Add sudoers configuration

2018-05-28 17:52:23 +02:00 · 2018-05-28 17:52:23 +02:00 · 4483ba3ecc
parent e21864990d
commit 4483ba3ecc
1 changed files with 41 additions and 10 deletions
--- a/client/fix_backuppc_linux_sudo.sh
+++ b/client/fix_backuppc_linux_sudo.sh
@ -13,6 +13,8 @@ EUID=$(id -u)
 BACKUP_USER_LOGIN="backup"
 #BACKUP_USER_LOGIN="backuppc"
 SUDOERS_LINE_REGEXP="${BACKUP_USER_LOGIN}.*ALL.*=.*(ALL:ALL).*NOEXEC:NOPASSWD:.*/usr/bin/rsync"
+SUDOERS_LINE="${BACKUP_USER_LOGIN} ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync"
+SUDOERS_FILE="/etc/sudoers.d/backuppc_noexec"
 # ]]]

 # Functions [[[
@ -21,10 +23,10 @@ is_user() ## [[[
 	user_to_check="${1}"

 	if [ "$(id -- "${user_to_check}" 2> /dev/null)" ] ; then
-		[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function — ${user_to_check} user is available."
+		[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function is_user() — ${user_to_check} user is available."
 		return "${SUCCESS}"
 	else
-		printf '\e[1;31m%-6s\e[m\n' "ERROR : Function — ${user_to_check} user is unavailable."
+		printf '\e[1;31m%-6s\e[m\n' "ERROR : Function is_user() — ${user_to_check} user is unavailable."
 		exit "${ERROR}"
 	fi
 }
@ -35,14 +37,33 @@ is_sudoers_line() ## [[[

 	if grep -Rq -- "${line_to_check}" /etc/sudoers.d/
 	then
-		[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function — ${line_to_check} line is available in sudo configuration."
+		[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function is_sudoers_line() — ${line_to_check} line is available in sudo configuration."
 		return "${SUCCESS}"
 	else
-		[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function — ${line_to_check} was not found in sudo configuration."
+		[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function is_sudoers_line() — ${line_to_check} was not found in sudo configuration."
 		return "${ERROR}"
 	fi
 }
 ## ]]]
+add_sudoers_conf() ## [[[
+{
+	sudoers_conf="${1}"
+	sudoers_file="${2}"
+
+	## Empty sudoers file
+	true > "${sudoers_file}"
+
+	## Set sudoers configuration for BackupPC
+	cat << EOF >> "${sudoers_file}"
+# This file was generated by fix_backuppc_linux_sudo.sh script.
+
+# Permissions for BackupPC - Backup tool
+${sudoers_conf}
+EOF
+
+	[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function add_sudoers_conf() — ${sudoers_file} was modified."
+}
+## ]]]
 # ]]]

 # Test permissions [[[
@ -53,17 +74,27 @@ if [ "${EUID}" -ne "0" ]; then
 fi
 # ]]]

+# Ensure the backup user is available
 is_user "${BACKUP_USER_LOGIN}"

-if is_sudoers_line "${SUDOERS_LINE_REGEXP}"
+# Test if sudoers conf is already set
+if ! is_sudoers_line "${SUDOERS_LINE_REGEXP}"
 then
-	[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : ${SUDOERS_LINE_REGEXP} is already set in sudo configuration."
-	printf '%b\n' "Your configuration is set up."
-	exit 0
-else
 	[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : First try — ${SUDOERS_LINE_REGEXP} was not found in sudo configuration."
+	## Add sudoers configuration
+	add_sudoers_conf "${SUDOERS_LINE}" "${SUDOERS_FILE}"
+
+	## Test if sudoers conf was successfully modified
+	if ! is_sudoers_line "${SUDOERS_LINE_REGEXP}"
+	then
+		[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Second try — ${SUDOERS_LINE_REGEXP} was not found in sudo configuration."
+		printf '\e[1;31m%-6s\e[m\n' "ERROR : The sudo configuration was not successfully modified."
+		exit "${ERROR}"
+	fi
 fi

 [ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : End"

-exit 0
+printf '%b\n' "Your configuration is set up."
+
+exit "${SUCCESS}"