Skip to content
Snippets Groups Projects
Commit 1803e8e1 authored by Tomáš Plesník's avatar Tomáš Plesník
Browse files

nova verze skriptu upravena podle updatovaciho skriptu Warden serveru - audit shellovych skriptu

parent 06ec6369
No related branches found
No related tags found
No related merge requests found
......@@ -37,99 +37,119 @@ version()
err()
{
echo "FAILED!"
cat $err
rm -rf $err
rm -rf $backup_dir
echo -n "Error: " && cat "$err"
rm -f "$backup" 2>/dev/null
rm -f "$err"
echo
echo "Update from $old_package_version to $package_version package FAILED!!!"
exit 1
}
err_clean()
errClean()
{
echo "FAILED!"
echo " -> Reverting changes of warden client package ... OK"
rm -rf ${client_path}/* > /dev/null 2>&1
cp -R ${backup_dir}/* $client_path
cat $err
rm -rf $err $backup_dir
echo -n "Error: " && cat "$err"
echo " -> Reverting changes of Warden client package ... OK"
rm -r "${basedir}/"* > /dev/null 2>&1
cp -R "${backup}/"* "$basedir"
echo
rm -r "$err" "$backup"
echo
echo "Update from $old_package_version to $package_version package FAILED!!!"
exit 1
}
params_chck()
paramsChck()
{
if [ -z $prefix ]; then
prefix=/opt
echo "Warning: parameter -d <directory> is not set - default installation directory is ${prefix}!"
if [ -z "$basedir" ]; then
echo "Parameter -d <directory> is not set!"
exit 1
fi
}
#-------------------------------------------------------------------------------
# Installation functions
#-------------------------------------------------------------------------------
wardenDirChck()
{
echo -n "Checking Warden client directory ... "
if [[ ! -d "$basedir" ]]; then
echo "FAILED!"
echo
echo "Warden client is not installed!"
exit 1
elif [[ ! -w "$basedir" ]]; then
echo "FAILED!"
echo
echo "You do not have permission to update Warden client!"
exit 1
else
echo "OK"
fi
}
obtain_package_version()
oldPackageChck()
{
if [ -f $old_package_version_file ]; then
old_package_version=`cat $old_package_version_file`
echo -n "Checking previous Warden client installation ... "
old_package_version_file=$(find "$basedir" -name package_version)
if [ -f "$old_package_version_file" ]; then
old_package_version=$(<"$old_package_version_file")
if [ "$old_package_version" == "$package_version" ]; then
echo "Sorry, but $package_version package is already installed!"
echo "FAILED!"
echo
echo "Package $package_version has been already installed!"
exit 1
elif [ "$old_package_version" == "warden-client-2.0" ]; then
echo "FAILED!"
echo
echo "First of all you must upgrade to package warden-client-2.1!"
exit 1
fi
else
echo "Sorry, but warden-client package is not installed!"
echo "For installation of warden client package please use install.sh script."
echo "FAILED!"
echo
echo "Warden client package is not yet installed!"
echo "For installation of Warden client package please use install.sh."
exit 1
fi
echo "OK"
}
perl_chck()
perlChck()
{
echo -n "Checking Perl interpreter ... "
if which perl 1> /dev/null; then
echo "OK"
else
echo "FAILED!"
echo "Error: Perl interpreter is not installed!"
echo
echo "Perl interpreter is not installed!"
exit 1
fi
}
modules_chck()
modulesChck()
{
for module in ${modules[@]};
sed '/^use [A-Z]/!d; /Warden/d' $(find "${dirname}" -type f) 2>/dev/null | cut -f 2 -d " " | sed 's/;//' | sort -u | \
while read module;
do
echo -n "Checking $module module ... "
if perl -e "use $module" 2> $err; then
echo "OK"
else
err
fi
perl -e "use $module" 2> "$err" && echo "OK" || err
done
}
warden_dir_chck()
{
echo -n "Checking warden client directory ... "
if [ ! -d $client_path ]; then
echo "FAILED!"
