diff options
Diffstat (limited to 'rcynic/installation-scripts')
| -rw-r--r-- | rcynic/installation-scripts/deinstall.sh | 5 | ||||
| -rw-r--r-- | rcynic/installation-scripts/freebsd/install.sh | 19 | ||||
| -rw-r--r-- | rcynic/installation-scripts/linux/install.sh | 46 | ||||
| -rw-r--r-- | rcynic/installation-scripts/manifest.sh | 23 |
4 files changed, 49 insertions, 44 deletions
diff --git a/rcynic/installation-scripts/deinstall.sh b/rcynic/installation-scripts/deinstall.sh deleted file mode 100644 index 113794a4..00000000 --- a/rcynic/installation-scripts/deinstall.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -# $Id$ - -echo Sorry, automated deinstallation of rcynic is not implemented yet -exit 1 diff --git a/rcynic/installation-scripts/freebsd/install.sh b/rcynic/installation-scripts/freebsd/install.sh index 105de21b..7f3e9f02 100644 --- a/rcynic/installation-scripts/freebsd/install.sh +++ b/rcynic/installation-scripts/freebsd/install.sh @@ -34,7 +34,7 @@ else fi if ! /bin/test -d "${jaildir}"; then - /bin/mkdir "${jaildir}" + /bin/mkdir -p "${jaildir}" fi if /usr/bin/install -m 555 -o root -g wheel -p rc.d.rcynic ${DESTDIR}/usr/local/etc/rc.d/rcynic; then @@ -51,10 +51,8 @@ if ! rcynic_jaildir="$jaildir" rcynic_user="$jailuser" rcynic_group="$jailgroup" exit 1 fi -if /bin/test -r "$jaildir/etc/rcynic.conf"; then - echo "You already have config file \"${jaildir}/etc/rcynic.conf\", so I will use it." -elif /usr/bin/install -m 444 -o root -g wheel -p ../sample-rcynic.conf "${jaildir}/etc/rcynic.conf"; then - echo "Installed minimal ${jaildir}/etc/rcynic.conf, adding SAMPLE trust anchors" +if /usr/bin/install -m 444 -o root -g wheel -p ../sample-rcynic.conf "${jaildir}/etc/rcynic.conf.sample"; then + echo "Installed minimal ${jaildir}/etc/rcynic.conf.sample, adding SAMPLE trust anchors" for i in ../../sample-trust-anchors/*.tal; do j="$jaildir/etc/trust-anchors/${i##*/}" /bin/test -r "$i" || continue @@ -64,10 +62,19 @@ elif /usr/bin/install -m 444 -o root -g wheel -p ../sample-rcynic.conf "${jaildi done j=1 for i in $jaildir/etc/trust-anchors/*.tal; do - echo >>"${jaildir}/etc/rcynic.conf" "trust-anchor-locator.$j = /etc/trust-anchors/${i##*/}" + echo >>"${jaildir}/etc/rcynic.conf.sample" "trust-anchor-locator.$j = /etc/trust-anchors/${i##*/}" j=$((j+1)) done else + echo "Installing minimal ${jaildir}/etc/rcynic.conf.sample failed" + exit 1 +fi + +if /bin/test -r "$jaildir/etc/rcynic.conf"; then + echo "You already have config file \"${jaildir}/etc/rcynic.conf\", so I will use it." +elif /bin/cp -p "$jaildir/etc/rcynic.conf.sample" "$jaildir/etc/rcynic.conf"; then + echo "Installed minimal ${jaildir}/etc/rcynic.conf" +else echo "Installing minimal ${jaildir}/etc/rcynic.conf failed" exit 1 fi diff --git a/rcynic/installation-scripts/linux/install.sh b/rcynic/installation-scripts/linux/install.sh index 3c9a6412..039c753b 100644 --- a/rcynic/installation-scripts/linux/install.sh +++ b/rcynic/installation-scripts/linux/install.sh @@ -10,9 +10,21 @@ : ${jailgroup="rcynic"} : ${setupcron="NO"} +echo "Checking whether we are running under fakeroot" + +if test `whoami` = `(unset LD_PRELOAD; whoami)` +then + running_fakeroot=no +else + running_fakeroot=yes +fi + echo "Setting up \"${jaildir}\" as a chroot jail for rcynic." -if ${AWK} -F: -v jailgroup="${jailgroup}" 'BEGIN {status = 1} $1 == jailgroup {status = 0} END {exit status}' /etc/group +if test $running_fakeroot = yes +then + echo "Running under fakeroot, so skipping ${jailgroup} group setup" +elif ${AWK} -F: -v jailgroup="${jailgroup}" 'BEGIN {status = 1} $1 == jailgroup {status = 0} END {exit status}' /etc/group then echo "You already have a group \"${jailgroup}\", so I will use it." elif /usr/sbin/groupadd ${jailgroup} @@ -34,7 +46,10 @@ if test -f /etc/redhat-release; then fi fi -if ${AWK} -F: -v jailuser="${jailuser}" 'BEGIN {status = 1} $1 == jailuser {status = 0} END {exit status}' /etc/passwd +if test $running_fakeroot = yes +then + echo "Running under fakeroot, so skipping ${jailuser} user setup" +elif ${AWK} -F: -v jailuser="${jailuser}" 'BEGIN {status = 1} $1 == jailuser {status = 0} END {exit status}' /etc/passwd then echo "You already have a user \"${jailuser}\", so I will use it." elif /usr/sbin/useradd -g ${jailgroup} -M $nogroup -d "${jaildir}" -s /sbin/nologin -c "RPKI validation system" ${jailuser} @@ -69,7 +84,10 @@ fi echo "Installing device inodes" -if ! (cd /dev; /bin/ls null zero random urandom | /bin/cpio -puv "${jaildir}/dev") +if test $running_fakeroot = yes +then + echo "Running under fakeroot, so skipping ${jaildir}/dev device inode setup" +elif ! (cd /dev; /bin/ls null zero random urandom | /bin/cpio -puv "${jaildir}/dev") then echo "Unable to install device inodes in ${jaildir}/dev/, please fix this then try again" exit 1 @@ -93,17 +111,21 @@ echo "Whacking file permissions" if ! /bin/chmod -R a-w "${jaildir}/bin" "${jaildir}/etc" || ! /bin/chmod -R 755 "${jaildir}/data" || - ! /bin/chown -R root:root "${jaildir}/bin" "${jaildir}/etc" || - ! /bin/chown -R "${jailuser}:${jailgroup}" "${jaildir}/data" + ( test -f "${jaildir}/etc/rsa_key" && ! /bin/chmod 400 "${jaildir}/etc/rsa_key" ) then - echo "Unable to set file permissions and ownerships correctly, please fix this and try again" + echo "Unable to set file permissions correctly, please fix this and try again" exit 1 fi -if test -f "${jaildir}/etc/rsa_key" +if test $running_fakeroot = yes +then + echo "Running under fakeroot, so skipping ${jaildir} chown calls" +elif ! /bin/chown -R root:root "${jaildir}/bin" "${jaildir}/etc" || + ! /bin/chown -R "${jailuser}:${jailgroup}" "${jaildir}/data" || + ( test -f "${jaildir}/etc/rsa_key" && ! /bin/chown "${jailuser}" "${jaildir}/etc/rsa_key" ) then - /bin/chmod 400 "${jaildir}/etc/rsa_key" - /bin/chown "${jailuser}" "${jaildir}/etc/rsa_key" + echo "Unable to set file ownership correctly, please fix this and try again" + exit 1 fi if test -r "$jaildir/etc/rcynic.conf"; then @@ -196,10 +218,14 @@ else exit 1 fi -echo "Setting up root's crontab to run jailed rcynic" +if test $running_fakeroot = yes +then + setupcron=NO +fi case "$setupcron" in YES|yes) + echo "Setting up root's crontab to run jailed rcynic" /usr/bin/crontab -l -u root 2>/dev/null | ${AWK} -v "jailuser=$jailuser" -v "jailgroup=$jailgroup" -v "jaildir=$jaildir" ' BEGIN { diff --git a/rcynic/installation-scripts/manifest.sh b/rcynic/installation-scripts/manifest.sh deleted file mode 100644 index 26872b1a..00000000 --- a/rcynic/installation-scripts/manifest.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/sh - -# $Id$ - -echo >>${abs_top_builddir}/installation-manifest D %%RCYNICJAILDIR%% -echo >>${abs_top_builddir}/installation-manifest D %%RCYNICJAILDIR%%/bin -echo >>${abs_top_builddir}/installation-manifest D %%RCYNICJAILDIR%%/dev -echo >>${abs_top_builddir}/installation-manifest D %%RCYNICJAILDIR%%/etc -echo >>${abs_top_builddir}/installation-manifest D %%RCYNICJAILDIR%%/etc/trust-anchors -echo >>${abs_top_builddir}/installation-manifest D %%RCYNICJAILDIR%%/var -echo >>${abs_top_builddir}/installation-manifest D %%RCYNICJAILDIR%%/data - -echo >>${abs_top_builddir}/installation-manifest F %%RCYNICJAILDIR%%/bin/rcynic -echo >>${abs_top_builddir}/installation-manifest F %%RCYNICJAILDIR%%/bin/rsync -echo >>${abs_top_builddir}/installation-manifest F %%RCYNICJAILDIR%%/bin/rcynic-html - -# Not sure what to do about %%RCYNICJAILDIR%%/${libdir}/* on Linux, as we -# don't know what goes there until we compute the transitive closure -# of ldd dependencies. Ick. Ignore for now. - -case "${host_os}" in -freebsd*) echo >>${abs_top_builddir}/installation-manifest F %%RCDIR%%/rcynic;; -darwin*) echo >>${abs_top_builddir}/installation-manifest F /Library/StartupItems/RCynic;; -esac |