Scripts: Custom Commands

sebkur-igel edited this page Dec 13, 2018 · 25 revisions

IGEL OS

Disable Wifi (wlan0) when ethernet (eth0) is pluged

LX V10

system -> firmware customization -> custom commands -> base-> initialization:

cat <<"EOF" > /etc/NetworkManager/dispatcher.d/99-wlan
#!/bin/bash
if [ "$1" = "eth0" -o "$1" = "eth1" ]; then
case "$2" in 
up) 
nmcli radio wifi off 
;;
down)
nmcli radio wifi on
;;
esac
fi
EOF
chmod +x /etc/NetworkManager/dispatcher.d/99-wlan

LX V5

system -> firmware customization -> custom commands -> base-> initialization:

cat <<"EOF" > /etc/NetworkManager/dispatcher.d/99-wlan
#!/bin/bash
if [ "$1" = "eth0" -o "$1" = "eth1" ]; then
case "$2" in
up)
nmcli nm wifi off
;;
down)
nmcli nm wifi on
;;
esac
fi
EOF
chmod +x /etc/NetworkManager/dispatcher.d/99-wlan

let network sleep for 10 seconds during boot

system -> firmware customization -> custom commands -> network -> network initialization:

sleep 10

This will set an IGEL Registry Parameter and reload the Config

#SET Variables
CONFIG="/config/bin/icaconfig"
#Command for Set the param
SET=setparam
#Command for Config Reload
SETUP=killwait_postsetupd
#What param should be filled
CONFIG1=ica.pnlogin.desktop_folder_farm
#Param Value
VAL1=true
#Starting script
#add everthing together
$SET $CONFIG1 $VAL1
$SETUP
$CONFIG

Use "E-Mail" as CommonName/SubjectAltName but fill it with DNS Name

#Put this line to custom commands, DNS Ready
sed -i 's/ SANAME=`get network.scepclient.cert${INST}.subjectaltname` /SANAME="`hostname`@domain.local"/' 
/usr/sbin/scep_mkrequest

Default Audio Output to HDMI or DP:

LX V10 (Please Note: This can be done in IGEL Setup and UMS from IGEL Linux Firmware 10.03.500 and above)

put under Firmware Customization -> Custom Commands -> Desktop -> Final Desktop Command, following commands

XDG_RUNTIME_DIR=/run/user/777 su  -c "pacmd set-card-profile 0 output:hdmi-stereo" user;
XDG_RUNTIME_DIR=/run/user/777 su  -c "pacmd set-card-profile 1 off" user;
amixer -D pulse sset Master 100%

LX V5

This line is for UD3-LX 50. It greps the available sink for HDMI sound and sets the default sink to it.

su user -c 'pacmd set-default-sink "$(pacmd list-sinks | grep hdmi | grep name: | grep -o -P "(?<=<).*(?=>)")"'

This line is for UD6-LX 51. It sets the card profile to HDMI because there is no additinal sink for it.

su user -c "pacmd set-card-profile 0 output:hdmi-stereo-extra1"

This line is for UD5-LX 40 which has also a different sound profile for HDMI.

su user -c "pacmd set-card-profile 0 output:hdmi-stereo"

Automatic Firmware Update via USB Storage for LX10

Use Case

As of 2018-07-23 it is not possible to update IGEL devices via IGEL Cloud Gateway. There are other alternatives like AWS or self hosted update server, but they might be oversizes if there is only a small number of Home-Office users. Therefor I was ask to create a "idiot proven way" to update IGEL devices via a USB-Storage devices. The idea is to plug a USB medium into the device and run the update "hassle-free" without needing the user to configure the local update path.

Requirements

  • It will only work on IGEL Linux 10, because it relies on Systemd which is not available in IGEL Linux 5.
  • The firmware version from IGEL's download server myigel.biz must be saved extracted on the USB-Storage device.
  • USB Storage Hotplug must be set to 1 or more (Parameter: devices.hotplug.usb-storage.numdevices 1)
  • Firmware update source must not be configured via UMS profile or Universal Firmware Update.

