Compare commits
26 Commits
| Author | SHA1 | Date |
|---|---|---|
David Prevot
|
2560deec1e | |
 Jérémy Lecour
|
d01286e0b9
|
|
|
Jérémy Lecour
|
2f2e723bc0
|
|
|
Jérémy Lecour
|
252fe746a7
|
|
|
Jérémy Lecour
|
8a7cf0a941
|
|
Brice Waegeneire
|
1cbe1a6c1e | |
|
Brice Waegeneire
|
f594a54e07 | |
|
Brice Waegeneire
|
33504c4c01 | |
|
Brice Waegeneire
|
21f7464d42 | |
|
Brice Waegeneire
|
95b45bac8e | |
 Mathieu Trossevin
|
4ef8878bcf | |
Mathieu Trossevin
|
a33021b041
|
|
|
Jérémy Lecour
|
9aa16dff73 | |
|
Jérémy Lecour
|
b8bb014b8d | |
|
Jérémy Lecour
|
334ef62d43 | |
|
Jérémy Lecour
|
c83a1043c7 | |
|
Jérémy Lecour
|
46b8015d93 | |
|
Jérémy Lecour
|
026fb9f5cd | |
|
Jérémy Lecour
|
88187912cd | |
|
Jérémy Lecour
|
edca7cee17 | |
|
Jérémy Lecour
|
26d4a2e219 | |
|
Jérémy Lecour
|
f5abdd2912 | |
|
Jérémy Lecour
|
a811b008c7 | |
Tristan PILAT
|
29ac93e250 | |
|
Tristan PILAT
|
c88bc83145 | |
|
Tristan PILAT
|
bf6cf1bf00 |
64
CHANGELOG.md
64
CHANGELOG.md
|
|
@ -15,6 +15,70 @@ and this project **does not adhere to [Semantic Versioning](http://semver.org/sp
|
|||
|
||||
### Security
|
||||
|
||||
## [23.10.1] - 2023-10-09
|
||||
|
||||
### Fixed
|
||||
|
||||
* Use a special variable name since USER is always defined from the environment
|
||||
|
||||
## [23.10] - 2023-10-09
|
||||
|
||||
### Added
|
||||
|
||||
* Force a user name with `-u,--user` option (default is still `logname(1)`).
|
||||
* More people credited
|
||||
|
||||
### Deprecated
|
||||
|
||||
* `--autosysadmin` is replaced by `--user autosysadmin`
|
||||
|
||||
|
||||
|
||||
## [22.07] - 2022-07-05
|
||||
|
||||
### Added
|
||||
|
||||
* Add `--autosysadmin` flag
|
||||
* Commit change in /etc of lxc containers
|
||||
|
||||
### Changed
|
||||
|
||||
### Deprecated
|
||||
|
||||
### Removed
|
||||
|
||||
### Fixed
|
||||
|
||||
### Security
|
||||
|
||||
## [22.01] - 2022-01-25
|
||||
|
||||
### Added
|
||||
|
||||
* version/host/user headers in sent email
|
||||
|
||||
### Changed
|
||||
|
||||
New version pattern
|
||||
|
||||
## [0.6.4] - 2021-06-17
|
||||
|
||||
### Added
|
||||
|
||||
* fallback if findmnt is absent
|
||||
|
||||
## [0.6.3] - 2020-02-02
|
||||
|
||||
### Added
|
||||
|
||||
* Notify syslog when partitions are re-mounted (Linux)
|
||||
|
||||
## [0.6.2] - 2020-02-02
|
||||
|
||||
### Fixed
|
||||
|
||||
* better detection of read-only partitions (Linux)
|
||||
|
||||
## [0.6.0] - 2019-11-05
|
||||
|
||||
### Added
|
||||
|
|
|
|||
|
|
@ -6,15 +6,15 @@ evomaintenance is a program that helps reporting what you've done on a server
|
|||
|
||||
Usage: evomaintenance
|
||||
or evomaintenance --message="add new host"
|
||||
or evomaintenance --no-db --no-mail --no-commit
|
||||
or evomaintenance --no-api --no-mail --no-commit
|
||||
or echo "add new vhost" | evomaintenance
|
||||
|
||||
Options
|
||||
-m, --message=MESSAGE set the message from the command line
|
||||
--mail enable the mail hook (default)
|
||||
--no-mail disable the mail hook
|
||||
--db enable the database hook (default)
|
||||
--no-db disable the database hook
|
||||
--db enable the database hook
|
||||
--no-db disable the database hook (default)
|
||||
--api enable the API hook (default)
|
||||
--no-api disable the API hook
|
||||
--commit enable the commit hook (default)
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
#!/bin/sh
|
||||
# Git pre-checkout hook restoring permissions and ownerships.
|
||||
mtree -u < .mtree
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
#!/bin/sh
|
||||
# Git pre-commit hook storing permissions and ownerships.
|
||||
|
||||
mtreeignore=$(mktemp --suffix mtree)
|
||||
|
||||
mtree_exclude() {
|
||||
echo .git
|
||||
# Get ignored files from git https://stackoverflow.com/a/467053
|
||||
find . -not -path './.git/*' | git check-ignore --stdin
|
||||
}
|
||||
|
||||
# In case .mtree doens't exists yet, we still want it in the specification
|
||||
# to be generated.
|
||||
if [ -f .mtree ]; then
|
||||
touch .mtree
|
||||
fi
|
||||
|
||||
mtree_exclude > "$mtreeignore"
|
||||
trap 'rm --force "$mtreeignore"' EXIT
|
||||
|
||||
mtree -x -c \
|
||||
-p . \
|
||||
-k uname,gname,mode \
|
||||
-X "$mtreeignore" > .mtree
|
||||
|
||||
git add .mtree
|
||||
|
|
@ -1,8 +1,14 @@
|
|||
evomaintenance (0.6.3-1) UNRELEASED; urgency=low
|
||||
|
||||
* fix partitions re-mounting before/after commits
|
||||
|
||||
-- Jérémy Lecour <jlecour@evolix.fr> Mon, 3 Mar 2020 22:14:12 +0100
|
||||
|
||||
evomaintenance (0.6.0-1) UNRELEASED; urgency=low
|
||||
|
||||
* commit changes in /usr/share/scripts/ if needed
|
||||
* commit changes in /usr/share/scripts/ if needed
|
||||
|
||||
-- Jérémy Lecour <jlecour@evolix.fr> Tue, 5 Nov 2019 14:50:12 +0100
|
||||
-- Jérémy Lecour <jlecour@evolix.fr> Tue, 5 Nov 2019 14:50:12 +0100
|
||||
|
||||
evomaintenance (0.5.1-1) UNRELEASED; urgency=low
|
||||
|
||||
|
|
|
|||
|
|
@ -1,21 +1,16 @@
|
|||
#!/bin/sh
|
||||
|
||||
# EvoMaintenance script
|
||||
# Dependencies (all OS): git postgresql-client
|
||||
# Dependencies (Debian): sudo
|
||||
|
||||
# Copyright 2007-2019 Evolix <info@evolix.fr>, Gregory Colpart <reg@evolix.fr>,
|
||||
# Jérémy Lecour <jlecour@evolix.fr> and others.
|
||||
|
||||
VERSION="0.6.0"
|
||||
VERSION="23.10.1"
|
||||
|
||||
show_version() {
|
||||
cat <<END
|
||||
evomaintenance version ${VERSION}
|
||||
|
||||
Copyright 2007-2019 Evolix <info@evolix.fr>,
|
||||
Copyright 2007-2023 Evolix <info@evolix.fr>,
|
||||
Gregory Colpart <reg@evolix.fr>,
|
||||
Jérémy Lecour <jlecour@evolix.fr>
|
||||
Jérémy Lecour <jlecour@evolix.fr>,
|
||||
Brice Waegeneire <bwaegeneire@evolix.fr>,
|
||||
Mathieu Trossevin <mtrossevin@evolix.fr>
|
||||
and others.
|
||||
|
||||
evomaintenance comes with ABSOLUTELY NO WARRANTY. This is free software,
|
||||
|
|
@ -47,13 +42,20 @@ Options
|
|||
--no-evocheck disable evocheck execution
|
||||
--auto use "auto" mode
|
||||
--no-auto use "manual" mode (default)
|
||||
-u, --user=USER force USER value (default: logname(1))
|
||||
-v, --verbose increase verbosity
|
||||
-n, --dry-run actions are not executed
|
||||
--help print this message and exit
|
||||
--version print version and exit
|
||||
-V, --version print version and exit
|
||||
END
|
||||
}
|
||||
|
||||
syslog() {
|
||||
if [ -x "${LOGGER_BIN}" ]; then
|
||||
${LOGGER_BIN} -t "evomaintenance" "$1"
|
||||
fi
|
||||
}
|
||||
|
||||
get_system() {
|
||||
uname -s
|
||||
}
|
||||
|
|
@ -91,13 +93,22 @@ get_who() {
|
|||
}
|
||||
|
||||
get_begin_date() {
|
||||
printf "%s %s" "$(date "+%Y")" "$(get_who | cut -d" " -f3,4,5)"
|
||||
# XXX A begin date isn't applicable when used in autosysadmin, so we
|
||||
# use the same date as the end date.
|
||||
if is_autosysadmin; then
|
||||
get_end_date
|
||||
else
|
||||
printf "%s %s" "$(date "+%Y")" "$(get_who | cut -d" " -f3,4,5)"
|
||||
fi
|
||||
}
|
||||
|
||||
get_ip() {
|
||||
ip=$(get_who | cut -d" " -f6 | sed -e "s/^(// ; s/)$//")
|
||||
[ -z "${ip}" ] && ip="unknown (no tty)"
|
||||
[ "${ip}" = ":0" ] && ip="localhost"
|
||||
if is_autosysadmin || [ "${ip}" = ":0" ]; then
|
||||
ip="localhost"
|
||||
elif [ -z "${ip}" ]; then
|
||||
ip="unknown (no tty)"
|
||||
fi
|
||||
|
||||
echo "${ip}"
|
||||
}
|
||||
|
|
@ -110,6 +121,14 @@ get_now() {
|
|||
date +"%Y-%m-%dT%H:%M:%S%z"
|
||||
}
|
||||
|
||||
get_user() {
|
||||
if [ -n "${FORCE_USER}" ]; then
|
||||
echo "${FORCE_USER}"
|
||||
else
|
||||
logname
|
||||
fi
|
||||
}
|
||||
|
||||
get_complete_hostname() {
|
||||
REAL_HOSTNAME=$(get_fqdn)
|
||||
if [ "${HOSTNAME}" = "${REAL_HOSTNAME}" ]; then
|
||||
|
|
@ -168,17 +187,40 @@ print_session_data() {
|
|||
printf "Message : %s\n" "${MESSAGE}"
|
||||
}
|
||||
|
||||
is_autosysadmin() {
|
||||
test "${USER}" = "autosysadmin"
|
||||
}
|
||||
|
||||
is_repository_readonly() {
|
||||
mountpoint=$(stat -c '%m' $1)
|
||||
findmnt ${mountpoint} --noheadings --output OPTIONS | grep -q -E "\bro\b"
|
||||
if [ "$(get_system)" = "OpenBSD" ]; then
|
||||
partition=$(stat -f '%Sd' $1)
|
||||
mount | grep ${partition} | grep -q "read-only"
|
||||
elif command -v findmnt >/dev/null; then
|
||||
mountpoint=$(stat -c '%m' $1)
|
||||
findmnt ${mountpoint} --noheadings --output OPTIONS -O ro
|
||||
else
|
||||
grep /usr /proc/mounts | grep -E '\bro\b'
|
||||
fi
|
||||
}
|
||||
remount_repository_readwrite() {
|
||||
mountpoint=$(stat -c '%m' $1)
|
||||
mount -o remount,rw ${mountpoint}
|
||||
if [ "$(get_system)" = "OpenBSD" ]; then
|
||||
partition=$(stat -f '%Sd' $1)
|
||||
mount -u -w /dev/${partition} 2>/dev/null
|
||||
else
|
||||
mountpoint=$(stat -c '%m' $1)
|
||||
mount -o remount,rw ${mountpoint}
|
||||
syslog "Re-mount ${mountpoint} as read-write to commit in repository $1"
|
||||
fi
|
||||
}
|
||||
remount_repository_readonly() {
|
||||
mountpoint=$(stat -c '%m' $1)
|
||||
mount -o remount,ro ${mountpoint} 2>/dev/null
|
||||
if [ "$(get_system)" = "OpenBSD" ]; then
|
||||
partition=$(stat -f '%Sd' $1)
|
||||
mount -u -r /dev/${partition} 2>/dev/null
|
||||
else
|
||||
mountpoint=$(stat -c '%m' $1)
|
||||
mount -o remount,ro ${mountpoint} 2>/dev/null
|
||||
syslog "Re-mount ${mountpoint} as read-only after commit to repository $1"
|
||||
fi
|
||||
}
|
||||
|
||||
hook_commit() {
|
||||
|
|
@ -278,6 +320,9 @@ From: ${FULLFROM}
|
|||
Content-Type: text/plain; charset=UTF-8
|
||||
MIME-Version: 1.0
|
||||
Content-Transfer-Encoding: 8bit
|
||||
X-Evomaintenance-Version: ${VERSION}
|
||||
X-Evomaintenance-Host: ${HOSTNAME_TEXT}
|
||||
X-Evomaintenance-User: ${USER}
|
||||
To: ${EVOMAINTMAIL}
|
||||
Subject: [evomaintenance] Intervention sur ${HOSTNAME_TEXT} (${USER})
|
||||
|
||||
|
|
@ -354,6 +399,7 @@ AUTO=${AUTO:-"0"}
|
|||
EVOCHECK=${EVOCHECK:-"0"}
|
||||
GIT_STATUS_MAX_LINES=${GIT_STATUS_MAX_LINES:-20}
|
||||
API_ENDPOINT=${API_ENDPOINT:-""}
|
||||
FORCE_USER=${FORCE_USER:-""}
|
||||
|
||||
# initialize variables
|
||||
MESSAGE=""
|
||||
|
|
@ -431,6 +477,31 @@ while :; do
|
|||
# use "auto" mode
|
||||
AUTO=1
|
||||
;;
|
||||
--autosysadmin)
|
||||
# Deprecated, backward compatibility
|
||||
# author change as autosysadmin
|
||||
printf 'WARNING: "--autosysadmin" is deprecated, use "--user autosysadmin".\n' >&2
|
||||
FORCE_USER="autosysadmin"
|
||||
;;
|
||||
-u|--user)
|
||||
# user options, with value speparated by space
|
||||
if [ -n "$2" ]; then
|
||||
FORCE_USER=$2
|
||||
shift
|
||||
else
|
||||
printf 'ERROR: "--user" requires a non-empty option argument.\n' >&2
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
--user=?*)
|
||||
# message options, with value speparated by =
|
||||
FORCE_USER=${1#*=}
|
||||
;;
|
||||
--user=)
|
||||
# message options, without value
|
||||
printf 'ERROR: "--user" requires a non-empty option argument.\n' >&2
|
||||
exit 1
|
||||
;;
|
||||
-n|--dry-run)
|
||||
# disable actual commands
|
||||
DRY_RUN=1
|
||||
|
|
@ -469,7 +540,7 @@ HOSTNAME_TEXT=$(get_complete_hostname)
|
|||
IP=$(get_ip)
|
||||
BEGIN_DATE=$(get_begin_date)
|
||||
END_DATE=$(get_end_date)
|
||||
USER=$(logname)
|
||||
USER=$(get_user)
|
||||
|
||||
PATH=${PATH}:/usr/sbin
|
||||
|
||||
|
|
@ -497,6 +568,9 @@ if [ "${HOOK_API}" = "1" ] && [ -z "${CURL_BIN}" ]; then
|
|||
echo "No \`curl' command has been found, can't call the API." 2>&1
|
||||
fi
|
||||
|
||||
LOGGER_BIN=$(command -v logger)
|
||||
readonly LOGGER_BIN
|
||||
|
||||
if [ "${HOOK_API}" = "1" ] && [ -z "${API_ENDPOINT}" ]; then
|
||||
echo "No API endpoint specified, can't call the API." 2>&1
|
||||
fi
|
||||
|
|
@ -505,6 +579,11 @@ EVOCHECK_BIN="/usr/share/scripts/evocheck.sh"
|
|||
|
||||
GIT_REPOSITORIES="/etc /etc/bind /usr/share/scripts"
|
||||
|
||||
# Add /etc directories from lxc containers if they are git directories
|
||||
if [ -d /var/lib/lxc ]; then
|
||||
GIT_REPOSITORIES="${GIT_REPOSITORIES} $(find -L /var/lib/lxc/ -maxdepth 3 -name 'etc' | tr '\n' ' ' | sed 's/[[:space:]]\+$//')"
|
||||
fi
|
||||
|
||||
# initialize variable
|
||||
GIT_STATUSES=""
|
||||
# git statuses
|
||||
|
|
@ -532,7 +611,7 @@ if [ "${INTERACTIVE}" = "1" ] && [ "${EVOCHECK}" = "1" ]; then
|
|||
get_evocheck
|
||||
fi
|
||||
if [ -n "${GIT_STATUSES}" ] && [ "${INTERACTIVE}" = "1" ]; then
|
||||
printf "/!\ There are some uncommited changes.\n%s\n\n" "${GIT_STATUSES}"
|
||||
printf "/!\\\ There are some uncommited changes.\n%s\n\n" "${GIT_STATUSES}"
|
||||
fi
|
||||
|
||||
if [ -z "${MESSAGE}" ]; then
|
||||
|
|
|
|||
Loading…
Reference in New Issue