Rev 2583 | Rev 2620 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 2601 | tom.houday | 1 | #!/bin/bash |
| 825 | franck | 2 | # $Id: alcasar-daemon.sh 2601 2018-08-19 23:58:27Z tom.houdayer $ |
| 807 | franck | 3 | |
| 824 | franck | 4 | # alcasar-daemon.sh |
| 1474 | richard | 5 | # by Franck BOUIJOUX & Rexy |
| 807 | franck | 6 | # This script is distributed under the Gnu General Public License (GPL) |
| 7 | # Watchdog of Services |
||
| 8 | # See /etc/cron.d/alcasar-daemon-watchdog for config the time |
||
| 9 | |||
| 824 | franck | 10 | conf_file="/usr/local/etc/alcasar.conf" |
| 2474 | tom.houday | 11 | SSH=`grep ^SSH= $conf_file|cut -d"=" -f2` # sshd active (on/off) |
| 824 | franck | 12 | SSH=${SSH:=off} |
| 2572 | rexy | 13 | LDAP=`grep ^LDAP= $conf_file|cut -d"=" -f2` # ldap active (on/off) |
| 2574 | rexy | 14 | LDAP=${LDAP:=off} |
| 2583 | rexy | 15 | INTIF=`grep ^INTIF= $conf_file|cut -d"=" -f2` # INTIF name |
| 16 | EXTIF=`grep ^EXTIF= $conf_file|cut -d"=" -f2` # EXTIF name |
||
| 2601 | tom.houday | 17 | SERVICES="mysqld lighttpd php-fpm ntpd havp dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd tinyproxy nfsen e2guardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd" |
| 1596 | richard | 18 | nb_available_srv=`echo $SERVICES|wc -w` |
| 807 | franck | 19 | |
| 824 | franck | 20 | function ServiceTest () { |
| 2601 | tom.houday | 21 | service=$1 |
| 22 | if [ $(/usr/bin/systemctl is-active $service) != "active" ]; then |
||
| 23 | logger -t alcasar-daemon -i "$service is inactive. Activation attempt" |
||
| 24 | echo "the $service service is disabled! trying to start it..." |
||
| 25 | /usr/bin/systemctl start $service.service |
||
| 1596 | richard | 26 | else |
| 27 | nb_srv=$((nb_srv+1)) |
||
| 28 | fi |
||
| 824 | franck | 29 | } |
| 807 | franck | 30 | |
| 2583 | rexy | 31 | for NIC in $EXTIF $INTIF |
| 32 | do |
||
| 33 | if [ `/usr/sbin/ip a show $NIC|grep DOWN|wc -l` -eq "1" ] |
||
| 34 | then |
||
| 35 | echo "The network interface card '$NIC' is down! Try to enable it" |
||
| 36 | /usr/sbin/ifup $NIC |
||
| 37 | fi |
||
| 38 | done |
||
| 39 | |||
| 1596 | richard | 40 | nb_srv=0 |
| 2601 | tom.houday | 41 | for service in $SERVICES; do |
| 42 | if [ $service == 'sshd' ]; then |
||
| 43 | if [ $SSH != "ON" ] && [ $SSH != "on" ] && [ $SSH != "On" ]; then |
||
| 2520 | rexy | 44 | nb_available_srv=$((nb_available_srv-1)) |
| 2601 | tom.houday | 45 | continue |
| 1596 | richard | 46 | fi |
| 2601 | tom.houday | 47 | elif [ $service == 'gammu-smsd' ]; then |
| 48 | if [ $(grep '^SMS=' $conf_file | cut -d'=' -f2-) != 'on' ]; then |
||
| 49 | nb_available_srv=$((nb_available_srv-1)) |
||
| 50 | continue |
||
| 51 | fi |
||
| 807 | franck | 52 | fi |
| 2601 | tom.houday | 53 | |
| 54 | ServiceTest $service |
||
| 807 | franck | 55 | done |
| 2537 | tom.houday | 56 | |
| 1596 | richard | 57 | if [ $nb_available_srv -ne $nb_srv ] |
| 2520 | rexy | 58 | then |
| 59 | echo "Restart this script to know if all is ok" |
||
| 1596 | richard | 60 | else |
| 2520 | rexy | 61 | echo "$nb_srv services needed by ALCASAR are started." |
| 1596 | richard | 62 | fi |
| 2520 | rexy | 63 | |
| 64 | if [ `lsmod|grep ipt_NETFLOW|wc -l` == 0 ] |
||
| 65 | then |
||
| 2537 | tom.houday | 66 | logger -t alcasar-daemon -i "ipt_netflow is inactive." |
| 2520 | rexy | 67 | echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)" |
| 68 | else |
||
| 69 | echo "The Log system is active" |
||
| 70 | fi |
||
| 2572 | rexy | 71 | if [ ! -e /etc/raddb/mods-enabled/ldap ] |
| 72 | then |
||
| 73 | if [ $LDAP == "ON" ] || [ $LDAP == "on" ] || [ $LDAP == "On" ] |
||
| 74 | then |
||
| 75 | echo "Enable LDAP..." |
||
| 76 | /usr/local/bin/alcasar-ldap.sh -on |
||
| 77 | fi |
||
| 78 | fi |
||
| 2583 | rexy | 79 |