bash
This commit is contained in:
parent
6b4fca0353
commit
ddb600ead2
28
overlay/Devuan/usr/local/share/genkernel/overlay.bash
Executable file
28
overlay/Devuan/usr/local/share/genkernel/overlay.bash
Executable file
@ -0,0 +1,28 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
ROLE=gpgkey
|
||||||
|
|
||||||
|
cd /usr/local/share/genkernel/overlay
|
||||||
|
|
||||||
|
[ -d dev ] || mkdir dev
|
||||||
|
cd dev
|
||||||
|
[ -e urandom ] || mknod urandom c 1 9
|
||||||
|
chmod 666 urandom
|
||||||
|
cd ..
|
||||||
|
|
||||||
|
[ -d sbin ] || mkdir sbin
|
||||||
|
cd sbin
|
||||||
|
[ -f staticgpggrid ] || cp -p /usr/local/bin/staticgpggrid .
|
||||||
|
[ -f staticgpg ] || cp -p /usr/local/bin/staticgpg .
|
||||||
|
chmod 755 static*
|
||||||
|
cd ..
|
||||||
|
|
||||||
|
cd /
|
||||||
|
cat /usr/local/share/genkernel/overlay.list | \
|
||||||
|
tar cf - -T - \
|
||||||
|
tar xvf - -C /usr/local/share/genkernel/overlay
|
||||||
|
|
||||||
|
find -L /usr/local/share/genkernel/overlay -type l
|
||||||
|
|
||||||
|
|
||||||
|
exit 0
|
43
overlay/Devuan/usr/local/share/genkernel/overlay.list
Normal file
43
overlay/Devuan/usr/local/share/genkernel/overlay.list
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
bin/busybox
|
||||||
|
bin/keyctl
|
||||||
|
bin/kmod
|
||||||
|
bin/lsmod
|
||||||
|
bin/nano
|
||||||
|
etc/conf.d/keymaps
|
||||||
|
etc/keymaps/linux-with-altgr.inc
|
||||||
|
etc/keymaps/us.map
|
||||||
|
etc/modprobe.d/blacklist.conf
|
||||||
|
lib/ld-linux.so.2
|
||||||
|
lib64/ld-linux-x86-64.so.2
|
||||||
|
lib64/libacl.so.1
|
||||||
|
lib64/libacl.so.1.1.2301
|
||||||
|
lib64/libblkid.so.1
|
||||||
|
lib64/libblkid.so.1.1.0
|
||||||
|
lib64/libc.so.6
|
||||||
|
lib64/libcap.so.2
|
||||||
|
lib64/libcap.so.2.65
|
||||||
|
lib64/libkmod.so.2
|
||||||
|
lib64/libkmod.so.2.4.0
|
||||||
|
lib64/liblzma.so.5
|
||||||
|
lib64/liblzma.so.5.2.5
|
||||||
|
lib64/libm.so.6
|
||||||
|
lib64/libpthread.so.0
|
||||||
|
lib64/libz.so.1
|
||||||
|
lib64/libz.so.1.2.12
|
||||||
|
lib64/libzstd.so.1
|
||||||
|
lib64/libzstd.so.1.5.2
|
||||||
|
sbin/e2label
|
||||||
|
sbin/fdisk
|
||||||
|
sbin/modprobe
|
||||||
|
sbin/tune2fs
|
||||||
|
usr/bin/clear
|
||||||
|
usr/bin/mg
|
||||||
|
usr/bin/ntfs-3g
|
||||||
|
usr/local/bin/gridfire.pyi
|
||||||
|
usr/local/bin/staticgpg
|
||||||
|
usr/local/bin/staticgpggrid
|
||||||
|
usr/share/consolefonts/ter-v24b.psf.gz
|
||||||
|
usr/share/consolefonts/ter-v28b.psf.gz
|
||||||
|
usr/share/keymaps/i386/include/euro.map.gz
|
||||||
|
usr/share/keymaps/i386/include/qwerty-layout.inc
|
||||||
|
usr/share/keymaps/include/compose.latin
|
@ -3,6 +3,7 @@
|
|||||||
|
|
||||||
prog=$( basename $0 .bash )
|
prog=$( basename $0 .bash )
|
||||||
ROLE=base
|
ROLE=base
|
||||||
|
PYVER=3
|
||||||
LOG_DIR=/usr/local/var/logs/portage
|
LOG_DIR=/usr/local/var/logs/portage
|
||||||
[ -d $LOG_DIR ] || mkdir -p $LOG_DIR
|
[ -d $LOG_DIR ] || mkdir -p $LOG_DIR
|
||||||
|
|
||||||
@ -37,15 +38,16 @@ LARGS="$LARGS --noreplace"
|
|||||||
# LARGS="$LARGS --exclude "
|
# LARGS="$LARGS --exclude "
|
||||||
LOG=$LOG_DIR/$LOG
|
LOG=$LOG_DIR/$LOG
|
||||||
export PYTHONPATH=
|
export PYTHONPATH=
|
||||||
echo INFO: $LARGS $ARGS >> $LOG 2>&1
|
echo INFO: emerge $LARGS $ARGS |tee -a $LOG >&2
|
||||||
nice python$BASE_PYTHON3_MINOR $( which emerge ) $LARGS $ARGS >> $LOG 2>&1
|
nice python$PYVER $( which emerge ) $LARGS $ARGS >> $LOG 2>&1
|
||||||
[ $? -ne 0 ] && exit $?
|
retval=$?
|
||||||
|
[ $retval -ne 0 ] && echo ERROR: $retval $LOG && tail $LOG && exit $retval
|
||||||
if grep ImportError $LOG ; then
|
if grep ImportError $LOG ; then
|
||||||
echo ERROR: ImportError $ARGS && exit 10
|
echo ERROR: ImportError $LOG && exit 10
|
||||||
elif grep ParseError $LOG ; then
|
elif grep ParseError $LOG ; then
|
||||||
echo ERROR: ParseError $ARGS && exit 11
|
echo ERROR: ParseError $LOG && exit 11
|
||||||
elif grep 'Your current profile is invalid' $LOG ; then
|
elif grep 'Your current profile is invalid' $LOG ; then
|
||||||
echo ERROR: Your current profile is invalid $ARGS && exit 12
|
echo ERROR: Your current profile is invalid $LOG && exit 12
|
||||||
fi
|
fi
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
|
@ -27,7 +27,7 @@ gpg2 --verify --keyring $keyf $BASE_PORTDIR/Manifest >/tmp/K$$.log 2>&1 || exit
|
|||||||
grep 'using RSA key' /tmp/K$$.log || exit 4
|
grep 'using RSA key' /tmp/K$$.log || exit 4
|
||||||
grep 'Primary key fingerprint:' /tmp/K$$.log | sed -e 's/.*: //' -e 's/ //g' > /tmp/K$$.key || exit 5
|
grep 'Primary key fingerprint:' /tmp/K$$.log | sed -e 's/.*: //' -e 's/ //g' > /tmp/K$$.key || exit 5
|
||||||
|
|
||||||
if route | grep -q ^default ; then
|
if grep -q "^wlan[1-9][ ]00000000" /proc/net/route ; then
|
||||||
. /root/bin/tor.sh
|
. /root/bin/tor.sh
|
||||||
wget -O /tmp/K$$.html https://www.gentoo.org/downloads/signatures/ || exit 0
|
wget -O /tmp/K$$.html https://www.gentoo.org/downloads/signatures/ || exit 0
|
||||||
grep "`cat /tmp/K$$.key`" /tmp/K$$.html || {
|
grep "`cat /tmp/K$$.key`" /tmp/K$$.html || {
|
||||||
|
28
overlay/Gentoo/usr/local/share/genkernel/overlay.bash
Executable file
28
overlay/Gentoo/usr/local/share/genkernel/overlay.bash
Executable file
@ -0,0 +1,28 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
ROLE=gpgkey
|
||||||
|
|
||||||
|
cd /usr/local/share/genkernel/overlay
|
||||||
|
|
||||||
|
[ -d dev ] || mkdir dev
|
||||||
|
cd dev
|
||||||
|
[ -e urandom ] || mknod urandom c 1 9
|
||||||
|
chmod 666 urandom
|
||||||
|
cd ..
|
||||||
|
|
||||||
|
[ -d sbin ] || mkdir sbin
|
||||||
|
cd sbin
|
||||||
|
[ -f staticgpggrid ] || cp -p /usr/local/bin/staticgpggrid .
|
||||||
|
[ -f staticgpg ] || cp -p /usr/local/bin/staticgpg .
|
||||||
|
chmod 755 static*
|
||||||
|
cd ..
|
||||||
|
|
||||||
|
cd /
|
||||||
|
cat /usr/local/share/genkernel/overlay.list | \
|
||||||
|
tar cf - -T - \
|
||||||
|
tar xvf - -C /usr/local/share/genkernel/overlay
|
||||||
|
|
||||||
|
find -L /usr/local/share/genkernel/overlay -type l
|
||||||
|
|
||||||
|
|
||||||
|
exit 0
|
43
overlay/Gentoo/usr/local/share/genkernel/overlay.list
Normal file
43
overlay/Gentoo/usr/local/share/genkernel/overlay.list
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
bin/busybox
|
||||||
|
bin/keyctl
|
||||||
|
bin/kmod
|
||||||
|
bin/lsmod
|
||||||
|
bin/nano
|
||||||
|
etc/conf.d/keymaps
|
||||||
|
etc/keymaps/linux-with-altgr.inc
|
||||||
|
etc/keymaps/us.map
|
||||||
|
etc/modprobe.d/blacklist.conf
|
||||||
|
lib/ld-linux.so.2
|
||||||
|
lib64/ld-linux-x86-64.so.2
|
||||||
|
lib64/libacl.so.1
|
||||||
|
lib64/libacl.so.1.1.2301
|
||||||
|
lib64/libblkid.so.1
|
||||||
|
lib64/libblkid.so.1.1.0
|
||||||
|
lib64/libc.so.6
|
||||||
|
lib64/libcap.so.2
|
||||||
|
lib64/libcap.so.2.65
|
||||||
|
lib64/libkmod.so.2
|
||||||
|
lib64/libkmod.so.2.4.0
|
||||||
|
lib64/liblzma.so.5
|
||||||
|
lib64/liblzma.so.5.2.5
|
||||||
|
lib64/libm.so.6
|
||||||
|
lib64/libpthread.so.0
|
||||||
|
lib64/libz.so.1
|
||||||
|
lib64/libz.so.1.2.12
|
||||||
|
lib64/libzstd.so.1
|
||||||
|
lib64/libzstd.so.1.5.2
|
||||||
|
sbin/e2label
|
||||||
|
sbin/fdisk
|
||||||
|
sbin/modprobe
|
||||||
|
sbin/tune2fs
|
||||||
|
usr/bin/clear
|
||||||
|
usr/bin/mg
|
||||||
|
usr/bin/ntfs-3g
|
||||||
|
usr/local/bin/gridfire.pyi
|
||||||
|
usr/local/bin/staticgpg
|
||||||
|
usr/local/bin/staticgpggrid
|
||||||
|
usr/share/consolefonts/ter-v24b.psf.gz
|
||||||
|
usr/share/consolefonts/ter-v28b.psf.gz
|
||||||
|
usr/share/keymaps/i386/include/euro.map.gz
|
||||||
|
usr/share/keymaps/i386/include/qwerty-layout.inc
|
||||||
|
usr/share/keymaps/include/compose.latin
|
52
overlay/Linux/usr/local/bin/ansible_get_inventory.bash
Executable file
52
overlay/Linux/usr/local/bin/ansible_get_inventory.bash
Executable file
@ -0,0 +1,52 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
|
||||||
|
|
||||||
|
# retval on stdout - messages on stderr
|
||||||
|
. /usr/local/bin/usr_local_tput.bash
|
||||||
|
|
||||||
|
prog=`basename $0 .bash`
|
||||||
|
PREFIX=/usr/local
|
||||||
|
ROLE=base
|
||||||
|
AnsI=AnsI
|
||||||
|
|
||||||
|
# quiet
|
||||||
|
[ "$#" -eq 0 ] && exit 1
|
||||||
|
VARIABLE=$1
|
||||||
|
shift
|
||||||
|
[ "$#" -eq 0 ] && base=`hostname` || base=$1
|
||||||
|
base=gentoo1
|
||||||
|
|
||||||
|
[ -f $PREFIX/etc/testforge/testforge.bash ] && . $PREFIX/etc/testforge/testforge.bash
|
||||||
|
|
||||||
|
[ -n "$PLAY_ANSIBLE_SRC" ] || PLAY_ANSIBLE_SRC=$BASE_ANSIBLE_SRC
|
||||||
|
[ -z "$PLAY_ANSIBLE_SRC" ] && ERROR export "PLAY_ANSIBLE_SRC" >&2 && exit 3
|
||||||
|
[ ! -d "$PLAY_ANSIBLE_SRC" ] && ERROR ! -d "PLAY_ANSIBLE_SRC" >&2 && exit 4
|
||||||
|
[ ! -f "$PLAY_ANSIBLE_SRC"/hosts.yml ] && ERROR ! -f "PLAY_ANSIBLE_SRC"/hosts.yml >&2 && exit 4
|
||||||
|
|
||||||
|
DBUG ansible-inventory -i $PLAY_ANSIBLE_SRC/hosts.yml \
|
||||||
|
--playbook-dir=$PLAY_ANSIBLE_SRC \
|
||||||
|
--host=$base >&2
|
||||||
|
ansible-inventory -i $PLAY_ANSIBLE_SRC/hosts.yml \
|
||||||
|
--playbook-dir=$PLAY_ANSIBLE_SRC \
|
||||||
|
--host=$base >> /tmp/${AnsI}$$.json 2> /tmp/${AnsI}$$.err
|
||||||
|
retval=$?
|
||||||
|
if [ $retval -eq 0 ] ; then
|
||||||
|
[ ! -s /tmp/${AnsI}$$.json ] && ERROR empty /tmp/${AnsI}$$.json >&2 && exit 4
|
||||||
|
#!? export
|
||||||
|
VALUE=`jq .$VARIABLE < /tmp/${AnsI}$$.json | sed -e 's/,//'|xargs echo`
|
||||||
|
jretval=$?
|
||||||
|
if [ $jretval -eq 0 ] ; then
|
||||||
|
[ -n "$DEBUG" ] && DBUG "$prog base=$base VALUE=$VALUE" >&2
|
||||||
|
[ "$VALUE" = "null" ] && VALUE=""
|
||||||
|
echo -n "$VALUE"
|
||||||
|
else
|
||||||
|
WARN $VARIABLE jretval=$jretval /tmp/${AnsI}$$.json >&2
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
ERROR $VARIABLE retval=$retval /tmp/${AnsI}$$.json /tmp/${AnsI}$$.err >&2
|
||||||
|
cat /tmp/${AnsI}$$.err >&2
|
||||||
|
exit 8
|
||||||
|
fi
|
||||||
|
# rm -f /tmp/${AnsI}$$.json
|
||||||
|
|
||||||
|
exit 0
|
9
overlay/Linux/usr/local/bin/base_ansible.bash
Executable file
9
overlay/Linux/usr/local/bin/base_ansible.bash
Executable file
@ -0,0 +1,9 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
# -*- mode: sh; tab-width: 8; coding: utf-8-unix -*-
|
||||||
|
|
||||||
|
ROLE=base
|
||||||
|
prog=$( basename $0 .bash )
|
||||||
|
|
||||||
|
export ANSIBLE_CONFIG=/o/data/TestForge/src/ansible
|
||||||
|
|
||||||
|
/usr/local/bin/python3.sh /usr/local/bin/ansible "$@"
|
@ -86,5 +86,5 @@ python$PYMAJ $PREFIX/$LIB/python$PYTHON_MINOR/site-packages/sitecustomize.py ||
|
|||||||
exit 0
|
exit 0
|
||||||
# [ $( python2.sh {{BASE_USR_LOCAL}}/$LIB/python{{BASE_PYTHON2_MINOR}}/site-packages/sitecustomize.py ) = {{BASE_USR_LOCAL}}/bin/python2.sh ] || exit 2
|
# [ $( python2.sh {{BASE_USR_LOCAL}}/$LIB/python{{BASE_PYTHON2_MINOR}}/site-packages/sitecustomize.py ) = {{BASE_USR_LOCAL}}/bin/python2.sh ] || exit 2
|
||||||
# [ $( python3.sh {{BASE_USR_LOCAL}}/$LIB/python{{BASE_PYTHON3_MINOR}}/site-packages/sitecustomize.py ) = {{BASE_USR_LOCAL}}/bin/python3.sh ] || exit 3
|
# [ $( python3.sh {{BASE_USR_LOCAL}}/$LIB/python{{BASE_PYTHON3_MINOR}}/site-packages/sitecustomize.py ) = {{BASE_USR_LOCAL}}/bin/python3.sh ] || exit 3
|
||||||
# [ $( python2.bash {{BASE_USR_LOCAL}}/$LIB/python{{BASE_PYTHON2_MINOR}}/site-packages/sitecustomize.py ) = /var/local/bin/python2.bash ] || exit 22
|
# [ $( python2.bash {{BASE_USR_LOCAL}}/$LIB/python{{BASE_PYTHON2_MINOR}}/site-packages/sitecustomize.py ) = $PREFIX/bin/python2.bash ] || exit 22
|
||||||
# [ $( python3.bash {{BASE_USR_LOCAL}}/$LIB/python{{BASE_PYTHON3_MINOR}}/site-packages/sitecustomize.py ) = /var/local/bin/python3.bash ] || exit 33
|
# [ $( python3.sh {{BASE_USR_LOCAL}}/$LIB/python{{BASE_PYTHON3_MINOR}}/site-packages/sitecustomize.py ) = $PREFIX/bin/python3.sh ] || exit 33
|
||||||
|
@ -17,7 +17,7 @@ for elt in $PATH ; do
|
|||||||
done
|
done
|
||||||
IFS=' '
|
IFS=' '
|
||||||
|
|
||||||
elt=/var/local/bin
|
elt=$PREFIX/bin
|
||||||
[[ "$N" =~ (^|:)"${elt}"(:|$) ]] || N="$N:$elt"
|
[[ "$N" =~ (^|:)"${elt}"(:|$) ]] || N="$N:$elt"
|
||||||
|
|
||||||
echo $N
|
echo $N
|
||||||
|
@ -74,8 +74,8 @@ done
|
|||||||
|
|
||||||
elt=doctest3
|
elt=doctest3
|
||||||
if [ $MYID -ne 0 ] ; then
|
if [ $MYID -ne 0 ] ; then
|
||||||
/var/local/bin/testforge_python_doctest3.bash \
|
$PREFIX/bin/testforge_python_doctest3.bash \
|
||||||
/var/local/share/doc/txt/base3.txt \
|
$PREFIX/share/doc/txt/base3.txt \
|
||||||
> "$LOG_DIR"/$elt$$.log 2>&1 || ERROR $elt >> $ELOG
|
> "$LOG_DIR"/$elt$$.log 2>&1 || ERROR $elt >> $ELOG
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -25,7 +25,7 @@ find $LOG_DIR/*${prog}_${ly}*.log -ctime +2 -delete
|
|||||||
|
|
||||||
ansible-inventory 2>> $WLOG || ERROR ansible-inventory $? >> $ELOG
|
ansible-inventory 2>> $WLOG || ERROR ansible-inventory $? >> $ELOG
|
||||||
|
|
||||||
if ip route | grep -v ^def ; then
|
if ip route | grep -q ^def ; then
|
||||||
gpg-connect-agent --dirmngr 'keyserver --hosttable' /bye || exit 3$?
|
gpg-connect-agent --dirmngr 'keyserver --hosttable' /bye || exit 3$?
|
||||||
dirmngr-client -v --ping </dev/null || exit 4$?
|
dirmngr-client -v --ping </dev/null || exit 4$?
|
||||||
fi
|
fi
|
||||||
|
@ -44,7 +44,7 @@ PKGS=
|
|||||||
ARGS=$(getopt --options $SHORTOPTS --longoptions $LONGOPTS -- "$@")
|
ARGS=$(getopt --options $SHORTOPTS --longoptions $LONGOPTS -- "$@")
|
||||||
[ $? != 0 ] && exitWithErrMsg 1 "Aborting."
|
[ $? != 0 ] && exitWithErrMsg 1 "Aborting."
|
||||||
|
|
||||||
route | grep -q ^default || exitWithErrMsg 2 "We are not connected: Aborting."
|
grep -q "^wlan[1-9][ ]00000000" /proc/net/route || exitWithErrMsg 2 "We are not connected: Aborting."
|
||||||
|
|
||||||
eval set -- "$ARGS"
|
eval set -- "$ARGS"
|
||||||
|
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
shopt -s nullglob || { ERROR use bash ; exit 1 ; }
|
shopt -s nullglob || { ERROR use bash ; exit 1 ; }
|
||||||
. /usr/local/bin/usr_local_tput.bash || exit 2
|
. /usr/local/bin/usr_local_tput.bash || exit 2
|
||||||
. /usr/local/bin/usr_local_base.bash || exit 3
|
# . /usr/local/bin/usr_local_base.bash || exit 3
|
||||||
|
|
||||||
ROLE=base
|
ROLE=base
|
||||||
PREFIX=/usr/local
|
PREFIX=/usr/local
|
||||||
@ -14,10 +14,10 @@ if [ -f /usr/local/etc/testforge/testforge.bash ] ; then
|
|||||||
. /usr/local/etc/testforge/testforge.bash >/dev/null || exit 1
|
. /usr/local/etc/testforge/testforge.bash >/dev/null || exit 1
|
||||||
P="BASE_PYTHON${PYVER}_MINOR"
|
P="BASE_PYTHON${PYVER}_MINOR"
|
||||||
PYTHON_MINOR="$(eval echo \$$P)"
|
PYTHON_MINOR="$(eval echo \$$P)"
|
||||||
fi
|
else
|
||||||
|
|
||||||
[ -n "$PYTHON_MINOR" ] || \
|
[ -n "$PYTHON_MINOR" ] || \
|
||||||
PYTHON_MINOR=$( python$PYVER --version 2>&1| sed -e 's@^.* @@' -e 's@\.[0-9]*$@@' )
|
PYTHON_MINOR=$( python$PYVER --version 2>&1| sed -e 's@^.* @@' -e 's@\.[0-9]*$@@' )
|
||||||
|
fi
|
||||||
[ -z "$LIB" -a -d $PREFIX/lib/python$PYTHON_MINOR/site-packages ] && LIB=lib
|
[ -z "$LIB" -a -d $PREFIX/lib/python$PYTHON_MINOR/site-packages ] && LIB=lib
|
||||||
[ -z "$LIB" -a -d $PREFIX/lib64/python$PYTHON_MINOR/site-packages ] && LIB=lib64
|
[ -z "$LIB" -a -d $PREFIX/lib64/python$PYTHON_MINOR/site-packages ] && LIB=lib64
|
||||||
|
|
||||||
@ -63,7 +63,8 @@ fi
|
|||||||
|
|
||||||
[[ "$*" =~ "--timeout" ]] || [[ $LARGS =~ "--timeout" ]] || LARGS="--timeout=30 $LARGS"
|
[[ "$*" =~ "--timeout" ]] || [[ $LARGS =~ "--timeout" ]] || LARGS="--timeout=30 $LARGS"
|
||||||
[[ "$*" =~ '--disable-pip-version-check' ]] || LARGS="--disable-pip-version-check $LARGS"
|
[[ "$*" =~ '--disable-pip-version-check' ]] || LARGS="--disable-pip-version-check $LARGS"
|
||||||
[[ "$*" =~ '--proxy' ]] || LARGS="$LARGS --proxy http://localhost:3128"
|
[[ "$*" =~ '--proxy' ]] || [ -z "$https_proxy" ] || \
|
||||||
|
LARGS="$LARGS --proxy $https_proxy"
|
||||||
|
|
||||||
MYID=$( id -u )
|
MYID=$( id -u )
|
||||||
if [ "$1" = 'uninstall' ] ; then
|
if [ "$1" = 'uninstall' ] ; then
|
||||||
@ -74,7 +75,7 @@ elif [ "$1" = 'install' ] ; then
|
|||||||
shift
|
shift
|
||||||
RARGS="$RARGS --progress-bar=off"
|
RARGS="$RARGS --progress-bar=off"
|
||||||
# LARGS="$LARGS --python=/usr/local/bin/python$PYTHON_MINOR.sh"
|
# LARGS="$LARGS --python=/usr/local/bin/python$PYTHON_MINOR.sh"
|
||||||
/usr/local/bin/proxy_ping_test.bash wifi # || exit 3$?
|
# /usr/local/bin/proxy_ping_test.bash wifi # || exit 3$?
|
||||||
# Can not combine '--user' and '--prefix'
|
# Can not combine '--user' and '--prefix'
|
||||||
if true ; then # >9.0.1
|
if true ; then # >9.0.1
|
||||||
if [[ $RARGS =~ "--prefix=$PREFIX" ]] ; then
|
if [[ $RARGS =~ "--prefix=$PREFIX" ]] ; then
|
||||||
|
@ -11,7 +11,10 @@ PYVER=3
|
|||||||
|
|
||||||
. /usr/local/bin/proxy_ping_lib.bash || \
|
. /usr/local/bin/proxy_ping_lib.bash || \
|
||||||
{ ERROR loading /usr/local/bin/proxy_ping_lib.bash ; exit 6; }
|
{ ERROR loading /usr/local/bin/proxy_ping_lib.bash ; exit 6; }
|
||||||
|
[ -f $PREFIX/etc/testforge/testforge.bash ] && \
|
||||||
|
. /usr/local/etc/testforge/testforge.bash >/dev/null || exit 1
|
||||||
PL=/usr/local/bin/proxy_libvirt_lib.bash
|
PL=/usr/local/bin/proxy_libvirt_lib.bash
|
||||||
|
|
||||||
declare -a tests
|
declare -a tests
|
||||||
|
|
||||||
which traceroute 2>/dev/null >/dev/null && HAVE_TRACEROUTE=1 || HAVE_TRACEROUTE=0
|
which traceroute 2>/dev/null >/dev/null && HAVE_TRACEROUTE=1 || HAVE_TRACEROUTE=0
|
||||||
@ -20,22 +23,19 @@ which nslookup 2>/dev/null >/dev/null && HAVE_NSLOOKUP=1 || HAVE_NSLOOKUP=0
|
|||||||
which tor-resolve 2>/dev/null >/dev/null && HAVE_TOR_RESOLVE=1 || HAVE_TOR_RESOLVE=0
|
which tor-resolve 2>/dev/null >/dev/null && HAVE_TOR_RESOLVE=1 || HAVE_TOR_RESOLVE=0
|
||||||
|
|
||||||
[ -z "$prog" ] || prog=proxy_ping_test
|
[ -z "$prog" ] || prog=proxy_ping_test
|
||||||
proxy_ping_get_socks >/dev/null
|
SOCKS_PAIR=`proxy_ping_get_socks`
|
||||||
[ -z "$SOCKS_HOST" ] && SOCKS_HOST=127.0.0.1
|
[ -z "$SOCKS_HOST" ] && SOCKS_HOST=`echo $SOCKS_PAIR|sed -e 's/:.*//'`
|
||||||
[ -z "$SOCKS_PORT" ] && SOCKS_PORT=9050
|
[ -z "$SOCKS_PORT" ] && SOCKS_PORT=`echo $SOCKS_PAIR|sed -e 's/.*://'`
|
||||||
[ -z "$SOCKS_DNS" ] && SOCKS_DNS=9053
|
[ -z "$SOCKS_DNS" ] && SOCKS_DNS=9053
|
||||||
HTTPS_PORT=9128
|
HTTPS_PORT=`echo $HTTPS_PAIR|sed -e 's/.*://'`
|
||||||
HTTPS_HOST=127.0.0.1
|
HTTPS_HOST=`echo $HTTPS_PAIR|sed -e 's/:.*//'`
|
||||||
proxy_ping_get_https >/dev/null
|
HTTPS_PAIR=`proxy_ping_get_https`
|
||||||
[ -z "$HTTPS_HOST" ] && HTTPS_HOST=127.0.0.1
|
[ -z "$HTTPS_HOST" ] && HTTPS_HOST=127.0.0.1
|
||||||
HTTP_PORT=3128
|
HTTP_PAIR=`proxy_ping_get_http`
|
||||||
HTTP_PROXY_HOST=127.0.0.1
|
HTTP_PORT=`echo $HTTP_PAIR|sed -e 's/.*://'`
|
||||||
proxy_ping_get_http >/dev/null
|
HTTP_HOST=`echo $HTTP_PAIR|sed -e 's/:.*//'`
|
||||||
[ -z "$HTTP_HOST" ] && HTTP_HOST=127.0.0.1
|
[ -z "$HTTP_HOST" ] && HTTP_HOST=127.0.0.1
|
||||||
|
|
||||||
[ -f $PREFIX/etc/testforge/testforge.bash ] && \
|
|
||||||
. /usr/local/etc/testforge/testforge.bash >/dev/null || exit 1
|
|
||||||
|
|
||||||
P="BASE_PYTHON${PYVER}_MINOR"
|
P="BASE_PYTHON${PYVER}_MINOR"
|
||||||
PYTHON_MINOR="$(eval echo \$$P)"
|
PYTHON_MINOR="$(eval echo \$$P)"
|
||||||
[ -n "$PYTHON_MINOR" ] || \
|
[ -n "$PYTHON_MINOR" ] || \
|
||||||
@ -65,14 +65,14 @@ TIMEOUT=30
|
|||||||
[ -n "$GATEW_DOM" ] || GATEW_DOM="Whonix-Gateway"
|
[ -n "$GATEW_DOM" ] || GATEW_DOM="Whonix-Gateway"
|
||||||
|
|
||||||
DNS_HOST1="208.67.220.220"
|
DNS_HOST1="208.67.220.220"
|
||||||
DNS_HOST2="8.8.8.8"ggggg
|
DNS_HOST2="1.1.1.1"
|
||||||
[ -n "$DNS_TARGET" ] || DNS_TARGET=www.whatismypublicip.com # 108.160.151.39
|
[ -n "$DNS_TARGET" ] || DNS_TARGET=www.whatismypublicip.com # 108.160.151.39
|
||||||
[ -n "$HTTP_TARGET" ] || HTTP_TARGET=www.whatismypublicip.com # 108.160.151.39
|
[ -n "$HTTP_TARGET" ] || HTTP_TARGET=www.whatismypublicip.com # 108.160.151.39
|
||||||
HTTP_TARGET=www.whatismypublicip.com
|
HTTP_TARGET=www.whatismypublicip.com
|
||||||
|
|
||||||
# time.nist.gov 132.163.97.3
|
# time.nist.gov 132.163.97.3
|
||||||
NTP_HOST1=132.163.97.3
|
NTP_HOST1=132.163.97.3
|
||||||
# pool.ntp.org 78.46.53.2
|
# pool.ntp.org 78.46.53.2 205.206.70.7
|
||||||
NTP_HOST2=78.46.53.2
|
NTP_HOST2=78.46.53.2
|
||||||
# --no-check-certificate
|
# --no-check-certificate
|
||||||
WGET="wget --tries=1 --max-redirect=0 --timeout=$TIMEOUT -O /dev/null"
|
WGET="wget --tries=1 --max-redirect=0 --timeout=$TIMEOUT -O /dev/null"
|
||||||
@ -103,6 +103,113 @@ DNS_HOST=$SOCKS_HOST
|
|||||||
[ -z "$PRIV_BIN_OWNER" ] && PRIV_BIN_OWNER=bin
|
[ -z "$PRIV_BIN_OWNER" ] && PRIV_BIN_OWNER=bin
|
||||||
[ -z "$PRIV_BIN_GID" ] && PRIV_BIN_GID=$( grep ^$PRIV_BIN_OWNER /etc/passwd|cut -d: -f 4 )
|
[ -z "$PRIV_BIN_GID" ] && PRIV_BIN_GID=$( grep ^$PRIV_BIN_OWNER /etc/passwd|cut -d: -f 4 )
|
||||||
|
|
||||||
|
PROXY_GPG_KEYSERVER=keys.openpgp.org
|
||||||
|
declare -a GPG_KEYSERVERS=(
|
||||||
|
hkp://$PROXY_GPG_KEYSERVER
|
||||||
|
hkp://gpg.mit.edu
|
||||||
|
hkp://keys.gnupg.net
|
||||||
|
)
|
||||||
|
## proxy_test_dirmngr
|
||||||
|
proxy_test_dirmngr () {
|
||||||
|
[ $# -eq 0 ] && set -- "${GPG_KEYSERVERS[@]}"
|
||||||
|
DBUG proxy_test_dirmngr MODE=$MODE $* ;
|
||||||
|
# shellcheck disable=SC2154
|
||||||
|
[ -z "$ELOG" ] && ELOG=/tmp/proxy_test_dirmngr$$.err
|
||||||
|
# shellcheck disable=SC2154
|
||||||
|
[ -z "$WLOG" ] && WLOG=/tmp/proxy_test_dirmngr$$.log
|
||||||
|
|
||||||
|
[ -h /usr/bin/dirmngr ] || {
|
||||||
|
WARN /usr/bin/dirmngr not a symlink
|
||||||
|
#fixed? return 2
|
||||||
|
}
|
||||||
|
|
||||||
|
grep ^hkp-cacert /etc/dirmngr/dirmngr.conf | while read a b; do
|
||||||
|
[ -f $b ] || WARN file not found $b in /etc/dirmngr/dirmngr.conf
|
||||||
|
done
|
||||||
|
/usr/bin/dirmngr --version </dev/null >/dev/null && \
|
||||||
|
INFO /usr/bin/dirmngr working --version || {
|
||||||
|
ERROR /usr/bin/dirmngr not working --version
|
||||||
|
return 3
|
||||||
|
}
|
||||||
|
# grep ^OK
|
||||||
|
DM=`grep ' keyserver ' /etc/dirmngr/dirmngr.conf | head -1 | sed -e 's/.* //'`
|
||||||
|
|
||||||
|
grep -q "^wlan[1-9][ ]00000000" /proc/net/route || {
|
||||||
|
DBUG not connected
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
echo 'loadswdb --force' /bye | \
|
||||||
|
gpg-connect-agent --dirmngr \
|
||||||
|
>/tmp/GpgL$$.tmp 2>&1
|
||||||
|
retval=$?
