author | Oliver Maurhart <oliver.maurhart@ait.ac.at> |
Fri, 12 Sep 2014 12:16:51 +0200 | |
changeset 222 | ac227c9dc244 |
parent 216 | 358381a8c60a |
child 225 | e68561e69f86 |
permissions | -rwxr-xr-x |
oliver@91 | 1 |
#!/bin/bash |
oliver@91 | 2 |
|
oliver@91 | 3 |
# ------------------------------------------------------------ |
oliver@91 | 4 |
# install the initial VM for |
oliver@91 | 5 |
# |
oliver@222 | 6 |
# OpenSecurity V0.2.9 |
oliver@91 | 7 |
# |
oliver@91 | 8 |
# This has been originally a Windows only BAT file. |
oliver@91 | 9 |
# |
oliver@91 | 10 |
# ... but coding this makes your head hurt and |
oliver@91 | 11 |
# supporting this "technology" any further by adding |
oliver@91 | 12 |
# software to the world relying on CMD.exe is an act |
oliver@91 | 13 |
# against humanity and should be punished by jail. |
oliver@91 | 14 |
# |
oliver@91 | 15 |
# (C)opyright 2014, AIT Austrian Instiitute of Technology |
oliver@91 | 16 |
# ------------------------------------------------------------ |
oliver@91 | 17 |
|
oliver@91 | 18 |
|
oliver@91 | 19 |
# ------------------------------------------------------------ |
oliver@91 | 20 |
# code |
oliver@91 | 21 |
|
oliver@91 | 22 |
# install the initial VM given by ${1} |
oliver@91 | 23 |
|
oliver@91 | 24 |
|
oliver@91 | 25 |
# ------------------------------ |
oliver@91 | 26 |
# turns a windows path into a cygwin path |
oliver@91 | 27 |
# |
oliver@91 | 28 |
# $1 ... windows path |
oliver@91 | 29 |
# stdout the value found |
oliver@91 | 30 |
# |
oliver@91 | 31 |
function sanitize_path() { |
oliver@91 | 32 |
test -z "${1}" && return |
oliver@91 | 33 |
echo $(cygpath -u "${1}") |
oliver@91 | 34 |
} |
oliver@91 | 35 |
|
oliver@91 | 36 |
|
oliver@91 | 37 |
# ------------------------------ |
oliver@91 | 38 |
# main ... |
oliver@91 | 39 |
# |
oliver@91 | 40 |
|
oliver@91 | 41 |
# check if we do have elevated rights |
oliver@91 | 42 |
# that is "Run as Administrator" invocation |
oliver@91 | 43 |
echo 'checking privileges...' |
oliver@91 | 44 |
id -G | grep 544 &> /dev/null |
oliver@91 | 45 |
if [ "${?}" != 0 ]; then |
oliver@133 | 46 |
echo "Insufficient privileges. Is this script executed with 'Run As Administrator'?" |
oliver@133 | 47 |
echo "I'll try anyway..." |
oliver@91 | 48 |
fi |
oliver@91 | 49 |
|
oliver@91 | 50 |
# check OpenSecurity Initial VM Image |
oliver@91 | 51 |
# |
oliver@91 | 52 |
echo "looking for VM image: ${1}..." |
oliver@91 | 53 |
OSECVM_IMAGE=$(cygpath -u "${1}") |
oliver@91 | 54 |
echo "looking for VM image: ${1}" |
oliver@91 | 55 |
if [ ! -f "${OSECVM_IMAGE}" ]; then |
oliver@91 | 56 |
echo "Warning: no OpenSecurity Initial Image found." |
oliver@91 | 57 |
echo "Please download using the OpenSecurity download tool." |
oliver@91 | 58 |
exit 1 |
oliver@91 | 59 |
fi |
oliver@91 | 60 |
echo "initial VM image: ${1} found" |
oliver@91 | 61 |
