Compare commits
26 commits
Author | SHA1 | Date | |
---|---|---|---|
2560deec1e | |||
Jérémy Lecour | d01286e0b9 | ||
Jérémy Lecour | 2f2e723bc0 | ||
Jérémy Lecour | 252fe746a7 | ||
Jérémy Lecour | 8a7cf0a941 | ||
1cbe1a6c1e | |||
f594a54e07 | |||
33504c4c01 | |||
21f7464d42 | |||
95b45bac8e | |||
Mathieu Trossevin | 4ef8878bcf | ||
a33021b041 | |||
Jérémy Lecour | 9aa16dff73 | ||
Jérémy Lecour | b8bb014b8d | ||
Jérémy Lecour | 334ef62d43 | ||
Jérémy Lecour | c83a1043c7 | ||
Jérémy Lecour | 46b8015d93 | ||
Jérémy Lecour | 026fb9f5cd | ||
Jérémy Lecour | 88187912cd | ||
Jérémy Lecour | edca7cee17 | ||
Jérémy Lecour | 26d4a2e219 | ||
Jérémy Lecour | f5abdd2912 | ||
Jérémy Lecour | a811b008c7 | ||
29ac93e250 | |||
c88bc83145 | |||
bf6cf1bf00 |
64
CHANGELOG.md
64
CHANGELOG.md
|
@ -15,6 +15,70 @@ and this project **does not adhere to [Semantic Versioning](http://semver.org/sp
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
|
## [23.10.1] - 2023-10-09
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
* Use a special variable name since USER is always defined from the environment
|
||||||
|
|
||||||
|
## [23.10] - 2023-10-09
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
* Force a user name with `-u,--user` option (default is still `logname(1)`).
|
||||||
|
* More people credited
|
||||||
|
|
||||||
|
### Deprecated
|
||||||
|
|
||||||
|
* `--autosysadmin` is replaced by `--user autosysadmin`
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## [22.07] - 2022-07-05
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
* Add `--autosysadmin` flag
|
||||||
|
* Commit change in /etc of lxc containers
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
### Deprecated
|
||||||
|
|
||||||
|
### Removed
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
### Security
|
||||||
|
|
||||||
|
## [22.01] - 2022-01-25
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
* version/host/user headers in sent email
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
New version pattern
|
||||||
|
|
||||||
|
## [0.6.4] - 2021-06-17
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
* fallback if findmnt is absent
|
||||||
|
|
||||||
|
## [0.6.3] - 2020-02-02
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
* Notify syslog when partitions are re-mounted (Linux)
|
||||||
|
|
||||||
|
## [0.6.2] - 2020-02-02
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
* better detection of read-only partitions (Linux)
|
||||||
|
|
||||||
## [0.6.0] - 2019-11-05
|
## [0.6.0] - 2019-11-05
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
|
@ -6,15 +6,15 @@ evomaintenance is a program that helps reporting what you've done on a server
|
||||||
|
|
||||||
Usage: evomaintenance
|
Usage: evomaintenance
|
||||||
or evomaintenance --message="add new host"
|
or evomaintenance --message="add new host"
|
||||||
or evomaintenance --no-db --no-mail --no-commit
|
or evomaintenance --no-api --no-mail --no-commit
|
||||||
or echo "add new vhost" | evomaintenance
|
or echo "add new vhost" | evomaintenance
|
||||||
|
|
||||||
Options
|
Options
|
||||||
-m, --message=MESSAGE set the message from the command line
|
-m, --message=MESSAGE set the message from the command line
|
||||||
--mail enable the mail hook (default)
|
--mail enable the mail hook (default)
|
||||||
--no-mail disable the mail hook
|
--no-mail disable the mail hook
|
||||||
--db enable the database hook (default)
|
--db enable the database hook
|
||||||
--no-db disable the database hook
|
--no-db disable the database hook (default)
|
||||||
--api enable the API hook (default)
|
--api enable the API hook (default)
|
||||||
--no-api disable the API hook
|
--no-api disable the API hook
|
||||||
--commit enable the commit hook (default)
|
--commit enable the commit hook (default)
|
||||||
|
|
3
contrib/git-hook-post-checkout
Executable file
3
contrib/git-hook-post-checkout
Executable file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# Git pre-checkout hook restoring permissions and ownerships.
|
||||||
|
mtree -u < .mtree
|
26
contrib/git-hook-pre-commit
Executable file
26
contrib/git-hook-pre-commit
Executable file
|
@ -0,0 +1,26 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# Git pre-commit hook storing permissions and ownerships.
|
||||||
|
|
||||||
|
mtreeignore=$(mktemp --suffix mtree)
|
||||||
|
|
||||||
|
mtree_exclude() {
|
||||||
|
echo .git
|
||||||
|
# Get ignored files from git https://stackoverflow.com/a/467053
|
||||||
|
find . -not -path './.git/*' | git check-ignore --stdin
|
||||||
|
}
|
||||||
|
|
||||||
|
# In case .mtree doens't exists yet, we still want it in the specification
|
||||||
|
# to be generated.
|
||||||
|
if [ -f .mtree ]; then
|
||||||
|
touch .mtree
|
||||||
|
fi
|
||||||
|
|
||||||
|
mtree_exclude > "$mtreeignore"
|
||||||
|
trap 'rm --force "$mtreeignore"' EXIT
|
||||||
|
|
||||||
|
mtree -x -c \
|
||||||
|
-p . \
|
||||||
|
-k uname,gname,mode \
|
||||||
|
-X "$mtreeignore" > .mtree
|
||||||
|
|
||||||
|
git add .mtree
|
10
debian/changelog
vendored
10
debian/changelog
vendored
|
@ -1,8 +1,14 @@
|
||||||
|
evomaintenance (0.6.3-1) UNRELEASED; urgency=low
|
||||||
|
|
||||||
|
* fix partitions re-mounting before/after commits
|
||||||
|
|
||||||
|
-- Jérémy Lecour <jlecour@evolix.fr> Mon, 3 Mar 2020 22:14:12 +0100
|
||||||
|
|
||||||
evomaintenance (0.6.0-1) UNRELEASED; urgency=low
|
evomaintenance (0.6.0-1) UNRELEASED; urgency=low
|
||||||
|
|
||||||
* commit changes in /usr/share/scripts/ if needed
|
* commit changes in /usr/share/scripts/ if needed
|
||||||
|
|
||||||
-- Jérémy Lecour <jlecour@evolix.fr> Tue, 5 Nov 2019 14:50:12 +0100
|
-- Jérémy Lecour <jlecour@evolix.fr> Tue, 5 Nov 2019 14:50:12 +0100
|
||||||
|
|
||||||
evomaintenance (0.5.1-1) UNRELEASED; urgency=low
|
evomaintenance (0.5.1-1) UNRELEASED; urgency=low
|
||||||
|
|
||||||
|
|
|
@ -1,21 +1,16 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
# EvoMaintenance script
|
VERSION="23.10.1"
|
||||||
# Dependencies (all OS): git postgresql-client
|
|
||||||
# Dependencies (Debian): sudo
|
|
||||||
|
|
||||||
# Copyright 2007-2019 Evolix <info@evolix.fr>, Gregory Colpart <reg@evolix.fr>,
|
|
||||||
# Jérémy Lecour <jlecour@evolix.fr> and others.
|
|
||||||
|
|
||||||
VERSION="0.6.0"
|
|
||||||
|
|
||||||
show_version() {
|
show_version() {
|
||||||
cat <<END
|
cat <<END
|
||||||
evomaintenance version ${VERSION}
|
evomaintenance version ${VERSION}
|
||||||
|
|
||||||
Copyright 2007-2019 Evolix <info@evolix.fr>,
|
Copyright 2007-2023 Evolix <info@evolix.fr>,
|
||||||
Gregory Colpart <reg@evolix.fr>,
|
Gregory Colpart <reg@evolix.fr>,
|
||||||
Jérémy Lecour <jlecour@evolix.fr>
|
Jérémy Lecour <jlecour@evolix.fr>,
|
||||||
|
Brice Waegeneire <bwaegeneire@evolix.fr>,
|
||||||
|
Mathieu Trossevin <mtrossevin@evolix.fr>
|
||||||
and others.
|
and others.
|
||||||
|
|
||||||
evomaintenance comes with ABSOLUTELY NO WARRANTY. This is free software,
|
evomaintenance comes with ABSOLUTELY NO WARRANTY. This is free software,
|
||||||
|
@ -47,13 +42,20 @@ Options
|
||||||
--no-evocheck disable evocheck execution
|
--no-evocheck disable evocheck execution
|
||||||
--auto use "auto" mode
|
--auto use "auto" mode
|
||||||
--no-auto use "manual" mode (default)
|
--no-auto use "manual" mode (default)
|
||||||
|
-u, --user=USER force USER value (default: logname(1))
|
||||||
-v, --verbose increase verbosity
|
-v, --verbose increase verbosity
|
||||||
-n, --dry-run actions are not executed
|
-n, --dry-run actions are not executed
|
||||||
--help print this message and exit
|
--help print this message and exit
|
||||||
--version print version and exit
|
-V, --version print version and exit
|
||||||
END
|
END
|
||||||
}
|
}
|
||||||
|
|
||||||
|
syslog() {
|
||||||
|
if [ -x "${LOGGER_BIN}" ]; then
|
||||||
|
${LOGGER_BIN} -t "evomaintenance" "$1"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
get_system() {
|
get_system() {
|
||||||
uname -s
|
uname -s
|
||||||
}
|
}
|
||||||
|
@ -91,13 +93,22 @@ get_who() {
|
||||||
}
|
}
|
||||||
|
|
||||||
get_begin_date() {
|
get_begin_date() {
|
||||||
printf "%s %s" "$(date "+%Y")" "$(get_who | cut -d" " -f3,4,5)"
|
# XXX A begin date isn't applicable when used in autosysadmin, so we
|
||||||
|
# use the same date as the end date.
|
||||||
|
if is_autosysadmin; then
|
||||||
|
get_end_date
|
||||||
|
else
|
||||||
|
printf "%s %s" "$(date "+%Y")" "$(get_who | cut -d" " -f3,4,5)"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
get_ip() {
|
get_ip() {
|
||||||
ip=$(get_who | cut -d" " -f6 | sed -e "s/^(// ; s/)$//")
|
ip=$(get_who | cut -d" " -f6 | sed -e "s/^(// ; s/)$//")
|
||||||
[ -z "${ip}" ] && ip="unknown (no tty)"
|
if is_autosysadmin || [ "${ip}" = ":0" ]; then
|
||||||
[ "${ip}" = ":0" ] && ip="localhost"
|
ip="localhost"
|
||||||
|
elif [ -z "${ip}" ]; then
|
||||||
|
ip="unknown (no tty)"
|
||||||
|
fi
|
||||||
|
|
||||||
echo "${ip}"
|
echo "${ip}"
|
||||||
}
|
}
|
||||||
|
@ -110,6 +121,14 @@ get_now() {
|
||||||
date +"%Y-%m-%dT%H:%M:%S%z"
|
date +"%Y-%m-%dT%H:%M:%S%z"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
get_user() {
|
||||||
|
if [ -n "${FORCE_USER}" ]; then
|
||||||
|
echo "${FORCE_USER}"
|
||||||
|
else
|
||||||
|
logname
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
get_complete_hostname() {
|
get_complete_hostname() {
|
||||||
REAL_HOSTNAME=$(get_fqdn)
|
REAL_HOSTNAME=$(get_fqdn)
|
||||||
if [ "${HOSTNAME}" = "${REAL_HOSTNAME}" ]; then
|
if [ "${HOSTNAME}" = "${REAL_HOSTNAME}" ]; then
|
||||||
|
@ -168,17 +187,40 @@ print_session_data() {
|
||||||
printf "Message : %s\n" "${MESSAGE}"
|
printf "Message : %s\n" "${MESSAGE}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
is_autosysadmin() {
|
||||||
|
test "${USER}" = "autosysadmin"
|
||||||
|
}
|
||||||
|
|
||||||
is_repository_readonly() {
|
is_repository_readonly() {
|
||||||
mountpoint=$(stat -c '%m' $1)
|
if [ "$(get_system)" = "OpenBSD" ]; then
|
||||||
findmnt ${mountpoint} --noheadings --output OPTIONS | grep -q -E "\bro\b"
|
partition=$(stat -f '%Sd' $1)
|
||||||
|
mount | grep ${partition} | grep -q "read-only"
|
||||||
|
elif command -v findmnt >/dev/null; then
|
||||||
|
mountpoint=$(stat -c '%m' $1)
|
||||||
|
findmnt ${mountpoint} --noheadings --output OPTIONS -O ro
|
||||||
|
else
|
||||||
|
grep /usr /proc/mounts | grep -E '\bro\b'
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
remount_repository_readwrite() {
|
remount_repository_readwrite() {
|
||||||
mountpoint=$(stat -c '%m' $1)
|
if [ "$(get_system)" = "OpenBSD" ]; then
|
||||||
mount -o remount,rw ${mountpoint}
|
partition=$(stat -f '%Sd' $1)
|
||||||
|
mount -u -w /dev/${partition} 2>/dev/null
|
||||||
|
else
|
||||||
|
mountpoint=$(stat -c '%m' $1)
|
||||||
|
mount -o remount,rw ${mountpoint}
|
||||||
|
syslog "Re-mount ${mountpoint} as read-write to commit in repository $1"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
remount_repository_readonly() {
|
remount_repository_readonly() {
|
||||||
mountpoint=$(stat -c '%m' $1)
|
if [ "$(get_system)" = "OpenBSD" ]; then
|
||||||
mount -o remount,ro ${mountpoint} 2>/dev/null
|
partition=$(stat -f '%Sd' $1)
|
||||||
|
mount -u -r /dev/${partition} 2>/dev/null
|
||||||
|
else
|
||||||
|
mountpoint=$(stat -c '%m' $1)
|
||||||
|
mount -o remount,ro ${mountpoint} 2>/dev/null
|
||||||
|
syslog "Re-mount ${mountpoint} as read-only after commit to repository $1"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
hook_commit() {
|
hook_commit() {
|
||||||
|
@ -278,6 +320,9 @@ From: ${FULLFROM}
|
||||||
Content-Type: text/plain; charset=UTF-8
|
Content-Type: text/plain; charset=UTF-8
|
||||||
MIME-Version: 1.0
|
MIME-Version: 1.0
|
||||||
Content-Transfer-Encoding: 8bit
|
Content-Transfer-Encoding: 8bit
|
||||||
|
X-Evomaintenance-Version: ${VERSION}
|
||||||
|
X-Evomaintenance-Host: ${HOSTNAME_TEXT}
|
||||||
|
X-Evomaintenance-User: ${USER}
|
||||||
To: ${EVOMAINTMAIL}
|
To: ${EVOMAINTMAIL}
|
||||||
Subject: [evomaintenance] Intervention sur ${HOSTNAME_TEXT} (${USER})
|
Subject: [evomaintenance] Intervention sur ${HOSTNAME_TEXT} (${USER})
|
||||||
|
|
||||||
|
@ -354,6 +399,7 @@ AUTO=${AUTO:-"0"}
|
||||||
EVOCHECK=${EVOCHECK:-"0"}
|
EVOCHECK=${EVOCHECK:-"0"}
|
||||||
GIT_STATUS_MAX_LINES=${GIT_STATUS_MAX_LINES:-20}
|
GIT_STATUS_MAX_LINES=${GIT_STATUS_MAX_LINES:-20}
|
||||||
API_ENDPOINT=${API_ENDPOINT:-""}
|
API_ENDPOINT=${API_ENDPOINT:-""}
|
||||||
|
FORCE_USER=${FORCE_USER:-""}
|
||||||
|
|
||||||
# initialize variables
|
# initialize variables
|
||||||
MESSAGE=""
|
MESSAGE=""
|
||||||
|
@ -431,6 +477,31 @@ while :; do
|
||||||
# use "auto" mode
|
# use "auto" mode
|
||||||
AUTO=1
|
AUTO=1
|
||||||
;;
|
;;
|
||||||
|
--autosysadmin)
|
||||||
|
# Deprecated, backward compatibility
|
||||||
|
# author change as autosysadmin
|
||||||
|
printf 'WARNING: "--autosysadmin" is deprecated, use "--user autosysadmin".\n' >&2
|
||||||
|
FORCE_USER="autosysadmin"
|
||||||
|
;;
|
||||||
|
-u|--user)
|
||||||
|
# user options, with value speparated by space
|
||||||
|
if [ -n "$2" ]; then
|
||||||
|
FORCE_USER=$2
|
||||||
|
shift
|
||||||
|
else
|
||||||
|
printf 'ERROR: "--user" requires a non-empty option argument.\n' >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
--user=?*)
|
||||||
|
# message options, with value speparated by =
|
||||||
|
FORCE_USER=${1#*=}
|
||||||
|
;;
|
||||||
|
--user=)
|
||||||
|
# message options, without value
|
||||||
|
printf 'ERROR: "--user" requires a non-empty option argument.\n' >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
-n|--dry-run)
|
-n|--dry-run)
|
||||||
# disable actual commands
|
# disable actual commands
|
||||||
DRY_RUN=1
|
DRY_RUN=1
|
||||||
|
@ -469,7 +540,7 @@ HOSTNAME_TEXT=$(get_complete_hostname)
|
||||||
IP=$(get_ip)
|
IP=$(get_ip)
|
||||||
BEGIN_DATE=$(get_begin_date)
|
BEGIN_DATE=$(get_begin_date)
|
||||||
END_DATE=$(get_end_date)
|
END_DATE=$(get_end_date)
|
||||||
USER=$(logname)
|
USER=$(get_user)
|
||||||
|
|
||||||
PATH=${PATH}:/usr/sbin
|
PATH=${PATH}:/usr/sbin
|
||||||
|
|
||||||
|
@ -497,6 +568,9 @@ if [ "${HOOK_API}" = "1" ] && [ -z "${CURL_BIN}" ]; then
|
||||||
echo "No \`curl' command has been found, can't call the API." 2>&1
|
echo "No \`curl' command has been found, can't call the API." 2>&1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
LOGGER_BIN=$(command -v logger)
|
||||||
|
readonly LOGGER_BIN
|
||||||
|
|
||||||
if [ "${HOOK_API}" = "1" ] && [ -z "${API_ENDPOINT}" ]; then
|
if [ "${HOOK_API}" = "1" ] && [ -z "${API_ENDPOINT}" ]; then
|
||||||
echo "No API endpoint specified, can't call the API." 2>&1
|
echo "No API endpoint specified, can't call the API." 2>&1
|
||||||
fi
|
fi
|
||||||
|
@ -505,6 +579,11 @@ EVOCHECK_BIN="/usr/share/scripts/evocheck.sh"
|
||||||
|
|
||||||
GIT_REPOSITORIES="/etc /etc/bind /usr/share/scripts"
|
GIT_REPOSITORIES="/etc /etc/bind /usr/share/scripts"
|
||||||
|
|
||||||
|
# Add /etc directories from lxc containers if they are git directories
|
||||||
|
if [ -d /var/lib/lxc ]; then
|
||||||
|
GIT_REPOSITORIES="${GIT_REPOSITORIES} $(find -L /var/lib/lxc/ -maxdepth 3 -name 'etc' | tr '\n' ' ' | sed 's/[[:space:]]\+$//')"
|
||||||
|
fi
|
||||||
|
|
||||||
# initialize variable
|
# initialize variable
|
||||||
GIT_STATUSES=""
|
GIT_STATUSES=""
|
||||||
# git statuses
|
# git statuses
|
||||||
|
@ -532,7 +611,7 @@ if [ "${INTERACTIVE}" = "1" ] && [ "${EVOCHECK}" = "1" ]; then
|
||||||
get_evocheck
|
get_evocheck
|
||||||
fi
|
fi
|
||||||
if [ -n "${GIT_STATUSES}" ] && [ "${INTERACTIVE}" = "1" ]; then
|
if [ -n "${GIT_STATUSES}" ] && [ "${INTERACTIVE}" = "1" ]; then
|
||||||
printf "/!\ There are some uncommited changes.\n%s\n\n" "${GIT_STATUSES}"
|
printf "/!\\\ There are some uncommited changes.\n%s\n\n" "${GIT_STATUSES}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -z "${MESSAGE}" ]; then
|
if [ -z "${MESSAGE}" ]; then
|
||||||
|
|
Loading…
Reference in a new issue