syscheck-users Mailing List for syscheck
Host and service monitoring
Brought to you by:
herrvendil,
kinneh
Menu
▾
▴
syscheck-users — Syscheck Users List
You can subscribe to this list here.
| 2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(5) |
Oct
(7) |
Nov
(2) |
Dec
(7) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2010 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(18) |
Jul
(1) |
Aug
|
Sep
|
Oct
(21) |
Nov
(9) |
Dec
(3) |
| 2011 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(6) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2012 |
Jan
|
Feb
|
Mar
(1) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <ki...@us...> - 2012-03-21 13:27:08
|
Revision: 7946
http://syscheck.svn.sourceforge.net/syscheck/?rev=7946&view=rev
Author: kinneh
Date: 2012-03-21 13:26:57 +0000 (Wed, 21 Mar 2012)
Log Message:
-----------
close #56
Added Paths:
-----------
trunk/syscheck/SYSCHECK_HAS_MOVED.txt
Added: trunk/syscheck/SYSCHECK_HAS_MOVED.txt
===================================================================
--- trunk/syscheck/SYSCHECK_HAS_MOVED.txt (rev 0)
+++ trunk/syscheck/SYSCHECK_HAS_MOVED.txt 2012-03-21 13:26:57 UTC (rev 7946)
@@ -0,0 +1 @@
+move trac and svn to certificateservices.org
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2011-08-10 14:43:24
|
Revision: 7945
http://syscheck.svn.sourceforge.net/syscheck/?rev=7945&view=rev
Author: kinneh
Date: 2011-08-10 14:43:17 +0000 (Wed, 10 Aug 2011)
Log Message:
-----------
closes #55 add a syscheck script to verify db is in sync
Modified Paths:
--------------
trunk/syscheck/database-replication/808-test-table-update-and-check-master-and-slave.sh
Added Paths:
-----------
trunk/syscheck/config/301.conf
trunk/syscheck/lang/301.english
trunk/syscheck/scripts-available/sc_301_check_db_sync.sh
Added: trunk/syscheck/config/301.conf
===================================================================
--- trunk/syscheck/config/301.conf (rev 0)
+++ trunk/syscheck/config/301.conf 2011-08-10 14:43:17 UTC (rev 7945)
@@ -0,0 +1,2 @@
+#config for sc_30_check_sync.sh
+#no config
Modified: trunk/syscheck/database-replication/808-test-table-update-and-check-master-and-slave.sh
===================================================================
--- trunk/syscheck/database-replication/808-test-table-update-and-check-master-and-slave.sh 2011-08-09 11:50:25 UTC (rev 7944)
+++ trunk/syscheck/database-replication/808-test-table-update-and-check-master-and-slave.sh 2011-08-10 14:43:17 UTC (rev 7945)
@@ -4,6 +4,7 @@
#the table is created in the EJBCA database and contains a int columnt test
#with the value on 1.
#
+# mzbradm 110726 Update with two Variabels that is used in the script SYSCHECK_HOME/script-avalible/sc_30_check_sync.sh
# Set SYSCHECK_HOME if not already set.
@@ -31,9 +32,27 @@
echo "cleaning and inserting new val: $newval into HOSTNAME_NODE1:$HOSTNAME_NODE1"
echo "delete from test" | $MYSQL_BIN $DB_NAME -u ${DB_USER} --password=${DB_PASSWORD} -h $HOSTNAME_NODE1
echo "insert into test set value=$newval" | $MYSQL_BIN $DB_NAME -u ${DB_USER} --password=${DB_PASSWORD} -h $HOSTNAME_NODE1
+sleep 1
-sleep 1
+# Create sqlscript
+echo "SELECT value from test;">/tmp/select.sql
+echo "SELECT max(updateTime) from CertificateData;">/tmp/select1.sql
+# Check the value in table test
+VALUE_NODE1=`$MYSQL_BIN $DB_NAME -h $HOSTNAME_NODE1 -u ${DB_USER} --password=${DB_PASSWORD} </tmp/select.sql`
+export VALUE_NODE1
echo "values from $HOSTNAME_NODE1"
-echo "SELECT value from test;" | $MYSQL_BIN $DB_NAME -h $HOSTNAME_NODE1 -u ${DB_USER} --password=${DB_PASSWORD}
+echo $VALUE_NODE1
+VALUE_NODE2=`$MYSQL_BIN $DB_NAME -h $HOSTNAME_NODE2 -u ${DB_USER} --password=${DB_PASSWORD} </tmp/select.sql`
echo "values from $HOSTNAME_NODE2"
-echo "SELECT value from test;" | $MYSQL_BIN $DB_NAME -h $HOSTNAME_NODE2 -u ${DB_USER} --password=${DB_PASSWORD}
+echo $VALUE_NODE2
+export VALUE_NODE1 VALUE_NODE2
+
+# Get time when table CertificateData was last updated
+LASTUPD_NODE1=`$MYSQL_BIN $DB_NAME -h $HOSTNAME_NODE1 -u ${DB_USER} --password=${DB_PASSWORD} </tmp/select1.sql`
+LASTUPD_NODE1=`echo $LASTUPD_NODE1 |awk '{print $2/1000}'`
+LASTUPD_NODE1=`perl -e "print scalar(localtime($LASTUPD_NODE1))"|awk '{print $3,$2,$4,$5}'`
+LASTUPD_NODE2=`$MYSQL_BIN $DB_NAME -h $HOSTNAME_NODE2 -u ${DB_USER} --password=${DB_PASSWORD} </tmp/select1.sql`
+LASTUPD_NODE2=`echo $LASTUPD_NODE2 |awk '{print $2/1000}'`
+LASTUPD_NODE2=`perl -e "print scalar(localtime($LASTUPD_NODE2))"|awk '{print $3,$2,$4,$5}'`
+echo "Lastupdate in CertificateData on $HOSTNAME_NODE1 $LASTUPD_NODE1"
+echo "Lastupdate in CertificateData on $HOSTNAME_NODE2 $LASTUPD_NODE2"
Added: trunk/syscheck/lang/301.english
===================================================================
--- trunk/syscheck/lang/301.english (rev 0)
+++ trunk/syscheck/lang/301.english 2011-08-10 14:43:17 UTC (rev 7945)
@@ -0,0 +1,7 @@
+SYNC_HELP="Check if DB in sync"
+
+SYNC_DESCR_1="DB in sync"
+SYNC_HELP_1="and updating databases"
+
+SYNC_DESCR_2="DB not in sync, date of CertificateData diff betwin nodes:"
+SYNC_HELP_2="check error.log, probebly needing manual sync, se manual"
Added: trunk/syscheck/scripts-available/sc_301_check_db_sync.sh
===================================================================
--- trunk/syscheck/scripts-available/sc_301_check_db_sync.sh (rev 0)
+++ trunk/syscheck/scripts-available/sc_301_check_db_sync.sh 2011-08-10 14:43:17 UTC (rev 7945)
@@ -0,0 +1,66 @@
+#!/bin/bash
+# Script that checks if the sync of Db works
+# Use SYSCHECK_HOME/database-replication/808-test-table-update-and-check-master-and-slave.sh as source of information
+# Set SYSCHECK_HOME if not already set.
+
+# 1. First check if SYSCHECK_HOME is set then use that
+if [ "x${SYSCHECK_HOME}" = "x" ] ; then
+# 2. Check if /etc/syscheck.conf exists then source that (put SYSCHECK_HOME=/path/to/syscheck in ther)
+ if [ -e /etc/syscheck.conf ] ; then
+ source /etc/syscheck.conf
+ else
+# 3. last resort use default path
+ SYSCHECK_HOME="/usr/local/syscheck"
+ fi
+fi
+
+if [ ! -f ${SYSCHECK_HOME}/syscheck.sh ] ; then echo "$0: Can't find syscheck.sh in SYSCHECK_HOME ($SYSCHECK_HOME)" ;exit ; fi
+
+
+
+
+
+## Import common definitions ##
+. $SYSCHECK_HOME/config/syscheck-scripts.conf
+
+# uniq ID of script (please use in the name of this file also for convinice for finding next availavle number)
+SCRIPTID=301
+
+SYNC_ERRNO_1=${SCRIPTID}01
+SYNC_ERRNO_2=${SCRIPTID}02
+
+getlangfiles $SCRIPTID
+getconfig $SCRIPTID
+
+# help
+if [ "x$1" = "x--help" ] ; then
+ echo "$0 $SYNC_HELP"
+ echo "$SYNC_ERRNO_1/$SYNC_DESCR_1 - $SYNC_HELP_1"
+ echo "$SYNC_ERRNO_2/$SYNC_DESCR_2 - $SYNC_HELP_2"
+ exit
+elif [ "x$1" = "x-s" -o "x$1" = "x--screen" ] ; then
+ PRINTTOSCREEN=1
+fi
+if [ ! -f $SYSCHECK_HOME/database-replication/808-test-table-update-and-check-master-and-slave.sh ]
+then
+echo " missing script, $SYSCHECK_HOME/database-replication/808-test-table-update-and-check-master-and-slave.sh"
+exit
+fi
+. $SYSCHECK_HOME/database-replication/808-test-table-update-and-check-master-and-slave.sh >/dev/null
+###echo $VALUE_NODE1 $VALUE_NODE2
+NODE1=`echo $VALUE_NODE1|awk '{print $2}'`
+NODE2=`echo $VALUE_NODE2|awk '{print $2}'`
+if [ $NODE1 != $NODE2 ]
+then
+ sync=FAIL
+
+SYNCDATE=`perl -e "print scalar(localtime($NODE2))"|awk '{print $3,$2,$4,$5}'`
+fi
+
+# Sends an error to syslog if x"$sync" is FAIL.
