Page MenuHomeDevCentral
Files F27208128

check-swap-encryption.sh
No OneTemporary
Actions

check-swap-encryption.sh
View Options

#!/bin/sh
# -------------------------------------------------------------
# NRPE :: Check if swap is encrypted
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: BSD-2-Clause
# Source file: roles/core/monitoring/files/checks/nrpe/os_family/FreeBSD/check-swap-encryption.sh
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# -------------------------------------------------------------
# Detect swap partitions from /etc/fstab
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SWAP_PARTITIONS=$(grep swap /etc/fstab | awk '{print $1}')
if [ "$SWAP_PARTITIONS" = "" ]; then
echo "No swap partition declared in /etc/fstab"
exit 1
fi
# -------------------------------------------------------------
# Check encryption
#
# A swap partition is automatically encrypted on FreeBSD
# when the partition name has a suffix .eli or .bde
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
for partition in $SWAP_PARTITIONS; do
echo "$partition" | grep -q -E '\.eli$|\.bde$'
if [ $? -ne 0 ]; then
echo "$partition swap partition should be encrypted using gbde or geli" >&2
echo "See https://docs.freebsd.org/en/books/handbook/disks/#swap-encrypting" >&2
exit 2
fi
done
exit 0

File Metadata

Mime Type
text/x-shellscript
Expires
Sun, May 3, 06:50 (18 h, 43 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3677763
Default Alt Text
check-swap-encryption.sh (1 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator