install.sh

#!/bin/bash
#
# install.sh
#
# Copyright (C) 2011-2012 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.  


VERSION="2.1"

#-------------------------------------------------------------------------------
#				FUNCTIONS
#-------------------------------------------------------------------------------
usage()
{
	echo "Usage: `basename $0` [-d <directory>] [-u <user>] [-k <ssl_key_file>] [-c <ssl_cert_file>] [-a <ssl_ca_file>] [-hV]"
	echo "-d <directory>            installation directory (default: /opt)"
	echo "-u <user>                 owner of warden client package (user for running detection scripts)"
	echo "-k <ssl_key_file>         path to SSL certificate key file"
	echo "-c <ssl_cert_file>        path to SSL certificate file"
	echo "-a <ssl_ca_file>          path to CA certificate file"
	echo "-h                        print this help"
	echo "-V                        print script version number and exit"
	echo
	echo "Example: # ./`basename $0` -d /opt -u detector -k /etc/ssl/private/client.key -c /etc/ssl/certs/client.pem -a /etc/ssl/certs/tcs-ca-bundle.pem"
	echo
	echo "Note: You must be root for running this script."
	echo "      For more information about installation process, see README file (section Installation)."
	echo
	exit 0
}


version()
{
	echo "`basename ${0}` - current version is $VERSION"
	exit 0
}


err()
{
	echo "FAILED!"
	cat $err
	rm -rf $err
	echo
	echo "Installation of $package_version package FAILED!!!"
	exit 1
}


err_clean()
{
	echo "FAILED!"
	echo " -> Uninstalling client package ... OK"
	rm -rf $client_path > /dev/null 2>&1
	cat $err
	rm -rf $err
	echo
	echo "Installation of $package_version package FAILED!!!"
	exit 1
}


root_chck()
{
	if [ $UID -ne 0 ]; then
		echo "You must be root for running this script!"
		exit 1
	fi
}


params_chck()
{
	if [ -z $prefix ]; then
		prefix=/opt
		echo "Warning: parameter -d <directory> is not set - default installation directory is ${prefix}!"
	fi
	if [ -z $user ]; then
		echo "Parameter -u <user> is not set!"
		exit 1
	fi
	if [ -z $key ]; then
		echo "Parameter -k <ssl_key_file> is not set!"
		exit 1
	fi
	if [ -z $cert ]; then
		echo "Parameter -c <ssl_cert_file> is not set!"
		exit 1
	fi
	if [ -z $ca_file ]; then
		echo "Parameter -a <ssl_ca_file> is not set!"
		exit 1
	fi
}


old_client_chck()
{
	old_package_version_file={$etc}/package_version
	if [ -f $old_package_version_file ]; then
		old_package_version=`cat $old_package_version_file`
		echo "Sorry, but $old_package_version package is installed!"
		echo "For update of warden client package please use update.sh script."
		exit 1
	fi
}


perl_chck()
{
	echo -n "Checking Perl interpreter ... "
	if which perl 1> /dev/null; then
		echo "OK"
	else
		echo "FAILED!"
		echo "Error: Perl interpreter is not installed!"
		exit 1
	fi
}


modules_chck()
{
	for module in ${modules[@]};
	do
		echo -n "Checking $module module ... "
		if perl -e "use $module" 2> $err; then
			echo "OK"
		else
			err
		fi
	done
}


make_warden_dir()
{
	echo -n "Creating warden client directory ... "
	test -d $prefix || mkdir -p prefix
	
        if cp -R ${dirname}/warden-client $prefix 2> $err; then
		echo "OK"
	else
        	err_clean
	fi

        echo -n "Copying files ... "

	files=(CHANGELOG INSTALL LICENSE README README.cesnet)
	for file in ${files[@]};
	do
		cp ${dirname}/warden-client/doc/$file ${client_path}/doc
	done
        
        test -d ${client_path}/ || mkdir -p ${client_path}/
	cp ${dirname}/uninstall.sh ${client_path}/

        echo "OK"
}


check_key()
{
	echo -n "Checking certificate key file ... "
        if su ${user} -c "test -r ${key}" 2> $err; then	
		echo "OK"
	else
		echo "Warning: certificate key file is not readable by user ${user}!"
	fi
}


check_cert()
{
	echo -n "Checking certificate file ... "
        if su ${user} -c "test -r ${key}" 2> $err; then
		echo "OK"
	else
		echo "Warning: certificate file is not readable by user ${user}!"
	fi
}


make_conf_file()
{
	echo -n "Creating configuration file ... "
	echo "#
# warden-client.conf - configuration file for the warden sender/receiver client
#

