56 lines
1.1 KiB
Bash
56 lines
1.1 KiB
Bash
#!/usr/bin/env bash
|
|
# Configuration file to check
|
|
FILE="/etc/login.defs"
|
|
# Pattern to search for
|
|
PATTERN="ENCRYPT_METHOD"
|
|
|
|
# Check if the configuration file exists
|
|
if [ ! -f "$FILE" ]; then
|
|
echo "File $FILE not found."
|
|
exit 1
|
|
fi
|
|
|
|
# Search for the pattern, whether it's commented or not
|
|
grep -Eq "^#?\s*$PATTERN\s+\S+$" "$FILE"
|
|
FOUND=$?
|
|
|
|
# If the pattern is found
|
|
if [ $FOUND -eq 0 ]; then
|
|
# Check if the pattern is commented
|
|
|
|
grep -Eq "^#\s*$PATTERN\s+\S+$" "$FILE"
|
|
COMMENTED=$?
|
|
|
|
if [ $COMMENTED -eq 0 ]; then
|
|
echo "Pattern $PATTERN is commented."
|
|
exit 1
|
|
fi
|
|
|
|
line=$(grep -E "^\s*$PATTERN\s+\S+$" "$FILE")
|
|
if [ -n "$line" ]; then
|
|
word=$(echo "$line" | awk '{print $2}')
|
|
fi
|
|
|
|
if [[ -n "$word" ]]; then
|
|
# Compare the extracted word with SHA512 UND YESCRYPT
|
|
VALUE1="SHA512"
|
|
VALUE2="YESCRYPT"
|
|
|
|
if [ "$word" != "$VALUE1" ] && [ "$word" != "$VALUE2" ]; then
|
|
echo "The value of $PATTERN ($word) is not good."
|
|
exit 1
|
|
else
|
|
echo "The value of $PATTERN ($word) is valid (equal to SHA512 or YESCRYPT). No changes needed."
|
|
exit 0
|
|
fi
|
|
else
|
|
echo "No valid value for $PATTERN found."
|
|
exit 1
|
|
fi
|
|
|
|
else
|
|
|
|
echo "Pattern $PATTERN not found."
|
|
exit 1
|
|
fi
|