+if [ "x$sync" = "xFAIL" ] ; then
+ printlogmess "$ERROR" "$SYNC_ERRNO_2" "$SYNC_DESCR_2 $LASTUPD_NODE1 /$LASTUPD_NODE2"
+else
+ printlogmess "$INFO" "$SYNC_ERRNO_1" "$SYNC_DESCR_1"
+fi
+
Property changes on: trunk/syscheck/scripts-available/sc_301_check_db_sync.sh
___________________________________________________________________
Added: svn:executable
+ *
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2011-08-09 11:50:31
|
Revision: 7944
http://syscheck.svn.sourceforge.net/syscheck/?rev=7944&view=rev
Author: kinneh
Date: 2011-08-09 11:50:25 +0000 (Tue, 09 Aug 2011)
Log Message:
-----------
closes #54 add script to create crl:s
Added Paths:
-----------
trunk/syscheck/config/927.conf
trunk/syscheck/lang/927.english
trunk/syscheck/related-available/927_create_crls.sh
Added: trunk/syscheck/config/927.conf
===================================================================
--- trunk/syscheck/config/927.conf (rev 0)
+++ trunk/syscheck/config/927.conf 2011-08-09 11:50:25 UTC (rev 7944)
@@ -0,0 +1,2 @@
+# config for 927_create_crls.sh
+# no config
Added: trunk/syscheck/lang/927.english
===================================================================
--- trunk/syscheck/lang/927.english (rev 0)
+++ trunk/syscheck/lang/927.english 2011-08-09 11:50:25 UTC (rev 7944)
@@ -0,0 +1,8 @@
+HELP="Script to create the CRL:s from the CA:s options if needed"
+
+DESCR_1="Create CRL run successfully (%s)"
+HELP_1="No action needed"
+
+DESCR_2="Create CRL failed (%s)"
+HELP_2="Try manually to run this command or direct do 'cd $EJBCA_HOME ; ./bin/ejbca.sh ca createcrl'"
+
Added: trunk/syscheck/related-available/927_create_crls.sh
===================================================================
--- trunk/syscheck/related-available/927_create_crls.sh (rev 0)
+++ trunk/syscheck/related-available/927_create_crls.sh 2011-08-09 11:50:25 UTC (rev 7944)
@@ -0,0 +1,59 @@
+#!/bin/bash
+
+# The script fetches a crl from the ca and copies to a local dir or scp the crl to a webserver.
+
+# Set SYSCHECK_HOME if not already set.
+
+# 1. First check if SYSCHECK_HOME is set then use that
+if [ "x${SYSCHECK_HOME}" = "x" ] ; then
+# 2. Check if /etc/syscheck.conf exists then source that (put SYSCHECK_HOME=/path/to/syscheck in ther)
+ if [ -e /etc/syscheck.conf ] ; then
+ source /etc/syscheck.conf
+ else
+# 3. last resort use default path
+ SYSCHECK_HOME="/usr/local/syscheck"
+ fi
+fi
+
+if [ ! -f ${SYSCHECK_HOME}/syscheck.sh ] ; then echo "$0: Can't find syscheck.sh in SYSCHECK_HOME ($SYSCHECK_HOME)" ;exit ; fi
+
+# source env vars from system that dont get included when running from cron
+
+
+
+# Import common resources
+. $SYSCHECK_HOME/config/related-scripts.conf
+
+
+## local definitions ##
+SCRIPTID=927
+getlangfiles $SCRIPTID
+getconfig $SCRIPTID
+
+ERRNO_1=${SCRIPTID}1
+ERRNO_2=${SCRIPTID}2
+ERRNO_3=${SCRIPTID}3
+
+
+if [ "x$1" = "x--help" -o "x$1" = "x-h" ] ; then
+ echo $HELP
+ echo "$ERRNO_1/$DESCR_1 - $HELP_1"
+ echo "$ERRNO_2/$DESCR_2 - $HELP_2"
+ echo "$0 <-s|--screen>"
+ exit
+elif [ "x$1" = "x-s" -o "x$1" = "x--screen" ] ; then
+ PRINTTOSCREEN=1
+fi
+
+
+
+printtoscreen "${EJBCA_HOME}/bin/ejbca.sh ca createcrl"
+CMD=$(${EJBCA_HOME}/bin/ejbca.sh ca createcrl 2>&1)
+RES=$(echo "$CMD" | grep "CRLs have been created.")
+if [ "x$RES" = "x" ] ; then
+ printlogmess $ERROR $ERRNO_2 "$DESCR_2" "$CMD"
+else
+ printlogmess $INFO $ERRNO_1 "$DESCR_1" "$CMD"
+fi
+printtoscreen $CMD
+
Property changes on: trunk/syscheck/related-available/927_create_crls.sh
___________________________________________________________________
Added: svn:executable
+ *
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2011-08-09 11:36:15
|
Revision: 7943
http://syscheck.svn.sourceforge.net/syscheck/?rev=7943&view=rev
Author: kinneh
Date: 2011-08-09 11:36:09 +0000 (Tue, 09 Aug 2011)
Log Message:
-----------
closes #53 fix date timezone issue in cmp_dates.pl support function
Modified Paths:
--------------
trunk/syscheck/lib/cmp_dates.pl
Modified: trunk/syscheck/lib/cmp_dates.pl
===================================================================
--- trunk/syscheck/lib/cmp_dates.pl 2011-08-09 11:34:07 UTC (rev 7942)
+++ trunk/syscheck/lib/cmp_dates.pl 2011-08-09 11:36:09 UTC (rev 7943)
@@ -32,7 +32,7 @@
my ($nsec,$nmin,$nhour,$nmday,$nmon,$nyear,$nwday,$nyday,$isdst) = localtime(time);
$nyear+=1900;
$nmon++;
-$date2 = Date_SecsSince1970($nmon,$nmday,$nyear,$nhour,$nmin,$nsec);
+$date2 = Date_SecsSince1970GMT($nmon,$nmday,$nyear,$nhour,$nmin,$nsec);
# diff
my $diff=0;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2011-08-09 11:34:13
|
Revision: 7942
http://syscheck.svn.sourceforge.net/syscheck/?rev=7942&view=rev
Author: kinneh
Date: 2011-08-09 11:34:07 +0000 (Tue, 09 Aug 2011)
Log Message:
-----------
closes #51 911 needs to update router about MAC to IP change
Modified Paths:
--------------
trunk/syscheck/lang/911.english
Modified: trunk/syscheck/lang/911.english
===================================================================
--- trunk/syscheck/lang/911.english 2011-08-09 11:32:25 UTC (rev 7941)
+++ trunk/syscheck/lang/911.english 2011-08-09 11:34:07 UTC (rev 7942)
@@ -3,7 +3,11 @@
ACTVIP_DESCR_2="Activate VIP failed (%s) "
ACTVIP_DESCR_3="Activate VIP failed since the VIP was already active"
ACTVIP_DESCR_4="Activate VIP failed since the VIP was already active on another node"
+ACTVIP_DESCR_5="Router/firewall did answer gratuitous ARP request."
+ACTVIP_DESCR_6="Router/firewall did NOT answer gratuitous ARP request."
ACTVIP_HELP_1="All is ok"
ACTVIP_HELP_2="Could be problems accessing the application server, or token is not available %s"
ACTVIP_HELP_3="All is ok, if the VIP was supposed to be on this host already"
ACTVIP_HELP_4="Check the other node to see if that node has the VIP, else start invesigating who has you IP ..."
+ACTVIP_HELP_4="no action needed"
+ACTVIP_HELP_5="Check with Router/firewall admin if they support gratuitous ARP request."
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2011-08-09 11:32:31
|
Revision: 7941
http://syscheck.svn.sourceforge.net/syscheck/?rev=7941&view=rev
Author: kinneh
Date: 2011-08-09 11:32:25 +0000 (Tue, 09 Aug 2011)
Log Message:
-----------
closes #51 911 needs to update router about MAC to IP change
Modified Paths:
--------------
trunk/syscheck/related-available/911_activate_VIP.sh
Modified: trunk/syscheck/related-available/911_activate_VIP.sh
===================================================================
--- trunk/syscheck/related-available/911_activate_VIP.sh 2011-08-09 11:26:57 UTC (rev 7940)
+++ trunk/syscheck/related-available/911_activate_VIP.sh 2011-08-09 11:32:25 UTC (rev 7941)
@@ -71,6 +71,13 @@
if [ $? -eq 0 ] ; then
date > ${SYSCHECK_HOME}/var/this_node_has_the_vip
printlogmess $INFO $ERRNO_1 "$ACTVIP_DESCR_1" "$?"
+
+ arping -f -q -U ${IP_GATEWAY} -I ${IF_VIRTUAL} -s ${HOSTNAME_VIRTUAL}
+ if [ $? = 0 ] ; then
+ printlogmess $INFO $ERRNO_5 "$ACTVIP_DESCR_5" "$?"
+ else
+ printlogmess $WARN $ERRNO_6 "$ACTVIP_DESCR_6" "$?"
+ fi
else
printlogmess $ERROR $ERRNO_3 "$ACTVIP_DESCR_3" "$?"
fi
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2011-08-09 11:27:03
|
Revision: 7940
http://syscheck.svn.sourceforge.net/syscheck/?rev=7940&view=rev
Author: kinneh
Date: 2011-08-09 11:26:57 +0000 (Tue, 09 Aug 2011)
Log Message:
-----------
Closes #52 - add missing ssh key on one command in archive file 917
Modified Paths:
--------------
trunk/syscheck/related-available/917_archive_file.sh
Modified: trunk/syscheck/related-available/917_archive_file.sh
===================================================================
--- trunk/syscheck/related-available/917_archive_file.sh 2010-12-23 10:39:38 UTC (rev 7939)
+++ trunk/syscheck/related-available/917_archive_file.sh 2011-08-09 11:26:57 UTC (rev 7940)
@@ -159,8 +159,8 @@
remoteFileName=`basename $baseFile`
# transfer the file
- printtoscreen "$SYSCHECK_HOME/related-available/906_ssh-copy-to-remote-machine.sh "${InTransitDir}/${IntransitFileName}" $ArchiveServer ${ArchiveDir}/${remoteFileName} $SSHTOUSER"
- $SYSCHECK_HOME/related-available/906_ssh-copy-to-remote-machine.sh "${InTransitDir}/${IntransitFileName}" $ArchiveServer ${ArchiveDir}/${remoteFileName} $SSHTOUSER
+ printtoscreen "$SYSCHECK_HOME/related-available/906_ssh-copy-to-remote-machine.sh "${InTransitDir}/${IntransitFileName}" $ArchiveServer ${ArchiveDir}/${remoteFileName} $SSHTOUSER ${SSHFROMKEY}"
+ $SYSCHECK_HOME/related-available/906_ssh-copy-to-remote-machine.sh "${InTransitDir}/${IntransitFileName}" $ArchiveServer ${ArchiveDir}/${remoteFileName} $SSHTOUSER ${SSHFROMKEY}
if [ $? != 0 ] ; then
printlogmess $ERROR $ERRNO_5 "$ARCHIVE_DESCR_5" "${InTransitDir}/${IntransitFileName} $ArchiveServer ${ArchiveDir}/${remoteFileName}"
exit -1
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-12-23 10:39:44
|
Revision: 7939
http://syscheck.svn.sourceforge.net/syscheck/?rev=7939&view=rev
Author: kinneh
Date: 2010-12-23 10:39:38 +0000 (Thu, 23 Dec 2010)
Log Message:
-----------
syscheck 1.5.19
Added Paths:
-----------
tags/syscheck-1.5.19/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-12-23 10:32:52
|
Revision: 7938
http://syscheck.svn.sourceforge.net/syscheck/?rev=7938&view=rev
Author: kinneh
Date: 2010-12-23 10:32:46 +0000 (Thu, 23 Dec 2010)
Log Message:
-----------
Closes #35 - 905 publish crl doesnt print REMOTEHOST in logmessage
Modified Paths:
--------------
trunk/syscheck/related-available/905_publish_crl.sh
Modified: trunk/syscheck/related-available/905_publish_crl.sh
===================================================================
--- trunk/syscheck/related-available/905_publish_crl.sh 2010-12-23 10:26:37 UTC (rev 7937)
+++ trunk/syscheck/related-available/905_publish_crl.sh 2010-12-23 10:32:46 UTC (rev 7938)
@@ -80,9 +80,9 @@
$SYSCHECK_HOME/related-enabled/906_ssh-copy-to-remote-machine.sh -s $CRLFILE $REMOTEHOST $REMOTEDIR $SSHUSER $SSHKEY
if [ $? = 0 ] ; then
- printlogmess $INFO $ERRNO_8 "$PUBL_DESCR_8" $CRLNAME $CRLHOST
+ printlogmess $INFO $ERRNO_8 "$PUBL_DESCR_8" $CRLNAME $REMOTEHOST
else
- printlogmess $ERROR $ERRNO_2 "$PUBL_DESCR_2" $CRLNAME $CRLHOST
+ printlogmess $ERROR $ERRNO_2 "$PUBL_DESCR_2" $CRLNAME $REMOTEHOST
fi
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-12-23 10:26:44
|
Revision: 7937
http://syscheck.svn.sourceforge.net/syscheck/?rev=7937&view=rev
Author: kinneh
Date: 2010-12-23 10:26:37 +0000 (Thu, 23 Dec 2010)
Log Message:
-----------
09 change to ip:s instead of dns names
906 use /bin/ech to expand multiple rows (\n)
811 add ; in instructions
Modified Paths:
--------------
trunk/syscheck/config/09.conf
trunk/syscheck/database-replication/811-master-node-flush-tables-with-read-lock.sh
trunk/syscheck/related-available/906_ssh-copy-to-remote-machine.sh
trunk/syscheck/scripts-available/sc_09_firewall.sh
Modified: trunk/syscheck/config/09.conf
===================================================================
--- trunk/syscheck/config/09.conf 2010-11-29 22:06:29 UTC (rev 7936)
+++ trunk/syscheck/config/09.conf 2010-12-23 10:26:37 UTC (rev 7937)
@@ -5,6 +5,6 @@
#IPTABLES_BIN=/sbin/iptables # debian
#Rules to check that it exists.
-IPTABLES_RULE1="DROP all -- anywhere anywhere"
+IPTABLES_RULE1="DROP all -- 0.0.0.0"
IPTABLES_RULE2="Chain INPUT (policy ACCEPT)"
Modified: trunk/syscheck/database-replication/811-master-node-flush-tables-with-read-lock.sh
===================================================================
--- trunk/syscheck/database-replication/811-master-node-flush-tables-with-read-lock.sh 2010-11-29 22:06:29 UTC (rev 7936)
+++ trunk/syscheck/database-replication/811-master-node-flush-tables-with-read-lock.sh 2010-12-23 10:26:37 UTC (rev 7937)
@@ -57,7 +57,7 @@
echo "FLUSH TABLES WITH READ LOCK;"
echo "keep the console open until the last step is done"
echo "then enter:"
-echo "UNLOCK TABLES"
+echo "UNLOCK TABLES;"
$MYSQL_BIN mysql -u root --password="$MYSQLROOT_PASSWORD"
if [ $? -eq 0 ] ; then
Modified: trunk/syscheck/related-available/906_ssh-copy-to-remote-machine.sh
===================================================================
--- trunk/syscheck/related-available/906_ssh-copy-to-remote-machine.sh 2010-11-29 22:06:29 UTC (rev 7936)
+++ trunk/syscheck/related-available/906_ssh-copy-to-remote-machine.sh 2010-12-23 10:26:37 UTC (rev 7937)
@@ -37,7 +37,7 @@
PRINTTOSCREEN=
if [ "x$1" = "x-h" -o "x$1" = "x--help" ] ; then
- echo "$SSH_HELP"
+ /bin/echo -e "$SSH_HELP"
echo "$ERRNO_1/$SSH_DESCR_1 - $SSH_HELP_1"
echo "$ERRNO_2/$SSH_DESCR_2 - $SSH_HELP_2"
echo "$ERRNO_3/$SSH_DESCR_3 - $SSH_HELP_3"
Modified: trunk/syscheck/scripts-available/sc_09_firewall.sh
===================================================================
--- trunk/syscheck/scripts-available/sc_09_firewall.sh 2010-11-29 22:06:29 UTC (rev 7936)
+++ trunk/syscheck/scripts-available/sc_09_firewall.sh 2010-12-23 10:26:37 UTC (rev 7937)
@@ -47,7 +47,7 @@
IPTABLES_TMP_FILE="/tmp/iptables.out"
-$IPTABLES_BIN -L > $IPTABLES_TMP_FILE
+$IPTABLES_BIN -L -n> $IPTABLES_TMP_FILE
FIREWALLFAILED="0"
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-11-29 23:23:31
|
Revision: 7936
http://syscheck.svn.sourceforge.net/syscheck/?rev=7936&view=rev
Author: kinneh
Date: 2010-11-29 22:06:29 +0000 (Mon, 29 Nov 2010)
Log Message:
-----------
Syscheck 1.5.18
Added Paths:
-----------
tags/syscheck-1.5.18/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-11-28 22:08:51
|
Revision: 7935
http://syscheck.svn.sourceforge.net/syscheck/?rev=7935&view=rev
Author: kinneh
Date: 2010-11-28 22:08:45 +0000 (Sun, 28 Nov 2010)
Log Message:
-----------
Closes #46 - change 905_publish_crl.sh to be able to warn and error depending on how long time is left
Modified Paths:
--------------
trunk/syscheck/config/905.conf
trunk/syscheck/lang/905.english
trunk/syscheck/lib/cmp_dates.pl
trunk/syscheck/related-available/905_publish_crl.sh
Modified: trunk/syscheck/config/905.conf
===================================================================
--- trunk/syscheck/config/905.conf 2010-11-28 19:05:59 UTC (rev 7934)
+++ trunk/syscheck/config/905.conf 2010-11-28 22:08:45 UTC (rev 7935)
@@ -1,6 +1,5 @@
# config for 905_publish_crl.sh
-HOURTHRESHOLD=1
CRLCANAME[0]=MSDomainLogonCA
REMOTE_HOST[0]=localhost
@@ -8,13 +7,18 @@
CRL_NAME[0]=MSDomainLogonCA.crl
SSHUSER[0]=
SSHKEY[0]=
+CRLWARNTIME[0]=4h
+CRLERRORTIME[0]=60m
+
CRLCANAME[1]=eSignCA
REMOTE_HOST[1]=localhost
CRLTO_DIR[1]='/srv/www/htdocs/crl/'
CRL_NAME[1]=eSignCA.crl
SSHUSER[1]=
SSHKEY[1]=
+CRLWARNTIME[1]=4h
+CRLERRORTIME[1]=60m
CRLCANAME[2]=ServerCA
CRLTO_DIR[2]='/srv/www/htdocs/crl/'
@@ -22,6 +26,8 @@
CRL_NAME[2]=ServerCA.crl
SSHUSER[2]=
SSHKEY[2]=
+CRLWARNTIME[2]=4h
+CRLERRORTIME[2]=60m
CRLCANAME[3]=eIDCA
CRLTO_DIR[3]='/srv/www/htdocs/crl/'
@@ -29,6 +35,8 @@
CRL_NAME[3]=eIDCA.crl
SSHUSER[3]=
SSHKEY[3]=
+CRLWARNTIME[3]=4h
+CRLERRORTIME[3]=60m
CRLCANAME[4]=MachineCertCA
CRLTO_DIR[4]='/srv/www/htdocs/crl/'
@@ -36,6 +44,8 @@
CRL_NAME[4]=MachineCertCA.crl
SSHUSER[4]=
SSHKEY[4]=
+CRLWARNTIME[4]=4h
+CRLERRORTIME[4]=60m
CRLCANAME[5]=SoftTokenCA
CRLTO_DIR[5]='/srv/www/htdocs/crl/'
@@ -43,5 +53,7 @@
CRL_NAME[5]=SoftTokenCA.crl
SSHUSER[5]=
SSHKEY[5]=
+CRLWARNTIME[5]=4h
+CRLERRORTIME[5]="60m"
### end config ###
Modified: trunk/syscheck/lang/905.english
===================================================================
--- trunk/syscheck/lang/905.english 2010-11-28 19:05:59 UTC (rev 7934)
+++ trunk/syscheck/lang/905.english 2010-11-28 22:08:45 UTC (rev 7935)
@@ -1,6 +1,6 @@
PUBL_HELP="Script to publish the CRL:s from the CA, supports local and remote publishing by SSH"
-PUBL_DESCR_1="Publish CRL run successfully (%s)"
