diff --git a/pandora_agents/pc/Win32/util/tentacle_server.exe b/pandora_agents/pc/Win32/util/tentacle_server.exe index fc0522d9b0..a1b10c214f 100644 Binary files a/pandora_agents/pc/Win32/util/tentacle_server.exe and b/pandora_agents/pc/Win32/util/tentacle_server.exe differ diff --git a/pandora_agents/pc/tentacle_server b/pandora_agents/pc/tentacle_server index 283324b5ff..3c940c0cac 100755 --- a/pandora_agents/pc/tentacle_server +++ b/pandora_agents/pc/tentacle_server @@ -102,7 +102,7 @@ my $SERVICE_NAME="Tentacle Server"; my $SERVICE_PARAMS=join(' ', @ARGV); # Program version -our $VERSION = '0.6.1'; +our $VERSION = '0.6.2'; # IPv4 address to listen on my @t_addresses = ('0', '0.0.0.0'); @@ -217,6 +217,7 @@ sub print_help { print ("\t-d\t\tRun as daemon.\n"); print ("\t-e cert\t\tOpenSSL certificate file. Enables SSL.\n"); print ("\t-f ca_cert\tVerify that the peer certificate is signed by a ca.\n"); + print ("\t-F config_file\tConfiguration file full path.\n"); print ("\t-h\t\tShow help.\n"); print ("\t-I\t\tEnable insecure operations (file listing and moving).\n"); print ("\t-i\t\tFilters.\n"); @@ -278,11 +279,13 @@ sub daemonize { ################################################################################ sub parse_options { my %opts; + my $CONF = {}; + my $token_value; my $tmp; my @t_addresses_tmp; # Get options - if (getopts ('a:b:c:de:f:g:hIi:k:l:m:op:qr:s:S:t:TvVwx:', \%opts) == 0 || defined ($opts{'h'})) { + if (getopts ('a:b:c:de:f:F:g:hIi:k:l:m:op:qr:s:S:t:TvVwx:', \%opts) == 0 || defined ($opts{'h'})) { print_help (); exit 1; } @@ -304,10 +307,16 @@ sub parse_options { } } + # Configuration file + if (defined($opts{'F'})) { + parse_config_file($opts{'F'}, $CONF); + } + # Address - if (defined ($opts{'a'})) { + $token_value = get_config_value($opts{'a'}, $CONF->{'addresses'}); + if (defined ($token_value)) { @t_addresses = (); - @t_addresses_tmp = split(/,/, $opts{'a'}); + @t_addresses_tmp = split(/,/, $token_value); foreach my $t_address (@t_addresses_tmp) { $t_address =~ s/^ *(.*?) *$/$1/; @@ -323,15 +332,17 @@ sub parse_options { } # Maximum simultaneous connections - if (defined ($opts{'c'})) { - $t_max_conn = $opts{'c'}; + $token_value = get_config_value($opts{'c'}, $CONF->{'max_connections'}); + if (defined ($token_value)) { + $t_max_conn = $token_value; if ($t_max_conn !~ /^\d+$/ || $t_max_conn < 1) { error ("Invalid number of maximum simultaneous connections."); } } # Run as daemon - if (defined ($opts{'d'})) { + $token_value = get_config_value($opts{'d'}, $CONF->{'daemon'}, 1); + if (defined ($token_value)) { if ($^ eq 'MSWin32') { error ("-d flag not available for this OS."); } @@ -340,11 +351,12 @@ sub parse_options { } # Enable SSL - if (defined ($opts{'e'})) { + $token_value = get_config_value($opts{'e'}, $CONF->{'ssl_cert'}); + if (defined ($token_value)) { require IO::Socket::SSL; - $t_ssl_cert = $opts{'e'}; + $t_ssl_cert = $token_value; if (! -f $t_ssl_cert) { error ("File $t_ssl_cert does not exist."); } @@ -353,21 +365,24 @@ sub parse_options { } # Verify peer certificate - if (defined ($opts{'f'})) { - $t_ssl_ca = $opts{'f'}; + $token_value = get_config_value($opts{'f'}, $CONF->{'ssl_ca'}); + if (defined ($token_value)) { + $t_ssl_ca = $token_value; if (! -f $t_ssl_ca) { error ("File $t_ssl_ca does not exist."); } } # Insecure mode - if (defined ($opts{'I'})) { + $token_value = get_config_value($opts{'I'}, $CONF->{'insecure'}, 1); + if (defined ($token_value)) { $t_insecure = 1; } # Filters (regexp:dir;regexp:dir...) - if (defined ($opts{'i'})) { - my @filters = split (';', $opts{'i'}); + $token_value = get_config_value($opts{'i'}, $CONF->{'filters'}); + if (defined ($token_value)) { + my @filters = split (';', $token_value); foreach my $filter (@filters) { my ($regexp, $dir) = split (':', $filter); next unless defined ($regexp) && defined ($dir); @@ -381,51 +396,58 @@ sub parse_options { } # SSL private key file - if (defined ($opts{'k'})) { - $t_ssl_key = $opts{'k'}; + $token_value = get_config_value($opts{'k'}, $CONF->{'ssl_key'}); + if (defined ($token_value)) { + $t_ssl_key = $token_value; if (! -f $t_ssl_key) { error ("File $t_ssl_key does not exist."); } } # Maximum file size - if (defined ($opts{'m'})) { - $t_max_size = $opts{'m'}; + $token_value = get_config_value($opts{'m'}, $CONF->{'max_size'}); + if (defined ($token_value)) { + $t_max_size = $token_value; if ($t_max_size !~ /^\d+$/ || $t_max_size < 1) { error ("Invalid maximum file size."); } } # File overwrite - if (defined ($opts{'o'})) { + $token_value = get_config_value($opts{'o'}, $CONF->{'overwrite'}, 1); + if (defined ($token_value)) { $t_overwrite = 1; } # Port - if (defined ($opts{'p'})) { - $t_port = $opts{'p'}; + $token_value = get_config_value($opts{'p'}, $CONF->{'port'}); + if (defined ($token_value)) { + $t_port = $token_value; if ($t_port !~ /^\d+$/ || $t_port < 1 || $t_port > 65535) { error ("Port $t_port is not valid."); } } # Quiet mode - if (defined ($opts{'q'})) { + $token_value = get_config_value($opts{'q'}, $CONF->{'quiet'}, 1); + if (defined ($token_value)) { $t_quiet = 1; } # Retries - if (defined ($opts{'r'})) { - $t_retries = $opts{'r'}; + $token_value = get_config_value($opts{'r'}, $CONF->{'retries'}); + if (defined ($token_value)) { + $t_retries = $token_value; if ($t_retries !~ /^\d+$/ || $t_retries < 1) { error ("Invalid number of retries for network operations."); } } # Storage directory - if (defined ($opts{'s'})) { + $token_value = get_config_value($opts{'s'}, $CONF->{'directory'}); + if (defined ($token_value)) { - $t_directory = $opts{'s'}; + $t_directory = $token_value; # Check that directory exists if (! -d $t_directory) { @@ -444,25 +466,36 @@ sub parse_options { } } else { - if (! defined($opts{'b'})) { + $token_value = get_config_value($opts{'b'}, $CONF->{'proxy_ip'}); + if (! defined($token_value)) { print_help (); exit 1; } } # Timeout - if (defined ($opts{'t'})) { - $t_timeout = $opts{'t'}; + $token_value = get_config_value($opts{'t'}, $CONF->{'timeout'}); + if (defined ($token_value)) { + $t_timeout = $token_value; if ($t_timeout !