evolix/evobackup
22
0
Fork 1
Code Issues 28 Pull requests 5 Releases 21 Activity

rewrite log messages and format

Browse source
This commit is contained in:
Jérémy Lecour 2020-04-20 08:29:21 +02:00 committed by Jérémy Lecour
parent 35d257d9c7
commit 205e3774a9
17 changed files with 65 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
CHANGELOG.md
View file

@ -8,10 +8,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Added ### Added
* bkctld-inc and bkctld-rm log their progress (log level "info")
### Changed ### Changed
* rewrite log messages and format
### Deprecated ### Deprecated
### Removed ### Removed

5
lib/bkctld-firewall
View file

@ -18,6 +18,7 @@ iptables_input_accept() {
jail_name="${1}" jail_name="${1}"
port="${2}" port="${2}"
ip="${3}" ip="${3}"
debug "Accept \`${ip}:${port}' for jail \`${jail_name}'"
echo "/sbin/iptables -A INPUT -p tcp --sport 1024: --dport ${port} -s ${ip} -j ACCEPT #${jail_name}" echo "/sbin/iptables -A INPUT -p tcp --sport 1024: --dport ${port} -s ${ip} -j ACCEPT #${jail_name}"
} }
@ -34,7 +35,7 @@ if [ -n "${FIREWALL_RULES}" ]; then
# Restart the firewall # Restart the firewall
[ -f /etc/init.d/minifirewall ] && /etc/init.d/minifirewall restart >/dev/null [ -f /etc/init.d/minifirewall ] && /etc/init.d/minifirewall restart >/dev/null
fi fi
notice "${jail_name}: firewall rules have been updated." notice "Firewall updated for jail \`${jail_name}'"
else else
warning "${jail_name}: skipping firewall update, FIREWALL_RULES variable is empty." notice "Skip jail \`${jail_name}' : FIREWALL_RULES variable is empty."
fi fi

11
lib/bkctld-inc
View file

@ -54,8 +54,8 @@ for jail_name in ${jails_list}; do
if [ -n "${incs_policy_file}" ]; then if [ -n "${incs_policy_file}" ]; then
# If no incs directory is found, we don't create incs # If no incs directory is found, we don't create incs
if [ ! -d "${inc_path}" ]; then if [ ! -d "${inc_path}" ]; then
info "inc progress: jail ${jails_count} out of ${jails_total}" info "Progress: jail ${jails_count} out of ${jails_total}"
start=$(current_time) notice "Create inc \`${inc_name}' for jail \`${jail_name}' : start"
if is_btrfs "${jail_path}"; then if is_btrfs "${jail_path}"; then
create_inc_btrfs "${jail_name}" "${inc_name}" create_inc_btrfs "${jail_name}" "${inc_name}"
@ -63,12 +63,11 @@ for jail_name in ${jails_list}; do
create_inc_ext4 "${jail_name}" "${inc_name}" create_inc_ext4 "${jail_name}" "${inc_name}"
fi fi
end=$(current_time) notice "Create inc \`${inc_name}' for jail \`${jail_name}' : finish"
notice "${jail_name}: \`${inc_name}' has been created [${start}/${end}]"
else else
warning "${jail_name}: skipping \`${inc_name}', it already exists." warning "Skip inc \`${inc_name}' for jail \`${jail_name}' : it already exists."
fi fi
else else
notice "${jail_name}: skipping \`${inc_name}', incs policy not found." notice "Skip jail \`${jail_name}' : incs policy is missing"
fi fi
done done

4
lib/bkctld-init
View file

@ -13,7 +13,7 @@ if [ -z "${jail_name}" ]; then
fi fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
test -d "${jail_path}" && error "${jail_name}: jail already exists." test -d "${jail_path}" && error "Skip jail \`${jail_name}' : it already exists"
# Create config and jails directory # Create config and jails directory
mkdir --parents "${CONFDIR}" "${JAILDIR}" mkdir --parents "${CONFDIR}" "${JAILDIR}"
@ -28,4 +28,4 @@ fi
setup_jail_chroot "${jail_name}" setup_jail_chroot "${jail_name}"
setup_jail_config "${jail_name}" setup_jail_config "${jail_name}"
notice "${jail_name}: jail has been created" notice "Create jail \`${jail_name}' : OK"

