netaudit, ndb(6): the dom= attribute in ndb should be specified without the trailing period
This commit is contained in:
parent
78c7ad88ff
commit
d3743d40c2
|
@ -1,5 +1,30 @@
|
||||||
#!/bin/rc
|
#!/bin/rc
|
||||||
rfork e
|
rfork e
|
||||||
|
fn checkether {
|
||||||
|
echo -n ' '$1'='$2
|
||||||
|
if(! ~ $2 [0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f])
|
||||||
|
echo ' has wrong format'
|
||||||
|
if not if(! grep -s $i /net/ether*/addr)
|
||||||
|
echo ' does not belong to any network interface'
|
||||||
|
if not
|
||||||
|
echo ' looks ok'
|
||||||
|
}
|
||||||
|
fn checkip {
|
||||||
|
echo -n ' '$1'='$2
|
||||||
|
if(! ~ $2 *.*.*.* *:*:*:*:*:*:*:* *::*)
|
||||||
|
echo ' does not look like an ip address'
|
||||||
|
if not
|
||||||
|
echo ' looks ok'
|
||||||
|
}
|
||||||
|
fn checkdom {
|
||||||
|
echo -n ' '$1'='$2
|
||||||
|
if(! ~ $2 *.*)
|
||||||
|
echo ' does not have a dot'
|
||||||
|
if not if(~ $2 *.)
|
||||||
|
echo ' has a trailing period'
|
||||||
|
if not
|
||||||
|
echo ' looks ok'
|
||||||
|
}
|
||||||
fn checkhost {
|
fn checkhost {
|
||||||
if(~ $sysname ''){
|
if(~ $sysname ''){
|
||||||
echo 'sysname= env var is not set'
|
echo 'sysname= env var is not set'
|
||||||
|
@ -9,19 +34,19 @@ fn checkhost {
|
||||||
ip=`{ndb/ipquery sys $sysname ip | sed 's/ip=//g'}
|
ip=`{ndb/ipquery sys $sysname ip | sed 's/ip=//g'}
|
||||||
if(~ $ip '')
|
if(~ $ip '')
|
||||||
echo ' no ip= entry'
|
echo ' no ip= entry'
|
||||||
if not
|
if not {
|
||||||
echo ' ip='$ip 'looks ok'
|
for(i in $ip){
|
||||||
|
checkip ip $i
|
||||||
|
}
|
||||||
|
}
|
||||||
dom=`{ndb/ipquery sys $sysname dom | sed 's/dom=//g'}
|
dom=`{ndb/ipquery sys $sysname dom | sed 's/dom=//g'}
|
||||||
if(~ $dom '')
|
if(~ $dom '')
|
||||||
echo ' no dom= entry'
|
echo ' no dom= entry'
|
||||||
if not {
|
if not {
|
||||||
for(i in $dom){
|
for(i in $dom){
|
||||||
if(! ~ $i *.*)
|
checkdom dom $i
|
||||||
echo ' dom='$i 'does not have a dot'
|
if(! ~ $i $sysname^.*)
|
||||||
if not if(! ~ $i $sysname^.*)
|
|
||||||
echo ' dom='$i 'does not start with' $sysname^'; it''s supposed to be the FQDN, not the domain name!'
|
echo ' dom='$i 'does not start with' $sysname^'; it''s supposed to be the FQDN, not the domain name!'
|
||||||
if not
|
|
||||||
echo ' dom='$i 'looks ok'
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
ether=`{ndb/ipquery sys $sysname ether | sed 's/ether=//g'}
|
ether=`{ndb/ipquery sys $sysname ether | sed 's/ether=//g'}
|
||||||
|
@ -29,12 +54,7 @@ fn checkhost {
|
||||||
echo ' no ether entry'
|
echo ' no ether entry'
|
||||||
if not {
|
if not {
|
||||||
for(i in $ether){
|
for(i in $ether){
|
||||||
if(! ~ $i [0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f])
|
checkether ether $i
|
||||||
echo ' ether='$i 'has wrong format'
|
|
||||||
if not if(! grep -s $i /net/ether*/addr)
|
|
||||||
echo ' ether='$i 'does not belong to any network interface'
|
|
||||||
if not
|
|
||||||
echo ' ether='$i 'looks ok'
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -44,17 +64,17 @@ fn checknet {
|
||||||
if(~ $ipnet ''){
|
if(~ $ipnet ''){
|
||||||
echo ' we are not in an ipnet, so looking for entries in host tuple only'
|
echo ' we are not in an ipnet, so looking for entries in host tuple only'
|
||||||
}
|
}
|
||||||
if not
|
if not {
|
||||||
echo ' we are in ipnet='^$ipnet
|
echo ' we are in ' 'ipnet='^$ipnet
|
||||||
|
}
|
||||||
ipgw=`{ndb/ipquery sys $sysname ipgw | sed 's/ipgw=//g'}
|
ipgw=`{ndb/ipquery sys $sysname ipgw | sed 's/ipgw=//g'}
|
||||||
if(~ $ipgw '' '::'){
|
if(~ $ipgw '' '::'){
|
||||||
echo ' we do not have an internet gateway, no ipgw= entry'
|
echo ' we do not have an internet gateway, no ipgw= entry'
|
||||||
}
|
}
|
||||||
if not {
|
if not {
|
||||||
if(! ~ $ipgw *.*.*.* *:*:*:*:*:*:*:* *::*)
|
for(i in $ipgw) {
|
||||||
echo ' ipgw='$ipgw 'does not look like an ip address'
|
checkip ipgw $i
|
||||||
if not
|
}
|
||||||
echo ' ipgw='$ipgw 'looks ok'
|
|
||||||
}
|
}
|
||||||
dns=`{ndb/ipquery sys $sysname dns | sed 's/dns=//g'}
|
dns=`{ndb/ipquery sys $sysname dns | sed 's/dns=//g'}
|
||||||
if(~ $dns '')
|
if(~ $dns '')
|
||||||
|
@ -112,7 +132,7 @@ fn checkauth {
|
||||||
}
|
}
|
||||||
if not {
|
if not {
|
||||||
echo ' we are not the auth server '^$auth
|
echo ' we are not the auth server '^$auth
|
||||||
echo ' if this is a mistake, set auth='$sysname' or auth='$dom
|
echo ' if this is a mistake, set auth='$sysname 'or auth='$dom
|
||||||
if(~ $authok 1)
|
if(~ $authok 1)
|
||||||
echo ' run auth/debug to test the auth server'
|
echo ' run auth/debug to test the auth server'
|
||||||
}
|
}
|
||||||
|
|
|
@ -161,7 +161,7 @@ They are:
|
||||||
system name (a short name)
|
system name (a short name)
|
||||||
.TP
|
.TP
|
||||||
.B dom
|
.B dom
|
||||||
Internet fully-qualified domain name
|
Internet fully-qualified domain name (without the trailing period)
|
||||||
.TP
|
.TP
|
||||||
.B ip
|
.B ip
|
||||||
Internet address,
|
Internet address,
|
||||||
|
|
Loading…
Reference in a new issue