evolix/evocheck
evolix/evocheck
21
2
Fork 2
Code Issues 48 Pull requests 5 Releases 37 Wiki Activity
407 commits 21 branches 50 tags 1.5 MiB
Commit graph

331 commits

Author SHA1 Message Date
Jérémy Lecour 8aadbed4de Don't limit to Lenny 
This test doesn't seem to be limited to Lenny, so we should check for 
all backports
 2019-03-23 02:36:41 +01:00
Jérémy Lecour c2fda32d0d extract main conditional 2019-03-23 02:36:41 +01:00
Jérémy Lecour 3b8617b20c use grep -s instead of redirecting stderr 2019-03-23 02:36:41 +01:00
Jérémy Lecour 7cb7a47be7 improve readability 2019-03-23 02:36:41 +01:00
Jérémy Lecour 0afdfbf3a1 Use braces instead for command grouping. 
It avoids subshells
 2019-03-23 02:36:40 +01:00
Jérémy Lecour 9658e531ad quotes 2019-03-23 02:36:40 +01:00
Jérémy Lecour 2267b79618 remove unused IS_TOOMUCHDEBIANSYSMAINT 2019-03-23 02:36:40 +01:00
Jérémy Lecour fc3d2e28cf APACHEMUNIN: muunin config can be in other files 2019-03-23 02:36:40 +01:00
Jérémy Lecour a4c1629912 verbose comments for RAID checks 2019-03-23 02:36:40 +01:00
Jérémy Lecour d51c64d410 reorganize IS_APACHEMUNIN 2019-03-23 02:36:40 +01:00
Jérémy Lecour 3353096ebe don't use a sub shell for IS_REPVOLATILE 2019-03-23 02:36:40 +01:00
Jérémy Lecour 366fc03237 print duplicate labels on a single line 2019-03-23 02:36:40 +01:00
Jérémy Lecour 9b31ab030e fix "is_debian_lenny" 2019-03-23 02:36:40 +01:00
Jérémy Lecour 2ad82591f3 test if it's a file, to ignore directories 2019-03-23 02:36:40 +01:00
Jérémy Lecour c3b4efd71e fix debian version detection for IS_LSBRELEASE 2019-03-23 02:36:40 +01:00
Jérémy Lecour e525141ae4 move VERBOSE block to log comment 2019-03-23 02:36:40 +01:00
Jérémy Lecour 419ecbc10f fix conditions grouping 2019-03-23 02:36:40 +01:00
Jérémy Lecour 367756d6b2 variables extraction 2019-03-23 02:36:40 +01:00
Jérémy Lecour 99ddd1a05c better test ordering 2019-03-23 02:36:40 +01:00
Jérémy Lecour 3e14210a0b extract if 2019-03-23 02:36:40 +01:00
Jérémy Lecour 9dcdd8202e more permissions check with stat 2019-03-23 02:36:40 +01:00
Jérémy Lecour 057cb7026a even more quotes 2019-03-23 02:36:40 +01:00
Jérémy Lecour 0fc9d0921e grep can count occurrences too 2019-03-23 02:36:40 +01:00
Jérémy Lecour ae12b37c7f add verbose comments for IS_BACKPORTSCONF 2019-03-23 02:36:40 +01:00
Jérémy Lecour 830db4743c more quotes 2019-03-23 02:36:40 +01:00
Jérémy Lecour 38b0342d0c use stat instead of ls -l | grep 2019-03-23 02:36:10 +01:00
Jérémy Lecour 00311e8f0e quote 2019-03-23 02:36:10 +01:00
Jérémy Lecour fa79f1d1a8 big cleanup 
* tests organization
* shellcheck conventions
* variables extractions
* quotes and indentations
 2019-03-23 02:36:10 +01:00
Jérémy Lecour 2c44db77a3 replace `` with $()
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2019-03-23 02:30:18 +01:00
