Commit 4cf69368 authored by Paul Cammish's avatar Paul Cammish
Browse files

Renamed 'VERBOSE' Variable to avoid triggeting verbose output from other libraries.

parent 692c34cd
......@@ -60,7 +60,7 @@ cmd = %w(
databases = IO.popen(cmd.join(" ")+" --execute 'SHOW DATABASES'"){|io| io.readlines}.collect{|l| l.chomp}
unless 0 == $?
puts "Failed to ascertain list of databases." if $VERBOSE
puts "Failed to ascertain list of databases." if $VERBOSELOCAL
exit 1
end
......@@ -70,7 +70,7 @@ end
databases = (databases & ARGV) unless ARGV.empty?
if databases.empty?
puts "No Mysql databases found" if $VERBOSE
puts "No Mysql databases found" if $VERBOSELOCAL
exit 0
end
......@@ -95,7 +95,7 @@ databases.each do |database|
end
unless 0 == $?
puts "mysqldump of #{database} failed." if $VERBOSE
puts "mysqldump of #{database} failed." if $VERBOSELOCAL
end
end
......
#!/usr/bin/ruby
#
# This script is designed to dump all the postgresql databases upon
# the local system.
#
#
require 'symbiosis/utils'
require 'etc'
require 'uri'
require 'pp'
backup_dir = "/var/backups/postgresql"
#
# If we don't have a backup directory then create it. Backup2l will complain
# if this isn't present.
#
Symbiosis::Utils.mkdir_p backup_dir unless File.exist?(backup_dir)
begin
user = Etc.getpwnam("postgres")
group = Etc.getgrnam("postgres")
#
# Use lchown to make sure that any symlink is not followed.
#
File.lchown(user.uid, group.gid, backup_dir)
rescue ArgumentError => err
#
# We've not found the postgres user -- postgres is not installed.
#
puts "Postgres user not found" if $VERBOSE
exit 0
end
#
# If we don't have postgres installed exit.
#
unless File.executable?("/usr/bin/psql") and File.executable?("/usr/bin/pg_dump")
puts "Neither /usr/bin/psql nor /usr/bin/pg_dump are executable." if $VERBOSE
exit 0
end
#
# Change user id to postgres
#
unless 0 == Process.uid
puts "Unable to drop privileges if not running as root." if $VERBOSE
exit 0
end
#
# Try to drop privs.
#
begin
Process::Sys.setgid(group.gid)
Process::Sys.setuid(user.uid)
rescue Errno::EPERM => err
puts "Unable to drop privileges from #{Process.uid}:#{Process.gid} to #{user.uid}:#{group.gid}" if $VERBOSE
exit 0
end
#
# Default to utf8.
#
cmd = %w(
/usr/bin/psql
--no-align
--tuples-only
--command
)
databases = IO.popen(cmd.join(" ")+" 'select datname from pg_database;'"){|io| io.readlines}.collect{|l| l.chomp}
unless 0 == $?
puts "Failed to ascertain list of postgres databases." if $VERBOSE
exit 0
end
databases = (databases & ARGV) unless ARGV.empty?
if databases.empty?
puts "No Postgres databases found" if $VERBOSE
exit 0
end
databases.each do |database|
#
# Skip template0 as the "template0 database is normally marked datallowconn =
# false to prevent modification of it". This also prevents backing it up.
#
# See http://www.postgresql.org/docs/8.4/static/manage-ag-templatedbs.html
#
next if "template0" == database
dump = File.join(backup_dir, URI.escape(database,/[^a-zA-Z0-9._-]/))+".custom"
cmd = %w(
/usr/bin/pg_dump
--format=c
)
cmd << "'#{database}'"
#
# This dumps each database into the "custom" format, suitable for straight
# import back into postgres using pg_restore.
#
Symbiosis::Utils.safe_open(dump, "a+") do |fh|
fh.truncate(0)
IO.popen(cmd.join(" ")) do |io|
fh.write(io.read(4096)) until io.eof?
end
unless 0 == $?
puts "Failed to dump #{database}." if $VERBOSE
end
end
unless File.stat(dump).size?
warn "Failed #{database} dump #{dump} is zero in size."
