set -e
set -u
+AUTHKEYSFILE=/etc/ssh/userkeys/root
+
err=0
log() {
- if [ "$1" == "warn" ] && [ "$err" -lt 1 ]; then
+ if [ "$1" = "warn" ] && [ "$err" -lt 1 ]; then
err=1
- elif [ "$1" == "critical" ] && [ "$err" -lt 2 ]; then
+ elif [ "$1" = "critical" ] && [ "$err" -lt 2 ]; then
err=2
- elif [ "$1" == "unknown" ] && [ "$err" == 0 ]; then
+ elif [ "$1" = "unknown" ] && [ "$err" = 0 ]; then
err=3
fi
}
rsync_targets=`tempfile`
backup_manager_sources=`tempfile`
trap "rm -f '$rsync_targets' '$backup_manager_sources'" 0 1 2 5 15
-cat /root/.ssh/authorized_keys |
+cat "$AUTHKEYSFILE" |
grep '^command=' |
sed -e 's/",no-por.*//' -e 's/.*--ignore-errors . //' -e 's#/org/backup.debian.org/staging/##' |
+ grep -v 'command="/usr/lib/da-backup/da-backup-ssh-wrap ' |
sort > "$rsync_targets"
-grep -h source /etc/da-backup-manager/* |
+
+wildcard_hosts=`cat "$AUTHKEYSFILE" | grep 'command="/usr/lib/da-backup/da-backup-ssh-wrap ' | sed -e 's/.*da-backup-ssh-wrap \([a-z0-9.]*\)".*/\1/' | tr '\n' '|' | sed 's/|$//'`
+grep -h '^source' /etc/da-backup-manager/* |
sed -e 's/source=//' |
+ egrep -v "^($wildcard_hosts)/" |
sort > "$backup_manager_sources"
if ! diff "$rsync_targets" "$backup_manager_sources" > /dev/null; then
log warn