6
lib/bkctld-ip
View file

@ -15,7 +15,7 @@ if [ ! -n "${jail_name}" ]; then
fi fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
jail_sshd_config="${jail_path}/${SSHD_CONFIG}" jail_sshd_config="${jail_path}/${SSHD_CONFIG}"
@ -40,9 +40,9 @@ else
if grep -q -E "^AllowUsers" "${jail_sshd_config}"; then if grep -q -E "^AllowUsers" "${jail_sshd_config}"; then
sed -i "s~^AllowUsers .*~${allow_users}~" "${jail_sshd_config}" sed -i "s~^AllowUsers .*~${allow_users}~" "${jail_sshd_config}"
else else
error "${jail_name}: No \`AllowUsers' directive found in \`${jail_sshd_config}'" error "No \`AllowUsers' directive found in \`${jail_sshd_config}'"
fi fi
notice "${jail_name}: IP whitelist updated with \`${ip}'" notice "Update IP whitelist with \`${ip}' for jail \`${jail_name}' : OK"
"${LIBDIR}/bkctld-reload" "${jail_name}" "${LIBDIR}/bkctld-reload" "${jail_name}"
"${LIBDIR}/bkctld-firewall" "${jail_name}" "${LIBDIR}/bkctld-firewall" "${jail_name}"
fi fi

2
lib/bkctld-is-on
View file

@ -14,7 +14,7 @@ if [ -z "${jail_name}" ]; then
fi fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
jail_pid_file="${jail_path}/${SSHD_PID}" jail_pid_file="${jail_path}/${SSHD_PID}"

6
lib/bkctld-key
View file

@ -15,15 +15,15 @@ if [ ! -n "${jail_name}" ]; then
fi fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
if [ -z "${keyfile}" ]; then if [ -z "${keyfile}" ]; then
if [ -f "${jail_path}/${AUTHORIZED_KEYS}" ]; then if [ -f "${jail_path}/${AUTHORIZED_KEYS}" ]; then
cat "${jail_path}/${AUTHORIZED_KEYS}" cat "${jail_path}/${AUTHORIZED_KEYS}"
fi fi
else else
test -r "${keyfile}" || error "${jail_name}: SSH key \`${keyfile}' is missing or is not readable." test -r "${keyfile}" || error "SSH key \`${keyfile}' for jail \`${jail_name}' is missing or is not readable."
cat "${keyfile}" > "${jail_path}/${AUTHORIZED_KEYS}" cat "${keyfile}" > "${jail_path}/${AUTHORIZED_KEYS}"
chmod 600 "${jail_path}/${AUTHORIZED_KEYS}" chmod 600 "${jail_path}/${AUTHORIZED_KEYS}"
notice "${jail_name}: SSH key has been updated with \`${keyfile}'" notice "Update SSH key \`${keyfile}' for jail \`${jail_name}' : OK"
fi fi

4
lib/bkctld-port
View file

@ -15,7 +15,7 @@ if [ ! -n "${jail_name}" ]; then
fi fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
jail_sshd_config="${jail_path}/${SSHD_CONFIG}" jail_sshd_config="${jail_path}/${SSHD_CONFIG}"
@ -29,7 +29,7 @@ else
fi fi
sed -i "s/^Port .*/Port ${port}/" "${jail_sshd_config}" sed -i "s/^Port .*/Port ${port}/" "${jail_sshd_config}"
notice "${jail_name}: port has been updated to \`${port}'" notice "Update SSH port \`${port}' for jail \`${jail_name}' : OK"
"${LIBDIR}/bkctld-reload" "${jail_name}" "${LIBDIR}/bkctld-reload" "${jail_name}"
"${LIBDIR}/bkctld-firewall" "${jail_name}" "${LIBDIR}/bkctld-firewall" "${jail_name}"