+PUBL_DESCR_1="Publish CRL run successfully (%s) %s"
PUBL_HELP_1="No action needed"
PUBL_DESCR_2="Publish to remote host failed crl:(%s) host:(%s)"
@@ -18,8 +18,15 @@
PUBL_DESCR_6="File size of CRL is 0 (%s)"
PUBL_HELP_6="Probably some problem getting the file/or filerights"
-PUBL_DESCR_7="CRL is outdated %s (%s)"
+PUBL_DESCR_7="CRL has past error time %s (%s)"
PUBL_HELP_7="This script cant get a new CRL, check the CA-logs"
PUBL_DESCR_8="CRL:%s is published to host:%s"
PUBL_HELP_8="no action needed"
+
+PUBL_DESCR_9="CRL has past warn time %s (%s)"
+PUBL_HELP_9="This script cant get a new CRL, check the CA-logs"
+
+PUBL_DESCR_10="Retrived and checked CRL (%s) %s"
+PUBL_HELP_10="No action needed"
+
Modified: trunk/syscheck/lib/cmp_dates.pl
===================================================================
--- trunk/syscheck/lib/cmp_dates.pl 2010-11-28 19:05:59 UTC (rev 7934)
+++ trunk/syscheck/lib/cmp_dates.pl 2010-11-28 22:08:45 UTC (rev 7935)
@@ -3,7 +3,9 @@
use Date::Manip;
my $indate = $ARGV[0];
+my $returnMinutes = $ARGV[1];
+
$now = localtime;
my %mon2int = ( "Jan" => "1",
@@ -33,6 +35,12 @@
$date2 = Date_SecsSince1970($nmon,$nmday,$nyear,$nhour,$nmin,$nsec);
# diff
-my $diff=int(($date1 - $date2)/3600);
+my $diff=0;
+if ( $returnMinutes eq "--return-in-minutes"){
+ $diff=int(($date1 - $date2)/60);
+}else{
+ $diff=int(($date1 - $date2)/3600);
+}
+
print "$diff\n";
Modified: trunk/syscheck/related-available/905_publish_crl.sh
===================================================================
--- trunk/syscheck/related-available/905_publish_crl.sh 2010-11-28 19:05:59 UTC (rev 7934)
+++ trunk/syscheck/related-available/905_publish_crl.sh 2010-11-28 22:08:45 UTC (rev 7935)
@@ -38,6 +38,8 @@
ERRNO_6=${SCRIPTID}6
ERRNO_7=${SCRIPTID}7
ERRNO_8=${SCRIPTID}8
+ERRNO_9=${SCRIPTID}8
+ERRNO_10=${SCRIPTID}8
@@ -57,10 +59,11 @@
CRLFILE=$2
cd ${EJBCA_HOME}
printtoscreen "${EJBCA_HOME}/bin/ejbca.sh ca getcrl $CRLNAME $CRLFILE"
- ${EJBCA_HOME}/bin/ejbca.sh ca getcrl $CRLNAME "$CRLFILE"
+ CMD=$(${EJBCA_HOME}/bin/ejbca.sh ca getcrl $CRLNAME "$CRLFILE")
if [ $? != 0 -o ! -r $CRLFILE ] ; then
printlogmess $ERROR $ERRNO_6 "$PUBL_DESCR_6" "$CRLNAME/$CRLFILE"
fi
+ printtoscreen $CMD
}
@@ -88,8 +91,48 @@
checkcrl () {
CRLFILE=$1
+ WTIME=$2
+ ETIME=$2
+ wishour=$(echo $WTIME | grep -i "h")
+ wismin=$(echo $WTIME | grep -i "m")
+ wdigits=$(echo $WTIME| perl -ane 'm/(\d+)/,print "$1"')
+ wunit="hours"
+ wcmdopts=""
+ if [ "x$wismin" != "x" ] ; then
+ wcmdopts="--return-in-minutes"
+ wunit="minutes"
+ elif [ "x$wishour" != "x" ] ; then
+# TIME=$digits
+ wunit="hours"
+ else
+ # todo fail not known time
+ # default to use only number as before
+# TIME=$digits
+ wunit="hours"
+ fi
+ WTIME=$wdigits
+ eishour=$(echo $ETIME | grep -i "h")
+ eismin=$(echo $ETIME | grep -i "m")
+ edigits=$(echo $ETIME| perl -ane 'm/(\d+)/,print "$1"')
+ eunit="hours"
+ ecmdopts=""
+ if [ "x$eismin" != "x" ] ; then
+ ecmdopts="--return-in-minutes"
+ eunit="minutes"
+ elif [ "x$eishour" != "x" ] ; then
+# TIME=$digits
+ eunit="hours"
+ else
+ # todo fail not known time
+ # default to use only number as before
+# TIME=$digits
+ eunit="hours"
+ fi
+ ETIME=$edigits
+
+
# file not found where it should be
if [ ! -f $CRLFILE ] ; then
printlogmess $ERROR $ERRNO_4 "$PUBL_DESCR_4" $CRLFILE
@@ -112,13 +155,20 @@
# now we can check the crl:s best before date is in the future with atleast HOURTHRESHOLD hours (defined in resources)
TEMPDATE=`openssl crl -inform der -in $CRLFILE -nextupdate -noout`
DATE=${TEMPDATE:11}
- HOURSLEFT=`${SYSCHECK_HOME}/lib/cmp_dates.pl "$DATE"`
+ WTIMELEFT=$(${SYSCHECK_HOME}/lib/cmp_dates.pl "$DATE" ${wcmdopts})
+ ETIMELEFT=$(${SYSCHECK_HOME}/lib/cmp_dates.pl "$DATE" ${ecmdopts})
- if [ "$HOURSLEFT" -lt "$HOURTHRESHOLD" ] ; then
- printlogmess $ERROR $ERRNO_7 "$PUBL_DESCR_7" $CRLFILE "hoursleft: ${HOURSLEFT} limit: ${HOURTHRESHOLD}"
+ if [ "$ETIMELEFT" -lt "$ETIME" ] ; then
+ printlogmess $ERROR $ERRNO_7 "$PUBL_DESCR_7" $CRLFILE "timeleft: ${ETIMELEFT}${eunit} limit: ${ETIME}${eunit}"
return 7
+
+ elif [ "$WTIMELEFT" -lt "$WTIME" ] ; then
+ printlogmess $WARN $ERRNO_9 "$PUBL_DESCR_9" $CRLFILE "timeleft: ${WTIMELEFT}${wunit} limit: ${WTIME}${wunit}"
+ return 7
+
else
-# printlogmess $INFO $ERRNO_1 "$PUBL_DESCR_1" $CRLFILE
+ printlogmess $INFO $ERRNO_10 "$PUBL_DESCR_10" $CRLFILE "timeleft: ${WTIMELEFT}${wunit} limit: ${WTIME}${wunit}"
+ printtoscreen "$INFO $ERRNO_10 $PUBL_DESCR_10 $CRLFILE timeleft: ${WTIMELEFT}${wunit} limit: ${WTIME}${wunit}"
return 0
fi
}
@@ -132,7 +182,8 @@
CRLFILE=${tempdir}/${CRL_NAME[$i]}
get ${CRLCANAME[$i]} "${CRLFILE}"
- checkcrl "${CRLFILE}"
+ echo "${CRLFILE} ${CRLWARNTIME[$i]} ${CRLERRORTIME[$i]}"
+ checkcrl "${CRLFILE}" ${CRLWARNTIME[$i]} ${CRLERRORTIME[$i]}
if [ $? -ne 0 ] ; then
# check crl didn't pass the crl so we'll not publish this one and continue with the next
rm -rf $tempdir
@@ -142,7 +193,7 @@
if [ "x${REMOTE_HOST[$i]}" = "xlocalhost" ] ; then
cp -f ${CRLFILE} "${CRLTO_DIR[$i]}/${CRL_NAME[$i]}"
if [ $? -eq 0 ] ;then
- printlogmess $INFO $ERRNO_1 "$PUBL_DESCR_1" ${CRLCANAME[$i]}
+ printlogmess $INFO $ERRNO_1 "$PUBL_DESCR_1" ${CRLCANAME[$i]}
else
printlogmess $ERROR $ERRNO_3 "$PUBL_DESCR_3" ${CRL_NAME[$i]} "${CRLTO_DIR[$i]}/${CRL_NAME[$i]}"
fi
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-11-28 19:06:05
|
Revision: 7934
http://syscheck.svn.sourceforge.net/syscheck/?rev=7934&view=rev
Author: kinneh
Date: 2010-11-28 19:05:59 +0000 (Sun, 28 Nov 2010)
Log Message:
-----------
Closes #48 add custom ssh key to 907_make_mysql_db_backup_and_transfer_to_remote_mashine.sh
Modified Paths:
--------------
trunk/syscheck/config/907.conf
trunk/syscheck/related-available/907_make_mysql_db_backup_and_transfer_to_remote_mashine.sh
Modified: trunk/syscheck/config/907.conf
===================================================================
--- trunk/syscheck/config/907.conf 2010-11-24 16:12:40 UTC (rev 7933)
+++ trunk/syscheck/config/907.conf 2010-11-28 19:05:59 UTC (rev 7934)
@@ -9,13 +9,17 @@
BACKUP_HOST[0]=localhost
BACKUP_DIR[0]=/backup/host1/
BACKUP_USER[0]=backup
+BACKUP_SSHFROMKEY[0]=/home/jboss/.ssh/backup_id_rsa
+
#BACKUP_HOST[1]=logandbak2.labb
#BACKUP_DIR[1]=/backup/logandbak2.labb/
#BACKUP_USER[1]=backup
+#BACKUP_SSHFROMKEY[1]=/home/jboss/.ssh/backup_id_rsa
#BACKUP_HOST[2]=logandbak3.labb
#BACKUP_DIR[2]=/backup/logandbak3.labb/
#BACKUP_USER[2]=backup
+#BACKUP_SSHFROMKEY[2]=/home/jboss/.ssh/backup_id_rsa
# end config #
Modified: trunk/syscheck/related-available/907_make_mysql_db_backup_and_transfer_to_remote_mashine.sh
===================================================================
--- trunk/syscheck/related-available/907_make_mysql_db_backup_and_transfer_to_remote_mashine.sh 2010-11-24 16:12:40 UTC (rev 7933)
+++ trunk/syscheck/related-available/907_make_mysql_db_backup_and_transfer_to_remote_mashine.sh 2010-11-28 19:05:59 UTC (rev 7934)
@@ -82,7 +82,7 @@
fi
for (( i = 0 ; i < "${#BACKUP_HOST[@]}" ; i++ )) ; do
- $SYSCHECK_HOME/related-enabled/906_ssh-copy-to-remote-machine.sh ${FULLFILENAME} ${BACKUP_HOST[$i]} "${BACKUP_DIR[$i]}/${EXTRADIR}/" ${BACKUP_USER[$i]}
+ $SYSCHECK_HOME/related-enabled/906_ssh-copy-to-remote-machine.sh ${FULLFILENAME} ${BACKUP_HOST[$i]} "${BACKUP_DIR[$i]}/${EXTRADIR}/" ${BACKUP_USER[$i]} ${BACKUP_SSHFROMKEY[$i]}
if [ $? -eq 0 ] ; then
printlogmess $INFO $BAK_ERRNO_1 "$BAK_DESCR_1"
else
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-11-24 16:12:47
|
Revision: 7933
http://syscheck.svn.sourceforge.net/syscheck/?rev=7933&view=rev
Author: kinneh
Date: 2010-11-24 16:12:40 +0000 (Wed, 24 Nov 2010)
Log Message:
-----------
Closes #47 - change name in 905 publish crl so it uses a unique name
Modified Paths:
--------------
trunk/syscheck/config/905.conf
trunk/syscheck/related-available/905_publish_crl.sh
Modified: trunk/syscheck/config/905.conf
===================================================================
--- trunk/syscheck/config/905.conf 2010-11-23 13:27:38 UTC (rev 7932)
+++ trunk/syscheck/config/905.conf 2010-11-24 16:12:40 UTC (rev 7933)
@@ -2,42 +2,42 @@
HOURTHRESHOLD=1
-CANAME[0]=MSDomainLogonCA
+CRLCANAME[0]=MSDomainLogonCA
REMOTE_HOST[0]=localhost
CRLTO_DIR[0]='/srv/www/htdocs/crl/'
CRL_NAME[0]=MSDomainLogonCA.crl
SSHUSER[0]=
SSHKEY[0]=
-CANAME[1]=eSignCA
+CRLCANAME[1]=eSignCA
REMOTE_HOST[1]=localhost
CRLTO_DIR[1]='/srv/www/htdocs/crl/'
CRL_NAME[1]=eSignCA.crl
SSHUSER[1]=
SSHKEY[1]=
-CANAME[2]=ServerCA
+CRLCANAME[2]=ServerCA
CRLTO_DIR[2]='/srv/www/htdocs/crl/'
REMOTE_HOST[2]=localhost
CRL_NAME[2]=ServerCA.crl
SSHUSER[2]=
SSHKEY[2]=
-CANAME[3]=eIDCA
+CRLCANAME[3]=eIDCA
CRLTO_DIR[3]='/srv/www/htdocs/crl/'
REMOTE_HOST[3]=localhost
CRL_NAME[3]=eIDCA.crl
SSHUSER[3]=
SSHKEY[3]=
-CANAME[4]=MachineCertCA
+CRLCANAME[4]=MachineCertCA
CRLTO_DIR[4]='/srv/www/htdocs/crl/'
REMOTE_HOST[4]=localhost
CRL_NAME[4]=MachineCertCA.crl
SSHUSER[4]=
SSHKEY[4]=
-CANAME[5]=SoftTokenCA
+CRLCANAME[5]=SoftTokenCA
CRLTO_DIR[5]='/srv/www/htdocs/crl/'
REMOTE_HOST[5]=localhost
CRL_NAME[5]=SoftTokenCA.crl
Modified: trunk/syscheck/related-available/905_publish_crl.sh
===================================================================
--- trunk/syscheck/related-available/905_publish_crl.sh 2010-11-23 13:27:38 UTC (rev 7932)
+++ trunk/syscheck/related-available/905_publish_crl.sh 2010-11-24 16:12:40 UTC (rev 7933)
@@ -124,14 +124,14 @@
}
-for (( i=0; i < ${#CANAME[@]} ; i++ )){
+for (( i=0; i < ${#CRLCANAME[@]} ; i++ )){
tempdir=$(mktemp -d)
trap 'rm -rf "$tempdir"' EXIT
CRLFILE=${tempdir}/${CRL_NAME[$i]}
- get ${CANAME[$i]} "${CRLFILE}"
+ get ${CRLCANAME[$i]} "${CRLFILE}"
checkcrl "${CRLFILE}"
if [ $? -ne 0 ] ; then
# check crl didn't pass the crl so we'll not publish this one and continue with the next
@@ -142,7 +142,7 @@
if [ "x${REMOTE_HOST[$i]}" = "xlocalhost" ] ; then
cp -f ${CRLFILE} "${CRLTO_DIR[$i]}/${CRL_NAME[$i]}"
if [ $? -eq 0 ] ;then
- printlogmess $INFO $ERRNO_1 "$PUBL_DESCR_1" ${CANAME[$i]}
+ printlogmess $INFO $ERRNO_1 "$PUBL_DESCR_1" ${CRLCANAME[$i]}
else
printlogmess $ERROR $ERRNO_3 "$PUBL_DESCR_3" ${CRL_NAME[$i]} "${CRLTO_DIR[$i]}/${CRL_NAME[$i]}"
fi
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-11-23 13:27:44
|
Revision: 7932
http://syscheck.svn.sourceforge.net/syscheck/?rev=7932&view=rev
Author: kinneh
Date: 2010-11-23 13:27:38 +0000 (Tue, 23 Nov 2010)
Log Message:
-----------
add svn tag:ing
Modified Paths:
--------------
trunk/syscheck/lib/release.sh
Modified: trunk/syscheck/lib/release.sh
===================================================================
--- trunk/syscheck/lib/release.sh 2010-11-23 13:21:18 UTC (rev 7931)
+++ trunk/syscheck/lib/release.sh 2010-11-23 13:27:38 UTC (rev 7932)
@@ -20,7 +20,16 @@
OUTPATH=../../releases/
PROGPATH=${OUTPATH}/${progname}-${rel}
+echo "svn status locally:"
+svn status
+echo "tag in svn ( svn cp https://syscheck.svn.sourceforge.net/svnroot/syscheck/trunk/syscheck https://syscheck.svn.sourceforge.net/svnroot/syscheck/tags/${progname}-${rel}) (Y/n)"
+read tagsvn
+if [ "x$tagsvn" == "xy" -o "x$tagsvn" == "xY" -o "x$tagsvn" == "x" ] ; then
+ svn cp https://syscheck.svn.sourceforge.net/svnroot/syscheck/trunk/syscheck https://syscheck.svn.sourceforge.net/svnroot/syscheck/tags/${progname}-${rel}
+fi
+
+
svn export . ${PROGPATH}
perl -pi -e "s/SYSCHECK_VERSION=.*/SYSCHECK_VERSION=${rel}/gi" ${PROGPATH}/config/common.conf
find ${PROGPATH} -name \*.sh -exec chmod 755 {} \;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-11-23 13:21:24
|
Revision: 7931
http://syscheck.svn.sourceforge.net/syscheck/?rev=7931&view=rev
Author: kinneh
Date: 2010-11-23 13:21:18 +0000 (Tue, 23 Nov 2010)
Log Message:
-----------
Syscheck 1.5.17
Added Paths:
-----------
tags/syscheck-1.5.17/
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-11-23 13:04:38
|
Revision: 7929
http://syscheck.svn.sourceforge.net/syscheck/?rev=7929&view=rev
Author: kinneh
Date: 2010-11-23 13:04:32 +0000 (Tue, 23 Nov 2010)
Log Message:
-----------
always connect to localhost
Modified Paths:
--------------
trunk/syscheck/database-replication/811-master-node-flush-tables-with-read-lock.sh
Modified: trunk/syscheck/database-replication/811-master-node-flush-tables-with-read-lock.sh
===================================================================
--- trunk/syscheck/database-replication/811-master-node-flush-tables-with-read-lock.sh 2010-11-23 13:01:07 UTC (rev 7928)
+++ trunk/syscheck/database-replication/811-master-node-flush-tables-with-read-lock.sh 2010-11-23 13:04:32 UTC (rev 7929)
@@ -52,14 +52,14 @@
-echo "Connecting to master(HOSTNAME_NODE1): ${HOSTNAME_NODE1}"
+echo "Connecting to localhost, ARE YOU SURE THIS HOST IS ACTING AS MASTER"
echo "Enter manually:"
echo "FLUSH TABLES WITH READ LOCK;"
echo "keep the console open until the last step is done"
echo "then enter:"
echo "UNLOCK TABLES"
-$MYSQL_BIN mysql -u root --host=${HOSTNAME_NODE1} --password="$MYSQLROOT_PASSWORD"
+$MYSQL_BIN mysql -u root --password="$MYSQLROOT_PASSWORD"
if [ $? -eq 0 ] ; then
printlogmess $LEVEL_1 $ERRNO_1 "$DESCR_1"
else
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-11-23 13:01:13
|
Revision: 7928
http://syscheck.svn.sourceforge.net/syscheck/?rev=7928&view=rev
Author: kinneh
Date: 2010-11-23 13:01:07 +0000 (Tue, 23 Nov 2010)
Log Message:
-----------
always connect to node1
Modified Paths:
--------------
trunk/syscheck/database-replication/808-test-table-update-and-check-master-and-slave.sh
Modified: trunk/syscheck/database-replication/808-test-table-update-and-check-master-and-slave.sh
===================================================================
--- trunk/syscheck/database-replication/808-test-table-update-and-check-master-and-slave.sh 2010-11-10 09:12:38 UTC (rev 7927)
+++ trunk/syscheck/database-replication/808-test-table-update-and-check-master-and-slave.sh 2010-11-23 13:01:07 UTC (rev 7928)
@@ -28,9 +28,9 @@
newval=`perl -e 'print time'`
-echo "cleaning and inserting new val: $newval"
-echo "delete from test" | $MYSQL_BIN $DB_NAME -u ${DB_USER} --password=${DB_PASSWORD}
-echo "insert into test set value=$newval" | $MYSQL_BIN $DB_NAME -u ${DB_USER} --password=${DB_PASSWORD}
+echo "cleaning and inserting new val: $newval into HOSTNAME_NODE1:$HOSTNAME_NODE1"
+echo "delete from test" | $MYSQL_BIN $DB_NAME -u ${DB_USER} --password=${DB_PASSWORD} -h $HOSTNAME_NODE1
+echo "insert into test set value=$newval" | $MYSQL_BIN $DB_NAME -u ${DB_USER} --password=${DB_PASSWORD} -h $HOSTNAME_NODE1
sleep 1
echo "values from $HOSTNAME_NODE1"
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-11-09 21:43:54
|
Revision: 7925
http://syscheck.svn.sourceforge.net/syscheck/?rev=7925&view=rev
Author: kinneh
Date: 2010-11-09 21:43:48 +0000 (Tue, 09 Nov 2010)
Log Message:
-----------
new install and upgrade manuall
Added Paths:
-----------
trunk/syscheck/doc/syscheck-install-and-upgrade.odt
trunk/syscheck/doc/syscheck-install-and-upgrade.pdf
Added: trunk/syscheck/doc/syscheck-install-and-upgrade.odt
===================================================================
(Binary files differ)
Property changes on: trunk/syscheck/doc/syscheck-install-and-upgrade.odt
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
Added: trunk/syscheck/doc/syscheck-install-and-upgrade.pdf
===================================================================
(Binary files differ)
Property changes on: trunk/syscheck/doc/syscheck-install-and-upgrade.pdf
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-10-27 15:03:14
|
Revision: 7924
http://syscheck.svn.sourceforge.net/syscheck/?rev=7924&view=rev
Author: kinneh
Date: 2010-10-27 15:03:07 +0000 (Wed, 27 Oct 2010)
Log Message:
-----------
closes #41 remove 920.conf content (it's not used)
Modified Paths:
--------------
trunk/syscheck/config/920.conf
Modified: trunk/syscheck/config/920.conf
===================================================================
--- trunk/syscheck/config/920.conf 2010-10-27 15:02:12 UTC (rev 7923)
+++ trunk/syscheck/config/920.conf 2010-10-27 15:03:07 UTC (rev 7924)
@@ -1,8 +1,2 @@
# config for related-available/920_restore_mysql_db_from_backup.sh
-
-#Name of the mysql backup file.
-DATE=`date +'%Y-%m-%d_%H.%M.%S'`
-MYSQLBACKUPFILE=/backup/mysql/ejbcabackup
-MYSQLBACKUPFULLFILENAME="${MYSQLBACKUPFILE}-${DATE}.sql"
-
-# end config #
+# noconfig #
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-10-27 15:02:18
|
Revision: 7923
http://syscheck.svn.sourceforge.net/syscheck/?rev=7923&view=rev
Author: kinneh
Date: 2010-10-27 15:02:12 +0000 (Wed, 27 Oct 2010)
Log Message:
-----------
closes #42 - add new script to change master mysql node in jboss and ejbca
Added Paths:
-----------
trunk/syscheck/config/816.conf
trunk/syscheck/database-replication/816-change-master-to-nodeX-in-jboss-and-ejbca.sh
trunk/syscheck/lang/816.english
Added: trunk/syscheck/config/816.conf
===================================================================
--- trunk/syscheck/config/816.conf (rev 0)
+++ trunk/syscheck/config/816.conf 2010-10-27 15:02:12 UTC (rev 7923)
@@ -0,0 +1,2 @@
+# config for 816-change-master-to-nodeX-injboss-and-ejbca.sh
+# no config
Added: trunk/syscheck/database-replication/816-change-master-to-nodeX-in-jboss-and-ejbca.sh
