some scripts and stuff from the sysadmin area
authorThorsten Glaser <tg@mirbsd.org>
Wed, 9 Mar 2011 14:16:39 +0000 (15:16 +0100)
committerThorsten Glaser <tg@mirbsd.org>
Wed, 9 Mar 2011 14:19:24 +0000 (15:19 +0100)
mksh/sysadmin/agus [new file with mode: 0644]
mksh/sysadmin/loadenv.sh [new file with mode: 0644]
mksh/sysadmin/mkhosts [new file with mode: 0644]
posix/sysadmin/agents.sh [new file with mode: 0644]

diff --git a/mksh/sysadmin/agus b/mksh/sysadmin/agus
new file mode 100644 (file)
index 0000000..2543ff1
--- /dev/null
@@ -0,0 +1,23 @@
+#!/bin/mksh
+# $Id: agus 1563 2010-11-12 16:27:24Z tglase $
+#-
+# From Planet Debian. Not complicated enough for copyright.
+
+unset LANGUAGE
+export LC_ALL=C
+
+(( USER_ID )) && exec sudo mksh "$0" "$@"
+
+if [[ -n $1 && -s /etc/apt/sources.list.$1 ]]; then
+       cat "/etc/apt/sources.list.$1" >/etc/apt/sources.list
+fi
+
+rv=
+set -x
+apt-get update || rv=$?
+dpkg --clear-avail || rv=${rv:-$?}
+dpkg --forget-old-unavail || rv=${rv:-$?}
+if sa=$(whence -p sync-available); then
+       mksh "$sa" || rv=${rv:-$?}
+fi
+exit $rv
diff --git a/mksh/sysadmin/loadenv.sh b/mksh/sysadmin/loadenv.sh
new file mode 100644 (file)
index 0000000..e501232
--- /dev/null
@@ -0,0 +1,22 @@
+# $Id: loadenv.sh 1202 2010-07-20 07:07:14Z tglase $
+#-
+# Not complicated enough for copyright.
+
+[[ -s /usr/share/tarent/.Xresources ]] && xrdb /usr/share/tarent/.Xresources
+# load ~/.Xmodmap and ~/.Xresources if they exist
+[[ -s ~/.Xmodmap ]] && xmodmap ~/.Xmodmap
+[[ -s ~/.Xresources ]] && xrdb ~/.Xresources
+
+# load the ssh public key into the agent via the KDE Wallet
+[[ -x /usr/bin/kwalletaskpass && -s /etc/profile.d/agents.sh ]] && (
+       sleep 1
+       # attempt to preopen the wallet
+       kwalletcli -f foo -e bar >/dev/null 2>&1 &
+       sleep 3
+
+       . /etc/profile.d/agents.sh
+       export SSH_ASKPASS=/usr/bin/kwalletaskpass
+       /usr/bin/ssh-add
+) <&- >/dev/null 2>&1 &
+
+:
diff --git a/mksh/sysadmin/mkhosts b/mksh/sysadmin/mkhosts
new file mode 100644 (file)
index 0000000..3133c69
--- /dev/null
@@ -0,0 +1,103 @@
+#!/bin/mksh
+# DEB $Id: mkhosts 1671 2011-02-11 13:16:02Z tglase $
+# RPM $Id: mkhosts 1687 2011-02-14 13:37:38Z tglase $
+#-
+# Copyright © 2010, 2011
+#      Thorsten Glaser <t.glaser@tarent.de>
+# Licenced under the AGPLv3
+
+rpm=0
+
+[[ $1 = really && $USER_ID = 0 ]] || exec sudo mksh "$0" really "$@"
+shift
+
+myipsx=
+while getopts "i:" ch; do
+       case $ch {
+       (i) myipsx=$OPTARG ;;
+       }
+done
+shift $((OPTIND - 1))
+
+nl='
+'
+saveIFS=$IFS
+IFS=,
+set -A ips -- $myipsx
+IFS=$saveIFS
+set -A myips
+for ip in "${ips[@]}"; do
+       skip=0
+       if [[ $ip = +([0-9]).+([0-9]).+([0-9]).+([0-9]) ]]; then
+               IFS=.
+               set -A ipsub -- $ip
+               IFS=$saveIFS
+               for x in ${ipsub[*]}; do
+                       (( x < 0 || x > 255 )) && skip=1
+               done
+               ip=$((ipsub[0])).$((ipsub[1])).$((ipsub[2])).$((ipsub[3]))
+       elif [[ $ip = +([0-9a-fA-F:]) ]]; then
+               : #XXX check validity
+       else
+               skip=1
+       fi
+       if (( skip )); then
+               print -u2 "WARNING: skipping invalid IP '$ip'"
+       else
+               myips[${#myips[*]}]=$ip
+       fi
+done
+(( ${#myips[*]} )); noips=$?
+
+printf '%s\n' "Old Hostname: $(hostname -f) ($(hostname))"
+while :; do
+       printf "New Hostname: "
+       read hn
+       [[ $hn = [a-zA-Z0-9]?(*([a-zA-Z0-9-])[a-zA-Z0-9])+(.[a-zA-Z0-9]?(*([a-zA-Z0-9-])[a-zA-Z0-9])) ]] && break
+done
+
+if (( noips )); then
+       if (( rpm )); then
+               is="127.0.0.1   $hn ${hn%%.*} localhost localhost.localdomain"
+       else
+               is="127.0.0.1   $hn ${hn%%.*} localhost"
+       fi
+else
+       if (( rpm )); then
+               is="127.0.0.1   localhost localhost.localdomain"
+       else
+               is="127.0.0.1   localhost"
+       fi
+       for ip in "${myips[@]}"; do
+               is="$is${nl}$ip $hn ${hn%%.*}"
+       done
+fi
+
+if (( rpm )); then
+       grep -vi '^HOSTNAME=' /etc/sysconfig/network >/etc/sysconfig/network~
+       echo "HOSTNAME=$hn" >>/etc/sysconfig/network~
+       cat /etc/sysconfig/network~ >/etc/sysconfig/network
+       rm -f /etc/sysconfig/network~
+       cat >/etc/hosts <<-EOF
+               $is
+
+               ::1             localhost6 localhost6.localdomain6
+EOF
+else
+       echo $hn >/etc/hostname
+       cat >/etc/hosts <<-EOF
+               $is
+
+               ::1     ip6-localhost ip6-loopback
+               fe00::0 ip6-localnet
+               ff00::0 ip6-mcastprefix
+               ff02::1 ip6-allnodes
+               ff02::2 ip6-allrouters
+               ff02::3 ip6-allhosts
+EOF
+fi
+echo $hn >/proc/sys/kernel/hostname
+hostname $hn
+test x"$(hostname -f)" = x"$hn" && exit 0
+echo "Hostname $(hostname -f) ($(hostname)) doesn’t match $hn!"
+exit 1
diff --git a/posix/sysadmin/agents.sh b/posix/sysadmin/agents.sh
new file mode 100644 (file)
index 0000000..404b8f1
--- /dev/null
@@ -0,0 +1,121 @@
+# $Id: agents.sh 805 2010-01-04 15:35:33Z tglase $
+#-
+# Copyright © 2009
+#      Thorsten Glaser <t.glaser@tarent.de>
+# Licenced under the AGPLv3
+#-
+# /etc/profile.d/agents.sh (sourced by /etc/profile on *buntu)
+# • install gpg and ssh skeleton files
+# • load gpg-agent and ssh-agent, unless already there
+
+test -n "$USER_ID" || USER_ID=$(id -u)
+mkdir -p "$HOME/.ssh" "$HOME/.gnupg"
+chmod 0700 "$HOME/.ssh" "$HOME/.gnupg"
+
+for PID_FILE in .gnupg/gpg.conf .gnupg/gpg-agent.conf .ssh/config; do
+       test -s /etc/skel/$PID_FILE || continue
+
+       # list of known MD5 hashes of templates deployed by us
+       # + note the spaces at beginning and end of md5list! +
+       case $PID_FILE in
+       .gnupg/gpg.conf)
+               md5list=" 2b7d7e47afb59ec164cf0ab512bb4ddc c8b796ed85a79e458a564645dcf38281 d5c4f4335d1eab08bfc9afe7ab494801 e6af3b74078a49db14f2f79fa82b7d3a 1f5d00be735cd1b1a57960c0128d2368 e51c210618d7dbc93c63e456d4dd4af1 7dfefaad0f417b7f50da1d80f8f0759b "
