minor adjustments for the deb package

2024-12-19 21:17:59 +00:00 · 2023-10-10 18:29:37 +00:00 · 2023-10-10 18:29:37 +00:00 · d968080a43
commit d968080a43
parent 80dc42dae5
4 changed files with 51 additions and 29 deletions
--- a/HIRS_AttestationCAPortal/build.gradle
+++ b/HIRS_AttestationCAPortal/build.gradle
@ -94,16 +94,16 @@ ospackage {
    }

    // Post Install
-    postInstall 'sh /opt/hirs/aca/scripts/aca/aca_setup.sh -u'
+    postInstall 'bash /opt/hirs/aca/scripts/aca/aca_setup.sh -u'
    // add chrontab to run ACA at boot
    postInstall 'echo "@reboot root /opt/hirs/aca/scripts/aca/aca_bootRun.sh -w" >> /etc/crontab'
    // run ACA after install
    postInstall '/opt/hirs/aca/scripts/aca/aca_bootRun.sh -w &'
    postInstall 'chmod +x /opt/hirs/aca/scripts/aca/*'
-    postInstall 'sh /opt/hirs/aca/scripts/aca/check_for_aca.sh'
+    postInstall 'bash /opt/hirs/aca/scripts/aca/check_for_aca.sh'

    // Uninstall
-    preUninstall 'sh /opt/hirs/aca/scripts/aca/aca_remove_setup.sh'
+    preUninstall 'bash /opt/hirs/aca/scripts/aca/aca_remove_setup.sh'
    postUninstall 'rm -rf /etc/hirs'

    buildRpm {
@ -111,6 +111,7 @@ ospackage {
    }

    buildDeb {
+        packageName = 'hirs-attestationca'
        arch = 'amd64'
    }
 }
--- a/package/scripts/db/db_create.sh
+++ b/package/scripts/db/db_create.sh
@ -45,7 +45,7 @@ source /etc/os-release
 if [ $ID = "ubuntu" ]; then 
   DB_SRV_CONF="/etc/mysql/mariadb.conf.d/50-server.cnf"
   DB_CLIENT_CONF="/etc/mysql/mariadb.conf.d/50-client.cnf"
-   echo log_error=/var/log/mysql/mariadb.log >> $DB_SRV_CONF
+   echo log_error=/var/log/mysql/mysqld.log >> $DB_SRV_CONF
 fi

 check_mysql_root_pwd () {
@ -97,10 +97,12 @@ set_mysql_server_tls () {
    # Make sure mysql can access them
    chown mysql:mysql $SSL_DB_SRV_CHAIN $SSL_DB_SRV_CERT $SSL_DB_SRV_KEY
    # Make selinux contexts for config files, if selinux is enabled
-    selinuxenabled
-    if [ $? -eq 0 ]; then
-       semanage fcontext -a -t mysqld_etc_t $DB_SRV_CONF  > /dev/null #adds the context type to file
-       restorecon -v -F $DB_SRV_CONF      > /dev/null                 # changes the file's context type
+    if [ $ID = "rhel" ]; then 
+        selinuxenabled
+        if [ $? -eq 0 ]; then
+           semanage fcontext -a -t mysqld_etc_t $DB_SRV_CONF  > /dev/null #adds the context type to file
+           restorecon -v -F $DB_SRV_CONF      > /dev/null                 # changes the file's context type
+       fi
    fi
  else
       echo "mysql.cnf contians existing entry for ssl, skipping..." | tee -a "$LOG_FILE"
@ -116,10 +118,12 @@ if [[ $(cat "$DB_CLIENT_CONF" | grep -c "HIRS") < 1 ]]; then
  echo "ssl_key=$SSL_DB_CLIENT_KEY" >> $DB_CLIENT_CONF
  chown mysql:mysql $SSL_DB_CLIENT_CHAIN $SSL_DB_CLIENT_CERT $SSL_DB_CLIENT_KEY 
  # Make selinux contexts for config files, if selinux is enabled
-  selinuxenabled
-  if [ $? -eq 0 ]; then
-      semanage fcontext -a -t mysqld_etc_t $DB_CLIENT_CONFf > /dev/null  #adds the context type to file
-      restorecon -F $DB_CLIENT_CONF                         > /dev/null #changes the file's context type
+   if [ $ID = "rhel" ]; then 
+      selinuxenabled
+      if [ $? -eq 0 ]; then
+          semanage fcontext -a -t mysqld_etc_t $DB_CLIENT_CONFf > /dev/null  #adds the context type to file
+         restorecon -F $DB_CLIENT_CONF                         > /dev/null #changes the file's context type
+      fi
  fi                           
 fi
 }
@ -193,6 +197,7 @@ check_for_container -p
 set_mysql_server_tls
 set_mysql_client_tls
 start_mysqlsd
+check_mysql
 check_mysql_root_pwd
 set_hirs_db_pwd
 create_hirs_db_with_tls
--- a/package/scripts/db/db_drop.sh
+++ b/package/scripts/db/db_drop.sh
@ -1,13 +1,14 @@
 #!/bin/bash

