[SSPS] Some after-install cleaning functions

4 files changed, 67 insertions, 2 deletions

diff --git a/satellit_installer/includes/50-copyscripts.inc b/satellit_installer/includes/50-copyscripts.inc
index 2ac11a3..5aabcd1 100644
--- a/satellit_installer/includes/50-copyscripts.inc
+++ b/satellit_installer/includes/50-copyscripts.inc
@@ -7,7 +7,7 @@ install_tmpdelete() {
 
 install_config_static_ip() {
 	echo -n "# Copying config_static_ip to /usr/local/sbin... "
-	mkdir -p /usr/local/sbin 2>/dev/null
+	mkdir -p /usr/local/sbin 2>/dev/null # Just for being on the safe side.
 	cp "$BASEDIR/static_files/netsetup" /usr/local/sbin
 	echo "ok."
 }
@@ -17,7 +17,7 @@ install_javadaemon() {
 }
 
 install_pidtree() {
-	mkdir -p "/usr/local/bin"
+	mkdir -p "/usr/local/bin" 2>/dev/null # Just for being on the safe side
 	cp -a "$BASEDIR/static_files/pidtree" "/usr/local/bin/" || perror "Could not install pidtree"
 	chown root:root "/usr/local/bin/pidtree"
 }
@@ -28,3 +28,8 @@ install_slxlog() {
 	chown root:root "/usr/local/bin/slxlog"
 }
 
+install_finalize() {
+	mkdir -p "/usr/local/bin"
+	cp -a "$BASEDIR/static_files/finalize" "/usr/local/bin/" || perror "Could not install finalize script"
+	chown root:root "/usr/local/bin/finalize"
+}"
diff --git a/satellit_installer/includes/99-clean_install b/satellit_installer/includes/99-clean_install
new file mode 100644
index 0000000..952d4fe
--- /dev/null
+++ b/satellit_installer/includes/99-clean_install
@@ -0,0 +1,34 @@
+# Functions for cleaning some stuff after script run
+
+clean_logfiles() {
+	# delete only files, not directories
+	find /var/log -type f -delete
+	ERR=$?
+	[ $ERR -eq 0 ] && echo " ok." || echo " error cleaning log files."
+}
+
+clean_authorized_hosts() {
+	[ -f /root/.ssh/authorized_keys ] && rm -f /root/.ssh/authorized_keys
+	ERR=$?
+	[ $ERR -eq 0 ] && echo " ok." || echo " error cleaning authorized keys file."
+}
+
+clean_idrsa() {
+	[ -f /root/.ssh/id_rsa ] && rm -f /root/.ssh/id_rsa	# rsa will suffice for our git keys
+	ERR=$?
+	[ $ERR -eq 0 ] && echo " ok." || echo " error cleaning id_rsa identity file."
+}
+
+clean_install() {
+	GESERR=0
+        echo "#"
+        echo "# Now, let's clean some unnecessary or harmful entries, e.g. "
+        echo "# entries in authorized_hosts, .bash_history and files beneath /var/log."
+        echo "#"
+	echo -n "# cleaning authorized_hosts ..."
+	clean_authorized_hosts
+	echo -n "# cleaning id_rsa private key ..."
+	clean_idrsa
+	echo -n "# cleaning log files ..."
+	clean_logfiles
+}
diff --git a/satellit_installer/satellit_installer b/satellit_installer/satellit_installer
index 4b085dc..78cf9d8 100755
--- a/satellit_installer/satellit_installer
+++ b/satellit_installer/satellit_installer
@@ -165,6 +165,7 @@ drop_firstrun_script
 install_javadaemon
 install_pidtree
 install_slxlog
+install_finalize	# Script for cleaning some stuff after installation
 
 set_directory_permissions
 
@@ -176,6 +177,10 @@ tar -z -c -T /dev/null -f /opt/openslx/empty.tgz
 # Activate 'purge_install' here - but be careful! This is for debugging purposes only!
 # purge_install
 
+# cleaning log files, authorized hosts
+clean_install
 end_message
 
+finalize		# Cleaning script; script will delete itself.
+
 exit 0
diff --git a/satellit_installer/static_files/finalize b/satellit_installer/static_files/finalize
new file mode 100755
index 0000000..1be85e2
--- /dev/null
+++ b/satellit_installer/static_files/finalize
@@ -0,0 +1,21 @@
+#!/bin/dash
+
+# Funny dash has a funny 'kill' builtin, which we
+# do not want to use.
+KILL=$(which kill)
+
+EIGENEPID=$(ps -o ppid $$|fgrep -v PPID)
+
+# kill every bash in reach, but not the parent('s parent):
+for i in $(ps axo pid,comm|grep bash|cut -d " " -f 2); do
+	[ $EIGENEPID != $i ] && $KILL -SIGKILL $i 2>/dev/null
+done
+
+# Now, empty root's ~/.bash_history:
+>~/.bash_history
+
+# Now we delete the script - necessary only once.
+rm -f "$_" 2>/dev/null
+
+exit
+