Menu
▾
▴
devil-linux-commit
|
From: Heiko Z. <smi...@us...> - 2008-05-30 15:01:45
|
Update of /cvsroot/devil-linux/build/scripts/scripts In directory sc8-pr-cvs12.sourceforge.net:/tmp/cvs-serv15040/scripts/scripts Added Files: Tag: rel-1-2-patches rass Log Message: - updated acl_2.2.47-1 - updated attr_2.4.41 - updated bzip2-1.0.5 - updated lm_sensors-2.10.6 - updated dovecot-1.0.13 - updated openssh-5.0p1 - updated shorewall-shell-4.0.10 - updated nagios-3.0.1 - updated nagios-plugins-1.4.11 - updated nrpe-2.12 - updated nsca-2.7.2 - updated postgresql-8.3.1 - updated rsync-3.0.2 - updated smartmontools-5.38 - updated tar-1.20 - updated wget-1.11.2 - updated nagios-plugin-pgsql_include_for_8.3 - updated linux-2.4.36.4 - updated pax-linux-2.4.36.4-test1 - updated bridge-utils-1.4 - updated cyrus-imapd-2.3.12p2 - updated device-mapper.1.02.25 - updated gnupg-1.4.9 - updated krb5-1.6.3 - updated libpcap-0.9.8 - updated libpng-1.2.29 - updated lzo-2.03 - updated nmap-4.62 - updated openldap-2.4.9 - updated pcre-7.7 - updated samba-3.0.28a - updated snort-2.8.1 - updated squid-3.0.STABLE5 - updated tcpdump-3.9.8 - updated xfsprogs_2.9.8-1 - updated open-vm-tools-2008.04.14-87182 - updated grsecurity-2.1.12-2.4.36.4-200805181025 - updated libxml2-2.6.30 - updated libxslt-1.1.24 - updated nut-2.2.2 - updated p7zip_4.57-libun7zip - updated p7zip_4.57_src_all - updated php-5.2.6 - updated scponly-20080308 - updated shorewall-perl-4.0.10.1 - updated shorewall-common-4.0.10.1 - updated sudo-1.6.9p16 - updated stunnel-4.24 - updated e2fsprogs-1.40.8 --- NEW FILE: rass --- #!/bin/bash REMOTE_WORKING_DIR=/shm/mnt/tmp USER=root while [ ! -z "$1" ] ; do case "$1" in -h ) echo "$0, version 0.1" echo echo "usage: $0 [-h] [-dir remote directory] [-user username] host-address" echo echo "h : this help message" echo echo "host : host-address [no default]" echo "dir : remote directory [default: $REMOTE_WORKING_DIR]" echo "user : username [default: $USER]" echo; exit 0 ;; -dir ) shift if [ -z "$1" ] ; then echo "*** Error - Directory name missing." exit 1 else REMOTE_WORKING_DIR=$1 fi ;; -user ) shift if [ -z "$1" ] ; then echo "*** Error - User name missing." exit 1 else USER=$1 fi ;; * ) REMOTE_HOST_ADDRESS=$1 ;; esac shift done if [ -z $REMOTE_HOST_ADDRESS ] ; then echo "*** Error: No IP-address or host-name specified. Usage $0 host-address." echo exit 1 fi EXECUTION_STRING="" unmount_remote_device() { if [ ! "$1" = "silent" ] ; then EXECUTION_STRING="$EXECUTION_STRING echo -en \"Unmount \$DEVICE_REMOTE...\";" fi EXECUTION_STRING="$EXECUTION_STRING umount \$DEVICE_REMOTE; if [ \$? -lt 2 ] ; then if [ ! \"$1\" = \"silent\" ] ; then echo -en \"\\E[32;40mSuccess.\"; echo -e \"\\E[37;40m\"; fi ; else echo -e \"\\E[33;40mWarning: \$DEVICE_REMOTE could not be unmounted.\"; fi ;" } cleanup() { while [ ! -z "$1" ] ; do case "$1" in UnmountRemote ) unmount_remote_device silent ;; RemoveDirectoryRemote ) EXECUTION_STRING="$EXECUTION_STRING rmdir --ignore-fail-on-non-empty $REMOTE_WORKING_DIR; if [ ! \$? = 0 ] ; then echo -e \"\\E[33;40mWarning: $REMOTE_WORKING_DIR could not be removed during clean-up process. \"; fi;" ;; RemoveMD5Remote ) EXECUTION_STRING="$EXECUTION_STRING rm -f \$CHECKSUM_DESTINATION_REMOTE; rm -f $REMOTE_WORKING_DIR/tmp.zip if [ -s \$CHECKSUM_DESTINATION_REMOTE ] ; then echo -e \"\\E[33;40mWarning: MD5-checksum could not be removed on $REMOTE_HOST_ADDRESS.\" ; echo -e \"\\E[37;40m\"; fi; if [ -s $REMOTE_WORKING_DIR/tmp.zip ] ; then echo -e \"\\E[33;40mWarning: tmp.zip could not be removed on $REMOTE_HOST_ADDRESS.\" ; echo -e \"\\E[37;40m\"; fi; " ;; RemoveTempRemote ) EXECUTION_STRING="$EXECUTION_STRING rm -f $REMOTE_WORKING_DIR/tmp.zip rm -f $REMOTE_WORKING_DIR/variables if [ -s $REMOTE_WORKING_DIR/variables ] ; then echo -e \"\\E[33;40mWarning: Temporary file 'variables' could not be removed on $REMOTE_HOST_ADDRESS.\" ; echo -e \"\\E[37;40m\"; fi; if [ -s $REMOTE_WORKING_DIR/tmp.zip ] ; then echo -e \"\\E[33;40mWarning: tmp.zip could not be removed on $REMOTE_HOST_ADDRESS.\" ; echo -e \"\\E[37;40m\"; fi; " ;; RemoveMD5Local ) rm -f \.\/$CHECKSUM_FILENAME if [ ! $? = 0 ] ; then echo -e "\E[33;40mWarning: MD5-checksum could not be removed on localhost." ; tput sgr0 fi ;; RemoveSignatureLocal ) rm -f \.\/$SIGNATURE_FILENAME if [ ! $? = 0 ] ; then echo -e "\E[33;40mWarning: Signature could not be removed on localhost." ; tput sgr0 fi ;; esac shift done } ################### getting DL_CONFIG_SOURCE and DL_CONFIG_FILE from remote host ############### EXECUTION_STRING="$EXECUTION_STRING echo -en \"Get tarball-location from $REMOTE_HOST_ADDRESS...\" ; DEVICE_REMOTE=\$( cat /shm/DL_CONFIG_SOURCE ); if [ -z \$DEVICE_REMOTE ] ; then echo -e \"\\E[31;40mFailure: /shm/DL_CONFIG_SOURCE on $REMOTE_HOST_ADDRESS not found or empty. Aborting.\"; exit 1; fi ; TARBALL_FILENAME=\$( cat /shm/DL_CONFIG_FILE ); if [ -z \$TARBALL_FILENAME ] ; then echo -e \"\\E[31;40mFailure: /shm/DL_CONFIG_FILE on $REMOTE_HOST_ADDRESS not found or empty. Aborting.\"; exit 1; fi; echo -en \"\\E[32;40mSuccess.\" ; echo;" EXECUTION_STRING="$EXECUTION_STRING CHECKSUM_FILENAME=\"\$TARBALL_FILENAME.md5\";" EXECUTION_STRING="$EXECUTION_STRING SIGNATURE_FILENAME=\"\$CHECKSUM_FILENAME.sig\";" EXECUTION_STRING="$EXECUTION_STRING TARBALL_LOCATION_REMOTE=\"$REMOTE_WORKING_DIR/\$TARBALL_FILENAME\";" EXECUTION_STRING="$EXECUTION_STRING CHECKSUM_DESTINATION_REMOTE=\"$REMOTE_WORKING_DIR/\$CHECKSUM_FILENAME\";" EXECUTION_STRING="$EXECUTION_STRING SIGNATURE_DESTINATION_REMOTE=\"$REMOTE_WORKING_DIR/\$SIGNATURE_FILENAME\";" CHECKSUM_FILENAME="etc.tar.bz2.md5" SIGNATURE_FILENAME="etc.tar.bz2.md5.sig" EXECUTION_STRING="$EXECUTION_STRING echo -e \"\\E[37;40m#########################################################\"; echo -e \"# \"; echo -e \"# Remote-Administration Security Script \"; echo -e \"# ------------------------------------- \"; echo -e \"#\"; echo -e \"# Remote-Host : $REMOTE_HOST_ADDRESS \"; echo -e \"# Tarball : \$TARBALL_LOCATION_REMOTE\"; echo -e \"# MD5-Checksum-Destination : \$CHECKSUM_DESTINATION_REMOTE\"; echo -e \"# Signature-Destination : \$SIGNATURE_DESTINATION_REMOTE\"; echo -e \"#\"; echo -e \"#########################################################\";" ################### unmounting eventual mount-point on DL_CONFIG_SOURCE ############### unmount_remote_device ################### create working directory then mount the device to that directory ############### EXECUTION_STRING="$EXECUTION_STRING echo -en \"\\E[37;40mCreate $REMOTE_WORKING_DIR on $REMOTE_HOST_ADDRESS...\"; mkdir -p $REMOTE_WORKING_DIR ; if [ \$? = 0 ] ; then echo -en \"\\E[32;40mSuccess.\"; echo -e \"\\E[32;40m\"; else echo -e \"\\E[31;40mFailure: $REMOTE_WORKING_DIR could not be created. Aborting.\"; exit 1; fi;" EXECUTION_STRING="$EXECUTION_STRING echo -en \"\\E[37;40mMount \$DEVICE_REMOTE to $REMOTE_WORKING_DIR on $REMOTE_HOST_ADDRESS...