ls $client_path
exit 1
else
echo "OK"
fi
}
backup()
{
echo -n "Backing-up warden client directory ... "
mkdir $backup_dir
if cp -R ${client_path}/* $backup_dir 2> $err; then
echo -n "Making Warden client backup ... "
mkdir "$backup" 2> "$err" || err
if cp -R "${basedir}/"* "$backup" 2> "$err"; then
echo "OK"
else
err
......@@ -137,10 +157,10 @@ fi
}
obtain_warden_user()
obtainUser()
{
echo -n "Obtaining warden client directory owner ... "
if user=`stat -c %U $conf_file` 2> $err; then
if user=`stat -c %U $package_version` 2> "$err"; then
echo "OK"
else
err
......@@ -148,126 +168,60 @@ obtain_warden_user()
}
update_warden_dir()
updateWardenDir()
{
echo -n "Updating warden client directory ... "
if rsync -q --recursive --archive --delete --exclude='etc' --exclude='var' ${dirname}/warden-client $prefix 2> $err; then
echo "OK"
else
err_clean
fi
files=(CHANGELOG INSTALL LICENSE README README.cesnet)
for file in ${files[@]};
echo -n "Updating Warden client ... "
for file in $(<"$manifest")
do
cp ${dirname}/$file ${client_path}/doc
dir="$basedir/${file%/*}"
[[ ! -d "$dir" ]] && mkdir -p "$dir"
cp "$file" "${basedir}/$file" 2> "$err" || errClean
done
cp ${dirname}/uninstall.sh $client_path
cp ${dirname}/warden-client/etc/package_version $etc
rm -f "${basedir}/uninstall.sh" 2> /dev/null
ln -s "${sh}/uninstall.sh" "$basedir"
echo "OK"
}
make_conf_file()
{
echo -n "Creating configuration file ... "
uri=`cat $conf_file | grep '$URI'`
ssl_key_file=`cat $conf_file | grep '$SSL_KEY_FILE'`
ssl_cert_file=`cat $conf_file | grep '$SSL_CERT_FILE'`
ssl_ca_file=`cat $conf_file | grep '$SSL_CA_FILE'`
max_rcv_events_limit=`cat $conf_file | grep '$MAX_RCV_EVENTS_LIMIT'`
connection_timeout=`cat $conf_file | grep '$CONNECTION_TIMEOUT'`
log_stderr=`cat $conf_file | grep '$LOG_STDERR'`
if [ -z $log_stderr ]; then
log_stderr="\$LOG_STDERR = 1;"
fi
log_syslog=`cat $conf_file | grep '$LOG_SYSLOG'`
if [ -z $log_syslog ]; then
log_syslog="\$LOG_SYSLOG = 0;"
fi
log_syslog_facility=`cat $conf_file | grep '$LOG_SYSLOG_FACILITY'`
if [ -z $log_syslog_facility ]; then
log_syslog_facility="\$LOG_SYSLOG_FACILITY = \"local7\";"
fi
log_verbose=`cat $conf_file | grep '$LOG_VERBOSE'`
if [ -z $log_verbose ]; then
log_verbose="\$LOG_VERBOSE = 0;"
fi
echo "#
# warden-client.conf - configuration file for the warden sender/receiver client
#
#-------------------------------------------------------------------------------
# URI - URI address of Warden server
#-------------------------------------------------------------------------------
$uri
#-------------------------------------------------------------------------------
# SSL_KEY_FILE - path to client SSL certificate key file
#-------------------------------------------------------------------------------
$ssl_key_file
#-------------------------------------------------------------------------------
# SSL_CERT_FILE - path to client SSL certificate file
#-------------------------------------------------------------------------------
$ssl_cert_file
#-------------------------------------------------------------------------------
# SSL_CA_FILE - path to CA certificate file
#-------------------------------------------------------------------------------
$ssl_ca_file
#-------------------------------------------------------------------------------
# MAX_RCV_EVENTS_LIMIT - maximum number of events the client is allowd to get
# from the Warden server in one batch
#-------------------------------------------------------------------------------
$max_rcv_events_limit
#-------------------------------------------------------------------------------
# CONNECTION_TIMEOUT - interval in seconds to timeout connection with Warden
# server. If your client timeouts, consider using higher
# timeout number. Also, in case of receiving clients, you
# can optimize the MAX_RCV_EVENTS_LIMIT value.
#-------------------------------------------------------------------------------
$connection_timeout
getConfValue() {
perl -e "require \"$1\"; print \"\$$2\";"
}
#-------------------------------------------------------------------------------
# Log options
#
# LOG_STDERR, LOG_SYSLOG - hide (0) or allow (1) error reporting on STDERR
# and/or to Syslog
# LOG_SYSLOG_FACILITY - specify a Syslog facility to log in
# LOG_VERBOSE - print only error message without a stack (0) or print debug info
# including err. message and stack (1)
#-------------------------------------------------------------------------------
$log_stderr
$log_syslog
$log_syslog_facility
doTemplate()
{
vars=""
while (($#)); do
vars="'$1'=>'$2', $vars"
shift 2
done
perl -e "my %repl=($vars); foreach my \$l (<>) {\$l =~ s/\$_/\$repl{\$_}/g for keys %repl; print \$l}"
}
$log_verbose
1;
" > $conf_file 2> $err; ret_val=`echo $?`
removeOldFiles()
{
echo -n "Removing old package files ... "
rm -f "${doc}/example-receiver.pl.txt" 2> /dev/null
rm -f "${doc}/example-sender.pl.txt" 2> /dev/null
rm -f "${lib}/WardenClientConf.pm" 2> /dev/null
echo "OK"
}
if [ $ret_val -eq 0 ]; then
createManifest()
{
echo -n "Creating new MANIFEST file ... "
cd "$basedir" && find . -mindepth 2 -type f | sed 's/.\///' | sort > "${doc}/MANIFEST" && cd $OLDPWD 2> "$err" || errClean
echo "OK"
else
err_clean
fi
}
change_permissions()
changePermissions()
{
echo -n "Changing permissions to updated package ... "
chown -R $user: $client_path 2>$err || err_clean
chmod 644 $old_package_version_file || err_clean
if chmod 600 $conf_file; then
chown -R "$user": "$basedir" 2>"$err" || err_clean
chmod 644 "$old_package_version_file" || err_clean
if chmod 600 "$client_conf"; then
echo "OK"
else
err_clean
......@@ -275,79 +229,132 @@ change_permissions()
}
#-------------------------------------------------------------------------------
# MAIN
#-------------------------------------------------------------------------------
# list of used Perl modules
modules=(SOAP::Lite IO::Socket::SSL SOAP::Transport::HTTP FindBin DateTime Carp)
# read input
while getopts "d:Vh" options; do
case $options in
d ) prefix=$OPTARG;;
d ) basedir=$OPTARG;;
h ) usage;;
V ) version;;
* ) usage;;
esac
done
# params test
params_chck
# create variables
dirname=`dirname $0`
package_version=`cat ${dirname}/warden-client/etc/package_version`
[[ $prefix == */ ]] && prefix="${prefix%?}" # remove last char (slash) from prefix
client_path="${prefix}/warden-client"
etc="${client_path}/etc"
old_package_version_file="${etc}/package_version"
conf_file="${etc}/warden-client.conf"
err="/tmp/warden-err"
backup_dir="/tmp/warden-backup"
# remove last char (slash) from name of directories
[[ "$basedir" == */ ]] && basedir="${basedir%?}"
# obtain version of old warden client
obtain_package_version
# params test
paramsChck
# set variables
err="/tmp/warden-err"
backup="/tmp/warden-client-backup"
dirname=${0%/*}
doc="${basedir}/doc"
etc="${basedir}/etc"
sh="${basedir}/sh"
client_conf="${etc}/warden-client.conf"
client_conf_tmpl="${dirname}/etc/warden-client.conf.tmpl"
client_conf_tmpl_update="${dirname}/etc/warden-client.conf.tmpl.update"
package_version=$(<"${dirname}/etc/package_version")
manifest="${dirname}/doc/MANIFEST"
echo "Update of Warden client package to $package_version ..."