next
end
end
#
# Exit sanely.
#
exit 0
......@@ -52,7 +52,7 @@ opts = GetoptLong.new(
)
manual = help = false
$VERBOSE = false
$VERBOSELOCAL = false
ipv4 = nil
ipv6 = nil
......@@ -63,7 +63,7 @@ opts.each do |opt,arg|
when '--manual'
manual = true
when '--verbose'
$VERBOSE = true
$VERBOSELOCAL = true
when '--ipv6'
ipv6 = true
when '--ipv4'
......@@ -129,12 +129,12 @@ end
if ips.length == 0
puts "No IPs found" if $VERBOSE
puts "No IPs found" if $VERBOSELOCAL
puts "0"
exit 1
end
if $VERBOSE
if $VERBOSELOCAL
puts "Checking the following IPs for Bytemarkiness:"
puts " * " + ips.collect{|i| i.to_s}.join("\n * ") + "\n\n"
end
......@@ -142,11 +142,11 @@ end
matching_ip = ips.find{|ip| Symbiosis::Host.is_bytemark_ip?(ip)}
if matching_ip
puts "Found #{matching_ip.to_s} to be on the Bytemark network" if $VERBOSE
puts "Found #{matching_ip.to_s} to be on the Bytemark network" if $VERBOSELOCAL
puts "1"
exit 0
else
puts "None of those IPs are on the Bytemark network" if $VERBOSE
puts "None of those IPs are on the Bytemark network" if $VERBOSELOCAL
puts "0"
exit 1
end
......
......@@ -68,7 +68,7 @@ opts = GetoptLong.new(
)
manual = help = false
$VERBOSE = false
$VERBOSELOCAL = false
algorithm = "6"
marker = "{CRYPT}"
......@@ -79,7 +79,7 @@ opts.each do |opt,arg|
when '--manual'
manual = true
when '--verbose'
$VERBOSE = true
$VERBOSELOCAL = true
when '--marker'
marker = arg.to_s
when '--algorithm'
......@@ -121,7 +121,7 @@ unless ALGORITHMS.has_key?(algorithm)
end
if ARGV.length == 0
warn "Reading from standard input" if $VERBOSE
warn "Reading from standard input" if $VERBOSELOCAL
#
# Read the password in from STDIN
#
......@@ -130,7 +130,7 @@ elsif File.exist?(ARGV.first)
#
# Read the password from a file
#
warn "Reading from #{ARGV.first}." if $VERBOSE
warn "Reading from #{ARGV.first}." if $VERBOSELOCAL
password = File.open(ARGV.first){|fh| fh.gets}
#
......@@ -149,7 +149,7 @@ else
#
# Use the ARGV
#
warn "Using password from the command line" if $VERBOSE
warn "Using password from the command line" if $VERBOSELOCAL
password = ARGV.first
end
......@@ -162,7 +162,7 @@ end
#
salt = 8.times.collect{SALT[rand(SALT.length)]}.join
warn "Encrypting password #{password.inspect} using the #{ALGORITHMS[algorithm]} algorithm and #{salt.inspect} as salt." if $VERBOSE
warn "Encrypting password #{password.inspect} using the #{ALGORITHMS[algorithm]} algorithm and #{salt.inspect} as salt." if $VERBOSELOCAL
# And encrypt and output.
puts marker+password.chomp.crypt("$#{algorithm}$#{salt}$")
......
......@@ -44,7 +44,7 @@ opts = GetoptLong.new(
)
manual = help = false
$VERBOSE = false
$VERBOSELOCAL = false
show_all = false
ipv6 = false
ipv4 = false
......@@ -56,7 +56,7 @@ opts.each do |opt,arg|
when '--manual'
manual = true
when '--verbose'
$VERBOSE = true
$VERBOSELOCAL = true
when '--all'
show_all = true
when '--ipv6'
......