===================================================================
--- trunk/syscheck/database-replication/816-change-master-to-nodeX-in-jboss-and-ejbca.sh (rev 0)
+++ trunk/syscheck/database-replication/816-change-master-to-nodeX-in-jboss-and-ejbca.sh 2010-10-27 15:02:12 UTC (rev 7923)
@@ -0,0 +1,87 @@
+#!/bin/sh
+
+# Set SYSCHECK_HOME if not already set.
+
+# 1. First check if SYSCHECK_HOME is set then use that
+if [ "x${SYSCHECK_HOME}" = "x" ] ; then
+# 2. Check if /etc/syscheck.conf exists then source that (put SYSCHECK_HOME=/path/to/syscheck in ther)
+ if [ -e /etc/syscheck.conf ] ; then
+ source /etc/syscheck.conf
+ else
+# 3. last resort use default path
+ SYSCHECK_HOME="/usr/local/syscheck"
+ fi
+fi
+
+if [ ! -f ${SYSCHECK_HOME}/syscheck.sh ] ; then echo "$0: Can't find syscheck.sh in SYSCHECK_HOME ($SYSCHECK_HOME)" ;exit ; fi
+
+
+
+
+## Import common definitions ##
+. $SYSCHECK_HOME/config/database-replication.conf
+
+
+# Fail over JBoss datasource
+if [ "$DO_DATASOURCE_FAILOVER" == "false" ] ; then
+ echo Info: Not failing over JBoss datasources because DO_DATASOURCE_FAILOVER=false.
+ exit
+
+fi
+
+
+if [ "x$1" = "xnode1" ] ; then
+ HOSTNAME_NODE=$HOSTNAME_NODE1
+elif [ "x$1" = "xnode2" ] ; then
+ HOSTNAME_NODE=$HOSTNAME_NODE2
+else
+ echo "arg1 must be the node to enter in the ds conf (node1 or node2)"
+ exit
+fi
+RET=0
+
+# <connection-url>jdbc:mysql://${HOSTNAME_NODE}:3306/${DB_NAME}</connection-url>
+perl -pi -e "s#connection-url>jdbc:mysql:.*connection-url#connection-url>jdbc:mysql://${HOSTNAME_NODE}:3306/${DB_NAME}</connection-url#gio" ${JBOSS_HOME}/server/default/deploy/ejbca-ds.xml
+grep ${HOSTNAME_NODE} ${JBOSS_HOME}/server/default/deploy/ejbca-ds.xml || RET=1
+
+# <user-name>${DB_USER}</user-name>
+perl -pi -e "s#user-name.*user-name#user-name>${DB_USER}</user-name#gio" ${JBOSS_HOME}/server/default/deploy/ejbca-ds.xml
+grep ${DB_USER} ${JBOSS_HOME}/server/default/deploy/ejbca-ds.xml || RET=2
+
+# <password>${DB_PASSWORD}</password>
+perl -pi -e "s#password.*password#password>${DB_PASSWORD}</password#gio" ${JBOSS_HOME}/server/default/deploy/ejbca-ds.xml
+grep ${DB_PASSWORD} ${JBOSS_HOME}/server/default/deploy/ejbca-ds.xml || RET=3
+
+if [ ! -x ${EJBCA_HOME}/conf/database.properties ] ; then
+ cp ${EJBCA_HOME}/conf/database.properties.sample ${EJBCA_HOME}/conf/database.properties
+else
+ RET=10
+fi
+
+perl -pi -e \"s/#database.name=mysql/database.name=mysql/\" ${EJBCA_HOME}/conf/database.properties
+grep "^database.name=mysql/$" ${EJBCA_HOME}/conf/database.properties || RET=4
+
+perl -pi -e \"s/#datasource.mapping=mySQL/datasource.mapping=mySQL/\" ${EJBCA_HOME}/conf/database.properties
+grep "^datasource.mapping=mySQL$" ${EJBCA_HOME}/conf/database.properties || RET=5
+
+
+perl -pi -e \"s/#database.url=jdbc:mysql:\/\/127.0.0.1:3306\/ejbca$/database.url=jdbc:mysql:\/\/${HOSTNAME_NODE}:3306\/${mysqlejbcadbname}/\" ${EJBCA_HOME}/conf/database.properties
+grep "database.url.*${HOSTNAME_NODE}" ${EJBCA_HOME}/conf/database.properties || RET=6
+
+perl -pi -e \"s/#database.driver=com.mysql.jdbc.Driver/database.driver=com.mysql.jdbc.Driver/\" ${EJBCA_HOME}/conf/database.properties
+grep "^database.driver=com.mysql.jdbc.Driver$" ${EJBCA_HOME}/conf/database.properties || RET=7
+
+perl -pi -e \"s/#database.username=ejbca/database.username=${mysqlejbcauser}/\" ${EJBCA_HOME}/conf/database.properties
+grep "database.username=${mysqlejbcauser}" ${EJBCA_HOME}/conf/database.properties || RET=8
+
+perl -pi -e \"s/#database.password=ejbca/database.password=${mysqlejbcapass}/\" ${EJBCA_HOME}/conf/database.properties
+grep "database.password=${mysqlejbcapass}" ${EJBCA_HOME}/conf/database.properties || RET=9
+
+
+if [ $RET -eq 0 ] ; then
+ echo "ejbca-ds.xml in jboss switched host to ${HOSTNAME_NODE}"
+ echo "remember to restart jboss when you want the change to take effect"
+else
+ echo "failed to change all settings for database node in ejbca-ds.xml and/or database.properties"
+ echo "returncode: ${RET}"
+fi
Property changes on: trunk/syscheck/database-replication/816-change-master-to-nodeX-in-jboss-and-ejbca.sh
___________________________________________________________________
Added: svn:mergeinfo
+
Added: trunk/syscheck/lang/816.english
===================================================================
--- trunk/syscheck/lang/816.english (rev 0)
+++ trunk/syscheck/lang/816.english 2010-10-27 15:02:12 UTC (rev 7923)
@@ -0,0 +1 @@
+HELP="changes datasource in both ejbca/conf/database.properties and jboss/server/default/deploy/ejbca-ds.xml"
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-10-27 14:54:21
|
Revision: 7922
http://syscheck.svn.sourceforge.net/syscheck/?rev=7922&view=rev
Author: kinneh
Date: 2010-10-27 14:54:15 +0000 (Wed, 27 Oct 2010)
Log Message:
-----------
right name in inital comment
Modified Paths:
--------------
trunk/syscheck/config/06.conf
trunk/syscheck/config/19.conf
trunk/syscheck/config/800.conf
trunk/syscheck/config/801.conf
trunk/syscheck/config/802.conf
trunk/syscheck/config/803.conf
trunk/syscheck/config/804.conf
trunk/syscheck/config/805.conf
trunk/syscheck/config/806.conf
trunk/syscheck/config/807.conf
trunk/syscheck/config/808.conf
trunk/syscheck/config/809.conf
trunk/syscheck/config/810.conf
trunk/syscheck/config/811.conf
trunk/syscheck/config/812.conf
trunk/syscheck/config/813.conf
trunk/syscheck/config/814.conf
trunk/syscheck/config/815.conf
trunk/syscheck/config/904.conf
trunk/syscheck/config/919.conf
trunk/syscheck/config/921.conf
trunk/syscheck/config/922.conf
trunk/syscheck/config/923.conf
trunk/syscheck/config/925.conf
trunk/syscheck/config/926.conf
Modified: trunk/syscheck/config/06.conf
===================================================================
--- trunk/syscheck/config/06.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/06.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -1,4 +1,4 @@
-#config
+#config for sc_06_raid_check.sh
RAID_HPTOOL=/usr/sbin/hpacucli
# check slot with: $RAID_HPTOOL ctrl all show
Modified: trunk/syscheck/config/19.conf
===================================================================
--- trunk/syscheck/config/19.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/19.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -1 +1,2 @@
+# config for sc_19_alive.sh
# no config
Modified: trunk/syscheck/config/800.conf
===================================================================
--- trunk/syscheck/config/800.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/800.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+#config for 800-create-mysql-ejbca-db.sh
+#no config
Modified: trunk/syscheck/config/801.conf
===================================================================
--- trunk/syscheck/config/801.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/801.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+#config for 801-drop-existing-ejbca-db.sh
+#no config
Modified: trunk/syscheck/config/802.conf
===================================================================
--- trunk/syscheck/config/802.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/802.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+#config for 802-create-mysql-ejbca-user-db-user.sh
+#no config
Modified: trunk/syscheck/config/803.conf
===================================================================
--- trunk/syscheck/config/803.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/803.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+#config for 803-create-mysql-replication-user.sh
+#no config
Modified: trunk/syscheck/config/804.conf
===================================================================
--- trunk/syscheck/config/804.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/804.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+# config for 804-make-mysql-server-act-as-master.sh
+# no config
Modified: trunk/syscheck/config/805.conf
===================================================================
--- trunk/syscheck/config/805.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/805.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+# config for 805-make-mysql-server-act-as-slave.sh
+# no config
Modified: trunk/syscheck/config/806.conf
===================================================================
--- trunk/syscheck/config/806.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/806.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+#config for 806-change-active-mysql-server-in-jboss-datasource.sh
+#no config
Modified: trunk/syscheck/config/807.conf
===================================================================
