6543/remaster
1
1
Fork 0
Code Issues 15 Pull Requests Releases 5 Activity

Compare commits

base: 6543:v1.7.1
Branches Tags
6543:master 6543:feature-projects-to-settings 6543:feature-lxc
6543:v2.1.0 6543:v2.0.4 6543:v2.0.3 6543:v2.0.2 6543:v2.0.0 6543:v1.9.3 6543:v1.8.1 6543:v1.8.0 6543:v1.7.3 6543:v1.7.2 6543:v1.7.1 6543:v1.7.0 6543:v1.6.0
..
compare: 6543:v1.8.1
Branches Tags
6543:master 6543:feature-projects-to-settings 6543:feature-lxc
6543:v2.1.0 6543:v2.0.4 6543:v2.0.3 6543:v2.0.2 6543:v2.0.0 6543:v1.9.3 6543:v1.8.1 6543:v1.8.0 6543:v1.7.3 6543:v1.7.2 6543:v1.7.1 6543:v1.7.0 6543:v1.6.0

4 Commits
v1.7.1 ... v1.8.1

Author SHA1 Message Date
6543
c52b58b9f5 1.8.1 2018-03-26 14:53:48 +02:00
6543
479ed25411 v1.8.0 2018-03-26 14:52:46 +02:00
6543
d0b6c3d271 v1.7.3 2018-03-26 14:50:34 +02:00
6543
f13555f4d8 v1.7.2 2018-03-26 14:48:41 +02:00
1 changed files with 137 additions and 176 deletions
Expand all files Collapse all files

311
remaster.sh
View File

@ -1,15 +1,14 @@
#!/bin/bash
#@version 1.7.1
#@version 1.8.1
#@autor Martin.Huber@obermui.de
#@date 2017-06-19
#@date 2017-07-04
#####################################################################################
################## S e t t i n g s ##################################################
#####################################################################################
## MODU
modus_default="renew"
## MODUS
modus_default="update_pxe"
#CD/DVD
#entweder iso_source oder filesystem_source alls quelle
@ -35,17 +34,19 @@ distro="desinfect2017"
#LOG
log_file="/data/remaster/logs/`date '+%Y-%m-%d'`.log"
log_mail_source="desinfect@email.clocal"
log_mail_smtp="smtp.mail.local:25"
log_mail_aim="6543@email.clocal"
log_mail_subject="Desinfect_Remaster"
#Sonstiges
tools_list="clamav nano htop nmon iftop tmux dsniff nmap openssh-server tightvncserver rsync e2fsprogs foremost gddrescue recoverjpeg safecopy sleuthkit testdisk arp-scan apt-transport-https"
tools_list="clamav nano htop nmon iftop tmux dsniff nmap openssh-server tightvncserver rsync e2fsprogs foremost gddrescue recoverjpeg safecopy sleuthkit testdisk arp-scan"
#####################################################################################
################## M o d e s ########################################################
#####################################################################################
#remaster.sh renew
function main_renew() {
[ -f "$log_file" ] || touch "$log_file"
@ -82,7 +83,6 @@ function main_renew() {
echo >> "$log_file"
echo "log_file=\"$log_file\""
echo "log_mail_source=\"$log_mail_source\""
echo "log_mail_aim=\"$log_mail_aim\""
echo "log_mail_subject=\"$log_mail_subject\""
echo ""
@ -94,15 +94,17 @@ function main_renew() {
echo "### Enviroment ###"
echo "iso_extr_dir=\"$iso_extr_dir\"" >> "$log_file"
echo "chroot_path=\"$chroot_path\"" >> "$log_file"
#env >> "$log_file"
echo $'\n\n' >> "$log_file"
echo $'### R U N ... ###\n' >> "$log_file"
#check root
[ "`whoami`" == "root" ] || {
echo "### ERROR ### Remaster need ROOT permision!" >> "$log_file"
on_exit 10 >> "$log_file"
}
#1. Set and Check Enviroment
check_user
