diff options
| author | Jacob Moody <moody@posixcafe.org> | 2022-12-14 17:42:39 +0000 |
|---|---|---|
| committer | Jacob Moody <moody@posixcafe.org> | 2022-12-14 17:42:39 +0000 |
| commit | f8509c37cb6717a18937cfe8e2f19355b090c0d0 (patch) | |
| tree | bd8c66048d766a925dc341ba45b257f7ce7e7c1d /rc/bin | |
| parent | 65d044deae4c50628b073b515a1dd97d33fc31bb (diff) | |
netaudit: perform a clean connection to test auth status
if we did connect with authentication to cwfs to set up
/srv/boot, then this would spout lies.
Diffstat (limited to 'rc/bin')
| -rwxr-xr-x | rc/bin/netaudit | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/rc/bin/netaudit b/rc/bin/netaudit index 490d9c43c..af55f3020 100755 --- a/rc/bin/netaudit +++ b/rc/bin/netaudit @@ -164,10 +164,23 @@ fn checkauth { } fn checksec { echo 'checking basic security:' - if(@{rfork n; mount -n /srv/boot /root >/dev/null >[2=1]}) - echo ' file server does not require auth for user '^$user - if not - echo ' file server seems to require auth' + fs=`{ndb/ipquery sys $sysname fs | sed 's/fs=//g'} + if(~ $fs '') + echo ' we do not seem to be netbooting' + if not @{ + rfork n + </srv/clone { + bind -c /srv/^`{read} /srv + if(srv $fs netaudit.$pid >/dev/null >[2=1] || srvtls $fs netaudit.$pid >/dev/null >[2=1]){ + if(mount -n /srv/netaudit.$pid /n/netaudit >/dev/null >[2=1]) + echo ' file server does not require auth for user '^$user + if not + echo ' file server seems to require auth' + } + if not + echo ' '^$fs^' is not listening' + } + } } checkhost checknet |