Subversion Repositories ALCASAR

Rev

Rev 2583 | Rev 2620 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2601 tom.houday 1
#!/bin/bash
825 franck 2
# $Id: alcasar-daemon.sh 2601 2018-08-19 23:58:27Z tom.houdayer $
807 franck 3
 
824 franck 4
# alcasar-daemon.sh
1474 richard 5
# by Franck BOUIJOUX & Rexy
807 franck 6
# This script is distributed under the Gnu General Public License (GPL)
7
# Watchdog of Services
8
# See /etc/cron.d/alcasar-daemon-watchdog for config the time
9
 
824 franck 10
conf_file="/usr/local/etc/alcasar.conf"
2474 tom.houday 11
SSH=`grep ^SSH= $conf_file|cut -d"=" -f2`				# sshd active (on/off)
824 franck 12
SSH=${SSH:=off}
2572 rexy 13
LDAP=`grep ^LDAP= $conf_file|cut -d"=" -f2`				# ldap active (on/off)
2574 rexy 14
LDAP=${LDAP:=off}
2583 rexy 15
INTIF=`grep ^INTIF= $conf_file|cut -d"=" -f2`				# INTIF name
16
EXTIF=`grep ^EXTIF= $conf_file|cut -d"=" -f2`				# EXTIF name
2601 tom.houday 17
SERVICES="mysqld lighttpd php-fpm ntpd havp dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd tinyproxy nfsen e2guardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd"
1596 richard 18
nb_available_srv=`echo $SERVICES|wc -w`
807 franck 19
 
824 franck 20
function ServiceTest () {
2601 tom.houday 21
	service=$1
22
	if [ $(/usr/bin/systemctl is-active $service) != "active" ]; then
23
		logger -t alcasar-daemon -i "$service is inactive. Activation attempt"
24
		echo "the $service service is disabled! trying to start it..."
25
		/usr/bin/systemctl start $service.service
1596 richard 26
	else
27
		nb_srv=$((nb_srv+1))
28
	fi
824 franck 29
}
807 franck 30
 
2583 rexy 31
for NIC in $EXTIF $INTIF
32
do
33
	if [ `/usr/sbin/ip a show $NIC|grep DOWN|wc -l` -eq "1" ]
34
	then
35
		echo "The network interface card '$NIC' is down! Try to enable it"
36
		/usr/sbin/ifup $NIC
37
	fi
38
done
39
 
1596 richard 40
nb_srv=0
2601 tom.houday 41
for service in $SERVICES; do
42
	if [ $service == 'sshd' ]; then
43
		if [ $SSH != "ON" ] && [ $SSH != "on" ] && [ $SSH != "On" ]; then
2520 rexy 44
			nb_available_srv=$((nb_available_srv-1))
2601 tom.houday 45
			continue
1596 richard 46
		fi
2601 tom.houday 47
	elif [ $service == 'gammu-smsd' ]; then
48
		if [ $(grep '^SMS=' $conf_file | cut -d'=' -f2-) != 'on' ]; then
49
			nb_available_srv=$((nb_available_srv-1))
50
			continue
51
		fi
807 franck 52
	fi
2601 tom.houday 53
 
54
	ServiceTest $service
807 franck 55
done
2537 tom.houday 56
 
1596 richard 57
if [ $nb_available_srv -ne $nb_srv ]
2520 rexy 58
then
59
	echo "Restart this script to know if all is ok"
1596 richard 60
else
2520 rexy 61
	echo "$nb_srv services needed by ALCASAR are started."
1596 richard 62
fi
2520 rexy 63
 
64
if [ `lsmod|grep ipt_NETFLOW|wc -l` == 0 ]
65
then
2537 tom.houday 66
	logger -t alcasar-daemon -i "ipt_netflow is inactive."
2520 rexy 67
	echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"
68
else
69
	echo "The Log system is active"
70
fi
2572 rexy 71
if [ ! -e /etc/raddb/mods-enabled/ldap ]
72
then
73
	if [ $LDAP == "ON" ] || [ $LDAP == "on" ] || [ $LDAP == "On" ]
74
	then
75
	echo "Enable LDAP..."
76
	/usr/local/bin/alcasar-ldap.sh -on
77
	fi
78
fi
2583 rexy 79