Victor LABORIE
6bfe6eb9a7
Fix odd return line in verbose mode
2019-01-17 11:02:44 +01:00
Victor LABORIE
3cfa884a6f
Add a verbose function and use it for some checks ( Fix #30 )
2019-01-16 17:10:51 +01:00
Victor Laborie
c15f959c22
Merge branch '25-Detect-old-home-dir' of evolix/evocheck into master
2019-01-16 16:48:23 +01:00
Benoît S.
d027b521a6
Missing underscore
2019-01-16 15:58:46 +01:00
Benoît S.
a4c3916545
Fix issue #17
...
- `MYSQL_ADMIN` is now a variable because some installation doesn't have `mysqladmin`
user.
- `/usr/bin/mytop` or `/usr/local/bin/mytop` are checked.
2019-01-16 15:20:03 +01:00
Benoît S.
d338fc7e9b
Fix #14 by adding a break
...
We need to break to display only one error message.
2019-01-16 14:24:35 +01:00
Benoît S.
48561592ee
Replace and condition by or condition
...
Check install_date or last_upgrade, because if you never upgraded you will
never match the limit
2019-01-16 14:12:12 +01:00
Benoît S.
288d26366a
Implement #25
...
We loop through directories in /home and see ig the owner has a resolvable ID.
2019-01-16 13:47:49 +01:00
Victor LABORIE
96336afca5
Detect comment for IS_BACKPORTSCONF ( Fix #28 )
2018-12-21 15:52:17 +01:00
Victor LABORIE
db1d4e4aae
Add a break to IS_PRIVKEYWOLRDREADABLE ( Fix #19 )
2018-12-21 15:29:20 +01:00
Victor LABORIE
7179cfefc8
Remove "No such file or directory" error on IS_NOTUPGRADED check
2018-12-21 15:22:30 +01:00
Victor LABORIE
22d835b733
Follow symlink for IS_PRIVKEYWOLRDREADABLE check
2018-12-19 16:18:50 +01:00
Benoît S.
956877442a
WIP: Removes /var/log/evolinux/00_prepare_system.log
...
TODO: Workaround in special case when the server was never installed
TODO: be sure that the final check with and logic is OK.
2018-09-14 15:52:08 +02:00
Jérémy Lecour
ffecb8a7c4
grep regular expressions must be quoted
2018-08-17 15:26:55 +02:00
Jérémy Lecour
87d98dc8d0
Evocheck detects installed packages even if they are "held" by APT.
2018-08-17 14:57:25 +02:00
Gregory Colpart
38beacc87b
Improve IS_EVOMAINTENANCE_FW : lower rules number to 2
...
Closes #42
2018-07-27 01:53:27 +02:00
Benoît S.
cd38bbaab4
IS_EVOACME_LIVELINKS: Add a condition when there is no certificates
2018-07-05 10:19:43 +02:00
Benoît S.
08b5ae0819
Fix: IS_APACHE_CONFENABLED only when apache2.conf exists.
2018-07-02 15:41:15 +02:00
Benoît S.
7ddb75fb5b
Fix: IS_APACHE_CONFENABLED is only for Jessie or Stretch
2018-06-29 14:17:05 +02:00
Benoît S.
8e2741dd99
Squashed commit of the following:
...
commit db23167246
Author: Benoît S <bserie@evolix.fr>
Date: Thu Jun 28 11:48:22 2018 +0200
Add a check for kernel config gile
commit ae1ec7b2b9
Author: Benoît S <bserie@evolix.fr>
Date: Wed Jun 27 18:01:07 2018 +0200
Redo the jessie part
commit 62b61aabf1
Author: Benoît S <bserie@evolix.fr>
Date: Wed Jun 27 17:49:44 2018 +0200
Well... For Stretch use only /sys/devices/system/cpu/vulnerabilities/
commit 33b19090e6
Author: Benoît S <bserie@evolix.fr>
Date: Wed Jun 27 17:45:11 2018 +0200
Add check for spectre v2
commit 3451218a16
Author: Benoît S <bserie@evolix.fr>
Date: Wed Jun 27 17:33:24 2018 +0200
Do not use the BOOT_IMAGE trick
commit ee60e28a5a
Author: Benoît S <bserie@evolix.fr>
Date: Wed Jun 27 17:30:18 2018 +0200
We cannot rely on dmesg
commit 57bd4312ce
Author: Benoît.S <benpro@benpro.fr>
Date: Thu Jan 11 14:46:46 2018 +0100
Breakline indentation
commit d2278292cc
Author: Benoît.S <benpro@benpro.fr>
Date: Thu Jan 11 14:45:12 2018 +0100
Diffrent test for Jessie kernel
commit 1418d4306e
Author: Benoît.S <benpro@benpro.fr>
Date: Thu Jan 11 11:52:43 2018 +0100
Modified Meltdown check to handle kaiser and pti
commit 2c6d075e2a
Author: Benoît.S <benpro@benpro.fr>
Date: Thu Jan 11 11:24:42 2018 +0100
Add IS_MELTDOWN
We check kaiser flags in /proc/cpuinfo and CONFIG_PAGE_TABLE_ISOLATION in
kernel config file.
