diff options
author | Christian Rößler | 2015-06-08 17:40:09 +0200 |
---|---|---|
committer | Christian Rößler | 2015-06-08 17:40:09 +0200 |
commit | cb0723d1944ea8aa3c202879093e3544582ba38f (patch) | |
tree | e7f5354ce9ce30cfd3fd4ee4afb19db1b79328bc | |
parent | [SSPS] Add netstat to sudo rules (diff) | |
download | setup-scripts-cb0723d1944ea8aa3c202879093e3544582ba38f.tar.gz setup-scripts-cb0723d1944ea8aa3c202879093e3544582ba38f.tar.xz setup-scripts-cb0723d1944ea8aa3c202879093e3544582ba38f.zip |
[SSPS] Some after-install cleaning functions
-rw-r--r-- | satellit_installer/includes/50-copyscripts.inc | 9 | ||||
-rw-r--r-- | satellit_installer/includes/99-clean_install | 34 | ||||
-rwxr-xr-x | satellit_installer/satellit_installer | 5 | ||||
-rwxr-xr-x | satellit_installer/static_files/finalize | 21 |
4 files changed, 67 insertions, 2 deletions
diff --git a/satellit_installer/includes/50-copyscripts.inc b/satellit_installer/includes/50-copyscripts.inc index 2ac11a3..5aabcd1 100644 --- a/satellit_installer/includes/50-copyscripts.inc +++ b/satellit_installer/includes/50-copyscripts.inc @@ -7,7 +7,7 @@ install_tmpdelete() { install_config_static_ip() { echo -n "# Copying config_static_ip to /usr/local/sbin... " - mkdir -p /usr/local/sbin 2>/dev/null + mkdir -p /usr/local/sbin 2>/dev/null # Just for being on the safe side. cp "$BASEDIR/static_files/netsetup" /usr/local/sbin echo "ok." } @@ -17,7 +17,7 @@ install_javadaemon() { } install_pidtree() { - mkdir -p "/usr/local/bin" + mkdir -p "/usr/local/bin" 2>/dev/null # Just for being on the safe side cp -a "$BASEDIR/static_files/pidtree" "/usr/local/bin/" || perror "Could not install pidtree" chown root:root "/usr/local/bin/pidtree" } @@ -28,3 +28,8 @@ install_slxlog() { chown root:root "/usr/local/bin/slxlog" } +install_finalize() { + mkdir -p "/usr/local/bin" + cp -a "$BASEDIR/static_files/finalize" "/usr/local/bin/" || perror "Could not install finalize script" + chown root:root "/usr/local/bin/finalize" +}" diff --git a/satellit_installer/includes/99-clean_install b/satellit_installer/includes/99-clean_install new file mode 100644 index 0000000..952d4fe --- /dev/null +++ b/satellit_installer/includes/99-clean_install @@ -0,0 +1,34 @@ +# Functions for cleaning some stuff after script run + +clean_logfiles() { + # delete only files, not directories + find /var/log -type f -delete + ERR=$? + [ $ERR -eq 0 ] && echo " ok." || echo " error cleaning log files." +} + +clean_authorized_hosts() { + [ -f /root/.ssh/authorized_keys ] && rm -f /root/.ssh/authorized_keys + ERR=$? + [ $ERR -eq 0 ] && echo " ok." || echo " error cleaning authorized keys file." +} + +clean_idrsa() { + [ -f /root/.ssh/id_rsa ] && rm -f /root/.ssh/id_rsa # rsa will suffice for our git keys + ERR=$? + [ $ERR -eq 0 ] && echo " ok." || echo " error cleaning id_rsa identity file." +} + +clean_install() { + GESERR=0 + echo "#" + echo "# Now, let's clean some unnecessary or harmful entries, e.g. " + echo "# entries in authorized_hosts, .bash_history and files beneath /var/log." + echo "#" + echo -n "# cleaning authorized_hosts ..." + clean_authorized_hosts + echo -n "# cleaning id_rsa private key ..." + clean_idrsa + echo -n "# cleaning log files ..." + clean_logfiles +} diff --git a/satellit_installer/satellit_installer b/satellit_installer/satellit_installer index 4b085dc..78cf9d8 100755 --- a/satellit_installer/satellit_installer +++ b/satellit_installer/satellit_installer @@ -165,6 +165,7 @@ drop_firstrun_script install_javadaemon install_pidtree install_slxlog +install_finalize # Script for cleaning some stuff after installation set_directory_permissions @@ -176,6 +177,10 @@ tar -z -c -T /dev/null -f /opt/openslx/empty.tgz # Activate 'purge_install' here - but be careful! This is for debugging purposes only! # purge_install +# cleaning log files, authorized hosts +clean_install end_message +finalize # Cleaning script; script will delete itself. + exit 0 diff --git a/satellit_installer/static_files/finalize b/satellit_installer/static_files/finalize new file mode 100755 index 0000000..1be85e2 --- /dev/null +++ b/satellit_installer/static_files/finalize @@ -0,0 +1,21 @@ +#!/bin/dash + +# Funny dash has a funny 'kill' builtin, which we +# do not want to use. +KILL=$(which kill) + +EIGENEPID=$(ps -o ppid $$|fgrep -v PPID) + +# kill every bash in reach, but not the parent('s parent): +for i in $(ps axo pid,comm|grep bash|cut -d " " -f 2); do + [ $EIGENEPID != $i ] && $KILL -SIGKILL $i 2>/dev/null +done + +# Now, empty root's ~/.bash_history: +>~/.bash_history + +# Now we delete the script - necessary only once. +rm -f "$_" 2>/dev/null + +exit + |