From: Stephen Gran Date: Tue, 11 Oct 2011 19:20:19 +0000 (+0100) Subject: We need to look for two locations, not two directives X-Git-Url: https://wiki.adam-barratt.org.uk/gitweb/?a=commitdiff_plain;h=23ed0c7a02343a0bfe90436fd465288e0f4b5055;p=mirror%2Fdsa-nagios.git We need to look for two locations, not two directives Of course, the various versions of sshd take these two locations in different ways, but I'm not making skynet just yet. Signed-off-by: Stephen Gran --- diff --git a/dsa-nagios-checks/share/weak-ssh-keys-check b/dsa-nagios-checks/share/weak-ssh-keys-check index a9bd752..d6d4f8c 100755 --- a/dsa-nagios-checks/share/weak-ssh-keys-check +++ b/dsa-nagios-checks/share/weak-ssh-keys-check @@ -309,23 +309,26 @@ sub from_debianorg_places () { my @ak = grep { /^AuthorizedKeysFile\s/i } @lines; my @ak2 = grep { /^AuthorizedKeysFile2\s/i } @lines; + my @ak_files; - if (scalar @ak != 1) { - print $fh "UNKNOWN\n"; - print $fh "There is more than one AuthorizedKeysFile definition in sshd_config\n"; - exit + for my $line ((@ak, @ak2)) { + my @file_locations = split /\s+/, $line; + shift @file_locations; + push @ak_files, @file_locations; } - if (scalar @ak2 != 1) { + + if (scalar @ak_files != 2) { print $fh "UNKNOWN\n"; - print $fh "There is more than one AuthorizedKeysFile2 definition in sshd_config\n"; + print $fh "There should be two locations for User AuthorizedKeysFile defined in sshd_config\n"; exit } - unless ($ak[0] =~ m#^((?i)AuthorizedKeysFile)\s+/etc/ssh/userkeys/%u$# ) { + + unless (grep { m#^/etc/ssh/userkeys/%u$# } @ak_files) { print $fh "UNKNOWN\n"; print $fh "The AuthorizedKeysFile definition has an unexpected value. Should be /etc/ssh/userkeys/%u\n"; exit } - unless ($ak2[0] =~ m#^((?i)AuthorizedKeysFile2)\s+/var/lib/misc/userkeys/%u$# ) { + unless (grep { m#^/var/lib/misc/userkeys/%u$# } @ak_files) { print $fh "UNKNOWN\n"; print $fh "The AuthorizedKeysFile2 definition has an unexpected value. Should be /var/lib/misc/userkeys/%u\n"; exit