[SSUS] Call me v1.0-RC1

1 files changed, 78 insertions, 11 deletions

diff --git a/satellit_upgrader/updater.template.sh b/satellit_upgrader/updater.template.sh
index f02e57f..519eb0f 100644
--- a/satellit_upgrader/updater.template.sh
+++ b/satellit_upgrader/updater.template.sh
@@ -3,11 +3,15 @@
 # Use special param to make sure we're running under bash (in case user does "sh install.sh")
 [ "x$1" != "x--exec-self" ] && exec /bin/bash "$0" --exec-self "$@"
 
+unset TMPDIR
+[ -n "$TMPDIR" ] && exit 1
+
 IGNORE_ERRORS=
 while [ $# -gt 0 ]; do
 	[ "x$1" = "x--ignore-errors" ] && IGNORE_ERRORS=jup
 	shift
 done
+readonly IGNORE_ERRORS
 
 declare -rg SELFPID=$$
 perror () {
@@ -18,6 +22,7 @@ perror () {
 	fi
 	echo -n -e '\033[01;31m[FATAL]\033[00m '
 	echo "$@"
+	[ -n "$TMPDIR" ] && [ -d "$TMPDIR" ] && rm -rf -- "$TMPDIR"
 	[ "$$" != "$SELFPID" ] && kill "$SELFPID"
 	exit 1
 }
@@ -43,7 +48,19 @@ mysql () {
 
 # ** Restart given systemd service, warn if it fails but do not bail out
 restart_service () {
-	systemctl restart "$1" || pwarning "Could not restart service $1 - !! YOU SHOULD REBOOT THE SERVER !!"
+	if ! systemctl restart "$1"; then
+		pwarning "Could not restart service $1 - !! YOU SHOULD REBOOT THE SERVER !!"
+		systemctl status "$1"
+	fi
+}
+
+# ** Recursively set permissions of given directory to 0755/0644 optionally setting owner/group
+fixperms () {
+	[ -e "$1" ] || perror "normalize_perms: $1 does not exist"
+	chmod -R a-rw,u+rwX,go+rX "$1"
+	if [ -n "$2" ]; then
+		chown -R "$2" "$1" || pwarning "Could not change owner of $1 to $2"
+	fi
 }
 
 # ** Constants - to be patched by the packaging script
@@ -52,6 +69,7 @@ declare -rg TGZ_SLXADMIN="%TGZ_SLXADMIN%"
 declare -rg TGZ_DOZMOD="%TGZ_DOZMOD%"
 declare -rg TGZ_TASKMANAGER="%TGZ_TASKMANAGER%"
 declare -rg TGZ_TFTP="%TGZ_TFTP%"
+declare -rg TGZ_LDADP="%TGZ_LDADP%"
 declare -rg PAYLOAD_OFFSET="%PAYLOAD_OFFSET%"
 
 # ** Constants - hardcoded or determined at runtime
@@ -59,6 +77,7 @@ declare -rg PATH_SLXADMIN="/srv/openslx/www/slx-admin"
 declare -rg PATH_DOZMOD="/opt/dmsd"
 declare -rg PATH_TASKMANAGER="/opt/taskmanager"
 declare -rg PATH_TFTP="/srv/openslx/tftp"
+declare -rg PATH_LDADP="/opt/ldadp"
 
 # ** Check if constants have been filled, bail out otherwise
 if [ -z "$TARGET_WEBIF_VERSION" ] || [[ "$TARGET_WEBIF_VERSION" == %*% ]]; then
@@ -74,17 +93,18 @@ fi
 declare -rg CURRENT_WEBIF_VERSION=$(mysql -e 'SELECT value FROM openslx.property WHERE name = "webif-version" LIMIT 1' | tail -n 1)
 [ -z "$CURRENT_WEBIF_VERSION" ] && perror "Could not determine current webif version"
 if [ "$TARGET_WEBIF_VERSION" = "missing" ] || [ "$CURRENT_WEBIF_VERSION" -le "$TARGET_WEBIF_VERSION" ]; then
-	:
+	: # Negate so NaN triggers else branch
 else
 	perror "This update seems to be older than the server version you're currently running"
 fi
 
