pridano generovani konfiguracnich souboru z sablon; pridan parametr -s pro...

pridano generovani konfiguracnich souboru z sablon; pridan parametr -s pro vyber adresare pro symlinky na bin adresar serveru; uprava helpu; pridano mazani tmp souboru pri zjistovani zavislych perl modulu ve funkci err; zmena nazvu server_dir na basedir

pridano generovani konfiguracnich souboru z sablon; pridan parametr -s pro...
f68030eb · Tomáš Plesník · e03cfbcd · f68030eb
Commit f68030eb authored 11 years ago by Tomáš Plesník
--- a/src/warden-server/sh/install.sh
+++ b/src/warden-server/sh/install.sh
@@ -14,15 +14,16 @@ VERSION="2.2"
 #-------------------------------------------------------------------------------
 usage()
 {
-	echo "Usage: ${0##*/} -d <directory> -k <ssl_key_file> -c <ssl_cert_file> -a <ssl_ca_file> [-hV]"
+	echo "Usage: ${0##*/} -d <directory> -k <ssl_key_file> -c <ssl_cert_file> -a <ssl_ca_file> [-s <directory>] [-hV]"
-	echo "-d <directory>            installation directory"
+	echo "-d <directory>            installation directory of Warden server"
 	echo "-k <ssl_key_file>         path to SSL certificate key file"
 	echo "-c <ssl_cert_file>        path to SSL certificate file"
 	echo "-a <ssl_ca_file>          path to CA certificate file"
+	echo "-s <directory>            directory for symlinks to Warden server control scripts (optional)"
 	echo "-h                        print this help"
 	echo "-V                        print script version number and exit"
 	echo
-	echo "Example: # ./${0##*/} -d /opt -k /etc/ssl/private/server.key -c /etc/ssl/certs/server.pem -a /etc/ssl/certs/tcs-ca-bundle.pem"
+	echo "Example: # ./${0##*/} -d /opt -k /etc/ssl/private/server.key -c /etc/ssl/certs/server.pem -a /etc/ssl/certs/tcs-ca-bundle.pem -s /usr/local/bin"
 	echo
 	echo "For more information about installation process, see README file (section Installation)."
 	echo
@@ -41,7 +42,7 @@ err()
 {
 	echo "FAILED!"
 	cat "$err"
-	rm -f "$err"
+	rm -f "$err" "$modules_file"
 	echo
 	echo "Installation of $package_version package FAILED!!!"
 	exit 1
@@ -52,9 +53,9 @@ errClean()
 {
 	echo "FAILED!"
 	echo " -> Uninstalling server package ... OK"
-	rm -rf "$server_dir/"* > /dev/null 2>&1
+	rm -rf "$basedir/"* > /dev/null 2>&1	# BUG: smaze vse na co ma USER pravo
 	cat "$err"
-	rm -f "$err"
+	rm -f "$err" "$modules_file"
 	echo
 	echo "Installation of $package_version package FAILED!!!"
 	exit 1
@@ -63,7 +64,7 @@ errClean()
 paramsChck()
 {
-	if [ -z "$server_dir" ]; then
+	if [ -z "$basedir" ]; then
 		echo "Parameter -d <directory> is not set!"
 		exit 1
 	fi
@@ -88,13 +89,17 @@ paramsChck()
 oldPackageChck()
 {
+	echo -n "Checking previous Warden server installation ... "
 	old_package_version_file="${etc}/package_version"
 	if [ -f "$old_package_version_file" ]; then
-		old_package_version=$(< "$old_package_version_file") || err
+		echo "FAILED!"
+		echo
+		old_package_version=$(< "$old_package_version_file")
 		echo "Sorry, but $old_package_version package is installed!"
 		echo "For update of warden server package please use update.sh"
 		exit 1
 	fi
+	echo "OK"
 }
@@ -105,6 +110,7 @@ perlChck()
 		echo "OK"
 	else
 		echo "FAILED!"
