From 062d25d431bb2aa5f6437fd205b608372d77e5f5 Mon Sep 17 00:00:00 2001 From: B Stack Date: Thu, 26 Jan 2017 09:55:30 -0500 Subject: major revision to 1.0-7 is in progress --- README.md | 14 ++ etc/keepalive/README.txt | 30 --- etc/keepalive/bin/keepalive | 251 --------------------- etc/keepalive/bin/keepalive.sh | 261 ---------------------- etc/keepalive/docs/debian/conffiles | 1 - etc/keepalive/docs/debian/control | 13 -- etc/keepalive/docs/debian/md5sums | 14 -- etc/keepalive/docs/debian/postinst | 5 - etc/keepalive/docs/debian/postrm | 4 - etc/keepalive/docs/debian/preinst | 17 -- etc/keepalive/docs/debian/prerm | 18 -- etc/keepalive/docs/keepalive.spec | 82 ------- etc/keepalive/inc/localize_git.sh | 2 - etc/keepalive/inc/scrub.py | 124 ---------- etc/keepalive/inc/scrub.txt | 14 -- etc/keepalive/packaging.txt | 53 ----- usr/bin/keepalive | 2 +- usr/lib/systemd/system/keepalive.service | 4 +- usr/share/keepalive/docs/README.txt | 30 +++ usr/share/keepalive/docs/debian/conffiles | 1 + usr/share/keepalive/docs/debian/control | 14 ++ usr/share/keepalive/docs/debian/md5sums | 14 ++ usr/share/keepalive/docs/debian/postinst | 9 + usr/share/keepalive/docs/debian/postrm | 3 + usr/share/keepalive/docs/debian/preinst | 17 ++ usr/share/keepalive/docs/debian/prerm | 16 ++ usr/share/keepalive/docs/files-for-versioning.txt | 6 + usr/share/keepalive/docs/keepalive.spec | 118 ++++++++++ usr/share/keepalive/docs/packaging.txt | 53 +++++ usr/share/keepalive/inc/get-files | 45 ++++ usr/share/keepalive/inc/localize_git.sh | 2 + usr/share/keepalive/inc/pack | 118 ++++++++++ usr/share/keepalive/inc/scrub.txt | 22 ++ usr/share/keepalive/keepalive | 252 +++++++++++++++++++++ usr/share/keepalive/keepalive.sh | 261 ++++++++++++++++++++++ 35 files changed, 998 insertions(+), 892 deletions(-) create mode 100644 README.md delete mode 100644 etc/keepalive/README.txt delete mode 100755 etc/keepalive/bin/keepalive delete mode 100644 etc/keepalive/bin/keepalive.sh delete mode 100644 etc/keepalive/docs/debian/conffiles delete mode 100644 etc/keepalive/docs/debian/control delete mode 100644 etc/keepalive/docs/debian/md5sums delete mode 100755 etc/keepalive/docs/debian/postinst delete mode 100755 etc/keepalive/docs/debian/postrm delete mode 100755 etc/keepalive/docs/debian/preinst delete mode 100755 etc/keepalive/docs/debian/prerm delete mode 100644 etc/keepalive/docs/keepalive.spec delete mode 100755 etc/keepalive/inc/localize_git.sh delete mode 100755 etc/keepalive/inc/scrub.py delete mode 100644 etc/keepalive/inc/scrub.txt delete mode 100644 etc/keepalive/packaging.txt create mode 100644 usr/share/keepalive/docs/README.txt create mode 100644 usr/share/keepalive/docs/debian/conffiles create mode 100644 usr/share/keepalive/docs/debian/control create mode 100644 usr/share/keepalive/docs/debian/md5sums create mode 100755 usr/share/keepalive/docs/debian/postinst create mode 100755 usr/share/keepalive/docs/debian/postrm create mode 100755 usr/share/keepalive/docs/debian/preinst create mode 100755 usr/share/keepalive/docs/debian/prerm create mode 100644 usr/share/keepalive/docs/files-for-versioning.txt create mode 100644 usr/share/keepalive/docs/keepalive.spec create mode 100644 usr/share/keepalive/docs/packaging.txt create mode 100755 usr/share/keepalive/inc/get-files create mode 100755 usr/share/keepalive/inc/localize_git.sh create mode 100755 usr/share/keepalive/inc/pack create mode 100644 usr/share/keepalive/inc/scrub.txt create mode 100755 usr/share/keepalive/keepalive create mode 100644 usr/share/keepalive/keepalive.sh diff --git a/README.md b/README.md new file mode 100644 index 0000000..b27cf80 --- /dev/null +++ b/README.md @@ -0,0 +1,14 @@ +### Overview +keepalive is a python script that keeps the system logged into an http proxy using kerberos. Only kerberos-joined systems (e.g., AD domain computers) can use this package. +For a description of the package itself, view usr/share/keepalive/docs/README.txt. + +### Building +The recommended way to build an rpm is: + + mkdir -p ~/rpmbuild/SOURCES ~/rpmbuild/RPMS ~/rpmbuild/SPECS ~/rpmbuild/BUILD ~/rpmbuild/BUILDROOT + mkdir -p ~/rpmbuild/SOURCES/keepalive-1.0-7/ + cd ~/rpmbuild/SOURCES/bgscripts-1.0-7 + git init + git pull https://github.com/bgstack15/keepalive + usr/share/bgscripts/inc/pack rpm + diff --git a/etc/keepalive/README.txt b/etc/keepalive/README.txt deleted file mode 100644 index 84479c7..0000000 --- a/etc/keepalive/README.txt +++ /dev/null @@ -1,30 +0,0 @@ -File: etc/keepalive/README.txt -Package: keepalive 1.0-6 -Author: bgstack15@gmail.com -Startdate: 2016-06-07 -Title: Readme file for keepalive -Purpose: All packages should come with a readme -History: -Usage: Read it. -Reference: README.txt -Improve: -Document: Below this line - -### WELCOME -To use the keepalive program, start the service. -systemctl start keepalive.service - -### CHANGELOG -keepalive 1.0-4 2016-06-07 -Changed packaging so bgscripts is a prerequisite, not a corequisite package so framework.sh exists before keepalive service is started for the first time. -https://docs.fedoraproject.org/en-US/Fedora_Draft_Documentation/0.1/html/RPM_Guide/ch-advanced-packaging.html -https://www.debian.org/doc/debian-policy/ch-relationships.html - -keepalive 1.0-5 2016-07-22 -Rewrote the application in python3 - -2016-10-27 keepalive 1.0-6 -Added scrub.py subpackage -Modified to be suitable for sharing on github - -### REFERENCE diff --git a/etc/keepalive/bin/keepalive b/etc/keepalive/bin/keepalive deleted file mode 100755 index b603135..0000000 --- a/etc/keepalive/bin/keepalive +++ /dev/null @@ -1,251 +0,0 @@ -#!/usr/bin/python3 -u -# File: /etc/keepalive/bin/keepalive -# Author: bgstack15@gmail.com -# Startdate: 2016-07-20 -# Title: Keepalive Script in Python -# Purpose: To perform keepalive functionality in python. This is mostly a learning exercise in python. -# History: 2016-07-21 Basic, hard-coded functionality working -# Usage: -# Reference: -# keepalive-1.0-4 /etc/keepalive/bin/keepalive (shell script) -# http://stackoverflow.com/questions/5574702/how-to-print-to-stderr-in-python#14981125 -# signals: /usr/include/x86_64-linux-gnu/bits/signum.h -# https://docs.python.org/3/library/atexit.html -# http://www.tutorialspoint.com/python/python_command_line_arguments.htm -# https://docs.python.org/2/library/argparse.html#module-argparse -# http://stackoverflow.com/questions/15848674/how-to-configparse-a-file-keeping-multiple-values-for-identical-keys -# python3 -u from http://stackoverflow.com/questions/13069634/python-daemon-and-systemd-service#30189540 -# Improve: -# x Add config parsing -# x Add argument parsing -# Do internal web calls instead of using curl (optional) -# Add debug info - -#from __future__ import print_function -import sys, os, socket, subprocess, re, time, platform -#import requests, requests_kerberos -import signal, atexit -import argparse, configparser -from collections import OrderedDict - -keepaliveversion="2016-07-22b" - -class MultiOrderedDict(OrderedDict): - def __setitem__(self, key, value): - if isinstance(value, list) and key in self: - self[key].extend(value) - else: - super(OrderedDict, self).