blob: a0fe8192d71e9fe5eeed17eb202973b3ac34e14d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
|
#!/bin/sh /etc/rc.common
USE_PROCD=1
START=30
EXTRA_COMMANDS="get_key probeid log create_backup load_backup create_key"
EXTRA_HELP=" get_key print probe public key (used for probe registration)
probeid print probe id
log print probe status log
create_backup backup ssh key to tar.gz
load_backup 'backup.tar.gz' load backup ssh key from tar.gz
create_key create probe priv/pub key
"
SCRIPTS_DIR="/usr/libexec/atlas-probe-scripts"
TMP_BASE_DIR="/tmp/ripe_atlas_probe"
PUB_KEY_FILE="$SCRIPTS_DIR/etc/probe_key.pub"
PRIV_KEY_FILE="$SCRIPTS_DIR/etc/probe_key"
PROBE_ID_FILE="$TMP_BASE_DIR/status/reg_init_reply.txt"
LOG_FILE="/tmp/log/ripe_sw_probe"
STATE_CONFIG="$SCRIPTS_DIR/state/config.txt"
load_backup() {
local backup_arch
local tmp_dir
backup_arch="$1"
tmp_dir="$(mktemp -u -p /var/run/atlas)"
if [ -f "$backup_arch" ]; then
safe_mkdir "$tmp_dir"
tar -xzf "$backup_arch" -C "$tmp_dir/"
if [ -f "$tmp_dir/probe_key.pub" ] && [ -f "$tmp_dir/probe_key" ]; then
mv "$tmp_dir/probe_key.pub" "$PUB_KEY_FILE"
mv "$tmp_dir/probe_key" "$PRIV_KEY_FILE"
rm -rf "$tmp_dir"
print_msg "Info: public and private key loaded from backup"
else
print_msg "Error: Could not extract probe_key or probe_key form backup archive"
rm -rf "$tmp_dir"
exit 1
fi
else
print_msg "Error: Provided backup file $backup_arch does not exists"
exit 1
fi
}
create_backup() {
local back_dir
back_dir="$(pwd)"
if [ -f "$PUB_KEY_FILE" -a -f "$PRIV_KEY_FILE" ]; then
print_msg "Info: Creating backup arch in $back_dir"
tar -czf "$back_dir/atlas-key-backup.tar.gz" -C "$SCRIPTS_DIR/etc" probe_key probe_key.pub
else
print_msg "Error: private or public key does not exists."
exit 1
fi
}
create_key() {
local username
local probe_key=/etc/atlas/probe_key
local probe_pub_key=/etc/atlas/probe_key.pub
config_load atlas
config_get username "common" username
if [ -f "$PRIV_KEY_FILE" ]; then
if [ ! -f $probe_key ]; then
print_msg "Missing probe_key in /etc/atlas"
print_msg "The key will be lost on sysupgrade. Cosider moving the keys in /etc/atlas and create a link in the $SCRIPTS_DIR/etc/ dir."
fi
print_msg "probe_key already present. Exiting..."
exit 1
fi
if [ -z "$username" ]; then
print_msg "Username not set in atlas config file. Enter your ripe-atlas username."
exit 1
fi
if [ -n "$(which ssh-keygen)" ]; then
ssh-keygen -t rsa -b 2048 -f $probe_key -N ""
sed -i "s/ \S*$/ "$username"/" $probe_pub_key
elif [ -n "$(which dropbearkey)" ] && [ -n "$(which dropbearconvert)" ]; then
local public_key
public_key="$(dropbearkey -t rsa -f /etc/atlas/probe_key_dropbear -s 2048 | sed -n 2p)"
public_key="$(echo "$public_key" | sed "s/ \S*$/ "$username"/")"
echo $public_key > $probe_pub_key
dropbearconvert dropbear openssh /etc/atlas/probe_key_dropbear $probe_key
rm /etc/atlas/probe_key_dropbear
else
print_msg "Can't find a way to generate key."
exit 1
fi
#Link priv/pub key
[ -f $PRIV_KEY_FILE ] || ln -s $probe_key $PRIV_KEY_FILE
[ -f $PUB_KEY_FILE ] || ln -s $probe_pub_key $PUB_KEY_FILE
#Fix permission
chown atlas $probe_key $probe_pub_key
chgrp atlas $probe_key $probe_pub_key
chmod 644 $probe_key $probe_pub_key
print_msg "Key generated successfully. Use the get_key command to show the public key and get instruction on how to register your probe."
}
log() {
if [ -f "$LOG_FILE" ];then
tail "$LOG_FILE"
else
print_msg "Error. No log file found. Probe isn't probably running"
exit 1
fi
}
get_key() {
if [ -f "$PUB_KEY_FILE" ]; then
echo "Probe public key (use for registration)"
echo "URL with registration form https://atlas.ripe.net/apply/swprobe/"
echo "=========================================="
cat "$PUB_KEY_FILE"
else
print_msg "Error! Pub. key not found"
exit 1
fi
}
probeid() {
local probe_id
if [ -f "$PROBE_ID_FILE" ]; then
probe_id="$(awk '/PROBE_ID/ {print $2}' "$PROBE_ID_FILE")"
if [ -z "$probe_id" ]; then
print_msg "Probe ID not found SW probe isn't probably registered yet"
exit 1
else
print_msg "Probe ID is $probe_id"
fi
else
print_msg "Probe ID not found. SW probe is not running or probe_key isn't registered yet"
exit 1
fi
}
print_msg() {
echo "$1" >&2
logger -t atlas-sw-probe "$1"
}
stop_service() {
local atlas_pid
local tunnel_pid
local pid_file
print_msg "Stopping atlas sw probe"
print_msg "Kill all atlas processes"
for pid_file in "$SCRIPTS_DIR/run/"*.vol; do
[ -f "$pid_file" ] || continue
# test if proccess is still running
atlas_pid="$(cat "$pid_file")"
if kill -0 "$atlas_pid" 2>/dev/null; then
kill "$atlas_pid"
fi
done
if [ -f "$SCRIPTS_DIR/status/con_keep_pid.vol" ]; then
print_msg "Kill ssh tunnel"
tunnel_pid="$(cat "$SCRIPTS_DIR/status/con_keep_pid.vol")"
if kill -0 "$tunnel_pid" 2>/dev/null; then
kill "$tunnel_pid"
fi
fi
# Clean run dir
rm -r $TMP_BASE_DIR
}
safe_mkdir() {
local dir="$1"
if [ -e "$dir" ] && [ ! -d "$dir" -o -L "$dir" ]; then
rm -rf "$dir"
fi
mkdir -p "$dir"
chmod 700 "$dir"
chown root:root "$dir"
}
create_tmp_dirs() {
local dirs
chown -R atlas:atlas "$SCRIPTS_DIR/bin"
chmod 755 "$SCRIPTS_DIR/bin"
dirs='crons data run status'
safe_mkdir "$TMP_BASE_DIR"
for i in $dirs; do
safe_mkdir "$TMP_BASE_DIR/$i"
done
}
start_service() {
local log_stderr
local log_stdout
local rxtxrpt
local test_setting
local probe_key=/etc/atlas/probe_key
local probe_pub_key=/etc/atlas/probe_key.pub
# The link is not saved across sysupgrade, recreate if missing
if [ ! -f $PRIV_KEY_FILE ]; then
[ -f $probe_key ] && ln -s $probe_key $PRIV_KEY_FILE
[ -f $probe_pub_key ] && ln -s $probe_pub_key $PUB_KEY_FILE
fi
# With the precheck done, check if the priv key is actually present
if [ ! -f $PRIV_KEY_FILE ]; then
print_msg "Missing probe_key. To init the key follow instruction in /etc/atlas/atlas.readme"
print_msg "Assuming atlas-sw-probe not init. Exiting..."
exit 1
fi
create_tmp_dirs
config_load atlas
config_get_bool log_stderr "common" log_stderr "0"
config_get_bool log_stdout "common" log_stdout "0"
config_get_bool rxtxrpt "common" rxtxrpt "1"
test_setting=$(grep "^[ ]*RXTXRPT=yes" "$STATE_CONFIG")
# Decide if we should write to permanent storage
if [ "$rxtxrpt" == "1" ] && [ -z "$test_setting" ]; then
echo "RXTXRPT=yes">$STATE_CONFIG
elif [ "$rxtxrpt" == "0" ] && [ ! -z "$test_setting" ]; then
echo "RXTXRPT=no">$STATE_CONFIG
fi
procd_open_instance
procd_set_param command "$SCRIPTS_DIR/bin/ATLAS"
procd_set_param stdout "$log_stdout"
procd_set_param stderr "$log_stderr"
procd_close_instance
}
|