WebSVN – ALCASAR – Diff – /scripts/alcasar-daemon.sh


#!/bin/bash
# $Id: alcasar-daemon.sh 2878 2020-11-01 21:48:35Z rexy $
 
# alcasar-daemon.sh
# by Franck BOUIJOUX & Rexy
# This script is distributed under the Gnu General Public License (GPL)
# Watchdog of Services
# See /etc/cron.d/alcasar-daemon-watchdog for config the time
 
conf_file="/usr/local/etc/alcasar.conf"
SSH=`grep ^SSH= $conf_file|cut -d"=" -f2`				# sshd active (on/off)
SSH=${SSH:=off}
SMS=`grep ^SMS= $conf_file|cut -d"=" -f2`				# SMS active (on/off)
SMS=${SMS:=off}
LDAP=`grep ^LDAP= $conf_file|cut -d"=" -f2`				# ldap active (on/off)
LDAP=${LDAP:=off}
INTIF=`grep ^INTIF= $conf_file|cut -d"=" -f2`				# INTIF name
EXTIF=`grep ^EXTIF= $conf_file|cut -d"=" -f2`				# EXTIF name
SERVICES="mysqld lighttpd php-fpm ntpd unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd nfcapd e2guardian clamav-daemon clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd"
nb_available_srv=`echo $SERVICES|wc -w`
 
function ServiceTest () {
	service=$1
	if [ $(/usr/bin/systemctl is-active $service) != "active" ]; then
		logger -t alcasar-daemon -i "$service is inactive. Activation attempt"
		echo "the $service service is disabled! trying to start it..."
		if [ $service == 'gammu-smsd' ]; then
			/usr/local/bin/alcasar-sms.sh --start
 
 
		fi
		if [ $service == 'sshd' ]; then
			[ -s /etc/ssh/ssh_host_rsa_key ] || rm -f /etc/ssh/ssh_host_* # sometimes sshd doesn't initialise its keys
		fi	
		/usr/bin/systemctl start $service.service
	else
		nb_srv=$((nb_srv+1))
	fi
}
 
for NIC in $EXTIF $INTIF
do
	if [ `/usr/sbin/ip a show $NIC|grep DOWN|wc -l` -eq "1" ]
	then
		echo "The network interface card '$NIC' is down! Try to enable it"
		/usr/sbin/ifup $NIC
	fi
done
 
nb_srv=0
for service in $SERVICES; do
	if [ $service == 'sshd' ]; then
		if [ $SSH != "ON" ] && [ $SSH != "on" ] && [ $SSH != "On" ]; then
			nb_available_srv=$((nb_available_srv-1))
			continue
		fi
	elif [ $service == 'gammu-smsd' ]; then
		if [ $SMS != "ON" ] && [ $SMS != "on" ] && [ $SMS != "On" ]; then
			nb_available_srv=$((nb_available_srv-1))
			continue
		fi
	fi
	ServiceTest $service
done
 
if [ $nb_available_srv -ne $nb_srv ]
then
	echo "Restart this script to know if all is ok"
else
	echo "$nb_srv services needed by ALCASAR are started."
fi
 
if [ `cat /proc/modules|grep -c ^ipt_NETFLOW` == 0 ]
then
	logger -t alcasar-daemon -i "ipt_netflow is inactive."
	echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"
else
	echo "The Log system is active"
fi
if [ ! -e /etc/raddb/mods-enabled/ldap ]
then
	if [ $LDAP == "ON" ] || [ $LDAP == "on" ] || [ $LDAP == "On" ]
	then
		echo "Enabling LDAP..."
		/usr/local/bin/alcasar-ldap.sh -on
	fi
fi
 
 