Things to consider

  • The script will search for any IGEL LX or UDC3 Firmware Version but always use the first one found. If there is more then on Firmware version on the USB-Storage device you might end up with the wrong firmware.
  • The script does not check if it is run on a LX or UDC3 device. Therefor it might end up trying to install e.g. a UDC3 firmware on a LX device. This is not harmful for the device, but the update will obviously fail.
  • The script will not check if the firmware update files on the USB-Storage device are equal or later to the current installed firmware. It will always prompt the update message. The IGEL admin is responsible to provide the correct update files.

Script

Put under Firmware Customization -> Custom Commands -> Desktop -> Final Desktop Command, following commands

cat <<"EOF" > /etc/systemd/system/automatic-update-file.service
[Unit]
Description=automatic-update-file

[Service]
Type=oneshot
RemainAfterExit=no
ExecStart=/tmp/automatic-update-file

[Install]
WantedBy=multi-user.target 
EOF
systemctl enable automatic-update-file.service

cat <<"EOF" > /etc/udev/rules.d/automatic-update-file.rules
ACTION=="add", KERNEL=="sd*", SUBSYSTEMS=="scsi", ENV{SYSTEMD_WANTS}="automatic-update-file.service"
EOF

cat <<"EOF" > /tmp/automatic-update-file
#!/bin/bash

sleep 1
FILESOURCE=$(find /media \( -iname "lxiv.inf" -o -iname "osiv.inf" \) -printf '%h\n' | head -1)

#Logging action
ACTION="automatic-update-file_${1}"
#output to systemlog with ID amd tag
LOGGER="logger -it ${ACTION}"

#Starting script
echo "Starting" | $LOGGER
echo $FILESOURCE | $LOGGER
if [ -n "$FILESOURCE" ]
then
        echo "IGEL LX10 Firmware files found at" $FILESOURCE | $LOGGER
        setparam update.protocol file
        setparam update.file.path $FILESOURCE
        killall setupd
        sleep 1
        export XAUTHORITY=/var/run/lightdm/root/:0
        source /etc/igel/update/automatic-run
else
        echo "No IGEL LX10 Firmware found" | $LOGGER
        exit 1
fi
EOF
chmod +x /tmp/automatic-update-file

TC Info

Use Case

Providing easy access to some device information so the user can read them out to a support admin (similar to BG Info)

Things to consider

  • User must be able to run the script. A custom Application is the most convenient way to archive this.
  1. Create a new custom Application in System -> Firmware Customization -> Custom Application, name it e.g. "TC Info"
  2. In TC Info -> Settings put in: Icon Name: /usr/share/icons/IGEL-Basic/categories/64/igel-network.png Command: /tmp/tcinfo

Script

Put under Firmware Customization -> Custom Commands -> Desktop -> Final Desktop Command, following commands

LX5

cat <<"EOF" > /tmp/tcinfo
#!/bin/bash
notify-send-message -t 20000 -i /usr/share/icons/Mint-X/apps/32/network-settings.png \
"Hostname: $(echo $HOSTNAME)" \
"IP: $(getmyip)"
MAC: $(cat /sys/class/net/eth0/address)
VERSION: $(cat /etc/firmware)"
EOF

chmod +x /tmp/tcinfo

LX10

cat <<"EOF" > /tmp/tcinfo
#!/bin/bash
notify-send-message -t 20000 -i /usr/share/icons/IGEL-Basic/categories/64/igel-network.png \
"Hostname: $(cat /etc/hostname)" \
IP: $(getmyip)
MAC: $(cat /sys/class/net/eth0/address)
VERSION: $(cat /etc/os-release | grep VERSION= | egrep -o "([0-9]{1,}\.)+[0-9]{1,}")" 
EOF

chmod +x /tmp/tcinfo

24/7 idle Firmware update

Use case

In 24 hours on 7 days environments it could get challenging to find the right time to perform Firmware updates. Therefor I was ask to write an script which performs an firmware update if no Citrix or Vmware session is active and.

Requirements

  • Written and tested for IGEL LX10, but I see no reason why it should not work an LX5.
  • Firmware version must be assigned through UMS prior to running the script.

