Skip to content
Snippets Groups Projects
Commit 3f29a9cc authored by Tomáš Plesník's avatar Tomáš Plesník
Browse files

zapracovany poznamky z #628

parent 6f90c0c7
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/warden-server/sh/install.sh
+ 55
94
View file @ 3f29a9cc
...@@ -10,22 +10,21 @@ ...@@ -10,22 +10,21 @@
VERSION="2.2" VERSION="2.2"
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# FUNCTIONS # Script functions
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
usage() usage()
{ {
echo "Usage: `basename $0` [-d <directory>] [-k <ssl_key_file>] [-c <ssl_cert_file>] [-a <ssl_ca_file>] [-hV]" echo "Usage: ${0##*/} -d <directory> -k <ssl_key_file> -c <ssl_cert_file> -a <ssl_ca_file> [-hV]"
echo "-d <directory> installation directory (default: /opt)" echo "-d <directory> installation directory"
echo "-k <ssl_key_file> path to SSL certificate key file" echo "-k <ssl_key_file> path to SSL certificate key file"
echo "-c <ssl_cert_file> path to SSL certificate file" echo "-c <ssl_cert_file> path to SSL certificate file"
echo "-a <ssl_ca_file> path to CA certificate file" echo "-a <ssl_ca_file> path to CA certificate file"
echo "-h print this help" echo "-h print this help"
echo "-V print script version number and exit" echo "-V print script version number and exit"
echo echo
echo "Example: # ./`basename $0` -d /opt -k /etc/ssl/private/server.key -c /etc/ssl/certs/server.pem -a /etc/ssl/certs/tcs-ca-bundle.pem" echo "Example: # ./${0##*/} -d /opt -k /etc/ssl/private/server.key -c /etc/ssl/certs/server.pem -a /etc/ssl/certs/tcs-ca-bundle.pem"
echo echo
echo "Note: You must be root for running this script." echo "For more information about installation process, see README file (section Installation)."
echo " For more information about installation process, see README file (section Installation)."
echo echo
exit 0 exit 0
} }
...@@ -33,7 +32,7 @@ usage() ...@@ -33,7 +32,7 @@ usage()
version() version()
{ {
echo "`basename ${0}` - current version is $VERSION" echo "${0##*/} - current version is $VERSION"
exit 0 exit 0
} }
...@@ -41,8 +40,8 @@ version() ...@@ -41,8 +40,8 @@ version()
err() err()
{ {
echo "FAILED!" echo "FAILED!"
cat $err cat "$err"
rm -rf $err rm -f "$err"
echo echo
echo "Installation of $package_version package FAILED!!!" echo "Installation of $package_version package FAILED!!!"
exit 1 exit 1
...@@ -53,50 +52,45 @@ errClean() ...@@ -53,50 +52,45 @@ errClean()
{ {
echo "FAILED!" echo "FAILED!"
echo " -> Uninstalling server package ... OK" echo " -> Uninstalling server package ... OK"
rm -rf $server_path > /dev/null 2>&1 rm -rf "$server_dir/"* > /dev/null 2>&1
cat $err cat "$err"
rm -rf $err rm -f "$err"
echo echo
echo "Installation of $package_version package FAILED!!!" echo "Installation of $package_version package FAILED!!!"
exit 1 exit 1
} }
rootChck()
{
if [ $UID -ne 0 ]; then
echo "You must be root for running this script!"
exit 1
fi
}
paramsChck() paramsChck()
{ {
if [ -z $prefix ]; then if [ -z "$server_dir" ]; then
echo "Parameter -d <directory> is not set!" echo "Parameter -d <directory> is not set!"
exit 1 exit 1
fi fi
if [ -z $key ]; then if [ -z "$key_file" ]; then
echo "Parameter -k <ssl_key_file> is not set!" echo "Parameter -k <ssl_key_file> is not set!"
exit 1 exit 1
fi fi
if [ -z $cert ]; then if [ -z "$cert_file" ]; then
echo "Parameter -c <ssl_cert_file> is not set!" echo "Parameter -c <ssl_cert_file> is not set!"
exit 1 exit 1
fi fi
if [ -z $ca_file ]; then if [ -z "$ca_file" ]; then
echo "Parameter -a <ssl_ca_file> is not set!" echo "Parameter -a <ssl_ca_file> is not set!"