Rev 2875	Rev 2878
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar-daemon.sh 2875 2020-11-01 10:50:57Z rexy $`	2	`# $Id: alcasar-daemon.sh 2878 2020-11-01 21:48:35Z rexy $`
3		3
4	`# alcasar-daemon.sh`	4	`# alcasar-daemon.sh`
5	`# by Franck BOUIJOUX & Rexy`	5	`# by Franck BOUIJOUX & Rexy`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7	`# Watchdog of Services`	7	`# Watchdog of Services`
8	`# See /etc/cron.d/alcasar-daemon-watchdog for config the time`	8	`# See /etc/cron.d/alcasar-daemon-watchdog for config the time`
9		9
10	`conf_file="/usr/local/etc/alcasar.conf"`	10	`conf_file="/usr/local/etc/alcasar.conf"`
11	SSH=`grep ^SSH= $conf_file\|cut -d"=" -f2` # sshd active (on/off)	11	SSH=`grep ^SSH= $conf_file\|cut -d"=" -f2` # sshd active (on/off)
12	`SSH=${SSH:=off}`	12	`SSH=${SSH:=off}`
13	SMS=`grep ^SMS= $conf_file\|cut -d"=" -f2` # SMS active (on/off)	13	SMS=`grep ^SMS= $conf_file\|cut -d"=" -f2` # SMS active (on/off)
14	`SMS=${SMS:=off}`	14	`SMS=${SMS:=off}`
15	LDAP=`grep ^LDAP= $conf_file\|cut -d"=" -f2` # ldap active (on/off)	15	LDAP=`grep ^LDAP= $conf_file\|cut -d"=" -f2` # ldap active (on/off)
16	`LDAP=${LDAP:=off}`	16	`LDAP=${LDAP:=off}`
17	INTIF=`grep ^INTIF= $conf_file\|cut -d"=" -f2` # INTIF name	17	INTIF=`grep ^INTIF= $conf_file\|cut -d"=" -f2` # INTIF name
18	EXTIF=`grep ^EXTIF= $conf_file\|cut -d"=" -f2` # EXTIF name	18	EXTIF=`grep ^EXTIF= $conf_file\|cut -d"=" -f2` # EXTIF name
19	`SERVICES="mysqld lighttpd php-fpm ntpd unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd nfcapd e2guardian clamav-daemon clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd"`	19	`SERVICES="mysqld lighttpd php-fpm ntpd unbound unbound-blacklist unbound-whitelist dnsmasq-whitelist unbound-blackhole radiusd nfcapd e2guardian clamav-daemon clamav-freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban sshd vnstat gammu-smsd"`
20	nb_available_srv=`echo $SERVICES\|wc -w`	20	nb_available_srv=`echo $SERVICES\|wc -w`
21		21
22	`function ServiceTest () {`	22	`function ServiceTest () {`
23	`service=$1`	23	`service=$1`
24	`if [ $(/usr/bin/systemctl is-active $service) != "active" ]; then`	24	`if [ $(/usr/bin/systemctl is-active $service) != "active" ]; then`
25	`logger -t alcasar-daemon -i "$service is inactive. Activation attempt"`	25	`logger -t alcasar-daemon -i "$service is inactive. Activation attempt"`
26	`echo "the $service service is disabled! trying to start it..."`	26	`echo "the $service service is disabled! trying to start it..."`
27	`if [ $service == 'gammu-smsd' ]; then`	27	`if [ $service == 'gammu-smsd' ]; then`
28	`/usr/local/bin/alcasar-sms.sh --start`	28	`/usr/local/bin/alcasar-sms.sh --start`
29	`else`	-
30	`/usr/bin/systemctl start $service.service`	-
31	`fi`	29	`fi`
-		30	`if [ $service == 'sshd' ]; then`
-		31	`[ -s /etc/ssh/ssh_host_rsa_key ] \|\| rm -f /etc/ssh/ssh_host_* # sometimes sshd doesn't initialise its keys`
-		32	`fi`
