pridany funkce pro generovani konfiguracnich souboru, manifest file a vytvareni symlinku

b84b23a8 · Tomáš Plesník · eff7a369 · b84b23a8
Commit b84b23a8 authored 11 years ago by Tomáš Plesník
--- a/src/warden-server/sh/update.sh
+++ b/src/warden-server/sh/update.sh
@@ -72,6 +72,18 @@ paramsChck()
 #-------------------------------------------------------------------------------
 #                               Installation functions
 #-------------------------------------------------------------------------------
+wardenDirChck()
+{
+        echo -n "Checking Warden server directory ... "
+        if [[ ! -d "$basedir" ]] && [[ ! -w "$basedir" ]]; then
+                echo "FAILED!"
+                echo "No version of Warden server is not installed!"
+                exit 1
+        else
+                echo "OK"
+        fi  
+}
+

 oldPackageChck()
 {
@@ -117,19 +129,6 @@ modulesChck()
 }


-wardenDirChck()
-{
-        echo -n "Checking Warden server directory ... "
-        if [[ ! -d "$basedir" ]] && [[ ! -w "$basedir" ]]; then
-                echo "FAILED!"
-                echo "No version of Warden server is not installed!"
-                exit 1
-        else
-                echo "OK"
-        fi  
-}
-
-
 backup()
 {
 	echo -n "Making Warden server backup ... "
@@ -149,154 +148,45 @@ updateWardenDir()
 }


-updateConfFiles()
+doTemplate()
 {
-        echo -n "Updating $apache_conf_file ... "
-
-        ssl_certificate_file=`cat $apache_conf_file | grep 'SSLCertificateFile'`
-        ssl_certificate_key_file=`cat $apache_conf_file | grep 'SSLCertificateKeyFile'`
-        ssl_ca_certificate_file=`cat $apache_conf_file | grep 'SSLCACertificateFile'`
-        perl_switches=`cat $apache_conf_file | grep 'PerlSwitches'`
-
-        echo "#
-# warden-apache.conf - configuration file for the Apache server
-#
-
-SSLEngine on
-
-SSLVerifyDepth 3
-SSLVerifyClient require
-SSLOptions +StdEnvVars +ExportCertData
-
-SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-
-$ssl_certificate_file
-$ssl_certificate_key_file
-$ssl_ca_certificate_file
-
-PerlOptions +Parent
-$perl_switches
-
-<Location /Warden>
-        SetHandler perl-script
-        PerlHandler Warden::ApacheDispatch
-        SSLOptions +StdEnvVars
-</Location>" > $apache_conf_file 2> $err; ret_val=`echo $?`
-
-	if [ $ret_val -eq 0 ]; then
-		echo "OK"
-	else
-		errClean
-	fi
- 
-
-#-------------------------------------------------------------------------------
-
-        echo -n "Updating $server_conf_file ... "
-
-        basedir=`cat $server_conf_file | grep '$BASEDIR'`
-        syslog=`cat $server_conf_file | grep '$SYSLOG' | head -n1`
-        if [ -z "$syslog" ]; then
-                syslog='$SYSLOG = 1;'
-        fi
-        syslog_verbose=`cat $server_conf_file | grep '$SYSLOG_VERBOSE'`
-        if [ -z "$syslog_verbose" ]; then
-                syslog_verbose='$SYSLOG_VERBOSE = 1;'
-        fi
-        syslog_facility=`cat $server_conf_file | grep '$SYSLOG_FACILITY'`
-        if [ -z "$syslog_facility" ]; then
-                syslog_facility=`cat $server_conf_file | grep '$FACILITY'`
-        else
-                syslog_facility='$SYSLOG_FACILITY = "local7";'
-        fi
-        db_name=`cat $server_conf_file | grep '$DB_NAME'`
-        db_user=`cat $server_conf_file | grep '$DB_USER'`
-        db_pass=`cat $server_conf_file | grep '$DB_PASS'`
-        db_host=`cat $server_conf_file | grep '$DB_HOST'`
-        max_events_limit=`cat $server_conf_file | grep '$MAX_EVENTS_LIMIT'`
-        if [ -z "$max_events_limit" ]; then
-                max_events_limit='$MAX_EVENTS_LIMIT = 1000000;'
-        fi
-        valid_strings=`cat $server_conf_file | grep -A 3 '%VALID_STRINGS'`
-        if [ -z "$valid_strings" ]; then
-                valid_strings="%VALID_STRINGS = (
-  \"type\"        => [\"portscan\", \"bruteforce\", \"probe\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\"],
-  \"source_type\" => [\"IP\", \"URL\", \"Reply-To:\"]
-);"
-        fi
-
-        echo "#
-# warden-server.conf - configuration file for Warden server
-#
-
-#-------------------------------------------------------------------------------
-# BASEDIR - base directory of Warden server
-#-------------------------------------------------------------------------------
-$basedir
-
-#-------------------------------------------------------------------------------
-# SYSLOG - enable/disable syslog logging
-#-------------------------------------------------------------------------------
-$syslog
-
-#-------------------------------------------------------------------------------
-# SYSLOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
-#-------------------------------------------------------------------------------
-$syslog_verbose
-
-#-------------------------------------------------------------------------------
-# SYSLOG_FACILITY - syslog facility
-#-------------------------------------------------------------------------------
-$syslog_facility
-
-#-------------------------------------------------------------------------------
-# DB_NAME - MySQL database name of Warden server
-#-------------------------------------------------------------------------------
-$db_name
-
-#-------------------------------------------------------------------------------
-# DB_USER - MySQL database user of Warden server
-#-------------------------------------------------------------------------------
-$db_user
-
-#-------------------------------------------------------------------------------
-# DB_PASS - MySQL database password of Warden server
-#-------------------------------------------------------------------------------
-$db_pass
+        vars=""
+        while (($#)); do
+                vars="'$1'=>'$2', $vars"
+                shift 2
+        done
+        perl -e "my %repl=($vars); foreach my \$l (<>) {\$l =~ s/\$_/\$repl{\$_}/g for keys %repl; print \$l}"
+}