|
oliver@91 | 62 |
# look up VirtulBox installation |
oliver@91 | 63 |
# |
oliver@91 | 64 |
echo "looking up VirtualBox installation..." |
oliver@91 | 65 |
VBOX_MANAGER="$(cat /proc/registry/HKEY_LOCAL_MACHINE/SOFTWARE/Oracle/VirtualBox/InstallDir)/VBoxManage.exe" |
oliver@91 | 66 |
VBOX_MANAGER=$(sanitize_path "${VBOX_MANAGER}") |
oliver@91 | 67 |
if [ ! -x "${VBOX_MANAGER}" ]; then |
oliver@91 | 68 |
echo "can't execute VBoxManage.exe - is VirtualBox installed?" |
oliver@91 | 69 |
echo "looked at: "$(cygpath -w ${VBOX_MANAGER})"" |
oliver@91 | 70 |
exit 1 |
oliver@91 | 71 |
fi |
oliver@91 | 72 |
echo "VirtualBox found at: ${VBOX_MANAGER}" |
oliver@91 | 73 |
|
oliver@91 | 74 |
# enforce VirtualBox to "feel good" by calling a function |
oliver@91 | 75 |
# (that is to "warm up" VirtualBox DCOM server ...) |
oliver@91 | 76 |
# |
oliver@91 | 77 |
echo "grabing VBox machine folder..." |
oliver@91 | 78 |
MACHINE_FOLDER=$("${VBOX_MANAGER}" list systemproperties | grep '^Default machine folder:' | sed 's/^Default machine folder: *//') |
oliver@91 | 79 |
MACHINE_FOLDER=$(cygpath -u "${MACHINE_FOLDER}") |
oliver@91 | 80 |
echo "machine folder: ${MACHINE_FOLDER}" |
oliver@91 | 81 |
|
oliver@91 | 82 |
# we have to stop the OpenSecurity service now |
oliver@91 | 83 |
# the VMManger does lock the SecurityDVMs so we can't |
oliver@91 | 84 |
# change them when he's on |
oliver@91 | 85 |
echo "stopping OpenSecurity service..." |
oliver@91 | 86 |
net stop "OpenSecurity Service" |
oliver@91 | 87 |
echo "OpenSecurity service stopped." |
oliver@91 | 88 |
|
oliver@146 | 89 |
echo "After stopping we'll wait some time to let VirtualBox calm itself" |
oliver@146 | 90 |
sleep 1 |
oliver@91 | 91 |
|
oliver@91 | 92 |
# do all stuff relativ to the given machinefolder |
oliver@146 | 93 |
mkdir -p "${MACHINE_FOLDER}" &> /dev/null |
oliver@91 | 94 |
pushd "${MACHINE_FOLDER}" &> /dev/null |
oliver@91 | 95 |
if [ "$?" != "0" ]; then |
oliver@91 | 96 |
echo "Failed to switch into machine folder." |
oliver@91 | 97 |
exit 1 |
oliver@91 | 98 |
fi |
oliver@91 | 99 |
|
oliver@91 | 100 |
# the Security VM disk image |
oliver@91 | 101 |
VDISK_IMAGE="SecurityDVM/SecurityDVM.vmdk" |
oliver@91 | 102 |
|
oliver@91 | 103 |
# import VM |
oliver@91 | 104 |
# |
oliver@91 | 105 |
"${VBOX_MANAGER}" list vms | grep SecurityDVM &> /dev/null |
oliver@91 | 106 |
if [ ! "${?}" = "0" ]; then |
oliver@91 | 107 |
echo "importing VM: ${OSECVM_IMAGE}" |
oliver@91 | 108 |
"${VBOX_MANAGER}" import "$(cygpath -w "${OSECVM_IMAGE}")" --vsys 0 --vmname SecurityDVM --unit 12 --disk "${VDISK_IMAGE}" |
oliver@91 | 109 |
else |
oliver@91 | 110 |
echo "found SecurityDVM already present in VBox reusing it." |
oliver@91 | 111 |
echo "if you want a complete new import please remove the VM first." |
oliver@93 | 112 |
echo "starting OpenSecurity service..." |
