Highly Available and Scalable Information System
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

694 lines
27 KiB

  1. #!/bin/bash
  2. #EuryBOX check functions file
  3. #Desc: verify the archive access and content
  4. #No arg required
  5. eurybox_check_arch ()
  6. {
  7. local ARCH_OUT
  8. local STATUS
  9. local ARCH_CONTENT
  10. local ARCH_DESC="${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},DESC]}"
  11. local ARCH_FORMAT="${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FORMAT]}"
  12. local ARCH_ENC="${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ENC]}"
  13. local ARCH_FILE="${EURYBOX_BACKUP_DESTINATION[MOUNT]}/${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FILENAME]}.${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FORMAT]}"
  14. case ${ARCH_FORMAT} in
  15. "tar" ) TAR_OPTIONS="-Stv";;
  16. "tar.gz" ) TAR_OPTIONS="-Stv --use-compress-program=pigz";;
  17. "tar.bz2" ) TAR_OPTIONS="-Stv --use-compress-program=lbzip2";;
  18. esac
  19. if [[ ${ARCH_ENC} = "true" ]]
  20. then
  21. ARCH_OUT=`sudo sh -c "openssl enc -${EURYBOX_BACKUP_ARCHIVE[ENC_ALGO]} -d -in ${ARCH_FILE} -pass file:${EURYBOX_BACKUP_ARCHIVE[PASSFILE]} | tar ${TAR_OPTIONS}" 2>&1`
  22. STATUS=$?
  23. else
  24. ARCH_OUT=`sudo sh -c "tar ${TAR_OPTIONS} -f ${ARCH_FILE}" 2>&1`
  25. STATUS=$?
  26. fi
  27. if [[ !($STATUS -eq 0) ]]
  28. then
  29. eurybox_display_message warning CHECK "Archive use check failed - error $STATUS:\n$ARCH_OUT"
  30. EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ARCH_STATUS]="KO"
  31. else
  32. ARCH_CONTENT=`echo "${ARCH_DESC}" | awk '{ if(content == 1) {print $0} else { if($0 == "ARCHIVE_CONTENT:") {content=1} } }'`
  33. if [[ $ARCH_CONTENT == $ARCH_OUT ]]
  34. then
  35. EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ARCH_STATUS]="OK"
  36. eurybox_display_message message CHECK "Archive use check - OK"
  37. eurybox_display_message debug CHECK "Archive command output:\n$ARCH_OUT"
  38. else
  39. eurybox_display_message warning CHECK "Archive use check failed - error description and archive content mismatch - description content:\n$ARCH_CONTENT\ndetected archive content:\n$ARCH_OUT"
  40. EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ARCH_STATUS]="KO"
  41. fi
  42. fi
  43. }
  44. #Desc: check the input arguments
  45. #TODO: implement arguments usage (debug mode / config file ...) and checking
  46. eurybox_check_arguments ()
  47. {
  48. eurybox_display_message message CHECK "Script arguments: $1"
  49. }
  50. #Desc: verify the existence on the host of commands
  51. #1 arg min required: command [command] [command] ...
  52. eurybox_check_command()
  53. {
  54. local -i not_found
  55. for cmd; do
  56. sudo command -v >&- "$cmd" || {
  57. eurybox_display_message warning CHECK $"Command $cmd is not found"
  58. let not_found++
  59. }
  60. done
  61. (( not_found == 0 )) || {
  62. eurybox_display_message error CHECK "Please install first dependencies listed above to use EuryBOX scripts"
  63. }
  64. }
  65. #Desc: verify the configuration file and mandatory variables initialisation
  66. #1 arg can be supplied as script type (BACKUP/UPDATE/EXEC_COMMAND) to add extra checks
  67. #Conf file needs to be sourced before
  68. eurybox_check_configuration ()
  69. {
  70. local SCRIPT_TYPE=$1
  71. #Checking script execution parameters
  72. if [[ -z $EURYBOX_CORPORATE || -z $EURYBOX_LOG_LEVEL ]]
  73. then
  74. eurybox_display_message warning CHECK "Script execution parameters not set. Continuing script execution in debug mode."
