From b84b23a86f62ca476acfb8b1175130079651201a Mon Sep 17 00:00:00 2001
From: Tomas Plesnik <plesnik@ics.muni.cz>
Date: Fri, 21 Feb 2014 14:49:13 +0100
Subject: [PATCH] pridany funkce pro generovani konfiguracnich souboru,
manifest file a vytvareni symlinku
---
src/warden-server/sh/update.sh | 226 +++++++++++----------------------
1 file changed, 72 insertions(+), 154 deletions(-)
diff --git a/src/warden-server/sh/update.sh b/src/warden-server/sh/update.sh
index 822088f..da38de6 100755
--- a/src/warden-server/sh/update.sh
+++ b/src/warden-server/sh/update.sh
@@ -72,6 +72,18 @@ paramsChck()
#-------------------------------------------------------------------------------
# Installation functions
#-------------------------------------------------------------------------------
+wardenDirChck()
+{
+ echo -n "Checking Warden server directory ... "
+ if [[ ! -d "$basedir" ]] && [[ ! -w "$basedir" ]]; then
+ echo "FAILED!"
+ echo "No version of Warden server is not installed!"
+ exit 1
+ else
+ echo "OK"
+ fi
+}
+
oldPackageChck()
{
@@ -117,19 +129,6 @@ modulesChck()
}
-wardenDirChck()
-{
- echo -n "Checking Warden server directory ... "
- if [[ ! -d "$basedir" ]] && [[ ! -w "$basedir" ]]; then
- echo "FAILED!"
- echo "No version of Warden server is not installed!"
- exit 1
- else
- echo "OK"
- fi
-}
-
-
backup()
{
echo -n "Making Warden server backup ... "
@@ -149,154 +148,45 @@ updateWardenDir()
}
-updateConfFiles()
+doTemplate()
{
- echo -n "Updating $apache_conf_file ... "
-
- ssl_certificate_file=`cat $apache_conf_file | grep 'SSLCertificateFile'`
- ssl_certificate_key_file=`cat $apache_conf_file | grep 'SSLCertificateKeyFile'`
- ssl_ca_certificate_file=`cat $apache_conf_file | grep 'SSLCACertificateFile'`
- perl_switches=`cat $apache_conf_file | grep 'PerlSwitches'`
-
- echo "#
-# warden-apache.conf - configuration file for the Apache server
-#
-
-SSLEngine on
-
-SSLVerifyDepth 3
-SSLVerifyClient require
-SSLOptions +StdEnvVars +ExportCertData
-
-SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-
-$ssl_certificate_file
-$ssl_certificate_key_file
-$ssl_ca_certificate_file
-
-PerlOptions +Parent
-$perl_switches
-
-<Location /Warden>
- SetHandler perl-script
- PerlHandler Warden::ApacheDispatch
- SSLOptions +StdEnvVars
-</Location>" > $apache_conf_file 2> $err; ret_val=`echo $?`
-
- if [ $ret_val -eq 0 ]; then
- echo "OK"
- else
- errClean
- fi
-
-
-#-------------------------------------------------------------------------------
-
- echo -n "Updating $server_conf_file ... "
-
- basedir=`cat $server_conf_file | grep '$BASEDIR'`
- syslog=`cat $server_conf_file | grep '$SYSLOG' | head -n1`
- if [ -z "$syslog" ]; then
- syslog='$SYSLOG = 1;'
- fi
- syslog_verbose=`cat $server_conf_file | grep '$SYSLOG_VERBOSE'`
- if [ -z "$syslog_verbose" ]; then
- syslog_verbose='$SYSLOG_VERBOSE = 1;'
- fi
- syslog_facility=`cat $server_conf_file | grep '$SYSLOG_FACILITY'`
- if [ -z "$syslog_facility" ]; then
- syslog_facility=`cat $server_conf_file | grep '$FACILITY'`
- else
- syslog_facility='$SYSLOG_FACILITY = "local7";'
- fi
- db_name=`cat $server_conf_file | grep '$DB_NAME'`
- db_user=`cat $server_conf_file | grep '$DB_USER'`
- db_pass=`cat $server_conf_file | grep '$DB_PASS'`
- db_host=`cat $server_conf_file | grep '$DB_HOST'`
- max_events_limit=`cat $server_conf_file | grep '$MAX_EVENTS_LIMIT'`
- if [ -z "$max_events_limit" ]; then
- max_events_limit='$MAX_EVENTS_LIMIT = 1000000;'
- fi
- valid_strings=`cat $server_conf_file | grep -A 3 '%VALID_STRINGS'`
- if [ -z "$valid_strings" ]; then
- valid_strings="%VALID_STRINGS = (
- \"type\" => [\"portscan\", \"bruteforce\", \"probe\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\"],
- \"source_type\" => [\"IP\", \"URL\", \"Reply-To:\"]
-);"
- fi
-
- echo "#
-# warden-server.conf - configuration file for Warden server
-#
-
-#-------------------------------------------------------------------------------
-# BASEDIR - base directory of Warden server
-#-------------------------------------------------------------------------------
-$basedir
-
-#-------------------------------------------------------------------------------
-# SYSLOG - enable/disable syslog logging
-#-------------------------------------------------------------------------------
-$syslog
-
-#-------------------------------------------------------------------------------
-# SYSLOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
-#-------------------------------------------------------------------------------
-$syslog_verbose
-
-#-------------------------------------------------------------------------------
-# SYSLOG_FACILITY - syslog facility
