diff options
| author | cinap_lenrek <cinap_lenrek@felloff.net> | 2021-12-01 21:53:18 +0000 |
|---|---|---|
| committer | cinap_lenrek <cinap_lenrek@felloff.net> | 2021-12-01 21:53:18 +0000 |
| commit | efd4d750825fed86d48bec8913897b120410554a (patch) | |
| tree | 3dde907c665a9e83197d1704a338f4cc19554cf8 /rc/bin/netaudit | |
| parent | 43eb7eea62595cbb180873e7087a0e4cd8900a9c (diff) | |
netaudio: fix auth check, can have multiple auth servers!
Diffstat (limited to 'rc/bin/netaudit')
| -rwxr-xr-x | rc/bin/netaudit | 37 |
1 files changed, 20 insertions, 17 deletions
diff --git a/rc/bin/netaudit b/rc/bin/netaudit index 71dbab5ff..a3adccfbd 100755 --- a/rc/bin/netaudit +++ b/rc/bin/netaudit @@ -134,23 +134,21 @@ fn checkauth { echo ' no auth server' exit fail } - if not if(~ $sys $auth){ - echo ' we are the auth server' - authisus=1 - } - if not if(~ $dom $auth){ - echo ' we are the auth server' - authisus=1 - } - if not if(~ $ip $auth){ - echo ' we are the auth server' - authisus=1 - } if not { - echo ' we are not the auth server '^$auth - echo ' if this is a mistake, set auth='$sysname 'or auth='$dom - if(~ $authok 1) - echo ' run auth/debug to test the auth server' + for(i in $auth){ + if(~ $i $sys){ + echo ' we are the auth server '^$i + authisus=1 + } + if not if(~ $i $dom){ + echo ' we are the auth server '^$i + authisus=1 + } + if not if(~ $i $ip){ + echo ' we are the auth server '^$i + authisus=1 + } + } } if(~ $authisus 1){ if(! grep -s keyfs <{ps}) @@ -165,7 +163,12 @@ fn checkauth { } echo ' run auth/asaudit to verify auth server configuration' } - + if not { + echo ' we are not the auth server(s):' $auth + echo ' if this is a mistake, set auth='$sys(1) 'or auth='^($sys(2-) $dom) + if(~ $authok 1) + echo ' run auth/debug to test the auth server' + } } fn checksec { echo 'checking basic security:' |