diff options
author | Simon Rettberg | 2014-10-22 19:13:05 +0200 |
---|---|---|
committer | Simon Rettberg | 2014-10-22 19:13:05 +0200 |
commit | 0d8dded26c5c1934eb1f4dd85228595c6eb43a0a (patch) | |
tree | e43874c96bd0e4404c4f47809ffbba2c97b87dc0 /satellit_installer/includes/10-script_dropper.inc | |
parent | Add open-vm-tools (diff) | |
download | setup-scripts-0d8dded26c5c1934eb1f4dd85228595c6eb43a0a.tar.gz setup-scripts-0d8dded26c5c1934eb1f4dd85228595c6eb43a0a.tar.xz setup-scripts-0d8dded26c5c1934eb1f4dd85228595c6eb43a0a.zip |
Outsource and translate firstrun.sh, rename variables
- Moved the firstrun script to a static file to make its handling easier (no more escaping hell)
- firstrun.sh is now in German, as it will be run by the end user
- Also renamed some variables to better fit their purpose (LOGDIR, INSTALLDIR)
Diffstat (limited to 'satellit_installer/includes/10-script_dropper.inc')
-rw-r--r-- | satellit_installer/includes/10-script_dropper.inc | 189 |
1 files changed, 13 insertions, 176 deletions
diff --git a/satellit_installer/includes/10-script_dropper.inc b/satellit_installer/includes/10-script_dropper.inc index 703ff2e..ac6ed03 100644 --- a/satellit_installer/includes/10-script_dropper.inc +++ b/satellit_installer/includes/10-script_dropper.inc @@ -1,185 +1,22 @@ -patch_bashrc() { - if [ $(grep -c $(echo "^${INSTALLDIR}.*first_run") /root/.bashrc) -gt 0 ]; then - echo "# first_run script already in root's bashrc, doing nothing." +patch_profile() { + if grep -q "/root/installer/firstrun.sh" /root/.profile; then + echo "# first_run script already in root's .profile, doing nothing." else - echo "# Patching root's bashrc...) " - echo "${INSTALLDIR}/first_run" >> /root/.bashrc + echo "# Patching root's .profile" + echo "/root/installer/firstrun.sh" >> /root/.profile fi } -copy_public_key() { - cp -p "${BASEDIR}/static_files/finish_setup_public_key.pem" ${INSTALLDIR} \ - || echo "Warning: Could not copy public key to ${INSTALLDIR}!" -} - drop_script() { - cat >"${INSTALLDIR}/first_run"<<-EOF - #!/bin/bash - - generate_password() { - local password="\$(< /dev/urandom tr -dc _A-Za-z0-9 | head -c${1:-16};)" - echo "\$password" - } - - LANG=en_US.UTF-8 - echo - echo "Satellite server install post-install script" - echo - echo "This script will set safe password for root, the mysql root user," - echo 'two mysql user accounts (openslx and bwLehrpool) and debian-sys-maint.' - echo - echo "We recommend you choose a secure password for root. The other" - echo "passwords will be auto generated." - echo "" - echo "Please set a secure password for root:" - echo "" - passwd - echo - echo "Thank you." - echo - echo "Now we will auto-generate new passwords for the mentioned mysql users:" - echo - MYSQL_ROOT_PASS="\$(grep MYSQL_ROOT_PASS "$LOGDIR/config"|cut -f 2 -d "=")" - umask 0066 - - MYSQL_ROOT_NEW=\$(generate_password) - mysqladmin -u root -p\${MYSQL_ROOT_PASS} password \${MYSQL_ROOT_NEW} - echo "MYSQL_ROOT_PASS=\$MYSQL_ROOT_NEW" > /root/new_passwords - echo "Mysql root password," - - MYSQL_BWLEHRPOOL_NEW=\$(generate_password) - echo "SET PASSWORD FOR 'bwLehrpool'@'localhost' = PASSWORD('\$MYSQL_BWLEHRPOOL_NEW');" | mysql -u root -p\${MYSQL_ROOT_NEW} - echo "MYSQL_BWLEHRPOOL_PASS=\$MYSQL_BWLEHRPOOL_NEW" >> /root/new_passwords - echo "Mysql bwLehrpool password," - - MYSQL_OPENSLX_NEW=\$(generate_password) - echo "SET PASSWORD FOR 'openslx'@'localhost' = PASSWORD('\$MYSQL_OPENSLX_NEW');" | mysql -u root -p\${MYSQL_ROOT_NEW} - echo "MYSQL_OPENSLX_PASS=\$MYSQL_OPENSLX_NEW" >> /root/new_passwords - echo "mysql openslx password," - - MYSQL_SYSMAINT_NEW=\$(generate_password) - echo "SET PASSWORD FOR 'debian-sys-maint'@'localhost' = PASSWORD('\$MYSQL_SYSMAINT_NEW');" | mysql -u root -p\${MYSQL_ROOT_NEW} - echo "and debian-sys-maint." - - echo "... done." - echo - echo "Now we will save the newly set passwords (save debian-sys-maint)" - echo "in an encrypted file..." - - cat /root/new_passwords | openssl rsautl -encrypt -pubin -inkey ${BASEDIR}/static_files/finish_setup_public_key.pem > \ - ${BASEDIR}/static_files/new_passwords.encrypted - rm -f /root/new_passwords 2>/dev/null - echo "...ok." - - echo "And due to popular demand we will save the mysql root password also " - echo "in the file /root/mysqlpass (and set it to 600, of course)... " - echo "\$MYSQL_ROOT_NEW" > /root/mysqlpass - chmod 600 /root/mysqlpass - - # Patching bwLehrpool-mysql-userpass into bwSuite Server config: - sed -i "s/%MYSQL_BWLEHRPOOL_PASS%/\$MYSQL_BWLEHRPOOL_NEW/g" "$INSTALLDIR/Server_Config.ini" - - # Patching bwLehrpool-mysql-userpass into pureftpd config: - sed -i "s/MYSQLPassword.