Jérémy Lecour 720ea03b0c Add IS_LSBRELEASE check 2019-03-23 02:29:24 +01:00
Jérémy Lecour 36fa3af815 replace old-fashioned tests with functions 2019-03-23 02:29:24 +01:00
Jérémy Lecour d3cb743f76 MINIFW_FILE for Debian Lenny 2019-03-23 02:28:53 +01:00
Jérémy Lecour 1b4b2a2ff8 workaround possibly missing lsb_release command 2019-03-23 02:28:53 +01:00
Jérémy Lecour 9c4a40b585 optimize OS/release/version detection 2019-03-23 02:28:53 +01:00
Jérémy Lecour da2b48d792 no tabs, but 4 spaces
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2019-03-21 21:19:53 +01:00
Jérémy Lecour b7ce862073 fix indentation levels 2019-03-21 21:15:48 +01:00
Jérémy Lecour f3caffc9d5 Improve logging with optional verbose comment (#71)
Some checks failed
continuous-integration/drone/push Build is failing
Details
2019-03-21 14:27:34 +01:00
Benoît S. 7cc422974a IS_NOTUPGRADED: Better detection of upgrades
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details 
Fix #66
 2019-03-05 11:27:53 +01:00
Benoît S. cf8ad6c4d8 Merge branch '62-IS_NOTUPGRADED-quiet-grep' of evolix/evocheck into master 2019-02-22 10:31:38 +01:00
Benoît S. f783d2bb3f Quiet grep by adding -s 
Otherwhise it would ouput
`grep: /etc/evolinux/listupgrade.cnf: No such file or directory`.
 2019-02-21 15:59:21 +01:00
Benoît S. a6ee33004e Closes #59 IS_MYSQLUTILS: Fixed wrong logic (#60) 2019-02-20 17:52:30 +01:00
Benoît S. 3f0b40e34e Merge branch '54-fixes-IS_LISTCHANGESCONF-verbose-mode' of evolix/evocheck into master 2019-02-19 15:07:24 +01:00
Benoît S. 65c97eb7be Fixes and closes #29 by adding silent grep 2019-02-19 11:24:01 +01:00
Benoît S. 62bcb5a71d Fixes #54 by refactoring IS_LISTCHANGESCONF 
Verbose mode previously added was misbehaving.
Also refactored the code for more readability.
 2019-02-19 10:43:51 +01:00
Benoît S. 9be91392f3 Merge branch 'IS_EVOLIX_USER-do-not-use-getent' of evolix/evocheck into master 2019-02-14 11:19:32 +01:00
Benoît S. 2fe9d4ea0e Merge branch 'IS_BACKPORTSCONF-really-quiet-grep' of evolix/evocheck into master 2019-02-14 11:19:19 +01:00
Benoît S. 7ccf640e4c Merge branch 'IS_DUPLICATE_FS_LABEL-exclude-EFI_SYSPART' of evolix/evocheck into master 2019-02-14 11:18:57 +01:00
Benoît S. b7c3b3fadc Merge branch 'IS_DUPLICATE_FS_LABEL-add-verbose-mode' of evolix/evocheck into master 2019-02-14 11:18:41 +01:00
Benoît S. 38c8c75248 IS_EVOLIX_USER: Do not use getent 
Why? Because of LDAP. It is normal to have an evolix user in LDAP but not in
`/etc/passwd`.
 2019-02-12 12:48:28 +01:00
Benoît S. 1aad813663 IS_BACKPORTSCONF: Quiet grep and better readability 
Added `-s` to grep to not have error messages like:
`grep: /etc/apt/preferences.d/*: No such file or directory`
And don't use `2>/dev/null` as there is `-s` grep option!

