nova verze skriptu upravena podle updatovaciho skriptu Warden serveru - audit shellovych skriptu

1803e8e1 · Tomáš Plesník · 06ec6369 · 1803e8e1
Commit 1803e8e1 authored 10 years ago by Tomáš Plesník
--- a/src/warden-client/sh/update.sh
+++ b/src/warden-client/sh/update.sh
@@ -37,99 +37,119 @@ version()
 err()
 {
        echo "FAILED!"
-	cat $err
-	rm -rf $err
-	rm -rf $backup_dir
+        echo -n "Error: " && cat "$err"
+        rm -f "$backup" 2>/dev/null
+        rm -f "$err"
        echo
        echo "Update from $old_package_version to $package_version package FAILED!!!"
        exit 1
 }


-err_clean()
+errClean()
 {
        echo "FAILED!"
-	echo " -> Reverting changes of warden client package ... OK"
-	rm -rf ${client_path}/* > /dev/null 2>&1
-	cp -R ${backup_dir}/* $client_path
-	cat $err
-	rm -rf $err $backup_dir
+        echo -n "Error: " && cat "$err"
+        echo " -> Reverting changes of Warden client package ... OK"
+        rm -r "${basedir}/"* > /dev/null 2>&1
+        cp -R "${backup}/"* "$basedir"
+        echo
+        rm -r "$err" "$backup"
        echo
        echo "Update from $old_package_version to $package_version package FAILED!!!"
        exit 1
 }


-params_chck()
+paramsChck()
 {
-	if [ -z $prefix ]; then
-		prefix=/opt
-		echo "Warning: parameter -d <directory> is not set - default installation directory is ${prefix}!"
+        if [ -z "$basedir" ]; then
+                echo "Parameter -d <directory> is not set!"
+                exit 1
+        fi
+}
+
+
+#-------------------------------------------------------------------------------
+#                               Installation functions
+#-------------------------------------------------------------------------------
+wardenDirChck()
+{
+        echo -n "Checking Warden client directory ... "
+        if [[ ! -d "$basedir" ]]; then
+                echo "FAILED!"
+                echo
+                echo "Warden client is not installed!"
+                exit 1
+        elif [[ ! -w "$basedir" ]]; then
+                echo "FAILED!"
+                echo
+                echo "You do not have permission to update Warden client!"
+                exit 1
+        else
+                echo "OK"
        fi
 }


-obtain_package_version()
+oldPackageChck()
 {
-	if [ -f $old_package_version_file ]; then 
-		old_package_version=`cat $old_package_version_file`
+        echo -n "Checking previous Warden client installation ... "
+        old_package_version_file=$(find "$basedir" -name package_version)
+        if [ -f "$old_package_version_file" ]; then
+                old_package_version=$(<"$old_package_version_file")
                if [ "$old_package_version" == "$package_version" ]; then
-			echo "Sorry, but $package_version package is already installed!"
+                        echo "FAILED!"
+                        echo
+                        echo "Package $package_version has been already installed!"
+                        exit 1
+                elif [ "$old_package_version" == "warden-client-2.0" ]; then
+                        echo "FAILED!"
+                        echo
+                        echo "First of all you must upgrade to package warden-client-2.1!"
                        exit 1
                fi
        else
-		echo "Sorry, but warden-client package is not installed!"
-		echo "For installation of warden client package please use install.sh script."
+                echo "FAILED!"
+                echo
+                echo "Warden client package is not yet installed!"
+                echo "For installation of Warden client package please use install.sh."
                exit 1
        fi
+        echo "OK"
 }


-perl_chck()
+perlChck()
 {
        echo -n "Checking Perl interpreter ... "
        if which perl 1> /dev/null; then
                echo "OK"
        else
                echo "FAILED!"
-		echo "Error: Perl interpreter is not installed!" 
+                echo
+                echo "Perl interpreter is not installed!"
                exit 1
        fi
 }


-modules_chck()
+modulesChck()
 {
-	for module in ${modules[@]};
+        sed '/^use [A-Z]/!d; /Warden/d' $(find "${dirname}" -type f) 2>/dev/null | cut -f 2 -d " " | sed 's/;//' | sort -u | \
+        while read module;
        do
                echo -n "Checking $module module ... "
-		if perl -e "use $module" 2> $err; then
-			echo "OK"
-		else
-			err
-		fi
+                perl -e "use $module" 2> "$err" && echo "OK" || err
        done
 }


-warden_dir_chck()
-{
-	echo -n "Checking warden client directory ... "
-	if [ ! -d $client_path ]; then
-		echo "FAILED!"
-		ls $client_path
-		exit 1
-	else
-		echo "OK"
-	fi
-}
-
-
 backup()
 {
-	echo -n "Backing-up warden client directory ... "
-	mkdir $backup_dir
-	if cp -R ${client_path}/* $backup_dir 2> $err; then
+        echo -n "Making Warden client backup ... "
+        mkdir "$backup" 2> "$err" || err
+        if cp -R "${basedir}/"* "$backup" 2> "$err"; then
                echo "OK"
        else
                err
@@ -137,10 +157,10 @@ fi
 }


-obtain_warden_user()
+obtainUser()
 {
 	echo -n "Obtaining warden client directory owner ... "
-	if user=`stat -c %U $conf_file` 2> $err; then
+	if user=`stat -c %U $package_version` 2> "$err"; then
 		echo "OK"
 	else
 		err
@@ -148,126 +168,60 @@ obtain_warden_user()
 }


-update_warden_dir()
+updateWardenDir()
 {
-	echo -n "Updating warden client directory ... "
-	if rsync -q --recursive --archive --delete --exclude='etc' --exclude='var' ${dirname}/warden-client $prefix 2> $err; then
-		echo "OK"
-	else
-		err_clean
-	fi
-
-	files=(CHANGELOG INSTALL LICENSE README README.cesnet)
-	for file in ${files[@]};
+        echo -n "Updating Warden client ... "
+        for file in $(<"$manifest")
        do
-		cp ${dirname}/$file ${client_path}/doc
+                dir="$basedir/${file%/*}"
+                [[ ! -d "$dir" ]] && mkdir -p "$dir"
+                cp "$file" "${basedir}/$file" 2> "$err" || errClean
        done
-	cp ${dirname}/uninstall.sh $client_path
-	cp ${dirname}/warden-client/etc/package_version $etc
+        rm -f "${basedir}/uninstall.sh" 2> /dev/null
+        ln -s "${sh}/uninstall.sh" "$basedir"
+        echo "OK"
 }


-make_conf_file()
-{
-	echo -n "Creating configuration file ... "
-	uri=`cat $conf_file | grep '$URI'`
-	ssl_key_file=`cat $conf_file | grep '$SSL_KEY_FILE'`
-	ssl_cert_file=`cat $conf_file | grep '$SSL_CERT_FILE'`
-	ssl_ca_file=`cat $conf_file | grep '$SSL_CA_FILE'`
-        max_rcv_events_limit=`cat $conf_file | grep '$MAX_RCV_EVENTS_LIMIT'`
-        connection_timeout=`cat $conf_file | grep '$CONNECTION_TIMEOUT'`
-
-        log_stderr=`cat $conf_file | grep '$LOG_STDERR'`
-        if [ -z $log_stderr ]; then
-          log_stderr="\$LOG_STDERR = 1;"
-        fi
-
-        log_syslog=`cat $conf_file | grep '$LOG_SYSLOG'`
-        if [ -z $log_syslog ]; then
-          log_syslog="\$LOG_SYSLOG = 0;"
-        fi
-
-        log_syslog_facility=`cat $conf_file | grep '$LOG_SYSLOG_FACILITY'`
-        if [ -z $log_syslog_facility ]; then 
-          log_syslog_facility="\$LOG_SYSLOG_FACILITY = \"local7\";"
-        fi
-
-        log_verbose=`cat $conf_file | grep '$LOG_VERBOSE'`
-        if [ -z $log_verbose ]; then 
-          log_verbose="\$LOG_VERBOSE = 0;"
-        fi
-        
-	echo "#
-# warden-client.conf - configuration file for the warden sender/receiver client
-#
-
-#-------------------------------------------------------------------------------
-# URI - URI address of Warden server
-#-------------------------------------------------------------------------------
-$uri
-
-#-------------------------------------------------------------------------------
-# SSL_KEY_FILE - path to client SSL certificate key file
-#-------------------------------------------------------------------------------
-$ssl_key_file
-
-#-------------------------------------------------------------------------------
-# SSL_CERT_FILE - path to client SSL certificate file
-#-------------------------------------------------------------------------------
-$ssl_cert_file
-
-#-------------------------------------------------------------------------------
-# SSL_CA_FILE - path to CA certificate file
-#-------------------------------------------------------------------------------
-$ssl_ca_file
-
-#-------------------------------------------------------------------------------
-# MAX_RCV_EVENTS_LIMIT - maximum number of events the client is allowd to get
-#                        from the Warden server in one batch
-#-------------------------------------------------------------------------------
-$max_rcv_events_limit
-
-#-------------------------------------------------------------------------------
-# CONNECTION_TIMEOUT - interval in seconds to timeout connection with Warden
-#                      server. If your client timeouts, consider using higher
-#                      timeout number. Also, in case of receiving clients, you
-#                      can optimize the MAX_RCV_EVENTS_LIMIT value.
-#-------------------------------------------------------------------------------
-$connection_timeout
+getConfValue() {
+        perl -e "require \"$1\"; print \"\$$2\";"
+}

-#-------------------------------------------------------------------------------
-# Log options
-#
-# LOG_STDERR, LOG_SYSLOG - hide (0) or allow (1) error reporting on STDERR
-#                          and/or to Syslog
-# LOG_SYSLOG_FACILITY - specify a Syslog facility to log in
-# LOG_VERBOSE - print only error message without a stack (0) or print debug info
-#               including err. message and stack (1)
-#-------------------------------------------------------------------------------
-$log_stderr

-$log_syslog
-$log_syslog_facility
+doTemplate()
+{
+        vars=""
+        while (($#)); do
+                vars="'$1'=>'$2', $vars"
+                shift 2
+        done
+        perl -e "my %repl=($vars); foreach my \$l (<>) {\$l =~ s/\$_/\$repl{\$_}/g for keys %repl; print \$l}"
+}

-$log_verbose

-1;
-" > $conf_file 2> $err; ret_val=`echo $?`
+removeOldFiles()
+{
+        echo -n "Removing old package files ... "
+        rm -f "${doc}/example-receiver.pl.txt" 2> /dev/null
+        rm -f "${doc}/example-sender.pl.txt" 2> /dev/null
+        rm -f "${lib}/WardenClientConf.pm" 2> /dev/null
+        echo "OK"
+}

-	if [ $ret_val -eq 0 ]; then
+createManifest()
+{
+        echo -n "Creating new MANIFEST file ... "
+        cd "$basedir" && find . -mindepth 2 -type f | sed 's/.\///' | sort > "${doc}/MANIFEST" && cd $OLDPWD 2> "$err" || errClean
        echo "OK"
-	else
-		err_clean
-	fi
 }


-change_permissions()
+changePermissions()
 {
 	echo -n "Changing permissions to updated package ... "
-	chown -R $user: $client_path 2>$err || err_clean
-       	chmod 644 $old_package_version_file || err_clean
-	if chmod 600 $conf_file; then
+	chown -R "$user": "$basedir" 2>"$err" || err_clean
+       	chmod 644 "$old_package_version_file" || err_clean
+	if chmod 600 "$client_conf"; then
 		echo "OK"
 	else
 		err_clean
@@ -275,79 +229,132 @@ change_permissions()
 }


-
 #-------------------------------------------------------------------------------
 #				MAIN
 #-------------------------------------------------------------------------------

-# list of used Perl modules
-modules=(SOAP::Lite IO::Socket::SSL SOAP::Transport::HTTP FindBin DateTime Carp)
-
 # read input
 while getopts "d:Vh" options; do
 	case $options in
-		d ) prefix=$OPTARG;;
+		d ) basedir=$OPTARG;;
 		h ) usage;;
 		V ) version;;
 		* ) usage;;
 	esac
 done

-# params test
-params_chck
-
-# create variables
-dirname=`dirname $0`
-package_version=`cat ${dirname}/warden-client/etc/package_version`
-[[ $prefix == */ ]] && prefix="${prefix%?}" # remove last char (slash) from prefix
-client_path="${prefix}/warden-client"
-etc="${client_path}/etc"
-old_package_version_file="${etc}/package_version"
-conf_file="${etc}/warden-client.conf"
-err="/tmp/warden-err"
-backup_dir="/tmp/warden-backup"
+# remove last char (slash) from name of directories
+[[ "$basedir" == */ ]] && basedir="${basedir%?}"

-# obtain version of old warden client
-obtain_package_version
+# params test
+paramsChck