2018-06-28 11:52:31 +02:00
Benoît S.
d914dd9003
Implement IS_APACHE_CONFENABLED
2018-06-27 15:20:39 +02:00
Benoît S.
e5ca035516
Add a line
2018-06-13 18:10:14 +02:00
Benoît S.
6bce242efb
Merge branch 'master' into 35-is_evoacme_certbotcron
2018-06-13 18:09:27 +02:00
Benoît S.
5fc12657d3
Check evoacme file cron
2018-06-13 18:03:14 +02:00
Benoît S.
9c5f8653fd
IS_EVOACME_LIVELINKS: Only executed if evoacme installed
2018-05-28 11:49:57 +02:00
Benoît S.
a6b54d99e9
Add IS_EVOACME_LIVELINKS check
2018-05-25 17:55:12 +02:00
Benoît S.
fee78ee9f4
IS_DUPLICATE_FS_LABEL: Add a space for the grep pattern
...
Otherwise it will match PARTLABEL, we want only LABEL.
2018-04-10 15:44:59 +02:00
Benoît S.
217e8b1115
Missing fi
2018-04-10 15:16:37 +02:00
Benoît S.
75e69e1440
Use blkid in place of lsblk
2018-04-10 15:14:54 +02:00
Jérémy Lecour
9c221e2919
Use "grep -E" instead of "egrep" (deprecated)
2018-03-29 22:31:50 +02:00
Jérémy Lecour
80a07783c8
IS_SSHALLOWUSERS is looking for AllowUsers or AllowGroups
2018-03-29 22:30:31 +02:00
Jérémy Lecour
c1866836aa
whitespaces
2018-03-29 22:29:50 +02:00
Romain Dessort
92b18e201c
Fix evoqa #3623 : custom limit for IS_NOTUPGRADED
...
Set higher time limit for servers not being part of the regular upgrade
process:
- if mails are sent to listupgrade-todo@
- or if listupgrade.sh is not executed on a weekly basis.
2018-03-23 17:47:17 -04:00
Romain Dessort
76575e9fb1
evoqa #4994 : check presence of evolix user
2018-03-23 17:46:11 -04:00
Benoît S.
f686aad9a5
Merge branch 'master' into '19-detect-depulicate-filesystem-labels'
...
# Conflicts:
# evocheck.sh
2018-03-19 14:53:44 +01:00
Benoît S.
12d5205485
Added the test to found duplicate
2018-03-19 14:51:18 +01:00
Benoît S.
8963a85269
Move the detection of minifirewall config
2018-03-15 17:53:58 +01:00
Benoît S.
e5594f3f1b
IS_EVOMAINTENANCE_FW: Fix wrong variable
2018-03-15 17:51:12 +01:00
Daniel Jakots
75fbba7644
Set at the beginning $MINIFW_FILE and use it
2018-03-15 12:44:23 -04:00
Benoît S.
d0975f7719
First implementatio for IS_EVOMAINTENANCE_FW
...
We check if there is at least the 4 evomaintenance rules.
2018-03-15 16:13:20 +01:00
Benoît S.
36822bf383
WIP #19 : Detect duplicate LABEL entries
2018-03-09 18:05:09 +01:00
Benoît S.