 # ************** Extract payload ***************************
-TMPDIR=$(mktemp -d)
+declare -rg TMPDIR=$(mktemp -d)
 [ -z "$TMPDIR" ] && perror "Could not create temporary directory for installer"
 dd "bs=$PAYLOAD_OFFSET" "if=$0" skip=1 | tar -z -x -C "$TMPDIR"
 RET=$?
 [ "$RET" -ne 0 ] && perror "Extracting installer payload failed with exit code $RET"
+declare -rg FILEDIR="$TMPDIR/files"
 
 # **********************************************************
 
@@ -98,8 +118,7 @@ if [ -n "$TGZ_SLXADMIN" ]; then
 	rm -rf -- "$PATH_SLXADMIN/inc" "$PATH_SLXADMIN/apis" "$PATH_SLXADMIN/modules" "$PATH_SLXADMIN/templates"
 	tar -x -C "$PATH_SLXADMIN" -f "$TMPDIR/$TGZ_SLXADMIN"
 	rm -- "$PATH_SLXADMIN/config.php.example"
-	chmod -R go+rX-w,u+rwX "$PATH_SLXADMIN"
-	chown -R root:root "$PATH_SLXADMIN"
+	fixperms "$PATH_SLXADMIN" root:root
 	chmod 0640 "$PATH_SLXADMIN/config.php"
 	chown root:www-data "$PATH_SLXADMIN/config.php"
 	curl -s "http://localhost/slx-admin/api.php?do=update" > /dev/null
@@ -116,13 +135,14 @@ if [ -n "$TGZ_DOZMOD" ]; then
 	mysql -e 'GRANT SELECT ON openslx.location TO sat@localhost' || perror "Could not GRANT permissions ON openslx.location to sat@localhost"
 	echo "Extracting new jar"
 	tar -x -C "$PATH_DOZMOD" -f "$TMPDIR/$TGZ_DOZMOD" || perror "Could not extract $TGZ_DOZMOD to $PATH_DOZMOD"
+	rm -rf -- "$PATH_DOZMOD/bwLehrpoolSuite_Server.jar" "$PATH_DOZMOD/control.sh" "$PATH_DOZMOD/flag"
+	tar -x -C "$PATH_DOZMOD" -f "$TMPDIR/$TGZ_DOZMOD"
 	if mysql -e 'SHOW TABLES' openslx | grep -q '^location$'; then
 		echo "Enabling location feature"
 		sed -i '/^db.location-table\b/d' "$PATH_DOZMOD/config.properties"
 		echo 'db.location-table = openslx.location' >> "$PATH_DOZMOD/config.properties"
 	fi
-	chmod 0640 "$PATH_DOZMOD/config.properties"
-	chown root:images "$PATH_DOZMOD/config.properties"
+	fixperms "$PATH_DOZMOD" root:images
 	echo "Restarting service"
 	restart_service dmsd
 	echo "Dozentenmodul Server Daemon upgrade complete"
@@ -135,8 +155,10 @@ if [ -n "$TGZ_TASKMANAGER" ]; then
 	echo "Extracting new jar and data"
 	# Replacement trick (see slxadmin)
 	tar -x -C "$PATH_TASKMANAGER" -f "$TMPDIR/$TGZ_TASKMANAGER" || perror "Could not extract $TGZ_TASKMANAGER to $PATH_TASKMANAGER"
-	rm -rf -- "$PATH_TASKMANAGER/data" "$PATH_TASKMANAGER/scripts" "$PATH_TASKMANAGER/plugins"
+	rm -rf -- "$PATH_TASKMANAGER/data" "$PATH_TASKMANAGER/scripts" "$PATH_TASKMANAGER/plugins" "$PATH_TASKMANAGER/taskmanager.sh"
 	tar -x -C "$PATH_TASKMANAGER" -f "$TMPDIR/$TGZ_TASKMANAGER"
+	fixperms "$PATH_TASKMANAGER" root:root
+	chmod -R a+x "$PATH_TASKMANAGER/scripts"
 	echo "Restarting service"
 	restart_service taskmanager
 	echo "Taskmanager upgrade complete"
@@ -150,20 +172,65 @@ if [ -n "$TGZ_TFTP" ]; then
 	rm -rf -- "$PATH_TFTP"
 	mkdir -p "$PATH_TFTP"
 	tar -x -C "$PATH_TFTP" -f "$TMPDIR/$TGZ_TFTP" || perror "Could not extract $TGZ_TFTP to $PATH_TFTP"
-	chown -R taskmanager:taskmanager "$PATH_TFTP"
+	fixperms "$PATH_TFTP" taskmanager:taskmanager
 	echo "Resetting pxe menu"
 	mysql -e 'UPDATE openslx.property SET value = "invalid" WHERE name = "server-ip"' || pwarning "Could not reset pxe menu status; manual regeneration of menu required"
 	echo "TFTP upgrade complete"
 fi
 