  75. EURYBOX_CORPORATE="EURYECE TELECOM"
  76. EURYBOX_LOG_LEVEL=debug
  77. else
  78. eurybox_display_message message CHECK "Script execution parameters:"
  79. eurybox_display_message message CHECK "Corporate: $EURYBOX_CORPORATE"
  80. eurybox_display_message message CHECK "Log level: $EURYBOX_LOG_LEVEL"
  81. fi
  82. #Checking environment parameters
  83. if [[ -z $EURYBOX_DOMAIN || -z $EURYBOX_SERVICES_NUMBER || ${#EURYBOX_SERVICES[@]} -eq 0 || ${#EURYBOX_HYPERVISOR[@]} -eq 0 ]]
  84. then
  85. eurybox_display_message error CHECK "Environment parameters not set: Domaine/$EURYBOX_DOMAIN Services/${EURYBOX_SERVICES[*]} Num/$EURYBOX_SERVICES_NUMBER Hypervisor/${EURYBOX_HYPERVISOR[*]}"
  86. else
  87. eurybox_display_message message CHECK "Script environment parameters:"
  88. eurybox_display_message message CHECK "Domain: $EURYBOX_DOMAIN"
  89. eurybox_display_message message CHECK "Hypervisor: ${EURYBOX_HYPERVISOR[*]}"
  90. for ((EURYBOX_SERVICES_NUM=1;EURYBOX_SERVICES_NUM<=$EURYBOX_SERVICES_NUMBER;EURYBOX_SERVICES_NUM++));
  91. do
  92. eurybox_display_message message CHECK "Target service: host:${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,HOST]}, name: ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,NAME]}, ssh user: ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,USER]}, ssh port: ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,PORT]}, OS: ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,OS]}, additional disks: ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,DISK]}"
  93. done
  94. eurybox_display_message debug CHECK "Services number: $EURYBOX_SERVICES_NUMBER"
  95. fi
  96. #Checking distribution parameters
  97. if [[ -z $EURYBOX_DISTRIB_TYPE || -z $EURYBOX_DISTRIB_MAC_TYPE ]]
  98. then
  99. eurybox_display_message error CHECK "Distribution parameters not set: Type -> $EURYBOX_DISTRIB_TYPE / MAC -> $EURYBOX_DISTRIB_MAC_TYPE"
  100. else
  101. case $EURYBOX_DISTRIB_TYPE in
  102. fedora20|fedora21|centos7|redhat7|centos6|redhat6|centos5|redhat5|fedora22|fedora23|fedora24|debian6|debian7|debian8|ubuntu12|ubuntu14|ubuntu16|gentoo|archlinux|openbsd5 )
  103. eurybox_display_message message CHECK "Distribution configured: $EURYBOX_DISTRIB_TYPE"
  104. ;;
  105. * )
  106. eurybox_display_message error CHECK "Unsupported distribution: $EURYBOX_DISTRIB_TYPE"
  107. ;;
  108. esac
  109. case $EURYBOX_DISTRIB_MAC_TYPE in
  110. selinux|none )
  111. eurybox_display_message message CHECK "Mandatory access control type configured: $EURYBOX_DISTRIB_MAC_TYPE"
  112. ;;
  113. apparmor|* )
  114. eurybox_display_message error CHECK "Unsupported mandatory access control type: $EURYBOX_DISTRIB_MAC_TYPE - please use selinux or none"
  115. ;;
  116. esac
  117. fi
  118. if [[ $SCRIPT_TYPE = "BACKUP" || $SCRIPT_TYPE = "RESTORE" ]]
  119. then
  120. #Checking backup target parameters
  121. if [[ -z $EURYBOX_BACKUP_TYPE || ${#EURYBOX_BACKUP_DESTINATION[@]} -eq 0 || ${#EURYBOX_BACKUP_ARCHIVE[@]} -eq 0 ]]
  122. then
  123. eurybox_display_message error CHECK "Archive parameters not set:\nType:$EURYBOX_BACKUP_TYPE\nDestination:${EURYBOX_BACKUP_DESTINATION[*]}\nArchive:${EURYBOX_BACKUP_ARCHIVE[*]}\nTargets:${EURYBOX_BACKUP_TARGETS[*]}"
  124. else
  125. eurybox_display_message message CHECK "Archive parameters:"
  126. eurybox_display_message message CHECK "Archive destination/origin: ${EURYBOX_BACKUP_DESTINATION[*]}"
  127. eurybox_display_message message CHECK "Archive parameters: ${EURYBOX_BACKUP_ARCHIVE[*]}"
  128. # eurybox_display_message message CHECK "Backup type: $EURYBOX_BACKUP_TYPE"