*$/MYSQLPassword \$MYSQL_BWLEHRPOOL_NEW/g" /etc/pure-ftpd/db/mysql.conf - - # Patching bwLehrpool-mysql-userpass into satellite-daemon config: - sed -i "s/%MYSQL_BWLEHRPOOL_PASS%/\$MYSQL_BWLEHRPOOL_NEW/g" /opt/syncdaemon/config/mysql.properties - - # Patching bwLehrpool-mysql-userpass into vmchooser list.php: - sed -i "s/%MYSQL_BWLEHRPOOL_PASS%/\$MYSQL_BWLEHRPOOL_NEW/g" /srv/openslx/www/vmchooser/list.php - - # Patching openslx-mysql-userpass into slx-admin config: - sed -i "s/%MYSQL_OPENSLX_PASS%/\$MYSQL_OPENSLX_NEW/g" "$WWWDIR/slx-admin/config.php" - - # Patching debian-sys-maint password into /etc/mysql/debian.cnf: - sed -i "s/password = .*/password = \$MYSQL_SYSMAINT_NEW/g" "/etc/mysql/debian.cnf" - - # inittab-entry dmsd: - if [ \$(grep -c "dmsd.*respawn" /etc/inittab) -gt 0 ]; then - echo "bwLehrpool Suite inittab entry detected, doing nothing. " - else - echo -n "bwLehrpool Suite: patching inittab..." - echo "dmsd:2345:respawn:$INSTALLDIR/dmsd.sh" >> /etc/inittab - echo "ok." - fi - - # inittab-entry taskmanager: - if [ \$(grep -c "tman.*respawn" /etc/inittab) -gt 0 ]; then - echo "Taskmanager inittab entry detected, doing nothing." - else - echo -n "bwLehrpool Suite: patching inittab..." - echo "tman:2345:respawn:$TASKMANDIR/taskmanager.sh" >> /etc/inittab - echo "ok." - fi - - # inittab-entry syncdaemon: - if [ \$(grep -c "synd.*respawn" /etc/inittab) -gt 0 ]; then - echo "syncdaemon inittab entry detected, doing nothing. " - else - echo -n "syncdaemon: patching inittab..." - echo "synd:2345:respawn:/opt/syncdaemon/syncdaemon.sh" >> /etc/inittab - echo "ok." - fi - - echo "Now, nearing the end, we generate new sshd identities for root." - echo "Old identity files id_rsa and id_rsa.pub will be backed up to .bak." - echo "These keys will not carry a passphrase. Delete it if you do not want this." - echo "Generating keys... " - - [ -f /etc/ssh/ssh_host_rsa_key ] && mv /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.bak - [ -f /etc/ssh/ssh_host_rsa_key.pub ] && mv /etc/ssh/ssh_host_rsa_key.pub /etc/ssh/ssh_host_rsa_key.pub.bak - [ -f /etc/ssh/ssh_host_dsa_key ] && mv /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.bak - [ -f /etc/ssh/ssh_host_dsa_key.pub ] && mv /etc/ssh/ssh_host_dsa_key.pub /etc/ssh/ssh_host_dsa_key.pub.bak - [ -f /etc/ssh/ssh_host_ecdsa_key ] && mv /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key.bak - [ -f /etc/ssh/ssh_host_ecdsa_key.pub ] && mv /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub.bak - - echo -n "... RSA ... " - ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N "" -t rsa -q - ERR=\$? - if [ \$ERR -ne 0 ]; then - echo "Error while generating sshd rsa host key. Please check and generate manually, if wanted." - else - echo "ok." - fi - - echo -n "... DSA ... " - ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N "" -t dsa -q - ERR=\$? - if [ \$ERR -ne 0 ]; then - echo "Error while generating sshd dsa host key. Please check and generate manually, if wanted." - else - echo "ok." - fi - - echo -n "... ECDSA ... " - ssh-keygen -f /etc/ssh/ssh_host_ecdsa -N "" -t ecdsa -q - ERR=\$? - if [ \$ERR -ne 0 ]; then - echo "Error while generating sshd ecdsa host key. Please check and generate manually, if wanted." - else - echo "ok." - fi - - echo - echo "Due to popular demand we will now start a script to configure a static IP, if wanted." - echo - /usr/local/sbin/config_static_ip - - echo "Last thing to is to delete the script starter from root's .bashrc..." - sed -i "/first_run/d" /root/.bashrc - echo "...done." - echo - echo "Please reboot the server. Do you want me to reboot it now?" - echo - echo "(Press 'y' to reboot, any other key to end script)" - read REBOOT - [[ "\$REBOOT" == "y" ]] && reboot - EOF - chmod u+x ${INSTALLDIR}/first_run + mkdir -p "/root/installer" + # So we know all the paths and the mysql password + cat "${BASEDIR}/includes/00-dirs.inc" "${CONFIGDIR}/config" > "/root/installer/config" + chmod 0600 "/root/installer/config" + cp "${BASEDIR}/firstrun_script.sh" "/root/installer/firstrun.sh" + chmod u+x "/root/installer/firstrun.sh" } -script_dropper () { - copy_public_key - patch_bashrc +drop_firstrun_script () { + patch_profile drop_script } |