source: trunk/scripts/samhain-scripts/samhain-admin@ 15

Last change on this file since 15 was 1, checked in by katerina, 19 years ago

Initial import

File size: 8.8 KB
Line 
1#!/bin/sh
2
3YULERC="/etc/yulerc"
4YULEDIR="/var/lib/yule"
5YULELOG="/var/log/yule/yule_log"
6YULEUSER="yule"
7YULEGROUP="yule"
8YULERESTART="/sbin/service yule restart"
9
10deploybin="/usr/local/sbin/deploy.sh"
11
12# this is used for creating hosts only
13# (to check if this is a valid host)
14# if you uncomment it, this check will not be performed
15FORCEDOMAIN="yourdomain.net"
16
17action_dbclear="/usr/local/sbin/samhain.clearhost"
18
19
20geth() {
21 unset HLIST
22 unset FQHLIST
23
24 for file in $(ls ${YULEDIR}/file* | egrep -v ".bak$" | egrep -v ".log$" | \
25 egrep -v ".mgmt$" | egrep -v ".old$" | egrep -v ".sav$" ) ; do
26 # strip path
27 fn=$(basename ${file})
28 # strip leading "file."
29 fqhn=${fn#file.}
30 # strip trailing domain
31 hn=${fqhn%%.*}
32 # write results to two arrays
33 FQHLIST[${#FQHLIST[*]}]=$fqhn
34 HLIST[${#HLIST[*]}]=$hn
35 done
36
37 # get the length of the two arrays
38 hlistlen=${#HLIST[*]}
39 fqhlistlen=${#FQHLIST[*]}
40
41 # run until a valid selection is made
42 while [ 1 ] ; do
43 clear
44 echo "HOST LIST SELECTION"
45 echo
46
47 # loop through array, print echo each host
48 arrpos=0
49 while [ ${arrpos} -lt ${hlistlen} ] ; do
50 echo -e "$((${arrpos}+1)).\t${HLIST[${arrpos}]}"
51 arrpos=$((${arrpos}+1))
52 done
53
54 echo
55 echo -n "Please select a host (q to quit): "
56
57 read hostsel
58
59 if [ "${hostsel}" = "q" ] ; then
60 exit
61 fi
62
63 isnum=$(echo ${hostsel} | egrep "^[[:digit:]]*$")
64 if [ "${isnum}" ] ; then
65 if [ ${hostsel} -gt 0 -a ${hostsel} -lt $((${hlistlen}+1)) ]
66 then
67 hostsel=$((${hostsel}-1))
68 break
69 fi
70 fi
71 done
72}
73
74
75getprof() {
76 unset PLIST
77 for entry in $(find ${YULEDIR}/profiles -type d -maxdepth 1) ; do
78 entry=$(basename ${entry})
79 if [ ! "${entry}" = "src" -a ! "${entry}" = "profiles" ] ; then
80 PLIST[${#PLIST[*]}]=${entry}
81 fi
82 done
83
84 # array length
85 plistlen=${#PLIST[*]}
86}
87
88
89
90
91cleardb() {
92# clear the SQL database
93 geth
94 (
95 echo "Clearing database for ${HLIST[${hostsel}]}:"
96 ${action_dbclear} ${HLIST[${hostsel}]} 2>&1 && \
97 echo "exit 0"
98 ) | less
99}
100
101
102
103# re-init part
104rrinit() {
105
106 geth
107
108 if [ ! -f ${YULEDIR}/file.${FQHLIST[${hostsel}]} ] ; then
109 echo "File ${YULEDIR}/file.${FQHLIST[${hostsel}]} does not exist. Exiting."
110 exit 42
111 fi
112
113 if [ ! -f ${YULEDIR}/rc.${FQHLIST[${hostsel}]} ] ; then
114 echo "File ${YULEDIR}/rc.${FQHLIST[${hostsel}]} does not exist. Exiting."
115 exit 42
116 fi
117
118 echo "Please see the yule log if you really want to reinit the samhain database."
119 echo "This is a really ugly XML file. Better get out of here ..."
120 echo -n "Press ENTER to continue. "
121 read forgetthisone
122
123
124 while [ 1 ] ; do
125 grep "remote_host=\"${HLIST[${hostsel}]}\"" ${YULELOG} | less
126
127 echo -n "Now that you've seen this: do you still want to continue? (y) (q to quit): "
128 read goforit
129
130 if [ "${goforit}" = "q" ] ; then
131 exit
132 fi
133
134 if [ "${goforit}" = "y" ] ; then
135 break
136 fi
137 done
138
139
140 # Clean the database
141 echo "Clearing database for ${HLIST[${hostsel}]}:"
142 ${action_dbclear} ${HLIST[${hostsel}]} 2>&1 && echo "exit 0"
143
144
145 # now run remotely
146 # this code is _really_ funny ... :)
147 ssh -x root@${FQHLIST[${hostsel}]} \
148 'if [ ! -d /samhain-deploy ] ; then \
149 mkdir /samhain-deploy ; \
150 fi ; \
151 if [ -f /samhain-deploy/sh_database ] ; then \
152 rm -f /samhain-deploy/sh_database ; \
153 fi ; \
154 if [ -x /usr/bin/monit -a "$(/usr/bin/monit status | grep samhain)" ] ; then \
155 monit stop samhain && sleep 5 ; \
156 elif [ -x /etc/init.d/samhain ] ; then \
157 /etc/init.d/samhain stop ; \
158 elif [ -x /etc/rc.d/init.d/samhain ] ; then \
159 /etc/rc.d/init.d/samhain stop ;
160 else \
161 kill $(cat /var/run/samhain.pid) ; \
162 fi ; \
163 /sbin/samhain -t init '
164 echo -n -e '\a' ; sleep 1
165 echo -n -e '\a' ; sleep 1
166 echo -n -e '\a' ; sleep 1
167 echo -n -e '\a' ; sleep 1
168 echo -n -e '\a'
169
170 # backup old database
171 cp ${YULEDIR}/file.${FQHLIST[${hostsel}]} ${YULEDIR}/file.${FQHLIST[${hostsel}]}.mgmt
172
173 # get the new database
174 scp root@${FQHLIST[${hostsel}]}:/samhain-deploy/sh_database \
175 ${YULEDIR}/file.${FQHLIST[${hostsel}]} && \
176 chown ${YULEUSER}:${YULEGROUP} ${YULEDIR}/file.${FQHLIST[${hostsel}]} && \
177 chmod 600 ${YULEDIR}/file.${FQHLIST[${hostsel}]}
178 echo -n -e '\a' ; sleep 1
179 echo -n -e '\a' ; sleep 1
180 echo -n -e '\a' ; sleep 1
181 echo -n -e '\a' ; sleep 1
182 echo -n -e '\a'
183
184 while [ 1 ] ; do
185 echo
186 echo -n "Do you want to start the remote samhain client now? (y/n/q) "
187 read remotestart
188
189 if [ "${remotestart}" = "q" ] ; then
190 exit
191 fi
192
193 if [ "${remotestart}" = "y" -o "${remotestart}" = "n" ] ; then
194 break
195 fi
196 done
197
198 if [ "${remotestart}" = "y" ] ; then
199 # restart samhain on remote host
200 ssh -x root@${FQHLIST[${hostsel}]} \
201 'if [ -f /samhain-deploy/sh_database ] ; then \
202 rm -f /samhain-deploy/sh_database ; \
203 fi ; \
204 if [ -x /usr/bin/monit -a "$(/usr/bin/monit status | grep samhain)" ] ; then \
205 monit start samhain ; \
206 elif [ -x /etc/init.d/samhain ] ; then \
207 /etc/init.d/samhain start ; \
208 elif [ -x /etc/rc.d/init.d/samhain ] ; then \
209 /etc/rc.d/init.d/samhain start ;
210 else \
211 echo "Do not know how to start samhain." ; \
212 fi'
213 echo -n -e '\a' ; sleep 1
214 echo -n -e '\a' ; sleep 1
215 echo -n -e '\a' ; sleep 1
216 echo -n -e '\a' ; sleep 1
217 echo -n -e '\a'
218
219 echo "done"
220 fi
221}
222
223
224# add a new host
225addnewhost() {
226 getprof
227
228 while [ 1 ] ; do
229 clear
230 echo "PROFILE SELECTION"
231 echo
232
233 # loop through array, print echo each host
234 arrpos=0
235 while [ ${arrpos} -lt ${plistlen} ] ; do
236 echo -e "$((${arrpos}+1)).\t${PLIST[${arrpos}]}"
237 arrpos=$((${arrpos}+1))
238 done
239
240 echo
241 echo -n "Please select a profile (q to quit): "
242
243 read psel
244
245 if [ "${psel}" = "p" ] ; then
246 exit
247 fi
248
249 if [ ${psel} -gt 0 -a ${psel} -lt $((${plistlen}+1)) ] ; then
250 psel=$((${psel}-1))
251 break
252 fi
253 done
254
255 while [ 1 ] ; do
256 echo
257 echo -n "Enter a fully qualified host name: "
258 read newhost
259 foundpoint=$(echo ${newhost} | egrep "\.")
