#!/bin/bash
#
# install.sh
#
# Copyright (C) 2011 Cesnet z.s.p.o
# Author(s): Tomas PLESNIK <plesnik@ics.muni.cz>
# Jan SOUKAL <soukal@ics.muni.cz>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
# 3. Neither the name of the Company nor the names of its
# contributors may be used to endorse or promote products derived from
# this software without specific prior written permission.
#
# This software is provided ``as is'', and any express or implied
# warranties, including, but not limited to, the implied warranties of
# merchantability and fitness for a particular purpose are disclaimed.
# In no event shall the Masaryk University or contributors be liable for
# any direct, indirect, incidental, special, exemplary, or consequential
# damages (including, but not limited to, procurement of substitute
# goods or services; loss of use, data, or profits; or business
# interruption) however caused and on any theory of liability, whether
# in contract, strict liability, or tort (including negligence or
# otherwise) arising in any way out of the use of this software, even
# if advised of the possibility of such damage.
VERSION="1.0.0"
#-------------------------------------------------------------------------------
# FUNCTIONS
#-------------------------------------------------------------------------------
usage()
{
echo "Usage: `basename $0` [-d <directory>] [-u <user>] [-k <ssl_key_file>] [-c <ssl_cert_file>] [-a <ssl_ca_file>] [-hV]"
echo "-d <directory> installation directory (default: /opt)"
echo "-u <user> owner of warden client package (user for running detection scripts)"
echo "-k <ssl_key_file> path to SSL certificate key file"
echo "-c <ssl_cert_file> path to SSL certificate file"
echo "-a <ssl_ca_file> path to CA certificate file"
echo "-h print this help"
echo "-V print script version number and exit"
echo
echo "Example: ./`basename $0` -d /opt -u detector -k /etc/ssl/private/client.key -c /etc/ssl/certs/client.pem -a /etc/ssl/certs/tcs-ca-bundle.pem"
echo
echo "Note: You must be root for running this script."
echo " For more information about installation process, see README file (section Installation)."
echo
exit 0
}
version()
{
echo "`basename ${0}` - current version is $VERSION"
exit 0
}
err()
{
echo "FAILED!"
cat $err
echo
echo "Installation FAILED!!!"
exit 1
}
err_clean()
{
echo "FAILED!"
echo " -> Uninstalling client package ... OK"
rm -rf $client_path > /dev/null 2>&1
cat $err
rm -rf $err
echo
echo "Installation FAILED!!!"
exit 1
}
#-------------------------------------------------------------------------------
# MAIN
#-------------------------------------------------------------------------------
# OS test
OS=`uname`
if [ "$OS" != "Linux" ]; then
echo "Sorry, unsupported operating system detected - \"$OS\"!"
exit 1
fi
# shell test
SHELL=`echo $SHELL`
if [ "$SHELL" != "/bin/bash" ]; then
echo "Sorry, this script is usable in Bourne Again Shell (bash) only!"
exit 1
fi
# read input
while getopts "d:u:k:c:a:Vh" options; do
case $options in
d ) prefix=$OPTARG;;
u ) user=$OPTARG;;
k ) key=$OPTARG;;
c ) cert=$OPTARG;;
a ) ca_file=$OPTARG;;
h ) usage;;
V ) version;;
* ) usage;;
esac
done
# root controle
if [ $UID -ne 0 ]; then
echo "You must be root for running this script!"
exit 1
fi
# check inputs
if [ -z $prefix ]; then
prefix=/opt
echo "Warning: parameter -d <directory> is not set - default installation directory is /opt!"
fi
if [ -z $user ]; then
echo "Parameter -u <user> is not set!"
exit 1
fi
if [ -z $key ]; then
echo "Parameter -k <ssl_key_file> is not set!"
exit 1
fi
if [ -z $cert ]; then
echo "Parameter -c <ssl_cert_file> is not set!"
exit 1
fi
if [ -z $ca_file ]; then
echo "Parameter -a <ssl_ca_file> is not set!"
exit 1
fi
# create variables
key_file=`basename $key`
cert_file=`basename $cert`
client_path="$prefix/warden-client"
etc="$client_path/etc"
conf_file="$etc/warden-client.conf"
err="/tmp/warden-err"
#-------------------------------------------------------------------------------
# Dependencies check-in
echo "------------------------- Dependencies check-in ---------------------------"
# check Perl interpreter
echo -n "Checking Perl package ... "
which perl 1>/dev/null; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
echo "FAILED!"
exit 1
fi
# check SOAP::Lite package
echo -n "Checking SOAP::Lite package ... "
perl -e 'use SOAP::Lite' 2> $err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
err
fi
# check IO::Socket::SSL package
echo -n "Checking IO::Socket::SSL package ... "
perl -e 'use IO::Socket::SSL' 2> $err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
err
fi
# check SOAP::Transport::TCP package
echo -n "Checking SOAP::Transport::TCP package ... "
perl -e 'use SOAP::Transport::TCP' 2> $err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
err
fi
# check FindBin package
echo -n "Checking FindBin package ... "
perl -e 'use FindBin' 2> $err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
err
fi
#-------------------------------------------------------------------------------
# Installation process
echo
echo "------------------------- Installation process ---------------------------"
# check installation directory
echo -n "Checking installation directory ... "
if [ ! -d $prefix ]; then
echo "FAILED!"
ls $prefix
exit 1
else
echo "OK"
fi
# make warden client directory
echo -n "Making warden client directory ... "
cp -R ./warden-client $prefix 2> $err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
err_clean
fi
# copy cert key file
echo -n "Copying certificate key file ... "
cp $key $etc 2> $err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
err_clean
fi
# copy cert file
echo -n "Copying certificate file ... "
cp $cert $etc 2> $err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
err_clean
fi
# create conf file
echo -n "Creating configuration file ... "
echo "#
# warden-client.conf - configuration file for the warden sender/receiver client
#
#-------------------------------------------------------------------------------
# URI - URI address of Warden server
#-------------------------------------------------------------------------------
\$URI = \"https://warden.cesnet.cz:443/Warden\";
#-------------------------------------------------------------------------------
# SSL_KEY_FILE - path to client SSL certificate key file
#-------------------------------------------------------------------------------
\$SSL_KEY_FILE = \"$etc/$key_file\";
#-------------------------------------------------------------------------------
# SSL_CERT_FILE - path to client SSL certificate file
#-------------------------------------------------------------------------------
\$SSL_CERT_FILE = \"$etc/$cert_file\";
#-------------------------------------------------------------------------------
# SSL_CA_FILE - path to CA certificate file
#-------------------------------------------------------------------------------
\$SSL_CA_FILE = \"$ca_file\";
" > $conf_file 2> $err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
err_clean
fi
# change permissions
echo -n "Changing permissions to installed package ... "
chown -R $user: $client_path 2>$err; ret_val=`echo $?`
if [ $ret_val -eq 0 ]; then
echo "OK"
else
err_clean
fi
echo
echo "Please check configuration file in $conf_file!"
echo
echo "Installation was SUCCESSFUL!!!"
# cleanup section
rm -rf $err
exit 0