mhameed
/
cdist
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
cdist/cdist/conf/type/__sshd_config/explorer/state

122 lines
3.2 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/sh -e
#
# 2020 Dennis Camera (dennis.camera at ssrq-sds-fds.ch)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
# Determines the current state of the config option.
# Possible output:
# - present: "should" option present in config file
# - default: the "should" option is the default -> dont know if present
# - absent: no such option present in config file
#
joinlines() { sed -n -e H -e "\${x;s/^\\n//;s/\\n/${1:?}/g;p;}"; }
trlower() { tr '[:upper:]' '[:lower:]'; }
tolower() { printf '%s' "$*" | trlower; }
default_value() {
sshd -T -f /dev/null -C "$(make_conn_spec)" \
| sed -n -e 's/^'"$(tolower "${1:?}")"'[[:blank:]]\{1,\}//p'
}
make_conn_spec() {
if test -s "${__object:?}/parameter/match"
then
_match_file="${__object:?}/parameter/match"
else
_match_file='/dev/null'
fi
for _kw in \
addr=Address \
user=User \
host=Host \
laddr=LocalAddress \
lport=LocalPort \
rdomain=RDomain
do
_specname=${_kw%%=*}
_confname=$(tolower "${_kw#*=}")
while read -r _k _v
do
if test "$(tolower "${_k}")" = "${_confname}"
then
printf '%s=%s\n' "${_specname}" "${_v}"
continue 2
fi
done <"${_match_file}"
# NOTE: Print test spec even for empty keys to suppress errors like:
# 'Match User' in configuration but 'user' not in connection test specification.
# except lport:
# Invalid port '' in test mode specification lport=
test "${_specname}" = 'lport' || printf '%s=\n' "${_specname}"
done \
| joinlines ','
unset _match_file
}
sshd_config_file=$(cat "${__object:?}/parameter/file")
state_should=$(cat "${__object:?}/parameter/state")
if test -s "${__object:?}/parameter/option"
then
option_name=$(cat "${__object:?}/parameter/option")
else
option_name=${__object_id:?}
fi
value_should=$(cat "${__object:?}/parameter/value" 2>/dev/null) \
|| test "${state_should}" = absent || exit 0 # param optional if --state absent
command -v sshd >/dev/null 2>&1 || {
echo 'Cannot find sshd.' >&2
exit 1
}
test -e "${sshd_config_file}" || {
echo 'absent'
exit 0
}
value_is=$(
sshd -T -f "${sshd_config_file}" -C "$(make_conn_spec)" \
| sed -n -e 's/^'"$(tolower "${option_name}")"'[[:blank:]]\{1,\}//p')
if printf '%s\n' "${value_is}" | {
if test -n "${value_should}"
then
grep -q -x -F "${value_should}"
else
# if no value provided, assume "any" value
grep -q -e .
fi
}
then
if default_value "${option_name}" | grep -q -x -F "${value_is}"
then
# Might produce false positives for default values.
# TODO: Manual checking should be done, but for simplicity, this case is
# currently ignored here.
echo default
else
echo present
fi
else
echo absent
fi
Reference in New Issue View Git Blame Copy Permalink