__setitem__(key, value) - #Reference: http://stackoverflow.com/questions/15848674/how-to-configparse-a-file-keeping-multiple-values-for-identical-keys - -def usage(): - # now with argparse, this usage command is never used. It will be removed in a future version. - usage_string=""" -usage: keepalive [-duV] [-k ] [-r ] [-i ] -version """+keepaliveversion+""" - -d debug Show debugging info, including parsed variables. - -u usage Show this usage block. - -V version Show script version number. - -k keytab Overrides default keytab value. Default is """+keytab+""" - -i infile Overrides default infile value. Default is """+infile1+""" - -r refresh Overrides default wait time between checks. Default is """+str(refresh)+""" -usage: keepalive out - Will log out of the proxy and exit -Return values: -0 Normal -1 Help or version info displayed -2 Could not start: could be already running, bad lockfile, bad keytab -3 Incorrect OS type -4 Unable to find dependency -5 Not run as root or sudo -""" - print(usage_string,file=sys.stderr) - -# DEFINE FUNCTIONS - -def klog(*s, **kwargs): - print(*s, file=sys.stderr, **kwargs) - # Ref: http://stackoverflow.com/questions/5574702/how-to-print-to-stderr-in-python#14981125 - -def proxylogout(*logoutproxies): - try: - for word in logoutproxies: - subprocess.call(["/usr/bin/curl","-s","-o","/dev/null",word],stdout=subprocess.DEVNULL,stderr=subprocess.DEVNULL) - except BaseException as e: - # no proxies, so use default - subprocess.call(["/usr/bin/curl","-s","-o","/dev/null","http://proxylogout.example.com"],stdout=subprocess.DEVNULL,stderr=subprocess.DEVNULL) - -# DEFINE TRAPS - -def clean_keepalive(*reason): - thisreason="" - try: - thisreason=reason[0] - except BaseException as e: - thisreason="manual" - - if thisreason == "normal": - klog("exiting at end of procedural run. This should not happen in production.") - elif thisreason == "clean": - # be silent because only doing the systemd unit ExecStopPost cleanup - pass - else: - klog("stopped by user") - - try: - os.remove(lockfile) - except BaseException as e: - pass - -def CTRLC(signum=signal.SIGQUIT, frame=""): - print("This is CTRLC function") - sys.exit(1) - -def CTRLZ(signum=signal.SIGQUIT, frame=""): - print("This is CTRLZ") - sys.exit(2) - -# INITIALIZE VARIABLES -servercaps=socket.gethostname().upper().split('.',1)[0] -thisflavor=platform.dist()[0].lower() -thisversion=platform.dist()[1] -infile1="/etc/keepalive/keepalive.conf" - -# DEFAULT VARIABLES that can be adjusted by keepalive.conf -lockfile="/tmp/.keepalive.py.lock" -keytab="/etc/krb5.keytab" -refresh=4 -proxies=[] -proxies.append("https://proxy1.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8=") -proxies.append("https://proxy2.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8=") -logoutproxies=[] -logoutproxies.append("http://proxylogout.example.com") - -# PARSE ARGUMENTS -# Reference: https://docs.python.org/2/library/argparse.html#module-argparse -parser = argparse.ArgumentParser(description="keep this host logged into the proxy") -parser.add_argument("-d","--debug",help="enables debugging",action="store_true") -parser.add_argument("-V","--version",help="",action="store_true") -parser.add_argument("-k","--keytab",help="Overrides default keytab value",default="") -parser.add_argument("-i","--infile","--inputfile",help="use a specific conf file",default="") -parser.add_argument("-r","--refresh",type=int,help="Overrides default wait time",default=0) -parser.add_argument("--out",action="store_true") -parser.add_argument("--clean",action="store_true",help="") -args = parser.parse_args() -debug=0 -logoutonly=False -cleanonly=False -if args.debug: debug=1 -if args.version: - print("keepalive version",keepaliveversion) - sys.exit(0) -if len(args.keytab) > 0: keytab=args.keytab -if args.refresh > 0: refresh=args.refresh -if len(args.infile) > 0: infile1=args.infile -if args.out: logoutonly=True -if args.clean: cleanonly=True - -# REACT TO OPERATING SYSTEM FLAVOR -# this is different from the older shell keepalive, which relied on SYSTEM TYPE -if thisflavor == "ubuntu" or thisflavor == "debian": - pass -elif thisflavor == "centos" or thisflavor == "redhat": - pass -else: - print("keepalive: 3. Unknown flavor:",thisflavor + ".","Aborted.",file=sys.stderr) - sys.exit(3) - -# REACT TO ROOT STATUS -if os.geteuid() != 0: - print("keepalive: 5. Please run as root or sudo. Aborted.",file=sys.stderr) - sys.exit(5) - -# IF LOGOUT ONLY -if logoutonly: - proxylogout(logoutproxies) - sys.exit(0) - -# IF CLEAN ONLY -if cleanonly: - clean_keepalive("clean") - sys.exit(0) - -# READ CONFIG FILE stub -if not os.path.isfile(infile1): - klog("4. Cannot find conf",infile1 + ".","Using defaults.") -else: - # read config file here - config=configparser.RawConfigParser(dict_type=MultiOrderedDict,strict=False) - #config['keepalive']={'lockfile': '/tmp/.keepalive.py.lock', - # 'keytab': '/etc/krb5.keytab', - # 'refresh': '240', - # 'proxy': 'https://proxy1.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8=', - # 'proxy': 'https://proxy2.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8='} - config.read(infile1) - # use the options from the config file - if len(config['keepalive']['lockfile'][0]) > 0: lockfile=config['keepalive']['lockfile'][0] - if len(config['keepalive']['keytab']) > 0: keytab=config['keepalive']['keytab'][0] - if len(config['keepalive']['refresh']) > 0: refresh=int(config['keepalive']['refresh'][0]) - if len(config['keepalive']['proxy']) > 0: - proxies.clear() - else: - #no proxies configured! I guess we will leave the defaults in place then - pass - for word in config['keepalive']['proxy']: proxies.append(word) - if len(config['keepalive']['logoutproxy']) > 0: - logoutproxies.clear() - else: - # no logoutproxies configured! Leave the defaults in place - pass - for word in config['keepalive']['logoutproxy']: logoutproxies.append(word) - -# CREATE LOCKFILE ONLY IF IT DOES NOT EXIST -if os.path.isfile(lockfile) == False: - lockf=open(lockfile,'w') - lockf.write(str(os.getpid())) - lockf.close() -else: - klog("2. Could not create lockfile",lockfile + ".","Aborted.") - sys.exit(2) - -# EXIT IF KEYTABFILE IS INVALID -if not os.path.isfile(lockfile): - klog("2. Could not find keytab",keytab + ".","Aborted.") - sys.exit(2) - -atexit.register(clean_keepalive) - -# works but not needed -#signal.signal(signal.SIGINT, CTRLC) -#signal.signal(signal.SIGCONT, CTRLZ) -# Consider this research. Consider using 19 "SIGSTOP" which occurs at start of the interrupt-and-stop-job I think - -# MAIN LOOP -a=False -while a==False: - proxylogout(logoutproxies) - - # Ensure kerberos ticket exists - try: - b=str(subprocess.check_output("klist",stderr=subprocess.DEVNULL)) - except BaseException as e: - b="" - - p = re.compile('.*principal: '+servercaps) - if p.match(b): - klog("valid ticket found") - else: - subprocess.call("kdestroy") - klog("requesting new ticket") - subprocess.call(["kinit","-kt",keytab,servercaps+"$"]) - - # So with valid kerberos ticket, perform actions against all proxies - for proxy in proxies: - subprocess.call(["/usr/bin/curl","-s","-o","/dev/null","--negotiate","-u:ignoreMe","-b","~/ProxyCookies.txt","-c","~/ProxyCookies.txt",proxy]) - #print(proxy) - - time.sleep(refresh) -# END MAIN LOOP - -atexit.unregister(clean_keepalive) -clean_keepalive("normal") diff --git a/etc/keepalive/bin/keepalive.sh b/etc/keepalive/bin/keepalive.sh deleted file mode 100644 index d0a7714..0000000 --- a/etc/keepalive/bin/keepalive.sh +++ /dev/null @@ -1,261 +0,0 @@ -#!/bin/bash -# Filename: keepalive -# Location: LINUX one:/mnt/scripts/keepalive/bin -# Author: bgstack15@gmail.com -# Startdate: 2015-11-10 09:15:57 -# Title: Keepalive Script -# Purpose: -# History: 2015-11-10 -# 2015-11-12 uses local directory for default infile -# 2016-06-02 Updated for bgscripts 1.1-6, so keepalive 1.0-3 -# 2016-07-22 This keepalive.sh is the keepalive-1.0-4 version before the project switched to python. This is included for historical reference only. -# Usage: -# Reference: ftemplate.sh 2015-11-06a; framework.sh 2015-07-10a -# Proxy Keepalive for Linux Bash (Alice User1 2014-07-31) -# Improve: -fiversion="2015-11-30a" -keepaliveversion="2016-06-02a" - -usage() { - less -F >&2 <] [-r ] [-i ] -version ${keepaliveversion} - -d debug Show debugging info, including parsed variables. - -u usage Show this usage block. - -V version Show script version number. - -k keytab Overrides default keytab value. Default is ${keytab} - -i infile Overrides default infile value. Default is ${infile1} - -r refresh Overrides default wait time between checks. Default is ${refresh} -usage: keepalive out - Will log out of the proxy and exit -Return values: -0 Normal -1 Help or version info displayed -2 Could not start: could be already running, bad lockfile, bad keytab -3 Incorrect OS type -4 Unable to find dependency -5 Not run as root or sudo -ENDUSAGE -} - -# DEFINE FUNCTIONS -function klog { - # abstracted out so I can either do a file or do syslog in the future easily - ferror "$@" - #echo "" | flecho "$@" 1>&2 - #date "+[%Y-%m-%d %T] keepalive: $@" >&2 - #logger "keepalive: $@" -} - -function proxylogout { - # Logout the previously authenticated user - /usr/bin/curl -s -o /dev/null http://proxylogout.example.com >/dev/null 2>&1 -} - -# DEFINE TRAPS - -function clean_keepalive { - klog "stopping" - rm -f ${lockfile} >/dev/null 2>&1 - [ ] #use at end of entire script if you need to clean up tmpfiles -} - -function CTRLC { - #trap "CTRLC" 2 - [ ] #useful for controlling the ctrl+c keystroke -} - -function CTRLZ { - #trap "CTRLZ" 18 - [ ] #useful for controlling the ctrl+z keystroke -} - -function parseFlag { - flag=$1 - hasval=0 - case $flag in - # INSERT FLAGS HERE - "d" | "debug" | "DEBUG") debug=1;; - "u" | "usage" | "help") usage; exit 1;; - "V" | "fcheck" | "version") ferror "${scriptfile} version ${keepaliveversion}"; exit 1;; - "k" | "keytab" | "kfile" | "ktfile") getval; keytab=${tempval};; - "r" | "refresh" | "refreshtime") getval; refresh=${tempval};; - "i" | "infile" | "inputfile") getval; infile1=${tempval};; - esac - - [[ debug -eq 1 ]] && { [[ hasval -eq 1 ]] && ferror "flag: $flag = $tempval" || ferror "flag: $flag"; } -} - -# DETERMINE LOCATION OF FRAMEWORK -while read flocation; do if [[ -x $flocation ]] && [[ $( $flocation --fcheck ) -ge 20160525 ]]; then frameworkscript=$flocation; break; fi; done <&2 && exit 4 - -# REACT TO OPERATING SYSTEM TYPE -case $( uname -s ) in - AIX) echo "$scriptfile: 3. Linux-only script." 1>&2 && exit 3;; - Linux) [ ];; - *) echo "$scriptfile: 3. Indeterminate OS: $( uname -s )" 1>&2 && exit 3;; -esac - -# INITIALIZE VARIABLES -# variables set in framework: -# today server thistty scriptdir scriptfile scripttrim -# is_cronjob stdin_piped stdout_piped stderr_piped sendsh sendopts -. ${frameworkscript} || echo "$0: framework did not run properly. Continuing..." 1>&2 -infile1=/etc/keepalive/keepalive.conf # can be adjusted on the cli -outfile1= -logfile=${scriptdir}/${scripttrim}.${today}.out -interestedparties="bgstack15@example.com" -servercaps=$( echo "${server}" | tr 'a-z' 'A-Z' ) - -# DEFAULT VARIABLES THAT CAN BE ADJUSTED BY keepalive.conf -lockfile="/tmp/.keepalive.lock" -keytab=/etc/krb5.keytab -refresh=4 -proxy1=https://proxy1.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8= -proxy2=https://proxy2.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8= - -# REACT TO ROOT STATUS -case $is_root in - 1) # proper root - [ ] ;; - sudo) # sudo to root - [ ] ;; - "") # not root at all - ferror "${scriptfile}: 5. Please run as root or sudo. Aborted." - exit 5 - ;; -esac - -# SET CUSTOM SCRIPT AND VALUES -#setval 1 sendsh sendopts</dev/null | grep -qiE "principal.*${servercaps}" ); - then - # valid - klog "valid ticket found" - else - # invalid - # make a new kerberos ticket - kdestroy - klog "requesting new ticket" - kinit -kt "${keytab}" "${servercaps}\$" - fi - - # So with a valid kerberos ticket, perform actions against both proxies - # I was unable to get the WHICHPROXY functionality working - /usr/bin/curl -s -o /dev/null --negotiate -u:ignoreMe -b ~/ProxyCookies.txt -c ~/ProxyCookies.txt $proxy1 2>&1 - /usr/bin/curl -s -o /dev/null --negotiate -u:ignoreMe -b ~/ProxyCookies.txt -c ~/ProxyCookies.txt $proxy2 2>&1 - - sleep $refresh -done - -# EMAIL LOGFILE -#$sendsh $sendopts "$server $scriptfile out" $logfile $interestedparties - -# FINAL CLEANUP -trap '' 0 # reset trap to undefined -clean_keepalive end # so I can call it manually diff --git a/etc/keepalive/docs/debian/conffiles b/etc/keepalive/docs/debian/conffiles deleted file mode 100644 index 8dafbff..0000000 --- a/etc/keepalive/docs/debian/conffiles +++ /dev/null @@ -1 +0,0 @@ -/etc/keepalive/keepalive.conf diff --git a/etc/keepalive/docs/debian/control b/etc/keepalive/docs/debian/control deleted file mode 100644 index 8d42833..0000000 --- a/etc/keepalive/docs/debian/control +++ /dev/null @@ -1,13 +0,0 @@ -Package: keepalive -Version: 1.0-6 -Architecture: all -Essential: no -Priority: extra -Section: utils -Maintainer: B G Stack -Installed-Size: 350 -Homepage: https://bgstack15.wordpress.com/ -Source: keepalive.tgz -Pre-Depends: bgscripts (>= 1.1-17), sssd, python3 -Description: Keepalive uses a system kerberos ticket (generating one if necessary) to stay authenticated to the http proxy. - The user defines http_proxy and https_proxy. Keepalive assumes the system joined to an AD domain. diff --git a/etc/keepalive/docs/debian/md5sums b/etc/keepalive/docs/debian/md5sums deleted file mode 100644 index 3307807..0000000 --- a/etc/keepalive/docs/debian/md5sums +++ /dev/null @@ -1,14 +0,0 @@ -317bad02db12ba2340b5c4ef30c9376b usr/lib/systemd/system/keepalive.service -5aa43c0360a508ad909cfe2ac4495179 etc/keepalive/packaging.txt -76803e4e6e9f74fc8de2ae4ddfc7c470 etc/keepalive/bin/keepalive -4e750e3f9ce8e00feaa34d614405f066 etc/keepalive/keepalive.conf -5c34e36e9838a29d59f3ed9fa0b4c8e7 etc/keepalive/docs/debian/postinst -061b27636d5dd3ab9ca7fa00b5a6e0a6 etc/keepalive/docs/debian/control -391dcefa7356b76dfdc7eebae9e450ba etc/keepalive/docs/debian/postrm -eb54ab3395cf1a7f9ffd558b5142679d etc/keepalive/docs/debian/prerm -2a7ad29f5f70879eca2d71a01152ac19 etc/keepalive/docs/debian/preinst -7b84e6ef73c48a2474789f8daf76a8d7 etc/keepalive/docs/debian/conffiles -7c2ef5667400f3fa3166bbfe41a835e2 etc/keepalive/docs/keepalive.spec -ec2f0bc9c707cb03aa933d203e1506ef etc/keepalive/README.txt -cf972826834f5cce6d48266bc9f18110 etc/logrotate.d/keepalive -3b4332e514014ed750012692a75dc572 etc/rsyslog.d/keepalivelog.conf diff --git a/etc/keepalive/docs/debian/postinst b/etc/keepalive/docs/debian/postinst deleted file mode 100755 index 4c3092b..0000000 --- a/etc/keepalive/docs/debian/postinst +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -systemctl daemon-reload 1>/dev/null 2>&1 -systemctl enable keepalive 1>/dev/null 2>&1 -systemctl start keepalive 1>/dev/null 2>&1 diff --git a/etc/keepalive/docs/debian/postrm b/etc/keepalive/docs/debian/postrm deleted file mode 100755 index 2c475d8..0000000 --- a/etc/keepalive/docs/debian/postrm +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -# whether removing an updated package or just removing it entirely, this is a good idea: -systemctl daemon-reload 1>/dev/null 2>&1 diff --git a/etc/keepalive/docs/debian/preinst b/etc/keepalive/docs/debian/preinst deleted file mode 100755 index 75ff571..0000000 --- a/etc/keepalive/docs/debian/preinst +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh -#https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html -thisservice=keepalive.service - -case "${1}" in - upgrade) - # This preinst is being run before an upgrade. - # $2 is old-version-number - systemctl stop keepalive.service 1>/dev/null 2>&1 - ;; - install) - # Brand new installation of the package. - [ ] - ;; -esac - -exit 0 diff --git a/etc/keepalive/docs/debian/prerm b/etc/keepalive/docs/debian/prerm deleted file mode 100755 index 99a4f6a..0000000 --- a/etc/keepalive/docs/debian/prerm +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh - -thisservice=keepalive.service - -case "${1}" in - upgrade) - # This prerm upgrade is running because a newer version of this package is being installed. - # $2 is new-version-number - [ ] - ;; - remove) - # No new package being installed. Just remove it. - systemctl stop "${thisservice}" 1>/dev/null 2>&1 - systemctl disable "${thisservice}" 1>/dev/null 2>&1 - ;; -esac - -exit 0 diff --git a/etc/keepalive/docs/keepalive.spec b/etc/keepalive/docs/keepalive.spec deleted file mode 100644 index 0df5e3a..0000000 --- a/etc/keepalive/docs/keepalive.spec +++ /dev/null @@ -1,82 +0,0 @@ -# -# spec file for keepalive compiled by hand -Summary: Keepalive -Name: keepalive -Version: 1.0 -Release: 6 -License: CC BY-SA 4.0 -Group: Applications/System -Source: keepalive.tgz -URL: bgstack15@gmail.com -#Distribution: -#Vendor: -Packager: Bgstack15 -Buildarch: noarch -PreReq: bgscripts >= 1.1-17 -PreReq: python34 - -%description -Keepalive uses a system kerbors ticket (generating one if necessary) to stay authenticated to the http proxy. -The user defines http_proxy and https_proxy. Keepalive assumes the system joined to an AD domain. - -%prep -%setup - -%build - -%install -rsync -a . %{buildroot}/ - -%clean -rm -rf ${buildroot} - -%pre -if [ $1 = "1" ]; -then - # first version being installed - find /tmp/foo >/dev/null 2>&1 -else - # not the first version being installed - systemctl stop keepalive >/dev/null 2>&1 -fi -exit 0 - -%post -systemctl enable keepalive -systemctl start keepalive - -%preun -if [[ "$1" = "0" ]]; -then - # last version of package is being erased - systemctl disable keepalive >/dev/null 2>&1 - systemctl stop keepalive >/dev/null 2>&1 -else - # not last version being erased - find /tmp/foo >/dev/null 2>&1 -fi -exit 0 - -%files -/etc/logrotate.d/keepalive -%config /etc/rsyslog.d/keepalivelog.conf -%doc %attr(444, -, -) /etc/keepalive/README.txt -%verify(link) /etc/keepalive/bin/keepalive.sh -%verify(link) /etc/keepalive/bin/keepalive -/etc/keepalive/docs/keepalive.spec -/etc/keepalive/docs/debian/postinst -/etc/keepalive/docs/debian/conffiles -/etc/keepalive/docs/debian/md5sums -/etc/keepalive/docs/debian/prerm -/etc/keepalive/docs/debian/postrm -/etc/keepalive/docs/debian/control -/etc/keepalive/docs/debian/preinst -%config /etc/keepalive/keepalive.conf -/etc/keepalive/inc/scrub.py -/etc/keepalive/inc/scrub.pyc -/etc/keepalive/inc/scrub.pyo -/etc/keepalive/inc/localize_git.sh -%doc %attr(444, -, -) /etc/keepalive/inc/scrub.txt -%doc %attr(444, -, -) /etc/keepalive/packaging.txt -/usr/lib/systemd/system/keepalive.service -%verify(link) /usr/bin/keepalive diff --git a/etc/keepalive/inc/localize_git.sh b/etc/keepalive/inc/localize_git.sh deleted file mode 100755 index ade84d4..0000000 --- a/etc/keepalive/inc/localize_git.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -\cp -pRf /home/work/keepalive.clean/.git /home/bgstack15/rpmbuild/SOURCES/keepalive-1.0-6/ diff --git a/etc/keepalive/inc/scrub.py b/etc/keepalive/inc/scrub.py deleted file mode 100755 index afa81a1..0000000 --- a/etc/keepalive/inc/scrub.py +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/env python3 -# Filename: scrub.py -# Location: Various -# Author: bgstack15@gmail.com -# Startdate: 2016-09-28 -# Title: Script that Simultaneously Copies and Scrubs a Directory -# Purpose: Prepare projects for publication by removing private information like usernames and hostnames -# Package: Various -# History: -# 2016-10-03 working on batch rename files -# 2016-10-20 added not ".tgz" in source.name -# 2016-10-27 Fixed error when trying chmod on a symlink -# Usage: -# Store this file with any package that gets published. Adjust scrub.txt in local directory. -# # First line: source directory Second line: target directory. WILL BE OVERWRITTEN! -# /etc/ansible -# /home/bjones/ansible.clean -# # Rest of the lines are "OLD WORD" "NEW WORD" -# bjones bgstack15 -# rsmith rmstack15 -# Reference: -# http://stackoverflow.com/questions/79968/split-a-string-by-spaces-preserving-quoted-substrings-in-python/524796#524796 -# http://stackoverflow.com/questions/6706953/python-using-subprocess-to-call-sed#6707003 -# http://stackoverflow.com/questions/6584871/remove-last-character-if-its-a-backslash/6584893#6584893 -# http://stackoverflow.com/questions/2212643/python-recursive-folder-read/2212728#2212728 -# parallel lists: http://stackoverflow.com/questions/1663807/how-can-i-iterate-through-two-lists-in-parallel-in-python -# file renames http://stackoverflow.com/questions/225735/batch-renaming-of-files-in-a-directory/7917798#7917798 -# Improve: -# Add option to specify scrub file -# Add exclude option to scrub file, such as .git and so on -# Accept CLI options like source, destination, even exclusions? -# Add flag for performing file renames as well, or file renames only -import re, shlex, os, sys, shutil -from pathlib import Path - -# scrubpy version -scrubpyversion = "2016-10-27a" - -# Define functions - -def removeComments(string): - #string = re.sub(re.compile("/\*.*?\*/",re.DOTALL ) ,"", string) - #string = re.sub(re.compile("//.*?\n" ) ,"" ,string) - pattern = r"(\".*?\"|\'.*?\')|(/\*.*?\*/|(//|#)[^\r\n]*$)" - regex = re.compile(pattern, re.MULTILINE|re.DOTALL) - def _replacer(match): - if match.group(2) is not None: - return "" - else: - return match.group(1) - return regex.sub(_replacer, string) - -# Main code -stringfile = open('scrub.txt','r') -count=0 -thisdir="" -newdir="" -oldstrings=[] -newstrings=[] - -while True: - x = stringfile.readline().rstrip() - count += 1 - if not x: break - x = removeComments(x) - #print("x=" + x) - y = shlex.split (x) - if len(y) >= 1: - if thisdir == "": - thisdir = y[0] - elif newdir == "": - newdir = y[0] - if len(y) >= 2: - #print("y[0]=" + y[0] + "\t and y[1]=" + y[1]) - oldstrings.append(y[0]) - newstrings.append(y[1]) - -# After the file is done -stringfile.close() -#newdir = thisdir.rstrip('\/') + ".scrubbed/" - -if False: - print("\nthisdir=" + thisdir) - print("newdir=" + newdir + '\n') - print("oldstrings are:") - print(oldstrings) - print("newstrings are:") - print(newstrings) - -# Clean scrubbed directory -try: - shutil.rmtree(newdir) -except: - foo=1 - -shutil.copytree(thisdir,newdir,symlinks=True) - -# Execute substitutions -for rootfolder, subdirs, files in os.walk(thisdir): - for filename in files: - sourcepath = os.path.join(rootfolder, filename) - with open( sourcepath, "r" ) as source: - if not ".swp" in source.name and not ".git" in source.name and not ".tgz" in source.name: - destdir = rootfolder.replace(thisdir.rstrip('\/'),newdir.rstrip('\/')) - destfile = os.path.join(destdir, filename) - #print("sourcefile=" + source.name) - #print("destfile=" + destfile + '\n') - if not os.path.islink( destfile ): - with open( destfile, "w") as target: - data = source.read() - for oldword, newword in zip(oldstrings, newstrings): - data = data.replace(oldword,newword) - changed = data - target.write(changed) - -# Execute file renames -# Used "file renames" reference, as well as the structure of directory traversal used earlier, which was from a different source. -for rootfolder, subdirs, files in os.walk(newdir): - for filename in files: - oldpath = os.path.join(rootfolder, filename) - for oldword, newword in zip(oldstrings, newstrings): - if oldword in oldpath: - #print("oldword=" + oldword + "\toldpath=" + oldpath) - os.rename(oldpath, oldpath.replace(oldword,newword)) diff --git a/etc/keepalive/inc/scrub.txt b/etc/keepalive/inc/scrub.txt deleted file mode 100644 index a27aff1..0000000 --- a/etc/keepalive/inc/scrub.txt +++ /dev/null @@ -1,14 +0,0 @@ -# First line: source directory Second line: target directory. WILL BE OVERWRITTEN! -/home/bgstack15/rpmbuild/SOURCES/keepalive-1.0-6 -/home/work/keepalive.clean -# rest of the lines are "OLD WORD" "NEW WORD" -BGSTACK15 BGSTACK15 -Bgstack15 Bgstack15 -bgstack15 bgstack15 -example example -EXAMPLE EXAMPLE -".com" ".com" -"203.0." "203.0." -one one -Alice Alice -User1 User1 diff --git a/etc/keepalive/packaging.txt b/etc/keepalive/packaging.txt deleted file mode 100644 index 77f3b10..0000000 --- a/etc/keepalive/packaging.txt +++ /dev/null @@ -1,53 +0,0 @@ -File: etc/keepalive/packaging.txt -Package: keepalive -Author: bgstack15 -Startdate: 2016-06-02 -Title: Packaging instructions for keepalive -Purpose: To make it easier to build the package -History: 2016-10-27 updated for git project -Usage: -Reference: bgscripts package packaging.txt -Improve: -Document: Below this line - -### PACKAGING for rhel/centos -package=keepalive -version=1.0-6 -shortversion=1.0 -rpmbuilddir=~/rpmbuild/ -packagespecfile="${package}-${version}/etc/${package}/docs/${package}.spec" -sed -i -n '1,/^\%files$/p;' ${rpmbuilddir}/SOURCES/"${packagespecfile}" -cd ${rpmbuilddir}/SOURCES/"${package}-${version}" -find * ! -type d ! -regex '.*?.swp' ! -regex '.*?DEBIAN.*?' | sed -e 's/^/\//;' -e 's/\(.*\.txt\)/%doc %attr(444, -, -) \1/;' -e 's/\(.*\.conf\)/%config \1/;' -e 's/\(.*bin.*\)/%verify(link) \1/;' -e 's/\(.*\)\.py$/\1\.py\n\1\.pyc\n\1\.pyo/;' >> ${rpmbuilddir}/SOURCES/"${packagespecfile}" -rm -rf ${rpmbuilddir}/SOURCES/"${package}-${shortversion}" -cp -prf ${rpmbuilddir}/SOURCES/"${package}-${version}" ${rpmbuilddir}/SOURCES/"${package}-${shortversion}" -rm -rf ${rpmbuilddir}/SOURCES/"${package}-${shortversion}"/DEBIAN -cd ${rpmbuilddir}/SOURCES -rm -rf "${package}".tgz; tar -zc --exclude='.git' -f "${package}.tgz" "${package}-${shortversion}" && rm -rf ${rpmbuilddir}/SOURCES/"${package}-${shortversion}" -cp -p ${rpmbuilddir}/SOURCES/"${packagespecfile}" ${rpmbuilddir}/SPECS -cd ${rpmbuilddir}/RPMS/noarch -rpmbuild -bb "${rpmbuilddir}"/SPECS/"${package}".spec - -### PACKAGING for debian -# You need package dpkg-dev to build packages. -package=keepalive -version=1.0-6 -packagedebfilesdir="${package}-${version}/etc/keepalive/docs/debian" -cd ~/deb/"${package}-${version}" -find . -type f ! -regex '.*.hg.*' ! -regex '.*?debian-binary.*' ! -regex '.*?DEBIAN.*' ! -regex '.*?.swp' ! -regex '.*\.git.*' -printf '%P ' | xargs md5sum > DEBIAN/md5sums -rm -rf ~/deb/"${package}-${version}"/DEBIAN/ 2>/dev/null; mkdir -p ~/deb/"${package}-${version}"/DEBIAN/ -cp -pf ~/deb/"${packagedebfilesdir}"/* ~/deb/"${package}-${version}"/DEBIAN/ -cd ~/deb -rm -rf ~/deb/"${package}-${version}.a" -cp -pR ~/deb/"${package}-${version}" ~/deb/"${package}-${version}.a" -rm -rf ~/deb/"${package}-${version}"/.git -dpkg-deb -b ~/deb/"${package}-${version}" -rm -rf ~/deb/"${package}-${version}" -mv ~/deb/"${package}-${version}.a" ~/deb/"${package}-${version}" - -### PACKAGING in a master.tgz -cd ~/deb 2>/dev/null || cd ~/rpmbuild/SOURCES -package=keepalive -version=1.0-6 -rm -rf ./"${package}-${version}".master.tgz -tar -zcf "${package}-${version}".master.tgz "${package}-${version}"/ diff --git a/usr/bin/keepalive b/usr/bin/keepalive index cd303b0..41bdd43 120000 --- a/usr/bin/keepalive +++ b/usr/bin/keepalive @@ -1 +1 @@ -/etc/keepalive/bin/keepalive \ No newline at end of file +../share/keepalive/keepalive \ No newline at end of file diff --git a/usr/lib/systemd/system/keepalive.service b/usr/lib/systemd/system/keepalive.service index 117dbd5..8b31775 100644 --- a/usr/lib/systemd/system/keepalive.service +++ b/usr/lib/systemd/system/keepalive.service @@ -14,11 +14,11 @@ ConditionPathExists=/usr/bin/keepalive [Service] Type=simple User=root -ExecStart=/etc/keepalive/bin/keepalive +ExecStart=/usr/share/keepalive/keepalive Restart=on-abort StandardOutput=syslog StandardError=syslog -ExecStopPost=/etc/keepalive/bin/keepalive --clean +ExecStopPost=/usr/share/keepalive/keepalive --clean [Install] WantedBy=multi-user.target diff --git a/usr/share/keepalive/docs/README.txt b/usr/share/keepalive/docs/README.txt new file mode 100644 index 0000000..416c5d9 --- /dev/null +++ b/usr/share/keepalive/docs/README.txt @@ -0,0 +1,30 @@ +File: etc/keepalive/README.txt +Package: keepalive 1.0-7 +Author: bgstack15@gmail.com +Startdate: 2016-06-07 +Title: Readme file for keepalive +Purpose: All packages should come with a readme +History: +Usage: Read it. +Reference: README.txt +Improve: +Document: Below this line + +### WELCOME +To use the keepalive program, start the service. +systemctl start keepalive.service + +### REFERENCE + +### CHANGELOG +keepalive 1.0-4 2016-06-07 +Changed packaging so bgscripts is a prerequisite, not a corequisite package so framework.sh exists before keepalive service is started for the first time. +https://docs.fedoraproject.org/en-US/Fedora_Draft_Documentation/0.1/html/RPM_Guide/ch-advanced-packaging.html +https://www.debian.org/doc/debian-policy/ch-relationships.html + +keepalive 1.0-5 2016-07-22 +Rewrote the application in python3 + +2016-10-27 keepalive 1.0-6 +Added scrub.py subpackage +Modified to be suitable for sharing on github diff --git a/usr/share/keepalive/docs/debian/conffiles b/usr/share/keepalive/docs/debian/conffiles new file mode 100644 index 0000000..8dafbff --- /dev/null +++ b/usr/share/keepalive/docs/debian/conffiles @@ -0,0 +1 @@ +/etc/keepalive/keepalive.conf diff --git a/usr/share/keepalive/docs/debian/control b/usr/share/keepalive/docs/debian/control new file mode 100644 index 0000000..e79a841 --- /dev/null +++ b/usr/share/keepalive/docs/debian/control @@ -0,0 +1,14 @@ +Package: keepalive +Version: 1.0-7 +Architecture: all +Essential: no +Priority: extra +Section: utils +Maintainer: B G Stack +Installed-Size: 350 +Homepage: https://bgstack15.wordpress.com/ +Source: keepalive.tgz +Pre-Depends: bgscripts (>= 1.1-17), sssd, python3 +Depends: curl +Description: Keepalive uses a system kerberos ticket (generating one if necessary) to stay authenticated to the http proxy. + The user defines http_proxy and https_proxy. Keepalive assumes the system joined to an AD domain. diff --git a/usr/share/keepalive/docs/debian/md5sums b/usr/share/keepalive/docs/debian/md5sums new file mode 100644 index 0000000..3307807 --- /dev/null +++ b/usr/share/keepalive/docs/debian/md5sums @@ -0,0 +1,14 @@ +317bad02db12ba2340b5c4ef30c9376b usr/lib/systemd/system/keepalive.service +5aa43c0360a508ad909cfe2ac4495179 etc/keepalive/packaging.txt +76803e4e6e9f74fc8de2ae4ddfc7c470 etc/keepalive/bin/keepalive +4e750e3f9ce8e00feaa34d614405f066 etc/keepalive/keepalive.conf +5c34e36e9838a29d59f3ed9fa0b4c8e7 etc/keepalive/docs/debian/postinst +061b27636d5dd3ab9ca7fa00b5a6e0a6 etc/keepalive/docs/debian/control +391dcefa7356b76dfdc7eebae9e450ba etc/keepalive/docs/debian/postrm +eb54ab3395cf1a7f9ffd558b5142679d etc/keepalive/docs/debian/prerm +2a7ad29f5f70879eca2d71a01152ac19 etc/keepalive/docs/debian/preinst +7b84e6ef73c48a2474789f8daf76a8d7 etc/keepalive/docs/debian/conffiles +7c2ef5667400f3fa3166bbfe41a835e2 etc/keepalive/docs/keepalive.spec +ec2f0bc9c707cb03aa933d203e1506ef etc/keepalive/README.txt +cf972826834f5cce6d48266bc9f18110 etc/logrotate.d/keepalive +3b4332e514014ed750012692a75dc572 etc/rsyslog.d/keepalivelog.conf diff --git a/usr/share/keepalive/docs/debian/postinst b/usr/share/keepalive/docs/debian/postinst new file mode 100755 index 0000000..eae6cd5 --- /dev/null +++ b/usr/share/keepalive/docs/debian/postinst @@ -0,0 +1,9 @@ +#!/bin/sh +# deb postinst 2017-01-26 +thisservice=keepalive.service +{ +systemctl daemon-reload +systemctl enable ${thisservice} +systemctl start ${thisservice} +} 1>/dev/null 2>&1 +exit 0 diff --git a/usr/share/keepalive/docs/debian/postrm b/usr/share/keepalive/docs/debian/postrm new file mode 100755 index 0000000..f35ae34 --- /dev/null +++ b/usr/share/keepalive/docs/debian/postrm @@ -0,0 +1,3 @@ +# deb postrm 2017-01-26 +systemctl daemon-reload 1>/dev/null 2>&1 +exit 0 diff --git a/usr/share/keepalive/docs/debian/preinst b/usr/share/keepalive/docs/debian/preinst new file mode 100755 index 0000000..afa9350 --- /dev/null +++ b/usr/share/keepalive/docs/debian/preinst @@ -0,0 +1,17 @@ +#!/bin/sh +# deb pre 2017-01-26 +#https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html +thisservice=keepalive.service +{ +case "${1}" in + upgrade) + # Upgrade. $2 is old-version-number. + systemctl stop ${thiservice} + ;; + install) + # New install. + : + ;; +esac +} 1>/dev/null 2>&1 +exit 0 diff --git a/usr/share/keepalive/docs/debian/prerm b/usr/share/keepalive/docs/debian/prerm new file mode 100755 index 0000000..84e2bbd --- /dev/null +++ b/usr/share/keepalive/docs/debian/prerm @@ -0,0 +1,16 @@ +# deb prerm 2017-01-26 +thisservice=keepalive.service +{ +case "${1}" in + remove) + # Final removal. + systemctl stop "${thisservice}" + systemctl disable "${thisservice}" + ;; + upgrade) + # Upgrade. $2 is new-version-number + : + ;; +esac +} 1>/dev/null 2>&1 +exit 0 diff --git a/usr/share/keepalive/docs/files-for-versioning.txt b/usr/share/keepalive/docs/files-for-versioning.txt new file mode 100644 index 0000000..4494135 --- /dev/null +++ b/usr/share/keepalive/docs/files-for-versioning.txt @@ -0,0 +1,6 @@ +inc/localize_git.sh +inc/scrub.txt +docs/README.txt +docs/packaging.txt +docs/keepalive.spec +docs/debian/control diff --git a/usr/share/keepalive/docs/keepalive.spec b/usr/share/keepalive/docs/keepalive.spec new file mode 100644 index 0000000..764bcc8 --- /dev/null +++ b/usr/share/keepalive/docs/keepalive.spec @@ -0,0 +1,118 @@ +# +# spec file for keepalive compiled by hand +Summary: Keepalive keeps you logged in to an http proxy via kerberos tickets +Name: keepalive +Version: 1.0 +Release: 7 +License: CC BY-SA 4.0 +Group: Applications/System +Source: keepalive.tgz +URL: https://bgstack15.wordpress.com/ +#Distribution: +#Vendor: +Packager: Bgstack15 +Buildarch: noarch +Requires(pre): bgscripts-core >= 1.1-31 +Requires(pre): python34 +Requires: curl + +%description +Keepalive uses a system kerberos ticket (generating one if necessary) to stay authenticated to the http proxy. +The user defines http_proxy and https_proxy. Keepalive assumes the system joined to an AD domain. + +%prep +%setup + +%build + +%install +rsync -a . %{buildroot}/ + +%clean +rm -rf ${buildroot} + +%pre +# rpm pre 2017-01-26 +thisservice=%{name}.service +{ +case "${1}" in + 2) + # Upgrade. + systemctl stop ${thisservice} + ;; + 1) + # New install. + : + ;; +esac +} 1>/dev/null 2>&1 +exit 0 + +%post +# rpm post 2017-01-26 +thisservice=%{name}.service +{ +systemctl daemon-reload +systemctl enable ${thisservice} +systemctl start ${thisservice} +} 1>/dev/null 2>&1 +exit 0 + +%preun +# rpm preun 2017-01-26 +thisservice=%{name}.service +{ +case "${1}" in + 0) + # Final removal. + systemctl stop ${thisservice} + systemctl disable ${thisservice} + ;; + 1) + # Upgrade. + : + ;; +esac +} 1>/dev/null 2>&1 +exit 0 + +%postun +# rpm postun 2017-01-26 +systemctl daemon-reload 1>/dev/null 2>&1 +exit 0 + +%files +%dir /etc/keepalive +%dir /usr/share/keepalive +%dir /usr/share/keepalive/docs +%dir /usr/share/keepalive/docs/debian +%dir /usr/share/keepalive/inc +/etc/logrotate.d/keepalive +%config /etc/rsyslog.d/keepalivelog.conf +%config /etc/keepalive/keepalive.conf +/usr/share/keepalive/keepalive.sh +/usr/share/keepalive/docs/keepalive.spec +/usr/share/keepalive/docs/debian/postinst +/usr/share/keepalive/docs/debian/conffiles +/usr/share/keepalive/docs/debian/md5sums +/usr/share/keepalive/docs/debian/prerm +/usr/share/keepalive/docs/debian/postrm +/usr/share/keepalive/docs/debian/control +/usr/share/keepalive/docs/debian/preinst +%doc %attr(444, -, -) /usr/share/keepalive/docs/README.txt +%doc %attr(444, -, -) /usr/share/keepalive/docs/packaging.txt +%doc %attr(444, -, -) /usr/share/keepalive/docs/files-for-versioning.txt +/usr/share/keepalive/inc/get-files +/usr/share/keepalive/inc/pack +/usr/share/keepalive/inc/localize_git.sh +%doc %attr(444, -, -) /usr/share/keepalive/inc/scrub.txt +/usr/share/keepalive/keepalive +/usr/lib/systemd/system/keepalive.service +%verify(link) /usr/bin/keepalive + +%changelog +* Thu Jan 26 2017 B Stack 1.0-7 +- Rearranged package to be compliant with FHS 3.0 +- Updated dependency to bgscripts-core +- Added ./pack script +- Added changelog to spec file diff --git a/usr/share/keepalive/docs/packaging.txt b/usr/share/keepalive/docs/packaging.txt new file mode 100644 index 0000000..7610649 --- /dev/null +++ b/usr/share/keepalive/docs/packaging.txt @@ -0,0 +1,53 @@ +File: etc/keepalive/packaging.txt +Package: keepalive +Author: bgstack15 +Startdate: 2016-06-02 +Title: Packaging instructions for keepalive +Purpose: To make it easier to build the package +History: 2016-10-27 updated for git project +Usage: +Reference: bgscripts package packaging.txt +Improve: +Document: Below this line + +### PACKAGING for rhel/centos +package=keepalive +version=1.0-7 +shortversion=1.0 +rpmbuilddir=~/rpmbuild/ +packagespecfile="${package}-${version}/etc/${package}/docs/${package}.spec" +sed -i -n '1,/^\%files$/p;' ${rpmbuilddir}/SOURCES/"${packagespecfile}" +cd ${rpmbuilddir}/SOURCES/"${package}-${version}" +find * ! -type d ! -regex '.*?.swp' ! -regex '.*?DEBIAN.*?' | sed -e 's/^/\//;' -e 's/\(.*\.txt\)/%doc %attr(444, -, -) \1/;' -e 's/\(.*\.conf\)/%config \1/;' -e 's/\(.*bin.*\)/%verify(link) \1/;' -e 's/\(.*\)\.py$/\1\.py\n\1\.pyc\n\1\.pyo/;' >> ${rpmbuilddir}/SOURCES/"${packagespecfile}" +rm -rf ${rpmbuilddir}/SOURCES/"${package}-${shortversion}" +cp -prf ${rpmbuilddir}/SOURCES/"${package}-${version}" ${rpmbuilddir}/SOURCES/"${package}-${shortversion}" +rm -rf ${rpmbuilddir}/SOURCES/"${package}-${shortversion}"/DEBIAN +cd ${rpmbuilddir}/SOURCES +rm -rf "${package}".tgz; tar -zc --exclude='.git' -f "${package}.tgz" "${package}-${shortversion}" && rm -rf ${rpmbuilddir}/SOURCES/"${package}-${shortversion}" +cp -p ${rpmbuilddir}/SOURCES/"${packagespecfile}" ${rpmbuilddir}/SPECS +cd ${rpmbuilddir}/RPMS/noarch +rpmbuild -bb "${rpmbuilddir}"/SPECS/"${package}".spec + +### PACKAGING for debian +# You need package dpkg-dev to build packages. +package=keepalive +version=1.0-7 +packagedebfilesdir="${package}-${version}/etc/keepalive/docs/debian" +cd ~/deb/"${package}-${version}" +find . -type f ! -regex '.*.hg.*' ! -regex '.*?debian-binary.*' ! -regex '.*?DEBIAN.*' ! -regex '.*?.swp' ! -regex '.*\.git.*' -printf '%P ' | xargs md5sum > DEBIAN/md5sums +rm -rf ~/deb/"${package}-${version}"/DEBIAN/ 2>/dev/null; mkdir -p ~/deb/"${package}-${version}"/DEBIAN/ +cp -pf ~/deb/"${packagedebfilesdir}"/* ~/deb/"${package}-${version}"/DEBIAN/ +cd ~/deb +rm -rf ~/deb/"${package}-${version}.a" +cp -pR ~/deb/"${package}-${version}" ~/deb/"${package}-${version}.a" +rm -rf ~/deb/"${package}-${version}"/.git +dpkg-deb -b ~/deb/"${package}-${version}" +rm -rf ~/deb/"${package}-${version}" +mv ~/deb/"${package}-${version}.a" ~/deb/"${package}-${version}" + +### PACKAGING in a master.tgz +cd ~/deb 2>/dev/null || cd ~/rpmbuild/SOURCES +package=keepalive +version=1.0-7 +rm -rf ./"${package}-${version}".master.tgz +tar -zcf "${package}-${version}".master.tgz "${package}-${version}"/ diff --git a/usr/share/keepalive/inc/get-files b/usr/share/keepalive/inc/get-files new file mode 100755 index 0000000..ab75e63 --- /dev/null +++ b/usr/share/keepalive/inc/get-files @@ -0,0 +1,45 @@ +#!/bin/sh +# File: get-files +case "${1}" in + rpm) + +### for rpm +find * -type d \ + \( \ + -regex 'usr\/share\/keepalive.*' -o \ + -regex '.*\/keepalive$' \ + \) \ + | sed -e 's/^/%dir \//;' +find * -mindepth 1 ! -type d ! -regex '.*?.swp' \ + ! -regex '.*?DEBIAN.*?' \ + | sed -e ' +s/^/\//; +s/\(.*\.txt\)/%doc %attr(444, -, -) \1/; +s/\(.*\.conf\)/%config \1/; +s/\(.*bin.*\)/%verify(link) \1/; +s/\(.*\)\.py$/\1\.py\n\1\.pyc\n\1\.pyo/; +' + + ;; + deb) + +### for deb +# will be redirected to md5sum +# WORKHERE: this is the bgscripts one +find . -mindepth 1 \ + ! -type d \ + ! -regex '.*.hg.*' ! -regex '.*?debian-binary.*' \ + ! -regex '.*?DEBIAN.*' ! -regex '.*?.swp' ! -regex '.*\.git.*' \ + \( \ + -regex '.*rdp.*' -o \ + -regex '.*get-files$' -o \ + -regex '.*icons.*' \ + \) \ + -printf '%P ' + + ;; + *) + echo "FATAL ERROR: check ./pack or get-files. Please use [ rpm | deb ] option. Aborted." 1>&2 + exit 1 + ;; +esac diff --git a/usr/share/keepalive/inc/localize_git.sh b/usr/share/keepalive/inc/localize_git.sh new file mode 100755 index 0000000..d4f1ae0 --- /dev/null +++ b/usr/share/keepalive/inc/localize_git.sh @@ -0,0 +1,2 @@ +#!/bin/sh +\cp -pRf /home/work/keepalive.clean/.git /home/bgstack15/rpmbuild/SOURCES/keepalive-1.0-7/ diff --git a/usr/share/keepalive/inc/pack b/usr/share/keepalive/inc/pack new file mode 100755 index 0000000..448a98c --- /dev/null +++ b/usr/share/keepalive/inc/pack @@ -0,0 +1,118 @@ +#!/bin/bash + +# DETERMINE LOCATION OF FRAMEWORK +while read flocation; do if test -x ${flocation} && test "$( ${flocation} --fcheck )" -ge 20170111; then frameworkscript="${flocation}"; break; fi; done <&2 && exit 4 + +. ${frameworkscript} || echo "$0: framework did not run properly. Continuing..." 1>&2 + +type=""; + +case "${thisflavor}" in + redhat|rhel|centos|fedora|korora) type=rpm;; + debian|ubuntu) type=dpkg;; + *) type=targz;; +esac + +echo " $@ " | grep -qiE -- "help|usage|\s-h\s|\s-\?" 1>/dev/null 2>&1 && { + # display help and exit + less -F </dev/null 2>&1 && type=rpm +echo " $@ " | grep -qiE -- "debian|ubuntu|deb\s|dpkg" 1>/dev/null 2>&1 && type=dpkg +echo " $@ " | grep -qiE -- "tar|tgz|gz" 1>/dev/null 2>&1 && type=targz +echo " $@ " | grep -qiE -- "scrub" 1>/dev/null 2>&1 && type=scrub + +# Display information +echo "packaging ${package}-${version} as ${type}" +echo " $@ " | grep -qiE -- "debug|\s-d[ 0-9]{0,3}\s" 1>/dev/null 2>&1 && exit 0 + +case "${type}" in + rpm) + +########## PACKAGING for rhel/centos +# if you copy-paste this, be sure to define package, version, shortversion +rpmbuilddir=~/rpmbuild/ +packagespecfile="${package}-${version}/usr/share/${package}/docs/${package}.spec" +sed -n -e '1,/^\%files$/p;' "${rpmbuilddir}/SOURCES/${packagespecfile}" > "${rpmbuilddir}/SOURCES/${packagespecfile}.$$.swp" # removes files and changelog +cd "${rpmbuilddir}/SOURCES/${package}-${version}" +"${rpmbuilddir}/SOURCES/${package}-${version}/usr/share/${package}/inc/get-files" rpm >> "${rpmbuilddir}/SOURCES/${packagespecfile}.$$.swp" +{ printf '\n'; sed -n -e '/^\%changelog/,$p' "${rpmbuilddir}/SOURCES/${packagespecfile}"; } >> "${rpmbuilddir}/SOURCES/${packagespecfile}.$$.swp" +mv -f "${rpmbuilddir}/SOURCES/${packagespecfile}.$$.swp" "${rpmbuilddir}/SOURCES/${packagespecfile}" +rm -rf "${rpmbuilddir}/SOURCES/${package}-${shortversion}"; cp -prf "${rpmbuilddir}/SOURCES/${package}-${version}" "${rpmbuilddir}/SOURCES/${package}-${shortversion}" +rm -rf "${rpmbuilddir}/SOURCES/${package}-${shortversion}/DEBIAN" +cd "${rpmbuilddir}/SOURCES" +rm -rf "${package}.tgz"; tar -zc --exclude='.git' --exclude='README.md' -f "${package}.tgz" "${package}-${shortversion}" +cp -p "${rpmbuilddir}/SOURCES/${packagespecfile}" "${rpmbuilddir}/SPECS" +mkdir -p "${rpmbuilddir}/RPMS/noarch"; cd "${rpmbuilddir}/RPMS/noarch" +rpmbuild -bb "${rpmbuilddir}/SPECS/${package}.spec" +rm -rf "${rpmbuilddir}/SOURCES/${package}-${shortversion}/" "${rpmbuilddir}/SOURCES/${package}.tgz" + + ;; + dpkg) + +########## PACKAGING for ubuntu +# You need package dpkg-dev to build packages. +# if you copy-paste this, be sure to define package, version +debdir=~/deb +debiandirmain="${package}-${version}/usr/share/${package}/docs/debian-${package}" +cd "${debdir}/${package}-${version}/usr/bin" +for word in beep bup fl lecho newscript plecho rdp send treesize; do ln -sf ../share/bgscripts/${word}.sh ${word}; done +for word in dli updateval; do ln -sf ../share/bgscripts/${word}.py ${word}; done +ln -sf ../share/bgscripts/bgscripts.bashrc bp +cd "${debdir}/${package}-${version}" +"${debdir}/${package}-${version}/usr/share/${package}/inc/get-files" deb | xargs md5sum > "${debdir}/${debiandirmain}/md5sums" +cd ~/deb +mv "${debdir}/${package}-${version}/.git" "${debdir}/.git$$" + +# main +rm -rf "${debdir}/${package}-${version}/DEBIAN/" 2>/dev/null; mkdir -p "${debdir}/${package}-${version}/DEBIAN/" +cp -pf "${debdir}/${debiandirmain}"/* "${debdir}/${package}-${version}/DEBIAN/" +fakeroot dpkg-deb -b "${debdir}/${package}-${version}" + +mv "${debdir}/.git$$" "${debdir}/${package}-${version}/.git" + + ;; + targz) + +########## PACKAGING in a master.tgz +# if you copy-paste this, be sure to define package, version +cd ~/deb 2>/dev/null || cd ~/rpmbuild/SOURCES +rm -rf ./"${package}-${version}".master.tgz +tar -zcf "${package}-${version}".master.tgz "${package}-${version}"/ + + ;; + scrub) + +########## SCRUB for publication +# if you copy-paste this, be sure to define package, version +cd ~/deb 2>/dev/null || cd ~/rpmbuild/SOURCES +cd "$( find . -name "*scrub.txt" | grep -iE "${package}-${version}\/" | xargs dirname )" +/usr/share/bgscripts/scrub.py + + ;; + unknown) + echo "error: check $0 for errors on type ${type}." 1>&2 + ;; +esac diff --git a/usr/share/keepalive/inc/scrub.txt b/usr/share/keepalive/inc/scrub.txt new file mode 100644 index 0000000..534bdf8 --- /dev/null +++ b/usr/share/keepalive/inc/scrub.txt @@ -0,0 +1,22 @@ +# for scrubpyversion 2016-11-16a or newer +source /home/bgstack15/rpmbuild/SOURCES/keepalive-1.0-7 +target /home/work/keepalive.clean +ignore "tgz png gif jpg pyc pyo git swp ico" +# rest of the lines are "OLD WORD" "NEW WORD" +BGSTACK15 BGSTACK15 +Bgstack15 Bgstack15 +bgstack15 bgstack15 +Bname Bname +bname bname +Stack15 Stack15 +stack15 stack15 +EXAMPLE EXAMPLE +example example +".com" ".com" +"203.0." "203.0." +one one +Alice Alice +User1 User1 +SMITH123 SMITH123 +Smith123 Smith123 +smith123 smith123 diff --git a/usr/share/keepalive/keepalive b/usr/share/keepalive/keepalive new file mode 100755 index 0000000..0191691 --- /dev/null +++ b/usr/share/keepalive/keepalive @@ -0,0 +1,252 @@ +#!/usr/bin/python3 -u +# File: /etc/keepalive/bin/keepalive +# Author: bgstack15@gmail.com +# Startdate: 2016-07-20 +# Title: Keepalive Script in Python +# Purpose: To perform keepalive functionality in python. This is mostly a learning exercise in python. +# History: 2016-07-21 Basic, hard-coded functionality working +# 2017-01-26 moved main package contents to /usr/share/keepalive to be FHS 3.0-compliant +# Usage: +# Reference: +# keepalive-1.0-4 /etc/keepalive/bin/keepalive (shell script) +# http://stackoverflow.com/questions/5574702/how-to-print-to-stderr-in-python#14981125 +# signals: /usr/include/x86_64-linux-gnu/bits/signum.h +# https://docs.python.org/3/library/atexit.html +# http://www.tutorialspoint.com/python/python_command_line_arguments.htm +# https://docs.python.org/2/library/argparse.html#module-argparse +# http://stackoverflow.com/questions/15848674/how-to-configparse-a-file-keeping-multiple-values-for-identical-keys +# python3 -u from http://stackoverflow.com/questions/13069634/python-daemon-and-systemd-service#30189540 +# Improve: +# x Add config parsing +# x Add argument parsing +# Do internal web calls instead of using curl (optional) +# Add debug info + +#from __future__ import print_function +import sys, os, socket, subprocess, re, time, platform +#import requests, requests_kerberos +import signal, atexit +import argparse, configparser +from collections import OrderedDict + +keepaliveversion="2017-01-26a" + +class MultiOrderedDict(OrderedDict): + def __setitem__(self, key, value): + if isinstance(value, list) and key in self: + self[key].extend(value) + else: + super(OrderedDict, self).__setitem__(key, value) + #Reference: http://stackoverflow.com/questions/15848674/how-to-configparse-a-file-keeping-multiple-values-for-identical-keys + +def usage(): + # now with argparse, this usage command is never used. It will be removed in a future version. + usage_string=""" +usage: keepalive [-duV] [-k ] [-r ] [-i ] +version """+keepaliveversion+""" + -d debug Show debugging info, including parsed variables. + -u usage Show this usage block. + -V version Show script version number. + -k keytab Overrides default keytab value. Default is """+keytab+""" + -i infile Overrides default infile value. Default is """+infile1+""" + -r refresh Overrides default wait time between checks. Default is """+str(refresh)+""" +usage: keepalive out + Will log out of the proxy and exit +Return values: +0 Normal +1 Help or version info displayed +2 Could not start: could be already running, bad lockfile, bad keytab +3 Incorrect OS type +4 Unable to find dependency +5 Not run as root or sudo +""" + print(usage_string,file=sys.stderr) + +# DEFINE FUNCTIONS + +def klog(*s, **kwargs): + print(*s, file=sys.stderr, **kwargs) + # Ref: http://stackoverflow.com/questions/5574702/how-to-print-to-stderr-in-python#14981125 + +def proxylogout(*logoutproxies): + try: + for word in logoutproxies: + subprocess.call(["/usr/bin/curl","-s","-o","/dev/null",word],stdout=subprocess.DEVNULL,stderr=subprocess.DEVNULL) + except BaseException as e: + # no proxies, so use default + subprocess.call(["/usr/bin/curl","-s","-o","/dev/null","http://proxylogout.example.com"],stdout=subprocess.DEVNULL,stderr=subprocess.DEVNULL) + +# DEFINE TRAPS + +def clean_keepalive(*reason): + thisreason="" + try: + thisreason=reason[0] + except BaseException as e: + thisreason="manual" + + if thisreason == "normal": + klog("exiting at end of procedural run. This should not happen in production.") + elif thisreason == "clean": + # be silent because only doing the systemd unit ExecStopPost cleanup + pass + else: + klog("stopped by user") + + try: + os.remove(lockfile) + except BaseException as e: + pass + +def CTRLC(signum=signal.SIGQUIT, frame=""): + print("This is CTRLC function") + sys.exit(1) + +def CTRLZ(signum=signal.SIGQUIT, frame=""): + print("This is CTRLZ") + sys.exit(2) + +# INITIALIZE VARIABLES +servercaps=socket.gethostname().upper().split('.',1)[0] +thisflavor=platform.dist()[0].lower() +thisversion=platform.dist()[1] +infile1="/etc/keepalive/keepalive.conf" + +# DEFAULT VARIABLES that can be adjusted by keepalive.conf +lockfile="/tmp/.keepalive.py.lock" +keytab="/etc/krb5.keytab" +refresh=4 +proxies=[] +proxies.append("https://proxy1.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8=") +proxies.append("https://proxy2.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8=") +logoutproxies=[] +logoutproxies.append("http://proxylogout.example.com") + +# PARSE ARGUMENTS +# Reference: https://docs.python.org/2/library/argparse.html#module-argparse +parser = argparse.ArgumentParser(description="keep this host logged into the proxy") +parser.add_argument("-d","--debug",help="enables debugging",action="store_true") +parser.add_argument("-V","--version",help="",action="store_true") +parser.add_argument("-k","--keytab",help="Overrides default keytab value",default="") +parser.add_argument("-i","--infile","--inputfile",help="use a specific conf file",default="") +parser.add_argument("-r","--refresh",type=int,help="Overrides default wait time",default=0) +parser.add_argument("--out",action="store_true") +parser.add_argument("--clean",action="store_true",help="") +args = parser.parse_args() +debug=0 +logoutonly=False +cleanonly=False +if args.debug: debug=1 +if args.version: + print("keepalive version",keepaliveversion) + sys.exit(0) +if len(args.keytab) > 0: keytab=args.keytab +if args.refresh > 0: refresh=args.refresh +if len(args.infile) > 0: infile1=args.infile +if args.out: logoutonly=True +if args.clean: cleanonly=True + +# REACT TO OPERATING SYSTEM FLAVOR +# this is different from the older shell keepalive, which relied on SYSTEM TYPE +if thisflavor == "ubuntu" or thisflavor == "debian": + pass +elif thisflavor == "centos" or thisflavor == "redhat": + pass +else: + print("keepalive: 3. Unknown flavor:",thisflavor + ".","Aborted.",file=sys.stderr) + sys.exit(3) + +# REACT TO ROOT STATUS +if os.geteuid() != 0: + print("keepalive: 5. Please run as root or sudo. Aborted.",file=sys.stderr) + sys.exit(5) + +# IF LOGOUT ONLY +if logoutonly: + proxylogout(logoutproxies) + sys.exit(0) + +# IF CLEAN ONLY +if cleanonly: + clean_keepalive("clean") + sys.exit(0) + +# READ CONFIG FILE stub +if not os.path.isfile(infile1): + klog("4. Cannot find conf",infile1 + ".","Using defaults.") +else: + # read config file here + config=configparser.RawConfigParser(dict_type=MultiOrderedDict,strict=False) + #config['keepalive']={'lockfile': '/tmp/.keepalive.py.lock', + # 'keytab': '/etc/krb5.keytab', + # 'refresh': '240', + # 'proxy': 'https://proxy1.