Highly Available and Scalable Information System
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

693 lines
27 KiB

#!/bin/bash
#EuryBOX check functions file
#Desc: verify the archive access and content
#No arg required
eurybox_check_arch ()
{
local ARCH_OUT
local STATUS
local ARCH_CONTENT
local ARCH_DESC="${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},DESC]}"
local ARCH_FORMAT="${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FORMAT]}"
local ARCH_ENC="${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ENC]}"
local ARCH_FILE="${EURYBOX_BACKUP_DESTINATION[MOUNT]}/${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FILENAME]}.${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FORMAT]}"
case ${ARCH_FORMAT} in
"tar" ) TAR_OPTIONS="-Stv";;
"tar.gz" ) TAR_OPTIONS="-Stv --use-compress-program=pigz";;
"tar.bz2" ) TAR_OPTIONS="-Stv --use-compress-program=lbzip2";;
esac
if [[ ${ARCH_ENC} = "true" ]]
then
ARCH_OUT=`sudo sh -c "openssl enc -${EURYBOX_BACKUP_ARCHIVE[ENC_ALGO]} -d -in ${ARCH_FILE} -pass file:${EURYBOX_BACKUP_ARCHIVE[PASSFILE]} | tar ${TAR_OPTIONS}" 2>&1`
STATUS=$?
else
ARCH_OUT=`sudo sh -c "tar ${TAR_OPTIONS} -f ${ARCH_FILE}" 2>&1`
STATUS=$?
fi
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message warning CHECK "Archive use check failed - error $STATUS:\n$ARCH_OUT"
EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ARCH_STATUS]="KO"
else
ARCH_CONTENT=`echo "${ARCH_DESC}" | awk '{ if(content == 1) {print $0} else { if($0 == "ARCHIVE_CONTENT:") {content=1} } }'`
if [[ $ARCH_CONTENT == $ARCH_OUT ]]
then
EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ARCH_STATUS]="OK"
eurybox_display_message message CHECK "Archive use check - OK"
eurybox_display_message debug CHECK "Archive command output:\n$ARCH_OUT"
else
eurybox_display_message warning CHECK "Archive use check failed - error description and archive content mismatch - description content:\n$ARCH_CONTENT\ndetected archive content:\n$ARCH_OUT"
EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ARCH_STATUS]="KO"
fi
fi
}
#Desc: check the input arguments
#TODO: implement arguments usage (debug mode / config file ...) and checking
eurybox_check_arguments ()
{
eurybox_display_message message CHECK "Script arguments: $1"
}
#Desc: verify the existence on the host of commands
#1 arg min required: command [command] [command] ...
eurybox_check_command()
{
local -i not_found
for cmd; do
command -v >&- "$cmd" || {
eurybox_display_message warning CHECK $"Command $cmd is not found"
let not_found++
}
done
(( not_found == 0 )) || {
eurybox_display_message error CHECK "Please install first dependencies listed above to use EuryBOX scripts"
}
}
#Desc: verify the configuration file and mandatory variables initialisation
#1 arg can be supplied as script type (BACKUP/UPDATE/EXEC_COMMAND) to add extra checks
#Conf file needs to be sourced before
eurybox_check_configuration ()
{
local SCRIPT_TYPE=$1
#Checking script execution parameters
if [[ -z $EURYBOX_CORPORATE || -z $EURYBOX_LOG_LEVEL ]]
then
eurybox_display_message warning CHECK "Script execution parameters not set. Continuing script execution in debug mode."
EURYBOX_CORPORATE="EURYECE TELECOM"
EURYBOX_LOG_LEVEL=debug
else
eurybox_display_message message CHECK "Script execution parameters:"
eurybox_display_message message CHECK "Corporate: $EURYBOX_CORPORATE"
eurybox_display_message message CHECK "Log level: $EURYBOX_LOG_LEVEL"
fi
#Checking environment parameters
if [[ -z $EURYBOX_DOMAIN || -z $EURYBOX_SERVICES_NUMBER || ${#EURYBOX_SERVICES[@]} -eq 0 || ${#EURYBOX_HYPERVISOR[@]} -eq 0 ]]
then
eurybox_display_message error CHECK "Environment parameters not set: Domaine/$EURYBOX_DOMAIN Services/${EURYBOX_SERVICES[*]} Num/$EURYBOX_SERVICES_NUMBER Hypervisor/${EURYBOX_HYPERVISOR[*]}"
else
eurybox_display_message message CHECK "Script environment parameters:"
eurybox_display_message message CHECK "Domain: $EURYBOX_DOMAIN"
eurybox_display_message message CHECK "Hypervisor: ${EURYBOX_HYPERVISOR[*]}"
for ((EURYBOX_SERVICES_NUM=1;EURYBOX_SERVICES_NUM<=$EURYBOX_SERVICES_NUMBER;EURYBOX_SERVICES_NUM++));
do
eurybox_display_message message CHECK "Target service: host:${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,HOST]}, name: ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,NAME]}, ssh user: ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,USER]}, ssh port: ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,PORT]}, OS: ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,OS]}, additional disks: ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,DISK]}"
done
eurybox_display_message debug CHECK "Services number: $EURYBOX_SERVICES_NUMBER"
fi
#Checking distribution parameters
if [[ -z $EURYBOX_DISTRIB_TYPE || -z $EURYBOX_DISTRIB_MAC_TYPE ]]
then
eurybox_display_message error CHECK "Distribution parameters not set: Type -> $EURYBOX_DISTRIB_TYPE / MAC -> $EURYBOX_DISTRIB_MAC_TYPE"
else
case $EURYBOX_DISTRIB_TYPE in
fedora20|fedora21|centos7|redhat7|centos6|redhat6|centos5|redhat5|fedora22|fedora23|fedora24|debian6|debian7|debian8|ubuntu12|ubuntu14|ubuntu16|gentoo|archlinux|openbsd5 )
eurybox_display_message message CHECK "Distribution configured: $EURYBOX_DISTRIB_TYPE"
;;
* )
eurybox_display_message error CHECK "Unsupported distribution: $EURYBOX_DISTRIB_TYPE"
;;
esac
case $EURYBOX_DISTRIB_MAC_TYPE in
selinux|none )
eurybox_display_message message CHECK "Distribution mandatory access control type configured: $EURYBOX_DISTRIB_MAC_TYPE"
;;
apparmor|* )
eurybox_display_message error CHECK "Unsupported mandatory access control type: $EURYBOX_DISTRIB_MAC_TYPE - please use selinux or none"
;;
esac
fi
if [[ $SCRIPT_TYPE = "BACKUP" || $SCRIPT_TYPE = "RESTORE" ]]
then
#Checking backup target parameters
if [[ -z $EURYBOX_BACKUP_TYPE || ${#EURYBOX_BACKUP_DESTINATION[@]} -eq 0 || ${#EURYBOX_BACKUP_ARCHIVE[@]} -eq 0 ]]
then
eurybox_display_message error CHECK "Backup parameters not set:\nType:$EURYBOX_BACKUP_TYPE\nDestination:${EURYBOX_BACKUP_DESTINATION[*]}\nArchive:${EURYBOX_BACKUP_ARCHIVE[*]}\nTargets:${EURYBOX_BACKUP_TARGETS[*]}"
else
eurybox_display_message message CHECK "Backup parameters:"
eurybox_display_message message CHECK "Backup type: $EURYBOX_BACKUP_TYPE"
eurybox_display_message message CHECK "Backup destination: ${EURYBOX_BACKUP_DESTINATION[*]}"