~ /^\d+$/ || $t_timeout < 1) { error ("Invalid timeout for network operations."); } } + # Read verbose from config file + if (defined($CONF->{'verbose'})) { + if ($CONF->{'verbose'} eq "1") { + $t_log = 1; + } elsif ($CONF->{'verbose'} eq "2") { + $t_log = 1; + $t_log_hard = 1; + } + } # Be verbose if (defined ($opts{'v'})) { $t_log = 1; + $t_log_hard = 0; } - # Be verbose hard if (defined ($opts{'V'})) { $t_log = 1; @@ -470,18 +503,21 @@ sub parse_options { } # SSL private key password - if (defined ($opts{'w'})) { + $token_value = get_config_value($opts{'w'}, $CONF->{'ssl_password'}, 1); + if (defined ($token_value)) { $t_ssl_pwd = ask_passwd ("Enter private key file password: ", "Enter private key file password again for confirmation: "); } # Server password - if (defined ($opts{'x'})) { - $t_pwd = $opts{'x'}; + $token_value = get_config_value($opts{'x'}, $CONF->{'password'}); + if (defined ($token_value)) { + $t_pwd = $token_value; } #Proxy IP address - if (defined ($opts{'b'})) { - $t_proxy_ip = $opts{'b'}; + $token_value = get_config_value($opts{'b'}, $CONF->{'proxy_ip'}); + if (defined ($token_value)) { + $t_proxy_ip = $token_value; if ($t_proxy_ip !~ /^[a-zA-Z\.]+$/ && ($t_proxy_ip !~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/ || $1 < 0 || $1 > 255 || $2 < 0 || $2 > 255 || $3 < 0 || $3 > 255 || $4 < 0 || $4 > 255) && @@ -491,15 +527,17 @@ sub parse_options { } # Proxy Port - if (defined ($opts{'g'})) { - $t_proxy_port = $opts{'g'}; + $token_value = get_config_value($opts{'g'}, $CONF->{'proxy_port'}); + if (defined ($token_value)) { + $t_proxy_port = $token_value; if ($t_proxy_port !~ /^\d+$/ || $t_proxy_port < 1 || $t_proxy_port > 65535) { error ("Proxy port $t_port is not valid."); } } # TCP wrappers support - if (defined ($opts{'T'})) { + $token_value = get_config_value($opts{'T'}, $CONF->{'use_libwrap'}, 1); + if (defined ($token_value)) { if ($t_libwrap_installed) { $t_use_libwrap = 1; } else { @@ -531,9 +569,76 @@ sub parse_options { } # Get the config file - if (defined ($opts{'l'})) { - $log_file = $opts{'l'}; + $token_value = get_config_value($opts{'l'}, $CONF->{'log_file'}); + if (defined ($token_value)) { + $log_file = $token_value; } + + # No command lines config values + + # Get the block size + if (defined ($CONF->{'block_size'})) { + if ($t_port !~ /^\d+$/ || $t_port < 1) { + error ("Invalid block size: " . $CONF->{'block_size'} . "."); + } + $t_block_size = $CONF->{'block_size'}; + } + + # Configuration file invalid chars + if (defined ($CONF->{'invalid_chars'})) { + $t_invalid_chars = $CONF->{'invalid_chars'}; + } +} + +################################################################################ +## SUB parse_config_file +## Get all options from a config file. +################################################################################ +sub parse_config_file { + my ($config_file, $CONF) = @_; + + # File should be writable + if (! -r $config_file) { + print "Configuration file $config_file is not readable.\n"; + return; + } + + # Open the file + my $FH; + if (! open ($FH, "< $config_file")) { + print "Cannot open configuration file $config_file.\n"; + return; + } + + # Read the file and only get the well formed lines + while (<$FH>) { + my $buffer_line = $_; + if ($buffer_line =~ /^[a-zA-Z]/){ # begins with letters + if ($buffer_line =~ m/([\w\-\_\.]+)\s+(.*)/){ + $CONF->{$1} = $2 unless $2 eq ""; + } + } + } + + close ($FH); + return; +} + +################################################################################ +## SUB parse_config_file +## Search in command line options and config hash from configuration file +## to get a value (command line is a priority) +################################################################################ +sub get_config_value { + my ($cmd_value, $conf_value, $bool) = @_; + $bool = 0 unless defined($bool); + + return $cmd_value if defined($cmd_value); + # The boolean type value is 1 or undef (0 should be translated like undefP) + if ($bool && defined($conf_value)) { + return undef if ($conf_value ne "1"); + } + return $conf_value; } ################################################################################ diff --git a/pandora_agents/unix/tentacle_server b/pandora_agents/unix/tentacle_server index 283324b5ff..3c940c0cac 100755 --- a/pandora_agents/unix/tentacle_server +++ b/pandora_agents/unix/tentacle_server @@ -102,7 +102,7 @@ my $SERVICE_NAME="Tentacle Server"; my $SERVICE_PARAMS=join(' ', @ARGV); # Program version -our $VERSION = '0.6.1'; +our $VERSION = '0.6.2'; # IPv4 address to listen on my @t_addresses = ('0', '0.0.0.0'); @@ -217,6 +217,7 @@ sub print_help { print ("\t-d\t\tRun as daemon.\n"); print ("\t-e cert\t\tOpenSSL certificate file. Enables SSL.\n"); print ("\t-f ca_cert\tVerify that the peer certificate is signed by a ca.\n"); + print ("\t-F config_file\tConfiguration file full path.\n"); print ("\t-h\t\tShow help.\n"); print ("\t-I\t\tEnable insecure operations (file listing and moving).\n"); print ("\t-i\t\tFilters.\n"); @@ -278,11 +279,13 @@ sub daemonize { ################################################################################ sub parse_options { my %opts; + my $CONF = {}; + my $token_value; my $tmp; my @t_addresses_tmp; # Get options - if (getopts ('a:b:c:de:f:g:hIi:k:l:m:op:qr:s:S:t:TvVwx:', \%opts) == 0 || defined ($opts{'h'})) { + if (getopts ('a:b:c:de:f:F:g:hIi:k:l:m:op:qr:s:S:t:TvVwx:', \%opts) == 0 || defined ($opts{'h'})) { print_help (); exit 1; } @@ -304,10 +307,16 @@ sub parse_options { } } + # Configuration file + if (defined($opts{'F'})) { + parse_config_file($opts{'F'}, $CONF); + } + # Address - if (defined ($opts{'a'})) { + $token_value = get_config_value($opts{'a'}, $CONF->{'addresses'}); + if (defined ($token_value)) { @t_addresses = (); - @t_addresses_tmp = split(/,/, $opts{'a'}); + @t_addresses_tmp = split(/,/, $token_value); foreach my $t_address (@t_addresses_tmp) { $t_address =~ s/^ *(.