scripts/update-motd.d/05-auth

#!/bin/sh
# .. vim: foldmarker=[[[,]]]:foldmethod=marker

# {{ ansible_managed }}

# Colors definition [[[
BLACK='\033[49;30m'
BLACKB='\033[49;90m'
RED='\033[0;31m'
REDB='\033[1;31m'
GREEN='\033[0;32m'
YELLOW='\033[0;33m'
BLUE='\033[94;49m'
MAGENTA='\033[0;35m'
CYAN='\033[36;49m'
WHITE='\033[0;37m'
BOLD='\033[1m'
RESET='\033[0m'
# ]]]
# Function definition [[[
## count_pattern()
### Return the number of occurrence of a pattern in a file with a color
###   (=expected_value : green ; otherwise : red).
count_pattern() {
	## Get the args
	PATTERN="${1}"
	FILE="${2}"
	EXPECTED_VALUE="${3}"

	## Count the pattern in the file
	NUM=$(grep -cE "${PATTERN}" "${FILE}")

	## If $EXPECTED_VALUE exist AND $NUM equal $EXPECTED_VALUE
	if [ "${EXPECTED_VALUE}" ] && [ "${NUM}" = "${EXPECTED_VALUE}" ]; then
		MSG="${GREEN}${NUM}"
	else
		MSG="${RED}${NUM}"
	fi

	printf '%b' "${MSG}"
}
# ]]]
# Vars definition [[[
## Get the most recent "auth.log" file.
##	Simpliest way to get it ?
AUTH_LOG_FILE=$(find /var/log -type f -iname 'auth.log' -printf "%T@ %p\\n" | sort -n | cut -d' ' -f 2- | tail -n 1)
## Number of failed SSH authentication
SSH_FAIL_LOGIN=$(count_pattern 'sshd.*Failed' "${AUTH_LOG_FILE}" '0')
## Number of failed sudo authentication
SUDO_FAIL=$(count_pattern 'sudo.*authentication failure' "${AUTH_LOG_FILE}" '0')
SUDO_3_FAIL=$(count_pattern 'sudo.*3 incorrect password' "${AUTH_LOG_FILE}" '0')
# ]]]

#+++++++++++++++++++: Auth Info :+++++++++++++++++++
printf '%b' "${RESET}"
printf "${BLACKB}%33s${RESET}" | tr ' ' -
printf '%b'  " ${CYAN}Auth Info${RESET}   "
printf "${BLACKB}%34s${RESET}" | tr ' ' -

printf '%b' "
${BLACKB}+ ${WHITE}SSH fail\\t\\t${BLACKB}= ${SSH_FAIL_LOGIN} fail(s) this week
${BLACKB}+ ${WHITE}Sudo fail\\t\\t${BLACKB}= ${GREEN}${SUDO_FAIL} fail(s) this week
${BLACKB}+ ${WHITE}Sudo 3 fails\\t\\t${BLACKB}= ${GREEN}${SUDO_3_FAIL} fail(s) this week
"

printf '%b' "${RESET}"