#!/bin/bash # OPS335 Lab 5 configuration check # Written by: Peter Callaghan # Last Modified: 16 Mar, '17 # This script runs a series of commands to show the current configuration of the machine it is run on # Run it on your host and vm2, and attach the output of each to your lab submission. if [ `getenforce` != "Enforcing" ] then echo "SELinux is not currently enforcing on this machine. Turn it back on, and do not turn it off again." >&2 exit 2 fi if [ `systemctl is-active iptables` != "active" ] then echo "This machine does not have a running firewall. Turn it back on, and do not turn it off again." >&2 exit 3 elif [ `iptables -L INPUT | wc -l` -le 2 -a `iptables -L INPUT | grep -c "policy ACCEPT"` -gt 0 ] then echo "The firewall on this machine is allowing all incoming traffic. It should not be. Fix this." >&2 exit 4 fi date echo echo "hostname:"`hostname` echo echo "SELinux status:"`getenforce` echo echo "Static Addressing" for each in /etc/sysconfig/network-scripts/ifcfg-* do echo "Static configuration for $each" cat $each echo done if [ `hostname -s` == "vm2" ] then #VM2 only filesystem=`df | grep -E "(centos-)?root" | cut -d' ' -f1` echo "UUID:"`blkid $filesystem | sed -r 's/^.*UUID="([-a-zA-Z0-9]+)".*$/\1/'` echo echo "Firewall" iptables -L -v -n echo echo "Configuration - samba" sed -e "/^#/ d" -e "/^$/ d" -e "/^;/ d" /etc/samba/smb.conf echo echo "samba:"`systemctl is-active smb.service` echo "samba:"`systemctl is-enabled smb.service` echo echo "testparm" testparm -s 2>&1 echo echo "sebool" getsebool samba_enable_home_dirs echo else #Host only filesystem=`df | grep /var/lib/libvirt/images | cut -d' ' -f1` uuid=`blkid $filesystem | sed -r 's/^.*UUID="([-a-zA-Z0-9]+)".*$/\1/'` echo "UUID:$uuid" echo echo "iptables" iptables -t nat -L PREROUTING -v -n echo iptables -L FORWARD -v -n echo fi