# vim:ft=sh:noexpandtab # System sanity checks # Check that we are root (this tool can be run only as root) # TODO uncomment # [ "$(id -u)" = "0" ] || echo_die "Multiconfig have to be run as root." # We have su which su >/dev/null || echo_die "There is no su command." # Check that we are not using csh or tcsh # Note: variable shell should be defined only on csh or tcsh (note lowercase) [ -z "$shell" ] || echo_die "Multiconfig doesn't support csh nor tcsh." # Check that we have gpg which gpg >/dev/null || echo_die "There is no gpg command." # Check that git trunk is signed using trusted key # TODO # Check root owner (should be root) # TODO uncomment #[ "$(stat -c '%u')" = 0 ] || echo_die "Root directory of distconfig isn't owned by root! Investigate why!" # Check access right to root (only root should have access) # TODO uncomment #[ "$(stat -c '%a')" = "700" ] || echo_die "Root directory of distconfig has incorect access rights. 700 expected!" # Check that we have openssl which openssl >/dev/null || echo_die "There is no openssl command." # Check that we can decrypt using openssl and aes-192-cbc OPENSSL_TEST_PASSWORD="XduF2T_opDknbzN0EyJJCBFyS1i6yaBU5Beb6IZkFVHWZGWOIZCF1Cc0zrupjEaV" [ "$(openssl aes-192-cbc -d -a -k "$OPENSSL_TEST_PASSWORD" -in files/openssl_test_file)" = "It works!" ] || \ echo_die "Test message couldn't been decrypted." # Check that given key works with our machinery [ "$(catdecrypt files/encrypted_test)" = "It works!" ] || \ echo_die "Encryption machinery failed to decrypt test file" # Check that we have internet connection #DC_INTERNET=true #if ! ping -c 5 -w 30 cynerd.cz >/dev/null; then # echo_warn "No internet connection detected. All operations requiring internet connection will be skipped" # DC_INTERNET=false #fi