oliver@93 | 113 |
net start "OpenSecurity Service" |
oliver@93 | 114 |
echo "OpenSecurity service started" |
oliver@91 | 115 |
exit 1 |
oliver@91 | 116 |
fi |
oliver@91 | 117 |
|
oliver@167 | 118 |
# kick useless IDE controller |
oliver@167 | 119 |
"${VBOX_MANAGER}" storagectl SecurityDVM --name IDE --remove |
oliver@167 | 120 |
|
oliver@91 | 121 |
# grab VM storage controller and port |
oliver@91 | 122 |
# |
oliver@91 | 123 |
VDISK_SETUP=$("${VBOX_MANAGER}" showvminfo SecurityDVM | grep SecurityDVM.vmdk | cut -d ':' -f 1 | tr '(),' ' ') |
oliver@91 | 124 |
VDISK_CONTROLLER=$(echo ${VDISK_SETUP} | gawk '{print $1;}') |
oliver@91 | 125 |
VDISK_PORT=$(echo ${VDISK_SETUP} | gawk '{print $2;}') |
oliver@91 | 126 |
VDISK_DEVICE=$(echo ${VDISK_SETUP} | gawk '{print $3;}') |
oliver@91 | 127 |
if [ -z "${VDISK_CONTROLLER}" ]; then |
oliver@91 | 128 |
echo "unable to grab virtual disk controller in VM." |
oliver@91 | 129 |
echo "this shouldn't happen. It's a bug." |
oliver@93 | 130 |
echo "starting OpenSecurity service..." |
oliver@93 | 131 |
net start "OpenSecurity Service" |
oliver@93 | 132 |
echo "OpenSecurity service started" |
oliver@91 | 133 |
exit 1 |
oliver@91 | 134 |
fi |
oliver@91 | 135 |
|
oliver@91 | 136 |
# detach disk image |
oliver@91 | 137 |
# |
BarthaM@171 | 138 |
echo "detaching disk image ..." |
BarthaM@171 | 139 |
"${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --medium none |
oliver@91 | 140 |
|
oliver@167 | 141 |
# turn disk image into normal |
oliver@91 | 142 |
# |
BarthaM@171 | 143 |
VDISK_PORT=0 |
BarthaM@171 | 144 |
VDISK_DEVICE=0 |
BarthaM@171 | 145 |
echo "turning disk image into normal ..." |
BarthaM@171 | 146 |
"${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --device ${VDISK_DEVICE} --type hdd --mtype normal --medium "${VDISK_IMAGE}" |
oliver@91 | 147 |
|
oliver@91 | 148 |
# detach disk image |
oliver@91 | 149 |
# |
BarthaM@216 | 150 |
echo "detach disk image ..." |
BarthaM@216 | 151 |
"${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --medium none |
oliver@91 | 152 |
|
oliver@91 | 153 |
# immutablize disk |
oliver@91 | 154 |
# |
BarthaM@216 | 155 |
echo "reattach immutable disk image ..." |
BarthaM@216 | 156 |
"${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --device ${VDISK_DEVICE} --type hdd --mtype immutable --medium "${VDISK_IMAGE}" |
oliver@91 | 157 |
|
oliver@91 | 158 |
echo "imported initial OsecVM.ova image" |
oliver@91 | 159 |
|
oliver@91 | 160 |
"${VBOX_MANAGER}" list vms |
oliver@91 | 161 |
|
oliver@91 | 162 |
echo "starting OpenSecurity service..." |
oliver@91 | 163 |
net start "OpenSecurity Service" |
oliver@91 | 164 |
echo "OpenSecurity service started" |
oliver@91 | 165 |
|
oliver@153 | 166 |
# run 1st update on image |
oliver@153 | 167 |
sleep 1 |
oliver@153 | 168 |
wget -q http://localhost:8080/update_template |
oliver@153 | 169 |