#-------------------------------------------------------------------------------
# URI - URI address of Warden server
#-------------------------------------------------------------------------------
\$URI = \"https://warden.cesnet.cz:443/Warden\";

#-------------------------------------------------------------------------------
# SSL_KEY_FILE - path to client SSL certificate key file
#-------------------------------------------------------------------------------
\$SSL_KEY_FILE = \"${key}\";

#-------------------------------------------------------------------------------
# SSL_CERT_FILE - path to client SSL certificate file
#-------------------------------------------------------------------------------
\$SSL_CERT_FILE = \"${cert}\";

#-------------------------------------------------------------------------------
# SSL_CA_FILE - path to CA certificate file
#-------------------------------------------------------------------------------
\$SSL_CA_FILE = \"${ca_file}\";

#-------------------------------------------------------------------------------
# MAX_RCV_EVENTS_LIMIT - maximum number of events the client is allowd to get
#                        from the Warden server in one batch
#-------------------------------------------------------------------------------
\$MAX_RCV_EVENTS_LIMIT = 6000; #consumes app. 250 MB of memory

#-------------------------------------------------------------------------------
# CONNECTION_TIMEOUT - interval in seconds to timeout connection with Warden
#                      server. If your client timeouts, consider using higher
#                      timeout number. Also, in case of receiving clients, you
#                      can optimize the MAX_RCV_EVENTS_LIMIT value.
#-------------------------------------------------------------------------------
$CONNECTION_TIMEOUT = 60;

#-------------------------------------------------------------------------------
# Log options
#
# LOG_STDERR, LOG_SYSLOG - hide (0) or allow (1) error reporting on STDERR
#                          and/or to Syslog
# LOG_SYSLOG_FACILITY - specify a Syslog facility to log in
# LOG_VERBOSE - print only error message without a stack (0) or print debug info
#               including err. message and stack (1)
#-------------------------------------------------------------------------------
\$LOG_STDERR = 1;

\$LOG_SYSLOG = 0;
\$LOG_SYSLOG_FACILITY = \"local7\";

\$LOG_VERBOSE = 0;



1;

" > $conf_file 2> $err; ret_val=`echo $?`

	if [ $ret_val -eq 0 ]; then
		echo "OK"
	else
		err_clean
	fi
}


change_permissions()
{
	echo -n "Changing permissions to installed package ... "
	chown -R $user: $client_path 2> $err || err_clean
	chmod 644 ${etc}/package_version || err_clean
	if chmod 600 $conf_file; then
		echo "OK"
	else
		err_clean
	fi
}



#-------------------------------------------------------------------------------
#				MAIN
#-------------------------------------------------------------------------------

# list of used Perl modules
modules=(SOAP::Lite IO::Socket::SSL SOAP::Transport::HTTP FindBin DateTime Carp)
# read input
while getopts "d:u:k:c:a:Vh" options; do
	case $options in
		d ) prefix=$OPTARG;;
		u ) user=$OPTARG;;
		k ) key=$OPTARG;;
		c ) cert=$OPTARG;;
		a ) ca_file=$OPTARG;;
		h ) usage;;
		V ) version;;
		* ) usage;;
	esac
done

# root test
root_chck

# params test
params_chck

# create variables
dirname=`dirname $0`
package_version=`cat ${dirname}/warden-client/etc/package_version`
key_file=`basename $key`
cert_file=`basename $cert`
[[ $prefix == */ ]] && prefix="${prefix%?}" # remove last char (slash) from prefix
client_path="${prefix}/warden-client"
etc="${client_path}/etc"
conf_file="${etc}/warden-client.conf"
err="/tmp/warden-err"

# check if warden-client is installed
old_client_chck

echo
echo "------------------------- Dependencies check-in -------------------------"

# Perl interpreter test
perl_chck

# Perl modules test
modules_chck


echo
echo "------------------------- Installation process --------------------------"

# make warden client directory
make_warden_dir

# copy cert key file 
check_key

# copy cert file
check_cert

# create conf file
make_conf_file

# change permissions
change_permissions

echo
echo "Please check configuration file in ${conf_file}!"
echo
echo "Warden client directory: $client_path"
echo
echo "Installation of $package_version package was SUCCESSFUL!!!"

# cleanup section
rm -rf $err

exit 0