......@@ -64,7 +64,7 @@ opts = GetoptLong.new(
)
manual = help = false
$VERBOSE = false
$VERBOSELOCAL = false
$DEBUG = false
prefix = '/srv'
etc = '/etc'
......@@ -76,7 +76,7 @@ opts.each do |opt, arg|
when '--manual'
manual = true
when '--verbose'
$VERBOSE = true
$VERBOSELOCAL = true
when '--debug'
$DEBUG = true
when '--prefix'
......@@ -93,8 +93,8 @@ if help || manual
exit 0
end
v = $VERBOSE
$VERBOSE = false
v = $VERBOSELOCAL
$VERBOSELOCAL = false
#
# The requires spawn a massive stack of warnings in verbose mode. So let's
......@@ -104,7 +104,7 @@ require 'symbiosis'
require 'symbiosis/domains'
require 'symbiosis/domain_skeleton'
$VERBOSE = v
$VERBOSELOCAL = v
Symbiosis.etc = etc
Symbiosis.prefix = prefix
......
......@@ -94,7 +94,7 @@ opts = GetoptLong.new(
)
manual = help = false
$VERBOSE = false
$VERBOSELOCAL = false
$DEBUG = false
prefix = '/srv'
do_list = do_generate = do_rollover = nil
......@@ -112,7 +112,7 @@ opts.each do |opt,arg|
rollover_to = arg.to_s
when '--force'
do_generate = do_rollover = true
$VERBOSE = true
$VERBOSELOCAL = true
when '--threshold'
begin
threshold = Integer(arg)
......@@ -130,7 +130,7 @@ opts.each do |opt,arg|
when '--list'
do_list = true
when '--verbose'
$VERBOSE = true
$VERBOSELOCAL = true
when '--debug'
$DEBUG = true
end
......@@ -147,13 +147,6 @@ if help || manual
exit 0
end
#
# The requires spawn a massive stack of warnings in verbose mode. So let's
# hide them.
#
v = $VERBOSE
$VERBOSE = false
require 'symbiosis'
require 'symbiosis/domains'
require 'symbiosis/domain/ssl'
......@@ -161,11 +154,6 @@ require 'symbiosis/ssl'
require 'symbiosis/ssl/letsencrypt'
require 'symbiosis/ssl/selfsigned'
#
# And unhide. Ugh.
#
$VERBOSE = v
Symbiosis.etc = etc_dir
domains = []
......@@ -223,7 +211,7 @@ domains.sort_by(&:name).each do |domain|
end
current = domain.ssl_current_set
puts "\tCurrent SSL set: #{current.name}\n" unless $VERBOSE
puts "\tCurrent SSL set: #{current.name}\n" unless $VERBOSELOCAL
next if rollover_to.nil?
......@@ -249,7 +237,7 @@ domains.sort_by(&:name).each do |domain|
rollover_performed = domain.ssl_magic(threshold, do_generate, do_rollover, now)
domains_altered.push domain.name if rollover_performed
rescue StandardError => err
puts "\t!! Failed: #{err.to_s.gsub($RS, '')}" if $VERBOSE
puts "\t!! Failed: #{err.to_s.gsub($RS, '')}" if $VERBOSELOCAL
puts err.backtrace.join("\n") if $DEBUG
exit_code = 1
end
......
......@@ -46,7 +46,7 @@ opts.each do |opt, arg|
when '--manual'
manual = true
when '--verbose'
$VERBOSE = true
$VERBOSELOCAL = true
end
end
......
......@@ -33,7 +33,7 @@ opts = GetoptLong.new(
)
manual = help = false
$VERBOSE = false
$VERBOSELOCAL = false
show_all = false
opts.each do |opt,arg|
......@@ -43,7 +43,7 @@ opts.each do |opt,arg|
when '--manual'
manual = true
when '--verbose'
$VERBOSE = true
$VERBOSELOCAL = true
when '--show-all'
show_all = true
end
......
......@@ -82,7 +82,7 @@ class CStruct
begin
require 'linux/c_struct_sizeof_size_t.rb'
rescue LoadError
warn "Falling back to gcc to determine sizeof size_t." if $VERBOSE
warn "Falling back to gcc to determine sizeof size_t." if $VERBOSELOCAL
SIZEOF_SIZE_T = Integer(`echo __SIZEOF_SIZE_T__ | gcc -E -P -`) rescue 1.size
end
......
......@@ -71,7 +71,7 @@ module Netlink
@timeout = opt.has_key?(:timeout) ? opt[:timeout] : DEFAULT_TIMEOUT
if opt.has_key?(:junk_handler)
@junk_handler = opt[:junk_handler]
elsif $VERBOSE
elsif $VERBOSELOCAL
@junk_handler = lambda { |type, flags, seq, pid, msg|
warn "Discarding junk message (#{type}, #{flags}, #{seq}, #{pid}) #{msg.inspect}"
}
......
