boot.php
1 |
<?php
|
---|---|
2 |
/** **************************************************************************
|
3 |
* Copyright (C) 2008-2014 Eric Seigne <eric.seigne@ryxeo.com>
|
4 |
*
|
5 |
* This program is free software; you can redistribute it and/or modify
|
6 |
* it under the terms of the GNU General Public License as published by
|
7 |
* the Free Software Foundation; either version 2 of the License.
|
8 |
*
|
9 |
* This program is distributed in the hope that it will be useful,
|
10 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
11 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
12 |
* GNU General Public License for more details.
|
13 |
*
|
14 |
* You should have received a copy of the GNU General Public License
|
15 |
* along with this program; if not, write to the Free Software
|
16 |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
17 |
* ***************************************************************************
|
18 |
* File : boot.php
|
19 |
* Author : Eric SEIGNE
|
20 |
* mailto:eric.seigne@ryxeo.com
|
21 |
* Licence : GNU/GPL Version 2
|
22 |
*
|
23 |
* Description:
|
24 |
* ------------
|
25 |
*
|
26 |
* Gestion du script a lancer automatiquement au boot par les clients lourds
|
27 |
* recupere le script boot qui se trouve dans
|
28 |
* /home/machines/$hostname/scripts/horizon-apt
|
29 |
* - Dans l'ordre: on prends le fichier par defaut si il existe
|
30 |
* - Ensuite on enchaine sur les fichiers de groupes
|
31 |
* - Et enfin sur le fichier script spécifique
|
32 |
*
|
33 |
* ************************************************************************* */
|
34 |
|
35 |
//Totaly quiet
|
36 |
@error_reporting(0); |
37 |
|
38 |
require_once("AbE_Config_Set_Variables.php"); |
39 |
include_once "AbE_Users.php"; |
40 |
|
41 |
if(isset($_SERVER["HTTP_X_FORWARDED_FOR"])) { |
42 |
$ip_client = $_SERVER["HTTP_X_FORWARDED_FOR"]; |
43 |
} |
44 |
else {
|
45 |
$ip_client = $_SERVER["REMOTE_ADDR"]; |
46 |
} |
47 |
$hostname = gethostbyaddr($ip_client); |
48 |
$hostnametab = explode(".",$hostname); |
49 |
$shortname = $hostnametab[0]; |
50 |
$account = $hostnametab[0]; |
51 |
$metamode = trim(`horizon-getent config metamode -s`); |
52 |
$epackfile = "/etc/" . $metamode . "/epack"; |
53 |
|
54 |
//Pour l'instant on a implemente la gestion de lucid (11.08) et trusty (15.08), par defaut on a des clients
|
55 |
//de type lucid car on n'a implémenté le nouvel argument _GET["distrib"] qu'à partir de la 15.08
|
56 |
$distrib = "lucid"; |
57 |
if(isset($_GET["distrib"])) { |
58 |
$distrib = $_GET["distrib"]; |
59 |
} |
60 |
|
61 |
if($metamode == "abuledu") { |
62 |
$serveur = "servecole"; |
63 |
} |
64 |
else {
|
65 |
$serveur = "serveur"; |
66 |
} |
67 |
|
68 |
$homedir = "/home/machines/$shortname"; |
69 |
//Si on a un nom du genre jbl01.vlan927.abuledu. le shotname est jbl01 mais le home peut etre /home/machines/jbl01.vlan927 ...
|
70 |
if(!is_dir($homedir) && (count($hostnametab) > 1)) { |
71 |
$homedir .= "." . $hostnametab[1]; |
72 |
$account .= "." . $hostnametab[1]; |
73 |
} |
74 |
if(!is_dir($homedir)) { |
75 |
print "ERREUR: le homedir du poste n'existe pas ($homedir)"; |
76 |
} |
77 |
|
78 |
//debug print "IP: $ip_client // $hostname // $shortname";
|
79 |
|
80 |
/*
|
81 |
header('Content-Description: File Transfer');
|
82 |
header('Content-Type: application/octet-stream');
|
83 |
header('Content-Disposition: attachment; filename='.basename($bootfile));
|
84 |
header('Content-Transfer-Encoding: binary');
|
85 |
header('Expires: 0');
|
86 |
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
|
87 |
header('Pragma: public');
|
88 |
header('Content-Length: ' . filesize($file));
|
89 |
ob_clean();
|
90 |
flush();*/
|
91 |
|
92 |
//Parcours un repertoire et remplis un tableau
|
93 |
function browse_dir_and_push_array($dir, &$tab, $sort=0) { |
94 |
if(is_dir($dir)) { |
95 |
$handle=opendir($dir); |
96 |
while ($file = readdir($handle)){ |
97 |
if($file != "." && $file != "..") { |
98 |
$tab[] = $file; |
99 |
} |
100 |
} |
101 |
closedir($handle); |
102 |
} |
103 |
if($sort == 1) { |
104 |
sort($tab); |
105 |
} |
106 |
} |
107 |
|
108 |
//On recupere la version de mise a jour dispo sur ce serveur ...
|
109 |
$serverupgradeversion = "0"; |
110 |
if(file_exists("/etc/" . $metamode . "/upgradeversion")) { |
111 |
$fileserver = file("/etc/" . $metamode . "/upgradeversion"); |
112 |
$data = array(); |
113 |
for($i = 0; $i < count($fileserver); $i++) { |
114 |
$line = explode("=", $fileserver[$i]); |
115 |
$data[$line[0]] = trim($line[1]); |
116 |
} |
117 |
$serverupgradeversion = $data["MYUPGRADE"]; |
118 |
} |
119 |
|
120 |
$bootscript = "#!/bin/bash |
121 |
#
|
122 |
# IP: $ip_client
|
123 |
# Hostname: $hostname ($shortname)
|
124 |
# HomeDir : $homedir
|
125 |
# Distribution: $distrib
|
126 |
#
|
127 |
|
128 |
. /lib/lsb/init-functions
|
129 |
|
130 |
MYUPGRADE=\"\"
|
131 |
|
132 |
#si le fichier n'existe pas ... on le cree vide
|
133 |
if [ ! -f /etc/$metamode/upgradeversion ]; then
|
134 |
touch /etc/$metamode/upgradeversion
|
135 |
fi
|
136 |
|
137 |
. /etc/$metamode/upgradeversion
|
138 |
|
139 |
#si le poste a deja eu cette mise a jour on ne va pas plus loin
|
140 |
if [ \"\${MYUPGRADE}\" -ge \"$serverupgradeversion\" ]; then
|
141 |
exit
|
142 |
fi
|
143 |
|
144 |
function message_all() {
|
145 |
for num in 1 2 3 4 5 6
|
146 |
do
|
147 |
TT=/dev/tty\${num}
|
148 |
echo \$1 > \${TT}
|
149 |
done
|
150 |
}
|
151 |
|
152 |
service kdm stop
|
153 |
|
154 |
clear
|
155 |
|
156 |
echo \"\"
|
157 |
echo \"\"
|
158 |
echo \"Lancement des scripts systemes (mise a jour, correctifs ...) soyez patients !\"
|
159 |
echo \"Vous êtes sur la console qui affichera la progression dans quelques secondes\"
|
160 |
echo \"\"
|
161 |
echo \"\"
|
162 |
echo \"\"
|
163 |
message_all \"\"
|
164 |
message_all \"Lancement des scripts systemes (mise a jour, correctifs ...) soyez patients !\"
|
165 |
message_all \"Pour voir ce qui se passe passez sur la console 7 ou 8 avec Alt+F7 ou Alt+F8\"
|
166 |
|
167 |
function remove_application() {
|
168 |
log_daemon_msg \" - suppression de \$1\"
|
169 |
message_all \" - suppression de \$1\"
|
170 |
apt-get remove -qq -y --force-yes --purge \$1
|
171 |
#if [ \"\${?}\" == \"0\" ]; then
|
172 |
# log_end_msg 0
|
173 |
#else
|
174 |
# log_end_msg 1
|
175 |
#fi
|
176 |
}
|
177 |
|
178 |
function add_application() {
|
179 |
log_daemon_msg \" - installation de \$1\"
|
180 |
message_all \" - installation de \$1\"
|
181 |
apt-get install -qq -y --force-yes \$1
|
182 |
#if [ \"\${?}\" == \"0\" ]; then
|
183 |
# log_end_msg 0
|
184 |
#else
|
185 |
# log_end_msg 1
|
186 |
#fi
|
187 |
}
|
188 |
|
189 |
";
|
190 |
|
191 |
//Pave numerique pour ce poste ?
|
192 |
//bug #737
|
193 |
$cmdnumpad = "horizon-getltscfg -c /opt/ltsp/i386/etc/lts.conf -n " . $shortname . "XKBNUMPAD"; |
194 |
$numpad = trim(`$cmdnumpad`); |
195 |
if($numpad != "") { |
196 |
$bootscript .= "sed -i -e s/^NumLock=.*/NumLock=On/ /etc/kde4/kdm/kdmrc\n"; |
197 |
} |
198 |
else {
|
199 |
$bootscript .= "sed -i -e s/^NumLock=.*/NumLock=Off/ /etc/kde4/kdm/kdmrc\n"; |
200 |
} |
201 |
|
202 |
|
203 |
//l'inventaire ... que si le serveur est enregistre sur anet
|
204 |
if(file_exists($epackfile)) { |
205 |
$epack = explode(":",file_get_contents($epackfile)); |
206 |
//fix #582 et #3955
|
207 |
$bootscript .= "TESTINVENTORY=`grep KEYVALUE /var/lib/ocsinventory-agent/*ocs.ryxeo.com*/ocsinv.adm | grep '\.' | cut -d '>' -f2 | cut -d '.' -f1` |
208 |
if [ \"\${TESTINVENTORY}\" != \"" . $epack[0] . "\" ]; then |
209 |
rm -rf /var/lib/ocsinventory-agent/*ocs.ryxeo.com*
|
210 |
fi
|
211 |
nohup ocsinventory-agent --tag=" . $epack[0] . "." . str_replace(":","",$conf_ip_mac_address) . ".clientlinux --server ocs.ryxeo.com:8286 --nosoftware -f&\n"; |
212 |
} |
213 |
|
214 |
$bootscript .= "message_all \"\" |
215 |
message_all \"\"
|
216 |
message_all \"\"
|
217 |
message_all \"Lancement des scripts systemes (mise a jour, correctifs ...) soyez patients !\"
|
218 |
message_all \"Pour voir ce qui se passe passez sur la console 7 ou 8 avec Alt+F7 ou Alt+F8\"
|
219 |
message_all \"\"
|
220 |
message_all \"\"";
|
221 |
|
222 |
// en priorite
|
223 |
// #955: propagation de nos cles ssh sur les clients lourds
|
224 |
$bootscript .= " |
225 |
mkdir -p /root/.ssh
|
226 |
wget http://$serveur/horizon-apt/authorized_keys -O /root/.ssh/authorized_keys
|
227 |
chown root:root /root/.ssh
|
228 |
chmod 700 /root/.ssh
|
229 |
chmod 600 /root/.ssh/authorized_keys
|
230 |
";
|
231 |
|
232 |
// urgent #3830 : stopper nscd pour contourner le bug ubuntu security
|
233 |
// penser a le relancer a la fin ...
|
234 |
$bootscript .= " |
235 |
service nscd stop
|
236 |
|
237 |
#boucle de recherche de boot.d ou boot-local.d ...
|
238 |
";
|
239 |
|
240 |
//Le fichier par defaut pour tout le parc
|
241 |
$bootDir = "/home/machines/groups/default/horizon-apt/boot_" . $distrib . ".d"; |
242 |
$bootLocalDir = "/home/machines/groups/default/horizon-apt/boot-local_" . $distrib . ".d"; |
243 |
$bootLocalTab = array(); |
244 |
|
245 |
//On parcours le répertoire des spécificités locales en priorité et on concatène tout ça dans le script global
|
246 |
//Puis ensuite on parcours le répertoire contenant les scripts livrés par la mise à jour et si le fichier n'a
|
247 |
//pas été surchargé on le concatène au script global ...
|
248 |
if (is_dir($bootLocalDir)) { |
249 |
$tabTemp = array(); |
250 |
browse_dir_and_push_array($bootLocalDir, $tabTemp, 1); |
251 |
for($i = 0; $i < count($tabTemp); $i++) { |
252 |
$fileBoot = $tabTemp[$i]; |
253 |
$bootLocalTab[] = $fileBoot; |
254 |
$bootscript .= "# ----------------- $fileBoot ($bootLocalDir)\n"; |
255 |
$bootscript .= file_get_contents("$bootLocalDir/$fileBoot"); |
256 |
$bootscript .= "\n"; |
257 |
} |
258 |
} |
259 |
if (is_dir($bootDir)) { |
260 |
if ($dh = opendir($bootDir)) { |
261 |
while (($fileBoot = readdir($dh)) !== false) { |
262 |
if( $fileBoot == '.' || $fileBoot == '..') |
263 |
continue;
|
264 |
if(!in_array($fileBoot, $bootLocalTab)) { |
265 |
$bootscript .= "# ----------------- $fileBoot ($bootDir)\n"; |
266 |
$bootscript .= file_get_contents("$bootDir/$fileBoot"); |
267 |
$bootscript .= "\n"; |
268 |
} |
269 |
} |
270 |
closedir($dh); |
271 |
} |
272 |
} |
273 |
|
274 |
//La liste des groupes dont cette machine est membre, a venir plus tard
|
275 |
$u = new AbE_Users(); |
276 |
$u->GetUser($account); |
277 |
foreach ($u->GetGroupes() as $grp) { |
278 |
//Le repretoire de stockage des scripts de boot pour ce groupe
|
279 |
$bootLocalDir = "/home/machines/groups/$grp/horizon-apt/boot-local_" . $distrib . ".d"; |
280 |
if (is_dir($bootLocalDir)) { |
281 |
if ($dh = opendir($bootLocalDir)) { |
282 |
while (($fileBoot = readdir($dh)) !== false) { |
283 |
if( $fileBoot == '.' || $fileBoot == '..') |
284 |
continue;
|
285 |
$bootLocalTab[] = $fileBoot; |
286 |
$bootscript .= "# ----------------- $fileBoot ($bootLocalDir)\n"; |
287 |
$bootscript .= file_get_contents("$bootLocalDir/$fileBoot"); |
288 |
$bootscript .= "\n"; |
289 |
} |
290 |
closedir($dh); |
291 |
} |
292 |
} |
293 |
} |
294 |
|
295 |
$addappstab = array(); |
296 |
$removeappstab = array(); |
297 |
//L'ajout/suppr des applications
|
298 |
$addappsdir = "/home/machines/groups/default/horizon-apt/applications.add/"; |
299 |
$removeappsdir = "/home/machines/groups/default/horizon-apt/applications.remove/"; |
300 |
browse_dir_and_push_array($addappsdir, $addappstab); |
301 |
browse_dir_and_push_array($removeappsdir, $removeappstab); |
302 |
/* pour les groupes -> a implementer
|
303 |
$bootfile = "/home/machines/groups/$groupname/horizon-apt/boot";
|
304 |
if(file_exists($bootfile)) {
|
305 |
$bootscript .= file_get_contents($bootfile);
|
306 |
$bootscript .= "\n";
|
307 |
}
|
308 |
*/
|
309 |
|
310 |
//Et enfin, le fichier spécifique
|
311 |
$bootLocalDir = $homedir . "/horizon-apt/boot-local_" . $distrib . ".d"; |
312 |
if (is_dir($bootLocalDir)) { |
313 |
if ($dh = opendir($bootLocalDir)) { |
314 |
while (($fileBoot = readdir($dh)) !== false) { |
315 |
if( $fileBoot == '.' || $fileBoot == '..') |
316 |
continue;
|
317 |
$bootscript .= "# ----------------- $fileBoot ($bootLocalDir)\n"; |
318 |
$bootscript .= file_get_contents("$bootLocalDir/$fileBoot"); |
319 |
$bootscript .= "\n"; |
320 |
} |
321 |
closedir($dh); |
322 |
} |
323 |
} |
324 |
|
325 |
$addappsdir = $homedir . "/horizon-apt/applications.add/"; |
326 |
$removeappsdir = $homedir . "/horizon-apt/applications.remove/"; |
327 |
browse_dir_and_push_array($addappsdir, $addappstab); |
328 |
browse_dir_and_push_array($removeappsdir, $removeappstab); |
329 |
|
330 |
$tabadd = array_unique($addappstab); |
331 |
$tabremove = array_unique($removeappstab); |
332 |
|
333 |
foreach($tabremove as $remove) { |
334 |
$bootscript .= "message_all \" * remove $remove\""; |
335 |
$bootscript .= "remove_application $remove \n"; |
336 |
} |
337 |
|
338 |
foreach($tabadd as $add) { |
339 |
$bootscript .= "message_all \" * add $add\""; |
340 |
$bootscript .= "add_application $add \n"; |
341 |
} |
342 |
|
343 |
// urgent #3830 : penser a le relancer a la fin ...
|
344 |
$bootscript .= " |
345 |
service nscd start
|
346 |
";
|
347 |
|
348 |
|
349 |
$bootscript .= " |
350 |
message_all \"Mise à jour terminée\"
|
351 |
message_all \"\"
|
352 |
service kdm start \n";
|
353 |
|
354 |
$bootscript .= "message_all \"\" |
355 |
message_all \"\"
|
356 |
|
357 |
echo MYUPGRADE=$serverupgradeversion >| /etc/$metamode/upgradeversion
|
358 |
|
359 |
";
|
360 |
|
361 |
print $bootscript; |
362 |
exit;
|
363 |
?>
|