WebSVN – ALCASAR – Diff – /scripts/alcasar-daemon.sh


#!/bin/sh
# $Id: alcasar-daemon.sh 2583 2018-07-27 10:01:29Z rexy $
 
# alcasar-daemon.sh
# by Franck BOUIJOUX & Rexy
# This script is distributed under the Gnu General Public License (GPL)
# Watchdog of Services
# See /etc/cron.d/alcasar-daemon-watchdog for config the time
 
conf_file="/usr/local/etc/alcasar.conf"
SSH=`grep ^SSH= $conf_file|cut -d"=" -f2`				# sshd active (on/off)
SSH=${SSH:=off}
LDAP=`grep ^LDAP= $conf_file|cut -d"=" -f2`				# ldap active (on/off)
LDAP=${LDAP:=off}
INTIF=`grep ^INTIF= $conf_file|cut -d"=" -f2`				# INTIF name
EXTIF=`grep ^EXTIF= $conf_file|cut -d"=" -f2`				# EXTIF name
SERVICES="mysqld lighttpd php-fpm ntpd havp dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd tinyproxy nfsen e2guardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat"
nb_available_srv=`echo $SERVICES|wc -w`
 
function ServiceTest () {
	CMD=`/usr/bin/systemctl is-active $s`
	if [ $CMD != "active" ]
	then
		logger -t alcasar-daemon -i "$s is inactive. Activation attempt"
		echo "the $s service is disabled! trying to start it..."
		/usr/bin/systemctl start $s.service
	else
		nb_srv=$((nb_srv+1))
	fi
}
 
for NIC in $EXTIF $INTIF
do
	if [ `/usr/sbin/ip a show $NIC|grep DOWN|wc -l` -eq "1" ]
	then
		echo "The network interface card '$NIC' is down! Try to enable it"
		/usr/sbin/ifup $NIC
	fi
done
 
nb_srv=0
for s in $SERVICES
do
	if [ $s != "sshd" ]
	then
		ServiceTest
	else
		{
		if [ $SSH == "ON" ] || [ $SSH == "on" ] || [ $SSH == "On" ]
		then
			ServiceTest
		else
			nb_available_srv=$((nb_available_srv-1))
		fi
		}
	fi
done
 
if [ $nb_available_srv -ne $nb_srv ]
then
	echo "Restart this script to know if all is ok"
else
	echo "$nb_srv services needed by ALCASAR are started."
fi
 
if [ `lsmod|grep ipt_NETFLOW|wc -l` == 0 ]
then
	logger -t alcasar-daemon -i "ipt_netflow is inactive."
	echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"
else
	echo "The Log system is active"
fi
if [ ! -e /etc/raddb/mods-enabled/ldap ]
then
	if [ $LDAP == "ON" ] || [ $LDAP == "on" ] || [ $LDAP == "On" ]
	then
	echo "Enable LDAP..."
	/usr/local/bin/alcasar-ldap.sh -on
	fi
fi
 
 

Rev 2574	Rev 2583
1	`#!/bin/sh`	1	`#!/bin/sh`
2	`# $Id: alcasar-daemon.sh 2574 2018-07-20 21:27:51Z rexy $`	2	`# $Id: alcasar-daemon.sh 2583 2018-07-27 10:01:29Z rexy $`
3		3
4	`# alcasar-daemon.sh`	4	`# alcasar-daemon.sh`
5	`# by Franck BOUIJOUX & Rexy`	5	`# by Franck BOUIJOUX & Rexy`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7	`# Watchdog of Services`	7	`# Watchdog of Services`
8	`# See /etc/cron.d/alcasar-daemon-watchdog for config the time`	8	`# See /etc/cron.d/alcasar-daemon-watchdog for config the time`
9		9
10	`conf_file="/usr/local/etc/alcasar.conf"`	10	`conf_file="/usr/local/etc/alcasar.conf"`
11	SSH=`grep ^SSH= $conf_file\|cut -d"=" -f2` # sshd active (on/off)	11	SSH=`grep ^SSH= $conf_file\|cut -d"=" -f2` # sshd active (on/off)
12	`SSH=${SSH:=off}`	12	`SSH=${SSH:=off}`
13	LDAP=`grep ^LDAP= $conf_file\|cut -d"=" -f2` # ldap active (on/off)	13	LDAP=`grep ^LDAP= $conf_file\|cut -d"=" -f2` # ldap active (on/off)
14	`LDAP=${LDAP:=off}`	14	`LDAP=${LDAP:=off}`
-		15	INTIF=`grep ^INTIF= $conf_file\|cut -d"=" -f2` # INTIF name
-		16	EXTIF=`grep ^EXTIF= $conf_file\|cut -d"=" -f2` # EXTIF name
15	`SERVICES="mysqld lighttpd php-fpm ntpd havp dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd tinyproxy nfsen e2guardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat"`	17	`SERVICES="mysqld lighttpd php-fpm ntpd havp dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd tinyproxy nfsen e2guardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat"`
16	nb_available_srv=`echo $SERVICES\|wc -w`	18	nb_available_srv=`echo $SERVICES\|wc -w`
17		19
18	`function ServiceTest () {`	20	`function ServiceTest () {`
19	CMD=`/usr/bin/systemctl is-active $s`	21	CMD=`/usr/bin/systemctl is-active $s`
20	`if [ $CMD != "active" ]`	22	`if [ $CMD != "active" ]`
21	`then`	23	`then`
22	`logger -t alcasar-daemon -i "$s is inactive. Activation attempt"`	24	`logger -t alcasar-daemon -i "$s is inactive. Activation attempt"`
23	`echo "the $s service is disabled! trying to start it..."`	25	`echo "the $s service is disabled! trying to start it..."`
24	`/usr/bin/systemctl start $s.service`	26	`/usr/bin/systemctl start $s.service`
25	`else`	27	`else`
26	`nb_srv=$((nb_srv+1))`	28	`nb_srv=$((nb_srv+1))`
27	`fi`	29	`fi`
28	`}`	30	`}`
29		31
-		32	`for NIC in $EXTIF $INTIF`
-		33	`do`
-		34	if [ `/usr/sbin/ip a show $NIC\|grep DOWN\|wc -l` -eq "1" ]
-		35	`then`
-		36	`echo "The network interface card '$NIC' is down! Try to enable it"`
-		37	`/usr/sbin/ifup $NIC`
-		38	`fi`
-		39	`done`
-		40
30	`nb_srv=0`	41	`nb_srv=0`
31	`for s in $SERVICES`	42	`for s in $SERVICES`
32	`do`	43	`do`
33	`if [ $s != "sshd" ]`	44	`if [ $s != "sshd" ]`
34	`then`	45	`then`
35	`ServiceTest`	46	`ServiceTest`
36	`else`	47	`else`
37	`{`	48	`{`
38	`if [ $SSH == "ON" ] \|\| [ $SSH == "on" ] \|\| [ $SSH == "On" ]`	49	`if [ $SSH == "ON" ] \|\| [ $SSH == "on" ] \|\| [ $SSH == "On" ]`
39	`then`	50	`then`
40	`ServiceTest`	51	`ServiceTest`
41	`else`	52	`else`
42	`nb_available_srv=$((nb_available_srv-1))`	53	`nb_available_srv=$((nb_available_srv-1))`
43	`fi`	54	`fi`
44	`}`	55	`}`
45	`fi`	56	`fi`
46	`done`	57	`done`
47		58
48	`if [ $nb_available_srv -ne $nb_srv ]`	59	`if [ $nb_available_srv -ne $nb_srv ]`
49	`then`	60	`then`
50	`echo "Restart this script to know if all is ok"`	61	`echo "Restart this script to know if all is ok"`
51	`else`	62	`else`
52	`echo "$nb_srv services needed by ALCASAR are started."`	63	`echo "$nb_srv services needed by ALCASAR are started."`
53	`fi`	64	`fi`
54		65
55	if [ `lsmod\|grep ipt_NETFLOW\|wc -l` == 0 ]	66	if [ `lsmod\|grep ipt_NETFLOW\|wc -l` == 0 ]
56	`then`	67	`then`
57	`logger -t alcasar-daemon -i "ipt_netflow is inactive."`	68	`logger -t alcasar-daemon -i "ipt_netflow is inactive."`
58	`echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"`	69	`echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"`
59	`else`	70	`else`
60	`echo "The Log system is active"`	71	`echo "The Log system is active"`
61	`fi`	72	`fi`
62	`if [ ! -e /etc/raddb/mods-enabled/ldap ]`	73	`if [ ! -e /etc/raddb/mods-enabled/ldap ]`
63	`then`	74	`then`
64	`if [ $LDAP == "ON" ] \|\| [ $LDAP == "on" ] \|\| [ $LDAP == "On" ]`	75	`if [ $LDAP == "ON" ] \|\| [ $LDAP == "on" ] \|\| [ $LDAP == "On" ]`
65	`then`	76	`then`
66	`echo "Enable LDAP..."`	77	`echo "Enable LDAP..."`
67	`/usr/local/bin/alcasar-ldap.sh -on`	78	`/usr/local/bin/alcasar-ldap.sh -on`
68	`fi`	79	`fi`
69	`fi`	80	`fi`
-		81
70		82

Subversion Repositories ALCASAR

(root)/scripts/alcasar-daemon.sh @ 2764 – Rev 2574 → 2583