primitive loggin function, script structure simplified

2011-01-07 14:50:34 +01:00 · 2011-01-07 14:50:34 +01:00 · cd484d4fc3
commit cd484d4fc3
parent cc59a98c10
1 changed files with 32 additions and 29 deletions
--- a/helmet.sh
+++ b/helmet.sh
@ -9,7 +9,7 @@
 # This script runs noninteractive, so you can rely on these return
 # codes:
 # 0	script run ok, nothing serious found
-# 1	OS detection failed
+# 1	OS detection failed/wrong distribution
 # 2	script run ok, critical stuff found
 #
 # Requirements:
@ -36,7 +36,7 @@ while [ $# -gt 0 ]; do
 	case $1 in
 		-h|--help) showhelp; exit; shift 1 ;;
 		-V|--version) echo $(basename $0) $H_VERSION; exit; shift 1 ;;
-		-v|--verbose) verb=echo; shift 1 ;;
+		-v|--verbose) verb=true; shift 1 ;;
 		-m|--no-md5) md5=false; shift 1 ;;
 		-s|--no-ssh) ssh=false; shift 1 ;;
 		*) showhelp; exit ;;
@ -56,59 +56,62 @@ elif [[ $(grep -c '^[[:digit:]]' /etc/debian_version) > 0 ]]; then
 	H_RELEASE=$(cat /etc/debian_version)
 	H_CODE=${DEBIANCODES[$(echo $H_RELEASE | cut -b1)]}
 else
-	echo "Not a Debian-based, please install the package lsb-release and send" .
+	echo "Not a Debian-based distribution, please install the package lsb-release and send" .
-		  " the output of 'lsb_release -a' if available to info@lugh.ch."
+		  " the output of 'lsb_release -a' to info@lugh.ch."
 	exit 1
 fi
 H_KERNEL=$(uname -r)
 H_ARCH=$(uname -m)
 msg() {
 if [[ "$verb" ]]; then
 	echo $1
 fi	
 }
 check_md5() {
 	# http://kemovitra.blogspot.com/2010/07/checking-integrity-of-debianubuntu.html
 		if [ $md5 ]; then
-			MD5SUMS="not run"
+			echo "not run"
 		else
-			if [ $H_DISTRO == "Debian" ]; then
+				msg "Copying /var/lib/dpkg/info/*.md5sums to temporary file..."
 				$verb "Copying all /var/lib/dpkg/info/*.md5sums to shared memory..."
 				TEMPMD5=$(mktemp -t)
 				cat /var/lib/dpkg/info/*.md5sums | sort > $TEMPMD5 && cd /
-				$verb "Running md5sum, searching for 'FAILED' files..."
+				msg "Running md5sum, searching for 'FAILED' files..."
-				MD5SUMS=$(md5sum -c $TEMPMD5 2>&1 | grep ': FAILED' | awk -F':' {'print "/"$1'} && rm $TEMPMD5)
+				md5sum -c $TEMPMD5 2>&1 | grep ': FAILED' | awk -F':' {'print "/"$1'} && rm $TEMPMD5
 			else
 				MD5SUMS="Check not supported on $H_DISTRO"
 			fi
 		fi
 }
 check_ssh() {
 	ssh_config_regex="/etc/ssh/ssh*conf*"
 		if [ $ssh ]; then
 			SSHD="not run"
 		else
-			if [[ $(grep -i -c 'PermitRootLogin.*yes' /etc/ssh/ss*conf*) > 0 ]]; then
+			msg "Searching files $ssh_config_regex for PermitRootLogin yes..."
-				SSHD="Root login enabled!"
+			if [[ $(grep -i -c 'PermitRootLogin.*yes' $ssh_config_regex) > 0 ]]; then
 				echo "Root login enabled!"
 			else
-				SSHD="root login disabled"
+				echo "root login disabled"
 			fi
 		fi
 }
-check_md5
+#check_dummy() {
-check_ssh
+#	echo "this is a dummy check"
 #	msg "debug text of dummy_check..."
 #}
-# Output
+
-#-------
+#column -t -s':' -c 80 << EOF
-column -t -s':' -c 80 << EOF
+echo "Distribution: $H_DISTRO"
-Distribution:$H_DISTRO
+echo "Release/Codename: $H_RELEASE ($H_CODE)"
-Release/Codename:$H_RELEASE ($H_CODE)
+echo "Kernel/Architecture: $H_KERNEL ($H_ARCH)"
 Kernel/Architecture:$H_KERNEL ($H_ARCH)
-# MD5 CHECK
+echo -n "md5 check: "
-Packages with wrong MD5 hashes
+check_md5
-$MD5SUMS
+echo -n "SSH check: "
-# SSH daemon settings
+check_ssh
 $SSHD
 EOF
 # /usr/bin/printf "\u00A9 2010 Oliver Ladner\n" #unicode ausgabe