-#-------------------------------------------------------------------------------
-# DB_HOST - MySQL database host
-#-------------------------------------------------------------------------------
-$db_host

-#-------------------------------------------------------------------------------
-# MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
-#                    delivered to one client in one batch
-#-------------------------------------------------------------------------------
-$max_events_limit
+createManifest()
+{
+        echo -n "Creating MANIFEST file ... "
+        cd "$basedir" && find . -mindepth 2 -type f | sed 's/.\///' | sort > "${doc}/MANIFEST" && cd $OLDPWD 2> "$err" || errClean
+        echo "OK"
+}

-#-------------------------------------------------------------------------------
-# VALID_STRINGS - validation hash containing allowed event attributes
-#-------------------------------------------------------------------------------
-$valid_strings" > $server_conf_file 2> $err; ret_val=`echo $?`

-        if [ $ret_val -eq 0 ]; then
-                echo "OK"
-        else
-                errClean
-        fi
+createSymlinks()
+{
+        echo "Creating symbolic links to $symbin ..."
+        for file in "${bin}/"*
+        do
+                echo "- making symlink: ${symbin}/${file##*/} -> $file"
+                ln -s "$file" "${symbin}/${file##*/}"
+        done
 }


-
 #-------------------------------------------------------------------------------
 #				MAIN
 #-------------------------------------------------------------------------------

 # read input
-while getopts "d:Vh" options; do
+while getopts "d:s:Vh" options; do
 	case "$options" in
 		d ) basedir="$OPTARG";;
+                s ) symbin="$OPTARG";;
 		h ) usage;;
 		V ) version;;
 		* ) usage;;
@@ -305,6 +195,7 @@ done

 # remove last char (slash) from name of directories
 [[ "$basedir" == */ ]] && basedir="${basedir%?}"
+[[ "$symbin" == */ ]] && symbin="${symbin%?}"

 # params test
 paramsChck
@@ -332,7 +223,7 @@ echo "------------------------- Dependencies check-in -------------------------"
 # check warden server directory
 wardenDirChck

-# 
+# check previous Warden server instalation
 oldPackageChck

 # Perl interpreter test
@@ -344,22 +235,49 @@ modulesChck
 echo
 echo "------------------------- Update process --------------------------------"

-
 # backup old warden server installation
 backup

 # make warden server directory
 updateWardenDir

-# create conf files
-updateConfFiles
+# create server configuration file
+echo -n "Updating Warden server configuration file ... "
+doTemplate \
+        _BASEDIR_       "$basedir" \
+        < $server_conf_tmpl \
+        > $server_conf && echo "OK" || errClean
+
+# create Apache configuration file
+echo -n "Updating Apache configuration file ... "
+doTemplate \
+        _CERT_FILE_     "$cert_file" \
+        _KEY_FILE_      "$key_file" \
+        _CA_FILE_       "$ca_file" \
+        _LIB_           "$lib" \
+        < $apache_conf_tmpl \
+        > $apache_conf && echo "OK" || errClean
+
+# create wardenWatchdog configuration file
+echo -n "Updating Warden Watchdog configuration file ... "
+doTemplate \
+        _HOSTNAME_      "$hostname" \
+        < $watchdog_conf_tmpl \
+        > $watchdog_conf && echo "OK" || errClean
+
+# create MANIFEST file
+createManifest
+
+# crate symlinks from warden server bin to user path (if -s option is set)
+[[ ! -z "$symbin" ]] && [[ -d "$symbin" ]] && [[ -w "$symbin" ]] && createSymlinks

 echo
 echo "Please check updated configuration files:"
-echo " - $apache_conf_file"
-echo " - $server_conf_file"
+echo " - $server_conf"
+echo " - $server_conf"
+echo " - $watchdog_conf"
 echo
-echo "Warden server directory: $server_path"
+echo "Warden server directory: $basedir"
 echo
 echo "Update from $old_package_version to $package_version package was SUCCESSFUL!!!"
 echo
@@ -367,6 +285,6 @@ echo "Please follow post-update steps in ${doc}/UPDATE!"
 echo

 # cleanup section
-rm -rf $err $backup
+rm -f "$err" "$backup"

 exit 0