+# set variables
+err="/tmp/warden-err"
+backup="/tmp/warden-client-backup"
+dirname=${0%/*}
+doc="${basedir}/doc"
+etc="${basedir}/etc"
+sh="${basedir}/sh"
+client_conf="${etc}/warden-client.conf"
+client_conf_tmpl="${dirname}/etc/warden-client.conf.tmpl"
+client_conf_tmpl_update="${dirname}/etc/warden-client.conf.tmpl.update"
+package_version=$(<"${dirname}/etc/package_version")
+manifest="${dirname}/doc/MANIFEST"
+
+
+echo "Update of Warden client package to $package_version ..."
 echo
 echo "------------------------- Dependencies check-in -------------------------"

+# check warden server directory
+wardenDirChck
+
+# check previous Warden server instalation
+oldPackageChck
+
 # Perl interpreter test
-perl_chck
+perlChck

 # Perl modules test
-modules_chck
+modulesChck || exit 1

 echo
 echo "------------------------- Update process --------------------------------"

-# check warden client directory
-warden_dir_chck
-
 # backup old warden client installation
 backup

-# obtain current warden client user
-obtain_warden_user
+# obation owner of already installed Warden client
+obtainUser

-# make warden client directory
-update_warden_dir
+# make warden server directory
+updateWardenDir || exit 1

-# create conf file
-make_conf_file
+# update client configuration file
+echo -n "Checking Warden client configuration file ... "
+if [[ -r "$client_conf" ]]; then
+        echo "OK"
+        echo -n " -> Updating Warden client configuration file ... "
+        uri=$(getConfValue "$client_conf" URI)
+        ssl_key=$(getConfValue "$client_conf" SSL_KEY)
+        ssl_cert=$(getConfValue "$client_conf" SSL_CERT)
+        ssl_ca_cert=$(getConfValue "$client_conf" SSL_CA_CERT)
+        max_rcv_events_limit=$(getConfValue "$client_conf" MAX_RCV_EVENTS_LIMIT)
+        connection_timeout=$(getConfValue "$client_conf" CONNECTION_TIMEOUT)
+        log_stderr=$(getConfValue "$client_conf" LOG_STDERR)
+        log_stderr_verbose=$(getConfValue "$client_conf" LOG_STDERR_VERBOSE)
+        syslog=$(getConfValue "$client_conf" SYSLOG)
+        syslog_verbose=$(getConfValue "$client_conf" SYSLOG_VERBOSE)
+        syslog_facility=$(getConfValue "$client_conf" SYSLOG_FACILITY)
+        doTemplate \
+                _URI_              	"$uri" \
+		_KEYFILE_		"$ssl_key" \
+		_CERTFILE_		"$ssl_cert" \
+		_CAFILE_		"$ssl_ca_cert" \
+		_MAXRCVEVENTSLIMIT_	"$max_rcv_events_limit" \
+		_CONNECTIONTIMEOUT_	"$connection_timeout" \
+		_LOGSTDERR_		"$log_stderr" \
+		_LOGSTDERRVERBOSE_	"$log_stderr_verbose" \
+                _SYSLOG_                "$syslog" \
+                _SYSLOGVERBOSE_         "$syslog_verbose" \
+                _SYSLOGFACILITY_        "$syslog_facility" \
+                < $client_conf_tmpl_update \
+                > $client_conf && echo "OK" || errClean
+else
+        echo "FAILED!"
+        echo -n " -> Creating Warden client configuration file ... "
+        doTemplate \
+		_KEYFILE_		"" \
+		_CERTFILE_		"" \
+		_CAFILE_		"" \
+                < $client_conf_tmpl \
+                > $client_conf && echo "OK" || errClean
+	echo "  -> Please specify path to SSL_KEY, SSL_CERT and SSL_CA_CERT!"
+fi
+
+# remove old packages files - file list depend on package version
+removeOldFiles

-# change permissions
-change_permissions
+# create MANIFEST file
+createManifest
+
+# change updated Warden client package permissions
+changePermissions

 echo
-echo "Please check configuration file in ${conf_file}!"
+echo "------------------------- Summary ---------------------------------------"
+
+echo "Please check updated/created configuration files:"
+echo " - $client_conf"
 echo
-echo "Warden client directory: $client_path"
+echo "Warden client directory: $basedir"
 echo
 echo "Update from $old_package_version to $package_version package was SUCCESSFUL!!!"
+echo

 # cleanup section
-rm -rf $err $backup_dir
+rm -f "$err"
+rm -rf "$backup"

 exit 0