260 if [ "${foundpoint}" ] ; then
261 break
262 else
263 echo "Dude, a FQHN please!"
264 continue
265 fi
266 if [ "${FORCEDOMAIN}" ] ; then
267 if [ "$(echo ${newhost} | egrep \"\.${FORCEDOMAIN}$\")" ] ; then
268 break
269 else
270 echo "Host must be in domain ${FORCEDOMAIN}"
271 continue
272 fi
273 fi
274 done
275
276
277 while [ 1 ] ; do
278 echo "You are going to run the following command:"
279 echo "${deploybin} --remote-host=${newhost} --build-OS=${PLIST[${psel}]} --clients=${YULERC}"
280 echo -n "Continue? (y/n/q) "
281 read pconf
282
283 if [ "${pconf}" = "q" ] ; then
284 exit
285 fi
286
287 if [ "${pconf}" = "y" -o "${pconf}" = "n" ] ; then
288 break
289 fi
290 done
291
292 if [ ${pconf} = "y" ] ; then
293 ${deploybin} --remote-host=${newhost} --build-OS=${PLIST[${psel}]} --clients=${YULERC}
294
295
296 chown ${YULEUSER}:${YULEGROUP} ${YULEDIR}/file.${newhost} ${YULEDIR}/rc.${newhost}
297
298 while [ 1 ] ; do
299 echo
300 echo "Yule has to be restarted before the client is started."
301 echo -n "Do you want to restart yule now? (y|n) "
302 read yulerestart
303
304 if [ "${yulerestart}" = "y" -o "${yulerestart}" = "n" ] ; then
305 break
306 fi
307 done
308
309 if [ "${yulerestart}" = "y" ] ; then
310 eval ${YULERESTART}
311 fi
312
313
314 while [ 1 ] ; do
315 echo
316 echo -n "Do you want to start the remote samhain client now? (y|n) "
317 read startsam
318 if [ "${startsam}" = "y" -o "${startsam}" = "n" ] ; then
319 break
320 fi
321 done
322
323
324 if [ "${startsam}" = "y" ] ; then
325
326 echo "x${newhost}x"
327
328 ssh -x root@${newhost} \
329 'if [ -f /var/run/samhain.pid ] ; then \
330 if [ -x /usr/bin/monit -a "$(/usr/bin/monit status | grep samhain)" ] ; then \
331 monit stop samhain && sleep 5 ; \
332 elif [ -x /etc/init.d/samhain ] ; then \
333 /etc/init.d/samhain stop ; \
334 elif [ -x /etc/rc.d/init.d/samhain ] ; then \
335 /etc/rc.d/init.d/samhain stop ;
336 else \
337 kill $(cat /var/run/samhain.pid) ; \
338 fi ; \
339 fi ; \
340 if [ -x /usr/bin/monit -a "$(/usr/bin/monit status | grep samhain)" ] ; then \
341 monit start samhain ; \
342 elif [ -x /etc/init.d/samhain ] ; then \
343 /etc/init.d/samhain start ; \
344 elif [ -x /etc/rc.d/init.d/samhain ] ; then \
345 /etc/rc.d/init.d/samhain start ;
346 else \
347 echo "Do not know how to start samhain." ; \
348 fi'
349 echo -n -e '\a' ; sleep 1
350 echo -n -e '\a' ; sleep 1
351 echo -n -e '\a' ; sleep 1
352 echo -n -e '\a' ; sleep 1
353 echo -n -e '\a'
354 fi
355 fi
356
357
358}
359
360
361
362
363# run until a valid selection is made
364while [ 1 ] ; do
365 clear
366
367 echo "SELECT ACTION"
368 echo
369
370 echo -e "1.\tOnly clear log entries in SQL database"
371 echo -e "2.\tReinitialize host database"
372 echo -e "3.\tAdd a new host"
373 echo
374 echo -n "Select an action (q to quit): "
375
376 read action
377
378 if [ "${action}" = "q" ] ; then
379 exit
380 fi
381
382 if [ "${action}" = "1" ] ; then
383 cleardb
384 fi
385
386 if [ "${action}" = "2" ] ; then
387 rrinit
388 fi
389
390 if [ "${action}" = "3" ] ; then
391 addnewhost
392 fi
393
394done
395
396
397
398
Note: See TracBrowser for help on using the repository browser.