Manpages geschrieben, Tree aufgeraeumt
authorMaximilian Wilhelm <max@rfc2324.org>
Thu, 8 Sep 2005 21:04:03 +0000 (21:04 +0000)
committerMaximilian Wilhelm <max@rfc2324.org>
Thu, 8 Sep 2005 21:04:03 +0000 (21:04 +0000)
debian/changelog
debian/control
debian/rules
files/client/ssh-keysync [moved from files/ssh-keysync with 100% similarity]
files/client/ssh-keysync-client.conf [moved from files/ssh-keysync-client.conf with 100% similarity]
files/server/ssh-keysync-merge [moved from files/ssh-keysync-merge with 86% similarity, mode: 0644]
files/server/ssh-keysync-merge.old [new file with mode: 0755]
files/server/ssh-keysync-server.conf [moved from files/ssh-keysync-server.conf with 100% similarity]
files/server/upgrade_sshkeysync [moved from files/upgrade_sshkeysync with 100% similarity, mode: 0755]

index 91040da..e29353f 100644 (file)
@@ -6,6 +6,7 @@ rbm-ssh-keysync (0.4) stable; urgency=high
   * Added automagic upgrade script.
   * Added DNS check for every host (move files to ATTIC if no DNS entry
     exists.)
+  * Added manpages.
 
  -- Maximilan Wilhelm <max@rfc2324.org>  Sun,  4 Sep 2005 01:28:00 +0200
 
index 2213c5c..c118d21 100644 (file)
@@ -7,7 +7,7 @@ Standards-Version: 3.5.2
 
 Package: rbm-ssh-keysync-server
 Architecture: all
-Depends: perl, libconfig-inifiles-perl, libnet-dns-perl, apache
+Depends: perl, libconfig-inifiles-perl, libnet-dns-perl, apache, adduser
 Description: server-side script for distributing ssh_known_hosts
  Scripts for the server, on which the ssh-keys are collected
 
index bb43402..f2a0707 100755 (executable)
@@ -57,30 +57,33 @@ install: build
        dh_installdirs
 
        # Add here commands to install the package into debian/sshkey-sync.
-#      $(MAKE) install DESTDIR=$(CURDIR)/debian/sshkey-sync
-
        mkdir -p $(CURDIR)/debian/tmp
 
+
        ## ssh-keysync-client ##
-       mkdir -p $(CURDIR)/debian/rbm-ssh-keysync-client/opt/sbin
+       mkdir -p $(CURDIR)/debian/rbm-ssh-keysync-client/usr/sbin
        mkdir -p $(CURDIR)/debian/rbm-ssh-keysync-client/etc/rbm
        
-       install -m 750 -o root -g root files/ssh-keysync $(CURDIR)/debian/rbm-ssh-keysync-client/opt/sbin
-       install -m 640 -o root -g root files/ssh-keysync-client.conf $(CURDIR)/debian/rbm-ssh-keysync-client/etc/rbm
+       install -m 750 -o root -g root files/client/ssh-keysync $(CURDIR)/debian/rbm-ssh-keysync-client/usr/sbin
+       install -m 640 -o root -g root files/client/ssh-keysync-client.conf $(CURDIR)/debian/rbm-ssh-keysync-client/etc/rbm
+       find $(CURDIR)/debian/rbm-ssh-keysync-client/ -name CVS -type d | xargs rm -rf
 
 
        ## ssh-keysync-server ##
        mkdir -p $(CURDIR)/debian/rbm-ssh-keysync-server/etc/rbm
-       install -m 644 $(CURDIR)/files/ssh-keysync-server.conf $(CURDIR)/debian/rbm-ssh-keysync-server/etc/rbm
-
-       mkdir -p $(CURDIR)/debian/rbm-ssh-keysync-server/usr/lib/perl5/
-       cp -R $(CURDIR)/files/RBM $(CURDIR)/debian/rbm-ssh-keysync-server/usr/lib/perl5/
+       install -m 644 $(CURDIR)/files/server/ssh-keysync-server.conf $(CURDIR)/debian/rbm-ssh-keysync-server/etc/rbm
 
        mkdir -p $(CURDIR)/debian/rbm-ssh-keysync-server/usr/bin
-       install -m 755 -o root -g root $(CURDIR)/files/{upgrade_sshkeysync,ssh-keysync-merge} $(CURDIR)/debian/rbm-ssh-keysync-server/usr/bin
+       install -m 755 -o root -g root $(CURDIR)/files/server/{upgrade_sshkeysync,ssh-keysync-merge} $(CURDIR)/debian/rbm-ssh-keysync-server/usr/bin
+
+       mkdir -p $(CURDIR)/debian/rbm-ssh-keysync-server/usr/share/perl5/
+       cp -R $(CURDIR)/files/server/RBM $(CURDIR)/debian/rbm-ssh-keysync-server/usr/share/perl5/
+
+       mkdir -p $(CURDIR)/debian/rbm-ssh-keysync-server/usr/share/man/
+       cp -R $(CURDIR)/files/server/man1/ $(CURDIR)/debian/rbm-ssh-keysync-server/usr/share/man/
 
        find $(CURDIR)/debian/rbm-ssh-keysync-server/ -exec chown root:root {} \;
-       find $(CURDIR)/debian/rbm-ssh-keysync-{client,server} -name CVS -type d | xargs rm -rf
+       find $(CURDIR)/debian/rbm-ssh-keysync-server/ -name CVS -type d | xargs rm -rf
 
        dh_movefiles
 
@@ -100,7 +103,7 @@ binary-indep: build install
 #      dh_installmime -i
 #      dh_installinit -i
        dh_installcron -i
-#      dh_installman -i
+       dh_installman -i
 #      dh_installinfo -i
 #      dh_undocumented -i
        dh_installchangelogs  -i
similarity index 100%
rename from files/ssh-keysync
rename to files/client/ssh-keysync
old mode 100755 (executable)
new mode 100644 (file)
similarity index 86%
rename from files/ssh-keysync-merge
rename to files/server/ssh-keysync-merge
index c61e7cf..6be4c52
@@ -13,8 +13,10 @@ use RBM::sshKeySync::Merge;
 
 ##
 # Check for command line parameteres
-my $quiet = 0;
+my $config = "/etc/rbm/ssh-keysync-server.conf";
 my $debug = 0;
+my $quiet = 0;
+
 foreach my $arg ( @ARGV ) {
        $debug = 1 if ( $arg eq "-d" || $arg eq "-debug" );
        $quiet = 1 if ( $arg eq "-q" || $arg eq "-quiet" );
@@ -22,5 +24,5 @@ foreach my $arg ( @ARGV ) {
 
 ##
 # Run real ssh-keysync-merge
-my $merger = RBM::sshKeySync::Merge->new( quiet => $quiet, debug => $debug );
+my $merger = RBM::sshKeySync::Merge->new( quiet => $quiet, debug => $debug, configfile => $config );
 $merger->merge_all_domains();
diff --git a/files/server/ssh-keysync-merge.old b/files/server/ssh-keysync-merge.old
new file mode 100755 (executable)
index 0000000..db348a3
--- /dev/null
@@ -0,0 +1,219 @@
+#!/bin/bash
+#
+# ssh-keysync-merge
+#
+# Merge the client ssh host keys to one file
+#
+# Maximilian Wilhelm <mwilhelm@math.uni-paderborn.de>
+#  -- Sat, 17 Apr 2004 17:21:09 +0200
+#
+
+if [ "${USE_OLD_SSH_KEYSYNC_MERGE}" != "Yes, I will." ]; then
+       cat << EOF >&2
+This version of ssh-keysync-merge is deprecheated.
+
+If you *really* want to use this version, set \$USE_OLD_SSH_KEYSYNC_MERGE to
+"Yes, I will." and run it again.
+
+However, we encourage you to use the newer version...
+If not allready automagically done, run 'upgrade_sshkeysync' to upgrade
+your installation.
+EOF
+
+       exit 0
+fi
+
+# Be verbose by default
+debug=1
+
+# Environment (to be checked!)
+CONFIG_FILE="/etc/rbm/ssh-keysync-server.conf"
+BASE_DIR="/var/cache/ssh-keysync"
+KEY_FILES_DIR="${BASE_DIR}/keys"
+KNOWN_HOSTS="${BASE_DIR}/ssh_known_hosts"
+KNOWN_HOSTS_OLD="${KNOWN_HOSTS}.old"
+
+VALID_USER="skeysync"
+
+# Check some things
+init()
+{
+       if [ -f ${CONFIG_FILE} -a -r ${CONFIG_FILE} ]; then
+                if ! source ${CONFIG_FILE}; then
+                        echo "Failed to load config file \"${CONFIG_FILE}\", exiting." >&2
+                        exit 1
+                fi
+        else
+                echo "Unable to load config file \"${CONFIG_FILE}\". File does not exist or is not accessable, exiting." >&2
+                exit 1;
+        fi
+
+
+       # Who has called us?
+       if [ `whoami` != "${VALID_USER}" ]; then
+               echo "Script `basename $0` can only be run as user \"${VALID_USER}\"." >&2
+               exit 1;
+       fi
+
+       # Is there room for us?
+       for dir in "${BASE_DIR}" "${KEY_FILES_DIR}"; do
+               if [ ! -d "${dir}" ]; then
+                       echo "The directory ${dir} does not exist, but is neccessary for this script to work!" >&2
+                       echo -n "Please create ${dir}" >&2
+                       [ "${dir}" == "${BASE_DIR}" ] && echo " and allow user '${VALID_USER}' to write there." >&2
+                       echo ""
+                       exit 1;
+               fi
+       done
+
+       # DOMAIN_LIST given?
+       if [ -z "${DOMAIN_LIST}" ]; then
+               echo "Error: DOMAIN_LIST not set in $0!" >&2
+               echo "Please edit ${CONFIG_FILE} an set DOMAIN_LIST to the correct value." >&2
+               exit 1
+       fi
+}
+
+
+# Merge all client host keys
+merge()
+{
+       if [ `ls "${KEY_FILES_DIR}"/*.key 2>/dev/null | wc -l` == 0 ]; then
+               echo "No client host keys available, aborting" >&2
+               exit 0;
+       else
+
+               [ "${debug}" ] && echo -n "Merging client hosts keys "
+
+
+               # create an empty file, if there is no known_hosts file
+               [ ! -f "${KNOWN_HOSTS}" ] && touch "${KNOWN_HOSTS}"
+               # Make backup of old ssh_known_hosts file
+               mv "${KNOWN_HOSTS}" "${KNOWN_HOSTS_OLD}"
+               [ "${debug}" ] && echo -n "."
+
+
+               # Go to the working directory
+               cd "${KEY_FILES_DIR}"
+               [ "${debug}" ] && echo -n ". "
+
+
+               echo "# ssh_known_hosts generated by ssh-keysync-merge at "$(date +%d.%m.%Y) > ${KNOWN_HOSTS}
+               echo "# " >> "${KNOWN_HOSTS}"
+
+               # Building new one
+               for file in *.key; do
+                       convert_file "${file}" >> "${KNOWN_HOSTS}"
+                       [ "${debug}" ] && echo -n "."
+               done
+
+               [ "${debug}" ] && echo " done."
+       fi
+}
+
+
+
+# convert host key into the right format
+#
+# convert_file <hostname>.<keytype>
+convert_file()
+{
+       if [ $# == 1 ]; then
+               # get all needed information
+               HOST=$(echo $1 | cut -d. -f1);
+               IP=`host ${HOST} | awk '{ print $NF }'`
+
+               expr="s/,/,${HOST}./g"
+#              HOSTNAMES="${HOST},${HOST}."`echo ${DOMAIN_LIST} | tr -d '[:space:]' | sed -e "${expr}"`",${IP}"
+               HOSTNAMES="${HOST},${HOST}.`echo ${DOMAIN_LIST} | sed -e ${expr}`,${IP}"
+
+               # make sure that ${HOSTNAMES} does not include any white spaces
+               # and appand one white space at the end of ${HOSTNAMES}, to
+               # seperate the following key
+               echo -n ${HOSTNAMES} | tr -d '[:space:]'
+               echo -n " "
+               cat "${1}"
+       else
+               echo "Usage: convert_file <hostname>.<type>" >&2
+       fi
+}
+
+# Compare present and last version of ssh_known_hosts
+diff_files()
+{
+       [ "${debug}" ] && echo -n "Comparing present and last version of knonw_hosts: "
+
+       # Create a tempfile
+       TEMPFILE=`tempfile -d /tmp -s skeysync`
+       touch "${TEMPFILE}"
+
+       # one first run, there will not be an old file
+       if [ ! -f "${KNOWN_HOSTS_OLD}" ]; then
+               touch "${KNOWN_HOSTS_OLD}"
+       fi
+
+       diff -u "${KNOWN_HOSTS_OLD}" "${KNOWN_HOSTS}" > "${TEMPFILE}"
+
+       if [ -s "${TEMPFILE}" ]; then
+       # There are differences...
+           if [ `grep -c '^-# ssh_known_hosts\|^+# ssh_known_hosts' "${TEMPFILE}"` == 2 ]; then
+               echo "Attention: Files are different!"
+               echo "==============================="
+               echo ""
+               cat "${TEMPFILE}"
+               rm "${TEMPFILE}"
+               return 1
+           fi
+       else
+       # Nothing changed
+               [ "${debug}" ] && echo "equal."
+               "rm ${TEMPFILE}"
+               return 0
+       fi
+
+}
+
+
+# Put ssh_known_hosts file in public web dir
+publish()
+{
+       [ "${debug}" ] && echo -n "Putting ssh_known_hosts into web directory: "
+       cp "${KNOWN_HOSTS}" "${BASE_DIR}/pub"
+       [ "${debug}" ] && echo " done."
+}
+
+
+# Print a little help message
+help()
+{
+       echo "Usage: $0 [ -quiet ] [ -help ]"
+       echo " -quiet   Only show warnings"
+       echo " -help    Print this help"
+       exit 0
+}
+
+# What to do
+while [ $# -gt 0 ]; do
+    case "$1" in
+        -quiet)        unset debug ;;
+        -help) help ;;
+       *)      help;;
+    esac
+    shift
+done
+
+#
+# Let the show begin
+#
+
+# everything ok?
+init
+
+# build the file
+merge
+
+# publish it 
+publish
+
+# if file has changed, send mail
+diff_files
old mode 100644 (file)
new mode 100755 (executable)
similarity index 100%
rename from files/upgrade_sshkeysync
rename to files/server/upgrade_sshkeysync