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
check_dependency
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
[ "$distro" != "" ] && distro="_$distro"
@ -198,7 +200,8 @@ function main_renew() {
on_exit 0
}
function main_update() {
#remaster.sh update_pxe
function main_update_pxe() {
[ "$log_file" == "" ] && log_file="`mktemp`"
[ -f "$log_file" ] || touch "$log_file"
@ -207,7 +210,7 @@ function main_update() {
chroot_path="`mktemp -d`"
echo "Remaster LOG `date '+%Y-%m-%d'`" > "$log_file"
echo "MODE: update" >> "$log_file"
echo "MODE: update_pxe" >> "$log_file"
echo "HOST: `hostname`" >> "$log_file"
echo >> "$log_file"
@ -226,7 +229,6 @@ function main_update() {
echo >> "$log_file"
echo "log_file=\"$log_file\""
echo "log_mail_source=\"$log_mail_source\""
echo "log_mail_aim=\"$log_mail_aim\""
echo "log_mail_subject=\"$log_mail_subject\""
echo ""
@ -237,15 +239,17 @@ function main_update() {
echo "### Enviroment ###"
echo "chroot_path=\"$chroot_path\"" >> "$log_file"
#env >> "$log_file"
echo $'\n\n' >> "$log_file"
echo $'### R U N ... ###\n' >> "$log_file"
#check root
[ "`whoami`" == "root" ] || {
echo "### ERROR ### Remaster need ROOT permision!" >> "$log_file"
on_exit 10 >> "$log_file"
}
#1. Set and Check Enviroment
check_user
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
check_dependency
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
[ "$distro" != "" ] && distro="_$distro"
@ -274,8 +278,9 @@ function main_update() {
# 5. Manuelle Aktionen - deaktiviert
#echo "Now You Have TIME to do something MANUALY!"
#echo "enter in shell: #> chroot $chroot_path /bin/bash"
echo "Now You Have TIME to do something MANUALY!"
#echo "enter in shell:
chroot $chroot_path /bin/bash
#echo "Are You Finisch? Then Press [ENTER]"
#read
@ -307,8 +312,8 @@ function main_update() {
on_exit 0
}
function main_renew_test() {
#remaster.sh update_iso #in arbeit
function main_update_iso() {
[ -f "$log_file" ] || touch "$log_file"
tail -f "$log_file" --pid="$$" &
@ -316,7 +321,7 @@ function main_renew_test() {
iso_extr_dir="`mktemp -d`"
echo "Remaster LOG `date '+%Y-%m-%d'`" > "$log_file"
echo "MODE: renew_test" >> "$log_file"
echo "MODE: update_iso" >> "$log_file"
echo "HOST: `hostname`" >> "$log_file"
echo >> "$log_file"
@ -343,7 +348,6 @@ function main_renew_test() {
echo >> "$log_file"
echo "log_file=\"$log_file\""
echo "log_mail_source=\"$log_mail_source\""
echo "log_mail_aim=\"$log_mail_aim\""
echo "log_mail_subject=\"$log_mail_subject\""
echo ""
@ -355,21 +359,33 @@ function main_renew_test() {
echo "### Enviroment ###"
echo "iso_extr_dir=\"$iso_extr_dir\"" >> "$log_file"
echo "chroot_path=\"$chroot_path\"" >> "$log_file"
#env >> "$log_file"
echo $'\n\n' >> "$log_file"
echo $'### R U N ... ###\n' >> "$log_file"
#check root
[ "`whoami`" == "root" ] || {
echo "### ERROR ### Remaster need ROOT permision!" >> "$log_file"
on_exit 10 >> "$log_file"
}
#1. Set and Check Enviroment
check_user
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
check_dependency
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
[ "$distro" != "" ] && distro="_$distro"
# 2. Entpacke ISO
iso_extract "$iso_source" "$iso_extr_dir"
# 3. Checke pxe version
# if pxe is set
# if (date != date ); then $0 update_pxe #4.1
# filesystem = update #4.2
# else
# extrakt filesystem #5.
# update #6.
# done
# pack iso
# 3. Entpacken der Dateien des Live-Systems
filesystem_img="`find "$iso_extr_dir" -name filesystem.squashfs`"
[ -e "$filesystem_img" ] || {
@ -410,9 +426,9 @@ function main_renew_test() {
# 8. Manuelle Aktionen - deaktiviert
echo "Now You Have TIME to do something MANUALY!"
echo "enter in shell: #> chroot $chroot_path /bin/bash"
chroot $chroot_path /bin/bash
#echo "Now You Have TIME to do something MANUALY!"
#echo "enter in shell: #> chroot $chroot_path /bin/bash"
#chroot $chroot_path /bin/bash
#echo "Are You Finisch? Then Press [ENTER]"
# 9. Umount - Chroot Umgebung auflösen
@ -459,115 +475,15 @@ function main_renew_test() {
on_exit 0
}
function main_update_test() {
[ "$log_file" == "" ] && log_file="`mktemp`"
[ -f "$log_file" ] || touch "$log_file"
tail -f "$log_file" --pid="$$" &
chroot_path="`mktemp -d`"
echo "Remaster LOG `date '+%Y-%m-%d'`" > "$log_file"
echo "MODE: update_test" >> "$log_file"
echo "HOST: `hostname`" >> "$log_file"
echo >> "$log_file"
echo "### S e t t i n g s ###" >> "$log_file"
echo "#Filesystem (for pxe)" >> "$log_file"
echo "filesystem_source=\"$filesystem_source\""
echo >> "$log_file"
echo "#Network" >> "$log_file"
echo "domain=\"$domain\"" >> "$log_file"
echo "nameserver=\"$nameserver\"" >> "$log_file"
echo >> "$log_file"
echo "#remaster_script" >> "$log_file"
echo "distro=\"$distro\"" >> "$log_file"
echo >> "$log_file"
echo "log_file=\"$log_file\""
echo "log_mail_source=\"$log_mail_source\""
echo "log_mail_aim=\"$log_mail_aim\""
echo "log_mail_subject=\"$log_mail_subject\""
echo ""
echo "#Sonstiges" >> "$log_file"
echo "tools_list=\"$tools_list\"" >> "$log_file"
echo $'\n' >> "$log_file"
echo "### Enviroment ###"
echo "chroot_path=\"$chroot_path\"" >> "$log_file"
echo $'\n\n' >> "$log_file"
echo $'### R U N ... ###\n' >> "$log_file"
#check root
[ "`whoami`" == "root" ] || {
echo "### ERROR ### Remaster need ROOT permision!" >> "$log_file"
on_exit 10 >> "$log_file"
}
[ "$distro" != "" ] && distro="_$distro"
# 1. Entpacken der Dateien des Live-Systems
[ -e "$filesystem_source" ] || {
echo "### ERROR ### \"$filesystem_source\" does not exist!" >> "$log_file"
on_exit 15 >> "$log_file"
}
filesystem_extract "$filesystem_source" "$chroot_path" >> "$log_file"
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
# 2. Vorbereiten für chroot-Umgebung:
chroot_initial$distro "$chroot_path" >> "$log_file"
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
# 3. Setzen der Netzwerk-Einstellungen:
dns_set "$chroot_path" "$domain" "$nameserver" >> "$log_file"
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
# 4. Updaten von Desinfec't:
os_update$distro "$chroot_path" >> "$log_file"
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
# 5. Manuelle Aktionen - deaktiviert
#echo "Now You Have TIME to do something MANUALY!"
#echo "enter in shell: #> chroot $chroot_path /bin/bash"
#echo "Are You Finisch? Then Press [ENTER]"
#read
# 6. Umount - Chroot Umgebung auflösen
chroot_umount$distro "$chroot_path" >> "$log_file"
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
#Überprüfen ob alles ausgehängt wurde
[ "`chroot_is_mounted "$chroot_path"`" == "true" ] && {
echo "### ERROR ### Cant Unmount Chroot!" >> "$log_file"
on_exit 21 >> "$log_file"
}
# 5. Packen und Ersetzen der Dateien
rm "$filesystem_source" >> "$log_file"
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
filesystem_pack "$chroot_path" "$filesystem_source" >> "$log_file"
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
chmod 777 "$filesystem_source" >> "$log_file"
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
workspace_erase "$chroot_path/" >> "$log_file"
error_level="$?"; [ "$error_level" != "0" ] && on_exit $error_level >> "$log_file"
on_exit 0
#remaster.sh update
function main_update() {
main_update_pxe
}
#remaster.sh error_code [error_level]
function main_error_code() {
error_code $1
}
#####################################################################################
################## F u n c t i o n s ################################################
@ -591,7 +507,7 @@ function on_exit() {
echo "$log_mail_subject"
echo $'####################################################################################\n\n'
cat "$log_file"
} | sendemail -s mail.stbv.bybn.de -f desinfect@bayern.de -t "$mail_aim" -u "$log_mail_subject" -o tls=no
} | sendemail -s "$log_mail_smtp" -f "$log_mail_source" -t "$mail_aim" -u "$log_mail_subject" -o tls=no
done
[ "$1" != "0" ] && {
@ -608,7 +524,7 @@ function error_code() {
"")
echo $'ID:\tDescription\n----------------------------------------------------\n1\tAllgemeiner Fehler\n2\tNo Paramters / wrong parameters'
echo $'3\tWrong Settings\n4\tProgramm missing\n\n10\tno root\n11\tfile no found\n12\tdir not found\n13\tcant create/delete file/dir'
echo $'14\tcorrupt file (unsquashfs, mount iso, ...)\n15\twrong file (iso has no squashfs-file ...)\n\n20\tmount error\n21\tunmoun error\n22\twrong filesystem'
echo $'14\tcorrupt file (unsquashfs, mount iso, ...)\n15\twrong file (iso has no squashfs-file ...)\n16\trequired Packet not found\n\n20\tmount error\n21\tunmoun error\n22\twrong filesystem'
;;
1)
echo "Allgemeiner Fehler"
@ -640,6 +556,9 @@ function error_code() {
15)
echo "wrong file (iso has no squashfs-file ...)"
;;
16)
echo "required Packet not found"
;;
20)
echo "tmount error"
;;
@ -655,6 +574,27 @@ function error_code() {
esac
}
#check_user
function check_user() {
#check root
[ "`whoami`" == "root" ] || {
echo "### ERROR ### Remaster need ROOT permision!"
return 10
}
}
#check_dependency
function check_dependency() {
for packet in squashfs-tools xorriso wget sed sendemail; do
[ "`dpkg -l $packet 2>&1`" == "dpkg-query: Kein Paket gefunden, das auf $packet passt" ] && {
echo "### ERROR ### Packet $packet not installed"
return 16
}
done
return 0
}
### Workspace ###
#workspace_erase [workspace_path]
@ -1046,6 +986,27 @@ function chroot_is_mounted() {
fi
}
#chroot_sh [chroot_dir] [command]
function chroot_sh() {
#check chroot dir
chroot_dir="$1"
[ -d "$chroot_dir" ] || {
echo "### ERROR ### chroot_umount: chroot directory not exist!"