Things to consider

  • The specific example will run the script every Tuesday starting at 1:00 PM. To reschedule change the first line of the script. Use Systemd Timer expressions
  • After the first run, the script will check if a Citrix or Vmware Session is present if this is the case it will retire. In this example it will retire 9 times and wait 30min between every try. Retries and wait time can be configured accordingly.

Script

Put under Firmware Customization -> Custom Commands -> Desktop -> Final Desktop Command, following commands I came up with to different version for slightly different use cases.

Compare

The first version is more complex. It will compare the current installed firmware version with the new assigned version and perform the update imminently.

systemd-run --unit="update-script" --on-calendar="Tue *-*-* 01:00:00" /wfs/updatescript

cat <<"EOF" > /wfs/updatescript
#!/bin/bash

RETRIES=9 #Here you can change how many update retries the script will do.
WAIT=30m #Here you can change how long the script will wait after every retry. Please add the suffix 's' for seconds, 'm' for minutes, 'h' for hours or 'd' for days.

#Logging action
ACTION="update-script_${1}"
#output to systemlog with ID amd tag
LOGGER="logger -it ${ACTION}"

#Starting update script 
echo "Starting" | $LOGGER

#start retry loop 
until [  $RETRIES -lt 0 ]; do
#check if session is active 
if ! pgrep -x "vmware-remotemk" > /dev/null && ! pgrep -x "wfica" > /dev/null
then
    echo "No active session detected, checking for new firmware version" | $LOGGER
    #get latest settings from UMS 
    get_rmsettings_boot
    #Get current firmware version
    CURRENT=$(cat /etc/os-release | grep VERSION= | egrep -o "([0-9]{1,}\.)+[0-9]{1,}");
    echo "Current firmware is" $CURRENT | $LOGGER
    #Get assigned firmware version 
    NEW=$(cat /wfs/group.ini | grep IGEL_Universal_Desktop | egrep -o "([0-9]{1,}\.)+[0-9]{1,}")
    echo "New firmware version is" $NEW | $LOGGER
    
    #Compare firmware version 
    if [ $CURRENT !=  $NEW ]
    then
    	echo "Current firmware is not equal to new firmware, starting update to version" $NEW | $LOGGER
    	#If current firmware is not equal to new firmware, start update process 
        update
	#Exit the loop after the update
	echo "Update done, exiting" | $LOGGER
	exit 1   
    else
       echo "Current firmware is equal to new firmware, exiting" | $LOGGER
       exit 1 
    fi   
else 
    echo "Active session detected, waiting" $WAIT "Retries left =" $RETRIES | $LOGGER
    let RETRIES-=1
    sleep $WAIT
fi
done
EOF

chmod +x /wfs/updatescript

Reboot

The second version will not compare firmware version. It will only reboot the device and relies on supported IGEL features. The idea is to use the "Automatic Update Check on Boot" option to check for firmware updates this option is available for http/s and ftp/s update sources through System -> Update -> Firmware Update.

systemd-run --unit="update-script" --on-calendar="Tue *-*-* 01:00:00" /wfs/updatescript

cat <<"EOF" > /wfs/updatescript
#!/bin/bash

RETRIES=9 #Here you can change how many update retries the script will do.
WAIT=30m #Here you can change how long the script will wait after every retry. Please add the suffix 's' for seconds, 'm' for minutes, 'h' for hours or 'd' for days.

#Logging action
ACTION="update-script_${1}"
#output to systemlog with ID amd tag
LOGGER="logger -it ${ACTION}"

#Starting update script 
echo "Starting" | $LOGGER

#start retry loop 
until [  $RETRIES -lt 0 ]; do
#check if session is active
if ! pgrep -x "vmware-remotemk" > /dev/null && ! pgrep -x "wfica" > /dev/null
then
    echo "No active session detected, starting firmware update" | $LOGGER
    #get latest settings from UMS 
    get_rmsettings_boot
    reboot
else 
    echo "Active session detected, waiting" $WAIT "Retries left =" $RETRIES | $LOGGER
    let RETRIES-=1
    sleep $WAIT
fi
done
EOF

chmod +x /wfs/updatescript
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.