  129. # eurybox_display_message message CHECK "Archive targets: ${EURYBOX_BACKUP_TARGETS[*]}"
  130. fi
  131. fi
  132. if [[ $SCRIPT_TYPE = "UPDATE" ]]
  133. then
  134. #Checking update parameters
  135. if [[ -z $EURYBOX_UPDATE_LOCAL_REPOSITORIES_ACTIVATED || -z $EURYBOX_UPDATE_LOCAL_REPOSITORIES_PATH ]]
  136. then
  137. eurybox_display_message error CHECK "Update parameters not set:\nLocal repositories activated:$EURYBOX_UPDATE_LOCAL_REPOSITORIES_ACTIVATED\nLocal storage path:$EURYBOX_UPDATE_LOCAL_REPOSITORIES_PATH\nTarget repositories:${EURYBOX_UPDATE_LOCAL_REPOSITORIES[*]}"
  138. else
  139. eurybox_display_message message CHECK "Update parameters:"
  140. eurybox_display_message message CHECK "Local repositories enabled: $EURYBOX_UPDATE_LOCAL_REPOSITORIES_ACTIVATED"
  141. eurybox_display_message message CHECK "Local repositories storage path: $EURYBOX_UPDATE_LOCAL_REPOSITORIES_PATH"
  142. eurybox_display_message message CHECK "Target repositories: ${EURYBOX_UPDATE_LOCAL_REPOSITORIES[*]}"
  143. fi
  144. fi
  145. ##Make sure pipe individual output exit status are available
  146. ##set -o pipefail
  147. #Initialize tools options
  148. case ${EURYBOX_HYPERVISOR[TYPE]} in
  149. qemu )
  150. EURYBOX_VIRSH_OPTIONS="-c qemu:///system"
  151. ;;
  152. xen )
  153. EURYBOX_VIRSH_OPTIONS="-c xen:///"
  154. ;;
  155. * )
  156. eurybox_display_message error CHECK "Bad hypervisor type: ${EURYBOX_HYPERVISOR[TYPE]}"
  157. ;;
  158. esac
  159. EURYBOX_RSYNC_OPTIONS="-azHmS --timeout=$EURYBOX_NETWORK_TIMEOUT"
  160. EURYBOX_SSH_OPTIONS="-oPasswordAuthentication=no -oConnectTimeout=$EURYBOX_NETWORK_TIMEOUT -oConnectionAttempts=$EURYBOX_MAX_RETRY_ON_FAILURE"
  161. EURYBOX_NMAP_OPTIONS="--host-timeout $EURYBOX_NETWORK_TIMEOUT --max-retries $EURYBOX_MAX_RETRY_ON_FAILURE"
  162. EURYBOX_LS_OPTIONS="-x"
  163. EURYBOX_MNT_NFS_OPTIONS="-o hard,retry=$EURYBOX_MAX_RETRY_ON_FAILURE,timeo=${EURYBOX_NETWORK_TIMEOUT}0"
  164. EURYBOX_MNT_SSHFS_OPTIONS="-o allow_root ${EURYBOX_SSH_OPTIONS}"
  165. EURYBOX_MNT_FTPFS_OPTIONS="-o allow_root,connect_timeout=${EURYBOX_NETWORK_TIMEOUT}"
  166. case $EURYBOX_LOG_LEVEL in
  167. debug )
  168. set -xv
  169. EURYBOX_RSYNC_OPTIONS+=" -v"
  170. EURYBOX_SSH_OPTIONS+=" -oLogLevel=debug"
  171. EURYBOX_NMAP_OPTIONS+=" -d9 -v3"
  172. EURYBOX_LS_OPTIONS+=" -a"
  173. EURYBOX_MNT_NFS_OPTIONS+=" -v"
  174. EURYBOX_MNT_SSHFS_OPTIONS+=" -oLogLevel=debug"
  175. EURYBOX_MNT_FTPFS_OPTIONS+=" -v"
  176. EURYBOX_VIRSH_OPTIONS+=" -q -d 2"
  177. ;;
  178. verbose )
  179. set -v
  180. EURYBOX_RSYNC_OPTIONS+=" -v"
  181. EURYBOX_SSH_OPTIONS+=" -oLogLevel=verbose"
  182. EURYBOX_NMAP_OPTIONS+=" -d0 -v2"
  183. EURYBOX_LS_OPTIONS+=" -l"
  184. EURYBOX_MNT_NFS_OPTIONS+=" -v"
  185. EURYBOX_MNT_SSHFS_OPTIONS+=" -oLogLevel=verbose"
  186. EURYBOX_MNT_FTPFS_OPTIONS+=" -v"
  187. EURYBOX_VIRSH_OPTIONS+=" -q -d 3"
  188. ;;
  189. info )
  190. EURYBOX_SSH_OPTIONS+=" -oLogLevel=info"
  191. EURYBOX_NMAP_OPTIONS+=" -d0 -v"
  192. EURYBOX_LS_OPTIONS+=" -l"
  193. EURYBOX_MNT_SSHFS_OPTIONS+=" -oLogLevel=info"
  194. EURYBOX_VIRSH_OPTIONS+=" -q -d 4"
  195. ;;
  196. warning )
  197. EURYBOX_SSH_OPTIONS+=" -oLogLevel=info"
  198. EURYBOX_NMAP_OPTIONS+=" -d0 -v0"
  199. EURYBOX_VIRSH_OPTIONS+=" -q"
  200. EURYBOX_MNT_SSHFS_OPTIONS+=" -oLogLevel=info"
  201. ;;
  202. error )
  203. EURYBOX_SSH_OPTIONS+=" -oLogLevel=error"
  204. EURYBOX_NMAP_OPTIONS+=" -d0 -v1"
  205. EURYBOX_VIRSH_OPTIONS+=" -q"
  206. EURYBOX_MNT_SSHFS_OPTIONS+=" -oLogLevel=error"
  207. ;;
  208. esac
  209. eurybox_display_message debug CHECK "ftpfs mount options: $EURYBOX_MNT_FTPFS_OPTIONS"
  210. eurybox_display_message debug CHECK "ls options: $EURYBOX_LS_OPTIONS"