*?) *$/$1/; @@ -323,15 +332,17 @@ sub parse_options { } # Maximum simultaneous connections - if (defined ($opts{'c'})) { - $t_max_conn = $opts{'c'}; + $token_value = get_config_value($opts{'c'}, $CONF->{'max_connections'}); + if (defined ($token_value)) { + $t_max_conn = $token_value; if ($t_max_conn !~ /^\d+$/ || $t_max_conn < 1) { error ("Invalid number of maximum simultaneous connections."); } } # Run as daemon - if (defined ($opts{'d'})) { + $token_value = get_config_value($opts{'d'}, $CONF->{'daemon'}, 1); + if (defined ($token_value)) { if ($^ eq 'MSWin32') { error ("-d flag not available for this OS."); } @@ -340,11 +351,12 @@ sub parse_options { } # Enable SSL - if (defined ($opts{'e'})) { + $token_value = get_config_value($opts{'e'}, $CONF->{'ssl_cert'}); + if (defined ($token_value)) { require IO::Socket::SSL; - $t_ssl_cert = $opts{'e'}; + $t_ssl_cert = $token_value; if (! -f $t_ssl_cert) { error ("File $t_ssl_cert does not exist."); } @@ -353,21 +365,24 @@ sub parse_options { } # Verify peer certificate - if (defined ($opts{'f'})) { - $t_ssl_ca = $opts{'f'}; + $token_value = get_config_value($opts{'f'}, $CONF->{'ssl_ca'}); + if (defined ($token_value)) { + $t_ssl_ca = $token_value; if (! -f $t_ssl_ca) { error ("File $t_ssl_ca does not exist."); } } # Insecure mode - if (defined ($opts{'I'})) { + $token_value = get_config_value($opts{'I'}, $CONF->{'insecure'}, 1); + if (defined ($token_value)) { $t_insecure = 1; } # Filters (regexp:dir;regexp:dir...) - if (defined ($opts{'i'})) { - my @filters = split (';', $opts{'i'}); + $token_value = get_config_value($opts{'i'}, $CONF->{'filters'}); + if (defined ($token_value)) { + my @filters = split (';', $token_value); foreach my $filter (@filters) { my ($regexp, $dir) = split (':', $filter); next unless defined ($regexp) && defined ($dir); @@ -381,51 +396,58 @@ sub parse_options { } # SSL private key file - if (defined ($opts{'k'})) { - $t_ssl_key = $opts{'k'}; + $token_value = get_config_value($opts{'k'}, $CONF->{'ssl_key'}); + if (defined ($token_value)) { + $t_ssl_key = $token_value; if (! -f $t_ssl_key) { error ("File $t_ssl_key does not exist."); } } # Maximum file size - if (defined ($opts{'m'})) { - $t_max_size = $opts{'m'}; + $token_value = get_config_value($opts{'m'}, $CONF->{'max_size'}); + if (defined ($token_value)) { + $t_max_size = $token_value; if ($t_max_size !~ /^\d+$/ || $t_max_size < 1) { error ("Invalid maximum file size."); } } # File overwrite - if (defined ($opts{'o'})) { + $token_value = get_config_value($opts{'o'}, $CONF->{'overwrite'}, 1); + if (defined ($token_value)) { $t_overwrite = 1; } # Port - if (defined ($opts{'p'})) { - $t_port = $opts{'p'}; + $token_value = get_config_value($opts{'p'}, $CONF->{'port'}); + if (defined ($token_value)) { + $t_port = $token_value; if ($t_port !~ /^\d+$/ || $t_port < 1 || $t_port > 65535) { error ("Port $t_port is not valid."); } } # Quiet mode - if (defined ($opts{'q'})) { + $token_value = get_config_value($opts{'q'}, $CONF->{'quiet'}, 1); + if (defined ($token_value)) { $t_quiet = 1; } # Retries - if (defined ($opts{'r'})) { - $t_retries = $opts{'r'}; + $token_value = get_config_value($opts{'r'}, $CONF->{'retries'}); + if (defined ($token_value)) { + $t_retries = $token_value; if ($t_retries !~ /^\d+$/ || $t_retries < 1) { error ("Invalid number of retries for network operations."); } } # Storage directory - if (defined ($opts{'s'})) { + $token_value = get_config_value($opts{'s'}, $CONF->{'directory'}); + if (defined ($token_value)) { - $t_directory = $opts{'s'}; + $t_directory = $token_value; # Check that directory exists if (! -d $t_directory) { @@ -444,25 +466,36 @@ sub parse_options { } } else { - if (! defined($opts{'b'})) { + $token_value = get_config_value($opts{'b'}, $CONF->{'proxy_ip'}); + if (! defined($token_value)) { print_help (); exit 1; } } # Timeout - if (defined ($opts{'t'})) { - $t_timeout = $opts{'t'}; + $token_value = get_config_value($opts{'t'}, $CONF->{'timeout'}); + if (defined ($token_value)) { + $t_timeout = $token_value; if ($t_timeout !~ /^\d+$/ || $t_timeout < 1) { error ("Invalid timeout for network operations."); } } + # Read verbose from config file + if (defined($CONF->{'verbose'})) { + if ($CONF->{'verbose'} eq "1") { + $t_log = 1; + } elsif ($CONF->{'verbose'} eq "2") { + $t_log = 1; + $t_log_hard = 1; + } + } # Be verbose if (defined ($opts{'v'})) { $t_log = 1; + $t_log_hard = 0; } - # Be verbose hard if (defined ($opts{'V'})) { $t_log = 1; @@ -470,18 +503,21 @@ sub parse_options { } # SSL private key password - if (defined ($opts{'w'})) { + $token_value = get_config_value($opts{'w'}, $CONF->{'ssl_password'}, 1); + if (defined ($token_value)) { $t_ssl_pwd = ask_passwd ("Enter private key file password: ", "Enter private key file password again for confirmation: "); } # Server password - if (defined ($opts{'x'})) { - $t_pwd = $opts{'x'}; + $token_value = get_config_value($opts{'x'}, $CONF->{'password'}); + if (defined ($token_value)) { + $t_pwd = $token_value; } #Proxy IP address - if (defined ($opts{'b'})) { - $t_proxy_ip = $opts{'b'}; + $token_value = get_config_value($opts{'b'}, $CONF->{'proxy_ip'}); + if (defined ($token_value)) { + $t_proxy_ip = $token_value; if ($t_proxy_ip !~ /^[a-zA-Z\.]+$/ && ($t_proxy_ip !