--- trunk/syscheck/config/807.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/807.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+#config for 807-test-table-create-table.sh
+# no config
Modified: trunk/syscheck/config/808.conf
===================================================================
--- trunk/syscheck/config/808.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/808.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+# config for 808-test-table-update-and-check-master-and-slave.sh
+# no config
Modified: trunk/syscheck/config/809.conf
===================================================================
--- trunk/syscheck/config/809.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/809.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+#config for 809-show-mysql-slave-status.sh
+# no config
Modified: trunk/syscheck/config/810.conf
===================================================================
--- trunk/syscheck/config/810.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/810.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+# config for 810-show-mysql-master-status.sh
+# no config
Modified: trunk/syscheck/config/811.conf
===================================================================
--- trunk/syscheck/config/811.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/811.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+#config for 811-master-node-flush-tables-with-read-lock.sh
+#no config
Modified: trunk/syscheck/config/812.conf
===================================================================
--- trunk/syscheck/config/812.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/812.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+# config for 812-master-node-unlock-tables.sh
+#noconfig
Modified: trunk/syscheck/config/813.conf
===================================================================
--- trunk/syscheck/config/813.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/813.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+# config for 813-mysql-console-as-root.sh
+# no config
Modified: trunk/syscheck/config/814.conf
===================================================================
--- trunk/syscheck/config/814.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/814.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+# config for 814-mysql-console-as-db-user.sh
+# no config
Modified: trunk/syscheck/config/815.conf
===================================================================
--- trunk/syscheck/config/815.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/815.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1,2 @@
+#config for 815-create-mysql-ejbca-user-db-user-localhost-only.sh
+# no config
Modified: trunk/syscheck/config/904.conf
===================================================================
--- trunk/syscheck/config/904.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/904.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -1,4 +1,4 @@
-### config ###
+### config for 904_make_mysql_db_backup.sh
#Name of the mysql backup file.
DATE=`date +'%Y-%m-%d_%H.%M.%S'`
Modified: trunk/syscheck/config/919.conf
===================================================================
--- trunk/syscheck/config/919.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/919.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -1,4 +1,4 @@
-# config for related-available/900_export_cert.sh
+# config for 919_certpublisher_remotecommand.sh
### config ###
Modified: trunk/syscheck/config/921.conf
===================================================================
--- trunk/syscheck/config/921.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/921.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -1,4 +1,4 @@
-# config for 902_export_crl.sh
+# config for 921_copy_htmf_conf.sh
### config ###
Modified: trunk/syscheck/config/922.conf
===================================================================
--- trunk/syscheck/config/922.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/922.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -0,0 +1 @@
+# config for 922-simple-database-replication-check.sh
Modified: trunk/syscheck/config/923.conf
===================================================================
--- trunk/syscheck/config/923.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/923.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -1,4 +1,4 @@
-# config for 906_ssh-copy-to-remote-machine.sh
+# config for 923-rsync-to-remote-machine.sh
# if you like to enable the ssh timeout option uncomment this (value is seconds)
Modified: trunk/syscheck/config/925.conf
===================================================================
--- trunk/syscheck/config/925.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/925.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -1,4 +1,4 @@
-# config for 905_publish_crl.sh
+# config for 925_publish_crl_from_file.sh
VERIFY_HOST[0]=localhost
Modified: trunk/syscheck/config/926.conf
===================================================================
--- trunk/syscheck/config/926.conf 2010-10-19 12:17:05 UTC (rev 7921)
+++ trunk/syscheck/config/926.conf 2010-10-27 14:54:15 UTC (rev 7922)
@@ -1,4 +1,4 @@
-# config for 926
+# config for 926_local_htmf_copy_conf.sh
### config ###
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-10-19 12:17:11
|
Revision: 7921
http://syscheck.svn.sourceforge.net/syscheck/?rev=7921&view=rev
Author: kinneh
Date: 2010-10-19 12:17:05 +0000 (Tue, 19 Oct 2010)
Log Message:
-----------
Ticket #38 add a pre-upgrade script to copy all key config/keystores to /tmp/backup_htmf_conf, fix messages
Modified Paths:
--------------
trunk/syscheck/related-available/926_local_htmf_copy_conf.sh
Modified: trunk/syscheck/related-available/926_local_htmf_copy_conf.sh
===================================================================
--- trunk/syscheck/related-available/926_local_htmf_copy_conf.sh 2010-10-19 12:10:46 UTC (rev 7920)
+++ trunk/syscheck/related-available/926_local_htmf_copy_conf.sh 2010-10-19 12:17:05 UTC (rev 7921)
@@ -33,7 +33,6 @@
### end config ###
-PRINTTOSCREEN=1
if [ "x$1" = "x-h" -o "x$1" = "x--help" ] ; then
echo "$HELP"
echo "$ERRNO_1/$DESCR_1 - $HELP_1"
@@ -60,10 +59,10 @@
printtoscreen "Copying file: ${HTMF_FILE[$j]} to:${BACKUP_DIR}"
cp -f "${HTMF_FILE[$j]}" ${BACKUP_DIR}
if [ $? -ne 0 ] ; then
- printlogmess $ERROR $ERRNO_3 "$DESCR_3" ${HTMF_FILE[$j]}
+ printlogmess $ERROR $ERRNO_2 "$DESCR_2" ${HTMF_FILE[$j]}
continue
else
- printlogmess $INFO $ERRNO_2 "$DESCR_2" ${HTMF_FILE[$j]}
+ printlogmess $INFO $ERRNO_1 "$DESCR_1" ${HTMF_FILE[$j]}
fi
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-10-19 12:10:52
|
Revision: 7920
http://syscheck.svn.sourceforge.net/syscheck/?rev=7920&view=rev
Author: kinneh
Date: 2010-10-19 12:10:46 +0000 (Tue, 19 Oct 2010)
Log Message:
-----------
Closes #38 add a pre-upgrade script to copy all key config/keystores to /tmp/backup_htmf_conf
Modified Paths:
--------------
trunk/syscheck/lang/926.english
trunk/syscheck/related-available/926_local_htmf_copy_conf.sh
Modified: trunk/syscheck/lang/926.english
===================================================================
--- trunk/syscheck/lang/926.english 2010-10-19 11:53:31 UTC (rev 7919)
+++ trunk/syscheck/lang/926.english 2010-10-19 12:10:46 UTC (rev 7920)
@@ -0,0 +1,8 @@
+HELP="Copy all config/keystore files to /tmp/bckup_htmf_conf before system upgrade"
+DESCR_1="File copied ok(%s)"
+HELP_1="no action needed"
+DESCR_2="Failed to copy file (%s)"
+HELP_2="check permissions and paths"
+DESCR_3="Failed to create backup dir (%s)"
+HELP_3="check permissions and paths"
+
Modified: trunk/syscheck/related-available/926_local_htmf_copy_conf.sh
===================================================================
--- trunk/syscheck/related-available/926_local_htmf_copy_conf.sh 2010-10-19 11:53:31 UTC (rev 7919)
+++ trunk/syscheck/related-available/926_local_htmf_copy_conf.sh 2010-10-19 12:10:46 UTC (rev 7920)
@@ -22,7 +22,7 @@
. $SYSCHECK_HOME/config/related-scripts.conf
# uniq ID of script (please use in the name of this file also for convinice for finding next availavle number)
-SCRIPTID=921
+SCRIPTID=926
getlangfiles $SCRIPTID
getconfig $SCRIPTID
@@ -35,9 +35,9 @@
PRINTTOSCREEN=1
if [ "x$1" = "x-h" -o "x$1" = "x--help" ] ; then
- echo "$ECRT_HELP"
- echo "$ERRNO_1/$COPY_EJBCA_CONF_DESCR_1 - $COPY_EJBCA_CONF_HELP_1"
- echo "$ERRNO_2/$COPY_EJBCA_CONF_DESCR_2 - $COPY_EJBCA_CONF_HELP_2"
+ echo "$HELP"
+ echo "$ERRNO_1/$DESCR_1 - $HELP_1"
+ echo "$ERRNO_2/$DESCR_2 - $HELP_2"
echo "${SCREEN_HELP}"
exit
elif [ "x$1" = "x-s" -o "x$1" = "x--screen" -o \
@@ -49,19 +49,21 @@
# Make sure you add quotation marks for the first argument when adding new files that should be copied, for exampel.
-${SYSCHECK_HOME}/related-enabled/915_remote_command_via_ssh.sh ${HOSTNAME_NODE2} "mkdir -p ${REMOTE_DIR}" ${SSH_USER} ${SSHKEY}
+mkdir -p ${BACKUP_DIR}
if [ $? -ne 0 ] ; then
- echo "couldn't make dir"
- exit
+ printlogmess $ERROR $ERRNO_3 "$DESCR_3" "${BACKUP_DIR}"
+ exit
fi
for (( j=0; j < ${#HTMF_FILE[@]} ; j++ )){
- printtoscreen "Copying file: ${HTMF_FILE[$j]} to:${HOSTNAME_NODE2} dir:${REMOTE_DIR} remotreuser:${REMOTE_USER} sshkey: ${SSHKEY}"
- ${SYSCHECK_HOME}/related-enabled/906_ssh-copy-to-remote-machine.sh "${HTMF_FILE[$j]}" ${HOSTNAME_NODE2} ${REMOTE_DIR} ${REMOTE_USER} ${SSHKEY}
+ printtoscreen "Copying file: ${HTMF_FILE[$j]} to:${BACKUP_DIR}"
+ cp -f "${HTMF_FILE[$j]}" ${BACKUP_DIR}
if [ $? -ne 0 ] ; then
- echo "couln't copy file \"${HTMF_FILE[$j]}\""
- exit
+ printlogmess $ERROR $ERRNO_3 "$DESCR_3" ${HTMF_FILE[$j]}
+ continue
+ else
+ printlogmess $INFO $ERRNO_2 "$DESCR_2" ${HTMF_FILE[$j]}
fi
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <ki...@us...> - 2010-10-19 11:53:38
|
Revision: 7919
http://syscheck.svn.sourceforge.net/syscheck/?rev=7919&view=rev
Author: kinneh
Date: 2010-10-19 11:53:31 +0000 (Tue, 19 Oct 2010)
Log Message:
-----------
Close #38 add a pre-upgrade script to copy all key config/keystores to /tmp/backup_htmf_conf
Added Paths:
-----------
trunk/syscheck/config/926.conf
trunk/syscheck/lang/926.english
trunk/syscheck/related-available/926_local_htmf_copy_conf.sh
Added: trunk/syscheck/config/926.conf
===================================================================
--- trunk/syscheck/config/926.conf (rev 0)
+++ trunk/syscheck/config/926.conf 2010-10-19 11:53:31 UTC (rev 7919)
@@ -0,0 +1,17 @@
+# config for 926
+
+### config ###
+
+#
+BACKUP_DIR='/tmp/backup_htmf_conf/'
+
+# If you configure one or more REMOTE_HOST:s the archived certificate will also be stored on that host
+HTMF_FILE[0]="${HTMF_HOME}/hardtokenmgmt.properties"
+HTMF_FILE[1]="${HTMF_HOME}/autogenerated_hardtokenmgmt.properties"
+HTMF_FILE[2]="${HTMF_HOME}/src/resources/globalsettings/global.properties"
+HTMF_FILE[3]="${HTMF_HOME}/jarsigner.jks"
+HTMF_FILE[4]="${EJBCA_HOME}/conf/ejbca.properties"
+HTMF_FILE[5]="${EJBCA_HOME}/conf/database.properties"
+HTMF_FILE[6]="${JBOSS_HOME}/server/default/conf/keystore/keystore.jks"
+HTMF_FILE[7]="${JBOSS_HOME}/server/default/conf/keystore/truststore.jks"
+HTMF_FILE[8]="${JBOSS_HOME}/server/default/deploy/jboss-web.deployer/server.xml"
Added: trunk/syscheck/lang/926.english
===================================================================
Added: trunk/syscheck/related-available/926_local_htmf_copy_conf.sh
===================================================================
--- trunk/syscheck/related-available/926_local_htmf_copy_conf.sh (rev 0)
+++ trunk/syscheck/related-available/926_local_htmf_copy_conf.sh 2010-10-19 11:53:31 UTC (rev 7919)
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+# Set SYSCHECK_HOME if not already set.
+
+# 1. First check if SYSCHECK_HOME is set then use that
+if [ "x${SYSCHECK_HOME}" = "x" ] ; then
+# 2. Check if /etc/syscheck.conf exists then source that (put SYSCHECK_HOME=/path/to/syscheck in ther)
+ if [ -e /etc/syscheck.conf ] ; then
+ source /etc/syscheck.conf
+ else
+# 3. last resort use default path
+ SYSCHECK_HOME="/usr/local/syscheck"
+ fi
+fi
+
+if [ ! -f ${SYSCHECK_HOME}/syscheck.sh ] ; then echo "$0: Can't find syscheck.sh in SYSCHECK_HOME ($SYSCHECK_HOME)" ;exit ; fi
+
+
+
+
+## Import common definitions ##
+. $SYSCHECK_HOME/config/related-scripts.conf
+
+# uniq ID of script (please use in the name of this file also for convinice for finding next availavle number)
+SCRIPTID=921
+
+getlangfiles $SCRIPTID
+getconfig $SCRIPTID
+
+ERRNO_1="${SCRIPTID}1"
+ERRNO_2="${SCRIPTID}2"
+ERRNO_3="${SCRIPTID}3"
+
+### end config ###
+
+PRINTTOSCREEN=1
+if [ "x$1" = "x-h" -o "x$1" = "x--help" ] ; then
+ echo "$ECRT_HELP"
+ echo "$ERRNO_1/$COPY_EJBCA_CONF_DESCR_1 - $COPY_EJBCA_CONF_HELP_1"
+ echo "$ERRNO_2/$COPY_EJBCA_CONF_DESCR_2 - $COPY_EJBCA_CONF_HELP_2"
+ echo "${SCREEN_HELP}"
+ exit
+elif [ "x$1" = "x-s" -o "x$1" = "x--screen" -o \
+ "x$2" = "x-s" -o "x$2" = "x--screen" ] ; then
+ PRINTTOSCREEN=1
+fi
+
+
+# Make sure you add quotation marks for the first argument when adding new files that should be copied, for exampel.
+
+
+${SYSCHECK_HOME}/related-enabled/915_remote_command_via_ssh.sh ${HOSTNAME_NODE2} "mkdir -p ${REMOTE_DIR}" ${SSH_USER} ${SSHKEY}
+if [ $? -ne 0 ] ; then
+ echo "couldn't make dir"
+ exit
+fi
+
+
+for (( j=0; j < ${#HTMF_FILE[@]} ; j++ )){
+ printtoscreen "Copying file: ${HTMF_FILE[$j]} to:${HOSTNAME_NODE2} dir:${REMOTE_DIR} remotreuser:${REMOTE_USER} sshkey: ${SSHKEY}"
+ ${SYSCHECK_HOME}/related-enabled/906_ssh-copy-to-remote-machine.sh "${HTMF_FILE[$j]}" ${HOSTNAME_NODE2} ${REMOTE_DIR} ${REMOTE_USER} ${SSHKEY}
+ if [ $? -ne 0 ] ; then
+ echo "couln't copy file \"${HTMF_FILE[$j]}\""
+ exit
+ fi
+
+}
+
Property changes on: trunk/syscheck/related-available/926_local_htmf_copy_conf.sh
___________________________________________________________________
Added: svn:executable
+ *
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
