slitaz-dev-tools annotate mirror-tools/rootfs/usr/sbin/srvwatch @ rev 309
Remove ashism ==
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Tue Feb 26 08:23:49 2019 +0100 (2019-02-26) |
| parents | cdce40802814 |
| children |
| rev | line source |
|---|---|
| pascal@39 | 1 #!/bin/sh |
| pascal@39 | 2 |
| pascal@39 | 3 # Check daemon with pidfile: usage check_pidfile $PIDFILE $DAEMON |
| pascal@39 | 4 active_pidfile() |
| pascal@39 | 5 { |
| pascal@39 | 6 if [ ! -e $1 ]; then |
| pascal@39 | 7 return 1 |
| pascal@39 | 8 elif grep -qs "Name:.$(basename $2)$" \ |
| pascal@39 | 9 /proc/$(cat $1 | sed 's/[^0-9]//g')/status ; then |
| pascal@39 | 10 return 0 |
| pascal@39 | 11 else |
| pascal@39 | 12 rm -f $1 |
| pascal@39 | 13 return 2 |
| pascal@39 | 14 fi |
| pascal@39 | 15 } |
| pascal@39 | 16 |
| pascal@39 | 17 log() |
| pascal@39 | 18 { |
| pascal@39 | 19 cat > /var/log/svrwatch.log.$$ <<EOT |
| pascal@39 | 20 $(tail -n 50 /var/log/svrwatch.log 2> /dev/null) |
| pascal@39 | 21 $(date) $@ |
| pascal@39 | 22 EOT |
| pascal@39 | 23 mv -f /var/log/svrwatch.log.$$ /var/log/svrwatch.log |
| pascal@39 | 24 } |
| pascal@39 | 25 |
| pascal@39 | 26 cron_leak() |
| pascal@39 | 27 { |
| pascal@39 | 28 mem=$(top -b -n1 | grep cron | grep -v grep | awk '{ print $5 }') |
| pascal@39 | 29 case "$mem" in |
| pascal@39 | 30 *m) [ ${mem%m} -gt 500 ] && { |
| pascal@39 | 31 log "restart crond (use $mem)" |
| pascal@39 | 32 /etc/init.d/crond restart > /dev/null 2>&1 |
| pascal@39 | 33 } |
| pascal@39 | 34 ;; |
| pascal@39 | 35 esac |
| pascal@39 | 36 } |
| pascal@39 | 37 |
| pascal@39 | 38 make_pem() |
| pascal@39 | 39 { |
| pascal@39 | 40 names="DNS:*.$1, DNS:$1" |
| pascal@39 | 41 if grep -q '# req_extensions' /etc/ssl/openssl.cnf; then |
| pascal@39 | 42 sed -i 's/^# req_extensions.*/req_extensions = multiname/' \ |
| pascal@39 | 43 /etc/ssl/openssl.cnf |
| pascal@39 | 44 cat >> /etc/ssl/openssl.cnf << EOT |
| pascal@39 | 45 |
| pascal@39 | 46 [ multiname ] |
| pascal@39 | 47 subjectAltName = $names |
| pascal@39 | 48 EOT |
| pascal@39 | 49 else |
| pascal@39 | 50 sed -i "s/^subjectAltName.*/subjectAltName = $names/" /etc/ssl/openssl.cnf |
| pascal@39 | 51 fi |
| pascal@39 | 52 false && cat > multiname.ext <<EOT |
| pascal@39 | 53 [ multiname ] |
| pascal@39 | 54 subjectAltName = $names |
| pascal@39 | 55 EOT |
| pascal@39 | 56 |
| pascal@39 | 57 # -extfile multiname.ext -extensions multiname |
| pascal@39 | 58 openssl req -new -x509 -keyout $2 -extensions multiname \ |
| pascal@39 | 59 -out $2 -days 3650 -nodes <<EOT |
| pascal@39 | 60 $(. /etc/locale.conf ; echo ${LANG#*_}) |
| pascal@39 | 61 $(cat /etc/TZ) |
| pascal@39 | 62 |
| pascal@39 | 63 *.$1 |
| pascal@39 | 64 |
| pascal@39 | 65 |
| pascal@39 | 66 |
| pascal@39 | 67 EOT |
| pascal@39 | 68 } |
| pascal@39 | 69 |
| pascal@39 | 70 check_pem() |
| pascal@39 | 71 { |
| pascal@39 | 72 grep SSLCertificat /etc/apache/conf.d/* | awk '{ print $3 }' | uniq | \ |
| pascal@39 | 73 while read file; do |
| pascal@39 | 74 [ -s $file ] && continue |
| pascal@39 | 75 make_pem $(basename $file .pem) $file |
| pascal@39 | 76 done |
| pascal@39 | 77 } |
| pascal@39 | 78 |
| pascal@39 | 79 check_certificates() |
| pascal@39 | 80 { |
| pascal@39 | 81 if [ -n "$(check_pem)" ]; then |
| pascal@39 | 82 /etc/init.d/apache stop |
| pascal@39 | 83 /etc/init.d/apache start |
| pascal@39 | 84 fi |
| pascal@39 | 85 } |
| pascal@39 | 86 |
| pascal@39 | 87 daemon_crash() |
| pascal@39 | 88 { |
| pascal@39 | 89 if [ -f /etc/aliases -a /etc/aliases -nt /etc/aliases.db ]; then |
| pascal@39 | 90 log "/etc/aliases" |
| pascal@39 | 91 postalias /etc/aliases |
| pascal@39 | 92 fi |
| pascal@39 | 93 eval $(grep ^RUN_DAEMONS= /etc/rcS.conf) |
| pascal@39 | 94 checked="" |
| pascal@39 | 95 while read command pidfile daemon; do |
| pascal@39 | 96 case "$command" in |
| pascal@39 | 97 \#*) continue |
| pascal@39 | 98 esac |
| pascal@39 | 99 checked="$checked $command" |
| pascal@39 | 100 case " $RUN_DAEMONS " in |
| pascal@39 | 101 *\ $command\ *) |
| pascal@39 | 102 case "$command" in |
| pascal@39 | 103 apache) |
| pascal@39 | 104 check_certificates ;; |
| pascal@39 | 105 esac |
| pascal@39 | 106 active_pidfile $pidfile $daemon || { |
| pascal@39 | 107 log "start daemon $command" |
| pascal@39 | 108 /etc/init.d/$command start |
| pascal@39 | 109 } |
| pascal@309 | 110 if [ $command = mysql -a ! -e /var/run/mysqld/mysqld.sock ]; then |
| pascal@39 | 111 log "mysql socket" |
| pascal@39 | 112 killall mysqld |
| pascal@39 | 113 killall -9 mysqld |
| pascal@39 | 114 /etc/init.d/mysql start |
| pascal@39 | 115 fi |
| pascal@39 | 116 ;; |
| pascal@39 | 117 esac |
| pascal@39 | 118 done <<EOT |
| pascal@39 | 119 rsyncd /var/run/rsyncd.pid rsync |
| pascal@39 | 120 openssh /var/run/sshd.pid sshd |
| pascal@39 | 121 lighttpd /var/run/lighttpd.pid lighttpd |
| pascal@39 | 122 hald /var/run/hald/pid hald |
| pascal@39 | 123 ajaxterm /var/run/ajaxterm.pid python |
| pascal@39 | 124 apache /var/run/apache/httpd.pid httpd |
| pascal@39 | 125 crond /var/run/crond.pid crond |
| pascal@39 | 126 dbus /var/run/dbus/pid dbus-daemon |
| pascal@39 | 127 dropbear /var/run/dropbear.pid dropbear |
| pascal@39 | 128 hald /var/run/hald/pid hald |
| pascal@39 | 129 mysql /var/run/mysqld/mysql.pid mysqld |
| pascal@39 | 130 ntp /var/run/ntpd.pid ntpd |
| pascal@39 | 131 postfix /var/spool/postfix/pid/master.pid master |
| pascal@39 | 132 pure-ftpd /var/run/pure-ftpd.pid pure-ftpd |
| pascal@39 | 133 slim /var/lock/slim.lock slim |
| pascal@39 | 134 knock /var/run/knockd.pid knockd |
| pascal@39 | 135 udhcpd /var/run/udhcpd.pid udhcpd |
| pascal@39 | 136 dhcpd /var/run/dhcpd.pid dhcpd |
| pascal@39 | 137 EOT |
| pascal@39 | 138 rm -f /var/log/srvwatch.log |
| pascal@39 | 139 for i in $RUN_DAEMONS ; do |
| pascal@39 | 140 case " $checked " in |
| pascal@39 | 141 *\ $i\ *) ;; |
| pascal@39 | 142 *) echo "Not checked: $i" >> /var/log/srvwatch.log ;; |
| pascal@39 | 143 esac |
| pascal@39 | 144 done |
| pascal@39 | 145 } |
| pascal@39 | 146 |
| pascal@39 | 147 swap_full() |
| pascal@39 | 148 { |
| pascal@39 | 149 if [ -n "$(free | awk '/Swap/ { if ($2/$4 > 10) print }')" ]; then |
| pascal@39 | 150 log "$(free | grep Swap)" |
| pascal@39 | 151 top -b -n1 > /var/log/top.log |
| pascal@39 | 152 sync |
| pascal@39 | 153 reboot |
| pascal@39 | 154 fi |
| pascal@39 | 155 } |
| pascal@39 | 156 |
| pascal@39 | 157 case "$1" in |
| pascal@39 | 158 install) |
| pascal@309 | 159 [ $0 = $2/usr/sbin/srvwatch ] || mv $0 $2/usr/sbin/srvwatch |
| pascal@39 | 160 if [ -x $2/usr/sbin/srvwatch ] && ! grep -q /usr/sbin/srvwatch $2/etc/inittab; then |
| pascal@39 | 161 sed -i 's|^::sysinit.*|&\n::respawn:/usr/sbin/srvwatch loop|' \ |
| pascal@39 | 162 $2/etc/inittab |
| pascal@39 | 163 [ -n "$2" ] || kill -1 1 |
| pascal@39 | 164 fi |
| pascal@39 | 165 ;; |
| pascal@39 | 166 once) |
| pascal@39 | 167 daemon_crash |
| pascal@39 | 168 cron_leak |
| pascal@39 | 169 swap_full ;; |
| pascal@39 | 170 loop) |
| pascal@39 | 171 while true; do |
| pascal@39 | 172 daemon_crash |
| pascal@39 | 173 cron_leak |
| pascal@39 | 174 swap_full |
| pascal@39 | 175 sleep 15m |
| pascal@39 | 176 done > /dev/null 2>&1 ;; |
| pascal@39 | 177 *) |
| pascal@39 | 178 echo "Usage: $0 install" ;; |
| pascal@39 | 179 esac |