From 110f6fe0b5dbd62213ceb2376e76afafebcd1631 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sat, 26 Dec 2015 14:22:25 +0000 Subject: [PATCH] Separate date update script --- src/freedombone | 104 ++----------------------------- src/freedombone-update-date | 119 ++++++++++++++++++++++++++++++++++++ 2 files changed, 125 insertions(+), 98 deletions(-) create mode 100755 src/freedombone-update-date diff --git a/src/freedombone b/src/freedombone index 1cbc986e..c631aa6d 100755 --- a/src/freedombone +++ b/src/freedombone @@ -3584,115 +3584,23 @@ function time_synchronisation { return fi - # remove any previous version of tlsdate compiled from source - reinstall_tlsdate="no" - if [ -d $INSTALL_DIR/tlsdate ]; then - if [ -f /usr/bin/tlsdate ]; then - echo 'Removing previous tlsdate install' - rm -rf $INSTALL_DIR/tlsdate - rm -f /usr/bin/tlsdate - reinstall_tlsdate="yes" - echo 'Reinstalling tlsdate' - fi + if [ -f /usr/local/bin/${PROJECT_NAME}-update-date ]; then + cp /usr/local/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate + else + cp /usr/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate fi + chmod +x /usr/bin/updatedate if grep -Fxq "time_synchronisation" $COMPLETION_FILE; then - if [[ $reinstall_tlsdate == "no" ]]; then - return - fi + return fi apt-get -y install tlsdate apt-get -y remove ntpdate - echo '#!/bin/bash' > /usr/bin/updatedate - echo "TIMESOURCE='${TLS_TIME_SOURCE1}'" >> /usr/bin/updatedate - echo "TIMESOURCE2='${TLS_TIME_SOURCE2}'" >> /usr/bin/updatedate - echo "COMPLETION_FILE=$COMPLETION_FILE" >> /usr/bin/updatedate - echo 'LOGFILE=/var/log/tlsdate.log' >> /usr/bin/updatedate - echo 'TIMEOUT=5' >> /usr/bin/updatedate - echo 'if grep -q "Admin user" $COMPLETION_FILE; then' >> /usr/bin/updatedate - echo -n ' ADMIN_USER=$(cat $COMPLETION_FILE | grep "Admin user" | ' >> /usr/bin/updatedate - echo -n "awk -F ':' '{print " >> /usr/bin/updatedate - echo -n '$2' >> /usr/bin/updatedate - echo "}')" >> /usr/bin/updatedate - echo ' EMAIL=$ADMIN_USER@$HOSTNAME' >> /usr/bin/updatedate - echo 'else' >> /usr/bin/updatedate - echo " EMAIL=$MY_EMAIL_ADDRESS" >> /usr/bin/updatedate - echo 'fi' >> /usr/bin/updatedate - echo '# File which contains the previous date as a number' >> /usr/bin/updatedate - echo 'BEFORE_DATE_FILE=/var/log/tlsdateprevious.txt' >> /usr/bin/updatedate - echo '# File which contains the previous date as a string' >> /usr/bin/updatedate - echo 'BEFORE_FULLDATE_FILE=/var/log/tlsdate.txt' >> /usr/bin/updatedate - echo 'DATE_BEFORE=$(date)' >> /usr/bin/updatedate - echo 'BEFORE=$(date "+%s")' >> /usr/bin/updatedate - echo 'BACKWARDS_BETWEEN=0' >> /usr/bin/updatedate - echo 're="^[0-9]+$"' >> /usr/bin/updatedate - echo '# If the date was previously set' >> /usr/bin/updatedate - echo 'if [ -s "$BEFORE_DATE_FILE" ]; then' >> /usr/bin/updatedate - echo ' filesize=$(wc -c "$BEFORE_DATE_FILE" | cut -f 1 -d " ")' >> /usr/bin/updatedate - echo ' if [ $filesize -ge 5 ]; then' >> /usr/bin/updatedate - echo ' BEFORE_FILE=$(cat $BEFORE_DATE_FILE)' >> /usr/bin/updatedate - echo ' if [[ $BEFORE_FILE =~ $re ]]; then' >> /usr/bin/updatedate - echo ' BEFORE_FULLDATE=$(cat $BEFORE_FULLDATE_FILE)' >> /usr/bin/updatedate - echo ' # is the date going backwards?' >> /usr/bin/updatedate - echo ' if (( $BEFORE_FILE > $BEFORE )); then' >> /usr/bin/updatedate - echo ' echo -n "Date went backwards between tlsdate updates. " >> $LOGFILE' >> /usr/bin/updatedate - echo ' echo -n "$BEFORE_FILE > $BEFORE, " >> $LOGFILE' >> /usr/bin/updatedate - echo ' echo "$BEFORE_FULLDATE > $DATE_BEFORE" >> $LOGFILE' >> /usr/bin/updatedate - echo ' # Send a warning email' >> /usr/bin/updatedate - echo ' echo $(tail $LOGFILE -n 2) | mail -s "tlsdate anomaly" $EMAIL' >> /usr/bin/updatedate - echo ' # Try another time source' >> /usr/bin/updatedate - echo ' TIMESOURCE=$TIMESOURCE2' >> /usr/bin/updatedate - echo ' # try running without any parameters' >> /usr/bin/updatedate - echo ' tlsdate >> $LOGFILE' >> /usr/bin/updatedate - echo ' BACKWARDS_BETWEEN=1' >> /usr/bin/updatedate - echo ' fi' >> /usr/bin/updatedate - echo ' fi' >> /usr/bin/updatedate - echo ' fi' >> /usr/bin/updatedate - echo 'fi' >> /usr/bin/updatedate - echo '# Set the date' >> /usr/bin/updatedate - echo '/usr/bin/timeout $TIMEOUT tlsdate -l -t -H $TIMESOURCE -p 443 >> $LOGFILE' >> /usr/bin/updatedate - echo 'DATE_AFTER=$(date)' >> /usr/bin/updatedate - echo 'AFTER=$(date "+%s")' >> /usr/bin/updatedate - echo '# After setting the date did it go backwards?' >> /usr/bin/updatedate - echo 'if (( $AFTER < $BEFORE )); then' >> /usr/bin/updatedate - echo ' echo "Incorrect date: $DATE_BEFORE -> $DATE_AFTER" >> $LOGFILE' >> /usr/bin/updatedate - echo ' # Send a warning email' >> /usr/bin/updatedate - echo ' echo $(tail $LOGFILE -n 2) | mail -s "tlsdate anomaly" $EMAIL' >> /usr/bin/updatedate - echo ' # Try resetting the date from another time source' >> /usr/bin/updatedate - echo ' /usr/bin/timeout $TIMEOUT tlsdate -l -t -H $TIMESOURCE2 -p 443 >> $LOGFILE' >> /usr/bin/updatedate - echo ' DATE_AFTER=$(date)' >> /usr/bin/updatedate - echo ' AFTER=$(date "+%s")' >> /usr/bin/updatedate - echo 'else' >> /usr/bin/updatedate - echo ' echo -n $TIMESOURCE >> $LOGFILE' >> /usr/bin/updatedate - echo ' if [ -s "$BEFORE_DATE_FILE" ]; then' >> /usr/bin/updatedate - echo ' echo -n " " >> $LOGFILE' >> /usr/bin/updatedate - echo ' echo -n $BEFORE_FILE >> $LOGFILE' >> /usr/bin/updatedate - echo ' fi' >> /usr/bin/updatedate - echo ' echo -n " " >> $LOGFILE' >> /usr/bin/updatedate - echo ' echo -n $BEFORE >> $LOGFILE' >> /usr/bin/updatedate - echo ' echo -n " " >> $LOGFILE' >> /usr/bin/updatedate - echo ' echo -n $AFTER >> $LOGFILE' >> /usr/bin/updatedate - echo ' echo -n " " >> $LOGFILE' >> /usr/bin/updatedate - echo ' echo $DATE_AFTER >> $LOGFILE' >> /usr/bin/updatedate - echo 'fi' >> /usr/bin/updatedate - echo '# Log the last date' >> /usr/bin/updatedate - echo 'if [[ $BACKWARDS_BETWEEN == 0 ]]; then' >> /usr/bin/updatedate - echo ' echo "$AFTER" > $BEFORE_DATE_FILE' >> /usr/bin/updatedate - echo ' echo "$DATE_AFTER" > $BEFORE_FULLDATE_FILE' >> /usr/bin/updatedate - echo ' exit 0' >> /usr/bin/updatedate - echo 'else' >> /usr/bin/updatedate - echo ' exit 1' >> /usr/bin/updatedate - echo 'fi' >> /usr/bin/updatedate - chmod +x /usr/bin/updatedate echo '*/15 * * * * root /usr/bin/updatedate' >> /etc/crontab service cron restart - if [[ $reinstall_tlsdate != "no" ]]; then - echo 'tlsdate was reinstalled' - fi - echo 'time_synchronisation' >> $COMPLETION_FILE } diff --git a/src/freedombone-update-date b/src/freedombone-update-date new file mode 100755 index 00000000..1e7c618c --- /dev/null +++ b/src/freedombone-update-date @@ -0,0 +1,119 @@ +#!/bin/bash +# +# .---. . . +# | | | +# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. +# | | (.-' (.-' ( | ( )| | | | )( )| | (.-' +# ' ' --' --' -' - -' ' ' -' -' -' ' - --' +# +# Freedom in the Cloud +# +# Updates the date + +# License +# ======= +# +# Copyright (C) 2015 Bob Mottram +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +PROJECT_NAME='freedombone' + +export TEXTDOMAIN=${PROJECT_NAME}-update-date +export TEXTDOMAINDIR="/usr/share/locale" + +COMPLETION_FILE=/root/${PROJECT_NAME}-completed.txt +TIMESOURCE='google.com' +TIMESOURCE2='www.ptb.de' +LOGFILE=/var/log/tlsdate.log +TIMEOUT=5 +EMAIL= +if grep -q "Admin user" $COMPLETION_FILE; then + ADMIN_USER=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}') + EMAIL=$ADMIN_USER@$HOSTNAME +fi + +# File which contains the previous date as a number +BEFORE_DATE_FILE=/var/log/tlsdateprevious.txt + +# File which contains the previous date as a string +BEFORE_FULLDATE_FILE=/var/log/tlsdate.txt +DATE_BEFORE=$(date) +BEFORE=$(date "+%s") +BACKWARDS_BETWEEN=0 +re="^[0-9]+$" + +# If the date was previously set +if [ -s "$BEFORE_DATE_FILE" ]; then + filesize=$(wc -c "$BEFORE_DATE_FILE" | cut -f 1 -d " ") + if [ $filesize -ge 5 ]; then + BEFORE_FILE=$(cat $BEFORE_DATE_FILE) + if [[ $BEFORE_FILE =~ $re ]]; then + BEFORE_FULLDATE=$(cat $BEFORE_FULLDATE_FILE) + # is the date going backwards? + if (( $BEFORE_FILE > $BEFORE )); then + echo -n $"Date went backwards between tlsdate updates. " >> $LOGFILE + echo -n "$BEFORE_FILE > $BEFORE, " >> $LOGFILE + echo "$BEFORE_FULLDATE > $DATE_BEFORE" >> $LOGFILE + # Send a warning email + if [ $EMAIL ]; then + echo $(tail $LOGFILE -n 2) | mail -s $"tlsdate anomaly" $EMAIL + fi + # Try another time source + TIMESOURCE=$TIMESOURCE2 + # try running without any parameters + tlsdate >> $LOGFILE + BACKWARDS_BETWEEN=1 + fi + fi + fi +fi + +# Set the date +/usr/bin/timeout $TIMEOUT tlsdate -l -t -H $TIMESOURCE -p 443 >> $LOGFILE +DATE_AFTER=$(date) +AFTER=$(date "+%s") + +# After setting the date did it go backwards? +if (( $AFTER < $BEFORE )); then + echo $"Incorrect date: $DATE_BEFORE -> $DATE_AFTER" >> $LOGFILE + # Send a warning email + if [ $EMAIL ]; then + echo $(tail $LOGFILE -n 2) | mail -s $"tlsdate anomaly" $EMAIL + fi + # Try resetting the date from another time source + /usr/bin/timeout $TIMEOUT tlsdate -l -t -H $TIMESOURCE2 -p 443 >> $LOGFILE + DATE_AFTER=$(date) + AFTER=$(date "+%s") +else + echo -n $TIMESOURCE >> $LOGFILE + if [ -s "$BEFORE_DATE_FILE" ]; then + echo -n " " >> $LOGFILE + echo -n $BEFORE_FILE >> $LOGFILE + fi + echo -n " " >> $LOGFILE + echo -n $BEFORE >> $LOGFILE + echo -n " " >> $LOGFILE + echo -n $AFTER >> $LOGFILE + echo -n " " >> $LOGFILE + echo $DATE_AFTER >> $LOGFILE +fi + +# Log the last date +if [[ $BACKWARDS_BETWEEN == 0 ]]; then + echo "$AFTER" > $BEFORE_DATE_FILE + echo "$DATE_AFTER" > $BEFORE_FULLDATE_FILE + exit 0 +fi +exit 1