Optimize OS/release/version detection for faster execution #70
55
evocheck.sh
55
evocheck.sh
|
@ -439,11 +439,18 @@ if is_debian; then
|
||||||
if [ "$IS_APACHEMUNIN" = 1 ]; then
|
if [ "$IS_APACHEMUNIN" = 1 ]; then
|
||||||
if is_debian_stretch; then
|
if is_debian_stretch; then
|
||||||
if test -e /etc/apache2/apache2.conf; then
|
if test -e /etc/apache2/apache2.conf; then
|
||||||
( test -h /etc/apache2/mods-enabled/status.load && test -h /etc/munin/plugins/apache_accesses && test -h /etc/munin/plugins/apache_processes && test -h /etc/munin/plugins/apache_accesses || failed "IS_APACHEMUNIN" )
|
(test -h /etc/apache2/mods-enabled/status.load \
|
||||||
|
&& test -h /etc/munin/plugins/apache_accesses \
|
||||||
|
&& test -h /etc/munin/plugins/apache_processes \
|
||||||
|
&& test -h /etc/munin/plugins/apache_volume) \
|
||||||
|
|| failed "IS_APACHEMUNIN" "mising munin plugins for Apache"
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
if test -e /etc/apache2/apache2.conf; then
|
if test -e /etc/apache2/apache2.conf; then
|
||||||
( grep -E -q "^env.url.*/server-status-[[:alnum:]]{4}" /etc/munin/plugin-conf.d/munin-node && grep -E -q "/server-status-[[:alnum:]]{4}" /etc/apache2/apache2.conf || grep -E -q "/server-status-[[:alnum:]]{4}" /etc/apache2/apache2.conf /etc/apache2/mods-enabled/status.conf 2>/dev/null || failed "IS_APACHEMUNIN" )
|
(grep --quiet --no-messages --extended-regexp "^env.url.*/server-status-[[:alnum:]]{4,}" /etc/munin/plugin-conf.d/munin-node \
|
||||||
|
&& (grep --quiet --no-messages --extended-regexp "/server-status-[[:alnum:]]{4,}" /etc/apache2/apache2.conf \
|
||||||
|
|| grep --quiet --no-messages --extended-regexp "/server-status-[[:alnum:]]{4,}" /etc/apache2/mods-enabled/status.conf)) \
|
||||||
|
|| failed "IS_APACHEMUNIN" "server status is not properly configured"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
@ -469,11 +476,12 @@ if is_debian; then
|
||||||
|
|
||||||
# Verification de la configuration du raid soft (mdadm)
|
# Verification de la configuration du raid soft (mdadm)
|
||||||
if [ "$IS_RAIDSOFT" = 1 ]; then
|
if [ "$IS_RAIDSOFT" = 1 ]; then
|
||||||
test -e /proc/mdstat && grep -q md /proc/mdstat && \
|
if test -e /proc/mdstat && grep -q md /proc/mdstat; then
|
||||||
(grep -q "^AUTOCHECK=true" /etc/default/mdadm \
|
(grep -q "^AUTOCHECK=true" /etc/default/mdadm \
|
||||||
&& grep -q "^START_DAEMON=true" /etc/default/mdadm \
|
&& grep -q "^START_DAEMON=true" /etc/default/mdadm \
|
||||||
&& grep -qv "^MAILADDR ___MAIL___" /etc/mdadm/mdadm.conf \
|
&& grep -qv "^MAILADDR ___MAIL___" /etc/mdadm/mdadm.conf) \
|
||||||
|| failed "IS_RAIDSOFT")
|
|| failed "IS_RAIDSOFT"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Verification du LogFormat de AWStats
|
# Verification du LogFormat de AWStats
|
||||||
|
@ -503,10 +511,10 @@ if is_debian; then
|
||||||
if is_pack_web && (is_installed squid || is_installed squid3); then
|
if is_pack_web && (is_installed squid || is_installed squid3); then
|
||||||
host=$(hostname -i)
|
host=$(hostname -i)
|
||||||
http_port=$(grep http_port $squidconffile | cut -f 2 -d " ")