......@@ -274,7 +274,7 @@ module Symbiosis
#
# Assume the file has been edited.
#
puts "\tCould not find checksum or big warning." if $VERBOSE
puts "\tCould not find checksum or big warning." if $VERBOSELOCAL
true
end
......
......@@ -132,7 +132,7 @@ module Symbiosis
def ssl_provider=(provider)
unless provider =~ /^[a-z0-9_]+$/
warn "\tBad ssl-provider for #{self.name}" if $VERBOSE
warn "\tBad ssl-provider for #{self.name}" if $VERBOSELOCAL
return nil
end
......@@ -260,7 +260,7 @@ module Symbiosis
this_set = nil
rescue StandardError => err
this_set = nil
warn "\t#{err.to_s} -- ignoring SSL set in #{current_dir} for #{self.name}" if $VERBOSE
warn "\t#{err.to_s} -- ignoring SSL set in #{current_dir} for #{self.name}" if $VERBOSELOCAL
end
end
......@@ -268,9 +268,9 @@ module Symbiosis
if this_set.is_a?(Symbiosis::SSL::CertificateSet)
if this_set.certificate.issuer == this_set.certificate.subject
puts "\tCurrent SSL set #{this_set.name}: self-signed for #{this_set.certificate.issuer}, expires #{this_set.certificate.not_after}" if $VERBOSE
puts "\tCurrent SSL set #{this_set.name}: self-signed for #{this_set.certificate.issuer}, expires #{this_set.certificate.not_after}" if $VERBOSELOCAL
else
puts "\tCurrent SSL set #{this_set.name}: signed by #{this_set.certificate.issuer}, expires #{this_set.certificate.not_after}" if $VERBOSE
puts "\tCurrent SSL set #{this_set.name}: signed by #{this_set.certificate.issuer}, expires #{this_set.certificate.not_after}" if $VERBOSELOCAL
end
end
......@@ -339,7 +339,7 @@ module Symbiosis
end
if latest.nil? or !File.directory?(latest.directory)
warn "\tNo valid sets of certificates found." if $VERBOSE
warn "\tNo valid sets of certificates found." if $VERBOSELOCAL
return false
end
......@@ -352,7 +352,7 @@ module Symbiosis
end
unless stat.nil? or stat.symlink?
warn "\t#{current_dir} is not a symlink. Unwilling to roll over." if $VERBOSE
warn "\t#{current_dir} is not a symlink. Unwilling to roll over." if $VERBOSELOCAL
return false
end
......@@ -380,7 +380,7 @@ module Symbiosis
# Update our latest
#
@ssl_current_set = latest
puts "\tRolled over to SSL set #{latest.name}" if $VERBOSE
puts "\tRolled over to SSL set #{latest.name}" if $VERBOSELOCAL
return true
ensure
......@@ -402,7 +402,7 @@ module Symbiosis
# Returns true if a rollover was performed, or false otherwise.
def ssl_magic(threshold = 14, do_generate = nil, do_rollover = nil, now = Time.now)
puts "* Examining certificates for #{self.name}" if $VERBOSE
puts "* Examining certificates for #{self.name}" if $VERBOSELOCAL
#
# Stage 0: verify and check expiriy
......@@ -419,7 +419,7 @@ module Symbiosis
rollover_set = nil
if current_set.is_a?(Symbiosis::SSL::CertificateSet) and !self.ssl_available_sets.include?(current_set)
puts "\tThe current set is no longer valid for this domain." if $VERBOSE
puts "\tThe current set is no longer valid for this domain." if $VERBOSELOCAL
current_set = current_set_expires_in = nil
end
......@@ -434,7 +434,7 @@ module Symbiosis
do_generate = false if do_generate.nil?
else
puts "\tThe current certificate expires in #{current_set_expires_in} days." if $VERBOSE
puts "\tThe current certificate expires in #{current_set_expires_in} days." if $VERBOSELOCAL
do_generate = (!latest_set_expires_in or latest_set_expires_in <= current_set_expires_in) if do_generate.nil?
