add options to /tmp partition in fstab by using a bash script

Question

I'm writing a long script to add security options after a basic linux server installation. One of these security is to add options to /temp partition. For that I wrote:

    awk '{
if (!/^#/ && $2 == "/tmp")
awk '{ if(!match(/rw,nosuid,nodev,noexec,realtime/, $4)) $4=$4",rw,nosuid,nodev,noexec,realtime" } 1' /etc/fstab > /tmp/$$
cat /tmp/$$ > /root/fstab
rm /tmp/$$
echo "$(tput setaf 2)Mounting point /tmp has been updated and is now secured !$(tput sgr0)" >&3
}' /etc/fstab

The fstab file is:

# <file system> <mount point>   <type>  <options>       <dump>  <pass>
/dev/mapper/debiantest--vg-root /               ext4    errors=remount-ro 0       1
# /boot was on /dev/sda1 during installation
UUID=495503ab-78ed-4af5-8587-5d1c30ff233d /boot           ext2    defaults        0       2
/dev/mapper/debiantest--vg-home /home           ext4    defaults        0       2
/dev/mapper/debiantest--vg-tmp /tmp            ext4    defaults        0       2
/dev/mapper/debiantest--vg-var /var            ext4    defaults        0       2
/dev/mapper/debiantest--vg-swap_1 none            swap    sw              0       0
/dev/sr0        /media/cdrom0   udf,iso9660 user,noauto     0       0

I would like to change:

/dev/mapper/debiantest--vg-tmp /tmp ext4 defaults 0 2

by:

/dev/mapper/debiantest--vg-tmp /tmp ext4 defaults,rw,nosuid,nodev,noexec,realtime 0 2

But this doesn't work with this error message:

syntax error near unattended symbole « ( »

I found that this is because I have simple quote in the second awk that stop the first simple quote before (the first awk).

So how to first check if /tmp exist and then add options in this line? Maybe a "simple" grep can work, but how to use grep to be sure only the line with /tmp is modified? For example we can have another line with /var/tmp...

Many thanks for your help.

ToTo

Answer 1

ok the solution was to remove the first awk and to deal with egrep as:

if egrep -qs '\s/tmp\s' /etc/fstab; then
awk -v OFS='\t' '!/^#/ && ($2 == "/tmp") && ($4 == "defaults") { $4=$4",rw,nosuid,nodev,noexec,realtime" } 1' /etc/fstab > /tmp/$$
cat /tmp/$$ > /etc/fstab
rm /tmp/$$
echo "$(tput setaf 2)Mounting point /tmp has been updated and is now secured !$(tput sgr0)" >&3
else
echo "$(tput setaf 1)Bad news, you don't have a separate /tmp partition... This is unsecured !$(tput sgr0)" >&3
fi

Thanks to point me the double awk problem.

If you think that the grep can be improve please let me know: :-)

Regards

ToTo