diff options
Diffstat (limited to 'bin/acme/patcher/inplace/bin/srt')
-rwxr-xr-x | bin/acme/patcher/inplace/bin/srt | 302 |
1 files changed, 302 insertions, 0 deletions
diff --git a/bin/acme/patcher/inplace/bin/srt b/bin/acme/patcher/inplace/bin/srt new file mode 100755 index 00000000..eaa7cd31 --- /dev/null +++ b/bin/acme/patcher/inplace/bin/srt @@ -0,0 +1,302 @@ +#!/bin/bash + +# SRTool - shell script to start "Security Response Tool" + +# Copyright (C) 2013-2015 Intel Corp. +# Copyright (C) 2018 Wind River Systems + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see http://www.gnu.org/licenses/. + +### ACME_EXTENSION_BEGIN ### +echo "Welcome to the SRTool, ACME Edition!" +echo "" +### ACME_EXTENSION_END ### + +HELP=" +Usage: source srt start|stop [webport=<address:port>] + Optional arguments: + [webport] Set the SRTool server port (default: localhost:8000) + [noautoupdate] Disable the auto update server +" + +databaseCheck() +{ + retval=0 + # you can always add a superuser later via + # ../srt/manage.py createsuperuser --username=<ME> + $MANAGE migrate --noinput || retval=1 + + if [ $retval -eq 1 ] ; then + echo "Failed migrations, aborting system start" 1>&2 + return $retval + fi + $MANAGE checksettings --traceback || retval=1 + + if [ $retval -eq 1 ]; then + printf "\nError while checking settings; aborting\n" + return $retval + fi + + return $retval +} + +get_srt_env_settings() { + mainapp="yp" + # Apply all shell settings except default app 'yp' + # Only look in directories with proper 'datasource.json' files + for envscript in $(find ./bin -name "datasource.json") ; do + envscript=${envscript/datasource.json/srtool_env.sh} + if [ -f "$envscript" -a "$envscript" = "${envscript/bin\/yp/}" ] ; then + . $envscript + fi + done + # if no main app, default to 'yp' + if [ -z "$SRT_MAIN_APP" ] ; then + . ./bin/yp/srtool_env.sh + fi + echo "SRT_MAIN_APP=$SRT_MAIN_APP" +} + +webserverKillAll() +{ + local pidfile + for pidfile in ${SRT_BASE_DIR}/.srtmain.pid ; do + if [ -f ${pidfile} ] ; then + pid=`cat ${pidfile}` + while kill -0 $pid 2>/dev/null; do + echo "KILL:$pid" + kill -SIGTERM -9 $pid 2>/dev/null + sleep 1 + done + rm ${pidfile} + fi + done + + # Stop the Update app + if [ 0 -eq $no_auto_update ] ; then + ./bin/common/srtool_update.py --cron-stop + fi +} + +webserverStartAll() +{ + # do not start if srtmain points to a valid process + if ! cat "${SRT_BASE_DIR}/.srtmain.pid" 2>/dev/null | xargs -I{} kill -0 {} ; then + retval=1 + rm "${SRT_BASE_DIR}/.srtmain.pid" + fi + + retval=0 + + # check the database + databaseCheck || return 1 + + echo "Starting SRTool webserver..." + + $MANAGE runserver --noreload "$ADDR_PORT" \ + </dev/null >>${SRT_BASE_DIR}/srt_web.log 2>&1 \ + & echo $! >${SRT_BASE_DIR}/.srtmain.pid + + sleep 1 + + if ! cat "${SRT_BASE_DIR}/.srtmain.pid" | xargs -I{} kill -0 {} ; then + retval=1 + rm "${SRT_BASE_DIR}/.srtmain.pid" + echo "SRTool webserver NOT STARTED" + else + echo "SRTool webserver started at http://$ADDR_PORT" + fi + + # Start the Update app + if [ 0 -eq $no_auto_update ] ; then + ./bin/common/srtool_update.py --cron-start > /dev/null 2>&1 & + echo "SRTool update service started at PID $!" + fi + return $retval +} + +INSTOPSYSTEM=0 + +# define the stop command +stop_system() +{ + # prevent reentry + if [ $INSTOPSYSTEM -eq 1 ] ; then return; fi + INSTOPSYSTEM=1 + webserverKillAll + # unset exported variables + unset SRT_BASE_DIR + trap - SIGHUP + #trap - SIGCHLD + INSTOPSYSTEM=0 +} + +verify_prereq() { + # Quick check for Python3 + if [ -z "$(which python3)" ] ; then + echo "ERROR: missing 'python3' host package" + return 2 + fi + if [ -z "$(which sqlite3)" ] ; then + echo "ERROR: missing 'sqlite3' host package" + return 2 + fi + + # Verify Django version + reqfile=$(python3 -c "import os; print(os.path.realpath('$SRT_BASE_DIR/bin/srtool-requirements.txt'))") + exp='s/Django\([><=]\+\)\([^,]\+\),\([><=]\+\)\(.\+\)/' + # expand version parts to 2 digits to support 1.10.x > 1.8 + # (note:helper functions hard to insert in-line) + exp=$exp'import sys,django;' + # Allow for development versions like '2.2.dev20181217100344' + exp=$exp'version=["%02d" % int(n) for n in django.get_version().replace("dev","").split(".")];' + exp=$exp'vmin=["%02d" % int(n) for n in "\2".split(".")];' + exp=$exp'vmax=["%02d" % int(n) for n in "\4".split(".")];' + exp=$exp'sys.exit(not (version \1 vmin and version \3 vmax))' + exp=$exp'/p' + if ! sed -n "$exp" $reqfile | python3 - ; then + req=`grep ^Django $reqfile` + echo "This program needs $req" + echo "Please install with pip3 install -r $reqfile" + return 2 + fi + + return 0 +} + +# read command line parameters +if [ -n "$BASH_SOURCE" ] ; then + SRT=${BASH_SOURCE} +elif [ -n "$ZSH_NAME" ] ; then + SRT=${(%):-%x} +else + SRT=$0 +fi + +# set up base paths and definitions +export SRT_BASE_DIR=$(dirname $SRT) +SRT_BASE_DIR=$(readlink -f $SRT_BASE_DIR) +SRT_BASE_DIR=$(dirname $SRT_BASE_DIR) +MANAGE="python3 $SRT_BASE_DIR/lib/manage.py" + +# Fetch the datasource environent settings +get_srt_env_settings + +# insure basic directories are present +mkdir -p $SRT_BASE_DIR/data +mkdir -p $SRT_BASE_DIR/data/cache +mkdir -p $SRT_BASE_DIR/update_logs +touch $SRT_BASE_DIR/update_logs/master_log.txt + +ADDR_PORT="localhost:8000" +unset CMD +manage_cmd="" +if [ "1" = "$SRT_SKIP_AUTOUPDATE" ] ; then + no_auto_update=1 +else + no_auto_update=0 +fi +for param in $*; do + case $param in + start ) + CMD=$param + ;; + stop ) + CMD=$param + ;; + manage ) + CMD=$param + ;; + webport=*) + ADDR_PORT="${param#*=}" + # Split the addr:port string + ADDR=`echo $ADDR_PORT | cut -f 1 -d ':'` + PORT=`echo $ADDR_PORT | cut -f 2 -d ':'` + # If only a port has been specified then set address to localhost. + if [ $ADDR = $PORT ] ; then + ADDR_PORT="localhost:$PORT" + fi + ;; + noautoupdate ) + no_auto_update=1 + ;; + --help) + echo "$HELP" + exit 0 + ;; + *) + if [ "manage" == "$CMD" ] ; then + cd $SRT_BASE_DIR/lib + manage_cmd="$manage_cmd $param" + else + echo "$HELP" + exit 1 + fi + ;; + + esac +done + +verify_prereq || exit 1 + +# this defines the dir SRTool will use for +# 1) the sqlite db if that is being used. +# 2) pid's we need to clean up on exit/shutdown + +# Determine the action. If specified by arguments, fine, if not, toggle it +if [ "$CMD" = "start" ] ; then + if [ -n "$BBSERVER" ]; then + echo " SRT is already running. Exiting..." + exit 1 + fi +elif [ "$CMD" = "" ]; then + echo "No command specified" + echo "$HELP" + exit 1 +fi + +echo "The system will $CMD." + +# Execute the commands +case $CMD in + start ) + # check if addr:port is not in use + if [ "$CMD" == 'start' ] ; then + $MANAGE checksocket "$ADDR_PORT" || exit 1 + fi + + if ! webserverStartAll; then + echo "Failed ${CMD}." + exit 4 + fi + # create working directories for srtool + mkdir -p $SRT_BASE_DIR/update_logs + mkdir -p $SRT_BASE_DIR/backups + mkdir -p $SRT_BASE_DIR/reports + # set fail safe stop system on terminal exit + trap stop_system SIGHUP + echo "Successful ${CMD}." + exit 0 + ;; + stop ) + stop_system + echo "Successful ${CMD}." + ;; + manage ) + $MANAGE $manage_cmd + ;; + + +esac + |