Test if sudoers.d is include in the main config
This commit is contained in:
parent
c626de49d7
commit
929a6bde98
|
@ -11,6 +11,9 @@ DEBUG=1
|
||||||
USER_ID=$(id -u)
|
USER_ID=$(id -u)
|
||||||
|
|
||||||
BACKUP_USER_LIST="backup backuppc"
|
BACKUP_USER_LIST="backup backuppc"
|
||||||
|
|
||||||
|
SUDOERS_D_INCLUDE_LINE="#includedir /etc/sudoers.d"
|
||||||
|
|
||||||
BACKUP_SUDOERS_LINE_REGEXP="backuppc.*ALL.*=.*(ALL:ALL).*NOEXEC:NOPASSWD:.*/usr/bin/rsync"
|
BACKUP_SUDOERS_LINE_REGEXP="backuppc.*ALL.*=.*(ALL:ALL).*NOEXEC:NOPASSWD:.*/usr/bin/rsync"
|
||||||
BACKUP_SUDOERS_LINE="backup ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync
|
BACKUP_SUDOERS_LINE="backup ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync
|
||||||
backuppc ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync"
|
backuppc ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync"
|
||||||
|
@ -36,6 +39,21 @@ is_backup_user()
|
||||||
exit "${ERROR}"
|
exit "${ERROR}"
|
||||||
}
|
}
|
||||||
## ]]]
|
## ]]]
|
||||||
|
## Check if a line is present in main sudoers conf [[[
|
||||||
|
is_sudoers_line()
|
||||||
|
{
|
||||||
|
line_to_check="${1}"
|
||||||
|
|
||||||
|
if grep -q -- "${line_to_check}" /etc/sudoers
|
||||||
|
then
|
||||||
|
[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function is_sudoers_line() — ${line_to_check} line is available in sudo configuration."
|
||||||
|
return "${SUCCESS}"
|
||||||
|
else
|
||||||
|
[ "${DEBUG}" -eq "0" ] && printf '\e[1;35m%-6s\e[m\n' "DEBUG : Function is_sudoers_line() — ${line_to_check} was not found in sudo configuration."
|
||||||
|
return "${ERROR}"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
## ]]]
|
||||||
## Check if backup permissions are already set in sudoers.d [[[
|
## Check if backup permissions are already set in sudoers.d [[[
|
||||||
is_backup_sudoers_line()
|
is_backup_sudoers_line()
|
||||||
{
|
{
|
||||||
|
@ -84,6 +102,9 @@ fi
|
||||||
# Ensure the backup user is available
|
# Ensure the backup user is available
|
||||||
is_backup_user "${BACKUP_USER_LIST}"
|
is_backup_user "${BACKUP_USER_LIST}"
|
||||||
|
|
||||||
|
# Ensure sudoers.d is include in the sudoers main configuration
|
||||||
|
is_sudoers_line "${SUDOERS_D_INCLUDE_LINE}"
|
||||||
|
|
||||||
# Test if sudoers conf is already set
|
# Test if sudoers conf is already set
|
||||||
if ! is_backup_sudoers_line "${BACKUP_SUDOERS_LINE_REGEXP}"
|
if ! is_backup_sudoers_line "${BACKUP_SUDOERS_LINE_REGEXP}"
|
||||||
then
|
then
|
||||||
|
|
Loading…
Reference in New Issue