~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/ || $1 < 0 || $1 > 255 || $2 < 0 || $2 > 255 || $3 < 0 || $3 > 255 || $4 < 0 || $4 > 255) && @@ -491,15 +527,17 @@ sub parse_options { } # Proxy Port - if (defined ($opts{'g'})) { - $t_proxy_port = $opts{'g'}; + $token_value = get_config_value($opts{'g'}, $CONF->{'proxy_port'}); + if (defined ($token_value)) { + $t_proxy_port = $token_value; if ($t_proxy_port !~ /^\d+$/ || $t_proxy_port < 1 || $t_proxy_port > 65535) { error ("Proxy port $t_port is not valid."); } } # TCP wrappers support - if (defined ($opts{'T'})) { + $token_value = get_config_value($opts{'T'}, $CONF->{'use_libwrap'}, 1); + if (defined ($token_value)) { if ($t_libwrap_installed) { $t_use_libwrap = 1; } else { @@ -531,9 +569,76 @@ sub parse_options { } # Get the config file - if (defined ($opts{'l'})) { - $log_file = $opts{'l'}; + $token_value = get_config_value($opts{'l'}, $CONF->{'log_file'}); + if (defined ($token_value)) { + $log_file = $token_value; } + + # No command lines config values + + # Get the block size + if (defined ($CONF->{'block_size'})) { + if ($t_port !~ /^\d+$/ || $t_port < 1) { + error ("Invalid block size: " . $CONF->{'block_size'} . "."); + } + $t_block_size = $CONF->{'block_size'}; + } + + # Configuration file invalid chars + if (defined ($CONF->{'invalid_chars'})) { + $t_invalid_chars = $CONF->{'invalid_chars'}; + } +} + +################################################################################ +## SUB parse_config_file +## Get all options from a config file. +################################################################################ +sub parse_config_file { + my ($config_file, $CONF) = @_; + + # File should be writable + if (! -r $config_file) { + print "Configuration file $config_file is not readable.\n"; + return; + } + + # Open the file + my $FH; + if (! open ($FH, "< $config_file")) { + print "Cannot open configuration file $config_file.\n"; + return; + } + + # Read the file and only get the well formed lines + while (<$FH>) { + my $buffer_line = $_; + if ($buffer_line =~ /^[a-zA-Z]/){ # begins with letters + if ($buffer_line =~ m/([\w\-\_\.]+)\s+(.*)/){ + $CONF->{$1} = $2 unless $2 eq ""; + } + } + } + + close ($FH); + return; +} + +################################################################################ +## SUB parse_config_file +## Search in command line options and config hash from configuration file +## to get a value (command line is a priority) +################################################################################ +sub get_config_value { + my ($cmd_value, $conf_value, $bool) = @_; + $bool = 0 unless defined($bool); + + return $cmd_value if defined($cmd_value); + # The boolean type value is 1 or undef (0 should be translated like undefP) + if ($bool && defined($conf_value)) { + return undef if ($conf_value ne "1"); + } + return $conf_value; } ################################################################################ diff --git a/pandora_agents/win32/bin/util/tentacle_server.exe b/pandora_agents/win32/bin/util/tentacle_server.exe index fc0522d9b0..a1b10c214f 100644 Binary files a/pandora_agents/win32/bin/util/tentacle_server.exe and b/pandora_agents/win32/bin/util/tentacle_server.exe differ diff --git a/pandora_server/DEBIAN/make_deb_package.sh b/pandora_server/DEBIAN/make_deb_package.sh index 86b13949f9..b8817d452f 100644 --- a/pandora_server/DEBIAN/make_deb_package.sh +++ b/pandora_server/DEBIAN/make_deb_package.sh @@ -69,6 +69,7 @@ then mkdir -p temp_package/etc/init.d/ mkdir -p temp_package/lib/systemd/system/ mkdir -p temp_package/etc/pandora/ + mkdir -p temp_package/etc/tentacle/ mkdir -p temp_package/var/spool/pandora/data_in chmod 770 temp_package/var/spool/pandora/data_in mkdir -p temp_package/var/spool/pandora/data_in/conf @@ -82,6 +83,7 @@ then chmod 770 temp_package/var/spool/pandora/data_in/trans mkdir -p temp_package/var/log/pandora/ mkdir -p temp_package/usr/share/pandora_server/conf/ + mkdir -p temp_package/usr/share/tentacle_server/conf/ mkdir -p temp_package/usr/lib/perl5/ mkdir -p temp_package/usr/share/man/man1/ mkdir -p temp_package/etc/logrotate.d/ @@ -90,7 +92,8 @@ then cp -aRf bin/pandora_exec temp_package/usr/bin/pandora_exec.server cp -aRf bin/tentacle_server temp_package/usr/bin/ - cp -aRf conf/* temp_package/usr/share/pandora_server/conf/ + cp -aRf conf/pandora_* temp_package/usr/share/pandora_server/conf/ + cp -aRf conf/tentacle_* temp_package/usr/share/tentacle_server/conf/ cp -aRf util temp_package/usr/share/pandora_server/ cp -aRf lib/* temp_package/usr/lib/perl5/ cp -aRf AUTHORS COPYING README temp_package/usr/share/pandora_server/ diff --git a/pandora_server/DEBIAN/postinst b/pandora_server/DEBIAN/postinst index 0606e651c8..f25483eb62 100755 --- a/pandora_server/DEBIAN/postinst +++ b/pandora_server/DEBIAN/postinst @@ -71,7 +71,7 @@ chown -R pandora:www-data /var/spool/pandora/ echo "Creating setup directory in /etc/pandora" mkdir /etc/pandora 2> /dev/null -#Check if exist old conf file +#Check if exist old conf files if [ ! -e /etc/pandora/pandora_server.conf ] then cp /usr/share/pandora_server/conf/pandora_server.conf.new /etc/pandora/pandora_server.conf @@ -80,6 +80,14 @@ else cp /usr/share/pandora_server/conf/pandora_server.conf.new /etc/pandora/pandora_server.conf.new echo "Skipping creation of pandora_server.conf: there is already one." fi +if [ ! -e /etc/tentacle/tentacle_server.conf ] +then + cp /usr/share/tentacle_server/conf/tentacle_server.conf.new /etc/tentacle/tentacle_server.conf + chmod 664 /etc/tentacle/tentacle_server.conf +else + cp /usr/share/tentacle_server/conf/tentacle_server.conf.new /etc/tentacle/tentacle_server.conf.new + echo "Skipping creation of tentacle_server.conf: there is already one." +fi echo "Enabling start-up pandora & tentacle server daemons"; if [ -x `command -v systemctl` ]; then diff --git a/pandora_server/bin/tentacle_server b/pandora_server/bin/tentacle_server index 283324b5ff..3c940c0cac 100755 --- a/pandora_server/bin/tentacle_server +++ b/pandora_server/bin/tentacle_server @@ -102,7 +102,7 @@ my $SERVICE_NAME="Tentacle Server"; my $SERVICE_PARAMS=join(' ', @ARGV); # Program version -our $VERSION = '0.6.1'; +our $VERSION = '0.6.2'; # IPv4 address to listen on my @t_addresses = ('0', '0.0.0.0'); @@ -217,6 +217,7 @@ sub print_help { print ("\t-d\t\tRun as daemon.