|
||||||
|
[ $retval -ne 0 ] && \
|
||||||
|
WARN gpg-connect-agent --dirmngr 'loadswdb --force' /bye /tmp/GpgL$$.tmp && \
|
||||||
|
cat /tmp/GpgL$$.tmp && \
|
||||||
|
# return 5$retval
|
||||||
|
! grep -q OK /tmp/GpgL$$.tmp && \
|
||||||
|
WARN gpg-connect-agent --dirmngr 'loadswdb --force' /bye OK not found /tmp/GpgL$$.tmp && \
|
||||||
|
# return 6$retval
|
||||||
|
|
||||||
|
INFO elt=gpg-connect-agent --dirmngr 'loadswdb --force' OK
|
||||||
|
rm -f /tmp/GpgL$$.tmp
|
||||||
|
|
||||||
|
# gpg-connect-agent --dirmngr 'help keyserver' /bye
|
||||||
|
echo 'keyserver --resolve' /bye | \
|
||||||
|
gpg-connect-agent --dirmngr \
|
||||||
|
>/tmp/GpgG$$.tmp 2>&1
|
||||||
|
retval=$?
|
||||||
|
grep 'ERR\|failed:' /tmp/GpgG$$.tmp >> $ELOG && \
|
||||||
|
ERROR gpg-connect-agent $elt `tail -1 $ELOG` && \
|
||||||
|
return 10
|
||||||
|
grep -q ^S /tmp/GpgG$$.tmp || { \
|
||||||
|
WARN gpg-connect-agent 'keyserver' no S /tmp/GpgG$$.tmp && \
|
||||||
|
return 8$retval
|
||||||
|
}
|
||||||
|
INFO elt=gpg-connect-agent 'keyserver --resolve' S
|
||||||
|
cat /tmp/GpgG$$.tmp
|
||||||
|
rm -f /tmp/GpgG$$.tmp
|
||||||
|
|
||||||
|
if [ ! -d /root/.emacs.d/elpa/gnupg ] || \
|
||||||
|
! ps ax | grep -q -e '--homedir /root/.emacs.d/elpa/gnupg' ; then
|
||||||
|
WARN no running /root/.emacs.d/elpa/gnupg agent
|
||||||
|
else
|
||||||
|
INFO running /root/.emacs.d/elpa/gnupg agent
|
||||||
|
echo keyserver --resolve | \
|
||||||
|
gpg-connect-agent --dirmngr \
|
||||||
|
--homedir /root/.emacs.d/elpa/gnupg \
|
||||||
|
>/tmp/GpgC$$.tmp 2>&1
|
||||||
|
retval=$?
|
||||||
|
if grep 'ERR\|failed:' /tmp/GpgC$$.tmp >> $ELOG ; then
|
||||||
|
WARN /root/.emacs.d/elpa/gnupg gpg-connect-agent `tail -1 $ELOG` && \
|
||||||
|
cat /tmp/GpgC$$.tmp
|
||||||
|
else
|
||||||
|
INFO elt=gpg-connect-agent
|
||||||
|
cat /tmp/GpgC$$.tmp
|
||||||
|
rm -f /tmp/GpgC$$.tmp
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
## proxy_test_privoxy_test
|
||||||
|
proxy_test_privoxy_test () { DBUG proxy_test_privoxy_test $* ;
|
||||||
|
return 0
|
||||||
|
/etc/init.d/privoxy status || /etc/init.d/privoxy start
|
||||||
|
/etc/init.d/privoxy status && \
|
||||||
|
DBUG /etc/init.d/privoxy running || {
|
||||||
|
WARN /etc/init.d/privoxy not running $PROXY_HTTP_PROXY_PORT
|
||||||
|
}
|
||||||
|
# /usr/local/bin/proxy_ping_test.bash 3128
|
||||||
|
netstat -nlpe4 | grep -q :$PROXY_HTTP_PROXY_PORT || {
|
||||||
|
ERROR /etc/init.d/privoxy not working $PROXY_HTTP_PROXY_PORT
|
||||||
|
return 4
|
||||||
|
}
|
||||||
|
INFO elt=/etc/init.d/privoxy working $PROXY_HTTP_PROXY_PORT
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
## proxy_test_netstat_dns
|
## proxy_test_netstat_dns
|
||||||
proxy_test_netstat_dns () { DBUG proxy_test_netstat_dns $* ;
|
proxy_test_netstat_dns () { DBUG proxy_test_netstat_dns $* ;
|
||||||
$NETS | grep -q ":53"
|
$NETS | grep -q ":53"
|
||||||
@ -119,7 +226,7 @@ proxy_test_traceroute_icmp_gw () { DBUG proxy_test_traceroute_icmp_gw $* ;
|
|||||||
retval=$?
|
retval=$?
|
||||||
[ $retval -eq 0 ] && return 0
|
[ $retval -eq 0 ] && return 0
|
||||||
ERROR $prog test=$ARG "${tests[$ARG]}" retval=$retval traceroute --icmp $PROXY_WLAN_GW
|
ERROR $prog test=$ARG "${tests[$ARG]}" retval=$retval traceroute --icmp $PROXY_WLAN_GW
|
||||||
[ -z "$ALL" ] && exit $ARG$retval || return 1
|
[ -z "$ALL" ] && exit "$ARG$retval" || return 1
|
||||||
# works
|
# works
|
||||||
GREP="-i icmp"
|
GREP="-i icmp"
|
||||||
return 0
|
return 0
|
||||||
@ -128,7 +235,7 @@ proxy_test_traceroute_icmp_gw () { DBUG proxy_test_traceroute_icmp_gw $* ;
|
|||||||
## proxy_test_dig_direct
|
## proxy_test_dig_direct
|
||||||
proxy_test_dig_direct () { DBUG proxy_test_dig_direct $* ;
|
proxy_test_dig_direct () { DBUG proxy_test_dig_direct $* ;
|
||||||
|
|
||||||
dig @$DNS_HOST1 pool.ntp.org +timeout=$TIMEOUT >/dev/null
|
dig @$DNS_HOST1 $NTP_HOST2 +timeout=$TIMEOUT >/dev/null
|
||||||
retval=$?
|
retval=$?
|
||||||
[ $retval -eq 0 ] && return 0
|
[ $retval -eq 0 ] && return 0
|
||||||
ERROR $prog test=$ARG "${tests[$ARG]}" retval=$retval dig @$DNS_HOST1
|
ERROR $prog test=$ARG "${tests[$ARG]}" retval=$retval dig @$DNS_HOST1
|
||||||
@ -140,8 +247,8 @@ proxy_test_dig_direct () { DBUG proxy_test_dig_direct $* ;
|
|||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
## proxy_test_curl_firewall_bin
|
## proxy_test_curl_firewall_asbin
|
||||||
proxy_test_curl_firewall_bin () { DBUG proxy_test_curl_firewall_bin $* ;
|
proxy_test_curl_firewall_asbin () { DBUG proxy_test_curl_firewall_asbin $* ;
|
||||||
su -c "$CURL -k --noproxy '*' https://$HTTP_TARGET" -s /bin/sh $PRIV_BIN_OWNER >/dev/null
|
su -c "$CURL -k --noproxy '*' https://$HTTP_TARGET" -s /bin/sh $PRIV_BIN_OWNER >/dev/null
|
||||||
retval=$?
|
retval=$?
|
||||||
[ $retval -eq 0 ] && return 0
|
[ $retval -eq 0 ] && return 0
|
||||||
@ -164,7 +271,7 @@ proxy_ping_curl () { DBUG proxy_ping_curl $* ;
|
|||||||
## proxy_ping_make_help
|
## proxy_ping_make_help
|
||||||
proxy_ping_make_help () {
|
proxy_ping_make_help () {
|
||||||
grep 'tests\[[0-9][0-9]*\]=' /usr/local/bin/proxy_ping_test.bash \
|
grep 'tests\[[0-9][0-9]*\]=' /usr/local/bin/proxy_ping_test.bash \
|
||||||
> /tmp/proxy_ping_test.hlp
|
> /tmp/proxy_ping_test-$USER.hlp
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -260,7 +367,7 @@ proxy_test_pretest_exit () {
|
|||||||
{ WARN $prog proxy_ping_test_resolv=$? 'echo nameserver 127.0.0.1 > /etc/resolv.conf' ; exit 4 ; }
|
{ WARN $prog proxy_ping_test_resolv=$? 'echo nameserver 127.0.0.1 > /etc/resolv.conf' ; exit 4 ; }
|
||||||
proxy_ping_firewall_start || { ERROR "proxy_ping_firewall_start ret=$?" ; exit 5 ; }
|
proxy_ping_firewall_start || { ERROR "proxy_ping_firewall_start ret=$?" ; exit 5 ; }
|
||||||
elif [ "$1" = nat ] ; then
|
elif [ "$1" = nat ] ; then
|
||||||
: proxy_route_test || { ERROR $prog route not connected ; exit 1$? ; }
|
proxy_route_test || { ERROR $prog route not connected ; exit 1$? ; }
|
||||||
else
|
else
|
||||||
proxy_do_ping || exit 4$?
|
proxy_do_ping || exit 4$?
|
||||||
proxy_ping_test_resolv $MODE || \
|
proxy_ping_test_resolv $MODE || \
|
||||||
@ -276,19 +383,19 @@ proxy_test_help_args () {
|
|||||||
declare -a elts=()
|
declare -a elts=()
|
||||||
declare -a ret=()
|
declare -a ret=()
|
||||||
local elt
|
local elt
|
||||||
if [ "$1" = selektor -o "$1" = whonix -o "$1" = torhost ] ; then
|
if [ "$1" = selektor -o "$1" = torhost ] ; then
|
||||||
elts=($1 socks http dns https tordns firefail)
|
elts=($1 socks dns http https dirmngr tordns firefail)
|
||||||
elif [ "$1" = torlibvirthost ] ; then
|
elif [ "$1" = torlibvirthost -o "$1" = whonix ] ; then
|
||||||
elts=($1 libvirthost socks http https tordns firefail)
|
elts=(libvirthost socks http https dirmngr tordns firefail)
|
||||||
elts+=($MODE)
|
elts+=($MODE)
|
||||||
elif [ "$1" = gateway ] ; then
|
elif [ "$1" = gateway -o "$1" = nat ] ; then
|
||||||
elts=($1 libvirtguest socks dns http https firefail)
|
elts=($1 libvirtguest socks dns http https dirmngr firefail)
|
||||||
else
|
else
|
||||||
elts=($1)
|
elts=($1)
|
||||||
fi
|
fi
|
||||||
for elt in "${elts[@]}" ; do
|
for elt in "${elts[@]}" ; do
|
||||||
# DBUG proxy_test_help_args $elt $1 >&2
|
# DBUG proxy_test_help_args $elt $1 >&2
|
||||||
ret+=( $(grep " -.* $elt " /tmp/proxy_ping_test.hlp | \
|
ret+=( $(grep " -.* $elt " /tmp/proxy_ping_test-$USER.hlp | \
|
||||||
sed -e 's/.=.*//' -e 's/.*tests.//') )
|
sed -e 's/.=.*//' -e 's/.*tests.//') )
|
||||||
done
|
done
|
||||||
DBUG proxy_test_help_args "${ret[@]}" >&2
|
DBUG proxy_test_help_args "${ret[@]}" >&2
|
||||||
@ -302,22 +409,17 @@ proxy_ping_test_set_args () {
|
|||||||
local args="$@"
|
local args="$@"
|
||||||
local val="$@"
|
local val="$@"
|
||||||
declare -a aret=()
|
declare -a aret=()
