# platform = multi_platform_slmicro,multi_platform_ubuntu,multi_platform_debian # Remediation is applicable only in certain platforms if dpkg-query --show --showformat='${db:Status-Status}' 'linux-base' 2>/dev/null | grep -q '^installed$' && { ! (systemctl is-active rsyslog &>/dev/null); }; then dropin_conf=/etc/systemd/journal-upload.conf.d/60-journald_upload.conf mkdir -p /etc/systemd/journal-upload.conf.d touch "${dropin_conf}" for conf in /etc/systemd/journal-upload.conf /etc/systemd/journal-upload.conf.d/*; do [[ -e "${conf}" ]] || continue sed -i --follow-symlinks \ -e 's/^ServerKeyFile\>/#&/g' \ -e 's/^ServerCertificateFile\>/#&/g' \ -e 's/^TrustedCertificateFile\>/#&/g' "${conf}" done var_journal_upload_server_key_file='(bash-populate var_journal_upload_server_key_file)' var_journal_upload_server_certificate_file='(bash-populate var_journal_upload_server_certificate_file)' var_journal_upload_server_trusted_certificate_file='(bash-populate var_journal_upload_server_trusted_certificate_file)' found=false # set value in all files if they contain section or key for f in $(echo -n "${dropin_conf}"); do if [ ! -e "$f" ]; then continue fi # find key in section and change value if grep -qzosP "[[:space:]]*\[Upload\]([^\n\[]*\n+)+?[[:space:]]*ServerKeyFile" "$f"; then if ! grep -qPz "ServerKeyFile=$var_journal_upload_server_key_file" "$f"; then sed -i "s/ServerKeyFile[^(\n)]*/ServerKeyFile=$var_journal_upload_server_key_file/" "$f" fi found=true # find section and add key = value to it elif grep -qs "[[:space:]]*\[Upload\]" "$f"; then sed -i "/[[:space:]]*\[Upload\]/a ServerKeyFile=$var_journal_upload_server_key_file" "$f" found=true fi done # if section not in any file, append section with key = value to FIRST file in files parameter if ! $found ; then file=$(echo "${dropin_conf}" | cut -f1 -d ' ') mkdir -p "$(dirname "$file")" echo -e "[Upload]\nServerKeyFile=$var_journal_upload_server_key_file" >> "$file" fi found=false # set value in all files if they contain section or key for f in $(echo -n "${dropin_conf}"); do if [ ! -e "$f" ]; then continue fi # find key in section and change value if grep -qzosP "[[:space:]]*\[Upload\]([^\n\[]*\n+)+?[[:space:]]*ServerCertificateFile" "$f"; then if ! grep -qPz "ServerCertificateFile=$var_journal_upload_server_certificate_file" "$f"; then sed -i "s/ServerCertificateFile[^(\n)]*/ServerCertificateFile=$var_journal_upload_server_certificate_file/" "$f" fi found=true # find section and add key = value to it elif grep -qs "[[:space:]]*\[Upload\]" "$f"; then sed -i "/[[:space:]]*\[Upload\]/a ServerCertificateFile=$var_journal_upload_server_certificate_file" "$f" found=true fi done # if section not in any file, append section with key = value to FIRST file in files parameter if ! $found ; then file=$(echo "${dropin_conf}" | cut -f1 -d ' ') mkdir -p "$(dirname "$file")" echo -e "[Upload]\nServerCertificateFile=$var_journal_upload_server_certificate_file" >> "$file" fi found=false # set value in all files if they contain section or key for f in $(echo -n "${dropin_conf}"); do if [ ! -e "$f" ]; then continue fi # find key in section and change value if grep -qzosP "[[:space:]]*\[Upload\]([^\n\[]*\n+)+?[[:space:]]*TrustedCertificateFile" "$f"; then if ! grep -qPz "TrustedCertificateFile=$var_journal_upload_server_trusted_certificate_file" "$f"; then sed -i "s/TrustedCertificateFile[^(\n)]*/TrustedCertificateFile=$var_journal_upload_server_trusted_certificate_file/" "$f" fi found=true # find section and add key = value to it elif grep -qs "[[:space:]]*\[Upload\]" "$f"; then sed -i "/[[:space:]]*\[Upload\]/a TrustedCertificateFile=$var_journal_upload_server_trusted_certificate_file" "$f" found=true fi done # if section not in any file, append section with key = value to FIRST file in files parameter if ! $found ; then file=$(echo "${dropin_conf}" | cut -f1 -d ' ') mkdir -p "$(dirname "$file")" echo -e "[Upload]\nTrustedCertificateFile=$var_journal_upload_server_trusted_certificate_file" >> "$file" fi else >&2 echo 'Remediation is not applicable, nothing was done' fi