-#-------------------------------------------------------------------------------
-$syslog_facility
-
-#-------------------------------------------------------------------------------
-# DB_NAME - MySQL database name of Warden server
-#-------------------------------------------------------------------------------
-$db_name
-
-#-------------------------------------------------------------------------------
-# DB_USER - MySQL database user of Warden server
-#-------------------------------------------------------------------------------
-$db_user
-
-#-------------------------------------------------------------------------------
-# DB_PASS - MySQL database password of Warden server
-#-------------------------------------------------------------------------------
-$db_pass
+ vars=""
+ while (($#)); do
+ vars="'$1'=>'$2', $vars"
+ shift 2
+ done
+ perl -e "my %repl=($vars); foreach my \$l (<>) {\$l =~ s/\$_/\$repl{\$_}/g for keys %repl; print \$l}"
+}
-#-------------------------------------------------------------------------------
-# DB_HOST - MySQL database host
-#-------------------------------------------------------------------------------
-$db_host
-#-------------------------------------------------------------------------------
-# MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
-# delivered to one client in one batch
-#-------------------------------------------------------------------------------
-$max_events_limit
+createManifest()
+{
+ echo -n "Creating MANIFEST file ... "
+ cd "$basedir" && find . -mindepth 2 -type f | sed 's/.\///' | sort > "${doc}/MANIFEST" && cd $OLDPWD 2> "$err" || errClean
+ echo "OK"
+}
-#-------------------------------------------------------------------------------
-# VALID_STRINGS - validation hash containing allowed event attributes
-#-------------------------------------------------------------------------------
-$valid_strings" > $server_conf_file 2> $err; ret_val=`echo $?`
- if [ $ret_val -eq 0 ]; then
- echo "OK"
- else
- errClean
- fi
+createSymlinks()
+{
+ echo "Creating symbolic links to $symbin ..."
+ for file in "${bin}/"*
+ do
+ echo "- making symlink: ${symbin}/${file##*/} -> $file"
+ ln -s "$file" "${symbin}/${file##*/}"
+ done
}
-
#-------------------------------------------------------------------------------
# MAIN
#-------------------------------------------------------------------------------
# read input
-while getopts "d:Vh" options; do
+while getopts "d:s:Vh" options; do
case "$options" in
d ) basedir="$OPTARG";;
+ s ) symbin="$OPTARG";;
h ) usage;;
V ) version;;
* ) usage;;
@@ -305,6 +195,7 @@ done
# remove last char (slash) from name of directories
[[ "$basedir" == */ ]] && basedir="${basedir%?}"
+[[ "$symbin" == */ ]] && symbin="${symbin%?}"
# params test
paramsChck
@@ -332,7 +223,7 @@ echo "------------------------- Dependencies check-in -------------------------"
# check warden server directory
wardenDirChck
-#
+# check previous Warden server instalation
oldPackageChck
# Perl interpreter test
@@ -344,22 +235,49 @@ modulesChck
echo
echo "------------------------- Update process --------------------------------"
-
# backup old warden server installation
backup
# make warden server directory
updateWardenDir
-# create conf files
-updateConfFiles
+# create server configuration file
+echo -n "Updating Warden server configuration file ... "
+doTemplate \
+ _BASEDIR_ "$basedir" \
+ < $server_conf_tmpl \
+ > $server_conf && echo "OK" || errClean
+
+# create Apache configuration file
+echo -n "Updating Apache configuration file ... "
+doTemplate \
+ _CERT_FILE_ "$cert_file" \
+ _KEY_FILE_ "$key_file" \
+ _CA_FILE_ "$ca_file" \
+ _LIB_ "$lib" \
+ < $apache_conf_tmpl \
+ > $apache_conf && echo "OK" || errClean
+
+# create wardenWatchdog configuration file
+echo -n "Updating Warden Watchdog configuration file ... "
+doTemplate \
+ _HOSTNAME_ "$hostname" \
+ < $watchdog_conf_tmpl \
+ > $watchdog_conf && echo "OK" || errClean
+
+# create MANIFEST file
+createManifest
+
+# crate symlinks from warden server bin to user path (if -s option is set)
+[[ ! -z "$symbin" ]] && [[ -d "$symbin" ]] && [[ -w "$symbin" ]] && createSymlinks
echo
echo "Please check updated configuration files:"
-echo " - $apache_conf_file"
-echo " - $server_conf_file"
+echo " - $server_conf"
+echo " - $server_conf"
+echo " - $watchdog_conf"
echo
-echo "Warden server directory: $server_path"
+echo "Warden server directory: $basedir"
echo
echo "Update from $old_package_version to $package_version package was SUCCESSFUL!!!"
echo
@@ -367,6 +285,6 @@ echo "Please follow post-update steps in ${doc}/UPDATE!"
echo
# cleanup section
-rm -rf $err $backup
+rm -f "$err" "$backup"
exit 0
--
GitLab