Giter Site home page Giter Site logo

confiscan's Introduction

ConfiScan

Collect basic information about Linux systems within seconds.
· Report Bug · Request Feature

About ConfiScan

⚠️ Currently, only Debian is supported. Support for other Linux distributions will be added soon.

ConfiScan is a Bash script designed to collect basic information about Linux systems and output it into a set of organized files (CSV and txt). This tool is intended to assist system administrators in documenting and managing their infrastructure, providing a clear and comprehensive overview of system configurations.

The tool was initially developed as part of a bachelor thesis aimed at exploring solutions to facilitate the transition to Infrastructur as Code environments. Recognizing the ongoing challenges that many small and medium-sized enterprises (SMEs) face, such as limited knowledge, time, and budget constraints, ConfiScan will continue to be developed within this repository. It provides a straightforward and effective method for collecting and organizing system information, simplifying the creation of a comprehensive configuration inventory.

More information about the initial script and backstory can be found at the repository containing the thesis.

Usage

Prerequisites

To use ConfiScan, you need the following:

  • Packages:
    • dmidecode
    • net-tools
  • Sudo privileges to execute system commands.

Execution

$ confiscan.sh -h
Usage: confiscan.sh [OPTION] [CONFIG_FILES]

Options:
    -h   Display help
    -v   Display version
    -f   Force overwrite of output directory/tarball
    -o   Specify output directory, default is hostname-configs
    -t   Create tarball of output directory

Note:
    Shell globbing is supported for [CONFIG_FILES]. They can be files or directories.

Examples:
    confiscan.sh -h
    confiscan.sh /etc/sysctl.conf
    confiscan.sh /etc/apache2/ /etc/sysctl.conf
    confiscan.sh -f -t /etc/machine-id
    confiscan.sh -o /path/to/output_dir
    confiscan.sh -t /etc/bash{.bashrc,_completion}
    confiscan.sh -t

Contributions

Contributions are welcome! Refer to CONTRIBUTING.md for more information on how to contribute.

License

ConfiScan is licensed under the GPLv3 License. See the LICENSE file for more details.

confiscan's People

Contributors

antonvanassche avatar

Watchers

avatar

confiscan's Issues

[ENHANCEMENT] Collect SELinux configuration

Is your enhancement request related to a problem?

The script currently does not collect SELinux configurations, requiring the end user to provide these configuration files as arguments during execution.

What solution would you like?

Add specific code to the script for collecting SELinux configurations. This would make the script more comprehensive and able to inventory a wider range of configuration settings without requiring user input for these specific configurations.

What alternatives have you considered?

The alternative would be for the user to manually provide SELinux configuration files as arguments during script execution, which is less efficient and user-friendly. This is how you currently have to include the SELinux configuration.

[BUG] Incorrect handling of links in inventory

What is the bug?

When a directory or file is passed as an argument, it is literally copied to the configuration inventory without considering the type of file. For example, if it is a softlink, there is a chance it will not work after the configuration is inventoried.

How can one reproduce the bug?

  1. Pass a directory or file that is a softlink as an argument.
  2. Run the script to inventory the configuration.

What is the expected behavior?

The expected behavior is that softlinks should be handled correctly, and the actual files they point to should be included in the configuration inventory.

What is your host/environment?

  • Operation system: Debian GNU/Linux 12 (bookworm)
  • ConfiScan version: Any version starting from 0.8.0
  • Bash version: 5.2.15(1)-release

Possible solution?

Using rsync, we can ensure that the script follows symbolic links and copies the original file. The updated approach is demonstrated below:

diff --git a/src/tool/confiscan.sh b/src/tool/confiscan.sh
index 231954e..0e5acc8 100755
--- a/src/tool/confiscan.sh
+++ b/src/tool/confiscan.sh
@@ -427,7 +427,7 @@ for c in "${APP_CONFIGS[@]}"; do
         error "${c} no such file or directory." 2

     mkdir -p "${output_dir}/$(dirname "${c}")"
-    cp -r "${c}" "${output_dir}/$(dirname "${c}")"
+    rsync --force --archive --recursive --copy-links "${c}" "${output_dir}/$(dirname "${c}")" || :
 done

 # File Integrity Check of original files, excluding ./original.sha256

However, caution is warranted as this approach may suppress other potential errors due to the use of || :. This workaround prevents the script from terminating when encountering a broken symlink, a situation common in default Debian installations (see some systemd unit files).

[ENHANCEMENT] Collect AppArmor configuration

Is your enhancement request related to a problem?

The script currently does not collect AppArmor configurations, requiring the end user to provide these configuration files as arguments during execution.

What solution would you like?

Add specific code to the script for collecting AppArmor configurations. This would make the script more comprehensive and able to inventory a wider range of configuration settings without requiring user input for these specific configurations.

What alternatives have you considered?

The alternative would be for the user to manually provide AppArmor configuration files as arguments during script execution, which is less efficient and user-friendly. This is how you currently have to include the AppArmor configuration.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.