+		echo
 		echo "Error: Perl interpreter is not installed!"
 		exit 1
 	fi
@@ -124,111 +130,31 @@ modulesChck()
 createWardenDir()
 {
 	echo -n "Creating Warden server directory ... "
-	test -d "$server_dir" && test -w "$server_dir" || mkdir -p "$server_dir" 2> "$err" || err
+	test -d "$basedir" && test -w "$basedir" || mkdir -p "$basedir" 2> "$err" || err
-	cp -R "${dirname}/warden-server/"* "$server_dir" 2> "$err" && echo "OK" || errClean
+	cp -R "${dirname}/warden-server/"* "$basedir" 2> "$err" && echo "OK" || errClean
-	cp "${dirname}/uninstall.sh" "$server_dir"
+	rm -f "${etc}/${server_conf_tmpl##*/}" "${etc}/${apache_conf_tmpl##*/}"
+	cp "${dirname}/uninstall.sh" "$basedir"
 }
-makeServerConf()
-{
-	echo -n "Creating server configuration file ... "
-	echo "# 
-# warden-server.conf - configuration file for Warden server
-#
-#-------------------------------------------------------------------------------
-# BASEDIR - base directory of Warden server
-#-------------------------------------------------------------------------------
-\$BASEDIR = \"${server_dir}\";
-#-------------------------------------------------------------------------------
-# SYSLOG - enable/disable syslog logging
-#-------------------------------------------------------------------------------
-\$SYSLOG = 1;
-#-------------------------------------------------------------------------------
-# SYSLOG_VERBOSE - enable/disable logging in verbose mode (stack info added)
-#-------------------------------------------------------------------------------
-\$SYSLOG_VERBOSE = 1;
-#-------------------------------------------------------------------------------
-# SYSLOG_FACILITY - syslog facility
-#-------------------------------------------------------------------------------
-\$SYSLOG_FACILITY = \"local7\";
-#-------------------------------------------------------------------------------
-# DB_NAME - MySQL database name of Warden server
-#-------------------------------------------------------------------------------
-\$DB_NAME = \"warden\";
-#-------------------------------------------------------------------------------
-# DB_USER - MySQL database user of Warden server
-#-------------------------------------------------------------------------------
-\$DB_USER = \"warden\";
-#-------------------------------------------------------------------------------
-# DB_PASS - MySQL database password of Warden server
-#-------------------------------------------------------------------------------
-\$DB_PASS = \"\";
-#-------------------------------------------------------------------------------
-# DB_HOST - MySQL database host
-#-------------------------------------------------------------------------------
-\$DB_HOST = \"localhost\";
-#-------------------------------------------------------------------------------
+doTemplate()
-# MAX_EVENTS_LIMIT - server limit of maximum number of events that can be
-#                    delivered to one client in one batch
-#-------------------------------------------------------------------------------
-\$MAX_EVENTS_LIMIT = 1000000;
-#-------------------------------------------------------------------------------
-# VALID_STRINGS - validation hash containing allowed event attributes
-#-------------------------------------------------------------------------------
-%VALID_STRINGS = (
-  \"type\" => [\"portscan\", \"bruteforce\", \"probe\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\", \"_any_\"],
-  \"source_type\" => [\"IP\", \"URL\", \"Reply-To:\"]
-);" > "$server_conf" 2> "$err" && echo "OK" || errClean
-}
-makeApacheConf()
 {
-	echo -n "Creating Apache configuration file ... "
+        vars=""
-	echo "#
+        while (($#)); do
-#
+                vars="'$1'=>'$2', $vars"
-# warden-apache.conf - configuration file for the Apache server
+                shift 2
-#
+        done
+        perl -e "my %repl=($vars); foreach my \$l (<>) {\$l =~ s/\$_/\$repl{\$_}/g for keys %repl; print \$l}"
-SSLEngine on
-SSLVerifyDepth 3
-SSLVerifyClient require
-SSLOptions +StdEnvVars +ExportCertData
-SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-SSLCertificateFile    $cert_file
-SSLCertificateKeyFile $key_file
-SSLCACertificateFile  $ca_file
-PerlOptions +Parent
-PerlSwitches -I $lib
-<Location /Warden>
-        SetHandler perl-script
-        PerlHandler Warden::ApacheDispatch
-        SSLOptions +StdEnvVars
-</Location>" > "$apache_conf" 2> "$err" && echo "OK" || errClean
 }
 createSymlinks()
 {
-	echo "Creating symbolic links to local bin path..."
+	echo "Creating symbolic links to $symbin ..."
 	for file in "${bin}/"*
 	do
-		echo "- making symlink: ${local_bin}/${file##*/} -> $file"
+		echo "- making symlink: ${symbin}/${file##*/} -> $file"
-		ln -s "$file" "${local_bin}/${file##*/}"
+		ln -s "$file" "${symbin}/${file##*/}"
 	done
 }
@@ -237,40 +163,46 @@ createSymlinks()
 #				MAIN
 #-------------------------------------------------------------------------------
 # read input
-while getopts "d:k:c:a:Vh" options; do
+while getopts "d:k:c:a:s:Vh" options; do
 	case "$options" in
-		d ) server_dir="$OPTARG";;
+		d ) basedir="$OPTARG";;
 		k ) key_file="$OPTARG";;
 		c ) cert_file="$OPTARG";;
 		a ) ca_file="$OPTARG";;
+		s ) symbin="$OPTARG";;
 		h ) usage;;
 		V ) version;;
 		* ) usage;;
 	esac
 done
+# remove last char (slash) from name of directories
+[[ $basedir == */ ]] && basedir="${basedir%?}"
+[[ $symbin == */ ]] && symbin="${symbin%?}"
 # params test
 paramsChck
 # set variables
+err="/tmp/warden-err"
+modules_file="/tmp/warden-modules.txt"
 dirname=${0%/*}
-package_version=$(< "${dirname}/warden-server/etc/package_version") || err
+bin="${basedir}/bin"
-bin="${server_dir}/bin"
+lib="${basedir}/lib"
-local_bin="/usr/local/bin"
+doc="${basedir}/doc"
-etc="${server_dir}/etc"
+etc="${basedir}/etc"
 server_conf="${etc}/warden-server.conf"
 apache_conf="${etc}/warden-apache.conf"
-lib="${server_dir}/lib"
+server_conf_tmpl="${dirname}/warden-server/etc/warden-server.conf.tmpl"
-doc="${server_dir}/doc"
+apache_conf_tmpl="${dirname}/warden-server/etc/warden-apache.conf.tmpl"
-err="/tmp/warden-err"
+package_version=$(< "${dirname}/warden-server/etc/package_version")
-modules_file="/tmp/warden-modules.txt"
+echo
+echo "----------------------- Checking for Dependencies -----------------------"
 # check if warden-server is installed
 oldPackageChck
-echo
-echo "------------------------- Dependencies check-in -------------------------"
 # Perl interpreter test
 perlChck
@@ -284,25 +216,37 @@ echo "------------------------- Installation process --------------------------"
 createWardenDir
 # create server configuration file
-makeServerConf
+echo -n "Creating server configuration file ... "
+doTemplate \
+        _BASEDIR_       "$basedir" \
+        < $server_conf_tmpl \
+        > $server_conf && echo "OK" || errClean
 # create Apache configuration file
-makeApacheConf
+echo -n "Creating Apache configuration file ... "
+doTemplate \
-# crate symlinks from warden server bin directory to /usr/local/bin
+        _CERT_FILE_	"$cert_file" \
-createSymlinks
+        _KEY_FILE_	"$key_file" \
+        _CA_FILE_	"$ca_file" \
+        _LIB_		"$lib" \
+        < $apache_conf_tmpl \
+        > $apache_conf && echo "OK" || errClean
+# crate symlinks from warden server bin to user path if -s option is set
+[[ ! -z $symbin ]] && [[ -d $symbin ]] && [[ -w $symbin ]] && createSymlinks
 echo
 echo "Please check configuration files:"
 echo " - $server_conf"
 echo " - $apache_conf"
 echo
-echo "Warden server directory: $server_dir"
+echo "Warden server directory: $basedir"
 echo
 echo "Please follow post-installation steps in ${doc}/INSTALL!"
 echo
 echo "Installation of $package_version package was SUCCESSFUL!!!"
 echo
 # cleanup section
 rm -f "$err" "$modules_file"