3 # ------------------------------------------------------------
4 # install the initial VM for
6 # This has been originally a Windows only BAT file.
8 # ... but coding this makes your head hurt and
9 # supporting this "technology" any further by adding
10 # software to the world relying on CMD.exe is an act
11 # against humanity and should be punished by jail.
13 # Copyright 2013-2014 X-Net and AIT Austrian Institute of Technology
20 # https://www.x-net.at
22 # AIT Austrian Institute of Technology
23 # Donau City Strasse 1
26 # http://www.ait.ac.at
29 # Licensed under the Apache License, Version 2.0 (the "License");
30 # you may not use this file except in compliance with the License.
31 # You may obtain a copy of the License at
33 # http://www.apache.org/licenses/LICENSE-2.0
35 # Unless required by applicable law or agreed to in writing, software
36 # distributed under the License is distributed on an "AS IS" BASIS,
37 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
38 # See the License for the specific language governing permissions and
39 # limitations under the License.
40 # ------------------------------------------------------------
43 # ------------------------------------------------------------
46 # install the initial VM given by ${1}
49 # ------------------------------
50 # turns a windows path into a cygwin path
53 # stdout the value found
55 function sanitize_path() {
56 test -z "${1}" && return
57 echo $(cygpath -u "${1}")
61 # ------------------------------
65 # check if we do have elevated rights
66 # that is "Run as Administrator" invocation
67 echo 'checking privileges...'
68 id -G | grep 544 &> /dev/null
69 if [ "${?}" != 0 ]; then
70 echo "Insufficient privileges. Is this script executed with 'Run As Administrator'?"
71 echo "I'll try anyway..."
74 # check OpenSecurity Initial VM Image
76 echo "looking for VM image: ${1}..."
77 OSECVM_IMAGE=$(cygpath -u "${1}")
78 echo "looking for VM image: ${1}"
79 if [ ! -f "${OSECVM_IMAGE}" ]; then
80 echo "Warning: no OpenSecurity Initial Image found."
81 echo "Please download using the OpenSecurity download tool."
84 echo "initial VM image: ${1} found"
86 # look up VirtulBox installation
88 echo "looking up VirtualBox installation..."
89 VBOX_MANAGER="$(cat /proc/registry/HKEY_LOCAL_MACHINE/SOFTWARE/Oracle/VirtualBox/InstallDir)/VBoxManage.exe"
90 VBOX_MANAGER=$(sanitize_path "${VBOX_MANAGER}")
91 if [ ! -x "${VBOX_MANAGER}" ]; then
92 echo "can't execute VBoxManage.exe - is VirtualBox installed?"
93 echo "looked at: "$(cygpath -w ${VBOX_MANAGER})""
96 echo "VirtualBox found at: ${VBOX_MANAGER}"
98 # enforce VirtualBox to "feel good" by calling a function
99 # (that is to "warm up" VirtualBox DCOM server ...)
101 echo "grabing VBox machine folder..."
102 MACHINE_FOLDER=$("${VBOX_MANAGER}" list systemproperties | grep '^Default machine folder:' | sed 's/^Default machine folder: *//')
103 MACHINE_FOLDER=$(cygpath -u "${MACHINE_FOLDER}")
104 echo "machine folder: ${MACHINE_FOLDER}"
106 # we have to stop the OpenSecurity service now
107 # the VMManger does lock the SecurityDVMs so we can't
108 # change them when he's on
109 echo "stopping OpenSecurity service..."
110 net stop "OpenSecurity Service"
111 echo "OpenSecurity service stopped."
113 echo "After stopping we'll wait some time to let VirtualBox calm itself"
116 # do all stuff relativ to the given machinefolder
117 mkdir -p "${MACHINE_FOLDER}" &> /dev/null
118 pushd "${MACHINE_FOLDER}" &> /dev/null
119 if [ "$?" != "0" ]; then
120 echo "Failed to switch into machine folder."
124 # the Security VM disk image
125 VDISK_IMAGE="SecurityDVM/SecurityDVM.vmdk"
129 "${VBOX_MANAGER}" list vms | grep SecurityDVM &> /dev/null
130 if [ ! "${?}" = "0" ]; then
131 echo "importing VM: ${OSECVM_IMAGE}"
132 "${VBOX_MANAGER}" import "$(cygpath -w "${OSECVM_IMAGE}")" --vsys 0 --vmname SecurityDVM --unit 12 --disk "${VDISK_IMAGE}"
134 echo "found SecurityDVM already present in VBox reusing it."
135 echo "if you want a complete new import please remove the VM first."
136 echo "starting OpenSecurity service..."
137 net start "OpenSecurity Service"
138 echo "OpenSecurity service started"
142 # kick useless IDE controller
143 "${VBOX_MANAGER}" storagectl SecurityDVM --name IDE --remove
145 # grab VM storage controller and port
147 VDISK_SETUP=$("${VBOX_MANAGER}" showvminfo SecurityDVM | grep SecurityDVM.vmdk | cut -d ':' -f 1 | tr '(),' ' ')
148 VDISK_CONTROLLER=$(echo ${VDISK_SETUP} | gawk '{print $1;}')
149 VDISK_PORT=$(echo ${VDISK_SETUP} | gawk '{print $2;}')
150 VDISK_DEVICE=$(echo ${VDISK_SETUP} | gawk '{print $3;}')
151 if [ -z "${VDISK_CONTROLLER}" ]; then
152 echo "unable to grab virtual disk controller in VM."
153 echo "this shouldn't happen. It's a bug."
154 echo "starting OpenSecurity service..."
155 net start "OpenSecurity Service"
156 echo "OpenSecurity service started"
162 echo "detaching disk image ..."
163 "${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --medium none
165 # turn disk image into normal
169 echo "turning disk image into normal ..."
170 "${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --device ${VDISK_DEVICE} --type hdd --mtype normal --medium "${VDISK_IMAGE}"
174 echo "detach disk image ..."
175 "${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --medium none
179 echo "reattach immutable disk image ..."
180 "${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --device ${VDISK_DEVICE} --type hdd --mtype immutable --medium "${VDISK_IMAGE}"
182 echo "imported initial OsecVM.ova image"
184 "${VBOX_MANAGER}" list vms
186 echo "starting OpenSecurity service..."
187 net start "OpenSecurity Service"
188 echo "OpenSecurity service started"
190 # run 1st update on image
192 wget -q http://localhost:8080/update_template