author | Oliver Maurhart <oliver.maurhart@ait.ac.at> |
Wed, 29 Oct 2014 15:18:22 +0100 | |
changeset 240 | d7ef04254e9c |
parent 225 | e68561e69f86 |
permissions | -rwxr-xr-x |
oliver@91 | 1 |
#!/bin/bash |
oliver@91 | 2 |
|
oliver@91 | 3 |
# ------------------------------------------------------------ |
oliver@91 | 4 |
# install the initial VM for |
oliver@91 | 5 |
# |
oliver@91 | 6 |
# This has been originally a Windows only BAT file. |
oliver@91 | 7 |
# |
oliver@91 | 8 |
# ... but coding this makes your head hurt and |
oliver@91 | 9 |
# supporting this "technology" any further by adding |
oliver@91 | 10 |
# software to the world relying on CMD.exe is an act |
oliver@91 | 11 |
# against humanity and should be punished by jail. |
oliver@91 | 12 |
# |
oliver@240 | 13 |
# Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology |
oliver@240 | 14 |
# |
oliver@240 | 15 |
# |
oliver@240 | 16 |
# X-Net Services GmbH |
oliver@240 | 17 |
# Elisabethstrasse 1 |
oliver@240 | 18 |
# 4020 Linz |
oliver@240 | 19 |
# AUSTRIA |
oliver@240 | 20 |
# https://www.x-net.at |
oliver@240 | 21 |
# |
oliver@240 | 22 |
# AIT Austrian Institute of Technology |
oliver@240 | 23 |
# Donau City Strasse 1 |
oliver@240 | 24 |
# 1220 Wien |
oliver@240 | 25 |
# AUSTRIA |
oliver@240 | 26 |
# http://www.ait.ac.at |
oliver@240 | 27 |
# |
oliver@240 | 28 |
# |
oliver@240 | 29 |
# Licensed under the Apache License, Version 2.0 (the "License"); |
oliver@240 | 30 |
# you may not use this file except in compliance with the License. |
oliver@240 | 31 |
# You may obtain a copy of the License at |
oliver@240 | 32 |
# |
oliver@240 | 33 |
# http://www.apache.org/licenses/LICENSE-2.0 |
oliver@240 | 34 |
# |
oliver@240 | 35 |
# Unless required by applicable law or agreed to in writing, software |
oliver@240 | 36 |
# distributed under the License is distributed on an "AS IS" BASIS, |
oliver@240 | 37 |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
oliver@240 | 38 |
# See the License for the specific language governing permissions and |
oliver@240 | 39 |
# limitations under the License. |
oliver@91 | 40 |
# ------------------------------------------------------------ |
oliver@91 | 41 |
|
oliver@91 | 42 |
|
oliver@91 | 43 |
# ------------------------------------------------------------ |
oliver@91 | 44 |
# code |
oliver@91 | 45 |
|
oliver@91 | 46 |
# install the initial VM given by ${1} |
oliver@91 | 47 |
|
oliver@91 | 48 |
|
oliver@91 | 49 |
# ------------------------------ |
oliver@91 | 50 |
# turns a windows path into a cygwin path |
oliver@91 | 51 |
# |
oliver@91 | 52 |
# $1 ... windows path |
oliver@91 | 53 |
# stdout the value found |
oliver@91 | 54 |
# |
oliver@91 | 55 |
function sanitize_path() { |
oliver@91 | 56 |
test -z "${1}" && return |
oliver@91 | 57 |
echo $(cygpath -u "${1}") |
oliver@91 | 58 |
} |
oliver@91 | 59 |
|
oliver@91 | 60 |
|
oliver@91 | 61 |
# ------------------------------ |
oliver@91 | 62 |
# main ... |
oliver@91 | 63 |
# |
oliver@91 | 64 |
|
oliver@91 | 65 |
# check if we do have elevated rights |
oliver@91 | 66 |
# that is "Run as Administrator" invocation |
oliver@91 | 67 |
echo 'checking privileges...' |
oliver@91 | 68 |
id -G | grep 544 &> /dev/null |
oliver@91 | 69 |
if [ "${?}" != 0 ]; then |
