aboutsummaryrefslogtreecommitdiff
path: root/utils
diff options
context:
space:
mode:
Diffstat (limited to 'utils')
-rw-r--r--utils/echo54
-rw-r--r--utils/identify55
-rw-r--r--utils/syscheck48
3 files changed, 157 insertions, 0 deletions
diff --git a/utils/echo b/utils/echo
new file mode 100644
index 0000000..c936f63
--- /dev/null
+++ b/utils/echo
@@ -0,0 +1,54 @@
+# vim:ft=sh:noexpandtab
+# Various echo functions
+
+ECHO_VERBOSE=0
+
+echo_info() {
+ set +x
+ [ $ECHO_VERBOSE -ge 0 ] || return
+ echo -e "\e[1;34m$@\e[0m" >&2
+ [ $ECHO_VERBOSE -lt 3 ] || set -x
+}
+
+echo_warn() {
+ set +x
+ [ $ECHO_VERBOSE -ge -1 ] || return
+ echo -e "\e[1;33m$@\e[0m" >&2
+ [ $ECHO_VERBOSE -lt 3 ] || set -x
+}
+
+echo_error() {
+ set +x
+ [ $ECHO_VERBOSE -ge -2 ] || return
+ echo -e "\e[1;31m$@\e[0m" >&2
+ [ $ECHO_VERBOSE -lt 3 ] || set -x
+}
+
+echo_die() {
+ set +x
+ if [ $ECHO_VERBOSE -ge -2 ]; then
+ echo -e "\e[1;31m$@\e[0m" >&2
+ fi
+ [ $ECHO_VERBOSE -lt 3 ] || set -x
+ # Suicide
+ kill $$
+}
+
+echo_dbg() {
+ set +x
+ [ $ECHO_VERBOSE -ge 1 ] || return
+ echo -e "\e[1;90m$@\e[0m" >&2
+ [ $ECHO_VERBOSE -lt 3 ] || set -x
+}
+
+echo_trace() {
+ set +x
+ [ $ECHO_VERBOSE -ge 2 ] || return
+ echo -e "\e[1;90m$@\e[0m" >&2
+ [ $ECHO_VERBOSE -lt 3 ] || set -x
+}
+
+echo_verbose() {
+ ECHO_VERBOSE=$(expr $ECHO_VERBOSE $1 $2)
+ [ $ECHO_VERBOSE -ge 3 ] && set -x || set +x
+}
diff --git a/utils/identify b/utils/identify
new file mode 100644
index 0000000..2223d8f
--- /dev/null
+++ b/utils/identify
@@ -0,0 +1,55 @@
+# vim:ft=sh:noexpandtab
+# Identify and set some variables that can be used later by operations
+
+# Variables:
+# DC_OS - Operation system kernel name (uname -s)
+# DC_OS_VERSION - Version of kernel used (uname -r)
+# DC_ARCH - Machine architecture (uname -m)
+# DC_DISTRIBUTION - Distribution of operation system
+# DC_INIT - Init system used (service manager)
+# On Archlinux:
+# DC_PACAUR - This is set to "true" if pacaur is installed on archlinux
+
+DC_OS="$(uname -s)"
+DC_OS_VERSION="$(uname -r)"
+DC_ARCH="$(uname -m)"
+
+if [ "$DC_OS" = "Linux" ]; then
+ if [ -f /etc/arch-release ]; then
+ DC_DISTRIBUTION="arch"
+ elif [ -f /etc/turris-version ]; then
+ DC_DISTRIBUTION="turris"
+ elif [ -f /etc/os-release ]; then
+ # Use as DISTRIBUTION ID field
+ DC_DISTRIBUTION="$(sed -nE 's/^ID=(.*)/\1/p' /etc/os-release)"
+ else
+ DC_DISTRIBUTION="unknown"
+ fi
+ # Identify init (only systemd and openrc are supported on linux)
+ if pidof systemd >/dev/null; then
+ # Systemd is running on accessed machine
+ DC_INIT="systemd"
+ elif pidof procd >/dev/null; then
+ DC_INIT="procd"
+ elif rc-status -v 2>/dev/null >/dev/null; then
+ DC_INIT="openrc"
+ else
+ DC_INIT="unknown"
+ fi
+ echo_dbg "Detected Linux. Distribution $DC_DISTRIBUTION. With $DC_INIT init system."
+elif [ "$DC_OS" = "FreeBSD" ]; then
+ DC_DISTRIBUTION="FreeBSD" # This makes no sense on FreeBSD so set same as OS
+ DC_INIT="FreeBSD"
+ echo_dbg "Detected FreeBSD."
+else
+ echo_die "Unknown or unsupported kernel detected on accessed machine."
+fi
+
+# Archlinux
+DC_PACAUR=false
+if [ "$DC_DISTRIBUTION" = "arch" ]; then
+ if which pacaur >/dev/null; then
+ DC_PACAUR=true
+ echo_dbg "Accessed machine has pacaur"
+ fi
+fi
diff --git a/utils/syscheck b/utils/syscheck
new file mode 100644
index 0000000..a0c29a0
--- /dev/null
+++ b/utils/syscheck
@@ -0,0 +1,48 @@
+# vim:ft=sh:noexpandtab
+# System sanity checks
+
+# Check that we are root (this tool can be run only as root)
+# TODO uncomment
+# [ "$(id -u)" = "0" ] || echo_die "Distconfig have to be run as root."
+
+# We have sudo or su
+which sudo >/dev/null || which su >/dev/null || echo_die "There is no sudo or su command."
+
+# Check that we are not using csh or tcsh
+# Note: variable shell should be defined only on csh or tcsh (note lowercase)
+[ -z "$shell" ] || echo_die "Distconfig doesn't support csh nor tcsh."
+
+# Check that we have gpg
+which gpg >/dev/null || echo_die "There is no gpg command."
+
+# Check that trunk is signed using correct key
+# TODO
+
+# Check root owner (should be root)
+# TODO uncomment
+#[ "$(stat -c '%u')" = 0 ] || echo_die "Root directory of distconfig isn't owned by root! Investigate why!"
+
+# Check access right to root (only root should have access)
+# TODO uncomment
+#[ "$(stat -c '%a')" = "700" ] || echo_die "Root directory of distconfig has incorect access rights. 700 expected!"
+
+# Check that we have openssl
+which openssl >/dev/null || echo_die "There is no openssl command."
+
+# Check that we can decrypt using openssl and aes-192-cbc
+OPENSSL_TEST_PASSWORD="XduF2T_opDknbzN0EyJJCBFyS1i6yaBU5Beb6IZkFVHWZGWOIZCF1Cc0zrupjEaV"
+[ "$(openssl aes-192-cbc -d -a -k "$OPENSSL_TEST_PASSWORD" < files/openssl_test_file)" = "It works!" ] || \
+ echo_die "Test message couldn't been decrypted."
+
+# Check that we have key file
+[ -n "$KEY_FILE" ] || echo_die "No key specified. Please pass --key."
+
+# Check that given key works with our machinery
+# TODO
+
+# Check that we have internet connection
+DC_INTERNET=true
+if ! ping -c 5 -w 30 cynerd.cz >/dev/null; then
+ echo_warn "No internet connection detected. All operations requiring internet connection will be skipped"
+ DC_INTERNET=false
+fi