0dec7c6545
Fix #21 . IS_EVOBACKUP was disabled and using bad grep pattern
2018-03-09 15:22:08 +01:00
Benoît S.
7d1082d585
Well... Don't need for failed variable after all.
2018-02-23 11:13:01 +01:00
Benoît S.
39ac9e8d24
IS_MYSQLMUNIN: Break lines and add a break
2018-02-22 10:21:12 +01:00
Gregory Colpart
0d68452dcc
avoid too much FAILED for IS_MYSQLMUNIN
2018-02-19 23:26:53 +01:00
Gregory Colpart
7d7e289817
suppress stderr output in any case
2018-02-19 22:23:53 +01:00
Benoît.S
034b88faa4
IS_UPTIME in --cron mode && IS_NOTUPGRADED at 90d
2018-01-31 16:25:28 +01:00
Benoît.S
b62a9f606e
We don't manage systemd-network yet
...
Added a IS_NETWORK_INTERFACES and disabling IS_AUTOIF and IS_INTERFACESGW if
IS_NETWORK_INTERFACES failing.
2018-01-22 16:55:42 +01:00
Benoît S.
f78628c1d7
Fix #15 . Add mysql_ prefix for munin plugin check
2017-12-20 10:06:39 +01:00
Benoît.S
15c323f56b
Add MOUNT_FSTAB check
2017-12-08 15:56:31 +01:00
Benoît.S
99451d54a8
Add ELASTIC_BACKUP check
2017-12-06 11:05:02 +01:00
Benoît.S
09c4e5f5b2
Add REDIS_BACKUP check
2017-12-06 10:49:52 +01:00
Benoît.S
824e0fcf55
Missing IS_LDAP_BACKUP=1
2017-12-06 10:46:08 +01:00
Benoît.S
35f0cc3c86
Add MONGO_BACKUP check
2017-12-06 10:42:16 +01:00
Benoît.S
227249f411
Add POSTGRES_BACKUP check
2017-12-06 10:28:39 +01:00
Benoît.S
6c37875d1f
Add LDAP_BACKUP check
2017-12-06 10:14:17 +01:00
Benoît.S
f527e92ce4
Only check if file exist
2017-12-06 10:06:03 +01:00
Benoît.S
340c686b03
Implement EvoQA#3332. Check for SQL backup.
2017-12-05 18:03:40 +01:00
Benoît S.
eeca2fab19
Don't match start of line
...
While inverse grepping some interface names, don't match the start of the line.
2017-11-22 11:31:24 +01:00
Benoît S.
a9cbeca7cc
Use group evolinux-sudo for Debian >=9
2017-11-14 17:35:23 +01:00
Benoît.S
85c757d9d4
Test if /etc/apache2 is present
...
Otherwise this check will always fail on non-apache server...
2017-11-10 11:06:33 +01:00
Benoît S.
31518d39b1
For IS_LOG2MAILMYSQL, better grep.
...
Because we can have /etc/log2mail/config/{default,mysql,mysql.conf} ⋅ ⋅ ⋅
2017-10-26 11:51:13 +02:00
Jérémy Lecour
0d4bd0a717
AUTOIF: on stretch, only look for UP interfaces
2017-10-04 14:11:50 +02:00
Romain Dessort
76495a204c
Fix IS_BROADCOMFIRMWARE and IS_HARDWARERAIDTOOL checks
2017-10-02 16:39:13 -04:00
Romain Dessort
f90b1d9e71
Use python instead of bc to get percentage of reserved blocks
...
bc is not installed on all servers.
2017-10-02 16:23:04 -04:00
Romain Dessort
3453423579
Add some checks for stretch
2017-10-02 15:05:24 -04:00
Jérémy Lecour
848a97883a
Revert "IS_MYSQLUTILS: better check for mytop user"
...
This reverts commit 604c313c90
.
2017-09-22 11:01:04 +02:00
Jérémy Lecour
604c313c90
IS_MYSQLUTILS: better check for mytop user
...
The 'debian-sys-maint' user is not necessarily the best one to use with mytop.
We just need to check that the mytop config file contains a user value.