oliver@133 | 70 |
echo "Insufficient privileges. Is this script executed with 'Run As Administrator'?" |
oliver@133 | 71 |
echo "I'll try anyway..." |
oliver@91 | 72 |
fi |
oliver@91 | 73 |
|
oliver@91 | 74 |
# check OpenSecurity Initial VM Image |
oliver@91 | 75 |
# |
oliver@91 | 76 |
echo "looking for VM image: ${1}..." |
oliver@91 | 77 |
OSECVM_IMAGE=$(cygpath -u "${1}") |
oliver@91 | 78 |
echo "looking for VM image: ${1}" |
oliver@91 | 79 |
if [ ! -f "${OSECVM_IMAGE}" ]; then |
oliver@91 | 80 |
echo "Warning: no OpenSecurity Initial Image found." |
oliver@91 | 81 |
echo "Please download using the OpenSecurity download tool." |
oliver@91 | 82 |
exit 1 |
oliver@91 | 83 |
fi |
oliver@91 | 84 |
echo "initial VM image: ${1} found" |
oliver@91 | 85 |
|
oliver@91 | 86 |
# look up VirtulBox installation |
oliver@91 | 87 |
# |
oliver@91 | 88 |
echo "looking up VirtualBox installation..." |
oliver@91 | 89 |
VBOX_MANAGER="$(cat /proc/registry/HKEY_LOCAL_MACHINE/SOFTWARE/Oracle/VirtualBox/InstallDir)/VBoxManage.exe" |
oliver@91 | 90 |
VBOX_MANAGER=$(sanitize_path "${VBOX_MANAGER}") |
oliver@91 | 91 |
if [ ! -x "${VBOX_MANAGER}" ]; then |
oliver@91 | 92 |
echo "can't execute VBoxManage.exe - is VirtualBox installed?" |
oliver@91 | 93 |
echo "looked at: "$(cygpath -w ${VBOX_MANAGER})"" |
oliver@91 | 94 |
exit 1 |
oliver@91 | 95 |
fi |
oliver@91 | 96 |
echo "VirtualBox found at: ${VBOX_MANAGER}" |
oliver@91 | 97 |
|
oliver@91 | 98 |
# enforce VirtualBox to "feel good" by calling a function |
oliver@91 | 99 |
# (that is to "warm up" VirtualBox DCOM server ...) |
oliver@91 | 100 |
# |
oliver@91 | 101 |
echo "grabing VBox machine folder..." |
oliver@91 | 102 |
MACHINE_FOLDER=$("${VBOX_MANAGER}" list systemproperties | grep '^Default machine folder:' | sed 's/^Default machine folder: *//') |
oliver@91 | 103 |
MACHINE_FOLDER=$(cygpath -u "${MACHINE_FOLDER}") |
oliver@91 | 104 |
echo "machine folder: ${MACHINE_FOLDER}" |
oliver@91 | 105 |
|
oliver@91 | 106 |
# we have to stop the OpenSecurity service now |
oliver@91 | 107 |
# the VMManger does lock the SecurityDVMs so we can't |
oliver@91 | 108 |
# change them when he's on |
oliver@91 | 109 |
echo "stopping OpenSecurity service..." |
oliver@91 | 110 |
net stop "OpenSecurity Service" |
oliver@91 | 111 |
echo "OpenSecurity service stopped." |
oliver@91 | 112 |
|
oliver@146 | 113 |
echo "After stopping we'll wait some time to let VirtualBox calm itself" |
oliver@146 | 114 |
sleep 1 |
oliver@91 | 115 |
|
oliver@91 | 116 |
# do all stuff relativ to the given machinefolder |
oliver@146 | 117 |
mkdir -p "${MACHINE_FOLDER}" &> /dev/null |
oliver@91 | 118 |
pushd "${MACHINE_FOLDER}" &> /dev/null |
oliver@91 | 119 |
if [ "$?" != "0" ]; then |
oliver@91 | 120 |
echo "Failed to switch into machine folder." |
oliver@91 | 121 |
exit 1 |
oliver@91 | 122 |
fi |
oliver@91 | 123 |
|
oliver@91 | 124 |
# the Security VM disk image |
oliver@91 | 125 |
VDISK_IMAGE="SecurityDVM/SecurityDVM.vmdk" |
oliver@91 | 126 |
|
oliver@91 | 127 |
# import VM |
oliver@91 | 128 |
# |
oliver@91 | 129 |
"${VBOX_MANAGER}" list vms | grep SecurityDVM &> /dev/null |
oliver@91 | 130 |
if [ ! "${?}" = "0" ]; then |
oliver@91 | 131 |
echo "importing VM: ${OSECVM_IMAGE}" |
oliver@91 | 132 |