exit 1 exit 1
fi fi
} }
#-------------------------------------------------------------------------------
# Installation functions
#-------------------------------------------------------------------------------
oldPackageChck() oldPackageChck()
{ {
old_package_version_file="${etc}/package_version" old_package_version_file="${etc}/package_version"
if [ -f $old_package_version_file ]; then if [ -f "$old_package_version_file" ]; then
old_package_version=`cat $old_package_version_file` old_package_version=$(< "$old_package_version_file") || err
echo "Sorry, but $old_package_version package is installed!" echo "Sorry, but $old_package_version package is installed!"
echo "For update of warden server package please use update.sh" echo "For update of warden server package please use update.sh"
exit 1 exit 1
...@@ -118,31 +112,23 @@ perlChck() ...@@ -118,31 +112,23 @@ perlChck()
modulesChck() modulesChck()
{ {
for module in ${modules[@]}; sed '/^use [A-Z]/!d; /Warden/d' `find "${dirname}/warden-server" -type f` 2>/dev/null | cut -f 2 -d " " | sed 's/;//' | sort -u > "$modules_file"
for module in $(<"$modules_file");
do do
echo -n "Checking $module module ... " echo -n "Checking $module module ... "
if perl -e "use $module" 2> $err; then perl -e "use $module" 2> "$err" && echo "OK" || err
echo "OK"
else
err
fi
done done
} }
makeWardenDir() createWardenDir()
{ {
echo -n "Creating Warden server directory ... " echo -n "Creating Warden server directory ... "
test -d $prefix || mkdir -p $prefix test -d "$server_dir" && test -w "$server_dir" || mkdir -p "$server_dir" 2> "$err" || err
if cp -R ${dirname}/warden-server $prefix 2> $err; then cp -R "${dirname}/warden-server/"* "$server_dir" 2> "$err" && echo "OK" || errClean
echo "OK" cp "${dirname}/uninstall.sh" "$server_dir"
else
errClean
fi
cp ${dirname}/uninstall.sh $server_path
} }
makeServerConf() makeServerConf()
{ {
echo -n "Creating server configuration file ... " echo -n "Creating server configuration file ... "
...@@ -153,7 +139,7 @@ makeServerConf() ...@@ -153,7 +139,7 @@ makeServerConf()
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# BASEDIR - base directory of Warden server # BASEDIR - base directory of Warden server
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
\$BASEDIR = \"${server_path}\"; \$BASEDIR = \"${server_dir}\";
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# SYSLOG - enable/disable syslog logging # SYSLOG - enable/disable syslog logging
...@@ -202,13 +188,7 @@ makeServerConf() ...@@ -202,13 +188,7 @@ makeServerConf()
%VALID_STRINGS = ( %VALID_STRINGS = (
\"type\" => [\"portscan\", \"bruteforce\", \"probe\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\", \"_any_\"], \"type\" => [\"portscan\", \"bruteforce\", \"probe\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\", \"_any_\"],
\"source_type\" => [\"IP\", \"URL\", \"Reply-To:\"] \"source_type\" => [\"IP\", \"URL\", \"Reply-To:\"]
);" > $server_conf 2> $err; ret_val=`echo $?` );" > "$server_conf" 2> "$err" && echo "OK" || errClean
if [ $ret_val -eq 0 ]; then
echo "OK"
else
errClean
fi
} }
makeApacheConf() makeApacheConf()
...@@ -227,8 +207,8 @@ SSLOptions +StdEnvVars +ExportCertData ...@@ -227,8 +207,8 @@ SSLOptions +StdEnvVars +ExportCertData
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile $cert SSLCertificateFile $cert_file
SSLCertificateKeyFile $key SSLCertificateKeyFile $key_file
SSLCACertificateFile $ca_file SSLCACertificateFile $ca_file
PerlOptions +Parent PerlOptions +Parent
...@@ -238,23 +218,17 @@ PerlSwitches -I $lib ...@@ -238,23 +218,17 @@ PerlSwitches -I $lib
SetHandler perl-script SetHandler perl-script
PerlHandler Warden::ApacheDispatch PerlHandler Warden::ApacheDispatch
SSLOptions +StdEnvVars SSLOptions +StdEnvVars
</Location>" > $apache_conf 2> $err; ret_val=`echo $?` </Location>" > "$apache_conf" 2> "$err" && echo "OK" || errClean
if [ $ret_val -eq 0 ]; then
echo "OK"
else
errClean
fi
} }
createSymlinks() createSymlinks()
{ {
echo "Creating symbolic links ..." echo "Creating symbolic links to local bin path..."