-		33	`/usr/bin/systemctl start $service.service`
32	`else`	34	`else`
33	`nb_srv=$((nb_srv+1))`	35	`nb_srv=$((nb_srv+1))`
34	`fi`	36	`fi`
35	`}`	37	`}`
36		38
37	`for NIC in $EXTIF $INTIF`	39	`for NIC in $EXTIF $INTIF`
38	`do`	40	`do`
39	if [ `/usr/sbin/ip a show $NIC\|grep DOWN\|wc -l` -eq "1" ]	41	if [ `/usr/sbin/ip a show $NIC\|grep DOWN\|wc -l` -eq "1" ]
40	`then`	42	`then`
41	`echo "The network interface card '$NIC' is down! Try to enable it"`	43	`echo "The network interface card '$NIC' is down! Try to enable it"`
42	`/usr/sbin/ifup $NIC`	44	`/usr/sbin/ifup $NIC`
43	`fi`	45	`fi`
44	`done`	46	`done`
45		47
46	`nb_srv=0`	48	`nb_srv=0`
47	`for service in $SERVICES; do`	49	`for service in $SERVICES; do`
48	`if [ $service == 'sshd' ]; then`	50	`if [ $service == 'sshd' ]; then`
49	`if [ $SSH != "ON" ] && [ $SSH != "on" ] && [ $SSH != "On" ]; then`	51	`if [ $SSH != "ON" ] && [ $SSH != "on" ] && [ $SSH != "On" ]; then`
50	`nb_available_srv=$((nb_available_srv-1))`	52	`nb_available_srv=$((nb_available_srv-1))`
51	`continue`	53	`continue`
52	`fi`	54	`fi`
53	`elif [ $service == 'gammu-smsd' ]; then`	55	`elif [ $service == 'gammu-smsd' ]; then`
54	`if [ $SMS != "ON" ] && [ $SMS != "on" ] && [ $SMS != "On" ]; then`	56	`if [ $SMS != "ON" ] && [ $SMS != "on" ] && [ $SMS != "On" ]; then`
55	`nb_available_srv=$((nb_available_srv-1))`	57	`nb_available_srv=$((nb_available_srv-1))`
56	`continue`	58	`continue`
57	`fi`	59	`fi`
58	`fi`	60	`fi`
59	`ServiceTest $service`	61	`ServiceTest $service`
60	`done`	62	`done`
61		63
62	`if [ $nb_available_srv -ne $nb_srv ]`	64	`if [ $nb_available_srv -ne $nb_srv ]`
63	`then`	65	`then`
64	`echo "Restart this script to know if all is ok"`	66	`echo "Restart this script to know if all is ok"`
65	`else`	67	`else`
66	`echo "$nb_srv services needed by ALCASAR are started."`	68	`echo "$nb_srv services needed by ALCASAR are started."`
67	`fi`	69	`fi`
68		70
69	if [ `cat /proc/modules\|grep -c ^ipt_NETFLOW` == 0 ]	71	if [ `cat /proc/modules\|grep -c ^ipt_NETFLOW` == 0 ]
70	`then`	72	`then`
71	`logger -t alcasar-daemon -i "ipt_netflow is inactive."`	73	`logger -t alcasar-daemon -i "ipt_netflow is inactive."`
72	`echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"`	74	`echo "The Log system is disabled! try to know why (modprobe ipt_NETFLOW)"`
73	`else`	75	`else`
74	`echo "The Log system is active"`	76	`echo "The Log system is active"`
75	`fi`	77	`fi`
76	`if [ ! -e /etc/raddb/mods-enabled/ldap ]`	78	`if [ ! -e /etc/raddb/mods-enabled/ldap ]`
77	`then`	79	`then`
78	`if [ $LDAP == "ON" ] \|\| [ $LDAP == "on" ] \|\| [ $LDAP == "On" ]`	80	`if [ $LDAP == "ON" ] \|\| [ $LDAP == "on" ] \|\| [ $LDAP == "On" ]`
79	`then`	81	`then`
80	`echo "Enabling LDAP..."`	82	`echo "Enabling LDAP..."`
81	`/usr/local/bin/alcasar-ldap.sh -on`	83	`/usr/local/bin/alcasar-ldap.sh -on`
82	`fi`	84	`fi`
83	`fi`	85	`fi`
84		86
85		87

Subversion Repositories ALCASAR

(root)/scripts/alcasar-daemon.sh @ 2864 – Rev 2875 → 2878