"${VBOX_MANAGER}" import "$(cygpath -w "${OSECVM_IMAGE}")" --vsys 0 --vmname SecurityDVM --unit 12 --disk "${VDISK_IMAGE}" |
oliver@91 | 133 |
else |
oliver@91 | 134 |
echo "found SecurityDVM already present in VBox reusing it." |
oliver@91 | 135 |
echo "if you want a complete new import please remove the VM first." |
oliver@93 | 136 |
echo "starting OpenSecurity service..." |
oliver@93 | 137 |
net start "OpenSecurity Service" |
oliver@93 | 138 |
echo "OpenSecurity service started" |
oliver@91 | 139 |
exit 1 |
oliver@91 | 140 |
fi |
oliver@91 | 141 |
|
oliver@167 | 142 |
# kick useless IDE controller |
oliver@167 | 143 |
"${VBOX_MANAGER}" storagectl SecurityDVM --name IDE --remove |
oliver@167 | 144 |
|
oliver@91 | 145 |
# grab VM storage controller and port |
oliver@91 | 146 |
# |
oliver@91 | 147 |
VDISK_SETUP=$("${VBOX_MANAGER}" showvminfo SecurityDVM | grep SecurityDVM.vmdk | cut -d ':' -f 1 | tr '(),' ' ') |
oliver@91 | 148 |
VDISK_CONTROLLER=$(echo ${VDISK_SETUP} | gawk '{print $1;}') |
oliver@91 | 149 |
VDISK_PORT=$(echo ${VDISK_SETUP} | gawk '{print $2;}') |
oliver@91 | 150 |
VDISK_DEVICE=$(echo ${VDISK_SETUP} | gawk '{print $3;}') |
oliver@91 | 151 |
if [ -z "${VDISK_CONTROLLER}" ]; then |
oliver@91 | 152 |
echo "unable to grab virtual disk controller in VM." |
oliver@91 | 153 |
echo "this shouldn't happen. It's a bug." |
oliver@93 | 154 |
echo "starting OpenSecurity service..." |
oliver@93 | 155 |
net start "OpenSecurity Service" |
oliver@93 | 156 |
echo "OpenSecurity service started" |
oliver@91 | 157 |
exit 1 |
oliver@91 | 158 |
fi |
oliver@91 | 159 |
|
oliver@91 | 160 |
# detach disk image |
oliver@91 | 161 |
# |
BarthaM@171 | 162 |
echo "detaching disk image ..." |
BarthaM@171 | 163 |
"${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --medium none |
oliver@91 | 164 |
|
oliver@167 | 165 |
# turn disk image into normal |
oliver@91 | 166 |
# |
BarthaM@171 | 167 |
VDISK_PORT=0 |
BarthaM@171 | 168 |
VDISK_DEVICE=0 |
BarthaM@171 | 169 |
echo "turning disk image into normal ..." |
BarthaM@171 | 170 |
"${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --device ${VDISK_DEVICE} --type hdd --mtype normal --medium "${VDISK_IMAGE}" |
oliver@91 | 171 |
|
oliver@91 | 172 |
# detach disk image |
oliver@91 | 173 |
# |
BarthaM@216 | 174 |
echo "detach disk image ..." |
BarthaM@216 | 175 |
"${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --medium none |
oliver@91 | 176 |
|
oliver@91 | 177 |
# immutablize disk |
oliver@91 | 178 |
# |
BarthaM@216 | 179 |
echo "reattach immutable disk image ..." |
BarthaM@216 | 180 |
"${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --device ${VDISK_DEVICE} --type hdd --mtype immutable --medium "${VDISK_IMAGE}" |
oliver@91 | 181 |
|
oliver@91 | 182 |
echo "imported initial OsecVM.ova image" |
oliver@91 | 183 |
|
oliver@91 | 184 |
"${VBOX_MANAGER}" list vms |
oliver@91 | 185 |
|
oliver@91 | 186 |
echo "starting OpenSecurity service..." |
oliver@91 | 187 |
net start "OpenSecurity Service" |
oliver@91 | 188 |
echo "OpenSecurity service started" |
oliver@91 | 189 |
|
oliver@153 | 190 |
# run 1st update on image |
oliver@153 | 191 |
sleep 1 |
oliver@153 | 192 |
wget -q http://localhost:8080/update_template |
oliver@153 | 193 |