    -3
      lib/includes
  3. +10
    -0
      test/main.bats
  4. +3
    -0
      tpl/check_policy.tpl

+ 1
- 0
CHANGELOG.md View File

@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Added
* bkctld-init: install check_policy template
* test: bkctld check-incs shouldn't fail without incs_policy file
### Changed


+ 10
- 3
lib/includes View File

@ -374,13 +374,20 @@ setup_jail_config() {
info "4 - Copie default sshd_config"
install -m 0640 "${sshd_config_tpl}" "${jail_sshd_config}"
inctpl="${TPLDIR}/inc.tpl"
test -f "${LOCALTPLDIR}/inc.tpl" && inctpl="${LOCALTPLDIR}/inc.tpl"
info "5 - Copie default inc configuration"
inc_policy_tpl="${TPLDIR}/inc.tpl"
test -f "${LOCALTPLDIR}/inc.tpl" && inc_policy_tpl="${LOCALTPLDIR}/inc.tpl"
jail_incs_policy_file=$(jail_incs_policy_file "${jail_name}")
mkdir --parents "$(dirname "${jail_incs_policy_file}")"
install -m 0640 "${inctpl}" "${jail_incs_policy_file}"
install -m 0640 "${inc_policy_tpl}" "${jail_incs_policy_file}"
check_policy_tpl="${TPLDIR}/check_policy.tpl"
test -f "${LOCALTPLDIR}/check_policy.tpl" && check_policy_tpl="${LOCALTPLDIR}/check_policy.tpl"
jail_check_policy_file=$(jail_check_policy_file "${jail_name}")
mkdir --parents "$(dirname "${jail_check_policy_file}")"
install -m 0640 "${check_policy_tpl}" "${jail_check_policy_file}"
"${LIBDIR}/bkctld-port" "${jail_name}" auto
}


+ 10
- 0
test/main.bats View File

@ -15,6 +15,16 @@ load test_helper
fi
}
@test "New jail should have a incs_policy file" {
run test -f "/etc/evobackup/${JAILNAME}.d/incs_policy"
assert_success
}
@test "New jail should have a check_policy file" {
run test -f "/etc/evobackup/${JAILNAME}.d/check_policy"
assert_success
}
@test "A jail should be able to be started" {
/usr/lib/bkctld/bkctld-start "${JAILNAME}"
pid=$(cat "${JAILPATH}/${SSHD_PID}")


+ 3
- 0
tpl/check_policy.tpl View File

@ -0,0 +1,3 @@
## Uncomment and adapt thresholds (values are in hours)
# WARNING=24
# CRITICAL=48

Loading…
Cancel
Save