ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-19 04:58:00 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #602 from nsacyber/v3_issue_599

Browse Source 
Added check for existing aca.properties in the ACA setup files
This commit is contained in:
5B96790E3664F40075A67E6ADF737EDB15B4408DBC91A81228B31537B0CE3E26 2023-10-04 14:08:09 -04:00 committed by GitHub
commit 04381985ee
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
package/scripts/db/db_create.sh
View File

@ -41,8 +41,19 @@ source $SCRIPT_DIR/mysql_util.sh
source $ACA_PROP_FILE
check_mysql_root_pwd () {
# Check if DB root password needs to be obtained
# Check if DB root password needs to be obtained via env variable or existing property file
if [ -z "$HIRS_MYSQL_ROOT_PWD" ]; then
# Check if property file exists and look for properties
if [ -f $ACA_PROP_FILE ]; then
echo "Found existing aca.properties, using existing variables..."
source $ACA_PROP_FILE
if [ ! -z $hirs_pki_password ]; then PKI_PASS=$hirs_pki_password; fi
if [ ! -z $mysql_admin_password ]; then HIRS_MYSQL_ROOT_PWD=$mysql_admin_password; fi
if [ ! -z $hirs_db_password ]; then HIRS_DB_PWD=$hirs_db_password; fi
fi
fi
if [ -z $HIRS_MYSQL_ROOT_PWD ]; then
# Create a 32 character random password
echo "Using randomly generated password for the DB admin" | tee -a "$LOG_FILE"

19
package/scripts/pki/pki_setup.sh
View File

@ -21,15 +21,24 @@ SCRIPT_DIR=$( dirname -- "$( readlink -f -- "$0"; )"; )
mkdir -p $HIRS_CONF_DIR $LOG_DIR
echo "SCRIPT_DIR is $SCRIPT_DIR" | tee -a "$LOG_FILE"
if [ -z "$1" ]; then
if [ -z "$LOG_FILE" ]; then
LOG_FILE="$LOG_DIR$LOG_FILE_NAME"
echo "using log file $LOG_FILE" | tee -a "$LOG_FILE"
fi
if [ -z "$2" ]; then
PKI_PASS=$(head -c 64 /dev/urandom | md5sum | tr -dc 'a-zA-Z0-9')
echo "Using randomly generated password for the PKI key password" | tee -a "$LOG_FILE"
echo "Using pki password=$PKI_PASS"
if [ -z "$PKI_PASS" ]; then
if [ -f $ACA_PROP ]; then
source $ACA_PROP
if [ ! -z $hirs_pki_password ]; then
PKI_PASS=$hirs_pki_password
fi
fi
fi
if [ -z "$PKI_PASS" ]; then
PKI_PASS=$(head -c 64 /dev/urandom | md5sum | tr -dc 'a-zA-Z0-9')
echo "Using randomly generated password for the PKI key password" | tee -a "$LOG_FILE"
echo "Using pki password=$PKI_PASS"
fi
# Check for sudo or root user