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8=', + # 'proxy': 'https://proxy2.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8='} + config.read(infile1) + # use the options from the config file + if len(config['keepalive']['lockfile'][0]) > 0: lockfile=config['keepalive']['lockfile'][0] + if len(config['keepalive']['keytab']) > 0: keytab=config['keepalive']['keytab'][0] + if len(config['keepalive']['refresh']) > 0: refresh=int(config['keepalive']['refresh'][0]) + if len(config['keepalive']['proxy']) > 0: + proxies.clear() + else: + #no proxies configured! I guess we will leave the defaults in place then + pass + for word in config['keepalive']['proxy']: proxies.append(word) + if len(config['keepalive']['logoutproxy']) > 0: + logoutproxies.clear() + else: + # no logoutproxies configured! Leave the defaults in place + pass + for word in config['keepalive']['logoutproxy']: logoutproxies.append(word) + +# CREATE LOCKFILE ONLY IF IT DOES NOT EXIST +if os.path.isfile(lockfile) == False: + lockf=open(lockfile,'w') + lockf.write(str(os.getpid())) + lockf.close() +else: + klog("2. Could not create lockfile",lockfile + ".","Aborted.") + sys.exit(2) + +# EXIT IF KEYTABFILE IS INVALID +if not os.path.isfile(lockfile): + klog("2. Could not find keytab",keytab + ".","Aborted.") + sys.exit(2) + +atexit.register(clean_keepalive) + +# works but not needed +#signal.signal(signal.SIGINT, CTRLC) +#signal.signal(signal.SIGCONT, CTRLZ) +# Consider this research. Consider using 19 "SIGSTOP" which occurs at start of the interrupt-and-stop-job I think + +# MAIN LOOP +a=False +while a==False: + proxylogout(logoutproxies) + + # Ensure kerberos ticket exists + try: + b=str(subprocess.check_output("klist",stderr=subprocess.DEVNULL)) + except BaseException as e: + b="" + + p = re.compile('.*principal: '+servercaps) + if p.match(b): + klog("valid ticket found") + else: + subprocess.call("kdestroy") + klog("requesting new ticket") + subprocess.call(["kinit","-kt",keytab,servercaps+"$"]) + + # So with valid kerberos ticket, perform actions against all proxies + for proxy in proxies: + subprocess.call(["/usr/bin/curl","-s","-o","/dev/null","--negotiate","-u:ignoreMe","-b","~/ProxyCookies.txt","-c","~/ProxyCookies.txt",proxy]) + #print(proxy) + + time.sleep(refresh) +# END MAIN LOOP + +atexit.unregister(clean_keepalive) +clean_keepalive("normal") diff --git a/usr/share/keepalive/keepalive.sh b/usr/share/keepalive/keepalive.sh new file mode 100644 index 0000000..d0a7714 --- /dev/null +++ b/usr/share/keepalive/keepalive.sh @@ -0,0 +1,261 @@ +#!/bin/bash +# Filename: keepalive +# Location: LINUX one:/mnt/scripts/keepalive/bin +# Author: bgstack15@gmail.com +# Startdate: 2015-11-10 09:15:57 +# Title: Keepalive Script +# Purpose: +# History: 2015-11-10 +# 2015-11-12 uses local directory for default infile +# 2016-06-02 Updated for bgscripts 1.1-6, so keepalive 1.0-3 +# 2016-07-22 This keepalive.sh is the keepalive-1.0-4 version before the project switched to python. This is included for historical reference only. +# Usage: +# Reference: ftemplate.sh 2015-11-06a; framework.sh 2015-07-10a +# Proxy Keepalive for Linux Bash (Alice User1 2014-07-31) +# Improve: +fiversion="2015-11-30a" +keepaliveversion="2016-06-02a" + +usage() { + less -F >&2 <] [-r ] [-i ] +version ${keepaliveversion} + -d debug Show debugging info, including parsed variables. + -u usage Show this usage block. + -V version Show script version number. + -k keytab Overrides default keytab value. Default is ${keytab} + -i infile Overrides default infile value. Default is ${infile1} + -r refresh Overrides default wait time between checks. Default is ${refresh} +usage: keepalive out + Will log out of the proxy and exit +Return values: +0 Normal +1 Help or version info displayed +2 Could not start: could be already running, bad lockfile, bad keytab +3 Incorrect OS type +4 Unable to find dependency +5 Not run as root or sudo +ENDUSAGE +} + +# DEFINE FUNCTIONS +function klog { + # abstracted out so I can either do a file or do syslog in the future easily + ferror "$@" + #echo "" | flecho "$@" 1>&2 + #date "+[%Y-%m-%d %T] keepalive: $@" >&2 + #logger "keepalive: $@" +} + +function proxylogout { + # Logout the previously authenticated user + /usr/bin/curl -s -o /dev/null http://proxylogout.example.com >/dev/null 2>&1 +} + +# DEFINE TRAPS + +function clean_keepalive { + klog "stopping" + rm -f ${lockfile} >/dev/null 2>&1 + [ ] #use at end of entire script if you need to clean up tmpfiles +} + +function CTRLC { + #trap "CTRLC" 2 + [ ] #useful for controlling the ctrl+c keystroke +} + +function CTRLZ { + #trap "CTRLZ" 18 + [ ] #useful for controlling the ctrl+z keystroke +} + +function parseFlag { + flag=$1 + hasval=0 + case $flag in + # INSERT FLAGS HERE + "d" | "debug" | "DEBUG") debug=1;; + "u" | "usage" | "help") usage; exit 1;; + "V" | "fcheck" | "version") ferror "${scriptfile} version ${keepaliveversion}"; exit 1;; + "k" | "keytab" | "kfile" | "ktfile") getval; keytab=${tempval};; + "r" | "refresh" | "refreshtime") getval; refresh=${tempval};; + "i" | "infile" | "inputfile") getval; infile1=${tempval};; + esac + + [[ debug -eq 1 ]] && { [[ hasval -eq 1 ]] && ferror "flag: $flag = $tempval" || ferror "flag: $flag"; } +} + +# DETERMINE LOCATION OF FRAMEWORK +while read flocation; do if [[ -x $flocation ]] && [[ $( $flocation --fcheck ) -ge 20160525 ]]; then frameworkscript=$flocation; break; fi; done <&2 && exit 4 + +# REACT TO OPERATING SYSTEM TYPE +case $( uname -s ) in + AIX) echo "$scriptfile: 3. Linux-only script." 1>&2 && exit 3;; + Linux) [ ];; + *) echo "$scriptfile: 3. Indeterminate OS: $( uname -s )" 1>&2 && exit 3;; +esac + +# INITIALIZE VARIABLES +# variables set in framework: +# today server thistty scriptdir scriptfile scripttrim +# is_cronjob stdin_piped stdout_piped stderr_piped sendsh sendopts +. ${frameworkscript} || echo "$0: framework did not run properly. Continuing..." 1>&2 +infile1=/etc/keepalive/keepalive.conf # can be adjusted on the cli +outfile1= +logfile=${scriptdir}/${scripttrim}.${today}.out +interestedparties="bgstack15@example.com" +servercaps=$( echo "${server}" | tr 'a-z' 'A-Z' ) + +# DEFAULT VARIABLES THAT CAN BE ADJUSTED BY keepalive.conf +lockfile="/tmp/.keepalive.lock" +keytab=/etc/krb5.keytab +refresh=4 +proxy1=https://proxy1.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8= +proxy2=https://proxy2.example.com:4433/?cfru=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8= + +# REACT TO ROOT STATUS +case $is_root in + 1) # proper root + [ ] ;; + sudo) # sudo to root + [ ] ;; + "") # not root at all + ferror "${scriptfile}: 5. Please run as root or sudo. Aborted." + exit 5 + ;; +esac + +# SET CUSTOM SCRIPT AND VALUES +#setval 1 sendsh sendopts</dev/null | grep -qiE "principal.*${servercaps}" ); + then + # valid + klog "valid ticket found" + else + # invalid + # make a new kerberos ticket + kdestroy + klog "requesting new ticket" + kinit -kt "${keytab}" "${servercaps}\$" + fi + + # So with a valid kerberos ticket, perform actions against both proxies + # I was unable to get the WHICHPROXY functionality working + /usr/bin/curl -s -o /dev/null --negotiate -u:ignoreMe -b ~/ProxyCookies.txt -c ~/ProxyCookies.txt $proxy1 2>&1 + /usr/bin/curl -s -o /dev/null --negotiate -u:ignoreMe -b ~/ProxyCookies.txt -c ~/ProxyCookies.txt $proxy2 2>&1 + + sleep $refresh +done + +# EMAIL LOGFILE +#$sendsh $sendopts "$server $scriptfile out" $logfile $interestedparties + +# FINAL CLEANUP +trap '' 0 # reset trap to undefined +clean_keepalive end # so I can call it manually -- cgit