From a9cbeca7cc9debfb63abb594f2db454e71c96a90 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beno=C3=AEt=20S=C3=89RIE?= <bserie@evolix.fr>
Date: Tue, 14 Nov 2017 17:34:41 +0100
Subject: [PATCH] Use group evolinux-sudo for Debian >=9

---
 evocheck.sh | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/evocheck.sh b/evocheck.sh
index 9fdf44d..e98635c 100755
--- a/evocheck.sh
+++ b/evocheck.sh
@@ -742,14 +742,20 @@ if [ "$IS_SSHPERMITROOTNO" = 1 ]; then
 fi
 
 if [ "$IS_EVOMAINTENANCEUSERS" = 1 ]; then
-    if [ -f /etc/sudoers.d/evolinux ]; then
-        sudoers="/etc/sudoers.d/evolinux"
+    if ! is_debianversion stretch; then
+        if [ -f /etc/sudoers.d/evolinux ]; then
+            sudoers="/etc/sudoers.d/evolinux"
+        else
+            sudoers="/etc/sudoers"
+        fi
+        for i in $( (grep "^User_Alias *ADMIN" $sudoers | cut -d= -f2 | tr -d " "; grep ^sudo /etc/group |cut -d: -f 4) | tr "," "\n" |sort -u); do
+            grep -q "^trap.*sudo.*evomaintenance.sh" /home/$i/.*profile || echo 'IS_EVOMAINTENANCEUSERS FAILED!'
+        done
     else
-        sudoers="/etc/sudoers"
+        for i in $(getent group evolinux-sudo | cut -d':' -f4 | tr ',' ' '); do 
+            grep -q "^trap.*sudo.*evomaintenance.sh" /home/$i/.*profile || echo 'IS_EVOMAINTENANCEUSERS FAILED!'
+        done
     fi
-    for i in $( (grep "^User_Alias *ADMIN" $sudoers | cut -d= -f2 | tr -d " "; grep ^sudo /etc/group |cut -d: -f 4) | tr "," "\n" |sort -u); do
-        grep -q "^trap.*sudo.*evomaintenance.sh" /home/$i/.*profile || echo 'IS_EVOMAINTENANCEUSERS FAILED!'
-    done
 fi
 
 # Verification de la configuration d'evomaintenance