ban2fail/install.sh

#!/bin/bash -e

set -u

if [[ $(id -u) != 0 ]]; then
   echo 'This script must be run as root!'
   exit 1
fi

BINDIR=/usr/local/bin
CONFDIR=/etc/ban2fail
OTHERDIR=/usr/local/share/ban2fail
SVCDIR=/etc/systemd/system

BIN=ban2fail
CONF=ban2fail.cfg
SVC=ban2fail.service
SVCSH=ban2fail.sh
CACHEDIR=/var/cache/ban2fail
TEST_CACHEDIR=${CACHEDIR}-test
LOCKDIR=/run/lock/ban2fail
TEST_LOCKDIR=${LOCKDIR}-test

# Make sure directories exist with correct ownership & mode
[[ -e $OTHERDIR ]] || mkdir $OTHERDIR
chmod 2755 $OTHERDIR
chown .adm $OTHERDIR

[[ -e $CONFDIR ]] || mkdir $CONFDIR
chmod 2750 $CONFDIR
chown .adm $CONFDIR
# TODO: substitute correct hostname in config
[[ -e $CONFDIR/$CONF ]] || cp $CONF $CONFDIR

[[ -e $BINDIR ]] || mkdir $BINDIR

# No need for debugging symbols in binary
strip release/$BIN
cp -f release/$BIN $BINDIR/
chown .adm $BINDIR/$BIN
# Need suid bit so non-root can run iptables
chmod 4755 $BINDIR/$BIN

chmod +x $SVCSH
cp -f $SVCSH $OTHERDIR/

systemctl status ban2fail &>/dev/null && systemctl stop ban2fail
# Clean out cache and lockfiles
[[ -e $CACHEDIR ]] && rm -r $CACHEDIR
[[ -e $TEST_CACHEDIR ]] && rm -r $TEST_CACHEDIR
[[ -e $LOCKDIR ]] && rm -r $LOCKDIR
[[ -e $TEST_LOCKDIR ]] && rm -r $TEST_LOCKDIR
cp $SVC $SVCDIR/
systemctl daemon-reload
systemctl start ban2fail
systemctl enable ban2fail

echo "Installation completed successfully"
systemctl status ban2fail
exit 0
Touch ups 2019-12-04 03:08:14 +00:00			`#!/bin/bash -e`

Made respectable install.sh 2019-12-04 22:35:27 +00:00			`set -u`

Improved installation 2019-12-06 13:50:17 +00:00			`if [[ $(id -u) != 0 ]]; then`
			`echo 'This script must be run as root!'`
			`exit 1`
			`fi`

Touch ups 2019-12-04 03:08:14 +00:00			`BINDIR=/usr/local/bin`
Made respectable install.sh 2019-12-04 22:35:27 +00:00			`CONFDIR=/etc/ban2fail`
			`OTHERDIR=/usr/local/share/ban2fail`
			`SVCDIR=/etc/systemd/system`

			`BIN=ban2fail`
			`CONF=ban2fail.cfg`
			`SVC=ban2fail.service`
			`SVCSH=ban2fail.sh`
Imroved install script 2019-12-05 03:48:50 +00:00			`CACHEDIR=/var/cache/ban2fail`
			`TEST_CACHEDIR=${CACHEDIR}-test`
			`LOCKDIR=/run/lock/ban2fail`
			`TEST_LOCKDIR=${LOCKDIR}-test`
Made respectable install.sh 2019-12-04 22:35:27 +00:00
			`# Make sure directories exist with correct ownership & mode`
Improved installation 2019-12-06 13:50:17 +00:00			`[[ -e $OTHERDIR ]] \|\| mkdir $OTHERDIR`
			`chmod 2755 $OTHERDIR`
			`chown .adm $OTHERDIR`
Made respectable install.sh 2019-12-04 22:35:27 +00:00
Improved installation 2019-12-06 13:50:17 +00:00			`[[ -e $CONFDIR ]] \|\| mkdir $CONFDIR`
			`chmod 2750 $CONFDIR`
			`chown .adm $CONFDIR`
Imroved install script 2019-12-05 03:48:50 +00:00			`# TODO: substitute correct hostname in config`
Improved installation 2019-12-06 13:50:17 +00:00			`[[ -e $CONFDIR/$CONF ]] \|\| cp $CONF $CONFDIR`
Made respectable install.sh 2019-12-04 22:35:27 +00:00
Improved installation 2019-12-06 13:50:17 +00:00			`[[ -e $BINDIR ]] \|\| mkdir $BINDIR`
Made respectable install.sh 2019-12-04 22:35:27 +00:00
			`# No need for debugging symbols in binary`
			`strip release/$BIN`
Improved installation 2019-12-06 13:50:17 +00:00			`cp -f release/$BIN $BINDIR/`
			`chown .adm $BINDIR/$BIN`
Made respectable install.sh 2019-12-04 22:35:27 +00:00			`# Need suid bit so non-root can run iptables`
Improved installation 2019-12-06 13:50:17 +00:00			`chmod 4755 $BINDIR/$BIN`
Touch ups 2019-12-04 03:08:14 +00:00
Made respectable install.sh 2019-12-04 22:35:27 +00:00			`chmod +x $SVCSH`
Improved installation 2019-12-06 13:50:17 +00:00			`cp -f $SVCSH $OTHERDIR/`
Touch ups 2019-12-04 03:08:14 +00:00
Improved installation 2019-12-06 13:50:17 +00:00			`systemctl status ban2fail &>/dev/null && systemctl stop ban2fail`
Imroved install script 2019-12-05 03:48:50 +00:00			`# Clean out cache and lockfiles`
Improved installation 2019-12-06 13:50:17 +00:00			`[[ -e $CACHEDIR ]] && rm -r $CACHEDIR`
			`[[ -e $TEST_CACHEDIR ]] && rm -r $TEST_CACHEDIR`
			`[[ -e $LOCKDIR ]] && rm -r $LOCKDIR`
			`[[ -e $TEST_LOCKDIR ]] && rm -r $TEST_LOCKDIR`
			`cp $SVC $SVCDIR/`
			`systemctl daemon-reload`
			`systemctl start ban2fail`
			`systemctl enable ban2fail`
Touch ups 2019-12-04 03:08:14 +00:00
Made respectable install.sh 2019-12-04 22:35:27 +00:00			`echo "Installation completed successfully"`
Imroved install script 2019-12-05 03:48:50 +00:00			`systemctl status ban2fail`
Touch ups 2019-12-04 03:08:14 +00:00			`exit 0`