+               ;;
+       .gnupg/gpg-agent.conf)
+               md5list=" e7e9b7940f07c3cb447b30da27914f8d "
+               ;;
+       *)
+               md5list=
+               ;;
+       esac
+
+       if test -s "$HOME/$PID_FILE"; then
+               md5=$( (fgrep -v '$Id' "$HOME/$PID_FILE" | md5sum) 2>&1 || \
+                   echo fail)
+               case $md5list in
+               *\ ${md5%% *}\ *)
+                       # MD5 matches, remove file
+                       rm -f "$HOME/$PID_FILE"
+                       ;;
+               *)
+                       # MD5 does not match, do not touch file
+                       continue
+                       ;;
+               esac
+       fi
+
+       # file does not exist or was removed by us, install template
+       cp /etc/skel/$PID_FILE "$HOME/$PID_FILE"
+       chmod 0600 "$HOME/$PID_FILE"
+done
+
+PID_FILE="/dev/shm/.ssh-$USER_ID"
+test -n "$SSH_AGENT_PID" || test -z "$SSH_CONNECTION" || SSH_AGENT_PID=fwd
+if test -n "$SSH_AUTH_SOCK"; then
+       test -S "$SSH_AUTH_SOCK" || SSH_AGENT_PID=
+else
+       SSH_AGENT_PID=
+fi
+if test -z "$SSH_AGENT_PID" && \
+    test -d "$PID_FILE/." && test -O "$PID_FILE/." && \
+    test -s "$PID_FILE/info" && test -O "$PID_FILE/info"; then
+       chmod -R go-rwx "$PID_FILE"
+       . "$PID_FILE/info"
+fi
+if test -z "$SSH_AUTH_SOCK" || test -z "$SSH_AGENT_PID" || \
+    test \! -S "$SSH_AUTH_SOCK"; then
+       unset SSH_AUTH_SOCK SSH_AGENT_PID
+       eval $(ssh-agent -s)
+fi
+if test -d "$PID_FILE/." && test -O "$PID_FILE/."; then
+       : wonderful
+else
+       rm -rf "$PID_FILE"
+       mkdir -p "$PID_FILE" && test -d "$PID_FILE/." && \
+           test -O "$PID_FILE/." && chmod -R go-rwx "$PID_FILE" || \
+           rm -rf "$PID_FILE"
+fi
+if test -d "$PID_FILE/." && test -O "$PID_FILE/."; then
+       rm -f "$PID_FILE/info"
+       : >"$PID_FILE/info"
+       chmod 0600 "$PID_FILE/info"
+fi
+if test -f "$PID_FILE/info" && test -O "$PID_FILE/info" &&
+    test -n "$SSH_AGENT_PID" && test -n "$SSH_AUTH_SOCK"; then
+       echo "SSH_AGENT_PID=$SSH_AGENT_PID" >>"$PID_FILE/info"
+       echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >>"$PID_FILE/info"
+       export SSH_AUTH_SOCK SSH_AGENT_PID
+else
+       rm -f "$PID_FILE/info"
+       unset SSH_AUTH_SOCK SSH_AGENT_PID
+fi
+
+: ${GNUPGHOME=$HOME/.gnupg}
+PID_FILE="$GNUPGHOME/gpg-agent-info-$(hostname)"
+GPG_TTY=$(tty); export GPG_TTY
+if test -n "$GPG_AGENT_INFO" && test -S "${GPG_AGENT_INFO%%:*}" && \
+    gpg-agent 2>/dev/null; then
+       : wonderful
+else
+       unset GPG_AGENT_INFO
+       test -s "$PID_FILE" && . "$PID_FILE"
+       export GPG_AGENT_INFO
+       if test -n "$GPG_AGENT_INFO" && test -S "${GPG_AGENT_INFO%%:*}" && \
+           gpg-agent 2>/dev/null; then
+               : wonderful
+       else
+               unset GPG_AGENT_INFO
+               eval $(gpg-agent --daemon --sh "--write-env-file=$PID_FILE")
+               export GPG_AGENT_INFO
+               if test -n "$GPG_AGENT_INFO" && \
+                   test -S "${GPG_AGENT_INFO%%:*}" && \
+                   gpg-agent 2>/dev/null; then
+                       : works now
+               else
+                       unset GPG_AGENT_INFO
+               fi
+       fi
+fi
+
+unset PID_FILE
+: