Test if sudoers.d is include in the main config

2019-05-28 14:36:14 +02:00 · 2019-05-28 14:36:14 +02:00 · 929a6bde98
parent c626de49d7
commit 929a6bde98
1 changed files with 21 additions and 0 deletions
--- a/client/fix_backuppc_linux_sudo.sh
+++ b/client/fix_backuppc_linux_sudo.sh
@ -11,6 +11,9 @@ DEBUG=1
 USER_ID=$(id -u)

 BACKUP_USER_LIST="backup backuppc"
+
+SUDOERS_D_INCLUDE_LINE="#includedir /etc/sudoers.d"
+
 BACKUP_SUDOERS_LINE_REGEXP="backuppc.*ALL.*=.*(ALL:ALL).*NOEXEC:NOPASSWD:.*/usr/bin/rsync"
 BACKUP_SUDOERS_LINE="backup ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync
 backuppc ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync"
@ -36,6 +39,21 @@ is_backup_user()
 	exit "${ERROR}"
 }
 ## ]]]
+## Check if a line is present in main sudoers conf  [[[
+is_sudoers_line()
+{
+	line_to_check="${1}"
+
+	if grep -q -- "${line_to_check}" /etc/sudoers
+	then
+		[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function is_sudoers_line() — ${line_to_check} line is available in sudo configuration."
+		return "${SUCCESS}"
+	else
+		[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function is_sudoers_line() — ${line_to_check} was not found in sudo configuration."
+		return "${ERROR}"
+	fi
+}
+## ]]]
 ## Check if backup permissions are already set in sudoers.d  [[[
 is_backup_sudoers_line()
 {
@ -84,6 +102,9 @@ fi
 # Ensure the backup user is available
 is_backup_user "${BACKUP_USER_LIST}"

+# Ensure sudoers.d is include in the sudoers main configuration
+is_sudoers_line "${SUDOERS_D_INCLUDE_LINE}"
+
 # Test if sudoers conf is already set
 if ! is_backup_sudoers_line "${BACKUP_SUDOERS_LINE_REGEXP}"
 then