eurybox_display_message message CHECK "Archive parameters: ${EURYBOX_BACKUP_ARCHIVE[*]}"
eurybox_display_message message CHECK "Archive targets: ${EURYBOX_BACKUP_TARGETS[*]}"
fi
fi
if [[ $SCRIPT_TYPE = "UPDATE" ]]
then
#Checking update parameters
if [[ -z $EURYBOX_UPDATE_LOCAL_REPOSITORIES_ACTIVATED || -z $EURYBOX_UPDATE_LOCAL_REPOSITORIES_PATH ]]
then
eurybox_display_message error CHECK "Update parameters not set:\nLocal repositories activated:$EURYBOX_UPDATE_LOCAL_REPOSITORIES_ACTIVATED\nLocal storage path:$EURYBOX_UPDATE_LOCAL_REPOSITORIES_PATH\nTarget repositories:${EURYBOX_UPDATE_LOCAL_REPOSITORIES[*]}"
else
eurybox_display_message message CHECK "Update parameters:"
eurybox_display_message message CHECK "Local repositories enabled: $EURYBOX_UPDATE_LOCAL_REPOSITORIES_ACTIVATED"
eurybox_display_message message CHECK "Local repositories storage path: $EURYBOX_UPDATE_LOCAL_REPOSITORIES_PATH"
eurybox_display_message message CHECK "Target repositories: ${EURYBOX_UPDATE_LOCAL_REPOSITORIES[*]}"
fi
fi
##Make sure pipe individual output exit status are available
##set -o pipefail
#Initialize tools options
case ${EURYBOX_HYPERVISOR[TYPE]} in
qemu )
EURYBOX_VIRSH_OPTIONS="-c qemu:///system"
;;
xen )
EURYBOX_VIRSH_OPTIONS="-c xen:///"
;;
* )
eurybox_display_message error CHECK "Bad hypervisor type: ${EURYBOX_HYPERVISOR[TYPE]}"
;;
esac
EURYBOX_RSYNC_OPTIONS="-azHmS --timeout=$EURYBOX_NETWORK_TIMEOUT"
EURYBOX_SSH_OPTIONS="-oPasswordAuthentication=no -oConnectTimeout=$EURYBOX_NETWORK_TIMEOUT -oConnectionAttempts=$EURYBOX_MAX_RETRY_ON_FAILURE"
EURYBOX_NMAP_OPTIONS="--host-timeout $EURYBOX_NETWORK_TIMEOUT --max-retries $EURYBOX_MAX_RETRY_ON_FAILURE"
EURYBOX_LS_OPTIONS="-x"
EURYBOX_MNT_NFS_OPTIONS="-o hard,retry=$EURYBOX_MAX_RETRY_ON_FAILURE,timeo=${EURYBOX_NETWORK_TIMEOUT}0"
EURYBOX_MNT_SSHFS_OPTIONS="-o allow_root ${EURYBOX_SSH_OPTIONS}"
EURYBOX_MNT_FTPFS_OPTIONS="-o allow_root,connect_timeout=${EURYBOX_NETWORK_TIMEOUT}"
case $EURYBOX_LOG_LEVEL in
debug )
set -xv
EURYBOX_RSYNC_OPTIONS+=" -v"
EURYBOX_SSH_OPTIONS+=" -oLogLevel=debug"
EURYBOX_NMAP_OPTIONS+=" -d9 -v3"
EURYBOX_LS_OPTIONS+=" -a"
EURYBOX_MNT_NFS_OPTIONS+=" -v"
EURYBOX_MNT_SSHFS_OPTIONS+=" -oLogLevel=debug"
EURYBOX_MNT_FTPFS_OPTIONS+=" -v"
EURYBOX_VIRSH_OPTIONS+=" -q -d 2"
;;
verbose )
set -v
EURYBOX_RSYNC_OPTIONS+=" -v"
EURYBOX_SSH_OPTIONS+=" -oLogLevel=verbose"
EURYBOX_NMAP_OPTIONS+=" -d0 -v2"
EURYBOX_LS_OPTIONS+=" -l"
EURYBOX_MNT_NFS_OPTIONS+=" -v"
EURYBOX_MNT_SSHFS_OPTIONS+=" -oLogLevel=verbose"
EURYBOX_MNT_FTPFS_OPTIONS+=" -v"
EURYBOX_VIRSH_OPTIONS+=" -q -d 3"
;;
info )
EURYBOX_SSH_OPTIONS+=" -oLogLevel=info"
EURYBOX_NMAP_OPTIONS+=" -d0 -v"
EURYBOX_LS_OPTIONS+=" -l"
EURYBOX_MNT_SSHFS_OPTIONS+=" -oLogLevel=info"
EURYBOX_VIRSH_OPTIONS+=" -q -d 4"
;;
warning )
EURYBOX_SSH_OPTIONS+=" -oLogLevel=info"
EURYBOX_NMAP_OPTIONS+=" -d0 -v0"
EURYBOX_VIRSH_OPTIONS+=" -q"
EURYBOX_MNT_SSHFS_OPTIONS+=" -oLogLevel=info"
;;
error )
EURYBOX_SSH_OPTIONS+=" -oLogLevel=error"
EURYBOX_NMAP_OPTIONS+=" -d0 -v1"
EURYBOX_VIRSH_OPTIONS+=" -q"
EURYBOX_MNT_SSHFS_OPTIONS+=" -oLogLevel=error"
;;
esac
eurybox_display_message debug CHECK "ftpfs mount options: $EURYBOX_MNT_FTPFS_OPTIONS"
eurybox_display_message debug CHECK "ls options: $EURYBOX_LS_OPTIONS"
eurybox_display_message debug CHECK "nfs mount options: $EURYBOX_MNT_NFS_OPTIONS"
eurybox_display_message debug CHECK "nmap options: $EURYBOX_NMAP_OPTIONS"
eurybox_display_message debug CHECK "rsync options: $EURYBOX_RSYNC_OPTIONS"
eurybox_display_message debug CHECK "ssh options: $EURYBOX_SSH_OPTIONS"
eurybox_display_message debug CHECK "sshfs mount options: $EURYBOX_MNT_SSHFS_OPTIONS"
eurybox_display_message debug CHECK "virsh options: $EURYBOX_VIRSH_OPTIONS"
}
#Desc: verify the archive ECCF and try to repair it
#No arg required
eurybox_check_eccf ()
{
local ECC_OUT
local STATUS
local ECC_FORMAT="${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FEC]}"
local ECC_FILE="${EURYBOX_BACKUP_DESTINATION[MOUNT]}/${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FILENAME]}.${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FORMAT]}"
local ECC_FILE_ROOT="${EURYBOX_BACKUP_DESTINATION[MOUNT]}/${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FILENAME]}"
case "${ECC_FORMAT}" in
par2 )
ECC_OUT=`sudo sh -c "par2 r ${ECC_FILE_ROOT}.par2" 2>&1`
STATUS=$?
;;
zfec )
ECC_OUT=`sudo sh -c "zunfec -f -o ${ECC_FILE}.recovered ${ECC_FILE}.*.fec" 2>&1`
STATUS=$?
if [[ ($STATUS -eq 0) ]]
then
EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ECC_STATUS]="OK"
eurybox_display_message message CHECK "Archive ECC check/recovery - recovered file: ${ECC_FILE}.recovered"
eurybox_display_message debug CHECK "ECC command output:\n$ECC_OUT"
ECC_OUT=`sudo sh -c "mv ${ECC_FILE} ${ECC_FILE}.corrupted" 2>&1`
STATUS=$?
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message warning CHECK "Archive ECC check/recovery success but cannot move corrupted archive - error $STATUS:\n$ECC_OUT"
else
ECC_OUT=`sudo sh -c "mv ${ECC_FILE}.recovered ${ECC_FILE}" 2>&1`
STATUS=$?
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message warning CHECK "Archive ECC check/recovery success but cannot move recovered archive - error $STATUS:\n$ECC_OUT"
else
eurybox_display_message message CHECK "Archive ECC check/recovery - OK"
eurybox_display_message debug CHECK "ECC command output:\n$ECC_OUT"
fi
fi
fi
;;
* )
eurybox_display_message error CHECK "Archive ECC format unknown: ${ECC_FORMAT}"
;;
esac
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message warning CHECK "Archive ECC check/recovery failed - error $STATUS:\n$ECC_OUT"
EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ECC_STATUS]="KO"
else
EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ECC_STATUS]="OK"
eurybox_display_message message CHECK "Archive ECC check/recovery - OK"
eurybox_display_message debug CHECK "ECC command output:\n$ECC_OUT"
fi
}
#Desc: verify the archive hash
#No arg required
eurybox_check_hash()
{
local HASH_OUT
local STATUS
local HASH_FORMAT="${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},HASH]}"
local HASH_FILE="${EURYBOX_BACKUP_DESTINATION[MOUNT]}/${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FILENAME]}.${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},HASH]}"
case "${HASH_FORMAT}" in
sha256 )
HASH_OUT=`sudo sh -c "sha256sum -c $HASH_FILE" 2>&1`
STATUS=$?
;;
sha512 )
HASH_OUT=`sudo sh -c "sha512sum -c $HASH_FILE" 2>&1`
STATUS=$?
;;
* )
eurybox_display_message error CHECK "Archive hash format unknown: ${HASH_FORMAT}"
;;
esac
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message warning CHECK "Archive hash check failed - error $STATUS:\n$HASH_OUT"
EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},HASH_STATUS]="KO"
else
EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},HASH_STATUS]="OK"
eurybox_display_message message CHECK "Archive hash check - OK"
eurybox_display_message debug CHECK "Hash command output:\n$HASH_OUT"
fi
}
#Desc: verify the kernel is Linux
#No arg required
eurybox_check_kernel()
{
#Check kernel name
local KERNEL_NAME=`uname -s`
if [[ $KERNEL_NAME != "Linux" ]]
then
eurybox_display_message error CHECK "Kernel $KERNEL_NAME not supported - please use Linux"
else
eurybox_display_message message CHECK "Kernel $KERNEL_NAME found"
fi
#Check nfs4 capabilities
#fgrep nfs4 /proc/kallsyms
}
#Desc: check the hypervisor distribution / host parameters
#No arg required
eurybox_check_distribution ()
{
#Check distrib type
case $EURYBOX_DISTRIB_TYPE in
centos5|centos6|centos7 )
DISTRIBUTION_FILE="/etc/centos-release"
;;
redhat5|redhat6|redhat7 )
DISTRIBUTION_FILE="/etc/redhat-release"
;;
fedora20|fedora21|fedora22|fedora23 )
DISTRIBUTION_FILE="/etc/fedora-release"
;;
debian6|debian7|debian8 )
DISTRIBUTION_FILE="/etc/debian_version"
;;
ubuntu12|ubuntu14|ubuntu16 )
DISTRIBUTION_FILE="/etc/lsb-release"
;;
# openbsd5 )
# DISTRIBUTION_FILE=""
# ;;
gentoo )
DISTRIBUTION_FILE="/etc/gentoo-release"
;;
archlinux )
DISTRIBUTION_FILE="/etc/arch-release"
;;
* )
eurybox_display_message error CHECK "Unsupported distribution: $EURYBOX_DISTRIB_TYPE"
;;
esac
DETECTED_DISTRIBUTION=`cat $DISTRIBUTION_FILE 2>&1`
STATUS=$?
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message error CHECK "Configured distribution type doesn't corresponds to detected distribution"
else
if [[ $DETECTED_DISTRIBUTION != "" ]]
then
#TODO: CHECK VERSION COHERENCE FROM FILE CONTENT
eurybox_display_message message CHECK "Distribution verification success"
eurybox_display_message debug CHECK "${DETECTED_DISTRIBUTION}"
else
eurybox_display_message error CHECK "Configured distribution version doesn't corresponds to detected distribution version: ${DETECTED_DISTRIBUTION}"
fi
fi
#Check MAC type
case $EURYBOX_DISTRIB_MAC_TYPE in
selinux )
SE_OUT=`sudo getenforce 2>&1`
STATUS=$?
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message error CHECK "Configured distribution mac type doesn't seems to be supported"
else
case $SE_OUT in
Enforcing|enforcing )
eurybox_display_message message CHECK "SELinux - enabled"
;;
Permissive|permissive )
eurybox_display_message warning CHECK "SELinux - permissive mode detected"
;;
Disabled|disabled )
eurybox_display_message warning CHECK "SELinux - disabled"
;;
* )
eurybox_display_message warning CHECK "Unknown mode: $SE_OUT"
;;
esac
fi
;;
none )
;;
esac
}
#Desc: check the overall environment
#1 arg can be supplied as script type (BACKUP/RESTORE/UPDATE/EXEC_COMMAND) to add extra checks
eurybox_check_environment ()
{
local SCRIPT_TYPE=$1
local STATUS
local BKP_SPACE_LEFT
local BKP_ACCESS_OK
#Check common external sotfware used
eurybox_check_command grep sudo ssh virsh awk df tail tput nmap
#Check specific external sotfware used depending on configuration
if [[ $SCRIPT_TYPE = "BACKUP" || $SCRIPT_TYPE = "RESTORE" ]]
then
case ${EURYBOX_BACKUP_DESTINATION[PROTOCOL]} in
LOCAL )
;;
SSH )
eurybox_check_command sshfs
;;
NFS )
eurybox_check_command rpcinfo
;;
FTP )
eurybox_check_command curlftpfs lftp
;;
PART )
eurybox_check_command cryptsetup
;;
ISCSI|* )
eurybox_display_message error CHECK "Unsupported backup destination protocol: ${EURYBOX_BACKUP_DESTINATION[PROTOCOL]}"
;;
esac
if [[ $SCRIPT_TYPE = "BACKUP" ]]
then
case ${EURYBOX_BACKUP_ARCHIVE[FORMAT]} in
tar )
eurybox_check_command tar
;;
tar.gz )
eurybox_check_command tar pigz
;;
tar.bz )
eurybox_check_command tar pbzip2
;;
* )
eurybox_display_message error CHECK "Unsupported backup archive format: ${EURYBOX_BACKUP_ARCHIVE[FORMAT]}"
;;
esac
case ${EURYBOX_BACKUP_ARCHIVE[HASH]} in
sha256 )
eurybox_check_command sha256sum
;;
sha512 )
eurybox_check_command sha512sum
;;
* )
eurybox_display_message error CHECK "Unsupported backup archive hash type: ${EURYBOX_BACKUP_ARCHIVE[HASH]}"
;;
esac
case ${EURYBOX_BACKUP_ARCHIVE[ENCRYPT]} in
true )
eurybox_check_command openssl
ENC_OUT=`sudo sh -c "echo TEST | openssl enc -salt -e -${EURYBOX_BACKUP_ARCHIVE[ENC_ALGO]} -pass file:${EURYBOX_BACKUP_ARCHIVE[PASSFILE]} -out /dev/null" 2>&1`
STATUS=$?
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message error CHECK "Encryption engine test failed: error ${STATUS}\n${ENC_OUT}"
else
eurybox_display_message debug CHECK "Encryption engine successfully tested"
fi
;;
false )
;;
* )
eurybox_display_message error CHECK "Wrong backup archive encryption (true or false): ${EURYBOX_BACKUP_ARCHIVE[ENCRYPT]}"
;;
esac
case ${EURYBOX_BACKUP_ARCHIVE[FEC]} in
par2 )
eurybox_check_command par2
;;
zfec )
eurybox_check_command zfec
;;
* )
eurybox_display_message error CHECK "Unsupported backup archive FEC format: ${EURYBOX_BACKUP_ARCHIVE[FEC]}"
;;
esac
fi
if [[ $SCRIPT_TYPE = "RESTORE" ]]
then
eurybox_check_command openssl tar par2 zfec sha512sum sha256sum virt-sysprep pigz pbzip2
fi
if [[ $SCRIPT_TYPE = "UPDATE" ]]
then
eurybox_check_command rsync
fi
fi
#Check kernel capabilities
eurybox_check_kernel
#Check distribution is coherent with configuration
eurybox_check_distribution
#Check administration privileges
sudo -nv
STATUS=$?
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message error CHECK "Administration privileges are not available. Please execute this script as root or privileged user without password prompting (NOPASSWD / sudo group member)."
else
eurybox_display_message debug CHECK "Administration privileges available."
fi
#Check access to Hypervisor
eurybox_check_hv_access
#Check access to VMs
for ((EURYBOX_SERVICES_NUM=1;EURYBOX_SERVICES_NUM<=$EURYBOX_SERVICES_NUMBER;EURYBOX_SERVICES_NUM++));
do
eurybox_check_vm_access ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,NAME]} ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,HOST]} ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,USER]} ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,PORT]} ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,DISK]}
done
#Check tmp folder
if [[ !(-d ${EURYBOX_TMP_FOLDER}) ]]
then
sudo mkdir -p ${EURYBOX_TMP_FOLDER}
STATUS=$?
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message error CHECK "Temp folder ${EURYBOX_BACKUP_TMP_FOLDER} doesn't exists and folder creation failed"
else
eurybox_display_message message CHECK "Temp folder ${EURYBOX_BACKUP_TMP_FOLDER} successfully created"
fi
fi
#FOR BKP ONLY
if [[ $SCRIPT_TYPE = "BACKUP" ]]
then
#Check bkp destination (access + space left size)
eurybox_backup_mount_target
BKP_SPACE_LEFT=`sudo df -Pk ${EURYBOX_BACKUP_DESTINATION[MOUNT]}/ | tail -1 | awk '{print $4}'`
if (( $BKP_SPACE_LEFT < $EURYBOX_BACKUP_LOW_CRITICAL_LEVEL ))
then
eurybox_backup_umount_target
eurybox_display_message error CHECK "Free space left on backup destination too low: $BKP_SPACE_LEFT kB"
else
if (( $BKP_SPACE_LEFT < $EURYBOX_BACKUP_LOW_WARNING_LEVEL ))
then
eurybox_display_message warning CHECK "Free space left on backup destination low: $BKP_SPACE_LEFT kB"
else
eurybox_display_message debug CHECK "Free space left on backup destination OK: $BKP_SPACE_LEFT kB"
fi
fi
#Check bkp destination permissions (READ/WRITE)
BKP_ACCESS_OK=`sudo sh -c "touch ${EURYBOX_BACKUP_DESTINATION[MOUNT]}/test && rm -Rf ${EURYBOX_BACKUP_DESTINATION[MOUNT]}/test"`
STATUS=$?
if [[ !($STATUS -eq 0) ]]
then
eurybox_backup_umount_target
eurybox_display_message error CHECK "Backup destination access failed: \n$BKP_ACCESS_OK"
else
eurybox_display_message debug CHECK "Backup destination access OK: \n$BKP_ACCESS_OK"
fi
eurybox_backup_umount_target
fi
#FOR RESTORE ONLY
if [[ $SCRIPT_TYPE = "RESTORE" ]]
then
#Check bkp origin access (READ)
eurybox_backup_mount_target
BKP_ACCESS_OK=`sudo ls -al ${EURYBOX_BACKUP_DESTINATION[MOUNT]}/`
STATUS=$?
if [[ !($STATUS -eq 0) ]]
then
eurybox_backup_umount_target
eurybox_display_message error CHECK "Backup origin access failed: \n$BKP_ACCESS_OK"
else
eurybox_display_message debug CHECK "Backup origin access OK: \n$BKP_ACCESS_OK"
fi
eurybox_backup_umount_target
fi
}
#Desc: check hypervisor access
#No arg required
eurybox_check_hv_access ()
{
local TYPE=$1
local STATUS
local NODEINFOS
local CAPABILITIES
local DOMCAPABILITIES
local SYSINFOS=`sudo virsh $EURYBOX_VIRSH_OPTIONS sysinfo 2>&1`
STATUS=$?
if [[ $STATUS -eq 0 ]]
then
eurybox_display_message message CHECK "Hypervisor - access OK"
NODEINFOS=`sudo virsh $EURYBOX_VIRSH_OPTIONS nodeinfo 2>&1`
CAPABILITIES=`sudo virsh $EURYBOX_VIRSH_OPTIONS capabilities 2>&1`
DOMCAPABILITIES=`sudo virsh $EURYBOX_VIRSH_OPTIONS domcapabilities 2>&1`
eurybox_display_message debug CHECK "System informations:\n$SYSINFOS"
eurybox_display_message debug CHECK "Node informations:\n$NODEINFOS"
eurybox_display_message debug CHECK "Node capabilities:\n$CAPABILITIES"
eurybox_display_message debug CHECK "Dom capabilities:\n$DOMCAPABILITIES"
else
eurybox_display_message error CHECK "Hypervisor - access failed: \n$SYSINFOS_OK"
fi
}
#Desc: verify the restore vm
#No arg required
eurybox_check_restore_vm ()
{
local CHECK_OUT
local VM_NAME
local ARCH_ID=${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]}
local VM_ID=${EURYBOX_RESTORE_TARGET_ARCHIVE[VM_ID]}
if [[ $VM_ID == "*" ]]
then
for (( VM_NUM=0;VM_NUM<${EURYBOX_DETECTED_ARCHIVES[$ARCH_ID,VM_NUM]};VM_NUM++ ))
do
VM_NAME=${EURYBOX_DETECTED_ARCHIVES[$ARCH_ID,$VM_NUM,NAME]}
eurybox_vm_rename $VM_NAME
done
else
VM_NAME="${EURYBOX_DETECTED_ARCHIVES[$ARCH_ID,$VM_ID,NAME]}"
eurybox_vm_rename $VM_NAME
fi
}
#Desc: check Virtual Machine access
#5 arg min required: vm_name vm_host ssh_user ssh_port disk [disk] ...
eurybox_check_vm_access ()
{
local NAME=$1
local HOST=$2
local USER=$3
local PORT=$4
local DISK=${@:5:$#}
local STATUS
local EURYBOX_DISK_OK
local EURYBOX_SSH_OK
local EURYBOX_VM_NAME=`sudo virsh $EURYBOX_VIRSH_OPTIONS list --all | awk '{ if ($2 == name) {print $2} }' name=$NAME 2>&1`
if [[ -z "$EURYBOX_VM_NAME" ]]
then
eurybox_display_message error CHECK "VM $NAME - virsh not found"
else
eurybox_display_message debug CHECK "VM $NAME - virsh found: $EURYBOX_VM_NAME"
EURYBOX_VM_NAME=`sudo virsh $EURYBOX_VIRSH_OPTIONS list | awk '{ if ($2 == name) {print $2} }' name=$NAME 2>&1`
if [[ -z "$EURYBOX_VM_NAME" ]]
then
eurybox_display_message message CHECK "VM $NAME is not running - cannot check network configuration"
else
eurybox_display_message message CHECK "VM $NAME - running"
eurybox_display_message debug CHECK "$EURYBOX_VM_NAME"
EURYBOX_SSH_OK=`ssh $EURYBOX_SSH_OPTIONS -p $PORT $USER@$HOST "touch eurybox_check_ssh_ok" 2>&1`
STATUS=$?
if [[ $STATUS -eq 0 ]]
then
eurybox_display_message message CHECK "VM $NAME - SSH connection OK"
eurybox_display_message debug CHECK "SSH output:\n$EURYBOX_SSH_OK"
else
eurybox_display_message error CHECK "VM $NAME - SSH connection failed:\n$EURYBOX_SSH_OK"
fi
fi
fi
if [[ $DISK = "" ]]
then
eurybox_display_message debug CHECK "VM $NAME - no additional disk configured"
else
EURYBOX_DISK_OK=`sudo ls $EURYBOX_LS_OPTIONS $DISK 2>&1`
STATUS=$?
if [[ !($STATUS -eq 0) ]]
then
eurybox_display_message warning CHECK "VM $NAME - disk $DISK - access failed:\n$EURYBOX_DISK_OK"
else
eurybox_display_message message CHECK "VM $NAME - disk $DISK - access OK"
eurybox_display_message debug CHECK "Disk access output:\n$EURYBOX_DISK_OK"
fi
fi
}
#TODO:PACKAGES TO INSTALL
#yum install -y nmap pigz pbzip2 sshfs curlftpfs lftp cryptsetup par2cmdline libguestfs-tools
#yum install python-pip gcc python-devel
#pip install --upgrade pip
#pip install zfec
#update: yum-utils / debmirror
#TODO: Implement lockfile and check if not already running