|
http_port=$(grep http_port $squidconffile | cut -f 2 -d " ")
|
||||||
grep -qE "^[^#]*iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner proxy -j ACCEPT" $MINIFW_FILE \
|
(grep -qE "^[^#]*iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner proxy -j ACCEPT" $MINIFW_FILE \
|
||||||
&& grep -qE "^[^#]*iptables -t nat -A OUTPUT -p tcp --dport 80 -d $host -j ACCEPT" $MINIFW_FILE \
|
&& grep -qE "^[^#]*iptables -t nat -A OUTPUT -p tcp --dport 80 -d $host -j ACCEPT" $MINIFW_FILE \
|
||||||
&& grep -qE "^[^#]*iptables -t nat -A OUTPUT -p tcp --dport 80 -d 127.0.0.(1|0/8) -j ACCEPT" $MINIFW_FILE \
|
&& grep -qE "^[^#]*iptables -t nat -A OUTPUT -p tcp --dport 80 -d 127.0.0.(1|0/8) -j ACCEPT" $MINIFW_FILE \
|
||||||
&& grep -qE "^[^#]*iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port.* $http_port" $MINIFW_FILE \
|
&& grep -qE "^[^#]*iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port.* $http_port" $MINIFW_FILE) \
|
||||||
|| failed "IS_SQUID"
|
|| failed "IS_SQUID"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
@ -524,9 +532,9 @@ if is_debian; then
|
||||||
if [ "$IS_MODDEFLATE" = 1 ]; then
|
if [ "$IS_MODDEFLATE" = 1 ]; then
|
||||||
f=/etc/apache2/mods-enabled/deflate.conf
|
f=/etc/apache2/mods-enabled/deflate.conf
|
||||||
if is_installed apache2.2; then
|
if is_installed apache2.2; then
|
||||||
test -e $f && grep -q "AddOutputFilterByType DEFLATE text/html text/plain text/xml" $f \
|
(test -e $f && grep -q "AddOutputFilterByType DEFLATE text/html text/plain text/xml" $f \
|
||||||
&& grep -q "AddOutputFilterByType DEFLATE text/css" $f \
|
&& grep -q "AddOutputFilterByType DEFLATE text/css" $f \
|
||||||
&& grep -q "AddOutputFilterByType DEFLATE application/x-javascript application/javascript" $f \
|
&& grep -q "AddOutputFilterByType DEFLATE application/x-javascript application/javascript" $f) \
|
||||||
|| failed "IS_MODDEFLATE"
|
|| failed "IS_MODDEFLATE"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
@ -649,7 +657,8 @@ if is_debian; then
|
||||||
if [ "$IS_APACHEIPINALLOW" = 1 ]; then
|
if [ "$IS_APACHEIPINALLOW" = 1 ]; then
|
||||||
# Note: Replace "exit 1" by "print" in Perl code to debug it.
|
# Note: Replace "exit 1" by "print" in Perl code to debug it.
|
||||||
if is_installed apache2.2-common; then
|
if is_installed apache2.2-common; then
|
||||||
grep -IrE "^[^#] *(Allow|Deny) from" /etc/apache2/ | grep -iv "from all" | grep -iv "env=" | perl -ne 'exit 1 unless (/from( [\da-f:.\/]+)+$/i)' || failed "IS_APACHEIPINALLOW"
|
(grep -IrE "^[^#] *(Allow|Deny) from" /etc/apache2/ | grep -iv "from all" | grep -iv "env=" | perl -ne 'exit 1 unless (/from( [\da-f:.\/]+)+$/i)') \
|
||||||
|
|| failed "IS_APACHEIPINALLOW"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -784,7 +793,8 @@ if is_debian; then
|
||||||
if [ "$IS_EVOLINUXSUDOGROUP" = 1 ]; then
|
if [ "$IS_EVOLINUXSUDOGROUP" = 1 ]; then
|
||||||
if is_debian_stretch; then
|
if is_debian_stretch; then
|
||||||
(grep -q "^evolinux-sudo:" /etc/group \
|
(grep -q "^evolinux-sudo:" /etc/group \
|
||||||
&& grep -q '^%evolinux-sudo ALL=(ALL:ALL) ALL' /etc/sudoers.d/evolinux) || failed "IS_EVOLINUXSUDOGROUP"
