Page MenuHomeDevCentral
Files F3764820

D3531.id9074.diff
No OneTemporary
Actions

D3531.id9074.diff
View Options

diff --git a/roles/core/monitoring/files/checks/nrpe/os_family/FreeBSD/check-swap-encryption.sh b/roles/core/monitoring/files/checks/nrpe/os_family/FreeBSD/check-swap-encryption.sh
new file mode 100755
--- /dev/null
+++ b/roles/core/monitoring/files/checks/nrpe/os_family/FreeBSD/check-swap-encryption.sh
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+# -------------------------------------------------------------
+# NRPE :: Check if swap is encrypted
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: BSD-2-Clause
+# Source file: roles/core/monitoring/files/checks/nrpe/os_family/FreeBSD/check-swap-encryption.sh
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+# -------------------------------------------------------------
+# Detect swap partitions from /etc/fstab
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+SWAP_PARTITIONS=$(grep swap /etc/fstab | awk '{print $1}')
+
+if [ "$SWAP_PARTITIONS" = "" ]; then
+ echo "No swap partition declared in /etc/fstab"
+ exit 1
+fi
+
+# -------------------------------------------------------------
+# Check encryption
+#
+# A swap partition is automatically encrypted on FreeBSD
+# when the partition name has a suffix .eli or .bde
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+for partition in $SWAP_PARTITIONS; do
+ echo "$partition" | grep -q -E '\.eli$|\.bde$'
+ if [ $? -ne 0 ]; then
+ echo "$partition swap partition should be encrypted using gbde or geli" >&2
+ echo "See https://docs.freebsd.org/en/books/handbook/disks/#swap-encrypting" >&2
+ exit 2
+ fi
+done
+
+exit 0

File Metadata

Mime Type
text/plain
Expires
Sat, Nov 23, 08:37 (12 h, 17 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2257586
Default Alt Text
D3531.id9074.diff (1 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator