From f68030eb8e163299e2b7ef1c4e9401dd7b678170 Mon Sep 17 00:00:00 2001
From: Tomas Plesnik <plesnik@ics.muni.cz>
Date: Fri, 27 Sep 2013 20:04:28 +0200
Subject: [PATCH] pridano generovani konfiguracnich souboru z sablon; pridan
parametr -s pro vyber adresare pro symlinky na bin adresar serveru; uprava
helpu; pridano mazani tmp souboru pri zjistovani zavislych perl modulu ve
funkci err; zmena nazvu server_dir na basedir
---
src/warden-server/sh/install.sh | 186 +++++++++++---------------------
1 file changed, 65 insertions(+), 121 deletions(-)
diff --git a/src/warden-server/sh/install.sh b/src/warden-server/sh/install.sh
index c406af1..0bb6e67 100755
--- a/src/warden-server/sh/install.sh
+++ b/src/warden-server/sh/install.sh
@@ -14,15 +14,16 @@ VERSION="2.2"
#-------------------------------------------------------------------------------
usage()
{
- echo "Usage: ${0##*/} -d <directory> -k <ssl_key_file> -c <ssl_cert_file> -a <ssl_ca_file> [-hV]"
- echo "-d <directory> installation directory"
+ echo "Usage: ${0##*/} -d <directory> -k <ssl_key_file> -c <ssl_cert_file> -a <ssl_ca_file> [-s <directory>] [-hV]"
+ echo "-d <directory> installation directory of Warden server"
echo "-k <ssl_key_file> path to SSL certificate key file"
echo "-c <ssl_cert_file> path to SSL certificate file"
echo "-a <ssl_ca_file> path to CA certificate file"
+ echo "-s <directory> directory for symlinks to Warden server control scripts (optional)"
echo "-h print this help"
echo "-V print script version number and exit"
echo
- echo "Example: # ./${0##*/} -d /opt -k /etc/ssl/private/server.key -c /etc/ssl/certs/server.pem -a /etc/ssl/certs/tcs-ca-bundle.pem"
+ echo "Example: # ./${0##*/} -d /opt -k /etc/ssl/private/server.key -c /etc/ssl/certs/server.pem -a /etc/ssl/certs/tcs-ca-bundle.pem -s /usr/local/bin"
echo
echo "For more information about installation process, see README file (section Installation)."
echo
@@ -41,7 +42,7 @@ err()
{
echo "FAILED!"
cat "$err"
- rm -f "$err"
+ rm -f "$err" "$modules_file"
echo
echo "Installation of $package_version package FAILED!!!"
exit 1
@@ -52,9 +53,9 @@ errClean()
{
echo "FAILED!"
echo " -> Uninstalling server package ... OK"
- rm -rf "$server_dir/"* > /dev/null 2>&1
+ rm -rf "$basedir/"* > /dev/null 2>&1 # BUG: smaze vse na co ma USER pravo
cat "$err"
- rm -f "$err"
+ rm -f "$err" "$modules_file"
echo
echo "Installation of $package_version package FAILED!!!"
exit 1
@@ -63,7 +64,7 @@ errClean()
paramsChck()
{
- if [ -z "$server_dir" ]; then
+ if [ -z "$basedir" ]; then
echo "Parameter -d <directory> is not set!"
exit 1
fi
@@ -88,13 +89,17 @@ paramsChck()
oldPackageChck()
{
+ echo -n "Checking previous Warden server installation ... "
old_package_version_file="${etc}/package_version"
if [ -f "$old_package_version_file" ]; then
- old_package_version=$(< "$old_package_version_file") || err
+ echo "FAILED!"
+ echo
+ old_package_version=$(< "$old_package_version_file")
echo "Sorry, but $old_package_version package is installed!"
echo "For update of warden server package please use update.sh"
exit 1
fi
+ echo "OK"
}
@@ -105,6 +110,7 @@ perlChck()
echo "OK"
else
echo "FAILED!"
+ echo
echo "Error: Perl interpreter is not installed!"
exit 1
fi
@@ -124,111 +130,31 @@ modulesChck()
createWardenDir()
{
echo -n "Creating Warden server directory ... "
- test -d "$server_dir" && test -w "$server_dir" || mkdir -p "$server_dir" 2> "$err" || err
- cp -R "${dirname}/warden-server/"* "$server_dir" 2> "$err" && echo "OK" || errClean
- cp "${dirname}/uninstall.sh" "$server_dir"
+ test -d "$basedir" && test -w "$basedir" || mkdir -p "$basedir" 2> "$err" || err
+ cp -R "${dirname}/warden-server/"* "$basedir" 2> "$err" && echo "OK" || errClean
+ rm -f "${etc}/${server_conf_tmpl##*/}" "${etc}/${apache_conf_tmpl##*/}"
+ cp "${dirname}/uninstall.sh" "$basedir"
}
-makeServerConf()
-{
- echo -n "Creating server configuration file ... "
- echo "#
-# warden-server.conf - configuration file for Warden server
-#
-
-#-------------------------------------------------------------------------------
-# BASEDIR - base directory of Warden server
-#-------------------------------------------------------------------------------
-\$BASEDIR = \"${server_dir}\";
-
-#-------------------------------------------------------------------------------
-# SYSLOG - enable/disable syslog logging
-#-------------------------------------------------------------------------------
-\$SYSLOG = 1;
-
-#-------------------------------------------------------------------------------
-# SYSLOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
-#-------------------------------------------------------------------------------
-\$SYSLOG_VERBOSE = 1;
-
-#-------------------------------------------------------------------------------
-# SYSLOG_FACILITY - syslog facility
-#-------------------------------------------------------------------------------
-\$SYSLOG_FACILITY = \"local7\";
-
-#-------------------------------------------------------------------------------
-# DB_NAME - MySQL database name of Warden server
-#-------------------------------------------------------------------------------
-\$DB_NAME = \"warden\";
-
-#-------------------------------------------------------------------------------
-# DB_USER - MySQL database user of Warden server
-#-------------------------------------------------------------------------------
-\$DB_USER = \"warden\";
-
-#-------------------------------------------------------------------------------
-# DB_PASS - MySQL database password of Warden server
-#-------------------------------------------------------------------------------
-\$DB_PASS = \"\";
-
-#-------------------------------------------------------------------------------
-# DB_HOST - MySQL database host
-#-------------------------------------------------------------------------------
-\$DB_HOST = \"localhost\";
-#-------------------------------------------------------------------------------
-# MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
-# delivered to one client in one batch
-#-------------------------------------------------------------------------------
-\$MAX_EVENTS_LIMIT = 1000000;
-
-#-------------------------------------------------------------------------------
-# VALID_STRINGS - validation hash containing allowed event attributes
-#-------------------------------------------------------------------------------
-%VALID_STRINGS = (
- \"type\" => [\"portscan\", \"bruteforce\", \"probe\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\", \"_any_\"],
- \"source_type\" => [\"IP\", \"URL\", \"Reply-To:\"]
-);" > "$server_conf" 2> "$err" && echo "OK" || errClean
-}
-
-makeApacheConf()
+doTemplate()
{
- echo -n "Creating Apache configuration file ... "
- echo "#
-#
-# warden-apache.conf - configuration file for the Apache server
-#
-
-SSLEngine on
-
-SSLVerifyDepth 3
-SSLVerifyClient require
-SSLOptions +StdEnvVars +ExportCertData
-
-SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-
-SSLCertificateFile $cert_file
-SSLCertificateKeyFile $key_file
-SSLCACertificateFile $ca_file
-
-PerlOptions +Parent
-PerlSwitches -I $lib
-
-<Location /Warden>
- SetHandler perl-script
- PerlHandler Warden::ApacheDispatch
- SSLOptions +StdEnvVars
-</Location>" > "$apache_conf" 2> "$err" && echo "OK" || errClean
+ vars=""
+ while (($#)); do
+ vars="'$1'=>'$2', $vars"
+ shift 2
+ done
+ perl -e "my %repl=($vars); foreach my \$l (<>) {\$l =~ s/\$_/\$repl{\$_}/g for keys %repl; print \$l}"
}
createSymlinks()
{
- echo "Creating symbolic links to local bin path..."
+ echo "Creating symbolic links to $symbin ..."
for file in "${bin}/"*
do
- echo "- making symlink: ${local_bin}/${file##*/} -> $file"
- ln -s "$file" "${local_bin}/${file##*/}"
+ echo "- making symlink: ${symbin}/${file##*/} -> $file"
+ ln -s "$file" "${symbin}/${file##*/}"
done
}
@@ -237,40 +163,46 @@ createSymlinks()
# MAIN
#-------------------------------------------------------------------------------
# read input
-while getopts "d:k:c:a:Vh" options; do
+while getopts "d:k:c:a:s:Vh" options; do
case "$options" in
- d ) server_dir="$OPTARG";;
+ d ) basedir="$OPTARG";;
k ) key_file="$OPTARG";;
c ) cert_file="$OPTARG";;
a ) ca_file="$OPTARG";;
+ s ) symbin="$OPTARG";;
h ) usage;;
V ) version;;
* ) usage;;
esac
done
+# remove last char (slash) from name of directories
+[[ $basedir == */ ]] && basedir="${basedir%?}"
+[[ $symbin == */ ]] && symbin="${symbin%?}"
+
# params test
paramsChck
# set variables
+err="/tmp/warden-err"
+modules_file="/tmp/warden-modules.txt"
dirname=${0%/*}
-package_version=$(< "${dirname}/warden-server/etc/package_version") || err
-bin="${server_dir}/bin"
-local_bin="/usr/local/bin"
-etc="${server_dir}/etc"
+bin="${basedir}/bin"
+lib="${basedir}/lib"
+doc="${basedir}/doc"
+etc="${basedir}/etc"
server_conf="${etc}/warden-server.conf"
apache_conf="${etc}/warden-apache.conf"
-lib="${server_dir}/lib"
-doc="${server_dir}/doc"
-err="/tmp/warden-err"
-modules_file="/tmp/warden-modules.txt"
+server_conf_tmpl="${dirname}/warden-server/etc/warden-server.conf.tmpl"
+apache_conf_tmpl="${dirname}/warden-server/etc/warden-apache.conf.tmpl"
+package_version=$(< "${dirname}/warden-server/etc/package_version")
+
+echo
+echo "----------------------- Checking for Dependencies -----------------------"
# check if warden-server is installed
oldPackageChck
-echo
-echo "------------------------- Dependencies check-in -------------------------"
-
# Perl interpreter test
perlChck
@@ -284,25 +216,37 @@ echo "------------------------- Installation process --------------------------"
createWardenDir
# create server configuration file
-makeServerConf
+echo -n "Creating server configuration file ... "
+doTemplate \
+ _BASEDIR_ "$basedir" \
+ < $server_conf_tmpl \
+ > $server_conf && echo "OK" || errClean
# create Apache configuration file
-makeApacheConf
-
-# crate symlinks from warden server bin directory to /usr/local/bin
-createSymlinks
+echo -n "Creating Apache configuration file ... "
+doTemplate \
+ _CERT_FILE_ "$cert_file" \
+ _KEY_FILE_ "$key_file" \
+ _CA_FILE_ "$ca_file" \
+ _LIB_ "$lib" \
+ < $apache_conf_tmpl \
+ > $apache_conf && echo "OK" || errClean
+
+# crate symlinks from warden server bin to user path if -s option is set
+[[ ! -z $symbin ]] && [[ -d $symbin ]] && [[ -w $symbin ]] && createSymlinks
echo
echo "Please check configuration files:"
echo " - $server_conf"
echo " - $apache_conf"
echo
-echo "Warden server directory: $server_dir"
+echo "Warden server directory: $basedir"
echo
echo "Please follow post-installation steps in ${doc}/INSTALL!"
echo
echo "Installation of $package_version package was SUCCESSFUL!!!"
echo
+
# cleanup section
rm -f "$err" "$modules_file"
--
GitLab