Added if condition for better readability of the code.
 2019-02-12 12:38:11 +01:00
Benoît S. 77afe63bc5 IS_DUPLICATE_FS_LABEL: Exclude EFI_SYSPART 
EFI_SYSPART is (and should be) on all disks when using soft raid.
 2019-02-12 12:10:42 +01:00
Benoît S. a099ba5f40 IS_DUPLICATE_FS_LABEL: Add verbose mode 2019-02-12 12:03:59 +01:00
Benoît S. 1a3e1615a8 Fix #42 By using better logic 
If the system hasn't received any upgrade, check the install date.
 2019-02-12 11:48:56 +01:00
Benoît S. a9d26a49b4 Merge branch 'verbose-islistchangesconf' of evolix/evocheck into master 2019-02-01 14:41:16 +01:00
Jérémy Lecour f3b5e8f9b7 echo needs to be there only once 2019-01-30 18:06:28 +01:00
Jérémy Lecour 83f4b01789 Add verbose message for IS_LISTCHANGESCONF 2019-01-30 17:49:57 +01:00
Victor Laborie fd5b9cd86c Merge branch 'IS_EVOMAINTENANCEUSERS-verbose-mode' of evolix/evocheck into master 2019-01-25 11:32:21 +01:00
Benoît S. fbce70f906 New version of IS_EVOMAINTENANCEUSERS 
Verbose mode added
Break added
Better readability
 2019-01-25 11:11:16 +01:00
Benoît S. d1317eb087 This new version exclude .bak and .date directories. 2019-01-25 10:40:51 +01:00
Benoît S. 5fc78550f3 Better readability and verbose messages 2019-01-18 15:14:40 +01:00
Benoît S. fd11189400 Merge branch 'master' into 17-IS_MYSQLUTILS-with-oracle-MySQL5.7 2019-01-18 14:50:12 +01:00
Benoît S. 0a3ae1ceca Merge branch '47-is_notupgraded-var-log-evolinux-00_prepare_system-log-is-deprecated' 2019-01-17 15:30:55 +01:00
Victor LABORIE 671bdbd92b Rewrite IS_OLD_HOME_DIR with find (fix output order in verbose mode) 2019-01-17 11:55:51 +01:00
Victor LABORIE 6bfe6eb9a7 Fix odd return line in verbose mode 2019-01-17 11:02:44 +01:00
Victor LABORIE 3cfa884a6f Add a verbose function and use it for some checks (Fix #30) 2019-01-16 17:10:51 +01:00
Victor Laborie c15f959c22 Merge branch '25-Detect-old-home-dir' of evolix/evocheck into master 2019-01-16 16:48:23 +01:00
Benoît S. d027b521a6 Missing underscore 2019-01-16 15:58:46 +01:00
Benoît S. a4c3916545 Fix issue #17 
- `MYSQL_ADMIN` is now a variable because some installation doesn't have `mysqladmin`
user.
- `/usr/bin/mytop` or `/usr/local/bin/mytop` are checked.
 2019-01-16 15:20:03 +01:00
Benoît S. d338fc7e9b Fix #14 by adding a break 
We need to break to display only one error message.
 2019-01-16 14:24:35 +01:00
Benoît S. 48561592ee Replace and condition by or condition 
Check install_date or last_upgrade, because if you never upgraded you will
never match the limit
 2019-01-16 14:12:12 +01:00
Benoît S. 288d26366a Implement #25 
We loop through directories in /home and see ig the owner has a resolvable ID.
 2019-01-16 13:47:49 +01:00
Victor LABORIE 96336afca5 Detect comment for IS_BACKPORTSCONF (Fix #28) 2018-12-21 15:52:17 +01:00
Victor LABORIE db1d4e4aae Add a break to IS_PRIVKEYWOLRDREADABLE (Fix #19) 2018-12-21 15:29:20 +01:00
Victor LABORIE 7179cfefc8 Remove "No such file or directory" error on IS_NOTUPGRADED check 2018-12-21 15:22:30 +01:00
Victor LABORIE 22d835b733 Follow symlink for IS_PRIVKEYWOLRDREADABLE check 2018-12-19 16:18:50 +01:00
Benoît S. 956877442a WIP: Removes /var/log/evolinux/00_prepare_system.log 
TODO: Workaround in special case when the server was never installed
TODO: be sure that the final check with and logic is OK.
 2018-09-14 15:52:08 +02:00
Jérémy Lecour ffecb8a7c4 grep regular expressions must be quoted 2018-08-17 15:26:55 +02:00
Jérémy Lecour 87d98dc8d0 Evocheck detects installed packages even if they are "held" by APT. 2018-08-17 14:57:25 +02:00
Gregory Colpart 38beacc87b Improve IS_EVOMAINTENANCE_FW : lower rules number to 2 
Closes #42
 2018-07-27 01:53:27 +02:00
Benoît S. cd38bbaab4 IS_EVOACME_LIVELINKS: Add a condition when there is no certificates 2018-07-05 10:19:43 +02:00
Benoît S. 08b5ae0819 Fix: IS_APACHE_CONFENABLED only when apache2.conf exists. 2018-07-02 15:41:15 +02:00
Benoît S. 7ddb75fb5b Fix: IS_APACHE_CONFENABLED is only for Jessie or Stretch 2018-06-29 14:17:05 +02:00
Benoît S. 8e2741dd99 Squashed commit of the following: 
commit db23167246
Author: Benoît S <bserie@evolix.fr>
Date:   Thu Jun 28 11:48:22 2018 +0200