\"; mount -t auto \$DEVICE_REMOTE $REMOTE_WORKING_DIR if [ \$? = 0 ] ; then echo -en \"\\E[32;40mSuccess.\"; echo -e \"\\E[37;40m \"; else echo -e \"\\E[31;40mFailure: \$REMOTE_DEVICE could not be mounted to $REMOTE_WORKING_DIR. Aborting.\"; " cleanup RemoveDirectoryRemote EXECUTION_STRING="$EXECUTION_STRING exit 1; fi;" ################### creating md5-checksum ############### EXECUTION_STRING="$EXECUTION_STRING echo -en \"\\E[37;40mCreate MD5-checksum...\"; pushd $REMOTE_WORKING_DIR md5sum \$TARBALL_FILENAME > \$CHECKSUM_DESTINATION_REMOTE popd if [ -s \$CHECKSUM_DESTINATION_REMOTE ] ; then echo -en \"\\E[32;40mSuccess.\" ; echo -e \"\\E[37;40m\"; else echo -e \"\\E[31;40mFailure: MD5-checksum could not be created. Aborting.\" ; " cleanup UnmountRemote RemoveDirectoryRemote EXECUTION_STRING="$EXECUTION_STRING exit 1; fi;" ################### copy variables ###################### EXECUTION_STRING="$EXECUTION_STRING echo \"CHECKSUM_DESTINATION_REMOTE=\$CHECKSUM_DESTINATION_REMOTE\" > $REMOTE_WORKING_DIR/variables; echo \"CHECKSUM_FILENAME=\$CHECKSUM_FILENAME\" >> $REMOTE_WORKING_DIR/variables; echo \"SIGNATURE_DESTINATION_REMOTE=\$SIGNATURE_DESTINATION_REMOTE\" >> $REMOTE_WORKING_DIR/variables; echo \"SIGNATURE_FILENAME=\$SIGNATURE_FILENAME\" >> $REMOTE_WORKING_DIR/variables; echo \"DEVICE_REMOTE=\$DEVICE_REMOTE\" >> $REMOTE_WORKING_DIR/variables; zip -D $REMOTE_WORKING_DIR/tmp.zip \$CHECKSUM_DESTINATION_REMOTE $REMOTE_WORKING_DIR/variables if [ ! -s $REMOTE_WORKING_DIR/tmp.zip ] ; then echo -e \"\\E[31;40mFailure: Temporary tar-file could not be created. Aborting.\" ; " cleanup UnmountRemote RemoveDirectoryRemote EXECUTION_STRING="$EXECUTION_STRING exit 1; fi; " ssh $USER@$REMOTE_HOST_ADDRESS <<EOF $EXECUTION_STRING EOF ################### copying md5-checksum ###################################### echo -en "Copy MD5-checksum..." scp $USER@$REMOTE_HOST_ADDRESS:$REMOTE_WORKING_DIR/tmp.zip ./ if [ $? ] && [ -s \.\/tmp.zip ] ; then echo -en "\E[32;40mSuccess."; tput sgr0 echo else echo -e "\E[31;40mFailure: Copying the MD5-checksum failed. Aborting."; tput sgr0 cleanup UnmountRemote RemoveMD5Remote RemoveDirectoryRemote exit 1 fi unzip -oj \.\/tmp.zip source \.\/variables ################### creating signature ###################################### echo -en "Create signature..." if [ -s \.\/$SIGNATURE_FILENAME ] ; then rm -f \.\/$SIGNATURE_FILENAME fi gpg --no-secmem-warning -b -s -q --yes \.\/$CHECKSUM_FILENAME if [ $? ] && [ -s \.\/$SIGNATURE_FILENAME ] ; then echo -en "\E[32;40mSuccess."; tput sgr0 echo else echo -e "\E[31;40mFailure: Creating the signature failed. Aborting."; tput sgr0 cleanup UnmountRemote RemoveMD5Remote RemoveDirectoryRemote RemoveMD5Local exit 1 fi ################### copying signature ####################################### echo -en "Copy signature..." scp \.\/$SIGNATURE_FILENAME $USER@$REMOTE_HOST_ADDRESS:$SIGNATURE_DESTINATION_REMOTE if [ $? ]; then echo -en "\E[32;40mSuccess."; tput sgr0 echo else echo -e "\E[31;40mFailure: Copying the signature failed. Aborting."; tput sgr0 cleanup UnmountRemote RemoveMD5Remote RemoveDirectoryRemote RemoveMD5Local RemoveSignatureLocal exit 1 fi EXECUTION_STRING="" cleanup RemoveTempRemote EXECUTION_STRING="$EXECUTION_STRING umount $DEVICE_REMOTE; if [ ! \$? -lt 2 ] ; then echo -e \"\\E[33;40mWarning: $DEVICE_REMOTE could not be unmounted.\"; fi ;" ssh $USER@$REMOTE_HOST_ADDRESS <<EOF $EXECUTION_STRING EOF exit 0 |