\n"); print ("\t-e cert\t\tOpenSSL certificate file. Enables SSL.\n"); print ("\t-f ca_cert\tVerify that the peer certificate is signed by a ca.\n"); + print ("\t-F config_file\tConfiguration file full path.\n"); print ("\t-h\t\tShow help.\n"); print ("\t-I\t\tEnable insecure operations (file listing and moving).\n"); print ("\t-i\t\tFilters.\n"); @@ -278,11 +279,13 @@ sub daemonize { ################################################################################ sub parse_options { my %opts; + my $CONF = {}; + my $token_value; my $tmp; my @t_addresses_tmp; # Get options - if (getopts ('a:b:c:de:f:g:hIi:k:l:m:op:qr:s:S:t:TvVwx:', \%opts) == 0 || defined ($opts{'h'})) { + if (getopts ('a:b:c:de:f:F:g:hIi:k:l:m:op:qr:s:S:t:TvVwx:', \%opts) == 0 || defined ($opts{'h'})) { print_help (); exit 1; } @@ -304,10 +307,16 @@ sub parse_options { } } + # Configuration file + if (defined($opts{'F'})) { + parse_config_file($opts{'F'}, $CONF); + } + # Address - if (defined ($opts{'a'})) { + $token_value = get_config_value($opts{'a'}, $CONF->{'addresses'}); + if (defined ($token_value)) { @t_addresses = (); - @t_addresses_tmp = split(/,/, $opts{'a'}); + @t_addresses_tmp = split(/,/, $token_value); foreach my $t_address (@t_addresses_tmp) { $t_address =~ s/^ *(.*?) *$/$1/; @@ -323,15 +332,17 @@ sub parse_options { } # Maximum simultaneous connections - if (defined ($opts{'c'})) { - $t_max_conn = $opts{'c'}; + $token_value = get_config_value($opts{'c'}, $CONF->{'max_connections'}); + if (defined ($token_value)) { + $t_max_conn = $token_value; if ($t_max_conn !~ /^\d+$/ || $t_max_conn < 1) { error ("Invalid number of maximum simultaneous connections."); } } # Run as daemon - if (defined ($opts{'d'})) { + $token_value = get_config_value($opts{'d'}, $CONF->{'daemon'}, 1); + if (defined ($token_value)) { if ($^ eq 'MSWin32') { error ("-d flag not available for this OS."); } @@ -340,11 +351,12 @@ sub parse_options { } # Enable SSL - if (defined ($opts{'e'})) { + $token_value = get_config_value($opts{'e'}, $CONF->{'ssl_cert'}); + if (defined ($token_value)) { require IO::Socket::SSL; - $t_ssl_cert = $opts{'e'}; + $t_ssl_cert = $token_value; if (! -f $t_ssl_cert) { error ("File $t_ssl_cert does not exist."); } @@ -353,21 +365,24 @@ sub parse_options { } # Verify peer certificate - if (defined ($opts{'f'})) { - $t_ssl_ca = $opts{'f'}; + $token_value = get_config_value($opts{'f'}, $CONF->{'ssl_ca'}); + if (defined ($token_value)) { + $t_ssl_ca = $token_value; if (! -f $t_ssl_ca) { error ("File $t_ssl_ca does not exist."); } } # Insecure mode - if (defined ($opts{'I'})) { + $token_value = get_config_value($opts{'I'}, $CONF->{'insecure'}, 1); + if (defined ($token_value)) { $t_insecure = 1; } # Filters (regexp:dir;regexp:dir...) - if (defined ($opts{'i'})) { - my @filters = split (';', $opts{'i'}); + $token_value = get_config_value($opts{'i'}, $CONF->{'filters'}); + if (defined ($token_value)) { + my @filters = split (';', $token_value); foreach my $filter (@filters) { my ($regexp, $dir) = split (':', $filter); next unless defined ($regexp) && defined ($dir); @@ -381,51 +396,58 @@ sub parse_options { } # SSL private key file - if (defined ($opts{'k'})) { - $t_ssl_key = $opts{'k'}; + $token_value = get_config_value($opts{'k'}, $CONF->{'ssl_key'}); + if (defined ($token_value)) { + $t_ssl_key = $token_value; if (! -f $t_ssl_key) { error ("File $t_ssl_key does not exist."); } } # Maximum file size - if (defined ($opts{'m'})) { - $t_max_size = $opts{'m'}; + $token_value = get_config_value($opts{'m'}, $CONF->{'max_size'}); + if (defined ($token_value)) { + $t_max_size = $token_value; if ($t_max_size !~ /^\d+$/ || $t_max_size < 1) { error ("Invalid maximum file size."); } } # File overwrite - if (defined ($opts{'o'})) { + $token_value = get_config_value($opts{'o'}, $CONF->{'overwrite'}, 1); + if (defined ($token_value)) { $t_overwrite = 1; } # Port - if (defined ($opts{'p'})) { - $t_port = $opts{'p'}; + $token_value = get_config_value($opts{'p'}, $CONF->{'port'}); + if (defined ($token_value)) { + $t_port = $token_value; if ($t_port !~ /^\d+$/ || $t_port < 1 || $t_port > 65535) { error ("Port $t_port is not valid."); } } # Quiet mode - if (defined ($opts{'q'})) { + $token_value = get_config_value($opts{'q'}, $CONF->{'quiet'}, 1); + if (defined ($token_value)) { $t_quiet = 1; } # Retries - if (defined ($opts{'r'})) { - $t_retries = $opts{'r'}; + $token_value = get_config_value($opts{'r'}, $CONF->{'retries'}); + if (defined ($token_value)) { + $t_retries = $token_value; if ($t_retries !~ /^\d+$/ || $t_retries < 1) { error ("Invalid number of retries for network operations."); } } # Storage directory - if (defined ($opts{'s'})) { + $token_value = get_config_value($opts{'s'}, $CONF->{'directory'}); + if (defined ($token_value)) { - $t_directory = $opts{'s'}; + $t_directory = $token_value; # Check that directory exists if (! -d $t_directory) { @@ -444,25 +466,36 @@ sub parse_options { } } else { - if (! defined($opts{'b'})) { + $token_value = get_config_value($opts{'b'}, $CONF->{'proxy_ip'}); + if (! defined($token_value)) { print_help (); exit 1; } } # Timeout - if (defined ($opts{'t'})) { - $t_timeout = $opts{'t'}; + $token_value = get_config_value($opts{'t'}, $CONF->{'timeout'}); + if (defined ($token_value)) { + $t_timeout = $token_value; if ($t_timeout !