echo
echo "------------------------- Dependencies check-in -------------------------"
# check warden server directory
wardenDirChck
# check previous Warden server instalation
oldPackageChck
# Perl interpreter test
perl_chck
perlChck
# Perl modules test
modules_chck
modulesChck || exit 1
echo
echo "------------------------- Update process --------------------------------"
# check warden client directory
warden_dir_chck
# backup old warden client installation
backup
# obtain current warden client user
obtain_warden_user
# obation owner of already installed Warden client
obtainUser
# make warden client directory
update_warden_dir
# make warden server directory
updateWardenDir || exit 1
# create conf file
make_conf_file
# update client configuration file
echo -n "Checking Warden client configuration file ... "
if [[ -r "$client_conf" ]]; then
echo "OK"
echo -n " -> Updating Warden client configuration file ... "
uri=$(getConfValue "$client_conf" URI)
ssl_key=$(getConfValue "$client_conf" SSL_KEY)
ssl_cert=$(getConfValue "$client_conf" SSL_CERT)
ssl_ca_cert=$(getConfValue "$client_conf" SSL_CA_CERT)
max_rcv_events_limit=$(getConfValue "$client_conf" MAX_RCV_EVENTS_LIMIT)
connection_timeout=$(getConfValue "$client_conf" CONNECTION_TIMEOUT)
log_stderr=$(getConfValue "$client_conf" LOG_STDERR)
log_stderr_verbose=$(getConfValue "$client_conf" LOG_STDERR_VERBOSE)
syslog=$(getConfValue "$client_conf" SYSLOG)
syslog_verbose=$(getConfValue "$client_conf" SYSLOG_VERBOSE)
syslog_facility=$(getConfValue "$client_conf" SYSLOG_FACILITY)
doTemplate \
_URI_ "$uri" \
_KEYFILE_ "$ssl_key" \
_CERTFILE_ "$ssl_cert" \
_CAFILE_ "$ssl_ca_cert" \
_MAXRCVEVENTSLIMIT_ "$max_rcv_events_limit" \
_CONNECTIONTIMEOUT_ "$connection_timeout" \
_LOGSTDERR_ "$log_stderr" \
_LOGSTDERRVERBOSE_ "$log_stderr_verbose" \
_SYSLOG_ "$syslog" \
_SYSLOGVERBOSE_ "$syslog_verbose" \
_SYSLOGFACILITY_ "$syslog_facility" \
< $client_conf_tmpl_update \
> $client_conf && echo "OK" || errClean
else
echo "FAILED!"
echo -n " -> Creating Warden client configuration file ... "
doTemplate \
_KEYFILE_ "" \
_CERTFILE_ "" \
_CAFILE_ "" \
< $client_conf_tmpl \
> $client_conf && echo "OK" || errClean
echo " -> Please specify path to SSL_KEY, SSL_CERT and SSL_CA_CERT!"
fi
# remove old packages files - file list depend on package version
removeOldFiles
# change permissions
change_permissions
# create MANIFEST file
createManifest
# change updated Warden client package permissions
changePermissions
echo
echo "Please check configuration file in ${conf_file}!"
echo "------------------------- Summary ---------------------------------------"
echo "Please check updated/created configuration files:"
echo " - $client_conf"
echo
echo "Warden client directory: $client_path"
echo "Warden client directory: $basedir"
echo
echo "Update from $old_package_version to $package_version package was SUCCESSFUL!!!"
echo
# cleanup section
rm -rf $err $backup_dir
rm -f "$err"
rm -rf "$backup"
exit 0
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment