mirror of
https://github.com/ovh/debian-cis.git
synced 2024-11-24 22:41:24 +01:00
fix: Catch unexpected failures (#140)
Signed-off-by: Tarik Megzari <tarik.megzari@corp.ovh.com> Co-authored-by: Tarik Megzari <tarik.megzari@corp.ovh.com>
This commit is contained in:
parent
17d272420a
commit
bb03764918
@ -103,6 +103,20 @@ debug() {
|
|||||||
if [ "$MACHINE_LOG_LEVEL" -ge 5 ]; then _logger "$GRAY" "[DBG ] $*"; fi
|
if [ "$MACHINE_LOG_LEVEL" -ge 5 ]; then _logger "$GRAY" "[DBG ] $*"; fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
exception() {
|
||||||
|
# Trap exit code is the same as the trapped one unless we call an explicit exit
|
||||||
|
TRAP_CODE=$?
|
||||||
|
if [ "$ACTIONS_DONE" -ne 1 ]; then
|
||||||
|
if [ "$BATCH_MODE" -eq 1 ]; then
|
||||||
|
BATCH_OUTPUT="KO $SCRIPT_NAME $BATCH_OUTPUT KO{Unexpected exit code: $TRAP_CODE}"
|
||||||
|
becho "$BATCH_OUTPUT"
|
||||||
|
else
|
||||||
|
crit "Check failed with unexpected exit code: $TRAP_CODE"
|
||||||
|
fi
|
||||||
|
exit 1 # Means critical status
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
# sudo wrapper
|
# sudo wrapper
|
||||||
# issue crit state if not allowed to perform sudo
|
# issue crit state if not allowed to perform sudo
|
||||||
|
@ -11,6 +11,7 @@ status=""
|
|||||||
forcedstatus=""
|
forcedstatus=""
|
||||||
SUDO_CMD=""
|
SUDO_CMD=""
|
||||||
SAVED_LOGLEVEL=""
|
SAVED_LOGLEVEL=""
|
||||||
|
ACTIONS_DONE=0
|
||||||
|
|
||||||
if [ -n "${LOGLEVEL:-}" ]; then
|
if [ -n "${LOGLEVEL:-}" ]; then
|
||||||
SAVED_LOGLEVEL=$LOGLEVEL
|
SAVED_LOGLEVEL=$LOGLEVEL
|
||||||
@ -111,6 +112,9 @@ if [ -z "$status" ]; then
|
|||||||
exit 2
|
exit 2
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# We want to trap unexpected failures in check scripts
|
||||||
|
trap exception EXIT
|
||||||
|
|
||||||
case $status in
|
case $status in
|
||||||
enabled | true)
|
enabled | true)
|
||||||
info "Checking Configuration"
|
info "Checking Configuration"
|
||||||
@ -128,6 +132,7 @@ audit)
|
|||||||
;;
|
;;
|
||||||
disabled | false)
|
disabled | false)
|
||||||
info "$SCRIPT_NAME is disabled, ignoring"
|
info "$SCRIPT_NAME is disabled, ignoring"
|
||||||
|
ACTIONS_DONE=1
|
||||||
exit 2 # Means unknown status
|
exit 2 # Means unknown status
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
@ -135,6 +140,8 @@ disabled | false)
|
|||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
ACTIONS_DONE=1
|
||||||
|
|
||||||
if [ "$CRITICAL_ERRORS_NUMBER" -eq 0 ]; then
|
if [ "$CRITICAL_ERRORS_NUMBER" -eq 0 ]; then
|
||||||
if [ "$BATCH_MODE" -eq 1 ]; then
|
if [ "$BATCH_MODE" -eq 1 ]; then
|
||||||
BATCH_OUTPUT="OK $SCRIPT_NAME $BATCH_OUTPUT"
|
BATCH_OUTPUT="OK $SCRIPT_NAME $BATCH_OUTPUT"
|
||||||
|
Loading…
Reference in New Issue
Block a user