~ /^\d+$/ || $t_timeout < 1) { error ("Invalid timeout for network operations."); } } + # Read verbose from config file + if (defined($CONF->{'verbose'})) { + if ($CONF->{'verbose'} eq "1") { + $t_log = 1; + } elsif ($CONF->{'verbose'} eq "2") { + $t_log = 1; + $t_log_hard = 1; + } + } # Be verbose if (defined ($opts{'v'})) { $t_log = 1; + $t_log_hard = 0; } - # Be verbose hard if (defined ($opts{'V'})) { $t_log = 1; @@ -470,18 +503,21 @@ sub parse_options { } # SSL private key password - if (defined ($opts{'w'})) { + $token_value = get_config_value($opts{'w'}, $CONF->{'ssl_password'}, 1); + if (defined ($token_value)) { $t_ssl_pwd = ask_passwd ("Enter private key file password: ", "Enter private key file password again for confirmation: "); } # Server password - if (defined ($opts{'x'})) { - $t_pwd = $opts{'x'}; + $token_value = get_config_value($opts{'x'}, $CONF->{'password'}); + if (defined ($token_value)) { + $t_pwd = $token_value; } #Proxy IP address - if (defined ($opts{'b'})) { - $t_proxy_ip = $opts{'b'}; + $token_value = get_config_value($opts{'b'}, $CONF->{'proxy_ip'}); + if (defined ($token_value)) { + $t_proxy_ip = $token_value; if ($t_proxy_ip !~ /^[a-zA-Z\.]+$/ && ($t_proxy_ip !~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/ || $1 < 0 || $1 > 255 || $2 < 0 || $2 > 255 || $3 < 0 || $3 > 255 || $4 < 0 || $4 > 255) && @@ -491,15 +527,17 @@ sub parse_options { } # Proxy Port - if (defined ($opts{'g'})) { - $t_proxy_port = $opts{'g'}; + $token_value = get_config_value($opts{'g'}, $CONF->{'proxy_port'}); + if (defined ($token_value)) { + $t_proxy_port = $token_value; if ($t_proxy_port !~ /^\d+$/ || $t_proxy_port < 1 || $t_proxy_port > 65535) { error ("Proxy port $t_port is not valid."); } } # TCP wrappers support - if (defined ($opts{'T'})) { + $token_value = get_config_value($opts{'T'}, $CONF->{'use_libwrap'}, 1); + if (defined ($token_value)) { if ($t_libwrap_installed) { $t_use_libwrap = 1; } else { @@ -531,9 +569,76 @@ sub parse_options { } # Get the config file - if (defined ($opts{'l'})) { - $log_file = $opts{'l'}; + $token_value = get_config_value($opts{'l'}, $CONF->{'log_file'}); + if (defined ($token_value)) { + $log_file = $token_value; } + + # No command lines config values + + # Get the block size + if (defined ($CONF->{'block_size'})) { + if ($t_port !~ /^\d+$/ || $t_port < 1) { + error ("Invalid block size: " . $CONF->{'block_size'} . "."); + } + $t_block_size = $CONF->{'block_size'}; + } + + # Configuration file invalid chars + if (defined ($CONF->{'invalid_chars'})) { + $t_invalid_chars = $CONF->{'invalid_chars'}; + } +} + +################################################################################ +## SUB parse_config_file +## Get all options from a config file. +################################################################################ +sub parse_config_file { + my ($config_file, $CONF) = @_; + + # File should be writable + if (! -r $config_file) { + print "Configuration file $config_file is not readable.\n"; + return; + } + + # Open the file + my $FH; + if (! open ($FH, "< $config_file")) { + print "Cannot open configuration file $config_file.\n"; + return; + } + + # Read the file and only get the well formed lines + while (<$FH>) { + my $buffer_line = $_; + if ($buffer_line =~ /^[a-zA-Z]/){ # begins with letters + if ($buffer_line =~ m/([\w\-\_\.]+)\s+(.*)/){ + $CONF->{$1} = $2 unless $2 eq ""; + } + } + } + + close ($FH); + return; +} + +################################################################################ +## SUB parse_config_file +## Search in command line options and config hash from configuration file +## to get a value (command line is a priority) +################################################################################ +sub get_config_value { + my ($cmd_value, $conf_value, $bool) = @_; + $bool = 0 unless defined($bool); + + return $cmd_value if defined($cmd_value); + # The boolean type value is 1 or undef (0 should be translated like undefP) + if ($bool && defined($conf_value)) { + return undef if ($conf_value ne "1"); + } + return $conf_value; } ################################################################################ diff --git a/pandora_server/bin/tentacle_server.exe b/pandora_server/bin/tentacle_server.exe index fc0522d9b0..a1b10c214f 100644 Binary files a/pandora_server/bin/tentacle_server.exe and b/pandora_server/bin/tentacle_server.exe differ diff --git a/pandora_server/conf/tentacle_server.conf.new b/pandora_server/conf/tentacle_server.conf.new new file mode 100644 index 0000000000..d4ebe4a71f --- /dev/null +++ b/pandora_server/conf/tentacle_server.conf.new @@ -0,0 +1,75 @@ +########################################################################## +# Tentacle Server Parameters +# See https://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Tentacle +# for protocol description. +# Tentacle have IANA assigned port tpc/41121 as official port. +########################################################################## + +# [-a] IPv4 address to listen on. Several IPs cam be selected separating if by comma. +addresses 0.0.0.0 + +# [-p] Port to listen on +port 41121 + +# [-c] Maximum number of simultaneous connections +# max_connections 10 + +# [-d] Run as daemon. 1 true, 0 false +daemon 1 + +# [-i] Enable insecure mode +# insecure 0 + +# Filters (regexp:dir;regexp:dir...) +filters .*\.conf:conf;.*\.md5:md5;.*\.zip:collections;.