forked from evolix/evocheck
New version of IS_EVOMAINTENANCEUSERS
Verbose mode added Break added Better readability
This commit is contained in:
parent
eeef28176e
commit
fbce70f906
22
evocheck.sh
22
evocheck.sh
|
@ -974,6 +974,8 @@ if [ "$IS_SSHPERMITROOTNO" = 1 ]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$IS_EVOMAINTENANCEUSERS" = 1 ]; then
|
if [ "$IS_EVOMAINTENANCEUSERS" = 1 ]; then
|
||||||
|
# Can be changed in evocheck.cf
|
||||||
|
homeDir=${homeDir:-/home}
|
||||||
if ! is_debianversion stretch; then
|
if ! is_debianversion stretch; then
|
||||||
if [ -f /etc/sudoers.d/evolinux ]; then
|
if [ -f /etc/sudoers.d/evolinux ]; then
|
||||||
sudoers="/etc/sudoers.d/evolinux"
|
sudoers="/etc/sudoers.d/evolinux"
|
||||||
|
@ -981,11 +983,27 @@ if [ "$IS_EVOMAINTENANCEUSERS" = 1 ]; then
|
||||||
sudoers="/etc/sudoers"
|
sudoers="/etc/sudoers"
|
||||||
fi
|
fi
|
||||||
for i in $( (grep "^User_Alias *ADMIN" $sudoers | cut -d= -f2 | tr -d " "; grep ^sudo /etc/group |cut -d: -f 4) | tr "," "\n" |sort -u); do
|
for i in $( (grep "^User_Alias *ADMIN" $sudoers | cut -d= -f2 | tr -d " "; grep ^sudo /etc/group |cut -d: -f 4) | tr "," "\n" |sort -u); do
|
||||||
grep -q "^trap.*sudo.*evomaintenance.sh" /home/$i/.*profile || echo 'IS_EVOMAINTENANCEUSERS FAILED!'
|
grep -qs "^trap.*sudo.*evomaintenance.sh" ${homeDir}/${i}/.*profile
|
||||||
|
if [ $? != 0 ]; then
|
||||||
|
echo 'IS_EVOMAINTENANCEUSERS FAILED!'
|
||||||
|
if [ "$VERBOSE" = 1 ]; then
|
||||||
|
echo "$i doesn't have evomaintenance trap!"
|
||||||
|
else
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
fi
|
||||||
done
|
done
|
||||||
else
|
else
|
||||||
for i in $(getent group evolinux-sudo | cut -d':' -f4 | tr ',' ' '); do
|
for i in $(getent group evolinux-sudo | cut -d':' -f4 | tr ',' ' '); do
|
||||||
grep -q "^trap.*sudo.*evomaintenance.sh" /home/$i/.*profile || echo 'IS_EVOMAINTENANCEUSERS FAILED!'
|
grep -qs "^trap.*sudo.*evomaintenance.sh" ${homeDir}/$i/.*profile
|
||||||
|
if [ $? != 0 ]; then
|
||||||
|
echo 'IS_EVOMAINTENANCEUSERS FAILED!'
|
||||||
|
if [ "$VERBOSE" = 1 ]; then
|
||||||
|
echo "$i doesn't have evomaintenance trap!"
|
||||||
|
else
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
fi
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
Loading…
Reference in a new issue