Merge branch 'master' into debian
This commit is contained in:
commit
b7f05aba21
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,2 +1,3 @@
|
||||||
*.swp
|
*.swp
|
||||||
.vagrant
|
.vagrant
|
||||||
|
build
|
||||||
|
|
28
CHANGELOG.md
28
CHANGELOG.md
|
@ -8,6 +8,26 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
### Deprecated
|
||||||
|
|
||||||
|
### Removed
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
### Security
|
||||||
|
|
||||||
|
## [2.2.1] - 2020-04-18
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
* check-incs.sh and check-last-incs.sh are embedded in bkctld
|
||||||
|
|
||||||
|
## [2.2.0] - 2020-04-17
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
* Shellcheck directives to have 0 warnings and errors
|
* Shellcheck directives to have 0 warnings and errors
|
||||||
* Ability to override critical/warning thresholds per jail for bkctld-check
|
* Ability to override critical/warning thresholds per jail for bkctld-check
|
||||||
* Support new location for jail configuration (/etc/evobackup/<jail_name>.d/)
|
* Support new location for jail configuration (/etc/evobackup/<jail_name>.d/)
|
||||||
|
@ -28,11 +48,3 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||||
* Split BATS tests file and use helper functions
|
* Split BATS tests file and use helper functions
|
||||||
* Improve "lib" detection
|
* Improve "lib" detection
|
||||||
* Revamp the README
|
* Revamp the README
|
||||||
|
|
||||||
### Deprecated
|
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
### Security
|
|
||||||
|
|
35
bkctld
35
bkctld
|
@ -14,7 +14,10 @@
|
||||||
|
|
||||||
set -u
|
set -u
|
||||||
|
|
||||||
[ "$(id -u)" -ne 0 ] && error "You need to be root to run ${0} !"
|
if [ "$(id -u)" -ne 0 ]; then
|
||||||
|
echo "You need to be root to run ${0} !" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
basedir=$(dirname "$0")
|
basedir=$(dirname "$0")
|
||||||
if [ "${basedir}" = "/usr/local/sbin" ] && [ -d "/usr/local/lib/bkctld" ]; then
|
if [ "${basedir}" = "/usr/local/sbin" ] && [ -d "/usr/local/lib/bkctld" ]; then
|
||||||
|
@ -24,31 +27,40 @@ elif [ "${basedir}" = "/usr/sbin" ] && [ -d "/usr/lib/bkctld" ]; then
|
||||||
elif [ -d './lib' ]; then
|
elif [ -d './lib' ]; then
|
||||||
LIBDIR='lib'
|
LIBDIR='lib'
|
||||||
else
|
else
|
||||||
error "Failed to find a suitable lib directory for bkctld."
|
echo "Failed to find a suitable lib directory for bkctld." >&2
|
||||||
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# shellcheck source=lib/includes
|
# shellcheck source=lib/includes
|
||||||
. "${LIBDIR}/includes"
|
. "${LIBDIR}/includes"
|
||||||
|
|
||||||
subcommand="${1:-}"
|
subcommand="${1:-}"
|
||||||
jail_name="${2:-}"
|
|
||||||
option="${3:-}"
|
|
||||||
|
|
||||||
if [ ! -x "${LIBDIR}/bkctld-${subcommand}" ]; then
|
|
||||||
"${LIBDIR}/bkctld-help" && exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
case "${subcommand}" in
|
case "${subcommand}" in
|
||||||
"inc" | "rm" | "check" | "stats" | "help" | "list")
|
"inc" | "rm" | "check" | "stats" | "help" | "list")
|
||||||
"${LIBDIR}/bkctld-${subcommand}"
|
"${LIBDIR}/bkctld-${subcommand}"
|
||||||
;;
|
;;
|
||||||
|
"check-incs")
|
||||||
|
option="${2:-}"
|
||||||
|
if [ "${option}" = "all" ] || [ -z "${option}" ]; then
|
||||||
|
"${LIBDIR}/bkctld-check-incs"
|
||||||
|
elif [ "${option}" = "last" ]; then
|
||||||
|
"${LIBDIR}/bkctld-check-last-incs"
|
||||||
|
else
|
||||||
|
"${LIBDIR}/bkctld-help"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
;;
|
||||||
"init" | "is-on")
|
"init" | "is-on")
|
||||||
|
jail_name="${2:-}"
|
||||||
"${LIBDIR}/bkctld-${subcommand}" "${jail_name}"
|
"${LIBDIR}/bkctld-${subcommand}" "${jail_name}"
|
||||||
;;
|
;;
|
||||||
"key" | "port" | "ip")
|
"key" | "port" | "ip")
|
||||||
|
jail_name="${2:-}"
|
||||||
|
option="${3:-}"
|
||||||
"${LIBDIR}/bkctld-${subcommand}" "${jail_name}" "${option}"
|
"${LIBDIR}/bkctld-${subcommand}" "${jail_name}" "${option}"
|
||||||
;;
|
;;
|
||||||
"start" | "stop" | "reload" | "restart" | "sync" | "update" | "remove" | "firewall")
|
"start" | "stop" | "reload" | "restart" | "sync" | "update" | "remove" | "firewall")
|
||||||
|
jail_name="${2:-}"
|
||||||
if [ "${jail_name}" = "all" ]; then
|
if [ "${jail_name}" = "all" ]; then
|
||||||
"${LIBDIR}/bkctld-list" | xargs --no-run-if-empty --max-args=1 --max-procs=0 "${LIBDIR}/bkctld-${subcommand}"
|
"${LIBDIR}/bkctld-list" | xargs --no-run-if-empty --max-args=1 --max-procs=0 "${LIBDIR}/bkctld-${subcommand}"
|
||||||
else
|
else
|
||||||
|
@ -56,10 +68,15 @@ case "${subcommand}" in
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
"status")
|
"status")
|
||||||
|
jail_name="${2:-}"
|
||||||
if [ "${jail_name}" = "all" ] || [ -z "${jail_name}" ]; then
|
if [ "${jail_name}" = "all" ] || [ -z "${jail_name}" ]; then
|
||||||
"${LIBDIR}/bkctld-list" | xargs --no-run-if-empty --max-args=1 "${LIBDIR}/bkctld-${subcommand}"
|
"${LIBDIR}/bkctld-list" | xargs --no-run-if-empty --max-args=1 "${LIBDIR}/bkctld-${subcommand}"
|
||||||
else
|
else
|
||||||
"${LIBDIR}/bkctld-${subcommand}" "${jail_name}"
|
"${LIBDIR}/bkctld-${subcommand}" "${jail_name}"
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
|
*)
|
||||||
|
"${LIBDIR}/bkctld-help"
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
|
@ -1,61 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
EVOBACKUP_CONFIGS="/etc/evobackup/*"
|
|
||||||
|
|
||||||
relative_date() {
|
|
||||||
format=$(echo $1 | cut -d'.' -f1)
|
|
||||||
time_jump=$(echo $1 | cut -d'.' -f2)
|
|
||||||
|
|
||||||
reference_date=$(date "${format}")
|
|
||||||
past_date=$(date --date "${reference_date} ${time_jump}" +"%Y-%m-%d")
|
|
||||||
|
|
||||||
echo ${past_date}
|
|
||||||
}
|
|
||||||
inc_exists() {
|
|
||||||
ls -d /backup/incs/$1 > /dev/null 2>&1
|
|
||||||
}
|
|
||||||
jail_exists() {
|
|
||||||
ls -d /backup/jails/$1 > /dev/null 2>&1
|
|
||||||
}
|
|
||||||
# default return value is 0 (succes)
|
|
||||||
rc=0
|
|
||||||
# loop for each configured jail
|
|
||||||
for file in ${EVOBACKUP_CONFIGS}; do
|
|
||||||
jail_name=$(basename ${file})
|
|
||||||
|
|
||||||
# check if jail is present
|
|
||||||
if jail_exists ${jail_name}; then
|
|
||||||
today=$(date +"%s")
|
|
||||||
# get jail last configuration date
|
|
||||||
jail_config_age=$(date --date "$(stat -c %y ${file})" +"%s")
|
|
||||||
|
|
||||||
# loop for each line in jail configuration
|
|
||||||
for line in $(cat ${file}); do
|
|
||||||
# inc date in ISO format
|
|
||||||
inc_date=$(relative_date ${line})
|
|
||||||
# inc date in seconds from epoch
|
|
||||||
inc_age=$(date --date "${inc_date}" +"%s")
|
|
||||||
|
|
||||||
# skip line if date is inthe future
|
|
||||||
if [ "${inc_age}" -gt "${today}" ]; then
|
|
||||||
echo "INFO: no inc expected for ${inc_date} \`${jail_name}'"
|
|
||||||
else
|
|
||||||
# check if the configuration changed after the inc date
|
|
||||||
if [ "${jail_config_age}" -lt "${inc_age}" ]; then
|
|
||||||
# Error if inc is not found
|
|
||||||
if ! inc_exists ${jail_name}/${inc_date}*; then
|
|
||||||
echo "ERROR: inc is missing \`${jail_name}/${inc_date}'" >&2
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
echo "INFO: no inc expected for ${inc_date} \`${jail_name}'"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
else
|
|
||||||
echo "ERROR: jail is missing \`${jail_name}'" >&2
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
exit $rc
|
|
|
@ -1,20 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
inc_exists() {
|
|
||||||
ls -d /backup/incs/$1 > /dev/null 2>&1
|
|
||||||
}
|
|
||||||
# default return value is 0 (succes)
|
|
||||||
rc=0
|
|
||||||
# loop for each found jail
|
|
||||||
for file in /backup/jails/*; do
|
|
||||||
jail_name=$(basename ${file})
|
|
||||||
# inc date in seconds from epoch
|
|
||||||
inc_date=$(date --date "yesterday" +"%Y-%m-%d")
|
|
||||||
# Error if inc is not found
|
|
||||||
if ! inc_exists ${jail_name}/${inc_date}*; then
|
|
||||||
echo "ERROR: inc is missing \`${jail_name}/${inc_date}'" >&2
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
exit $rc
|
|
53
lib/bkctld-check-incs
Executable file
53
lib/bkctld-check-incs
Executable file
|
@ -0,0 +1,53 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
set -u
|
||||||
|
|
||||||
|
# shellcheck source=./includes
|
||||||
|
LIBDIR="$(dirname $0)" && . "${LIBDIR}/includes"
|
||||||
|
|
||||||
|
# default return value is 0 (succes)
|
||||||
|
rc=0
|
||||||
|
# loop for each configured jail
|
||||||
|
for jail_name in $(bkctld list); do
|
||||||
|
incs_policy_file=$(current_jail_incs_policy_file "${jail_name}")
|
||||||
|
|
||||||
|
# Today in seconds from epoch
|
||||||
|
today_epoch=$(date +"%s")
|
||||||
|
# Today in ISO format
|
||||||
|
today_iso=$(date +"%Y-%m-%d")
|
||||||
|
|
||||||
|
# get jail last configuration date
|
||||||
|
jail_config_epoch=$(date --date "$(stat -c %y ${incs_policy_file})" +"%s")
|
||||||
|
|
||||||
|
if [ -n "${incs_policy_file}" ]; then
|
||||||
|
# loop for each line in jail configuration
|
||||||
|
for line in $(cat ${incs_policy_file}); do
|
||||||
|
# inc date in ISO format
|
||||||
|
inc_iso=$(relative_date ${line})
|
||||||
|
# inc date in seconds from epoch
|
||||||
|
inc_epoch=$(date --date "${inc_iso}" +"%s")
|
||||||
|
|
||||||
|
# skip line if date is in the future
|
||||||
|
if [ "${inc_epoch}" -gt "${today_epoch}" ]; then
|
||||||
|
echo "INFO: ${jail_name} : no inc expected for ${inc_iso}"
|
||||||
|
else
|
||||||
|
# check if the configuration changed after the inc date
|
||||||
|
# or if it's today's inc
|
||||||
|
if [ "${jail_config_epoch}" -lt "${inc_epoch}" ] \
|
||||||
|
|| [ "${today_iso}" = "${inc_iso}" ]; then
|
||||||
|
# Error if inc is not found
|
||||||
|
if ! inc_exists "${jail_name}" "${inc_iso}*"; then
|
||||||
|
echo "ERROR: ${jail_name} : missing inc for ${inc_iso}" >&2
|
||||||
|
rc=1
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "INFO: ${jail_name} : no inc expected for ${inc_iso}"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
echo "INFO: ${jail_name} : no inc expected at all"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
exit $rc
|
27
lib/bkctld-check-last-incs
Executable file
27
lib/bkctld-check-last-incs
Executable file
|
@ -0,0 +1,27 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
set -u
|
||||||
|
|
||||||
|
# shellcheck source=./includes
|
||||||
|
LIBDIR="$(dirname $0)" && . "${LIBDIR}/includes"
|
||||||
|
|
||||||
|
# default return value is 0 (succes)
|
||||||
|
rc=0
|
||||||
|
# loop for each found jail
|
||||||
|
for jail_name in $(bkctld list); do
|
||||||
|
incs_policy_file=$(current_jail_incs_policy_file "${jail_name}")
|
||||||
|
|
||||||
|
if [ -n "${incs_policy_file}" ]; then
|
||||||
|
# inc date in seconds from epoch
|
||||||
|
inc_date=$(date +"%Y-%m-%d")
|
||||||
|
# Error if inc is not found
|
||||||
|
if ! inc_exists "${jail_name}" "${inc_date}*"; then
|
||||||
|
echo "ERROR: ${jail_name} : missing inc for ${inc_date}" >&2
|
||||||
|
rc=1
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "INFO: ${jail_name} : no inc expected at all"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
exit $rc
|
|
@ -7,16 +7,6 @@
|
||||||
# shellcheck source=./includes
|
# shellcheck source=./includes
|
||||||
LIBDIR="$(dirname $0)" && . "${LIBDIR}/includes"
|
LIBDIR="$(dirname $0)" && . "${LIBDIR}/includes"
|
||||||
|
|
||||||
relative_date() {
|
|
||||||
format=$(echo $1 | cut -d'.' -f1)
|
|
||||||
time_jump=$(echo $1 | cut -d'.' -f2)
|
|
||||||
|
|
||||||
reference_date=$(date "${format}")
|
|
||||||
past_date=$(date --date "${reference_date} ${time_jump}" +"%Y-%m-%d")
|
|
||||||
|
|
||||||
echo ${past_date}
|
|
||||||
}
|
|
||||||
|
|
||||||
delete_inc_btrfs() {
|
delete_inc_btrfs() {
|
||||||
jail_name=$1
|
jail_name=$1
|
||||||
inc_name=$2
|
inc_name=$2
|
||||||
|
|
19
lib/includes
19
lib/includes
|
@ -111,6 +111,15 @@ inc_path() {
|
||||||
|
|
||||||
echo "${INCDIR}/${jail_name}/${inc_name}"
|
echo "${INCDIR}/${jail_name}/${inc_name}"
|
||||||
}
|
}
|
||||||
|
# Test the existence of an inc pattern for a jail
|
||||||
|
inc_exists() {
|
||||||
|
jail_name=${1-?}
|
||||||
|
inc_pattern=${2-?}
|
||||||
|
inc_path=$(inc_path "${jail_name}" "${inc_pattern}")
|
||||||
|
|
||||||
|
# inc_path must not be quoted because it can contain globs
|
||||||
|
ls -d ${inc_path} > /dev/null 2>&1
|
||||||
|
}
|
||||||
jail_config_dir() {
|
jail_config_dir() {
|
||||||
jail_name=${1:?}
|
jail_name=${1:?}
|
||||||
|
|
||||||
|
@ -158,6 +167,16 @@ current_jail_check_policy_file() {
|
||||||
echo ""
|
echo ""
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
# relative_date "+%Y-%m-%d.-2day"
|
||||||
|
relative_date() {
|
||||||
|
format=$(echo $1 | cut -d'.' -f1)
|
||||||
|
time_jump=$(echo $1 | cut -d'.' -f2)
|
||||||
|
|
||||||
|
reference_date=$(date "${format}")
|
||||||
|
past_date=$(date --date "${reference_date} ${time_jump}" +"%Y-%m-%d")
|
||||||
|
|
||||||
|
echo ${past_date}
|
||||||
|
}
|
||||||
|
|
||||||
setup_jail_chroot() {
|
setup_jail_chroot() {
|
||||||
jail_name=${1:?}
|
jail_name=${1:?}
|
||||||
|
|
|
@ -165,3 +165,24 @@ OUT
|
||||||
run /usr/lib/bkctld/bkctld-check
|
run /usr/lib/bkctld/bkctld-check
|
||||||
assert_equal "0" "$status"
|
assert_equal "0" "$status"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@test "Check-last-incs OK if jail is present" {
|
||||||
|
/usr/lib/bkctld/bkctld-inc
|
||||||
|
|
||||||
|
run /usr/lib/bkctld/bkctld-check-last-incs
|
||||||
|
assert_equal "0" "$status"
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "Check-last-incs Error if jail is missing" {
|
||||||
|
|
||||||
|
run /usr/lib/bkctld/bkctld-check-last-incs
|
||||||
|
assert_equal "1" "$status"
|
||||||
|
}
|
||||||
|
|
||||||
|
@test "Check-incs OK" {
|
||||||
|
/usr/lib/bkctld/bkctld-inc
|
||||||
|
|
||||||
|
run /usr/lib/bkctld/bkctld-check-incs
|
||||||
|
assert_equal "0" "$status"
|
||||||
|
}
|
||||||
|
# TODO: write many more tests for bkctld-check-incs
|
||||||
|
|
Loading…
Reference in a new issue