for file in `ls -1 $bin` for file in "${bin}/"*
do do
echo "- making symlink: ${local_bin}/$file -> ${bin}/$file" echo "- making symlink: ${local_bin}/${file##*/} -> $file"
ln -s ${bin}/$file ${local_bin}/$file ln -s "$file" "${local_bin}/${file##*/}"
done done
} }
...@@ -262,47 +236,34 @@ createSymlinks() ...@@ -262,47 +236,34 @@ createSymlinks()
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# MAIN # MAIN
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
# list of used Perl modules
modules=(SOAP::Lite SOAP::Transport::HTTP DBI DBD::mysql Format::Human::Bytes Sys::Syslog File::Basename Net::CIDR::Lite DateTime Getopt::Std Switch IO::Socket::SSL MIME::Base64 Crypt::X509 Carp FindBin)
# read input # read input
while getopts "d:k:c:a:Vh" options; do while getopts "d:k:c:a:Vh" options; do
case $options in case "$options" in
d ) prefix=$OPTARG;; d ) server_dir="$OPTARG";;
k ) key=$OPTARG;; k ) key_file="$OPTARG";;
c ) cert=$OPTARG;; c ) cert_file="$OPTARG";;
a ) ca_file=$OPTARG;; a ) ca_file="$OPTARG";;
h ) usage;; h ) usage;;
V ) version;; V ) version;;
* ) usage;; * ) usage;;
esac esac
done done
# root test
rootChck
# params test # params test
paramsChck paramsChck
# create variables # set variables
dirname=`dirname $0` dirname=${0%/*}
hostname=`hostname -f` package_version=$(< "${dirname}/warden-server/etc/package_version") || err
key_file=`basename $key` bin="${server_dir}/bin"
cert_file=`basename $cert`
package_version=`cat ${dirname}/warden-server/etc/package_version`
[[ $prefix == */ ]] && prefix="${prefix%?}" # remove last char (slash) from prefix
server_path="${prefix}/warden-server"
bin="${server_path}/bin"
local_bin="/usr/local/bin" local_bin="/usr/local/bin"
etc="${server_path}/etc" etc="${server_dir}/etc"
server_conf="${etc}/warden-server.conf" server_conf="${etc}/warden-server.conf"
apache_conf="${etc}/warden-apache.conf" apache_conf="${etc}/warden-apache.conf"
var="${server_path}/var" lib="${server_dir}/lib"
lib="${server_path}/lib" doc="${server_dir}/doc"
doc="${server_path}/doc"
err="/tmp/warden-err" err="/tmp/warden-err"
modules_file="/tmp/warden-modules.txt"
# check if warden-server is installed # check if warden-server is installed
oldPackageChck oldPackageChck
...@@ -320,7 +281,7 @@ echo ...@@ -320,7 +281,7 @@ echo
echo "------------------------- Installation process --------------------------" echo "------------------------- Installation process --------------------------"
# make warden server directory # make warden server directory
makeWardenDir createWardenDir
# create server configuration file # create server configuration file
makeServerConf makeServerConf
...@@ -333,16 +294,16 @@ createSymlinks ...@@ -333,16 +294,16 @@ createSymlinks
echo echo
echo "Please check configuration files:" echo "Please check configuration files:"
echo " - ${server_conf}" echo " - $server_conf"
echo " - ${apache_conf}" echo " - $apache_conf"
echo echo
echo "Warden server directory: $server_path" echo "Warden server directory: $server_dir"
echo echo
echo "Please follow post-installation steps in ${doc}/INSTALL!" echo "Please follow post-installation steps in ${doc}/INSTALL!"
echo echo
echo "Installation of $package_version package was SUCCESSFUL!!!" echo "Installation of $package_version package was SUCCESSFUL!!!"
echo echo
# cleanup section # cleanup section
rm -rf $err rm -f "$err" "$modules_file"
exit 0 exit 0
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment