From f74f1317b4c1f661177aebab5a09d45e0cf1df00 Mon Sep 17 00:00:00 2001
From: David Prevot <dprevot+git@evolix.fr>
Date: Tue, 4 Oct 2022 14:03:39 +0200
Subject: [PATCH] IS_PHPMYADMINAPACHECONF: check package config

Make sure that package configuration has not been pulled in (e.g.,
/etc/apache2/conf-available/phpmyadmin.conf could be added during an
upgrade and /etc/apache2/conf-enabled/phpmyadmin.conf during an upgrade
a few years later, and thus make phpMyAdmin available in trivial URLs.
---
 linux/CHANGELOG   |  2 ++
 linux/evocheck.sh | 12 ++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/linux/CHANGELOG b/linux/CHANGELOG
index 96bef51..d3e694d 100644
--- a/linux/CHANGELOG
+++ b/linux/CHANGELOG
@@ -5,6 +5,8 @@ and this project **does not adhere to [Semantic Versioning](http://semver.org/sp
 
 ### Added
 
+* IS_PHPMYADMINAPACHECONF: check that package configuration has not been pulled in
+
 ### Changed
 
 ### Deprecated
diff --git a/linux/evocheck.sh b/linux/evocheck.sh
index 7c01da5..fb7da68 100755
--- a/linux/evocheck.sh
+++ b/linux/evocheck.sh
@@ -684,6 +684,17 @@ check_muninapacheconf() {
             && failed "IS_MUNINAPACHECONF" "default munin configuration may be commented or disabled"
     fi
 }
+# Check if default Apache configuration file for phpMyAdmin is absent (or empty or commented).
+check_phpmyadminapacheconf() {
+    phpmyadminconf0="/etc/apache2/conf-available/phpmyadmin.conf"
+    phpmyadminconf1="/etc/apache2/conf-enabled/phpmyadmin.conf"
+    if is_installed apache2; then
+        test -e $phpmyadminconf0 && grep -vEq "^( |\t)*#" "$phpmyadminconf0" \
+            && failed "IS_PHPMYADMINAPACHECONF" "default phpmyadmin configuration ($phpmyadminconf0) may be commented or disabled"
+        test -e $phpmyadminconf1 && grep -vEq "^( |\t)*#" "$phpmyadminconf1" \
+            && failed "IS_PHPMYADMINAPACHECONF" "default phpmyadmin configuration ($phpmyadminconf1) may be commented or disabled"
+    fi
+}
 # Verification de la priorité du package samba si les backports sont utilisés
 check_sambainpriority() {
     if is_debian_lenny && is_pack_samba; then
@@ -1596,6 +1607,7 @@ main() {
     test "${IS_APACHESYMLINK:=1}" = 1 && check_apachesymlink
     test "${IS_APACHEIPINALLOW:=1}" = 1 && check_apacheipinallow
     test "${IS_MUNINAPACHECONF:=1}" = 1 && check_muninapacheconf
+    test "${IS_PHPMYADMINAPACHECONF:=1}" = 1 && check_phpmyadminapacheconf
     test "${IS_SAMBAPINPRIORITY:=1}" = 1 && check_sambainpriority
     test "${IS_KERNELUPTODATE:=1}" = 1 && check_kerneluptodate
     test "${IS_UPTIME:=1}" = 1 && check_uptime