|
||||||
rm -f /tmp/proxy_ping_test.hlp
|
rm -f /tmp/proxy_ping_test-$USER.hlp
|
||||||
[ -f /tmp/proxy_ping_test.hlp ] || proxy_ping_make_help
|
[ -f /tmp/proxy_ping_test-$USER.hlp ] || proxy_ping_make_help
|
||||||
## to_tor - tor with the firewall host side client setup tor server - call tor,dns,ntp in addition
|
|
||||||
|
## to_tor - tor with the firewall host side client setup tor server - gateway
|
||||||
[ "$1" = to_tor -o "$1" = test_tor -o "$1" = test_to ] &&
|
[ "$1" = to_tor -o "$1" = test_tor -o "$1" = test_to ] &&
|
||||||
aret=( 6 13 16 ) && \
|
aret=( 6 13 16 ) && \
|
||||||
! proxy_ping_test_env && WARN to_tor and no proxy in env - use noenv
|
! proxy_ping_test_env && WARN to_tor and no proxy in env - use noenv
|
||||||
|
|
||||||
## vda - through the Gateway with the firewall - also polipo,panic - uses env
|
|
||||||
[ "$1" = vda ] &&
|
|
||||||
aret=( 35 3 20 ) #
|
|
||||||
## kick - open firewall with tor running - call dns,polipo +tor in addition
|
## kick - open firewall with tor running - call dns,polipo +tor in addition
|
||||||
[ "$1" = kick -o "$1" = host ] &&
|
[ "$1" = kick -o "$1" = host ] &&
|
||||||
aret=( 24 31 13 16 6 )# 30 24 31 6 13 16
|
aret=( 24 31 13 16 6 )# 30 24 31 6 13 16
|
||||||
## gateway - on the Gateway, trans firewall with tor running - call dns in addition
|
|
||||||
[ "$1" = gateway ] &&
|
|
||||||
aret=( 23 25 4 5 30 24 17 3 21 ) # 31 6 16
|
|
||||||
|
|
||||||
# aliases
|
# aliases
|
||||||
# socks defines http as the target of a user using socks
|
# socks defines http as the target of a user using socks
|
||||||
@ -331,37 +433,64 @@ proxy_ping_test_set_args () {
|
|||||||
# tordns defines http as the target of a user using tordns
|
# tordns defines http as the target of a user using tordns
|
||||||
[ "$1" = "9053" ] && set -- tordns
|
[ "$1" = "9053" ] && set -- tordns
|
||||||
|
|
||||||
|
# old aliases
|
||||||
[ "$1" = scan ] && set -- iwlist
|
[ "$1" = scan ] && set -- iwlist
|
||||||
[ "$1" = panic ] && set -- firewall
|
[ "$1" = panic ] && set -- firewall
|
||||||
|
[ "$1" = asbin ] && set -- firewall
|
||||||
|
|
||||||
[ "$1" = to_gateway ] && set -- whonix
|
[ "$1" = to_gateway ] && set -- whonix
|
||||||
[ "$1" = from_tor ] && set -- whonix
|
[ "$1" = from_tor ] && set -- whonix
|
||||||
[ "$1" = from_gateway ] && set -- gateway
|
[ "$1" = from_gateway ] && set -- gateway
|
||||||
|
[ "$1" = to_tor ] && set -- gateway
|
||||||
|
[ "$1" = workstation ] && set -- ws
|
||||||
|
|
||||||
[ "$1" = traceroute ] && set -- = trace
|
[ "$1" = traceroute ] && set -- = trace
|
||||||
[ "$1" = connected ] && set -- wifi
|
[ "$1" = connected ] && set -- wifi
|
||||||
[ "$1" = clear ] && set -- direct
|
[ "$1" = clear ] && set -- direct
|
||||||
|
[ "$1" = tor ] && set -- torhost
|
||||||
|
|
||||||
# scenarios - modes: nat selektor
|
# scenarios - modes: nat selektor
|
||||||
## nat - through the Gateway via the nat
|
|
||||||
[ "$1" = nat ] && \
|
|
||||||
set -- ping dns socks http https tordns firefail libvirtguest
|
|
||||||
# wifi?
|
# wifi?
|
||||||
[ "$1" = whonix ] && \
|
## nat - through the Gateway via the nat
|
||||||
set -- ping tordns dns socks http https torhost tordns firefail gw
|
if [ "$1" = nat ] ; then
|
||||||
[ "$1" = tor -o "$1" = selektor ] && \
|
set -- $1 ping dns socks http https dirmngr tordns firefail libvirtguest
|
||||||
set -- ping tordns dns trace torhost nmap gw
|
[ -n "$SOCKS_PORT" ] || WARN empty "$SOCKS_PORT"
|
||||||
## torhost implies -
|
## vda - through the Gateway with the firewall - also polipo,panic - uses env
|
||||||
|
## ws - through the Gateway with the firewall - it is a vda
|
||||||
|
[ -n "$SOCKS_PORT" ] || WARN empty "$SOCKS_PORT"
|
||||||
|
elif [ "$1" = vda -o "$1" = ws ] ; then
|
||||||
|
# Fixme - guessing
|
||||||
|
# was aret=( 35 3 20 )
|
||||||
|
set -- ping dns socks http https dirmngr tordns firefail libvirtguest
|
||||||
|
## gateway - ssh to the whonix gateway from the torhost
|
||||||
|
elif [ "$1" = gateway ] ; then
|
||||||
|
## gateway - on the Gateway, trans firewall with tor running -
|
||||||
|
#? looks like it had direct in gateway;
|
||||||
|
#? aret=( 23 25 4 5 30 24 17 3 21 ) # 31 6 16
|
||||||
|
set -- ping dns socks http https dirmngr tordns firefail libvirtguest
|
||||||
|
[ -n "$SOCKS_PORT" ] || WARN empty "$SOCKS_PORT"
|
||||||
|
## whonix - whonix torhost with libvirt container running gateway behind firewa
|
||||||
|
elif [ "$1" = whonix ] ; then
|
||||||
|
set -- ping libvirtguest tordns dns socks http https dirmngr torhost tordns firefail gw
|
||||||
|
[ -n "$SOCKS_PORT" ] || WARN empty "$SOCKS_PORT"
|
||||||
|
## torhost - running tor with the firewall
|
||||||
|
[ "$1" = torhost -o "$1" = selektor ] && \
|
||||||
|
set -- ping torhost tordns dns trace nmap gw
|
||||||
|
[ -n "$SOCKS_PORT" ] || WARN empty "$SOCKS_PORT"
|
||||||
#? tor with the firewall to test the host side tor server - call to_tor,dns,ntp in addition
|
#? tor with the firewall to test the host side tor server - call to_tor,dns,ntp in addition
|
||||||
[ "$1" = direct -o "$1" = '' ] && \
|
## direct - assume no firewall and no proxy - but may work depend on env
|
||||||
|
elif [ "$1" = direct -o "$1" = '' ] ; then
|
||||||
set -- ping dns trace nmap gw
|
set -- ping dns trace nmap gw
|
||||||
|
|
||||||
## all - all tests not stopping on the first error
|
## all - all tests not stopping on the first error
|
||||||
[ "$1" = all ] && ALL=1
|
elif [ "$1" = all ] ; then
|
||||||
|
ALL=1
|
||||||
# aret="${#tests[@]}"
|
# aret="${#tests[@]}"
|
||||||
|
fi
|
||||||
|
|
||||||
## gw - test if we are connected to the gateway
|
## gw - test if we are connected to the gateway
|
||||||
## env - from the cmdline with a properly setup env
|
## env - from the cmdline with a properly setup env
|
||||||
## firefail - test the proxy without env vars to expect failure
|
## firefail - test the proxy without env vars to expect failure
|
||||||
## torhost - running tor with the firewall
|
|
||||||
## http - assumes torhost or whonix and env setup
|
## http - assumes torhost or whonix and env setup
|
||||||
## https - assumes torhost or whonix and env setup
|
## https - assumes torhost or whonix and env setup
|
||||||
## socks - assumes torhost or whonix and env setup
|
## socks - assumes torhost or whonix and env setup
|
||||||
@ -373,23 +502,21 @@ proxy_ping_test_set_args () {
|
|||||||
## iwlist - wlan scan of a wifi host
|
## iwlist - wlan scan of a wifi host
|
||||||
## firewall - test that the firewall blocks
|
## firewall - test that the firewall blocks
|
||||||
## virbr1 - looks for virbr1 on a libvirt host torhost or whonix
|
## virbr1 - looks for virbr1 on a libvirt host torhost or whonix
|
||||||
## gateway - ssh to the whonix gateway from the torhost
|
|
||||||
## trace - traceroute to DNSHOST - icmp is allowed by the firewall, except on vda
|
## trace - traceroute to DNSHOST - icmp is allowed by the firewall, except on vda
|
||||||
## wifi - test if we are connected - call scan in addition
|
## wifi - test if we are connected - call scan in addition
|
||||||
## libvirthost - hosting a libvirt container
|
## libvirthost - hosting a libvirt container
|
||||||
## libvirtguest - in a libvirt container
|
## libvirtguest - in a libvirt container
|
||||||
## whonix - whonix torhost with libvirt container running gateway behind firewall - aliases: to_gateway from_tor
|
|
||||||
## direct - assume no firewall and no proxy - but may work depend on env
|
|
||||||
|
|
||||||
for elt in "$@" ; do
|
for elt in "$@" ; do
|
||||||
if [ "$elt" = gw -o "$elt" = '' -o "$elt" = env -o \
|
if [ "$elt" = gw -o "$elt" = env -o \
|
||||||
"$elt" = https -o "$elt" = http -o "$elt" = socks -o "$elt" = dns -o \
|
"$elt" = https -o "$elt" = http -o "$elt" = socks -o "$elt" = dns -o \
|
||||||
"$elt" = torhost -o "$elt" = tordns -o "$elt" = whonix -o \
|
"$elt" = torhost -o "$elt" = 'nat' -o "$elt" = whonix -o "$elt" = selektor -o \
|
||||||
|
"$elt" = tordns -o \
|
||||||
"$elt" = libvirthost -o "$elt" = torlibvirthost -o \
|
"$elt" = libvirthost -o "$elt" = torlibvirthost -o \
|
||||||
"$elt" = libvirtguest -o "$elt" = virbr1 -o \
|
"$elt" = libvirtguest -o "$elt" = virbr1 -o \
|
||||||
"$elt" = ping -o "$elt" = trace -o "$elt" = ntp -o "$elt" = nmap -o \
|
"$elt" = ping -o "$elt" = trace -o "$elt" = ntp -o "$elt" = nmap -o \
|
||||||
"$elt" = iwlist -o "$elt" = firefail -o "$elt" = direct -o \
|
"$elt" = iwlist -o "$elt" = firefail -o "$elt" = direct -o \
|
||||||
"$elt" = trace -o "$elt" = wifi -o "$elt" = '' -o "$elt" = '' \
|
"$elt" = trace -o "$elt" = wifi -o "$elt" = 'dirmngr' -o "$elt" = 'test' \
|
||||||
] ; then
|
] ; then
|
||||||
aret+=( `proxy_test_help_args $elt` )
|
aret+=( `proxy_test_help_args $elt` )
|
||||||
else
|
else
|
||||||
@ -407,21 +534,23 @@ if [ "$#" = 0 ] ; then
|
|||||||
# default to mode
|
# default to mode
|
||||||
set -- $MODE
|
set -- $MODE
|
||||||
fi
|
fi
|
||||||
if [ $1 = '-h' -o $1 = '--help' ] ; then
|
if [ "$1" = '-h' -o $1 = '--help' ] ; then
|
||||||
echo USAGE: $USAGE | sed -e 's/[0-9][0-9]*)/\n&/g'
|
echo USAGE: $USAGE | sed -e 's/[0-9][0-9]*)/\n&/g'
|
||||||
grep '^## [a-oq-z]' $0 | sed -e 's/^## / /'
|
grep '^## [a-oq-z]' $0 | sed -e 's/^## / /'
|
||||||
exit 0
|
exit 0
|
||||||
elif [ "$1" = 0 ] ; then
|
elif [ "$1" = 0 ] ; then
|
||||||
INFO $prog PROXY_WLAN=$PROXY_WLAN MODE=$MODE
|
INFO $prog PROXY_WLAN=$PROXY_WLAN MODE=$MODE
|
||||||
echo 0 help /tmp/proxy_ping_test.hlp
|
echo 0 help /tmp/proxy_ping_test-$USER.hlp
|
||||||
[ -f /tmp/proxy_ping_test.hlp ] || proxy_ping_make_help
|
[ -f /tmp/proxy_ping_test-$USER.hlp ] || proxy_ping_make_help
|
||||||
. /tmp/proxy_ping_test.hlp
|
. /tmp/proxy_ping_test-$USER.hlp
|
||||||
for elt in "${!tests[@]}" ; do
|
for elt in "${!tests[@]}" ; do
|
||||||
echo $elt "${tests[$elt]}"
|
echo $elt "${tests[$elt]}"
|
||||||
done
|
done
|
||||||
exit 0
|
exit 0
|
||||||
elif [[ $1 =~ ^[0-9] ]] ; then
|
elif [[ $1 =~ ^[0-9] ]] ; then
|
||||||
: passthrough
|
: passthrough
|
||||||
|
elif [ $1 = 'test' -o $1 = '--test' ] ; then
|
||||||
|
set -- 99
|
||||||
else
|
else
|
||||||
set -- `proxy_ping_test_set_args "$@"`
|
set -- `proxy_ping_test_set_args "$@"`
|
||||||
DBUG running tests numbered "$@"
|
DBUG running tests numbered "$@"
|
||||||
@ -459,7 +588,7 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
tests[1]="wget_https_as_user wget ${HTTPS_PORT} - https "
|
tests[1]="wget_https_as_user wget ${HTTPS_PORT} - https "
|
||||||
[ -n "$https_proxy" ] && LARGS="" || \
|
[ -n "$https_proxy" ] && LARGS="" || \
|
||||||
LARGS="env https_proxy=https://${HTTPS_HOST}:${HTTPS_PORT}"
|
LARGS="env https_proxy=https://${HTTPS_HOST}:${HTTPS_PORT}"
|
||||||
$LARGS $WGET https://$HTTP_TARGET
|
$LARGS $WGET https://$HTTP_TARGET 2>/dev/null
|
||||||
retval=$?
|
retval=$?
|
||||||
if [ $retval -eq 8 -o $retval -eq 0 ] ; then
|
if [ $retval -eq 8 -o $retval -eq 0 ] ; then
|
||||||
INFO $prog test=$ARG "${tests[$ARG]}"
|
INFO $prog test=$ARG "${tests[$ARG]}"
|
||||||
@ -547,9 +676,9 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
GREP="$SOCKS_DNS"
|
GREP="$SOCKS_DNS"
|
||||||
|
|
||||||
elif [ $ARG -eq 6 ] ; then
|
elif [ $ARG -eq 6 ] ; then
|
||||||
|
tests[6]="curl_https_as_user - https "
|
||||||
proxy=`proxy_ping_get_https`
|
proxy=`proxy_ping_get_https`
|
||||||
desc="curl --proxy http://${proxy}"
|
desc="curl --proxy http://${proxy}"
|
||||||
tests[6]="curl_https_as_user - https "
|
|
||||||
proxy_ping_curl --proxy http://${proxy} \
|
proxy_ping_curl --proxy http://${proxy} \
|
||||||
--proxy-insecure https://$HTTP_TARGET || { \
|
--proxy-insecure https://$HTTP_TARGET || { \
|
||||||
retval=$?
|
retval=$?
|
||||||
@ -630,7 +759,6 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
tests[12]="nmap_dns_as_root --privileged --send-eth -Pn -sU -p U:53 $DNS_HOST1 - nmap direct "
|
tests[12]="nmap_dns_as_root --privileged --send-eth -Pn -sU -p U:53 $DNS_HOST1 - nmap direct "
|
||||||
[ $USER = root ] || continue
|
[ $USER = root ] || continue
|
||||||
which nmap 2>/dev/null >/dev/null || continue
|
which nmap 2>/dev/null >/dev/null || continue
|
||||||
[ -z "$DNS_HOST1" ] && DNS_HOST1="208.67.220.220"
|
|
||||||
nmap --privileged --send-eth -Pn -sU -p U:53 "$DNS_HOST1" || { \
|
nmap --privileged --send-eth -Pn -sU -p U:53 "$DNS_HOST1" || { \
|
||||||
retval=$?
|
retval=$?
|
||||||
ERROR $prog test=$ARG "${tests[$ARG]}" retval=$retval nmap 53
|
ERROR $prog test=$ARG "${tests[$ARG]}" retval=$retval nmap 53
|
||||||
@ -641,9 +769,9 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
GREP="53"
|
GREP="53"
|
||||||
|
|
||||||
elif [ $ARG -eq 13 ] ; then
|
elif [ $ARG -eq 13 ] ; then
|
||||||
tests[13]="curl_firewall_bin - wifi "
|
tests[13]="curl_firewall_bin - firewall "
|
||||||
[ $USER = root ] || continue
|
[ $USER = root ] || continue
|
||||||
proxy_test_curl_firewall_bin || continue
|
proxy_test_curl_firewall_asbin || continue
|
||||||
INFO $prog test=$ARG "${tests[$ARG]}" curl bin
|
INFO $prog test=$ARG "${tests[$ARG]}" curl bin
|
||||||
# works
|
# works
|
||||||
GREP="443"
|
GREP="443"
|
||||||
@ -664,7 +792,7 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
INFO $prog test=$ARG "${tests[$ARG]}" proxy_test_dig_direct
|
INFO $prog test=$ARG "${tests[$ARG]}" proxy_test_dig_direct
|
||||||
|
|
||||||
elif [ $ARG -eq 16 ] ; then
|
elif [ $ARG -eq 16 ] ; then
|
||||||
tests[16]="nslookup_as_root nslookup $PRIV_BIN_OWNER - torhost "
|
tests[16]="nslookup_as_root nslookup ${DNS_HOST1} $PRIV_BIN_OWNER - firewall "
|
||||||
[ $USER = root ] || continue
|
[ $USER = root ] || continue
|
||||||
[ $HAVE_NSLOOKUP = 1 ] || continue
|
[ $HAVE_NSLOOKUP = 1 ] || continue
|
||||||
su -c "$NSL $DNS_TARGET $DNS_HOST1" -s /bin/sh $PRIV_BIN_OWNER >/dev/null || { \
|
su -c "$NSL $DNS_TARGET $DNS_HOST1" -s /bin/sh $PRIV_BIN_OWNER >/dev/null || { \
|
||||||
@ -705,7 +833,8 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
GREP="123"
|
GREP="123"
|
||||||
elif [ $ARG -eq 19 ] ; then
|
elif [ $ARG -eq 19 ] ; then
|
||||||
tests[19]="curl_noproxy_http_as_user curl raw noproxy - firefail "
|
tests[19]="curl_noproxy_http_as_user curl raw noproxy - firefail "
|
||||||
proxy_ping_curl --noproxy "'*.*'" --connect-timeout $TIMEOUT \
|
timeout -k $TIMEOUT $TIMEOUT env - $CURL \
|
||||||
|
--noproxy "'*.*'" --connect-timeout $TIMEOUT \
|
||||||
http://$HTTP_TARGET >/dev/null && {
|
http://$HTTP_TARGET >/dev/null && {
|
||||||
retval=$?
|
retval=$?
|
||||||
ERROR PANIC: $prog test=$ARG "${tests[$ARG]}" curl raw --noproxy
|
ERROR PANIC: $prog test=$ARG "${tests[$ARG]}" curl raw --noproxy
|
||||||
@ -782,7 +911,7 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
[ $HAVE_NSLOOKUP = 1 ] || continue
|
[ $HAVE_NSLOOKUP = 1 ] || continue
|
||||||
# noenv with or without proxy
|
# noenv with or without proxy
|
||||||
# @$DNS_HOST1 should fail for firewall unless dnsmasq is working
|
# @$DNS_HOST1 should fail for firewall unless dnsmasq is working
|
||||||
$NSL >/dev/null $DNS_TARGET || { \
|
$NSL >/dev/null $DNS_TARGET ${DNS_HOST} || { \
|
||||||
retval=$?
|
retval=$?
|
||||||
WARN $prog test=$ARG "${tests[$ARG]}" retval=$retval nslookup $DNS_TARGET
|
WARN $prog test=$ARG "${tests[$ARG]}" retval=$retval nslookup $DNS_TARGET
|
||||||
[ -z "$ALL" ] && exit $ARG$retval || continue
|
[ -z "$ALL" ] && exit $ARG$retval || continue
|
||||||
@ -832,7 +961,7 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
|
|
||||||
elif [ $ARG -eq 30 ] ; then
|
elif [ $ARG -eq 30 ] ; then
|
||||||
tests[30]="tor_bootstrap_check_as_root tor_bootstrap_check.py - torhost "
|
tests[30]="tor_bootstrap_check_as_root tor_bootstrap_check.py - torhost "
|
||||||
[ $MODE = tor -o $MODE = whonix -o $MODE = selektor ] || {
|
[ $MODE = tor -o $MODE = whonix -o $MODE = gateway -o $MODE = selektor ] || {
|
||||||
# are there other roles that run tor?
|
# are there other roles that run tor?
|
||||||
WARN $prog MODE != tor test=$ARG
|
WARN $prog MODE != tor test=$ARG
|
||||||
}
|
}
|
||||||
@ -856,9 +985,10 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
|
|
||||||
elif [ $ARG -eq 31 ] ; then
|
elif [ $ARG -eq 31 ] ; then
|
||||||
tests[31]="curl_noproxy_as_root polipo http pages $HTTP_PORT - direct http "
|
tests[31]="curl_noproxy_as_root polipo http pages $HTTP_PORT - direct http "
|
||||||
proxy_ping_curl --noproxy http://${HTTP_HOST}:$HTTP_PORT && { \
|
timeout -k $TIMEOUT $TIMEOUT env - $CURL \
|
||||||
|
--noproxy '*' http://${HTTP_TARGET} && { \
|
||||||
retval=$?
|
retval=$?
|
||||||
ERROR PANIC: $prog test=$ARG "${tests[$ARG]}" retval=$retval http to $HTTP_PORT
|
ERROR PANIC: $prog test=$ARG "${tests[$ARG]}" retval=$retval $HTTP_TARGET
|
||||||
[ -z "$ALL" ] && exit $ARG$retval || continue
|
[ -z "$ALL" ] && exit $ARG$retval || continue
|
||||||
}
|
}
|
||||||
INFO $prog test=$ARG "${tests[$ARG]}"
|
INFO $prog test=$ARG "${tests[$ARG]}"
|
||||||
@ -908,9 +1038,9 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
[ $USER = root ] || continue
|
[ $USER = root ] || continue
|
||||||
[ $HAVE_DIG = 1 ] || continue
|
[ $HAVE_DIG = 1 ] || continue
|
||||||
# @$DNS_HOST1
|
# @$DNS_HOST1
|
||||||
su -c "dig pool.ntp.org +timeout=$TIMEOUT" -s /bin/sh $PRIV_BIN_OWNER >/dev/null || { \
|
su -c "dig $NTP_HOST2 +timeout=$TIMEOUT" -s /bin/sh $PRIV_BIN_OWNER >/dev/null || { \
|
||||||
retval=$?
|
retval=$?
|
||||||
ERROR $prog test=$ARG "${tests[$ARG]}" retval=$retval dig pool.ntp.org $PRIV_BIN_OWNER
|
ERROR $prog test=$ARG "${tests[$ARG]}" retval=$retval dig $NTP_HOST2 $PRIV_BIN_OWNER
|
||||||
[ -z "$ALL" ] && exit $ARG$retval || continue
|
[ -z "$ALL" ] && exit $ARG$retval || continue
|
||||||
}
|
}
|
||||||
INFO $prog test=$ARG "${tests[$ARG]}"
|
INFO $prog test=$ARG "${tests[$ARG]}"
|
||||||
@ -918,12 +1048,12 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
GREP="53"
|
GREP="53"
|
||||||
|
|
||||||
elif [ $ARG -eq 36 ] ; then
|
elif [ $ARG -eq 36 ] ; then
|
||||||
tests[36]="tor_resolve_as_user tor-resolve pool.ntp.org - tordns "
|
tests[36]="tor_resolve_as_user tor-resolve $NTP_HOST2 - tordns "
|
||||||
[ $HAVE_TOR_RESOLVE = 1 ] || continue
|
[ $HAVE_TOR_RESOLVE = 1 ] || continue
|
||||||
tor-resolve pool.ntp.org >/dev/null || { \
|
tor-resolve $NTP_HOST2 >/dev/null || { \
|
||||||
retval=$?
|
retval=$?
|
||||||
# dunno Failed parsing SOCKS5 response conf?
|
# dunno Failed parsing SOCKS5 response conf?
|
||||||
WARN $prog test=$ARG "${tests[$ARG]}" retval=$retval tor-resolve pool.ntp.org
|
WARN $prog test=$ARG "${tests[$ARG]}" retval=$retval tor-resolve $NTP_HOST2
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
INFO $prog test=$ARG "${tests[$ARG]}"
|
INFO $prog test=$ARG "${tests[$ARG]}"
|
||||||
@ -931,7 +1061,7 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
GREP="9053"
|
GREP="9053"
|
||||||
|
|
||||||
elif [ $ARG -eq 37 ] ; then
|
elif [ $ARG -eq 37 ] ; then
|
||||||
tests[37]="qemu-guest-agent and ports - libvirtguest "
|
tests[37]="qemu_guest_agent_ports - libvirtguest "
|
||||||
ser=qemu-guest-agent
|
ser=qemu-guest-agent
|
||||||
proxy_rc_service $ser status >/dev/null || proxy_rc_service $ser start
|
proxy_rc_service $ser status >/dev/null || proxy_rc_service $ser start
|
||||||
proxy_rc_service $ser status >/dev/null || { \
|
proxy_rc_service $ser status >/dev/null || { \
|
||||||
@ -946,8 +1076,9 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
}
|
}
|
||||||
INFO $prog test=$ARG "${tests[$ARG]}"
|
INFO $prog test=$ARG "${tests[$ARG]}"
|
||||||
GREP=""
|
GREP=""
|
||||||
|
|
||||||
elif [ $ARG -eq 38 ] ; then
|
elif [ $ARG -eq 38 ] ; then
|
||||||
tests[38]="qemu-guest-agent and ports - libvirthost "
|
tests[38]="check_libvirt_running - libvirthost "
|
||||||
[ $USER = root ] || continue
|
[ $USER = root ] || continue
|
||||||
$PL proxy_libvirt_list
|
$PL proxy_libvirt_list
|
||||||
aret=$?
|
aret=$?
|
||||||
@ -958,11 +1089,41 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
else
|
else
|
||||||
# was $GATEW_DOM but now can be gentoo_vm-2 etc
|
# was $GATEW_DOM but now can be gentoo_vm-2 etc
|
||||||
$PL proxy_libvirt_list 2>&1| grep -q "running" || {
|
$PL proxy_libvirt_list 2>&1| grep -q "running" || {
|
||||||
WARN MODE=$MODE and nothing libvirt running ;
|
WARN MODE=$MODE and nothing libvirt running
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
INFO $prog test=$ARG "${tests[$ARG]}"
|
INFO $prog test=$ARG "${tests[$ARG]}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
elif [ $ARG -eq 39 ] ; then
|
||||||
|
tests[39]="proxy_test_dirmngr - dirmngr "
|
||||||
|
[ $USER = root ] || continue
|
||||||
|
proxy_test_dirmngr
|
||||||
|
|
||||||
|
elif [ $ARG -eq 99 ] ; then
|
||||||
|
tests[99]="test_all_modes unfinished not sure"
|
||||||
|
[ $USER = root ] || continue
|
||||||
|
for elt in vda selektor ws gateway nat tor whonix; do
|
||||||
|
INFO testing $elt
|
||||||
|
if [ "$MODE" = vda ] ; then
|
||||||
|
: vda
|
||||||
|
elif [ "$MODE" = selektor ] ; then
|
||||||
|
: selektor
|
||||||
|
elif [ "$MODE" = ws ] ; then
|
||||||
|
: ws
|
||||||
|
elif [ "$MODE" = gateway ] ; then
|
||||||
|
: gateway
|
||||||
|
elif [ "$MODE" = nat ] ; then
|
||||||
|
: nat
|
||||||
|
elif [ "$MODE" = tor ] ; then
|
||||||
|
: tor
|
||||||
|
elif [ "$MODE" = whonix ] ; then
|
||||||
|
: whonix
|
||||||
|
else
|
||||||
|
WARN unrecognized mode MODE=$elt
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
elif false ; then
|
elif false ; then
|
||||||
if ! grep -q '10.152.152.10\|127.0.0.1' /etc/resolv.conf ; then
|
if ! grep -q '10.152.152.10\|127.0.0.1' /etc/resolv.conf ; then
|
||||||
$NETS | grep -q :53 || {
|
$NETS | grep -q :53 || {
|
||||||
@ -977,21 +1138,3 @@ while [ "$#" -gt 0 ] ; do
|
|||||||
|
|
||||||
done
|
done
|
||||||
exit 0
|
exit 0
|
||||||
|
|
||||||
1)
|
|
||||||
env https_proxy=http://${SOCKS_HOST}:${HTTPS_PORT} wget $D -O - --no-check-certificate
|
|
||||||
2)
|
|
||||||
curl $D -k --proxy
|
|
||||||
3)
|
|
||||||
curl $D -k --proxy socks5://${SOCKS_HOST}:$SOCKS_PORT --proxy-insecure
|
|
||||||
6)
|
|
||||||
curl -k --proxy $HTTP_PORT
|
|
||||||
16)
|
|
||||||
nslookup $PRIV_BIN_OWNER
|
|
||||||
18)
|
|
||||||
ntpdate as sroot
|
|
||||||
19)
|
|
||||||
curl raw noproxy
|
|
||||||
0)
|
|
||||||
usage
|
|
||||||
|
|
||||||
|
@ -1,32 +1,25 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
|
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
|
||||||
|
|
||||||
|
# this should be unused
|
||||||
|
|
||||||
[ -z "$prog" ] && prog=`basename $0 .bash`
|
[ -z "$prog" ] && prog=`basename $0 .bash`
|
||||||
[ -z "$USER" ] && USER=$( id -un )
|
[ -z "$USER" ] && USER=$( id -un )
|
||||||
|
ROLE=base
|
||||||
[ -f /usr/local/bin/usr_local_tput.bash ] && \
|
[ -f /usr/local/bin/usr_local_tput.bash ] && \
|
||||||
. /usr/local/bin/usr_local_tput.bash
|
. /usr/local/bin/usr_local_tput.bash
|
||||||
|
. /usr/local/src/usr_local_src.bash
|
||||||
## box_gentoo_emerge
|
|
||||||
box_gentoo_emerge () {
|
|
||||||
[ "$#" -lt 1 ] && return 0
|
|
||||||
local elt
|
|
||||||
declare -a ARGS
|
|
||||||
for elt in "$@" ; do
|
|
||||||
[ -z "$elt" ] && continue
|
|
||||||
grep -q "^$elt$" /var/lib/portage/world && continue
|
|
||||||
ls /var/db/pkg/"$elt"-[0-9]* 2>/dev/null >/dev/null && continue
|
|
||||||
qlist -IsS "$elt" | grep -q "^$elt" && continue
|
|
||||||
equery l -f "^$elt$" | grep '^.I' && continue
|
|
||||||
ARGS+=($elt)
|
|
||||||
done
|
|
||||||
[ "${#ARGS[@]}" -eq 0 ] && exit 0
|
|
||||||
INFO "${ARGS[@]}"
|
|
||||||
/usr/local/sbin/box_gentoo_emerge.bash "${ARGS[@]}" || return $?
|
|
||||||
return 0
|
|
||||||
}
|
|
||||||
|
|
||||||
base=usr_local_base
|
base=usr_local_base
|
||||||
# DBUG 0=$0
|
# DBUG 0=$0
|
||||||
|
|
||||||
|
## box_gentoo_emerge - unused?
|
||||||
|
box_gentoo_emerge () {
|
||||||
|
msys_gentoo_emerge "$@"
|
||||||
|
return $?
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
if [ -x /usr/bin/basename ] && [ $( /usr/bin/basename -- $0 ) = $base'.bash' -o $( basename -- $0 ) = $base'.sh' ] ; then
|
if [ -x /usr/bin/basename ] && [ $( /usr/bin/basename -- $0 ) = $base'.bash' -o $( basename -- $0 ) = $base'.sh' ] ; then
|
||||||
[ "$#" -eq 0 ] && exit 0
|
[ "$#" -eq 0 ] && exit 0
|
||||||
[ "$#" -eq 1 ] && [ "$1" = '-h' -o "$1" = '--help' ] && \
|
[ "$#" -eq 1 ] && [ "$1" = '-h' -o "$1" = '--help' ] && \
|
||||||
|
@ -1,10 +1,26 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
|
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
|
||||||
|
|
||||||
[ -z "$TERM" ] && exit 0
|
|
||||||
[ -z "$prog" ] && prog=`basename $0 .bash`
|
[ -z "$prog" ] && prog=`basename $0 .bash`
|
||||||
[ -z "$USER" ] && USER=$( id -un )
|
[ -z "$USER" ] && USER=$( id -un )
|
||||||
[ -z "$DEBUG" ] && DEBUG=0
|
[ -z "$DEBUG" ] && DEBUG=0
|
||||||
|
if [ -z "$TERM" ] || [ "`tty`" == '' ] ; then
|
||||||
|
USAGE () { echo "USAGE: " $* ; exit 0 ; }
|
||||||
|
ERROR () { echo "ERROR: $prog" $* ; }
|
||||||
|
WARN () { echo "WARN: $prog" $* ; }
|
||||||
|
INFO () { echo "INFO: $prog" $* ; }
|
||||||
|
DBUG () { echo "DBUG: $prog" $* ; }
|
||||||
|
PANIC () { echo "PANIC: $prog" $* ; exit 1; }
|
||||||
|
FATL () { echo "PANIC: $prog" $* ; exit 1; }
|
||||||
|
|
||||||
|
usage () { echo "USAGE: " $* >&2 ; exit 0 >&2 ; }
|
||||||
|
error () { echo "ERROR: $prog" $* >&2 ; }
|
||||||
|
warn () { echo "WARN: $prog" $* >&2 ; }
|
||||||
|
info () { echo "INFO: $prog" $* >&2 ; }
|
||||||
|
dbug () { echo "DBUG: $prog" $* >&2 ; }
|
||||||
|
panic () { echo "PANIC: $prog" $* >&2 ; exit 1; }
|
||||||
|
fatl () { echo "PANIC: $prog" $* >&2 ; exit 1; }
|
||||||
|
else
|
||||||
|
|
||||||
if [ -n "$TERM" ] ; then
|
if [ -n "$TERM" ] ; then
|
||||||
# vars that can be used to change font color
|
# vars that can be used to change font color
|
||||||
@ -47,13 +63,6 @@ WARN () {
|
|||||||
}
|
}
|
||||||
warn () { WARN >&2 $* ; }
|
warn () { WARN >&2 $* ; }
|
||||||
|
|
||||||
USAGE () {
|
|
||||||
echo ${yellow}USAGE:${normal} $*
|
|
||||||
return 0
|
|
||||||
|
|
||||||
}
|
|
||||||
usage () { USAGE >&2 $* ; }
|
|
||||||
|
|
||||||
INFO () {
|
INFO () {
|
||||||
echo ${green}INFO:${normal} $*
|
echo ${green}INFO:${normal} $*
|
||||||
return 0
|
return 0
|
||||||
@ -67,11 +76,12 @@ DBUG () {
|
|||||||
dbug () { DBUG >&2 $* ; }
|
dbug () { DBUG >&2 $* ; }
|
||||||
debug () { [ "$DEBUG" = "1" ] && echo >&2 ${cyan}DBUG:${normal} $* ; return 0 ; }
|
debug () { [ "$DEBUG" = "1" ] && echo >&2 ${cyan}DBUG:${normal} $* ; return 0 ; }
|
||||||
|
|
||||||
usage () {
|
USAGE () {
|
||||||
echo ${yellow}USAGE:${normal} $*
|
echo ${yellow}USAGE:${normal} $*
|
||||||
return 0
|
return 0
|
||||||
|
|
||||||
}
|
}
|
||||||
USAGE () { usage $* ; }
|
usage () { USAGE >&2 $* ; }
|
||||||
|
fi
|
||||||
|
|
||||||
ols_are_we_connected () { route | grep -q ^default ; return $? ; }
|
msys_are_we_connected () { grep -q "^wlan[1-9][ ]00000000" /proc/net/route ; return $? ; }
|
||||||
|
@ -100,7 +100,7 @@ fi
|
|||||||
|
|
||||||
[ -d /etc/portage -a -z "$BOX_USER_NAME" ] && BOX_USER_NAME=vagrant
|
[ -d /etc/portage -a -z "$BOX_USER_NAME" ] && BOX_USER_NAME=vagrant
|
||||||
[ -d /etc/apt -a -z "$BOX_USER_NAME" ] && BOX_USER_NAME=devuan
|
[ -d /etc/apt -a -z "$BOX_USER_NAME" ] && BOX_USER_NAME=devuan
|
||||||
[ -z "$BOX_USER_HOME" ] && BOX_USER_HOME=/home/$BOX_USER_NAME
|
[ -z "$BOX_USER_HOME" -o ! -d "$BOX_USER_HOME" ] && BOX_USER_HOME=/home/$BOX_USER_NAME
|
||||||
[ -z "$BOX_ALSO_GROUP" ] && BOX_ALSO_GROUP=adm
|
[ -z "$BOX_ALSO_GROUP" ] && BOX_ALSO_GROUP=adm
|
||||||
|
|
||||||
[ -z "$LOGDIR" ] && LOGDIR=$PREFIX/tmp
|
[ -z "$LOGDIR" ] && LOGDIR=$PREFIX/tmp
|
||||||
@ -148,20 +148,20 @@ fi
|
|||||||
if [ -d $UPTMP/boxuser_pip_cache ] ; then
|
if [ -d $UPTMP/boxuser_pip_cache ] ; then
|
||||||
bootstrap_mkdir $BOX_USER_HOME/.cache/ && \
|
bootstrap_mkdir $BOX_USER_HOME/.cache/ && \
|
||||||
cp -rip $UPTMP/boxuser_pip_cache $BOX_USER_HOME/.cache/pip && \
|
cp -rip $UPTMP/boxuser_pip_cache $BOX_USER_HOME/.cache/pip && \
|
||||||
chown -R ${BOX_USER_NAME}.{BOX_ALSO_GROUP} $BOX_USER_HOME/.cache/pip && \
|
#? chown -R ${BOX_USER_NAME}.{BOX_ALSO_GROUP} $BOX_USER_HOME/.cache/pip && \
|
||||||
chmod -R g+rw $BOX_USER_HOME/.cache/pip && \
|
chmod -R g+rw $BOX_USER_HOME/.cache/pip && \
|
||||||
chmod -R o-w $BOX_USER_HOME/.cache/pip
|
chmod -R o-w $BOX_USER_HOME/.cache/pip
|
||||||
fi
|
fi
|
||||||
if [ -d $UPTMP/root_pip_cache ] ; then
|
if [ -d $UPTMP/root_pip_cache ] ; then
|
||||||
bootstrap_mkdir /root/.cache/ && \
|
bootstrap_mkdir /root/.cache/ && \
|
||||||
cp -rip $UPTMP/root_pip_cache /root/.cache/pip && \
|
cp -rip $UPTMP/root_pip_cache /root/.cache/pip && \
|
||||||
chown -R root.root /root/.cache/pip && \
|
#? chown -R ${BOX_USER_NAME}:{BOX_ALSO_GROUP} /root/.cache/pip && \
|
||||||
chmod -R g+rw /root/.cache/pip && \
|
chmod -R g+rw /root/.cache/pip && \
|
||||||
chmod -R o-w /root/.cache/pip
|
chmod -R o-w /root/.cache/pip
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -d /etc/apt ] ; then
|
if [ -d /etc/apt ] ; then
|
||||||
if ! route | grep -q ^default ; then
|
if ! grep -q "^wlan[1-9][ ]00000000" /proc/net/route ; then
|
||||||
DBUG "Not connected; skipping apt-get update"
|
DBUG "Not connected; skipping apt-get update"
|
||||||
elif [ ! -f /var/log/dpkg.log ] ; then
|
elif [ ! -f /var/log/dpkg.log ] ; then
|
||||||
apt-get update # || exit 4
|
apt-get update # || exit 4
|
||||||
@ -332,7 +332,7 @@ EOF
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# dont use -CAfile $UPTMP/cacert.pem - we want it to fail if we need the cert
|
# dont use -CAfile $UPTMP/cacert.pem - we want it to fail if we need the cert
|
||||||
if ! route | grep -q ^default ; then
|
if ! grep -q "^wlan[1-9][ ]00000000" /proc/net/route ; then
|
||||||
DBUG "Not connected; skipping SSL Certificate Authority chain"
|
DBUG "Not connected; skipping SSL Certificate Authority chain"
|
||||||
elif [ -n "$https_proxy" ] ; then
|
elif [ -n "$https_proxy" ] ; then
|
||||||
proxy=`echo "$https_proxy" | sed -e 's/https*:\/*//'`
|
proxy=`echo "$https_proxy" | sed -e 's/https*:\/*//'`
|
||||||
@ -486,7 +486,7 @@ if ! $PREFIX/bin/python$PYVER.bash -c 'import curl' 2>/dev/null ; then
|
|||||||
[ -x /usr/bin/curl ] || which curl 2>/dev/null || emerge -vb curl
|
[ -x /usr/bin/curl ] || which curl 2>/dev/null || emerge -vb curl
|
||||||
fi
|
fi
|
||||||
#? --allow-unverified pycurl
|
#? --allow-unverified pycurl
|
||||||
if ! route | grep -q ^default ; then
|
if ! grep -q "^wlan[1-9][ ]00000000" /proc/net/route ; then
|
||||||
INFO "Not connected; not installing pycurl"
|
INFO "Not connected; not installing pycurl"
|
||||||
elif $PREFIX/bin/pip$PYVER.sh install $PIP_INSTALL_ARGS pycurl >> $LOGDIR/pip_install_pycurl.log 2>&1 ; then
|
elif $PREFIX/bin/pip$PYVER.sh install $PIP_INSTALL_ARGS pycurl >> $LOGDIR/pip_install_pycurl.log 2>&1 ; then
|
||||||
INFO "Installed pycurl from pip with $PREFIX/bin/pip install $PIP_INSTALL_ARGS"
|
INFO "Installed pycurl from pip with $PREFIX/bin/pip install $PIP_INSTALL_ARGS"
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
|
|
||||||
prog=$( basename $0 .bash )
|
prog=$( basename $0 .bash )
|
||||||
ROLE=base
|
ROLE=base
|
||||||
|
PYVER=3
|
||||||
LOG_DIR=/usr/local/var/logs/portage
|
LOG_DIR=/usr/local/var/logs/portage
|
||||||
[ -d $LOG_DIR ] || mkdir -p $LOG_DIR
|
[ -d $LOG_DIR ] || mkdir -p $LOG_DIR
|
||||||
|
|
||||||
@ -37,15 +38,16 @@ LARGS="$LARGS --noreplace"
|
|||||||
# LARGS="$LARGS --exclude "
|
# LARGS="$LARGS --exclude "
|
||||||
LOG=$LOG_DIR/$LOG
|
LOG=$LOG_DIR/$LOG
|
||||||
export PYTHONPATH=
|
export PYTHONPATH=
|
||||||
echo INFO: $LARGS $ARGS >> $LOG 2>&1
|
echo INFO: emerge $LARGS $ARGS |tee -a $LOG >&2
|
||||||
nice python$BASE_PYTHON3_MINOR $( which emerge ) $LARGS $ARGS >> $LOG 2>&1
|
nice python$PYVER $( which emerge ) $LARGS $ARGS >> $LOG 2>&1
|
||||||
[ $? -ne 0 ] && exit $?
|
retval=$?
|
||||||
|
[ $retval -ne 0 ] && echo ERROR: $retval $LOG && tail $LOG && exit $retval
|
||||||
if grep ImportError $LOG ; then
|
if grep ImportError $LOG ; then
|
||||||
echo ERROR: ImportError $ARGS && exit 10
|
echo ERROR: ImportError $LOG && exit 10
|
||||||
elif grep ParseError $LOG ; then
|
elif grep ParseError $LOG ; then
|
||||||
echo ERROR: ParseError $ARGS && exit 11
|
echo ERROR: ParseError $LOG && exit 11
|
||||||
elif grep 'Your current profile is invalid' $LOG ; then
|
elif grep 'Your current profile is invalid' $LOG ; then
|
||||||
echo ERROR: Your current profile is invalid $ARGS && exit 12
|
echo ERROR: Your current profile is invalid $LOG && exit 12
|
||||||
fi
|
fi
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
|
@ -4,9 +4,10 @@
|
|||||||
ROLE=proxy
|
ROLE=proxy
|
||||||
PREFIX=/usr/local
|
PREFIX=/usr/local
|
||||||
|
|
||||||
# should be usable per user
|
# should be usable per user or by root as a user
|
||||||
|
|
||||||
. /usr/local/src/usr_local_src.bash || exit 2
|
. /usr/local/src/usr_local_src.bash || exit 2
|
||||||
ols_check_site_py >/dev/null || exit 3$?
|
msys_check_site_py >/dev/null || exit 3$?
|
||||||
|
|
||||||
DESC=""
|
DESC=""
|
||||||
export LOG_DIR=$PREFIX/var/log/$ROLE
|
export LOG_DIR=$PREFIX/var/log/$ROLE
|
||||||
|
@ -56,6 +56,20 @@ if [ "$#" -eq 0 ] ; then
|
|||||||
|
|
||||||
done
|
done
|
||||||
exit 0
|
exit 0
|
||||||
|
elif [ "$1" = check ] ; then
|
||||||
|
|
||||||
|
msys_var_local_src_prog_key $1 || exit 10$?
|
||||||
|
|
||||||
|
elif [ "$1" = 'lint' ] ; then
|
||||||
|
# sudo chown -R 1000:4 /usr/local/var/log/testforge/shellcheck
|
||||||
|
msys_var_local_src_prog_key $1 || exit 20$?
|
||||||
|
# ols_run_tests_shellcheck $ROLE || exit 21$?
|
||||||
|
# ols_run_tests_pylint || exit 22$?
|
||||||
|
|
||||||
|
elif [ "$1" = 'test' ] ; then
|
||||||
|
|
||||||
|
msys_var_local_src_prog_key $1 || exit 51$?
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#? FixMe: sed *sed - just /var/local
|
#? FixMe: sed *sed - just /var/local
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
|
|
||||||
- name: "/usr/local/etc/local.d/Whonix-Lati.rc"
|
- name: "/usr/local/etc/local.d/Whonix-Lati.rc"
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /usr/local/etc/local.d/Whonix-Lati.rc
|
dest: "{{USR_LOCAL}}/etc/local.d/Whonix-Lati.rc"
|
||||||
create: yes
|
create: yes
|
||||||
mode: 0770
|
mode: 0770
|
||||||
owner: "{{ BOX_USER_NAME }}"
|
owner: "{{ BOX_USER_NAME }}"
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
|
|
||||||
- name: "/usr/local/etc/local.d/Whonix-Lati.rc"
|
- name: "/usr/local/etc/local.d/Whonix-Lati.rc"
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /usr/local/etc/local.d/Whonix-Lati.rc
|
dest: "{{USR_LOCAL}}/etc/local.d/Whonix-Lati.rc"
|
||||||
create: yes
|
create: yes
|
||||||
mode: 0770
|
mode: 0770
|
||||||
owner: "{{ BOX_USER_NAME }}"
|
owner: "{{ BOX_USER_NAME }}"
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
- name: "/usr/lib/portage/python{{BASE_PORTAGE_PYTHON_MINOR}}/ebuild-helpers/python"
|
- name: "/usr/lib/portage/python{{BASE_PORTAGE_PYTHON_MINOR}}/ebuild-helpers/python"
|
||||||
file:
|
file:
|
||||||
# Its on the PATH in portage/.../.../temp/environment ahead of
|
# Its on the PATH in portage/.../.../temp/environment ahead of
|
||||||
# .../usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:...
|
# ...{{USR_LOCAL}}/sbin:{{USR_LOCAL}}/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:...
|
||||||
src: "/usr/bin/python{{BASE_PORTAGE_PYTHON_MINOR}}"
|
src: "/usr/bin/python{{BASE_PORTAGE_PYTHON_MINOR}}"
|
||||||
dest: "/usr/lib/portage/python{{BASE_PORTAGE_PYTHON_MINOR}}/ebuild-helpers/python"
|
dest: "/usr/lib/portage/python{{BASE_PORTAGE_PYTHON_MINOR}}/ebuild-helpers/python"
|
||||||
state: link
|
state: link
|
||||||
@ -22,6 +22,9 @@
|
|||||||
- name: "/etc/portage/make.conf base Gentoo GPSD_PROTOCOLS"
|
- name: "/etc/portage/make.conf base Gentoo GPSD_PROTOCOLS"
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /etc/portage/make.conf
|
dest: /etc/portage/make.conf
|
||||||
|
owner: "portage"
|
||||||
|
group: "portage"
|
||||||
|
mode: "0644"
|
||||||
create: false
|
create: false
|
||||||
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml [GPSD_PROTOCOLS]"
|
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml [GPSD_PROTOCOLS]"
|
||||||
block: |
|
block: |
|
||||||
@ -30,6 +33,9 @@
|
|||||||
- name: "/etc/portage/make.conf base Gentoo PORTAGE_PYTHON"
|
- name: "/etc/portage/make.conf base Gentoo PORTAGE_PYTHON"
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /etc/portage/make.conf
|
dest: /etc/portage/make.conf
|
||||||
|
owner: "portage"
|
||||||
|
group: "portage"
|
||||||
|
mode: "0644"
|
||||||
create: false
|
create: false
|
||||||
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml [PORTAGE_PYTHON]"
|
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml [PORTAGE_PYTHON]"
|
||||||
block: |
|
block: |
|
||||||
@ -252,7 +258,7 @@
|
|||||||
create: false
|
create: false
|
||||||
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml [PKG_CONFIG_PATH]"
|
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml [PKG_CONFIG_PATH]"
|
||||||
block: |
|
block: |
|
||||||
PKG_CONFIG_PATH="/usr/lib/pkgconfig:/usr/lib64/pkgconfig:/usr/share/pkgconfig:/usr/local/lib/pkgconfig/"
|
PKG_CONFIG_PATH="/usr/lib/pkgconfig:/usr/lib64/pkgconfig:/usr/share/pkgconfig:{{USR_LOCAL}}/lib/pkgconfig/"
|
||||||
- assert:
|
- assert:
|
||||||
that:
|
that:
|
||||||
- "'{{ BOX_OS_FLAVOR }}' != 'Funtoo'"
|
- "'{{ BOX_OS_FLAVOR }}' != 'Funtoo'"
|
||||||
@ -269,6 +275,9 @@
|
|||||||
dest: /etc/portage/repos.conf/default.conf
|
dest: /etc/portage/repos.conf/default.conf
|
||||||
create: yes
|
create: yes
|
||||||
marker: "# {mark} ANSIBLE MANAGED BLOCK base"
|
marker: "# {mark} ANSIBLE MANAGED BLOCK base"
|
||||||
|
owner: "portage"
|
||||||
|
group: "portage"
|
||||||
|
mode: "0644"
|
||||||
block: |
|
block: |
|
||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
# /usr/share/portage/config/repos.conf
|
# /usr/share/portage/config/repos.conf
|
||||||
@ -294,6 +303,9 @@
|
|||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /etc/portage/profile/package.provided
|
dest: /etc/portage/profile/package.provided
|
||||||
create: yes
|
create: yes
|
||||||
|
owner: "portage"
|
||||||
|
group: "portage"
|
||||||
|
mode: "0644"
|
||||||
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo"
|
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo"
|
||||||
block: |
|
block: |
|
||||||
# /etc/portage/profile/package.provided
|
# /etc/portage/profile/package.provided
|
||||||
@ -312,6 +324,9 @@
|
|||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /etc/portage/make.conf
|
dest: /etc/portage/make.conf
|
||||||
create: false
|
create: false
|
||||||
|
owner: "portage"
|
||||||
|
group: "portage"
|
||||||
|
mode: "0644"
|
||||||
marker: "# {mark} Ansible Managed Block base Gentoo.yml GRUB_PLATFORMS"
|
marker: "# {mark} Ansible Managed Block base Gentoo.yml GRUB_PLATFORMS"
|
||||||
block: |
|
block: |
|
||||||
# added 2019-07
|
# added 2019-07
|
||||||
@ -322,6 +337,9 @@
|
|||||||
- name: "/etc/portage/make.conf base Gentoo ACCEPT_LICENSE"
|
- name: "/etc/portage/make.conf base Gentoo ACCEPT_LICENSE"
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /etc/portage/make.conf
|
dest: /etc/portage/make.conf
|
||||||
|
owner: "portage"
|
||||||
|
group: "portage"
|
||||||
|
mode: "0644"
|
||||||
create: false
|
create: false
|
||||||
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml [ACCEPT_LICENSE]"
|
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml [ACCEPT_LICENSE]"
|
||||||
block: |
|
block: |
|
||||||
@ -330,6 +348,9 @@
|
|||||||
- name: "/etc/portage/make.conf base Gentoo VERIFY_SIG_OPENPGP_KEY_REFRESH"
|
- name: "/etc/portage/make.conf base Gentoo VERIFY_SIG_OPENPGP_KEY_REFRESH"
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /etc/portage/make.conf
|
dest: /etc/portage/make.conf
|
||||||
|
owner: "portage"
|
||||||
|
group: "portage"
|
||||||
|
mode: "0644"
|
||||||
create: false
|
create: false
|
||||||
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml VERIFY_SIG_OPENPGP_KEY_REFRESH"
|
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml VERIFY_SIG_OPENPGP_KEY_REFRESH"
|
||||||
block: |
|
block: |
|
||||||
|
@ -389,14 +389,6 @@
|
|||||||
block: |
|
block: |
|
||||||
dev-libs/libpcre2 pcre16 static-libs
|
dev-libs/libpcre2 pcre16 static-libs
|
||||||
|
|
||||||
- name: "/etc/portage/package.use/2017-10_world.txt"
|
|
||||||
blockinfile:
|
|
||||||
dest: /etc/portage/package.use/2017-10_world.txt
|
|
||||||
create: true
|
|
||||||
marker: "# {mark} Ansible Managed Block base libpcre2"
|
|
||||||
block: |
|
|
||||||
dev-libs/libpcre2 pcre16 static-libs
|
|
||||||
|
|
||||||
- name: "/etc/portage/package.use/2020-01_readline.txt"
|
- name: "/etc/portage/package.use/2020-01_readline.txt"
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /etc/portage/package.use/2020-01_readline.txt
|
dest: /etc/portage/package.use/2020-01_readline.txt
|
||||||
@ -501,14 +493,6 @@
|
|||||||
block: |
|
block: |
|
||||||
dev-libs/libpcre2 pcre16 static-libs
|
dev-libs/libpcre2 pcre16 static-libs
|
||||||
|
|
||||||
- name: "/etc/portage/package.use/2017-10_world.txt"
|
|
||||||
blockinfile:
|
|
||||||
dest: /etc/portage/package.use/2017-10_world.txt
|
|
||||||
create: true
|
|
||||||
marker: "# {mark} Ansible Managed Block base libpcre"
|
|
||||||
block: |
|
|
||||||
dev-libs/libpcre2 pcre16 static-libs
|
|
||||||
|
|
||||||
- name: "/etc/portage/package.use/2018-01_qt.txt"
|
- name: "/etc/portage/package.use/2018-01_qt.txt"
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /etc/portage/package.use/2018-01_qt.txt
|
dest: /etc/portage/package.use/2018-01_qt.txt
|
||||||
|
@ -35,10 +35,10 @@
|
|||||||
# either way - make sure there is only one.
|
# either way - make sure there is only one.
|
||||||
for elt in {{BASE_PYTHON2_MINOR}} {{BASE_PYTHON3_MINOR}} ; do
|
for elt in {{BASE_PYTHON2_MINOR}} {{BASE_PYTHON3_MINOR}} ; do
|
||||||
[ -d /usr/{{BASE_LIB}}/python$elt/site-packages/pkg_resources ] || continue
|
[ -d /usr/{{BASE_LIB}}/python$elt/site-packages/pkg_resources ] || continue
|
||||||
[ -d /usr/local/{{BASE_LIB}}/python$elt/site-packages/pkg_resources ] || continue
|
[ -d {{USR_LOCAL}}/{{BASE_LIB}}/python$elt/site-packages/pkg_resources ] || continue
|
||||||
rm -rf /usr/local/{{BASE_LIB}}/python$elt/site-packages/pkg_resources.bad
|
rm -rf {{USR_LOCAL}}/{{BASE_LIB}}/python$elt/site-packages/pkg_resources.bad
|
||||||
mv /usr/local/{{BASE_LIB}}/python$elt/site-packages/pkg_resources/ \
|
mv {{USR_LOCAL}}/{{BASE_LIB}}/python$elt/site-packages/pkg_resources/ \
|
||||||
/usr/local/{{BASE_LIB}}/python$elt/site-packages/pkg_resources.bad
|
{{USR_LOCAL}}/{{BASE_LIB}}/python$elt/site-packages/pkg_resources.bad
|
||||||
done
|
done
|
||||||
exit 0
|
exit 0
|
||||||
|
|
||||||
|
@ -14,7 +14,7 @@
|
|||||||
|
|
||||||
- name: Assemble from fragments from a directory
|
- name: Assemble from fragments from a directory
|
||||||
assemble:
|
assemble:
|
||||||
src: /usr/local/etc/ansible/ansible.cfg
|
src: "{{USR_LOCAL}}/etc/ansible/ansible.cfg"
|
||||||
regexp: "cfg$"
|
regexp: "cfg$"
|
||||||
dest: "{{BASE_SRC_ANSIBLE}}/ansible.cfg"
|
dest: "{{BASE_SRC_ANSIBLE}}/ansible.cfg"
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
|
@ -54,32 +54,34 @@
|
|||||||
|
|
||||||
- name: base /usr/local/src/usr_local_src.bash
|
- name: base /usr/local/src/usr_local_src.bash
|
||||||
copy:
|
copy:
|
||||||
src: /usr/local/src/usr_local_src.bash
|
src: "{{USR_LOCAL}}/src/usr_local_src.bash"
|
||||||
dest: /usr/local/src/usr_local_src.bash
|
dest: "{{USR_LOCAL}}/src/usr_local_src.bash"
|
||||||
mode: '0755'
|
mode: '0755'
|
||||||
|
when:
|
||||||
|
- ansible_virtualization_role|replace('NA', 'host') != 'host'
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
|
|
||||||
- name: /usr/local/bin/base_check_site_py.bash {{BASE_PYTHON3_MINOR}}
|
- name: /usr/local/bin/base_check_site_py.bash {{BASE_PYTHON3_MINOR}}
|
||||||
shell: |
|
shell: |
|
||||||
[ -e /usr/local/bin/base_check_site_py.bash ] || exit 0
|
[ -e {{USR_LOCAL}}/bin/base_check_site_py.bash ] || exit 0
|
||||||
export PYTHONPATH=''
|
export PYTHONPATH=''
|
||||||
/usr/local/bin/base_check_site_py.bash {{BASE_PYTHON3_MINOR}} || exit 3$?
|
{{USR_LOCAL}}/bin/base_check_site_py.bash {{BASE_PYTHON3_MINOR}} || exit 3$?
|
||||||
when:
|
when:
|
||||||
- "BASE_PYTHON3_MINOR != ''"
|
- "BASE_PYTHON3_MINOR != ''"
|
||||||
|
|
||||||
- name: base /usr/local/bin/base_check_site_py.bash {{BASE_PYTHON2_MINOR}}
|
- name: base /usr/local/bin/base_check_site_py.bash {{BASE_PYTHON2_MINOR}}
|
||||||
shell: |
|
shell: |
|
||||||
[ -e /usr/local/bin/base_check_site_py.bash ] || exit 0
|
[ -e {{USR_LOCAL}}/bin/base_check_site_py.bash ] || exit 0
|
||||||
export PYTHONPATH=''
|
export PYTHONPATH=''
|
||||||
/usr/local/bin/base_check_site_py.bash {{BASE_PYTHON2_MINOR}} || exit 2$?
|
{{USR_LOCAL}}/bin/base_check_site_py.bash {{BASE_PYTHON2_MINOR}} || exit 2$?
|
||||||
when:
|
when:
|
||||||
- "BASE_PYTHON2_MINOR != ''"
|
- "BASE_PYTHON2_MINOR != ''"
|
||||||
|
|
||||||
# wierd error - fails under ansible but not at the command line
|
# wierd error - fails under ansible but not at the command line
|
||||||
rescue:
|
rescue:
|
||||||
- debug:
|
- debug:
|
||||||
msg: "ERROR: WTF /usr/local/bin/base_check_site_py.bash"
|
msg: "ERROR: RESCUE WTF {{USR_LOCAL}}/bin/base_check_site_py.bash"
|
||||||
check_mode: false
|
check_mode: false
|
||||||
tags:
|
tags:
|
||||||
- always
|
- always
|
||||||
@ -261,7 +263,7 @@
|
|||||||
- name: "are we connected? - base_get_if.bash"
|
- name: "are we connected? - base_get_if.bash"
|
||||||
shell: |
|
shell: |
|
||||||
ip route | grep -q ^default || exit 1$?
|
ip route | grep -q ^default || exit 1$?
|
||||||
wlan=`/usr/local/bin/base_get_if.bash` || exit 3
|
wlan=`{{USR_LOCAL}}/bin/base_get_if.bash` || exit 3
|
||||||
if [ -n "$wlan" ] ; then
|
if [ -n "$wlan" ] ; then
|
||||||
ifconfig "$wlan" | grep -q UP && echo $wlan || true
|
ifconfig "$wlan" | grep -q UP && echo $wlan || true
|
||||||
else
|
else
|
||||||
@ -279,8 +281,8 @@
|
|||||||
- name: "are we connected? - new wifi"
|
- name: "are we connected? - new wifi"
|
||||||
shell: |
|
shell: |
|
||||||
ip route | grep -q ^default || exit 1$?
|
ip route | grep -q ^default || exit 1$?
|
||||||
/usr/local/bin/proxy_ping_test.bash wifi || exit 2$?
|
{{USR_LOCAL}}/bin/proxy_ping_test.bash wifi || exit 2$?
|
||||||
wlan=`/usr/local/bin/base_get_if.bash`
|
wlan=`{{USR_LOCAL}}/bin/base_get_if.bash`
|
||||||
echo $wlan
|
echo $wlan
|
||||||
register: wlan_up_no
|
register: wlan_up_no
|
||||||
failed_when: false
|
failed_when: false
|
||||||
@ -366,7 +368,7 @@
|
|||||||
shell: |
|
shell: |
|
||||||
export BASE_PYTHON2_MINOR={{BASE_PYTHON2_MINOR}}
|
export BASE_PYTHON2_MINOR={{BASE_PYTHON2_MINOR}}
|
||||||
export PYVER=2
|
export PYVER=2
|
||||||
/usr/local/bin/pyver.sh
|
{{USR_LOCAL}}/bin/pyver.sh
|
||||||
|
|
||||||
# sitecustomize is not getting made on 3.8
|
# sitecustomize is not getting made on 3.8
|
||||||
|
|
||||||
@ -374,7 +376,7 @@
|
|||||||
shell: |
|
shell: |
|
||||||
export BASE_PYTHON3_MINOR={{BASE_PYTHON3_MINOR}}
|
export BASE_PYTHON3_MINOR={{BASE_PYTHON3_MINOR}}
|
||||||
export PYVER=3
|
export PYVER=3
|
||||||
/usr/local/bin/pyver.sh
|
{{USR_LOCAL}}/bin/pyver.sh
|
||||||
|
|
||||||
# only site - not dist on Ubuntu?
|
# only site - not dist on Ubuntu?
|
||||||
- name: "make lib64/python{{BASE_PYTHON2_MINOR}}/site-packages/__init__.py"
|
- name: "make lib64/python{{BASE_PYTHON2_MINOR}}/site-packages/__init__.py"
|
||||||
@ -406,7 +408,7 @@
|
|||||||
shell: |
|
shell: |
|
||||||
export BASE_PYTHON3_MINOR={{BASE_PYTHON3_MINOR}}
|
export BASE_PYTHON3_MINOR={{BASE_PYTHON3_MINOR}}
|
||||||
export PYVER=3
|
export PYVER=3
|
||||||
/usr/local/bin/pyver.sh
|
{{USR_LOCAL}}/bin/pyver.sh
|
||||||
|
|
||||||
# only site - not dist on Ubuntu?
|
# only site - not dist on Ubuntu?
|
||||||
- name: "make lib64/python{{BASE_PYTHON2_MINOR}}/site-packages/__init__.py"
|
- name: "make lib64/python{{BASE_PYTHON2_MINOR}}/site-packages/__init__.py"
|
||||||
@ -476,7 +478,7 @@
|
|||||||
|
|
||||||
- name: "/usr/local/etc/local.d/Whonix-Lati.rc"
|
- name: "/usr/local/etc/local.d/Whonix-Lati.rc"
|
||||||
lineinfile:
|
lineinfile:
|
||||||
dest: /usr/local/etc/local.d/Whonix-Lati.rc
|
dest: "{{USR_LOCAL}}/etc/local.d/Whonix-Lati.rc"
|
||||||
create: yes
|
create: yes
|
||||||
mode: 0770
|
mode: 0770
|
||||||
insertafter: BOF
|
insertafter: BOF
|
||||||
@ -485,7 +487,7 @@
|
|||||||
|
|
||||||
- name: "/usr/local/etc/local.d/Whonix-Lati.rc"
|
- name: "/usr/local/etc/local.d/Whonix-Lati.rc"
|
||||||
blockinfile:
|
blockinfile:
|
||||||
dest: /usr/local/etc/local.d/Whonix-Lati.rc
|
dest: "{{USR_LOCAL}}/etc/local.d/Whonix-Lati.rc"
|
||||||
create: yes
|
create: yes
|
||||||
mode: 0770
|
mode: 0770
|
||||||
marker: "# {mark} ANSIBLE MANAGED BLOCK base initctl"
|
marker: "# {mark} ANSIBLE MANAGED BLOCK base initctl"
|
||||||
@ -506,7 +508,7 @@
|
|||||||
cd $src || exit 1
|
cd $src || exit 1
|
||||||
[ -e "python{{ BASE_PYTHON2_MINOR }}" ] || ln -s "../{{LIB}}/python{{ BASE_PYTHON2_MINOR }}" .
|
[ -e "python{{ BASE_PYTHON2_MINOR }}" ] || ln -s "../{{LIB}}/python{{ BASE_PYTHON2_MINOR }}" .
|
||||||
[ -e "python{{ BASE_PYTHON3_MINOR }}" ] || ln -s "../{{LIB}}/python{{ BASE_PYTHON3_MINOR }}" .
|
[ -e "python{{ BASE_PYTHON3_MINOR }}" ] || ln -s "../{{LIB}}/python{{ BASE_PYTHON3_MINOR }}" .
|
||||||
# our model is that user and group adm can pip install into /usr/local
|
# our model is that user and group adm can pip install into {{USR_LOCAL}}
|
||||||
# failsafe but often required and not covered elsewhere
|
# failsafe but often required and not covered elsewhere
|
||||||
chown -R "{{ BOX_USER_NAME }}"."{{ BOX_ALSO_GROUP }}" $src/python* $dest/python*
|
chown -R "{{ BOX_USER_NAME }}"."{{ BOX_ALSO_GROUP }}" $src/python* $dest/python*
|
||||||
chmod -R g+rw $src/python* $dest/python*
|
chmod -R g+rw $src/python* $dest/python*
|
||||||
@ -522,7 +524,7 @@
|
|||||||
i=$( expr $i + 1 )
|
i=$( expr $i + 1 )
|
||||||
[ -e /dev/loop$i ] && continue
|
[ -e /dev/loop$i ] && continue
|
||||||
mknod /dev/loop$i b 7 $i
|
mknod /dev/loop$i b 7 $i
|
||||||
chown root.disk /dev/loop$i
|
chown root:disk /dev/loop$i
|
||||||
chmod 660 /dev/loop$i
|
chmod 660 /dev/loop$i
|
||||||
done
|
done
|
||||||
exit 0
|
exit 0
|
||||||
@ -541,11 +543,6 @@
|
|||||||
- tmp
|
- tmp
|
||||||
check_mode: false
|
check_mode: false
|
||||||
|
|
||||||
- name: base /usr/local/src/usr_local_base.bash
|
|
||||||
copy:
|
|
||||||
src: /usr/local/src/usr_local_base.bash
|
|
||||||
dest: /usr/local/src/usr_local_base.bash
|
|
||||||
mode: '755'
|
|
||||||
|
|
||||||
# FixMe: change this to a user.yml; this should be run as vagrant and per sytem_user
|
# FixMe: change this to a user.yml; this should be run as vagrant and per sytem_user
|
||||||
- name: "/usr/local/src/usr_local_base.sh"
|
- name: "/usr/local/src/usr_local_base.sh"
|
||||||
@ -585,10 +582,11 @@
|
|||||||
args:
|
args:
|
||||||
chdir: "{{BASE_USR_LOCAL}}/src"
|
chdir: "{{BASE_USR_LOCAL}}/src"
|
||||||
creates:
|
creates:
|
||||||
- "{{BASE_USR_LOCAL}}/bin/python2.sh"
|
|
||||||
- "{{BASE_USR_LOCAL}}/bin/python3.sh"
|
- "{{BASE_USR_LOCAL}}/bin/python3.sh"
|
||||||
become: yes
|
become: yes
|
||||||
become_user: "{{ BOX_USER_NAME }}"
|
become_user: "{{ BOX_USER_NAME }}"
|
||||||
|
# FixMe
|
||||||
|
ignore_errors: true
|
||||||
|
|
||||||
# FixMe: pip doesnt buy this
|
# FixMe: pip doesnt buy this
|
||||||
- name: "make /usr/local/net/Cache/Pip"
|
- name: "make /usr/local/net/Cache/Pip"
|
||||||
|
@ -115,7 +115,7 @@
|
|||||||
PYTHON_MINOR="$(eval echo \$$P)"
|
PYTHON_MINOR="$(eval echo \$$P)"
|
||||||
grep -q $PYTHON_MINOR python$PYVER.conf || \
|
grep -q $PYTHON_MINOR python$PYVER.conf || \
|
||||||
echo $PYTHON_MINOR >> python$PYVER.conf
|
echo $PYTHON_MINOR >> python$PYVER.conf
|
||||||
cat /usr/local/etc/python-exec/python$PYVER-*.lis | while read file ; do
|
cat {{USR_LOCAL}}/etc/python-exec/python$PYVER-*.lis | while read file ; do
|
||||||
[ -e $file.conf ] && continue
|
[ -e $file.conf ] && continue
|
||||||
ln -s python$PYVER.conf $file.conf
|
ln -s python$PYVER.conf $file.conf
|
||||||
done
|
done
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
|
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: "base base_proxy.yml BOX_OS_FLAVOR={{BOX_OS_FLAVOR}}"
|
- name: "base base_proxy.yml"
|
||||||
debug:
|
debug:
|
||||||
# verbosity: 1
|
# verbosity: 1
|
||||||
msg: "base base_proxy.yml http_proxy={{http_proxy}} https_proxy={{https_proxy}} socks_proxy={{socks_proxy}}"
|
msg: "base base_proxy.yml http_proxy={{http_proxy}} https_proxy={{https_proxy}} socks_proxy={{socks_proxy}}"
|
||||||
@ -14,7 +14,7 @@
|
|||||||
socks_proxy: "socks5://127.0.0.1:9999"
|
socks_proxy: "socks5://127.0.0.1:9999"
|
||||||
ftp_proxy: "socks5://127.0.0.1:9999"
|
ftp_proxy: "socks5://127.0.0.1:9999"
|
||||||
no_proxy: "{{ NO_PROXY|default('127.0.0.1,localhost') }}"
|
no_proxy: "{{ NO_PROXY|default('127.0.0.1,localhost') }}"
|
||||||
SSL_CERT_FILE: "{{ SSL_CERT_FILE|default('/usr/local/etc/ssl/cacert-testforge.pem') }}"
|
SSL_CERT_FILE: "{{ SSL_CERT_FILE|default('{{USR_LOCAL}}/etc/ssl/cacert-testforge.pem') }}"
|
||||||
RSYNC_PROXY: "127.0.0.1:9999"
|
RSYNC_PROXY: "127.0.0.1:9999"
|
||||||
TERM: linux
|
TERM: linux
|
||||||
|
|
||||||
@ -74,7 +74,7 @@
|
|||||||
ftp_proxy: "socks5://{{external_out.stdout}}:3128"
|
ftp_proxy: "socks5://{{external_out.stdout}}:3128"
|
||||||
# this network should come from inventory
|
# this network should come from inventory
|
||||||
no_proxy: "{{ NO_PROXY|default('127.0.0.1,localhost,10.0.2.0/24') }}"
|
no_proxy: "{{ NO_PROXY|default('127.0.0.1,localhost,10.0.2.0/24') }}"
|
||||||
SSL_CERT_FILE: "{{ SSL_CERT_FILE|default('/usr/local/etc/ssl/cacert-testforge.pem') }}"
|
SSL_CERT_FILE: "{{ SSL_CERT_FILE|default('{{USR_LOCAL}}/etc/ssl/cacert-testforge.pem') }}"
|
||||||
RSYNC_PROXY: "{{external_out.stdout}}:3128"
|
RSYNC_PROXY: "{{external_out.stdout}}:3128"
|
||||||
when:
|
when:
|
||||||
- external_out.rc|default(1) == 0
|
- external_out.rc|default(1) == 0
|
||||||
|
@ -13,9 +13,9 @@
|
|||||||
|
|
||||||
- name: boostrap bootstrap_chroot_kicksecure.bash
|
- name: boostrap bootstrap_chroot_kicksecure.bash
|
||||||
shell: |
|
shell: |
|
||||||
/usr/local/sbin/bootstrap_chroot_kicksecure.bash
|
{{USR_LOCAL}}/sbin/bootstrap_chroot_kicksecure.bash
|
||||||
args:
|
args:
|
||||||
creates: /usr/local/etc/ssl/cacert-testforge.pem
|
creates: "{{USR_LOCAL}}/etc/ssl/cacert-testforge.pem"
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
when:
|
when:
|
||||||
- ansible_connection|default('') == 'chroot'
|
- ansible_connection|default('') == 'chroot'
|
||||||
@ -45,9 +45,9 @@
|
|||||||
if [ -x {{VAR_LOCAL}}/sbin/update_chroot.bash ]; then
|
if [ -x {{VAR_LOCAL}}/sbin/update_chroot.bash ]; then
|
||||||
{{VAR_LOCAL}}/sbin/update_chroot.bash "$root/" pwd || \
|
{{VAR_LOCAL}}/sbin/update_chroot.bash "$root/" pwd || \
|
||||||
{ echo ERROR: {{VAR_LOCAL}}/sbin/update_chroot.bash $root/ pwd $? ; exit 3 ; }
|
{ echo ERROR: {{VAR_LOCAL}}/sbin/update_chroot.bash $root/ pwd $? ; exit 3 ; }
|
||||||
elif [ -x /usr/local/sbin/base_chroot.bash ]; then
|
elif [ -x {{USR_LOCAL}}/sbin/base_chroot.bash ]; then
|
||||||
/usr/local/sbin/base_chroot.bash "$root/" pwd || \
|
{{USR_LOCAL}}/sbin/base_chroot.bash "$root/" pwd || \
|
||||||
{ echo ERROR: /usr/local/sbin/base_chroot.bash "$root/" pwd $? ; exit 4 ; }
|
{ echo ERROR: {{USR_LOCAL}}/sbin/base_chroot.bash "$root/" pwd $? ; exit 4 ; }
|
||||||
fi
|
fi
|
||||||
|
|
||||||
i=$( df -a | sed -e 's/.* //'| sort -u | grep -c "$root" )
|
i=$( df -a | sed -e 's/.* //'| sort -u | grep -c "$root" )
|
||||||
@ -95,8 +95,8 @@
|
|||||||
|
|
||||||
- name: boostrap bootstrap_wheels.bash
|
- name: boostrap bootstrap_wheels.bash
|
||||||
copy:
|
copy:
|
||||||
src: /usr/local/sbin/bootstrap_wheels.bash
|
src: "{{USR_LOCAL}}/sbin/bootstrap_wheels.bash"
|
||||||
dest: /usr/local/sbin/bootstrap_wheels.bash
|
dest: "{{USR_LOCAL}}/sbin/bootstrap_wheels.bash"
|
||||||
mode: '0755'
|
mode: '0755'
|
||||||
|
|
||||||
- name: boostrap bootstrap_wheels.bash raw
|
- name: boostrap bootstrap_wheels.bash raw
|
||||||
|
@ -63,10 +63,38 @@
|
|||||||
state: directory
|
state: directory
|
||||||
mode: 01777
|
mode: 01777
|
||||||
with_items:
|
with_items:
|
||||||
|
- /run/tmp
|
||||||
- /var/tmp/.ansible
|
- /var/tmp/.ansible
|
||||||
- "{{BASE_LOG_DIR}}/pip"
|
- "{{BASE_LOG_DIR}}/pip"
|
||||||
- "{{BASE_LOG_DIR}}/pip/pip2"
|
- "{{BASE_LOG_DIR}}/pip/pip2"
|
||||||
- "{{BASE_LOG_DIR}}/pip/pip3"
|
- "{{BASE_LOG_DIR}}/pip/pip3"
|
||||||
|
- /usr/local/share/genkernel/overlay/bin
|
||||||
|
|
||||||
|
- name: "/usr/local/etc/testforge/testforge.ini BOF"
|
||||||
|
lineinfile:
|
||||||
|
dest: "/usr/local/etc/testforge/testforge.ini"
|
||||||
|
insertbefore: BOF
|
||||||
|
mode: 0755
|
||||||
|
owner: "{{BOX_ROOT_USER}}"
|
||||||
|
group: "{{BOX_ROOT_GROUP}}"
|
||||||
|
create: yes
|
||||||
|
regexp: "# -.- mode: sh; tab-width: 0; coding: utf-8-unix -.-"
|
||||||
|
line: "# -*- mode: sh; tab-width: 0; coding: utf-8-unix -*-"
|
||||||
|
|
||||||
|
- name: /usr/local/etc/testforge/testforge.ini proxy
|
||||||
|
blockinfile:
|
||||||
|
dest: /usr/local/etc/testforge/testforge.ini
|
||||||
|
create: yes
|
||||||
|
marker: "# {mark} ANSIBLE MANAGED BLOCK ini [base]"
|
||||||
|
block: |
|
||||||
|
[base]
|
||||||
|
BASE_USER_NAME: "{{ BOX_USER_NAME }}"
|
||||||
|
BASE_USER_HOME: "{{ BOX_USER_HOME }}"
|
||||||
|
BASE_ALSO_GROUP: "{{ BOX_ALSO_GROUP }}"
|
||||||
|
BASE_ALSO_USERS: "{{BOX_ALSO_USERS}}"
|
||||||
|
BASE_USER_CONFIG_DIR: ".config/testforge"
|
||||||
|
BASE_PYTHON2_MINOR: "{{BASE_PYTHON2_MINOR}}"
|
||||||
|
BASE_PYTHON3_MINOR: "{{BASE_PYTHON3_MINOR}}"
|
||||||
|
|
||||||
- name: "rsync base root_overlay"
|
- name: "rsync base root_overlay"
|
||||||
synchronize:
|
synchronize:
|
||||||
@ -134,24 +162,24 @@
|
|||||||
cd /usr/local/src
|
cd /usr/local/src
|
||||||
[ ! -d "ansible-{{BOX_ANSIBLE_VERSION}}" ] && \
|
[ ! -d "ansible-{{BOX_ANSIBLE_VERSION}}" ] && \
|
||||||
[ ! -f "ansible-{{BOX_ANSIBLE_VERSION}}/setup.py" ] && \
|
[ ! -f "ansible-{{BOX_ANSIBLE_VERSION}}/setup.py" ] && \
|
||||||
[ -f /usr/local/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz ] && \
|
[ -f {{USR_LOCAL}}/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz ] && \
|
||||||
tar xvfz /usr/local/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz && \
|
tar xvfz {{USR_LOCAL}}/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz && \
|
||||||
chown -R {{BOX_USER_GROUP}}.{{BOX_USER_GROUP}} ansible-{{BOX_ANSIBLE_VERSION}}
|
chown -R {{BOX_USER_GROUP}}.{{BOX_USER_GROUP}} ansible-{{BOX_ANSIBLE_VERSION}}
|
||||||
exit 0
|
exit 0
|
||||||
|
|
||||||
- name: "patch /usr/local/"
|
- name: "patch /usr/local/"
|
||||||
environment: "{{ shell_env }}"
|
environment: "{{ shell_env }}"
|
||||||
shell: |
|
shell: |
|
||||||
cd /usr/local/patches/base || exit 1
|
cd {{USR_LOCAL}}/patches/base || exit 1
|
||||||
# this vacuumns all diff files below the root
|
# this vacuumns all diff files below the root
|
||||||
{{ BASE_SCRIPT_DIR }}/base_patch_from_diff.bash {{item}}
|
{{ BASE_SCRIPT_DIR }}/base_patch_from_diff.bash {{item}}
|
||||||
when:
|
when:
|
||||||
- item != ''
|
- item != ''
|
||||||
- not ansible_check_mode
|
- not ansible_check_mode
|
||||||
|
- false # FixMe not up to date
|
||||||
with_items:
|
with_items:
|
||||||
- usr/local/src/ansible-{{BOX_ANSIBLE_VERSION}}
|
- usr/local/src/ansible-{{BOX_ANSIBLE_VERSION}}
|
||||||
|
|
||||||
|
|
||||||
- name: chown vagrant ~vagrant
|
- name: chown vagrant ~vagrant
|
||||||
environment: "{{ shell_env }}"
|
environment: "{{ shell_env }}"
|
||||||
shell: |
|
shell: |
|
||||||
@ -167,6 +195,55 @@
|
|||||||
- "{{ base_system_users }}"
|
- "{{ base_system_users }}"
|
||||||
check_mode: false
|
check_mode: false
|
||||||
|
|
||||||
|
- block:
|
||||||
|
|
||||||
|
- name: "make vagrant RO directories base"
|
||||||
|
file:
|
||||||
|
path: "{{ item|expanduser }}"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ BOX_USER_NAME }}"
|
||||||
|
mode: 0700
|
||||||
|
with_items:
|
||||||
|
- "{{ BOX_USER_HOME }}/.cache"
|
||||||
|
- "{{ BOX_USER_HOME }}/.config"
|
||||||
|
- "{{ BOX_USER_HOME }}/.gpg"
|
||||||
|
- "{{ BOX_USER_HOME }}/.local/lib"
|
||||||
|
- "{{ BOX_USER_HOME }}/.ssh"
|
||||||
|
|
||||||
|
- name: "I think this is right make .local symlinks lib dirs"
|
||||||
|
file:
|
||||||
|
src: "{{ item.src | expanduser }}"
|
||||||
|
dest: "{{ item.dest | expanduser }}"
|
||||||
|
state: link
|
||||||
|
with_items:
|
||||||
|
- dest: "{{ BOX_USER_HOME }}/.local/lib64"
|
||||||
|
src: "{{ BOX_USER_HOME }}/.local/lib"
|
||||||
|
mode: "0755"
|
||||||
|
- dest: "{{ BOX_USER_HOME }}/.local/lib/python{{BASE_PYTHON3_MINOR}}"
|
||||||
|
src: "{{ USR_LOCAL }}/lib/python{{BASE_PYTHON3_MINOR}}"
|
||||||
|
mode: "0755"
|
||||||
|
- dest: "{{ BOX_USER_HOME }}/.local/lib/python{{BASE_PYTHON2_MINOR}}"
|
||||||
|
src: "{{ USR_LOCAL }}/lib/python{{BASE_PYTHON2_MINOR}}"
|
||||||
|
mode: "0755"
|
||||||
|
ignore_errors: true
|
||||||
|
|
||||||
|
- name: "make vagrant RO files base"
|
||||||
|
copy:
|
||||||
|
dest: "{{ BOX_USER_HOME }}/{{ item }}"
|
||||||
|
src: "{{ lookup('env','HOME') }}/{{ item }}"
|
||||||
|
force: no
|
||||||
|
mode: 0600
|
||||||
|
with_items:
|
||||||
|
- ".bashrc"
|
||||||
|
- ".bash_profile"
|
||||||
|
ignore_errors: true
|
||||||
|
# template or skel this
|
||||||
|
|
||||||
|
when:
|
||||||
|
- not ansible_check_mode
|
||||||
|
|
||||||
|
# libvirt become is not working?
|
||||||
|
|
||||||
- name: openssl.cnf cacert.pem
|
- name: openssl.cnf cacert.pem
|
||||||
# FixMe: PLAY_CA_CERT or /etc/ssl/certs/ca-certificates.crt
|
# FixMe: PLAY_CA_CERT or /etc/ssl/certs/ca-certificates.crt
|
||||||
environment: "{{ shell_env }}"
|
environment: "{{ shell_env }}"
|
||||||
|
@ -79,5 +79,5 @@
|
|||||||
|
|
||||||
rescue:
|
rescue:
|
||||||
- debug:
|
- debug:
|
||||||
msg: "WARN: error including ~/QeRcUser.yaml"
|
msg: "WARN: RESCUE error including ~/QeRcUser.yaml"
|
||||||
|
|
||||||
|
@ -21,7 +21,6 @@
|
|||||||
# msg: Unexpected failure during module execution.
|
# msg: Unexpected failure during module execution.
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
|
|
||||||
|
|
||||||
- name: ln -s 1777 /var/tmp/.ansible
|
- name: ln -s 1777 /var/tmp/.ansible
|
||||||
shell: |
|
shell: |
|
||||||
[ ! -d /var/tmp/.ansible ] && mkdir /var/tmp/.ansible && chmod 1777 /var/tmp/.ansible
|
[ ! -d /var/tmp/.ansible ] && mkdir /var/tmp/.ansible && chmod 1777 /var/tmp/.ansible
|
||||||
@ -47,19 +46,11 @@
|
|||||||
- "~{{LOOP_USER}}/.config"
|
- "~{{LOOP_USER}}/.config"
|
||||||
- "~{{LOOP_USER}}/.gpg"
|
- "~{{LOOP_USER}}/.gpg"
|
||||||
- "~{{LOOP_USER}}/.local"
|
- "~{{LOOP_USER}}/.local"
|
||||||
|
- "~{{LOOP_USER}}/.local/lib"
|
||||||
- "~{{LOOP_USER}}/.ssh"
|
- "~{{LOOP_USER}}/.ssh"
|
||||||
|
|
||||||
- name: "make vagrant RO files base"
|
# - name: "make vagrant RO files base"
|
||||||
copy:
|
|
||||||
dest: "{{ item|expanduser }}"
|
|
||||||
src: "{{ item|expanduser }}"
|
|
||||||
force: yes
|
|
||||||
mode: 0600
|
|
||||||
with_items:
|
|
||||||
- "~{{LOOP_USER}}/.bashrc"
|
|
||||||
- "~{{LOOP_USER}}/.bash_profile"
|
|
||||||
# template or skel this
|
# template or skel this
|
||||||
when: false
|
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
|
|
||||||
@ -162,7 +153,7 @@
|
|||||||
# and TESTFORGE_VERSION|default('') != ''
|
# and TESTFORGE_VERSION|default('') != ''
|
||||||
rescue:
|
rescue:
|
||||||
- debug:
|
- debug:
|
||||||
msg: "ERROR: reading in testforge_user_yml_file "
|
msg: "ERROR: RESCUE reading in testforge_user_yml_file "
|
||||||
|
|
||||||
check_mode: false
|
check_mode: false
|
||||||
|
|
||||||
@ -185,30 +176,16 @@
|
|||||||
dest: "{{ item.dest | expanduser }}"
|
dest: "{{ item.dest | expanduser }}"
|
||||||
state: link
|
state: link
|
||||||
with_items:
|
with_items:
|
||||||
- src: "/usr/local/{{LIB}}/python{{BASE_PYTHON2_MINOR}}"
|
- src: "{{USR_LOCAL}}/{{LIB}}/python{{BASE_PYTHON2_MINOR}}"
|
||||||
dest: "~{{LOOP_USER}}/.local/{{LIB}}/python{{BASE_PYTHON2_MINOR}}"
|
dest: "~{{LOOP_USER}}/.local/{{LIB}}/python{{BASE_PYTHON2_MINOR}}"
|
||||||
- src: "/usr/local/{{LIB}}/python{{BASE_PYTHON3_MINOR}}"
|
- src: "{{USR_LOCAL}}/{{LIB}}/python{{BASE_PYTHON3_MINOR}}"
|
||||||
dest: "~{{LOOP_USER}}/.local/{{LIB}}/python{{BASE_PYTHON3_MINOR}}"
|
dest: "~{{LOOP_USER}}/.local/{{LIB}}/python{{BASE_PYTHON3_MINOR}}"
|
||||||
- src: "/usr/local/bin"
|
- src: "{{USR_LOCAL}}/bin"
|
||||||
dest: "~{{LOOP_USER}}/.local/bin"
|
dest: "~{{LOOP_USER}}/.local/bin"
|
||||||
when:
|
when:
|
||||||
- not ansible_check_mode
|
- not ansible_check_mode
|
||||||
|
|
||||||
- name: "I think this is right make .local symlinks lib64 dirs"
|
- name: "I think this is right"
|
||||||
file:
|
|
||||||
src: "{{ item.src | expanduser }}"
|
|
||||||
dest: "{{ item.dest | expanduser }}"
|
|
||||||
state: link
|
|
||||||
with_items:
|
|
||||||
- dest: "~{{LOOP_USER}}/.local/lib"
|
|
||||||
src: "~{{LOOP_USER}}/.local/lib64"
|
|
||||||
mode: "0755"
|
|
||||||
ignore_errors: true
|
|
||||||
when:
|
|
||||||
- not ansible_check_mode
|
|
||||||
- "BASE_LIB == 'lib64'"
|
|
||||||
|
|
||||||
- name: "I think this is right make .local symlinks lib dirs"
|
|
||||||
file:
|
file:
|
||||||
src: "{{ item.src | expanduser }}"
|
src: "{{ item.src | expanduser }}"
|
||||||
dest: "{{ item.dest | expanduser }}"
|
dest: "{{ item.dest | expanduser }}"
|
||||||
@ -220,4 +197,5 @@
|
|||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
when:
|
when:
|
||||||
- not ansible_check_mode
|
- not ansible_check_mode
|
||||||
- "BASE_LIB == 'lib'"
|
- "BASE_LIB == 'lib64'"
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user