|
&& grep -q '^%evolinux-sudo ALL=(ALL:ALL) ALL' /etc/sudoers.d/evolinux) \
|
||||||
|
|| failed "IS_EVOLINUXSUDOGROUP"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -800,7 +810,8 @@ if is_debian; then
|
||||||
if is_debian_stretch && test -d /etc/apache2; then
|
if is_debian_stretch && test -d /etc/apache2; then
|
||||||
(test -L /etc/apache2/conf-enabled/z-evolinux-defaults.conf \
|
(test -L /etc/apache2/conf-enabled/z-evolinux-defaults.conf \
|
||||||
&& test -L /etc/apache2/conf-enabled/zzz-evolinux-custom.conf \
|
&& test -L /etc/apache2/conf-enabled/zzz-evolinux-custom.conf \
|
||||||
&& test -f /etc/apache2/ipaddr_whitelist.conf) || failed "IS_APACHE2EVOLINUXCONF"
|
&& test -f /etc/apache2/ipaddr_whitelist.conf) \
|
||||||
|
|| failed "IS_APACHE2EVOLINUXCONF"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -817,7 +828,8 @@ if is_debian; then
|
||||||
|
|
||||||
if [ "$IS_BIND9MUNIN" = 1 ]; then
|
if [ "$IS_BIND9MUNIN" = 1 ]; then
|
||||||
if is_debian_stretch && is_installed bind9; then
|
if is_debian_stretch && is_installed bind9; then
|
||||||
(test -L /etc/munin/plugins/bind9 && test -e /etc/munin/plugin-conf.d/bind9) || failed "IS_BIND9MUNIN"
|
(test -L /etc/munin/plugins/bind9 && test -e /etc/munin/plugin-conf.d/bind9) \
|
||||||
|
|| failed "IS_BIND9MUNIN"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -835,10 +847,14 @@ if is_debian; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$IS_HARDWARERAIDTOOL" = 1 ]; then
|
if [ "$IS_HARDWARERAIDTOOL" = 1 ]; then
|
||||||
lspci | grep -q 'MegaRAID SAS' && (is_installed megacli && (is_installed megaclisas-status || is_installed megaraidsas-status) \
|
if lspci | grep -q 'MegaRAID SAS'; then
|
||||||
|| failed "IS_HARDWARERAIDTOOL")
|
is_installed megacli && (is_installed megaclisas-status || is_installed megaraidsas-status) \
|
||||||
lspci | grep -q 'Hewlett-Packard Company Smart Array' && (is_installed cciss-vol-status \
|
|| failed "IS_HARDWARERAIDTOOL"
|
||||||
|| failed "IS_HARDWARERAIDTOOL")
|
fi
|
||||||
|
if lspci | grep -q 'Hewlett-Packard Company Smart Array'; then
|
||||||
|
is_installed cciss-vol-status \
|
||||||
|
|| failed "IS_HARDWARERAIDTOOL"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$IS_LOG2MAILSYSTEMDUNIT" = 1 ]; then
|
if [ "$IS_LOG2MAILSYSTEMDUNIT" = 1 ]; then
|
||||||
|
@ -1219,8 +1235,9 @@ fi
|
||||||
|
|
||||||
if [ "$IS_SSHPERMITROOTNO" = 1 ]; then
|
if [ "$IS_SSHPERMITROOTNO" = 1 ]; then
|
||||||
if is_debian_stretch; then
|
if is_debian_stretch; then
|
||||||
grep -q "^PermitRoot" /etc/ssh/sshd_config && grep -E -qi "PermitRoot.*no" /etc/ssh/sshd_config \
|
if grep -q "^PermitRoot" /etc/ssh/sshd_config; then
|
||||||
|| failed "IS_SSHPERMITROOTNO"
|
grep -E -qi "PermitRoot.*no" /etc/ssh/sshd_config || failed "IS_SSHPERMITROOTNO"
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
grep -E -qi "PermitRoot.*no" /etc/ssh/sshd_config || failed "IS_SSHPERMITROOTNO"
|
grep -E -qi "PermitRoot.*no" /etc/ssh/sshd_config || failed "IS_SSHPERMITROOTNO"
|
||||||
fi
|
fi
|
||||||
|
|
Loading…
Reference in a new issue