The regular expression checks that :
* there is a line beggining with "user" (not commented)
* it is a variable assignent with optional spaces
* the value is 1 or more non-whitespace characters
2017-09-22 09:43:31 +02:00
Gregory Colpart
7314ffc631
Fix squid conffile in stretch
2017-09-14 01:18:32 +02:00
Gregory Colpart
1b843937b0
web-add.sh can be in new path
2017-09-14 01:18:32 +02:00
Gregory Colpart
80a2d4a2b6
no need of ';' avec return 0
2017-09-14 01:18:32 +02:00
Romain Dessort
69a61bcc51
Check for world readable private keys
2017-09-11 11:16:42 -04:00
Romain Dessort
9e21e22414
Check for /etc/evomaintenance.cf permissions
2017-09-11 10:11:58 -04:00
Benoît S.
461dec1a37
Missing () for the condition
2017-09-07 11:53:16 +02:00
Romain Dessort
67665c2738
Fix IS_SQUID in stretch
2017-08-31 12:41:18 -04:00
Romain Dessort
d30b1dbace
Fix Grégory's fix about IS_APACHEMUNIN for non-stretch machines
2017-08-31 12:34:58 -04:00
Romain Dessort
516adc25f9
Improve previous commit for mytop check
2017-08-31 12:23:21 -04:00
Romain Dessort
b2fa3073c0
mytop is now part of mariadb-client
2017-08-31 11:24:02 -04:00
Gregory Colpart
2eddb6b1bf
Fix IS_APACHEMUNIN check in Stretch
2017-08-22 03:42:16 +02:00
Gregory Colpart
a2839d24c0
Forget -q in grep
2017-08-22 03:19:16 +02:00
Gregory Colpart
cb7a0adf79
Fix vlan interfaces in Debian 9
2017-08-22 03:18:04 +02:00
Romain Dessort
18ca4d4845
TMOUT is now set in /etc/profile.d/evolinux.sh
2017-08-14 11:02:18 -04:00
Gregory Colpart
fee216b218
autorize no PermitRoot option for Stretch because default is secure
2017-07-11 00:21:52 +02:00
Gregory Colpart
03db1f93ba
Improve check (avoid warning)
2017-07-11 00:05:43 +02:00
Gregory Colpart
53c67a0157
For Stretch (we don't use anymore listchanges)
2017-07-10 23:41:04 +02:00
Romain Dessort
87e280895f
Allow use of env= in Allow from directives.
2017-07-07 16:34:46 -04:00
Benoît S.
6869dba9fb
Added a protection in case of buggy partition.
...
Like I/O error.
2017-06-01 15:38:18 +02:00
Benoît S.
5b6e30d992
Added check IS_TUNE2FS_M5.
2017-05-31 16:01:19 +02:00
Romain Dessort
81c28cd59e
Increase grace for IS_NOTUPGRADED
2017-04-03 08:44:46 -04:00
Romain Dessort
acca5f226e
Fix #1959 . IS_BACKUPUPTODATE now fails if files are older than 2 day
2017-02-03 10:44:36 -05:00
Romain Dessort
3a5fe95bed
Add tun to interfaces to exclude
2017-02-03 10:42:30 -05:00
Romain Dessort
ee3d82b5c6
Fix comment for IS_NOTUPGRADED check
2016-11-30 11:49:38 -05:00
Romain Dessort
ec677f720d
Add a check to ensure system is upgraded periodically
2016-11-30 11:39:25 -05:00
Benoît S.
43bc39a72d
Implement #1957 . IS_APTGETBAK
2016-08-31 15:38:38 +02:00
Romain Dessort
dbe53542f0
Fix parenthesis in condition for Squeeze.
2016-06-30 08:12:27 -04:00
Gregory Colpart
0b39053882
Fix check when there is no partitions /usr /tmp in Jessie
2016-06-24 01:37:46 +02:00
Romain Dessort
16a53a5dc6
Add check for /etc/.git/ permissions.
2016-06-16 12:08:22 -04:00
Romain Dessort
251f02ac1a
Fix some bugs.
2016-06-03 11:29:45 -04:00
Romain Dessort
3b59217d0d
Fix #1861 . More explicit check for NRPE pid.
2016-05-13 10:42:53 -04:00
Romain Dessort
b7c41b9181
Fix #1864 . Add quotes to avoid error in comparaison.
2016-05-13 10:34:28 -04:00