*\.lock:trans + +# [-m] Maximum file size allowed by the server in bytes +#max_size 2000000 + +# [-o] Accept files with a repeated name +# overwrite 0 + +# [-q] Do not output error messages. +# quiet 0 + +# [-r] Number of retries for socket read/write operations +# retries 3 + +# [-s] Storage directory +directory /var/spool/pandora/data_in + +# [-b] Address to proxy client requests to +# proxy_ip 127.0.0.1 + +# [-g] Port to proxy client requests to +# proxy_port 41121 + +# [-t] Timeout for socket read/write operations in seconds +# timeout 1 + +# [-v and -V] Verbose level +# 0: Do not display any informative messages +# 1: Display only important messages [-v] +# 2: Display all messages [-V] +# verbose 0 + +# [-l] Log file +log_file /dev/null + +# [-x] Server password +# password PASSWORD + +# [-e] SSL certificate file full path +# ssl_cert /path/to/ssl/cert + +# [-f] SSL CA file full path +# ssl_ca /path/to/ssl/ca + +# [-k] SSL private key file +# ssl_key /path/to/private/key/file + +# [-w] SSL password. Set to 1 to ask for password by command line +# ssl_password 0 + +# [-T] Use libwrap library (Authen::Libwrap perl module) +# use_libwrap 0 \ No newline at end of file diff --git a/pandora_server/pandora_server.redhat.spec b/pandora_server/pandora_server.redhat.spec index 8a4ae99b2a..7b01f83a59 100644 --- a/pandora_server/pandora_server.redhat.spec +++ b/pandora_server/pandora_server.redhat.spec @@ -48,6 +48,7 @@ rm -rf $RPM_BUILD_ROOT mkdir -p $RPM_BUILD_ROOT%{_bindir}/ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pandora/ +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/tentacle/ mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/spool/pandora/data_in mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/spool/pandora/data_in/conf mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/spool/pandora/data_in/md5 @@ -81,6 +82,7 @@ rm -f $RPM_BUILD_ROOT%{prefix}/pandora_server/util/recon_scripts/PandoraFMS install -m 0644 util/pandora_server_logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/pandora_server install -m 0640 conf/pandora_server.conf.new $RPM_BUILD_ROOT%{_sysconfdir}/pandora/pandora_server.conf.new +install -m 0640 conf/tentacle_server.conf.new $RPM_BUILD_ROOT%{_sysconfdir}/tentacle/tentacle_server.conf.new mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sudoers.d chmod 0750 $RPM_BUILD_ROOT%{_sysconfdir}/sudoers.d @@ -119,8 +121,8 @@ if [ "$1" = 1 ]; then echo " " fi -# This will avoid pandora_server.conf overwritting on UPGRADES. - +# This will avoid confi files overwritting on UPGRADES. +# Main configuration file if [ ! -e "/etc/pandora/pandora_server.conf" ] then echo "Creating a new version of Pandora FMS Server config file at /etc/pandora/pandora_server.conf" @@ -130,6 +132,12 @@ else echo "An existing version of pandora_server.conf is found." cat /etc/pandora/pandora_server.conf > /etc/pandora/pandora_server.conf.old fi +# Tentacle server +if [ ! -e "/etc/tentacle/tentacle_server.conf" ] +then + echo "Creating a new version of Tentacle Server config file at /etc/tentacle/tentacle_server.conf" + cat /etc/tentacle/tentacle_server.conf.new > /etc/tentacle/tentacle_server.conf +fi echo "Don't forget to start Tentacle Server daemon if you want to receive" echo "data using tentacle" @@ -175,6 +183,9 @@ exit 0 %defattr(600,root,root) /etc/pandora/pandora_server.conf.new +%defattr(664,root,root) +/etc/tentacle/tentacle_server.conf.new + %defattr(-,pandora,apache,2770) %{_localstatedir}/spool/pandora %{_localstatedir}/spool/pandora/data_in diff --git a/pandora_server/pandora_server.spec b/pandora_server/pandora_server.spec index 629f9d0768..ab55ab882f 100644 --- a/pandora_server/pandora_server.spec +++ b/pandora_server/pandora_server.spec @@ -54,6 +54,7 @@ mkdir -p $RPM_BUILD_ROOT/usr/bin/ mkdir -p $RPM_BUILD_ROOT/usr/sbin/ mkdir -p $RPM_BUILD_ROOT/etc/init.d/ mkdir -p $RPM_BUILD_ROOT/etc/pandora/ +mkdir -p $RPM_BUILD_ROOT/etc/tentacle/ mkdir -p $RPM_BUILD_ROOT/var/spool/pandora/data_in mkdir -p $RPM_BUILD_ROOT/var/spool/pandora/data_in/conf mkdir -p $RPM_BUILD_ROOT/var/spool/pandora/data_in/md5 @@ -62,6 +63,7 @@ mkdir -p $RPM_BUILD_ROOT/var/spool/pandora/data_in/netflow mkdir -p $RPM_BUILD_ROOT/var/spool/pandora/data_in/trans mkdir -p $RPM_BUILD_ROOT/var/log/pandora/ mkdir -p $RPM_BUILD_ROOT%{prefix}/pandora_server/conf/ +mkdir -p $RPM_BUILD_ROOT%{prefix}/tentacle/conf/ mkdir -p $RPM_BUILD_ROOT/usr/lib/perl5/ mkdir -p $RPM_BUILD_ROOT/usr/share/man/man1/ @@ -70,8 +72,10 @@ cp -aRf bin/pandora_server $RPM_BUILD_ROOT/usr/bin/ cp -aRf bin/pandora_exec $RPM_BUILD_ROOT/usr/bin/ cp -aRf bin/tentacle_server $RPM_BUILD_ROOT/usr/bin/ -cp -aRf conf/* $RPM_BUILD_ROOT%{prefix}/pandora_server/conf/ +cp -aRf conf/pandora_* $RPM_BUILD_ROOT%{prefix}/pandora_server/conf/ cp -aRf conf/pandora_server.conf.new $RPM_BUILD_ROOT/etc/pandora/ +cp -aRf conf/tentacle_* $RPM_BUILD_ROOT%{prefix}/tentacle/conf/ +cp -aRf conf/tentacle_server.conf.new $RPM_BUILD_ROOT/etc/tentacle/ cp -aRf util $RPM_BUILD_ROOT%{prefix}/pandora_server/ cp -aRf lib/* $RPM_BUILD_ROOT/usr/lib/perl5/ cp -aRf AUTHORS COPYING README $RPM_BUILD_ROOT%{prefix}/pandora_server/ @@ -112,6 +116,8 @@ if [ ! -d /etc/pandora ] ; then mkdir -p /etc/pandora fi +# Avoid to overwrite config files on upgrades +# Main configuration files if [ ! -e "/etc/pandora/pandora_server.conf" ] then echo "Creating a new version of Pandora FMS Server config file at /etc/pandora/pandora_server.conf" @@ -121,6 +127,12 @@ else echo "An existing version of pandora_server.conf is found." cat /etc/pandora/pandora_server.conf > /etc/pandora/pandora_server.conf.old fi +# Tentacle config files +if [ ! -e "/etc/tentacle/tentacle_server.conf" ] +then + echo "Creating a new version of Tentacle Server config file at /etc/tentacle/tentacle_server.conf" + cat /etc/tentacle/tentacle_server.conf.new > /etc/tentacle/tentacle_server.conf +fi echo "Don't forget to start Tentacle Server daemon if you want to receive" echo "data using tentacle" @@ -152,6 +164,7 @@ rm -Rf %{prefix}pandora_server rm -Rf /var/log/pandora rm -Rf /usr/lib/perl5/PandoraFMS/ rm -Rf /etc/pandora/pandora_server.conf* +rm -Rf /etc/tentacle/tentacle_server.conf* rm -Rf /var/spool/pandora rm -Rf /etc/init.d/pandora_server /etc/init.d/tentacle_serverd rm -Rf /usr/bin/pandora_exec /usr/bin/pandora_server /usr/bin/tentacle_server @@ -174,6 +187,7 @@ rm -Rf /usr/share/man/man1/tentacle_server.1.gz %defattr(755,pandora,root,755) /usr/lib/perl5/PandoraFMS/ %{prefix}/pandora_server +%{prefix}/tentacle /var/log/pandora %defattr(-,pandora,www,2770) @@ -188,6 +202,9 @@ rm -Rf /usr/share/man/man1/tentacle_server.1.gz %defattr(-,pandora,root,750) /etc/pandora +%defattr(-,pandora,root,754) +/etc/tentacle + %defattr(644,pandora,root) /usr/share/man/man1/pandora_server.1.gz /usr/share/man/man1/tentacle_server.1.gz diff --git a/pandora_server/pandora_server_installer b/pandora_server/pandora_server_installer index 224870860f..89183c2f6a 100755 --- a/pandora_server/pandora_server_installer +++ b/pandora_server/pandora_server_installer @@ -27,6 +27,9 @@ TENTACLE_SERVER=/etc/init.d/tentacle_serverd PANDORA_CFG_FILE=$PANDORA_CFG_DIR/pandora_server.conf PANDORA_CFG_FILE_DIST=conf/pandora_server.conf.new PANDORA_INIT_SCRIPT=util/pandora_server +TENTACLE_CFG_DIR=/etc/tentacle +TENTACLE_CFG_FILE=$TENTACLE_CFG_DIR/tentacle_server.conf +TENTACLE_CFG_FILE_DIST=conf/tentacle_server.conf.new TENTACLE_INIT_SCRIPT=util/tentacle_serverd PERL=perl MANDIR=$PREFIX/share/man/man1 @@ -91,6 +94,8 @@ set_global_vars () { PANDORA_CFG_FILE=$PANDORA_CFG_DIR/pandora_server.conf PANDORA_CFG_FILE_DIST=$DISTRO/pandora_server.conf.new PANDORA_INIT_SCRIPT=$DISTRO/pandora_server + TENTACLE_CFG_DIR=$PREFIX/etc/tentacle + TENTACLE_CFG_FILE=$TENTACLE_CFG_DIR/tentacle_server.conf TENTACLE_INIT_SCRIPT=$DISTRO/tentacle_server MANDIR=$PREFIX/man/man1 INITDIR=$PREFIX/etc/rc.d @@ -103,6 +108,8 @@ set_global_vars () { PANDORA_HOME=$PREFIX/share/pandora_server PANDORA_CFG_DIR=$PREFIX/etc/pandora PANDORA_SERVER=/etc/rc.d/pandora_server + TENTACLE_CFG_DIR=$PREFIX/etc/tentacle + TENTACLE_CFG_FILE=$TENTACLE_CFG_DIR/tentacle_server.conf TENTACLE_SERVER=/etc/rc.d/tentacle_server PANDORA_CFG_FILE=$PANDORA_CFG_DIR/pandora_server.conf PANDORA_CFG_FILE_DIST=$DISTRO/pandora_server.conf.new @@ -361,6 +368,19 @@ install () { then # tentacle_server is already installed by "make install" install_startup_script -s 80 $TENTACLE_INIT_SCRIPT + + # Create the directory to locate the Tentacle configuration file + echo "Creating setup Tentacle directory in $TENTACLE_CFG_DIR" + mkdir -p $DESTDIR$TENTACLE_CFG_DIR 2> /dev/null + if [ -f "$DESTDIR$TENTACLE_CFG_FILE" ] + then + echo cp $TENTACLE_CFG_FILE_DIST $DESTDIR$TENTACLE_CFG_DIR + cp $TENTACLE_CFG_FILE_DIST $DESTDIR$TENTACLE_CFG_DIR + else + echo cp $TENTACLE_CFG_FILE_DIST $DESTDIR$TENTACLE_CFG_FILE + cp $TENTACLE_CFG_FILE_DIST $DESTDIR$TENTACLE_CFG_FILE + chmod 774 $DESTDIR$TENTACLE_CFG_FILE + fi echo "Installing Tentacle Server manual" cp man/man1/tentacle_server.1.gz $DESTDIR$MANDIR @@ -457,6 +477,8 @@ uninstall () { rm -Rf $DESTDIR$PANDORA_LOG 2> /dev/null rm -f $DESTDIR$PANDORA_CFG_FILE 2> /dev/null rm -f "$DESTDIR$PANDORA_CFG_FILE.new" 2> /dev/null + rm -f $DESTDIR$TENTACLE_CFG_FILE 2> /dev/null + rm -f "$DESTDIR$TENTACLE_CFG_FILE.new" 2> /dev/null rm -f $DESTDIR$PANDORA_SERVER 2> /dev/null rm -f $DESTDIR$PREFIX/bin/pandora_server 2> /dev/null rm -f $DESTDIR$PREFIX/bin/pandora_exec 2> /dev/null diff --git a/pandora_server/util/tentacle_serverd b/pandora_server/util/tentacle_serverd index fdfe3e0d67..0c0f35ff97 100755 --- a/pandora_server/util/tentacle_serverd +++ b/pandora_server/util/tentacle_serverd @@ -57,7 +57,7 @@ function get_pid { # in a "strech" term, ps aux don't report more than COLUMNS # characters and this will not work. COLUMNS=300 - TENTACLE_PID=`ps -Af | grep "$TENTACLE_PATH$TENTACLE_DAEMON" | grep "$TENTACLE_PORT" | grep -v grep | tail -1 | awk '{ print $2 }'` + TENTACLE_PID=`ps -Af | grep "$TENTACLE_PATH$TENTACLE_DAEMON" | grep "$TENTACLE_CONFIG_FILE" | grep -v grep | tail -1 | awk '{ print $2 }'` echo $TENTACLE_PID } @@ -71,18 +71,12 @@ function get_all_pid { echo $TENTACLE_PID } -# Pandora server settings -PANDORA_SERVER_PATH="/var/spool/pandora/data_in" - # Tentacle server settings TENTACLE_DAEMON="tentacle_server" TENTACLE_PATH="/usr/bin" TENTACLE_USER="pandora" - -TENTACLE_ADDR="0.0.0.0" -TENTACLE_PORT="41121" -TENTACLE_EXT_OPTS="-i.*\.conf:conf;.*\.md5:md5;.*\.zip:collections;.*\.lock:trans" -TENTACLE_LOG_FILE="/dev/null" +TENTACLE_CONFIG_FILE="/etc/tentacle/tentacle_server.conf" +TENTACLE_EXT_OPTS="" # Set umask to 0002, because group MUST have access to write files to # use remote file management on Pandora FMS Enterprise. @@ -90,7 +84,7 @@ TENTACLE_LOG_FILE="/dev/null" umask 0007 # Main script -TENTACLE_OPTS="-a $TENTACLE_ADDR -p $TENTACLE_PORT -s $PANDORA_SERVER_PATH $TENTACLE_EXT_OPTS -d -l $TENTACLE_LOG_FILE -v" +TENTACLE_OPTS="-F $TENTACLE_CONFIG_FILE $TENTACLE_EXT_OPTS" # Fix TENTACLE_PATH case "$TENTACLE_PATH" in @@ -114,7 +108,8 @@ case "$1" in echo "Tentacle Server is already running with PID $TENTACLE_PID" rc_exit # running start on a service already running fi - + + # Init the tentacle process sudo -u $TENTACLE_USER ${TENTACLE_PATH}$TENTACLE_DAEMON $TENTACLE_OPTS sleep 1 @@ -124,7 +119,7 @@ case "$1" in rc_status -v else echo "Tentacle Server could not be started." - echo "Verify that port $TENTACLE_PORT is not used." + echo "Verify that Tentacle port is not used." rc_failed 7 # program not running fi diff --git a/pandora_server/util/tentacle_serverd.service b/pandora_server/util/tentacle_serverd.service index 488bc3d4a8..e5c3bfad3e 100644 --- a/pandora_server/util/tentacle_serverd.service +++ b/pandora_server/util/tentacle_serverd.service @@ -4,7 +4,7 @@ After=network-online.target [Service] Type=forking -ExecStart=/usr/bin/tentacle_server -a 0.0.0.0 -p 41121 -s /var/spool/pandora/data_in -i.*\.conf:conf;.*\.md5:md5;.*\.zip:collections -d +ExecStart=/usr/bin/tentacle_server -F /etc/tentacle/tentacle_server.conf User=pandora [Install]