 # ********************** lighttpd config *******************
-if [ -e "$TMPDIR/lighttpd.conf" ] && [ -e "/etc/lighttpd/lighttpd.conf" ]; then
+if [ -e "$FILEDIR/lighttpd.conf" ] && [ -e "/etc/lighttpd/lighttpd.conf" ]; then
 	echo "* Replacing lighttpd.conf"
-	cp "$TMPDIR/lighttpd.conf" "/etc/lighttpd/lighttpd.conf" || perror "Could not replace /etc/lighttpd/lighttpd.conf"
+	cp "$FILEDIR/lighttpd.conf" "/etc/lighttpd/lighttpd.conf" || perror "Could not replace /etc/lighttpd/lighttpd.conf"
 	restart_service lighttpd
 	echo "lighttpd config upgrade complete"
 fi
 
+# ********************** atftpd.service ********************
+if [ -e "$FILEDIR/atftpd.service" ]; then
+	echo "* Replacing atftpd.service"
+	cp "$FILEDIR/atftpd.service" "/etc/systemd/system/atftpd.service" || perror "Could not replace /etc/systemd/system/atftpd.service"
+	ln -s -f "../atftpd.service" "/etc/systemd/system/multi-user.target.wants/"
+	systemctl daemon-reload
+	restart_service atftpd
+	echo "Service file replaced"
+fi
+
+# ********************** dmsd.service **********************
+if [ -e "$FILEDIR/dmsd.service" ]; then
+	echo "* Replacing dmsd.service"
+	cp "$FILEDIR/dmsd.service" "/etc/systemd/system/dmsd.service" || perror "Could not replace /etc/systemd/system/dmsd.service"
+	ln -s -f "../dmsd.service" "/etc/systemd/system/multi-user.target.wants/"
+	systemctl daemon-reload
+	restart_service dmsd
+	echo "Service file replaced"
+fi
+
+# ************************** ldadp *************************
+if [ -n "$TGZ_LDADP" ]; then
+	[ -e "$TMPDIR/$TGZ_LDADP" ] || perror "$TGZ_LDADP missing from payload"
+	echo "* LDAP/AD Proxy"
+	OLD=$(md5sum "$PATH_LDADP/ldadp")
+	echo "Extracting new binary"
+	tar -x -C "$PATH_LDADP" -f "$TMPDIR/$TGZ_LDADP" || perror "Could not extract $TGZ_LDADP to $PATH_LDADP"
+	rm -rf -- "$PATH_LDADP/logs"
+	mkdir -p "$PATH_LDADP/configs" "$PATH_LDADP/pid"
+	fixperms "$PATH_LDADP/configs" taskmanager:ldadp
+	chmod -R o-rwx "$PATH_LDADP/configs"
+	fixperms "$PATH_LDADP/pid" ldadp:root
+	mkdir -p "/var/log/ldadp"
+	fixperms "/var/log/ldadp" ldadp:root
+	NEW=$(md5sum "$PATH_LDADP/ldadp")
+	if [ "x$OLD" != "x$NEW" ]; then
+		killall ldadp 2>/dev/null && pwarning "LDAP/AD Proxy was killed. Client logins might not work for a couple of minutes (see Server Status in webif)"
+	fi
+	echo "LDADP upgrade complete"
+fi
+
+echo ""
+echo "Update complete. It is recommended to reboot the server."
+echo ""
+
 exit 0
 # File end