3 # ------------------------------------------------------------
4 # install the initial VM for
8 # This has been originally a Windows only BAT file.
10 # ... but coding this makes your head hurt and
11 # supporting this "technology" any further by adding
12 # software to the world relying on CMD.exe is an act
13 # against humanity and should be punished by jail.
15 # (C)opyright 2014, AIT Austrian Instiitute of Technology
16 # ------------------------------------------------------------
19 # ------------------------------------------------------------
22 # install the initial VM given by ${1}
25 # ------------------------------
26 # turns a windows path into a cygwin path
29 # stdout the value found
31 function sanitize_path() {
32 test -z "${1}" && return
33 echo $(cygpath -u "${1}")
37 # ------------------------------
41 # check if we do have elevated rights
42 # that is "Run as Administrator" invocation
43 echo 'checking privileges...'
44 id -G | grep 544 &> /dev/null
45 if [ "${?}" != 0 ]; then
46 echo "Insufficient privileges. Is this script executed with 'Run As Administrator'?"
47 echo "I'll try anyway..."
50 # check OpenSecurity Initial VM Image
52 echo "looking for VM image: ${1}..."
53 OSECVM_IMAGE=$(cygpath -u "${1}")
54 echo "looking for VM image: ${1}"
55 if [ ! -f "${OSECVM_IMAGE}" ]; then
56 echo "Warning: no OpenSecurity Initial Image found."
57 echo "Please download using the OpenSecurity download tool."
60 echo "initial VM image: ${1} found"
62 # look up VirtulBox installation
64 echo "looking up VirtualBox installation..."
65 VBOX_MANAGER="$(cat /proc/registry/HKEY_LOCAL_MACHINE/SOFTWARE/Oracle/VirtualBox/InstallDir)/VBoxManage.exe"
66 VBOX_MANAGER=$(sanitize_path "${VBOX_MANAGER}")
67 if [ ! -x "${VBOX_MANAGER}" ]; then
68 echo "can't execute VBoxManage.exe - is VirtualBox installed?"
69 echo "looked at: "$(cygpath -w ${VBOX_MANAGER})""
72 echo "VirtualBox found at: ${VBOX_MANAGER}"
74 # enforce VirtualBox to "feel good" by calling a function
75 # (that is to "warm up" VirtualBox DCOM server ...)
77 echo "grabing VBox machine folder..."
78 MACHINE_FOLDER=$("${VBOX_MANAGER}" list systemproperties | grep '^Default machine folder:' | sed 's/^Default machine folder: *//')
79 MACHINE_FOLDER=$(cygpath -u "${MACHINE_FOLDER}")
80 echo "machine folder: ${MACHINE_FOLDER}"
82 # we have to stop the OpenSecurity service now
83 # the VMManger does lock the SecurityDVMs so we can't
84 # change them when he's on
85 echo "stopping OpenSecurity service..."
86 net stop "OpenSecurity Service"
87 echo "OpenSecurity service stopped."
89 echo "After stopping we'll wait some time to let VirtualBox calm itself"
92 # do all stuff relativ to the given machinefolder
93 mkdir -p "${MACHINE_FOLDER}" &> /dev/null
94 pushd "${MACHINE_FOLDER}" &> /dev/null
95 if [ "$?" != "0" ]; then
96 echo "Failed to switch into machine folder."
100 # the Security VM disk image
101 VDISK_IMAGE="SecurityDVM/SecurityDVM.vmdk"
105 "${VBOX_MANAGER}" list vms | grep SecurityDVM &> /dev/null
106 if [ ! "${?}" = "0" ]; then
107 echo "importing VM: ${OSECVM_IMAGE}"
108 "${VBOX_MANAGER}" import "$(cygpath -w "${OSECVM_IMAGE}")" --vsys 0 --vmname SecurityDVM --unit 12 --disk "${VDISK_IMAGE}"
110 echo "found SecurityDVM already present in VBox reusing it."
111 echo "if you want a complete new import please remove the VM first."
112 echo "starting OpenSecurity service..."
113 net start "OpenSecurity Service"
114 echo "OpenSecurity service started"
118 # kick useless IDE controller
119 "${VBOX_MANAGER}" storagectl SecurityDVM --name IDE --remove
121 # grab VM storage controller and port
123 VDISK_SETUP=$("${VBOX_MANAGER}" showvminfo SecurityDVM | grep SecurityDVM.vmdk | cut -d ':' -f 1 | tr '(),' ' ')
124 VDISK_CONTROLLER=$(echo ${VDISK_SETUP} | gawk '{print $1;}')
125 VDISK_PORT=$(echo ${VDISK_SETUP} | gawk '{print $2;}')
126 VDISK_DEVICE=$(echo ${VDISK_SETUP} | gawk '{print $3;}')
127 if [ -z "${VDISK_CONTROLLER}" ]; then
128 echo "unable to grab virtual disk controller in VM."
129 echo "this shouldn't happen. It's a bug."
130 echo "starting OpenSecurity service..."
131 net start "OpenSecurity Service"
132 echo "OpenSecurity service started"
138 echo "detaching disk image ..."
139 "${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --medium none
141 # turn disk image into normal
145 echo "turning disk image into normal ..."
146 "${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --device ${VDISK_DEVICE} --type hdd --mtype normal --medium "${VDISK_IMAGE}"
150 echo "detach disk image ..."
151 "${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --medium none
155 echo "reattach immutable disk image ..."
156 "${VBOX_MANAGER}" storageattach SecurityDVM --storagectl ${VDISK_CONTROLLER} --port ${VDISK_PORT} --device ${VDISK_DEVICE} --type hdd --mtype immutable --medium "${VDISK_IMAGE}"
158 echo "imported initial OsecVM.ova image"
160 "${VBOX_MANAGER}" list vms
162 echo "starting OpenSecurity service..."
163 net start "OpenSecurity Service"
164 echo "OpenSecurity service started"
166 # run 1st update on image
168 wget -q http://localhost:8080/update_template