From a2eaf0d865c020de62a73424eda63bc95bfa4d8d Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 22 Apr 2016 09:42:17 +0100 Subject: [PATCH] Prevent resolv.conf from changing --- src/freedombone | 124 +++++++++++++++++++++++++----------------------- 1 file changed, 64 insertions(+), 60 deletions(-) diff --git a/src/freedombone b/src/freedombone index 030a95ee..bb2fcf60 100755 --- a/src/freedombone +++ b/src/freedombone @@ -588,9 +588,9 @@ function git_clone { if [ ${#FRIENDS_MIRRORS_SERVER} -gt 2 ]; then if [ "$FRIENDS_MIRRORS_PASSWORD" ]; then if [ ${#FRIENDS_MIRRORS_PASSWORD} -gt 2 ]; then - echo "sshpass -p \"$FRIENDS_MIRRORS_PASSWORD\" git clone $repo_url $destination_dir" - sshpass -p "$FRIENDS_MIRRORS_PASSWORD" git clone "$repo_url" "$destination_dir" - return + echo "sshpass -p \"$FRIENDS_MIRRORS_PASSWORD\" git clone $repo_url $destination_dir" + sshpass -p "$FRIENDS_MIRRORS_PASSWORD" git clone "$repo_url" "$destination_dir" + return fi fi fi @@ -634,7 +634,7 @@ function remove_database { mkdir $INSTALL_DIR fi echo "drop database ${app_name}; - quit" > $INSTALL_DIR/batch.sql + quit" > $INSTALL_DIR/batch.sql chmod 600 $INSTALL_DIR/batch.sql mysql -u root --password="$MARIADB_PASSWORD" < $INSTALL_DIR/batch.sql shred -zu $INSTALL_DIR/batch.sql @@ -651,9 +651,9 @@ function create_database { app_admin_username=${app_name}admin fi echo "create database ${app_name}; - CREATE USER '$app_admin_username@localhost' IDENTIFIED BY '${app_admin_password}'; - GRANT ALL PRIVILEGES ON ${app_name}.* TO '$app_admin_username@localhost'; - quit" > $INSTALL_DIR/batch.sql + CREATE USER '$app_admin_username@localhost' IDENTIFIED BY '${app_admin_password}'; + GRANT ALL PRIVILEGES ON ${app_name}.* TO '$app_admin_username@localhost'; + quit" > $INSTALL_DIR/batch.sql chmod 600 $INSTALL_DIR/batch.sql mysql -u root --password="$MARIADB_PASSWORD" < $INSTALL_DIR/batch.sql shred -zu $INSTALL_DIR/batch.sql @@ -2009,60 +2009,60 @@ function backup_database_local { backup_databases_script=/usr/bin/backupdatabases echo '' >> $backup_databases_script echo "# Backup the ${database_name} database" >> $backup_databases_script - echo "TEMPFILE=/root/${database_name}.sql" >> $backup_databases_script - echo 'DAILYFILE=/var/backups/${database_name}_daily.sql' >> $backup_databases_script - echo "mysqldump --password=\"\$MYSQL_PASSWORD\" ${database_name} > \$TEMPFILE" >> $backup_databases_script - echo 'FILESIZE=$(stat -c%s $TEMPFILE)' >> $backup_databases_script - echo 'if [ "$FILESIZE" -eq "0" ]; then' >> $backup_databases_script - echo ' if [ -f $DAILYFILE ]; then' >> $backup_databases_script - echo ' cp $DAILYFILE $TEMPFILE' >> $backup_databases_script - echo '' >> $backup_databases_script - echo ' # try to restore yesterdays database' >> $backup_databases_script - echo " mysql -u root --password=\"\$MYSQL_PASSWORD\" ${database_name} -o < \$DAILYFILE" >> $backup_databases_script - echo '' >> $backup_databases_script - echo ' # Send a warning email' >> $backup_databases_script - echo " echo \"Unable to create a backup of the ${database_name} database. Attempted to restore from yesterdays backup\" | mail -s \"${database_name} backup\" \$EMAIL" >> $backup_databases_script - echo ' else' >> $backup_databases_script - echo ' # Send a warning email' >> $backup_databases_script - echo " echo \"Unable to create a backup of the ${database_name} database.\" | mail -s \"${database_name} backup\" \$EMAIL" >> $backup_databases_script - echo ' fi' >> $backup_databases_script - echo 'else' >> $backup_databases_script - echo ' chmod 600 $TEMPFILE' >> $backup_databases_script - echo ' mv $TEMPFILE $DAILYFILE' >> $backup_databases_script - echo '' >> $backup_databases_script - echo ' # Make the backup readable only by root' >> $backup_databases_script - echo ' chmod 600 $DAILYFILE' >> $backup_databases_script - echo 'fi' >> $backup_databases_script + echo "TEMPFILE=/root/${database_name}.sql" >> $backup_databases_script + echo 'DAILYFILE=/var/backups/${database_name}_daily.sql' >> $backup_databases_script + echo "mysqldump --password=\"\$MYSQL_PASSWORD\" ${database_name} > \$TEMPFILE" >> $backup_databases_script + echo 'FILESIZE=$(stat -c%s $TEMPFILE)' >> $backup_databases_script + echo 'if [ "$FILESIZE" -eq "0" ]; then' >> $backup_databases_script + echo ' if [ -f $DAILYFILE ]; then' >> $backup_databases_script + echo ' cp $DAILYFILE $TEMPFILE' >> $backup_databases_script + echo '' >> $backup_databases_script + echo ' # try to restore yesterdays database' >> $backup_databases_script + echo " mysql -u root --password=\"\$MYSQL_PASSWORD\" ${database_name} -o < \$DAILYFILE" >> $backup_databases_script + echo '' >> $backup_databases_script + echo ' # Send a warning email' >> $backup_databases_script + echo " echo \"Unable to create a backup of the ${database_name} database. Attempted to restore from yesterdays backup\" | mail -s \"${database_name} backup\" \$EMAIL" >> $backup_databases_script + echo ' else' >> $backup_databases_script + echo ' # Send a warning email' >> $backup_databases_script + echo " echo \"Unable to create a backup of the ${database_name} database.\" | mail -s \"${database_name} backup\" \$EMAIL" >> $backup_databases_script + echo ' fi' >> $backup_databases_script + echo 'else' >> $backup_databases_script + echo ' chmod 600 $TEMPFILE' >> $backup_databases_script + echo ' mv $TEMPFILE $DAILYFILE' >> $backup_databases_script + echo '' >> $backup_databases_script + echo ' # Make the backup readable only by root' >> $backup_databases_script + echo ' chmod 600 $DAILYFILE' >> $backup_databases_script + echo 'fi' >> $backup_databases_script - weekly_backup_script=/etc/cron.weekly/backupdatabasesweekly - if ! grep -q "${database_name}" ${weekly_backup_script}; then - echo '' >> ${weekly_backup_script} - echo "# ${database_name}" >> ${weekly_backup_script} - echo "if [ -f /var/backups/${database_name}_weekly.sql ]; then" >> ${weekly_backup_script} - echo " cp -f /var/backups/${database_name}_weekly.sql /var/backups/${database_name}_2weekly.sql" >> ${weekly_backup_script} - echo 'fi' >> ${weekly_backup_script} - echo "if [ -f /var/backups/${database_name}_daily.sql ]; then" >> ${weekly_backup_script} - echo " cp -f /var/backups/${database_name}_daily.sql /var/backups/${database_name}_weekly.sql" >> ${weekly_backup_script} - echo 'fi' >> ${weekly_backup_script} - fi + weekly_backup_script=/etc/cron.weekly/backupdatabasesweekly + if ! grep -q "${database_name}" ${weekly_backup_script}; then + echo '' >> ${weekly_backup_script} + echo "# ${database_name}" >> ${weekly_backup_script} + echo "if [ -f /var/backups/${database_name}_weekly.sql ]; then" >> ${weekly_backup_script} + echo " cp -f /var/backups/${database_name}_weekly.sql /var/backups/${database_name}_2weekly.sql" >> ${weekly_backup_script} + echo 'fi' >> ${weekly_backup_script} + echo "if [ -f /var/backups/${database_name}_daily.sql ]; then" >> ${weekly_backup_script} + echo " cp -f /var/backups/${database_name}_daily.sql /var/backups/${database_name}_weekly.sql" >> ${weekly_backup_script} + echo 'fi' >> ${weekly_backup_script} + fi - monthly_backup_script=/etc/cron.monthly/backupdatabasesmonthly - if ! grep -q "${database_name}" ${monthly_backup_script}; then - echo '' >> ${monthly_backup_script} - echo "# ${database_name}" >> ${monthly_backup_script} - echo "if [ -f /var/backups/${database_name}_monthly.sql ]; then" >> ${monthly_backup_script} - echo " cp -f /var/backups/${database_name}_monthly.sql /var/backups/${database_name}_2monthly.sql" >> ${monthly_backup_script} - echo 'fi' >> ${monthly_backup_script} - echo "if [ -f /var/backups/${database_name}_weekly.sql ]; then" >> ${monthly_backup_script} - echo " cp -f /var/backups/${database_name}_weekly.sql /var/backups/${database_name}_monthly.sql" >> ${monthly_backup_script} - echo 'fi' >> ${monthly_backup_script} - fi + monthly_backup_script=/etc/cron.monthly/backupdatabasesmonthly + if ! grep -q "${database_name}" ${monthly_backup_script}; then + echo '' >> ${monthly_backup_script} + echo "# ${database_name}" >> ${monthly_backup_script} + echo "if [ -f /var/backups/${database_name}_monthly.sql ]; then" >> ${monthly_backup_script} + echo " cp -f /var/backups/${database_name}_monthly.sql /var/backups/${database_name}_2monthly.sql" >> ${monthly_backup_script} + echo 'fi' >> ${monthly_backup_script} + echo "if [ -f /var/backups/${database_name}_weekly.sql ]; then" >> ${monthly_backup_script} + echo " cp -f /var/backups/${database_name}_weekly.sql /var/backups/${database_name}_monthly.sql" >> ${monthly_backup_script} + echo 'fi' >> ${monthly_backup_script} + fi - if ! grep -q "${database_name}" /etc/cron.hourly/repair; then - echo "${PROJECT_NAME}-repair-database ${database_name}" >> /etc/cron.hourly/repair - # remove legacy stuff - sed -i 's|/usr/bin/repairdatabase redmatrix||g' /etc/cron.hourly/repair - fi + if ! grep -q "${database_name}" /etc/cron.hourly/repair; then + echo "${PROJECT_NAME}-repair-database ${database_name}" >> /etc/cron.hourly/repair + # remove legacy stuff + sed -i 's|/usr/bin/repairdatabase redmatrix||g' /etc/cron.hourly/repair + fi } function install_not_on_BBB { @@ -3594,8 +3594,8 @@ function resolve_dns_via_tor { # point resolv.conf to tor echo 'nameserver 127.0.0.1:53' > /etc/resolv.conf - # prevent resolv.conf from changing - chattr +i /etc/resolv.conf + # prevent resolv.conf from changing + chattr +i /etc/resolv.conf echo 'resolve_dns_via_tor' >> $COMPLETION_FILE } @@ -3952,6 +3952,10 @@ function configure_dns { echo 'search localdomain' >> /etc/resolv.conf echo "nameserver $NAMESERVER1" >> /etc/resolv.conf echo "nameserver $NAMESERVER2" >> /etc/resolv.conf + + # prevent resolv.conf from changing + chattr +i /etc/resolv.conf + echo 'configure_dns' >> $COMPLETION_FILE }