return 12
}
command="$2"
[ -f "$chroot_dir/tmp/env.sh" ] || {
#if not exist create environment skript
cat "$chroot_dir/etc/environment" | grep -v "#" | grep "=" > "$chroot_dir/tmp/env"
while read line; do echo export $line; done < "$chroot_dir/tmp/env" > "$chroot_dir/tmp/env.sh"
chmod +x "$chroot_dir/tmp/env.sh" && rm "$chroot_dir/tmp/env"
}
chroot "$chroot_dir" /bin/bash --login -c ". /tmp/env.sh; $command"
}
### Settings ###
### proxy
@ -1062,12 +1023,16 @@ function proxy_enable() {
return 12
}
#Wenn alle drei Parameter gegeben
#Wenn alle zwei Parameter gegeben
if [ "$proxy_host" != "" ] && [ "$proxy_port" != "" ] ; then
echo "http_proxy=\"http://$proxy_host:$proxy_port\"" >> $chroot_dir/etc/environment
echo "https_proxy=\"http://$proxy_host:$proxy_port\"" >> $chroot_dir/etc/environment
echo "ftp_proxy=\"http://$proxy_host:$proxy_port\"" >> $chroot_dir/etc/environment
echo "HTTP_PROXY=\"http://$proxy_host:$proxy_port\"" >> $chroot_dir/etc/environment
echo "HTTPS_PROXY=\"http://$proxy_host:$proxy_port\"" >> $chroot_dir/etc/environment
echo "FTP_PROXY=\"http://$proxy_host:$proxy_port\"" >> $chroot_dir/etc/environment
echo "Acquire::http::Proxy \"http://$proxy_host:$proxy_port\"\;" > $chroot_dir/etc/apt/apt.conf.d/90proxy
echo "Acquire::ftp::Proxy \"ftp://$proxy_host:$proxy_port\"\;" >> $chroot_dir/etc/apt/apt.conf.d/90proxy
@ -1596,14 +1561,16 @@ function os_update_desinfect2017() {
#Avast Avira
{
echo "Avira ..."
chroot "$chroot_dir" /bin/bash -c "/AntiVirUpdate/avupdate" | grep -v " -> "
#chroot "$chroot_dir" /bin/bash --login -c ". /tmp/env.sh; /AntiVirUpdate/avupdate" | grep -v " -> "
chroot_sh "$chroot_dir" "/AntiVirUpdate/avupdate" | grep -v " -> "
echo "Avira done"
}
#Clam AV
{
echo "ClamAV..."
chroot "$chroot_dir" /bin/bash -c "freshclam" > /dev/null
#chroot "$chroot_dir" /bin/bash --login -c ". /tmp/env.sh; freshclam" > /dev/null
chroot_sh "$chroot_dir" "freshclam" > /dev/null
rm -f "$chroot_dir/var/lib/clamav/daily.cld"
echo "ClamAV done"
}
@ -1616,27 +1583,29 @@ function os_update_desinfect2017() {
cat "$tmp_file_23421" > "$chroot_dir/etc/opt/eset/esets/esets.cfg"
chroot "$chroot_dir" /bin/bash -c "/usr/bin/esetrand" >> "$chroot_dir/etc/opt/eset/esets/esets.cfg"
echo "set timeout: 2min"
av_eaet_timeout=1200
av_eaet_timeout=300
echo "set timeout: $((av_eaet_timeout/60))min"
tmp_var_3092="`chroot "$chroot_dir" /bin/bash -c "/opt/desinfect/conky_info.sh eset"`"
#eig. update routine
chroot "$chroot_dir" /bin/bash -c "/etc/init.d/esets restart"
#chroot "$chroot_dir" /bin/bash -c "/etc/init.d/esets restart"
chroot_sh "$chroot_dir" "/etc/init.d/esets restart"
sleep 2
chroot "$chroot_dir" /bin/bash -c "/opt/eset/esets/sbin/esets_daemon --update"
#chroot "$chroot_dir" /bin/bash --login -c "/opt/eset/esets/sbin/esets_daemon --update"
chroot_sh "$chroot_dir" "/opt/eset/esets/sbin/esets_daemon --update"
#warten auf daemon update ...
sleep 10m
echo "wait 10min for Eset AV update"
echo "wait $((av_eaet_timeout/60))min for Eset AV update"
while [ "`chroot "$chroot_dir" /bin/bash -c "/opt/desinfect/conky_info.sh eset"`" == "$tmp_var_3092" ]; do
sleep 1
av_eaet_timeout=$((av_eaet_timeout-1))
sleep 10
av_eaet_timeout=$((av_eaet_timeout-10))
[ $av_eaet_timeout -gt 0 ] || tmp_var_3092=
done
sleep 4
chroot "$chroot_dir" /bin/bash -c "/etc/init.d/esets stop"
#chroot "$chroot_dir" /bin/bash -c "/etc/init.d/esets stop"
chroot_sh "$chroot_dir" "/etc/init.d/esets stop"
cat "$tmp_file_23421" > "$chroot_dir/etc/opt/eset/esets/esets.cfg"
@ -1649,7 +1618,9 @@ function os_update_desinfect2017() {
#Sophos
{
echo "Sophos..."
chroot "$chroot_dir" /bin/bash -c "/opt/sophos-av/bin/savupdate -v3"
#chroot "$chroot_dir" /bin/bash --login -c "/opt/sophos-av/bin/savupdate -v3"
chroot_sh "$chroot_dir" "/opt/sophos-av/bin/savupdate -v3"
chroot_sh "$chroot_dir" "/opt/sophos-av/bin/savdstatus --version"
#chroot "$chroot_dir" /bin/bash -c "/opt/sophos-av/bin/savupdate -v3 -a"
echo "Sophos done"
}
@ -1657,11 +1628,13 @@ function os_update_desinfect2017() {
#F-Secure
{
echo "F-Secure..."
chroot "$chroot_dir" /bin/bash -c "/etc/init.d/fsaua start"
sleep 30s
chroot "$chroot_dir" /bin/bash -c "/opt/f-secure/fssp/bin/dbupdate_lite" && echo "Update Success"
sleep 5s
chroot "$chroot_dir" /bin/bash -c "/etc/init.d/fsaua stop"
chroot_sh "$chroot_dir" "/etc/init.d/fsaua start"
chroot_sh "$chroot_dir" "/etc/init.d/fsupdate stop"
( sleep 1m; chroot_sh "$chroot_dir" "/etc/init.d/fsaua start" ) &
chroot_sh "$chroot_dir" "/opt/f-secure/fssp/bin/dbupdate_lite" && echo "Update Success"
sleep 1m
chroot_sh "$chroot_dir" "/etc/init.d/fsaua stop"
chroot_sh "$chroot_dir" "/etc/init.d/fsupdate stop"
echo "F-Secure done"
}
@ -1679,11 +1652,8 @@ function tools_add() {
tools_list="$2"
chroot "$chroot_dir" /bin/bash -c "apt-get update" > /dev/null
[ "$?" == "0" ] && {
echo "apt-get update: success"
[ "$?" == "0" ] && echo "apt-get update: success"
chroot "$chroot_dir" /bin/bash -c "apt-get install -y $tools_list" | grep -v "wird eingerichtet ..." | grep -v "Vormals nicht ausgewähltes Paket" | grep -v "Entpacken von" | grep -v "Holen: " | grep -v "Trigger für" | grep -v "update-alternatives:"
}
echo "done"
}
@ -1727,14 +1697,5 @@ function tools_add_desinfect2017() {
if [ -z "$1" ]; then
main_$modus_default
else
main_$1
main_$1 $2 $3 $4 $5 $6 $7 $8 $9
fi
#packet=plumadfd
#[ "`dpkg -l $packet 2>&1`" == "dpkg-query: Kein Paket gefunden, das auf $packet passt" ] && {
# echo not installed $packet
#}
#Benötigte packete:
# unsquashfs; mksquashfs; xorriso; wget; sed; chroot; sendemail;
# apt install xorriso wget sed sendemail squashfs-tools