shithub: riscv

Download patch

ref: f8509c37cb6717a18937cfe8e2f19355b090c0d0
parent: 65d044deae4c50628b073b515a1dd97d33fc31bb
author: Jacob Moody <moody@posixcafe.org>
date: Wed Dec 14 12:42:39 EST 2022

netaudit: perform a clean connection to test auth status

if we did connect with authentication to cwfs to set up
/srv/boot, then this would spout lies.

--- a/rc/bin/netaudit
+++ b/rc/bin/netaudit
@@ -164,10 +164,23 @@
 }
 fn checksec {
 	echo 'checking basic security:'
-	if(@{rfork n; mount -n /srv/boot /root >/dev/null >[2=1]})
-		echo '	file server does not require auth for user '^$user
-	if not
-		echo '	file server seems to require auth'
+	fs=`{ndb/ipquery sys $sysname fs | sed 's/fs=//g'}
+	if(~ $fs '')
+		echo '	we do not seem to be netbooting'
+	if not @{
+		rfork n
+		</srv/clone {
+			bind -c /srv/^`{read} /srv
+			if(srv $fs netaudit.$pid >/dev/null >[2=1] || srvtls $fs netaudit.$pid >/dev/null >[2=1]){
+				if(mount -n /srv/netaudit.$pid /n/netaudit >/dev/null >[2=1])
+					echo '	file server does not require auth for user '^$user
+				if not
+					echo '	file server seems to require auth'
+			}
+			if not
+				echo '	'^$fs^' is not listening'
+		}
+	}
 }
 checkhost
 checknet