8
lib/bkctld-reload
View file

@ -13,10 +13,14 @@ if [ -z "${jail_name}" ]; then
fi fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
"${LIBDIR}/bkctld-is-on" "${jail_name}" || exit 0 "${LIBDIR}/bkctld-is-on" "${jail_name}" || exit 0
pid=$(cat "${jail_path}/${SSHD_PID}") pid=$(cat "${jail_path}/${SSHD_PID}")
kill -HUP "${pid}" && notice "${jail_name}: jail has been reloaded [${pid}]" if kill -HUP "${pid}"; then
notice "Reload jail \`${jail_name}' : OK [${pid}]"
else
error "Reload jail \`${jail_name}' : failed [${pid}]"
fi

6
lib/bkctld-remove
View file

@ -14,7 +14,7 @@ fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
incs_path=$(incs_path "${jail_name}") incs_path=$(incs_path "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
"${LIBDIR}/bkctld-is-on" "${jail_name}" && "${LIBDIR}/bkctld-stop" "${jail_name}" "${LIBDIR}/bkctld-is-on" "${jail_name}" && "${LIBDIR}/bkctld-stop" "${jail_name}"
@ -33,10 +33,10 @@ if [ -d "${incs_path}" ]; then
if [ "${inc_inode}" -eq 256 ]; then if [ "${inc_inode}" -eq 256 ]; then
/bin/btrfs subvolume delete "${incs_path}/${inc}" | debug /bin/btrfs subvolume delete "${incs_path}/${inc}" | debug
else else
warning "You need to purge ${incs_path}/${inc} manually !" warning "You need to purge \`${incs_path}/${inc}' manually"
fi fi
done done
rmdir --ignore-fail-on-non-empty "${incs_path}" | debug rmdir --ignore-fail-on-non-empty "${incs_path}" | debug
fi fi
"${LIBDIR}/bkctld-firewall" "${jail_name}" "${LIBDIR}/bkctld-firewall" "${jail_name}"
notice "${jail_name}: jail has been deleted." notice "Delete jail \`${jail_name}' : OK"

2
lib/bkctld-restart
View file

@ -15,7 +15,7 @@ if [ -z "${jail_name}" ]; then
fi fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
"${LIBDIR}/bkctld-is-on" "${jail_name}" && "${LIBDIR}/bkctld-stop" "${jail_name}" "${LIBDIR}/bkctld-is-on" "${jail_name}" && "${LIBDIR}/bkctld-stop" "${jail_name}"
"${LIBDIR}/bkctld-start" "${jail_name}" "${LIBDIR}/bkctld-start" "${jail_name}"

13
lib/bkctld-rm
View file

@ -106,11 +106,11 @@ for jail_name in ${jails_list}; do
incs_count=0 incs_count=0
if [ -n "${incs_to_delete}" ]; then if [ -n "${incs_to_delete}" ]; then
debug "${jail_name}: incs to be deleted : $(echo "${incs_to_delete}" | tr '\n', ',' | sed 's/,$//')." debug "Incs to be deleted for \`${jail_name}' : $(echo "${incs_to_delete}" | tr '\n', ',' | sed 's/,$//')."
for inc_name in ${incs_to_delete}; do for inc_name in ${incs_to_delete}; do
incs_count=$((incs_count+1)) incs_count=$((incs_count+1))
info "rm progress: jail ${jails_count} out of ${jails_total} - inc ${incs_count} out of ${incs_total}" info "Progress: jail ${jails_count} out of ${jails_total} - inc ${incs_count} out of ${incs_total}"
start=$(current_time) notice "Delete inc \`${inc_name}' for jail \`${jail_name}' : start"
inc_path=$(inc_path "${jail_name}" "${inc_name}") inc_path=$(inc_path "${jail_name}" "${inc_name}")
@ -120,14 +120,13 @@ for jail_name in ${jails_list}; do
delete_inc_ext4 "${jail_name}" "${inc_name}" delete_inc_ext4 "${jail_name}" "${inc_name}"
fi fi
end=$(current_time) notice "Delete inc \`${inc_name}' for jail \`${jail_name}' : finish"
notice "${jail_name}: inc \`${inc_name}' has been deleted [${start}/${end}]"
done done
else else
notice "${jail_name}: no inc to be deleted." notice "Skip jail \`${jail_name}' : no inc to delete"
fi fi
else else
notice "${jail_name}: skipping jail because incs policy is missing." notice "Skip jail \`${jail_name}' : incs policy is missing"
fi fi
done done

8
lib/bkctld-start
View file

@ -13,7 +13,7 @@ if [ -z "${jail_name}" ]; then
fi fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
"${LIBDIR}/bkctld-is-on" "${jail_name}" && exit 0 "${LIBDIR}/bkctld-is-on" "${jail_name}" && exit 0
@ -21,7 +21,7 @@ test -d "${jail_path}" || error "${jail_name}: jail is missing."
mount_jail_fs "${jail_name}" mount_jail_fs "${jail_name}"
# Start SSH in the chroot # Start SSH in the chroot
chroot "${jail_path}" /usr/sbin/sshd -E /var/log/authlog || error "${jail_name}: failed to start SSH." chroot "${jail_path}" /usr/sbin/sshd -E /var/log/authlog || error "Failed to start SSH for jail \`${jail_name}'"
pidfile="${jail_path}/${SSHD_PID}" pidfile="${jail_path}/${SSHD_PID}"
# Wait for SSH to be up # Wait for SSH to be up
@ -37,7 +37,7 @@ for try in $(seq 1 10); do
done done
if [ -n "${pid}" ]; then if [ -n "${pid}" ]; then
notice "${jail_name}: jail has been started [${pid}]" notice "Start jail \`${jail_name}' : PID \`${pid}'"
else else
error "${jail_name}: failed to fetch SSH pid within 3 sec." error "Failed to fetch SSH PID for jail \`${jail_name}' within 3 seconds"
fi fi

6
lib/bkctld-stop
View file

@ -13,7 +13,7 @@ if [ -z "${jail_name}" ]; then
fi fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
"${LIBDIR}/bkctld-is-on" "${jail_name}" || exit 0 "${LIBDIR}/bkctld-is-on" "${jail_name}" || exit 0
@ -22,10 +22,10 @@ pid=$(cat "${jail_path}/${SSHD_PID}")
pkill --parent "${pid}" pkill --parent "${pid}"
if kill "${pid}"; then if kill "${pid}"; then
notice "${jail_name}: jail has been stopped [${pid}]" notice "Stop jail \`${jail_name}' : OK [${pid}]"
umount --lazy --recursive "${jail_path}/dev" umount --lazy --recursive "${jail_path}/dev"
umount --lazy "${jail_path}/proc/" umount --lazy "${jail_path}/proc/"
else else
error "${jail_name}: failed to stop jail [${pid}]" error "Stop jail \`${jail_name}' : failed [${pid}]"
fi fi

2
lib/bkctld-sync
View file

@ -14,7 +14,7 @@ fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
jail_config_dir=$(jail_config_dir "${jail_name}") jail_config_dir=$(jail_config_dir "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
[ -n "${NODE}" ] || error "Sync need config of \$NODE in /etc/default/bkctld !" [ -n "${NODE}" ] || error "Sync need config of \$NODE in /etc/default/bkctld !"

4
lib/bkctld-update
View file

@ -13,10 +13,10 @@ if [ ! -n "${jail_name}" ]; then
fi fi
jail_path=$(jail_path "${jail_name}") jail_path=$(jail_path "${jail_name}")
test -d "${jail_path}" || error "${jail_name}: jail is missing." test -d "${jail_path}" || error "${jail_name}: jail not found"
"${LIBDIR}/bkctld-is-on" "${jail_name}" && "${LIBDIR}/bkctld-stop" "${jail_name}" "${LIBDIR}/bkctld-is-on" "${jail_name}" && "${LIBDIR}/bkctld-stop" "${jail_name}"
setup_jail_chroot "${jail_name}" setup_jail_chroot "${jail_name}"
notice "${jail_name}: jail has been updated." notice "Update jail \`${jail_name}' : OK"

30
lib/includes
View file

@ -23,43 +23,49 @@ CRITICAL="${CRITICAL:-48}"
WARNING="${WARNING:-24}" WARNING="${WARNING:-24}"
DUC=$(command -v duc-nox || command -v duc) DUC=$(command -v duc-nox || command -v duc)
log_date() {
echo "[$(date +%Y-%m-%d %H:%M:%s)]"
}
process_name() {
basename $0
}
debug() { debug() {
msg="${1:-$(cat /dev/stdin)}" msg="${1:-$(cat /dev/stdin)}"
if [ "${LOGLEVEL}" -ge 7 ]; then if [ "${LOGLEVEL}" -ge 7 ]; then
echo "${msg}" echo "$(log_date) DEBUG $(process_name) ${msg}"
logger -t bkctld -p daemon.debug "${msg}" logger -t bkctld -p daemon.debug "$(process_name) ${msg}"
fi fi
} }
info() { info() {
msg="${1:-$(cat /dev/stdin)}" msg="${1:-$(cat /dev/stdin)}"
if [ "${LOGLEVEL}" -ge 6 ]; then if [ "${LOGLEVEL}" -ge 6 ]; then
tty -s && echo "${msg}" tty -s && echo "$(log_date) INFO $(process_name)${msg}"
logger -t bkctld -p daemon.info "${msg}" logger -t bkctld -p daemon.info "$(process_name) ${msg}"
fi fi
} }
notice() { notice() {
msg="${1:-$(cat /dev/stdin)}" msg="${1:-$(cat /dev/stdin)}"
tty -s && echo "${msg}" tty -s && echo "$(log_date) NOTICE $(process_name) ${msg}"
[ "${LOGLEVEL}" -ge 5 ] && logger -t bkctld -p daemon.notice "${msg}" [ "${LOGLEVEL}" -ge 5 ] && logger -t bkctld -p daemon.notice "$(process_name) ${msg}"
} }
warning() { warning() {
msg="${1:-$(cat /dev/stdin)}" msg="${1:-$(cat /dev/stdin)}"
tty -s && echo "WARNING: ${msg}" >&2 tty -s && echo "$(log_date) WARNING $(process_name) ${msg}" >&2
if [ "${LOGLEVEL}" -ge 4 ]; then if [ "${LOGLEVEL}" -ge 4 ]; then
tty -s || echo "WARNING: ${msg}" >&2 tty -s || echo "$(log_date) WARNING $(process_name) ${msg}" >&2
logger -t bkctld -p daemon.warning "${msg}" logger -t bkctld -p daemon.warning "$(process_name) ${msg}"
fi fi
} }
error() { error() {
msg="${1:-$(cat /dev/stdin)}" msg="${1:-$(cat /dev/stdin)}"
tty -s && echo "ERROR: ${msg}" >&2 tty -s && echo "$(log_date) ERROR $(process_name) ${msg}" >&2
if [ "${LOGLEVEL}" -ge 5 ]; then if [ "${LOGLEVEL}" -ge 5 ]; then
tty -s || echo "ERROR: ${msg}" >&2 tty -s || echo "$(log_date) ERROR $(process_name) ${msg}" >&2
logger -t bkctld -p daemon.error "${msg}" logger -t bkctld -p daemon.error "$(process_name) ${msg}"
fi fi
exit 1 exit 1
} }