-SRV_CNF=/etc/my.cnf.d/mariadb-server.cnf
-CLIENT_CNF=/etc/my.cnf.d/client.cnf
+DB_SRV_CONF=/etc/my.cnf.d/mariadb-server.cnf
+DB_CLIENT_CONF=/etc/my.cnf.d/client.cnf
 SCRIPT_DIR=$( dirname -- "$( readlink -f -- "$0"; )";)
 LOG_FILE=/dev/null
 DB_ADMIN_PWD=$1

 #source /etc/hirs/aca/aca.properties;
 source $SCRIPT_DIR/mysql_util.sh
+source /etc/os-release 

 # Check for sudo or root user, not actually needed but a good idea 
 if [ "$EUID" -ne 0 ]
@ -15,6 +16,12 @@ if [ "$EUID" -ne 0 ]
     exit 1
 fi

+# Setup distro specifc paths and variables
+if [ $ID = "ubuntu" ]; then 
+   DB_SRV_CONF="/etc/mysql/mariadb.conf.d/50-server.cnf"
+   DB_CLIENT_CONF="/etc/mysql/mariadb.conf.d/50-client.cnf"
+fi
+
 if [ -d /opt/hirs/scripts/db ]; then
    MYSQL_DIR="/opt/hirs/scripts/db"
  else
@ -44,8 +51,8 @@ fi
 # Remove key , cert and truststore entries from client.cnf andf mariadb.cnf

 echo "Removing hirs cert references from mariadb configuration files"
-grep -v "hirs" $SRV_CNF > tmpfile && mv tmpfile $SRV_CNF
-grep -v "hirs" $CLIENT_CNF > tmpfile && mv tmpfile $CLIENT_CNF
+grep -v "hirs" $DB_SRV_CONF > tmpfile && mv tmpfile $DB_SRV_CONF
+grep -v "hirs" $DB_CLIENT_CONF > tmpfile && mv tmpfile $DB_CLIENT_CONF

 echo "restarting mariadb"

--- a/package/scripts/db/mysql_util.sh
+++ b/package/scripts/db/mysql_util.sh
@ -40,8 +40,13 @@ check_mariadb_install () {
 # Starts mariadb during intial install 
 start_mysqlsd () {
  PRINT_STATUS=$1
+  PROCESS="mysqld"
+  source /etc/os-release 
+  if [ $ID = "ubuntu" ]; then 
+     PROCESS="mariadb"
+  fi
   # Check if mysql is already running, if not initialize
-   if [[ $(pgrep -c -u mysql mysqld) -eq 0 ]]; then
+   if [[ $(pgrep -c -u mysql $PROCESS) -eq 0 ]]; then
   # Check if running in a container
      if [ $DOCKER_CONTAINER  = true ]; then
      # if in Docker container, avoid services that invoke the D-Bus
@ -70,13 +75,6 @@ start_mysqlsd () {
       fi
     fi # non contanier mysql start
   fi   
-  # Wait for mysql to start before continuing.
-  if [[ $PRINT_STATUS == "-p" ]]; then  echo "Checking mysqld status..."| tee -a "$LOG_FILE"; fi
-  while ! mysqladmin ping -h "$localhost" --silent; do
-  sleep 1;
-  done
-
- if [[ $PRINT_STATUS == "-p" ]]; then  echo "mysqld is running."| tee -a "$LOG_FILE"; fi
 }

 # Basic check for marai db status, attempts restart if not running
@ -95,12 +93,23 @@ check_mysql () {
    fi
  fi

- # Wait for mysql to start before continuing.

-  while ! mysqladmin ping -h "$localhost" --silent; do
-     sleep 1;
+# Wait for mysql to start before continuing.
+  count=1;
+  if [[ $PRINT_STATUS == "-p" ]]; then  echo "Checking mysqld status..."| tee -a "$LOG_FILE"; fi
+
+  until mysqladmin ping -h "localhost" --silent ; do
+  ((count++))
+  if [[ $count -gt 20 ]]; then
+     break;
+  fi
+  sleep 1;
  done
-  echo "   Mariadb is running."
+   if [[ $count -gt 20 ]]; then
+     echo "Timed out waiting for Mariadb to respond"
+   else
+     echo "Mariadb started"
+  fi
 }

 # Check for mysql root password , abort if not available 
@ -164,4 +173,4 @@ mysqld_reboot () {
  sleep 2
  check_for_container
  start_mysqlsd
-}
+}