end
......@@ -460,13 +460,13 @@ module Symbiosis
do_rollover = true if do_rollover.nil?
else
puts "\tThe latest available certificate expires in #{latest_set_expires_in} days." if $VERBOSE
puts "\tThe latest available certificate expires in #{latest_set_expires_in} days." if $VERBOSELOCAL
do_generate = true if do_generate.nil?
end
else
puts "\tNo valid certificate sets found." if $VERBOSE
puts "\tNo valid certificate sets found." if $VERBOSELOCAL
do_generate = true if do_generate.nil?
end
......@@ -486,15 +486,15 @@ module Symbiosis
# If ssl-provision has been disabled, move on.
#
if false == self.ssl_provider
puts "\tNot fetching new certificate as the ssl-provider has been set to 'false'" if $VERBOSE
puts "\tNot fetching new certificate as the ssl-provider has been set to 'false'" if $VERBOSELOCAL
elsif !self.ssl_provider_class.is_a?(Class) or !(self.ssl_provider_class <= Symbiosis::SSL::CertificateSet)
puts "\tNot fetching new certificate as the ssl-provider #{ssl_provider.inspect} cannot be found." if $VERBOSE
puts "\tNot fetching new certificate as the ssl-provider #{ssl_provider.inspect} cannot be found." if $VERBOSELOCAL
else
#
#
puts "\tFetching a new certificate from #{self.ssl_provider_class.to_s.split("::").last}." if $VERBOSE
puts "\tFetching a new certificate from #{self.ssl_provider_class.to_s.split("::").last}." if $VERBOSELOCAL
rollover_set = self.ssl_fetch_new_certificate
raise RuntimeError, "Failed to fetch certificate" if rollover_set.nil?
......@@ -517,7 +517,7 @@ module Symbiosis
raise RuntimeError, "Failed to write set (#{err.to_s})"
end
puts "\tSuccessfully fetched new certificate and created set #{rollover_set.name}" if $VERBOSE
puts "\tSuccessfully fetched new certificate and created set #{rollover_set.name}" if $VERBOSELOCAL
@ssl_available_sets << rollover_set
end
......
......@@ -99,7 +99,7 @@ module Symbiosis
end
def verbose(str)
warn str if $VERBOSE
warn str if $VERBOSELOCAL
end
# Hooks for DomainSkeleton
......
......@@ -227,26 +227,26 @@ module Symbiosis
# Check to make sure we have an IP
if !ip.is_a?(IPAddr)
warn "'#{ip}' is not an IP Address." if $VERBOSE
warn "'#{ip}' is not an IP Address." if $VERBOSELOCAL
next
end
# Make sure it is a Bytemark IP
if !self.is_bytemark_ip?(ip)
warn "IP #{ip} is not in the Bytemark ranges." if $VERBOSE
warn "IP #{ip} is not in the Bytemark ranges." if $VERBOSELOCAL
next
end
# Form the reverse lookup string
lookup = ip.reverse.gsub(/(ip6|in-addr).arpa\Z/,"backup-reverse.bytemark.co.uk")
warn "Doing lookup of #{lookup} for #{ip}..." if $VERBOSE
warn "Doing lookup of #{lookup} for #{ip}..." if $VERBOSELOCAL
# Do the lookup
begin
Resolv::DNS.open do |dns|
res = dns.getresources(lookup, Resolv::DNS::Resource::IN::TXT)
warn "DNS returned #{res.length} results." if $VERBOSE
warn "DNS returned #{res.length} results." if $VERBOSELOCAL
spaces += res.collect{|rr| rr.strings}.flatten
end
rescue Resolv::ResolvTimeout, Resolv::ResolvError => err
......
......@@ -415,7 +415,7 @@ module Symbiosis
if strict_checking
raise OpenSSL::X509::CertificateError, msg
else
puts "\tSSL set #{name}: #{msg}" if $VERBOSE
puts "\tSSL set #{name}: #{msg}" if $VERBOSELOCAL
end
end
......@@ -463,7 +463,7 @@ module Symbiosis
if strict_checking
raise OpenSSL::X509::CertificateError, msg
else
puts "\tSSL set #{name}: #{msg}" if $VERBOSE
puts "\tSSL set #{name}: #{msg}" if $VERBOSELOCAL
end
end