    Add a check for kernel config gile

commit ae1ec7b2b9
Author: Benoît S <bserie@evolix.fr>
Date:   Wed Jun 27 18:01:07 2018 +0200

    Redo the jessie part

commit 62b61aabf1
Author: Benoît S <bserie@evolix.fr>
Date:   Wed Jun 27 17:49:44 2018 +0200

    Well... For Stretch use only /sys/devices/system/cpu/vulnerabilities/

commit 33b19090e6
Author: Benoît S <bserie@evolix.fr>
Date:   Wed Jun 27 17:45:11 2018 +0200

    Add check for spectre v2

commit 3451218a16
Author: Benoît S <bserie@evolix.fr>
Date:   Wed Jun 27 17:33:24 2018 +0200

    Do not use the BOOT_IMAGE trick

commit ee60e28a5a
Author: Benoît S <bserie@evolix.fr>
Date:   Wed Jun 27 17:30:18 2018 +0200

    We cannot rely on dmesg

commit 57bd4312ce
Author: Benoît.S <benpro@benpro.fr>
Date:   Thu Jan 11 14:46:46 2018 +0100

    Breakline indentation

commit d2278292cc
Author: Benoît.S <benpro@benpro.fr>
Date:   Thu Jan 11 14:45:12 2018 +0100

    Diffrent test for Jessie kernel

commit 1418d4306e
Author: Benoît.S <benpro@benpro.fr>
Date:   Thu Jan 11 11:52:43 2018 +0100

    Modified Meltdown check to handle kaiser and pti

commit 2c6d075e2a
Author: Benoît.S <benpro@benpro.fr>
Date:   Thu Jan 11 11:24:42 2018 +0100

    Add IS_MELTDOWN

    We check kaiser flags in /proc/cpuinfo and CONFIG_PAGE_TABLE_ISOLATION in
    kernel config file.
 2018-06-28 11:52:31 +02:00
Benoît S. d914dd9003 Implement IS_APACHE_CONFENABLED 2018-06-27 15:20:39 +02:00
Benoît S. e5ca035516 Add a line 2018-06-13 18:10:14 +02:00
Benoît S. 6bce242efb Merge branch 'master' into 35-is_evoacme_certbotcron 2018-06-13 18:09:27 +02:00
Benoît S. 5fc12657d3 Check evoacme file cron 2018-06-13 18:03:14 +02:00
Benoît S. 9c5f8653fd IS_EVOACME_LIVELINKS: Only executed if evoacme installed 2018-05-28 11:49:57 +02:00
Benoît S. a6b54d99e9 Add IS_EVOACME_LIVELINKS check 2018-05-25 17:55:12 +02:00
Benoît S. fee78ee9f4 IS_DUPLICATE_FS_LABEL: Add a space for the grep pattern 
Otherwise it will match PARTLABEL, we want only LABEL.
 2018-04-10 15:44:59 +02:00
Benoît S. 217e8b1115 Missing fi 2018-04-10 15:16:37 +02:00
Benoît S. 75e69e1440 Use blkid in place of lsblk 2018-04-10 15:14:54 +02:00
Jérémy Lecour 9c221e2919 Use "grep -E" instead of "egrep" (deprecated) 2018-03-29 22:31:50 +02:00
Jérémy Lecour 80a07783c8 IS_SSHALLOWUSERS is looking for AllowUsers or AllowGroups 2018-03-29 22:30:31 +02:00
Jérémy Lecour c1866836aa whitespaces 2018-03-29 22:29:50 +02:00
Romain Dessort 92b18e201c Fix evoqa #3623: custom limit for IS_NOTUPGRADED 
Set higher time limit for servers not being part of the regular upgrade
process:
  - if mails are sent to listupgrade-todo@
  - or if listupgrade.sh is not executed on a weekly basis.
 2018-03-23 17:47:17 -04:00
Romain Dessort 76575e9fb1 evoqa #4994: check presence of evolix user 2018-03-23 17:46:11 -04:00
Benoît S. f686aad9a5 Merge branch 'master' into '19-detect-depulicate-filesystem-labels' 
# Conflicts:
#   evocheck.sh
 2018-03-19 14:53:44 +01:00
Benoît S. 12d5205485 Added the test to found duplicate 2018-03-19 14:51:18 +01:00
Benoît S. 8963a85269 Move the detection of minifirewall config 2018-03-15 17:53:58 +01:00