scripts/update-motd.d/05-auth

67 lines
1.9 KiB
Bash
Executable File
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/sh
# .. vim: foldmarker=[[[,]]]:foldmethod=marker
# {{ ansible_managed | comment }}
# Colors definition [[[
BLACK='\033[49;30m'
BLACKB='\033[49;90m'
RED='\033[0;31m'
REDB='\033[1;31m'
GREEN='\033[0;32m'
YELLOW='\033[0;33m'
BLUE='\033[94;49m'
MAGENTA='\033[0;35m'
CYAN='\033[36;49m'
WHITE='\033[0;37m'
BOLD='\033[1m'
RESET='\033[0m'
# ]]]
# Function definition [[[
## count_pattern()
### Return the number of occurrence of a pattern in a file with a color
### (=expected_value: green ; otherwise: red).
count_pattern() {
## Get the args
PATTERN="${1}"
FILE="${2}"
EXPECTED_VALUE="${3}"
## Count the pattern in the file
NUM=$(grep -cE "${PATTERN}" "${FILE}")
## If $EXPECTED_VALUE exist AND $NUM equal $EXPECTED_VALUE
if [ "${EXPECTED_VALUE}" ] && [ "${NUM}" = "${EXPECTED_VALUE}" ]; then
MSG="${GREEN}${NUM}"
else
MSG="${RED}${NUM}"
fi
printf '%b' "${MSG}"
}
# ]]]
# Vars definition [[[
## Get the most recent "auth.log" file.
## Simpliest way to get it?
AUTH_LOG_FILE=$(find /var/log -type f -iname 'auth.log' -printf "%T@ %p\\n" | sort -n | cut -d' ' -f 2- | tail -n 1)
## Number of failed SSH authentication
SSH_FAIL_LOGIN=$(count_pattern 'sshd.*Failed' "${AUTH_LOG_FILE}" '0')
## Number of failed sudo authentication
SUDO_FAIL=$(count_pattern 'sudo.*authentication failure' "${AUTH_LOG_FILE}" '0')
SUDO_3_FAIL=$(count_pattern 'sudo.*3 incorrect password' "${AUTH_LOG_FILE}" '0')
# ]]]
#+++++++++++++++++++: Auth Info :+++++++++++++++++++
printf '%b' "${RESET}"
printf "${BLACKB}%33s${RESET}" | tr ' ' -
printf '%b' " ${CYAN}Auth Info${RESET} "
printf "${BLACKB}%34s${RESET}" | tr ' ' -
printf '%b' "
${BLACKB}+ ${WHITE}SSH fail\\t\\t${BLACKB}= ${SSH_FAIL_LOGIN} fail(s) this week
${BLACKB}+ ${WHITE}Sudo fail\\t\\t${BLACKB}= ${GREEN}${SUDO_FAIL} fail(s) this week
${BLACKB}+ ${WHITE}Sudo 3 fails\\t\\t${BLACKB}= ${GREEN}${SUDO_3_FAIL} fail(s) this week
"
printf '%b' "${RESET}"