2019-11-28 15:10:31 +00:00
|
|
|
#!/bin/bash
|
2019-11-23 15:50:13 +00:00
|
|
|
#
|
2019-11-27 19:17:34 +00:00
|
|
|
# JDR Wed 27 Nov 2019 01:30:29 PM EST
|
|
|
|
# The purpose of this script is to be run from a systemd service
|
|
|
|
# file, or sysvinit script.
|
2019-11-23 15:50:13 +00:00
|
|
|
#
|
2019-11-28 03:06:49 +00:00
|
|
|
# BE CAREFUL not to monitor the log file to which output from this
|
2019-11-28 15:10:31 +00:00
|
|
|
# script is written - you will have a feedback loop!
|
2019-11-28 03:06:49 +00:00
|
|
|
#
|
2019-11-23 15:50:13 +00:00
|
|
|
|
2019-11-27 19:17:34 +00:00
|
|
|
BAN2FAIL_CFG=/etc/ban2fail/ban2fail.cfg
|
2019-11-27 22:31:15 +00:00
|
|
|
INOTIFYWAIT=/usr/bin/inotifywait
|
2019-11-29 14:00:39 +00:00
|
|
|
BAN2FAIL=/usr/local/bin/ban2fail
|
|
|
|
|
|
|
|
# For testing only
|
|
|
|
#BAN2FAIL="/usr/local/bin/ban2fail -t $BAN2FAIL_CFG"
|
2019-11-23 15:50:13 +00:00
|
|
|
|
2019-11-27 19:17:34 +00:00
|
|
|
# Uncomment this if you wish to see output from the time command
|
|
|
|
#TIME=time
|
2019-11-23 15:50:13 +00:00
|
|
|
|
2019-11-28 15:10:31 +00:00
|
|
|
# Do not run again for at least this many deciseconds, to
|
|
|
|
# avoid monopolizing CPU
|
|
|
|
MIN_PERIOD_DS=3
|
|
|
|
|
|
|
|
# Get period in nanoseconds for integer calculations
|
|
|
|
(( MIN_PERIOD_NS = MIN_PERIOD_DS * 100000000 ))
|
2019-11-23 15:50:13 +00:00
|
|
|
|
|
|
|
while true; do
|
2019-11-27 19:17:34 +00:00
|
|
|
echo "Starting main loop"
|
2019-11-29 14:00:39 +00:00
|
|
|
MON_FNAMES=$($BAN2FAIL --print-lfn | tr $'\n' ' ')
|
|
|
|
MON_FNAMES="$MON_FNAMES $BAN2FAIL_CFG"
|
2019-11-23 15:50:13 +00:00
|
|
|
|
2019-11-28 15:10:31 +00:00
|
|
|
# Always do initial check
|
|
|
|
echo "Initial run for $BAN2FAIL"
|
|
|
|
RAN_NS=$(date +%s%N)
|
|
|
|
$TIME $BAN2FAIL
|
|
|
|
|
2019-11-29 14:00:39 +00:00
|
|
|
echo "Monitoring: $MON_FNAMES"
|
2019-11-23 15:50:13 +00:00
|
|
|
|
2019-12-02 15:19:22 +00:00
|
|
|
# Launch inotifywait in the background outputting to fd #3
|
|
|
|
exec 3< <(exec $INOTIFYWAIT -m $MON_FNAMES)
|
|
|
|
INOTIFYWAIT_PID=$!
|
|
|
|
|
|
|
|
# Read the output of inotifywait
|
|
|
|
while read -u 3 FILE OPS; do
|
2019-11-28 15:10:31 +00:00
|
|
|
|
2019-11-29 14:00:39 +00:00
|
|
|
case "$OPS" in
|
|
|
|
MOVE_SELF) break;;
|
2019-11-23 15:50:13 +00:00
|
|
|
|
2019-11-29 14:00:39 +00:00
|
|
|
MODIFY) [[ "$FILE" == $BAN2FAIL_CFG ]] && break;;
|
|
|
|
|
|
|
|
*) continue;;
|
|
|
|
esac
|
2019-11-23 15:50:13 +00:00
|
|
|
|
2019-11-27 19:17:34 +00:00
|
|
|
# Uncomment this to see the inotifywait output which triggered this cycle
|
2019-11-30 14:35:29 +00:00
|
|
|
#echo "FILE= '$FILE', OPS= '$OPS'"
|
2019-11-23 15:50:13 +00:00
|
|
|
|
2019-11-28 15:10:31 +00:00
|
|
|
NOW_NS=$(date +%s%N)
|
|
|
|
(( SINCE_NS = NOW_NS - RAN_NS ))
|
2019-11-29 14:00:39 +00:00
|
|
|
|
2019-11-28 15:10:31 +00:00
|
|
|
if (( SINCE_NS < MIN_PERIOD_NS )); then
|
|
|
|
|
|
|
|
(( REMAINING_NS = MIN_PERIOD_NS - SINCE_NS ))
|
|
|
|
|
2019-11-29 14:00:39 +00:00
|
|
|
# 'sleep' command wants a string representation of floating point number of seconds,
|
|
|
|
# so we need to break sleep time into seconds and nanosecond remainder components
|
2019-11-28 15:10:31 +00:00
|
|
|
(( REMAINING_SEC = REMAINING_NS / 1000000000 ))
|
|
|
|
(( REMAINING_NS_REM = REMAINING_NS % 1000000000 ))
|
|
|
|
|
|
|
|
if (( REMAINING_SEC || REMAINING_NS_REM > 1000000 )); then
|
|
|
|
|
|
|
|
# use printf command to format as floating point string
|
2019-11-29 14:00:39 +00:00
|
|
|
REMAINING_SEC_FP=$(printf '%d.%09d' $REMAINING_SEC $REMAINING_NS_REM)
|
2019-11-28 15:10:31 +00:00
|
|
|
|
|
|
|
# sleep for floating point period of seconds
|
2019-11-29 14:00:39 +00:00
|
|
|
sleep $REMAINING_SEC_FP
|
2019-11-28 15:10:31 +00:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2019-11-27 19:17:34 +00:00
|
|
|
echo "Running $BAN2FAIL"
|
2019-11-28 15:10:31 +00:00
|
|
|
|
2019-11-29 14:00:39 +00:00
|
|
|
# Here is where we check for offenses.
|
2019-12-02 15:19:22 +00:00
|
|
|
# If ban2fail fails it is probably because logrotated
|
2019-11-29 14:00:39 +00:00
|
|
|
# is managing the log files, so bail out...
|
2019-11-28 15:10:31 +00:00
|
|
|
RAN_NS=$(date +%s%N)
|
2019-11-29 14:00:39 +00:00
|
|
|
$TIME $BAN2FAIL || break
|
2019-11-23 15:50:13 +00:00
|
|
|
|
2019-12-02 15:19:22 +00:00
|
|
|
done
|
|
|
|
|
|
|
|
# Shut down inotifywait
|
|
|
|
if ps $INOTIFYWAIT_PID &>/dev/null; then
|
|
|
|
kill $INOTIFYWAIT_PID
|
|
|
|
wait
|
|
|
|
fi
|
|
|
|
exec 3<&-
|
2019-11-28 15:10:31 +00:00
|
|
|
|
2019-11-29 14:00:39 +00:00
|
|
|
echo 'Exiting main loop'
|
|
|
|
# Pause to let things settle down
|
2019-11-27 19:17:34 +00:00
|
|
|
sleep 1
|
2019-11-29 14:00:39 +00:00
|
|
|
|
2019-11-23 15:50:13 +00:00
|
|
|
done
|
|
|
|
|
|
|
|
|
|
|
|
exit 0
|