  211. eurybox_display_message debug CHECK "nfs mount options: $EURYBOX_MNT_NFS_OPTIONS"
  212. eurybox_display_message debug CHECK "nmap options: $EURYBOX_NMAP_OPTIONS"
  213. eurybox_display_message debug CHECK "rsync options: $EURYBOX_RSYNC_OPTIONS"
  214. eurybox_display_message debug CHECK "ssh options: $EURYBOX_SSH_OPTIONS"
  215. eurybox_display_message debug CHECK "sshfs mount options: $EURYBOX_MNT_SSHFS_OPTIONS"
  216. eurybox_display_message debug CHECK "virsh options: $EURYBOX_VIRSH_OPTIONS"
  217. }
  218. #Desc: verify the archive ECCF and try to repair it
  219. #No arg required
  220. eurybox_check_eccf ()
  221. {
  222. local ECC_OUT
  223. local STATUS
  224. local ECC_FORMAT="${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FEC]}"
  225. local ECC_FILE="${EURYBOX_BACKUP_DESTINATION[MOUNT]}/${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FILENAME]}.${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FORMAT]}"
  226. local ECC_FILE_ROOT="${EURYBOX_BACKUP_DESTINATION[MOUNT]}/${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FILENAME]}"
  227. case "${ECC_FORMAT}" in
  228. par2 )
  229. ECC_OUT=`sudo sh -c "par2 r ${ECC_FILE_ROOT}.par2" 2>&1`
  230. STATUS=$?
  231. ;;
  232. zfec )
  233. ECC_OUT=`sudo sh -c "zunfec -f -o ${ECC_FILE}.recovered ${ECC_FILE}.*.fec" 2>&1`
  234. STATUS=$?
  235. if [[ ($STATUS -eq 0) ]]
  236. then
  237. EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ECC_STATUS]="OK"
  238. eurybox_display_message message CHECK "Archive ECC check/recovery - recovered file: ${ECC_FILE}.recovered"
  239. eurybox_display_message debug CHECK "ECC command output:\n$ECC_OUT"
  240. ECC_OUT=`sudo sh -c "mv ${ECC_FILE} ${ECC_FILE}.corrupted" 2>&1`
  241. STATUS=$?
  242. if [[ !($STATUS -eq 0) ]]
  243. then
  244. eurybox_display_message warning CHECK "Archive ECC check/recovery success but cannot move corrupted archive - error $STATUS:\n$ECC_OUT"
  245. else
  246. ECC_OUT=`sudo sh -c "mv ${ECC_FILE}.recovered ${ECC_FILE}" 2>&1`
  247. STATUS=$?
  248. if [[ !($STATUS -eq 0) ]]
  249. then
  250. eurybox_display_message warning CHECK "Archive ECC check/recovery success but cannot move recovered archive - error $STATUS:\n$ECC_OUT"
  251. else
  252. eurybox_display_message message CHECK "Archive ECC check/recovery - OK"
  253. eurybox_display_message debug CHECK "ECC command output:\n$ECC_OUT"
  254. fi
  255. fi
  256. fi
  257. ;;
  258. * )
  259. eurybox_display_message error CHECK "Archive ECC format unknown: ${ECC_FORMAT}"
  260. ;;
  261. esac
  262. if [[ !($STATUS -eq 0) ]]
  263. then
  264. eurybox_display_message warning CHECK "Archive ECC check/recovery failed - error $STATUS:\n$ECC_OUT"
  265. EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ECC_STATUS]="KO"
  266. else
  267. EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},ECC_STATUS]="OK"
  268. eurybox_display_message message CHECK "Archive ECC check/recovery - OK"
  269. eurybox_display_message debug CHECK "ECC command output:\n$ECC_OUT"
  270. fi
  271. }
  272. #Desc: verify the archive hash
  273. #No arg required
  274. eurybox_check_hash()
  275. {
  276. local HASH_OUT
  277. local STATUS
  278. local HASH_FORMAT="${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},HASH]}"
  279. local HASH_FILE="${EURYBOX_BACKUP_DESTINATION[MOUNT]}/${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},FILENAME]}.${EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},HASH]}"
  280. case "${HASH_FORMAT}" in
  281. sha256 )
  282. HASH_OUT=`sudo sh -c "sha256sum -c $HASH_FILE" 2>&1`
  283. STATUS=$?
  284. ;;
  285. sha512 )
  286. HASH_OUT=`sudo sh -c "sha512sum -c $HASH_FILE" 2>&1`
  287. STATUS=$?
  288. ;;
  289. * )
  290. eurybox_display_message error CHECK "Archive hash format unknown: ${HASH_FORMAT}"
  291. ;;
  292. esac
  293. if [[ !($STATUS -eq 0) ]]
  294. then
  295. eurybox_display_message warning CHECK "Archive hash check failed - error $STATUS:\n$HASH_OUT"
  296. EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},HASH_STATUS]="KO"
  297. else
  298. EURYBOX_DETECTED_ARCHIVES[${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]},HASH_STATUS]="OK"
  299. eurybox_display_message message CHECK "Archive hash check - OK"
  300. eurybox_display_message debug CHECK "Hash command output:\n$HASH_OUT"
  301. fi
  302. }
  303. #Desc: verify the kernel is Linux
  304. #No arg required
  305. eurybox_check_kernel()
  306. {
  307. #Check kernel name
  308. local KERNEL_NAME=`uname -s`
  309. if [[ $KERNEL_NAME != "Linux" ]]
  310. then
  311. eurybox_display_message error CHECK "Kernel $KERNEL_NAME not supported - please use Linux"
  312. else
  313. eurybox_display_message message CHECK "Kernel $KERNEL_NAME found"
  314. fi
  315. #Check nfs4 capabilities
  316. #fgrep nfs4 /proc/kallsyms
  317. }
  318. #Desc: check the hypervisor distribution / host parameters
  319. #No arg required
  320. eurybox_check_distribution ()
  321. {
  322. #Check distrib type
  323. case $EURYBOX_DISTRIB_TYPE in
  324. centos5|centos6|centos7 )
  325. DISTRIBUTION_FILE="/etc/centos-release"
  326. ;;
  327. redhat5|redhat6|redhat7 )
  328. DISTRIBUTION_FILE="/etc/redhat-release"
  329. ;;
  330. fedora20|fedora21|fedora22|fedora23 )
  331. DISTRIBUTION_FILE="/etc/fedora-release"
  332. ;;
  333. debian6|debian7|debian8 )
  334. DISTRIBUTION_FILE="/etc/debian_version"
  335. ;;
  336. ubuntu12|ubuntu14|ubuntu16 )
  337. DISTRIBUTION_FILE="/etc/lsb-release"
  338. ;;
  339. # openbsd5 )
  340. # DISTRIBUTION_FILE=""
  341. # ;;
  342. gentoo )
  343. DISTRIBUTION_FILE="/etc/gentoo-release"
  344. ;;
  345. archlinux )
  346. DISTRIBUTION_FILE="/etc/arch-release"
  347. ;;
  348. * )
  349. eurybox_display_message error CHECK "Unsupported distribution: $EURYBOX_DISTRIB_TYPE"
  350. ;;
  351. esac
  352. DETECTED_DISTRIBUTION=`cat $DISTRIBUTION_FILE 2>&1`
  353. STATUS=$?
  354. if [[ !($STATUS -eq 0) ]]
  355. then
  356. eurybox_display_message error CHECK "Configured distribution type doesn't corresponds to detected distribution"
  357. else
  358. if [[ $DETECTED_DISTRIBUTION != "" ]]
  359. then
  360. #TODO: CHECK VERSION COHERENCE FROM FILE CONTENT
  361. eurybox_display_message message CHECK "Distribution verification success"
  362. eurybox_display_message debug CHECK "${DETECTED_DISTRIBUTION}"
  363. else
  364. eurybox_display_message error CHECK "Configured distribution version doesn't corresponds to detected distribution version: ${DETECTED_DISTRIBUTION}"
  365. fi
  366. fi
  367. #Check MAC type
  368. case $EURYBOX_DISTRIB_MAC_TYPE in
  369. selinux )
  370. SE_OUT=`sudo getenforce 2>&1`
  371. STATUS=$?
  372. if [[ !($STATUS -eq 0) ]]
  373. then
  374. eurybox_display_message error CHECK "Configured distribution mac type doesn't seems to be supported"
  375. else
  376. case $SE_OUT in
  377. Enforcing|enforcing )
  378. eurybox_display_message message CHECK "SELinux - enabled"
  379. ;;
  380. Permissive|permissive )
  381. eurybox_display_message warning CHECK "SELinux - permissive mode detected"
  382. ;;
  383. Disabled|disabled )
  384. eurybox_display_message warning CHECK "SELinux - disabled"
  385. ;;
  386. * )
  387. eurybox_display_message warning CHECK "Unknown mode: $SE_OUT"
  388. ;;
  389. esac
  390. fi
  391. ;;
  392. none )
  393. ;;
  394. esac
  395. }
  396. #Desc: check the overall environment
  397. #1 arg can be supplied as script type (BACKUP/RESTORE/UPDATE/EXEC_COMMAND) to add extra checks
  398. eurybox_check_environment ()
  399. {
  400. local SCRIPT_TYPE=$1
  401. local STATUS
  402. local BKP_SPACE_LEFT
  403. local BKP_ACCESS_OK
  404. #Check common external sotfware used
  405. eurybox_check_command grep sudo ssh virsh awk df tail tput nmap
  406. #Check specific external sotfware used depending on configuration
  407. if [[ $SCRIPT_TYPE = "BACKUP" || $SCRIPT_TYPE = "RESTORE" ]]
  408. then
  409. case ${EURYBOX_BACKUP_DESTINATION[PROTOCOL]} in
  410. LOCAL )
  411. ;;
  412. SSH )
  413. eurybox_check_command sshfs
  414. ;;
  415. NFS )
  416. eurybox_check_command rpcinfo
  417. ;;
  418. FTP )
  419. eurybox_check_command curlftpfs lftp
  420. ;;
  421. PART )
  422. eurybox_check_command cryptsetup
  423. ;;
  424. ISCSI|* )
  425. eurybox_display_message error CHECK "Unsupported backup destination protocol: ${EURYBOX_BACKUP_DESTINATION[PROTOCOL]}"
  426. ;;
  427. esac
  428. if [[ $SCRIPT_TYPE = "BACKUP" ]]
  429. then
  430. case ${EURYBOX_BACKUP_ARCHIVE[FORMAT]} in
  431. tar )
  432. eurybox_check_command tar
  433. ;;
  434. tar.gz )
  435. eurybox_check_command tar pigz
  436. ;;
  437. tar.bz )
  438. eurybox_check_command tar pbzip2
  439. ;;
  440. * )
  441. eurybox_display_message error CHECK "Unsupported backup archive format: ${EURYBOX_BACKUP_ARCHIVE[FORMAT]}"
  442. ;;
  443. esac
  444. case ${EURYBOX_BACKUP_ARCHIVE[HASH]} in
  445. sha256 )
  446. eurybox_check_command sha256sum
  447. ;;
  448. sha512 )
  449. eurybox_check_command sha512sum
  450. ;;
  451. * )
  452. eurybox_display_message error CHECK "Unsupported backup archive hash type: ${EURYBOX_BACKUP_ARCHIVE[HASH]}"
  453. ;;
  454. esac
  455. case ${EURYBOX_BACKUP_ARCHIVE[ENCRYPT]} in
  456. true )
  457. eurybox_check_command openssl
  458. ENC_OUT=`sudo sh -c "echo TEST | openssl enc -salt -e -${EURYBOX_BACKUP_ARCHIVE[ENC_ALGO]} -pass file:${EURYBOX_BACKUP_ARCHIVE[PASSFILE]} -out /dev/null" 2>&1`
  459. STATUS=$?
  460. if [[ !($STATUS -eq 0) ]]
  461. then
  462. eurybox_display_message error CHECK "Encryption engine test failed: error ${STATUS}\n${ENC_OUT}"
  463. else
  464. eurybox_display_message debug CHECK "Encryption engine successfully tested"
  465. fi
  466. ;;
  467. false )
  468. ;;
  469. * )
  470. eurybox_display_message error CHECK "Wrong backup archive encryption (true or false): ${EURYBOX_BACKUP_ARCHIVE[ENCRYPT]}"
  471. ;;
  472. esac
  473. case ${EURYBOX_BACKUP_ARCHIVE[FEC]} in
  474. par2 )
  475. eurybox_check_command par2
  476. ;;
  477. zfec )
  478. eurybox_check_command zfec
  479. ;;
  480. * )
  481. eurybox_display_message error CHECK "Unsupported backup archive FEC format: ${EURYBOX_BACKUP_ARCHIVE[FEC]}"
  482. ;;
  483. esac
  484. fi
  485. if [[ $SCRIPT_TYPE = "RESTORE" ]]
  486. then
  487. eurybox_check_command openssl tar par2 zfec sha512sum sha256sum virt-sysprep pigz pbzip2
  488. fi
  489. if [[ $SCRIPT_TYPE = "UPDATE" ]]
  490. then
  491. eurybox_check_command rsync
  492. fi
  493. fi
  494. #Check kernel capabilities
  495. eurybox_check_kernel
  496. #Check distribution is coherent with configuration
  497. eurybox_check_distribution
  498. #Check administration privileges
  499. sudo -nv
  500. STATUS=$?
  501. if [[ !($STATUS -eq 0) ]]
  502. then
  503. eurybox_display_message error CHECK "Administration privileges are not available. Please execute this script as root or privileged user without password prompting (NOPASSWD / sudo group member)."
  504. else
  505. eurybox_display_message debug CHECK "Administration privileges available."
  506. fi
  507. #Check access to Hypervisor
  508. eurybox_check_hv_access
  509. #Check access to VMs
  510. for ((EURYBOX_SERVICES_NUM=1;EURYBOX_SERVICES_NUM<=$EURYBOX_SERVICES_NUMBER;EURYBOX_SERVICES_NUM++));
  511. do
  512. eurybox_check_vm_access ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,NAME]} ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,HOST]} ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,USER]} ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,PORT]} ${EURYBOX_SERVICES[$EURYBOX_SERVICES_NUM,DISK]}
  513. done
  514. #Check tmp folder
  515. if [[ !(-d ${EURYBOX_TMP_FOLDER}) ]]
  516. then
  517. sudo mkdir -p ${EURYBOX_TMP_FOLDER}
  518. STATUS=$?
  519. if [[ !($STATUS -eq 0) ]]
  520. then
  521. eurybox_display_message error CHECK "Temp folder ${EURYBOX_BACKUP_TMP_FOLDER} doesn't exists and folder creation failed"
  522. else
  523. eurybox_display_message message CHECK "Temp folder ${EURYBOX_BACKUP_TMP_FOLDER} successfully created"
  524. fi
  525. fi
  526. #FOR BKP ONLY
  527. if [[ $SCRIPT_TYPE = "BACKUP" ]]
  528. then
  529. #Check bkp destination (access + space left size)
  530. eurybox_backup_mount_target
  531. BKP_SPACE_LEFT=`sudo df -Pk ${EURYBOX_BACKUP_DESTINATION[MOUNT]}/ | tail -1 | awk '{print $4}'`
  532. if (( $BKP_SPACE_LEFT < $EURYBOX_BACKUP_LOW_CRITICAL_LEVEL ))
  533. then
  534. eurybox_backup_umount_target
  535. eurybox_display_message error CHECK "Free space left on backup destination too low: $BKP_SPACE_LEFT kB"
  536. else
  537. if (( $BKP_SPACE_LEFT < $EURYBOX_BACKUP_LOW_WARNING_LEVEL ))
  538. then
  539. eurybox_display_message warning CHECK "Free space left on backup destination low: $BKP_SPACE_LEFT kB"
  540. else
  541. eurybox_display_message debug CHECK "Free space left on backup destination OK: $BKP_SPACE_LEFT kB"
  542. fi
  543. fi
  544. #Check bkp destination permissions (READ/WRITE)
  545. BKP_ACCESS_OK=`sudo sh -c "touch ${EURYBOX_BACKUP_DESTINATION[MOUNT]}/test && rm -Rf ${EURYBOX_BACKUP_DESTINATION[MOUNT]}/test"`
  546. STATUS=$?
  547. if [[ !($STATUS -eq 0) ]]
  548. then
  549. eurybox_backup_umount_target
  550. eurybox_display_message error CHECK "Backup destination access failed: \n$BKP_ACCESS_OK"
  551. else
  552. eurybox_display_message debug CHECK "Backup destination access OK: \n$BKP_ACCESS_OK"
  553. fi
  554. eurybox_backup_umount_target
  555. fi
  556. #FOR RESTORE ONLY
  557. if [[ $SCRIPT_TYPE = "RESTORE" ]]
  558. then
  559. #Check bkp origin access (READ)
  560. eurybox_backup_mount_target
  561. BKP_ACCESS_OK=`sudo ls -al ${EURYBOX_BACKUP_DESTINATION[MOUNT]}/`
  562. STATUS=$?
  563. if [[ !($STATUS -eq 0) ]]
  564. then
  565. eurybox_backup_umount_target
  566. eurybox_display_message error CHECK "Backup origin access failed: \n$BKP_ACCESS_OK"
  567. else
  568. eurybox_display_message debug CHECK "Backup origin access OK: \n$BKP_ACCESS_OK"
  569. fi
  570. eurybox_backup_umount_target
  571. fi
  572. }
  573. #Desc: check hypervisor access
  574. #No arg required
  575. eurybox_check_hv_access ()
  576. {
  577. local TYPE=$1
  578. local STATUS
  579. local NODEINFOS
  580. local CAPABILITIES
  581. local DOMCAPABILITIES
  582. local SYSINFOS=`sudo virsh $EURYBOX_VIRSH_OPTIONS sysinfo 2>&1`
  583. STATUS=$?
  584. if [[ $STATUS -eq 0 ]]
  585. then
  586. eurybox_display_message message CHECK "Hypervisor - access OK"
  587. NODEINFOS=`sudo virsh $EURYBOX_VIRSH_OPTIONS nodeinfo 2>&1`
  588. CAPABILITIES=`sudo virsh $EURYBOX_VIRSH_OPTIONS capabilities 2>&1`
  589. DOMCAPABILITIES=`sudo virsh $EURYBOX_VIRSH_OPTIONS domcapabilities 2>&1`
  590. eurybox_display_message debug CHECK "System informations:\n$SYSINFOS"
  591. eurybox_display_message debug CHECK "Node informations:\n$NODEINFOS"
  592. eurybox_display_message debug CHECK "Node capabilities:\n$CAPABILITIES"
  593. eurybox_display_message debug CHECK "Dom capabilities:\n$DOMCAPABILITIES"
  594. else
  595. eurybox_display_message error CHECK "Hypervisor - access failed: \n$SYSINFOS_OK"
  596. fi
  597. }
  598. #Desc: verify the restore vm
  599. #No arg required
  600. eurybox_check_restore_vm ()
  601. {
  602. local CHECK_OUT
  603. local VM_NAME
  604. local ARCH_ID=${EURYBOX_RESTORE_TARGET_ARCHIVE[ID]}
  605. local VM_ID=${EURYBOX_RESTORE_TARGET_ARCHIVE[VM_ID]}
  606. if [[ $VM_ID == "*" ]]
  607. then
  608. for (( VM_NUM=0;VM_NUM<${EURYBOX_DETECTED_ARCHIVES[$ARCH_ID,VM_NUM]};VM_NUM++ ))
  609. do
  610. VM_NAME=${EURYBOX_DETECTED_ARCHIVES[$ARCH_ID,$VM_NUM,NAME]}
  611. eurybox_vm_rename $VM_NAME
  612. done
  613. else
  614. VM_NAME="${EURYBOX_DETECTED_ARCHIVES[$ARCH_ID,$VM_ID,NAME]}"
  615. eurybox_vm_rename $VM_NAME
  616. fi
  617. }
  618. #Desc: check Virtual Machine access
  619. #5 arg min required: vm_name vm_host ssh_user ssh_port disk [disk] ...
  620. eurybox_check_vm_access ()
  621. {
  622. local NAME=$1
  623. local HOST=$2
  624. local USER=$3
  625. local PORT=$4
  626. local DISK=${@:5:$#}
  627. local STATUS
  628. local EURYBOX_DISK_OK
  629. local EURYBOX_SSH_OK
  630. local EURYBOX_VM_NAME=`sudo virsh $EURYBOX_VIRSH_OPTIONS list --all | awk '{ if ($2 == name) {print $2} }' name=$NAME 2>&1`
  631. if [[ -z "$EURYBOX_VM_NAME" ]]
  632. then
  633. eurybox_display_message error CHECK "VM $NAME - virsh not found"
  634. else
  635. eurybox_display_message debug CHECK "VM $NAME - virsh found: $EURYBOX_VM_NAME"
  636. EURYBOX_VM_NAME=`sudo virsh $EURYBOX_VIRSH_OPTIONS list | awk '{ if ($2 == name) {print $2} }' name=$NAME 2>&1`
  637. if [[ -z "$EURYBOX_VM_NAME" ]]
  638. then
  639. eurybox_display_message message CHECK "VM $NAME is not running - cannot check network configuration"
  640. else
  641. eurybox_display_message message CHECK "VM $NAME - running"
  642. eurybox_display_message debug CHECK "$EURYBOX_VM_NAME"
  643. EURYBOX_SSH_OK=`ssh $EURYBOX_SSH_OPTIONS -p $PORT $USER@$HOST "touch eurybox_check_ssh_ok" 2>&1`
  644. STATUS=$?
  645. if [[ $STATUS -eq 0 ]]
  646. then
  647. eurybox_display_message message CHECK "VM $NAME - SSH connection OK"
  648. eurybox_display_message debug CHECK "SSH output:\n$EURYBOX_SSH_OK"
  649. else
  650. eurybox_display_message error CHECK "VM $NAME - SSH connection failed:\n$EURYBOX_SSH_OK"
  651. fi
  652. fi
  653. fi
  654. if [[ $DISK = "" ]]
  655. then
  656. eurybox_display_message debug CHECK "VM $NAME - no additional disk configured"
  657. else
  658. EURYBOX_DISK_OK=`sudo ls $EURYBOX_LS_OPTIONS $DISK 2>&1`
  659. STATUS=$?
  660. if [[ !($STATUS -eq 0) ]]
  661. then
  662. eurybox_display_message warning CHECK "VM $NAME - disk $DISK - access failed:\n$EURYBOX_DISK_OK"
  663. else
  664. eurybox_display_message message CHECK "VM $NAME - disk $DISK - access OK"
  665. eurybox_display_message debug CHECK "Disk access output:\n$EURYBOX_DISK_OK"
  666. fi
  667. fi
  668. }
  669. #TODO:PACKAGES TO INSTALL
  670. #yum install -y nmap pigz pbzip2 sshfs curlftpfs lftp cryptsetup par2cmdline libguestfs-tools
  671. #yum install python-pip gcc python-devel
  672. #pip install --upgrade pip
  673. #pip install zfec
  674. #update: yum-utils / debmirror
  675. #TODO: Implement lockfile and check if not already running