Subversion Repositories ALCASAR

Rev

Rev 2864 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2601 tom.houday 1
#!/bin/bash
825 franck 2
# $Id: alcasar-daemon.sh 2875 2020-11-01 10:50:57Z rexy $
807 franck 3
 
824 franck 4
# alcasar-daemon.sh
1474 richard 5
# by Franck BOUIJOUX & Rexy
807 franck 6
# This script is distributed under the Gnu General Public License (GPL)
7
# Watchdog of Services
8
# See /etc/cron.d/alcasar-daemon-watchdog for config the time
9
 
824 franck 10
conf_file="/usr/local/etc/alcasar.conf"
2474 tom.houday 11
SSH=`grep ^SSH= $conf_file|cut -d"=" -f2`                               # sshd active (on/off)
824 franck 12
SSH=${SSH:=off}
2620 rexy 13
SMS=`grep ^SMS= $conf_file|cut -d"=" -f2`                               # SMS active (on/off)
14
SMS=${SMS:=off}
2572 rexy 15
LDAP=`grep ^LDAP= $conf_file|cut -d"=" -f2`                             # ldap active (on/off)
2574 rexy 16
LDAP=${LDAP:=off}
2583 rexy 17
INTIF=`grep ^INTIF= $conf_file|cut -d"=" -f2`                           # INTIF name
18
EXTIF=`grep ^EXTIF= $conf_file|cut -d"=" -f2`                           # EXTIF name
2840 rexy 19
SERVICES="mysqld lighttpd php-fpm ntpd unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd nfcapd e2guardian clamav-daemon clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd"
1596 richard 20
nb_available_srv=`echo $SERVICES|wc -w`
807 franck 21
 
824 franck 22
function ServiceTest () {
2601 tom.houday 23
        service=$1
24
        if [ $(/usr/bin/systemctl is-active $service) != "active" ]; then
25
                logger -t alcasar-daemon -i "$service is inactive. Activation attempt"
26
                echo "the $service service is disabled! trying to start it..."
2875 rexy 27
                if [ $service == 'gammu-smsd' ]; then
28
                        /usr/local/bin/alcasar-sms.sh --start
29
                else
30
                        /usr/bin/systemctl start $service.service
31
                fi
1596 richard 32
        else
33
                nb_srv=$((nb_srv+1))
34
        fi
824 franck 35
}
807 franck 36
 
2583 rexy 37
for NIC in $EXTIF $INTIF
38
do
39
        if [ `/usr/sbin/ip a show $NIC|grep DOWN|wc -l` -eq "1" ]
40
        then
41
                echo "The network interface card '$NIC' is down! Try to enable it"
42
                /usr/sbin/ifup $NIC
43
        fi
44
done
45
 
1596 richard 46
nb_srv=0
2601 tom.houday 47
for service in $SERVICES; do
48
        if [ $service == 'sshd' ]; then
49
                if [ $SSH != "ON" ] && [ $SSH != "on" ] && [ $SSH != "On" ]; then
2520 rexy 50
                        nb_available_srv=$((nb_available_srv-1))
2601 tom.houday 51
                        continue
1596 richard 52
                fi
2601 tom.houday 53
        elif [ $service == 'gammu-smsd' ]; then
2620 rexy 54
                if [ $SMS != "ON" ] && [ $SMS != "on" ] && [ $SMS != "On" ]; then
2601 tom.houday 55
                        nb_available_srv=$((nb_available_srv-1))
56
                        continue
57
                fi
807 franck 58
        fi
2601 tom.houday 59
        ServiceTest $service
807 franck 60
done
2537 tom.houday 61
 
1596 richard 62
if [ $nb_available_srv -ne $nb_srv ]
2520 rexy 63
then
64
        echo "Restart this script to know if all is ok"
1596 richard 65
else
2520 rexy 66
        echo "$nb_srv services needed by ALCASAR are started."
1596 richard 67
fi
2520 rexy 68
 
2864 rexy 69
if [ `cat /proc/modules|grep -c ^ipt_NETFLOW` == 0 ]
2520 rexy 70
then
2537 tom.houday 71
        logger -t alcasar-daemon -i "ipt_netflow is inactive."
2520 rexy 72
        echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"
73
else
74
        echo "The Log system is active"
75
fi
2572 rexy 76
if [ ! -e /etc/raddb/mods-enabled/ldap ]
77
then
78
        if [ $LDAP == "ON" ] || [ $LDAP == "on" ] || [ $LDAP == "On" ]
79
        then
2875 rexy 80
                echo "Enabling LDAP..."
81
                /usr/local/bin/alcasar-ldap.sh -on
2572 rexy 82
        fi
83
fi
2583 rexy 84