NetSUS 4.2.0 major update, initial seed

Changelog to be updated ASAP
jamf · Jun 7, 2017 · 45c837e · 45c837e
1 parent ab1ab7b
commit 45c837e
Show file tree

Hide file tree

Showing 46 changed files with 2,590 additions and 1,581 deletions.
diff --git a/CreateNetSUSInstaller.sh b/CreateNetSUSInstaller.sh
@@ -15,44 +15,38 @@ timeEcho "Building NetSUSLP Installer..."
 rm -f NetSUSInstaller.run 2>&1 > /dev/null
 rm -Rf temp 2>&1 > /dev/null
 
-mkdir temp
-cp -R base temp
-cp -R NetBoot temp
-cp -R SUS temp
-cp -R webadmin temp
-cp -R LDAPProxy temp
-cp -R includes/* temp/base/
-cp -R includes/* temp/NetBoot/
-cp -R includes/* temp/SUS/
-cp -R includes/* temp/webadmin/
-cp -R includes/* temp/LDAPProxy/
+mkdir -p temp/installer/checks
+mkdir -p temp/installer/resources
+mkdir -p temp/installer/utils
+cp -R base/NetSUSInstaller.sh temp/installer/install.sh
+cp -R base/test64bitRequirements.sh temp/installer/checks/test64bitRequirements.sh
+cp -R base/testOSRequirements.sh temp/installer/checks/testOSRequirements.sh
+cp -R base/testUbuntuBinRequirements.sh temp/installer/checks/testBinRequirements.sh
+cp -R includes/logger.sh temp/installer/utils/logger.sh
+cp -R LDAPProxy/etc/ldap/* temp/installer/resources
+cp -R LDAPProxy/LDAPProxyInstall.sh temp/installer/install-proxy.sh
+cp -R NetBoot/netbootInstall.sh temp/installer/install-netboot.sh
+cp -R NetBoot/usr/local/sbin temp/installer/resources/dhcp
+cp -R NetBoot/var/appliance/conf/dhcpd.conf temp/installer/resources/dhcpd.conf
+cp -R NetBoot/var/appliance/configurefornetboot temp/installer/resources/configurefornetboot
+cp -R NetBoot/var/appliance/libdb4-4.8.30-21.fc26.x86_64.rpm temp/installer/resources/libdb4-4.8.30-21.fc26.x86_64.rpm
+cp -R NetBoot/var/appliance/netatalk-2.2.0-2.el6.x86_64.rpm temp/installer/resources/netatalk-2.2.0-2.el6.x86_64.rpm
+cp -R NetBoot/var/appliance/netatalk-2.2.3-9.fc20.x86_64.rpm temp/installer/resources/netatalk-2.2.3-9.fc20.x86_64.rpm
+cp -R SUS/susInstall.sh temp/installer/install-sus.sh
+cp -R SUS/var/appliance/sus_sync.py temp/installer/resources/sus_sync.py
+cp -R SUS/var/lib/reposado temp/installer/resources/reposado
+cp -R webadmin/webadminInstall.sh temp/installer/install-webadmin.sh
+cp -R webadmin/var/appliance/dialog.sh temp/installer/resources/dialog.sh
+cp -R webadmin/var/www temp/installer/resources/html
 if [ -x /usr/bin/xattr ]; then find temp -exec xattr -c {} \; ;fi # Remove OS X extended attributes
 find temp -name .DS_Store -delete # Clean out .DS_Store files
 find temp -name .svn | xargs rm -Rf # Clean out SVN garbage
 
-
-# Generate NetBoot App sub-installer
-timeEcho "Creating NetBoot sub-installer..."
-bash makeself/makeself.sh temp/NetBoot/ temp/base/netbootInstall.run "NetBoot Installer" "bash netbootInstall.sh" > /dev/null
-
-# Generate SUS sub-installer
-timeEcho "Creating SUS sub-installer..."
-bash makeself/makeself.sh temp/SUS/ temp/base/susInstall.run "SUS Installer" "bash susInstall.sh" > /dev/null
-
-# Generate webadmin sub-installer
-timeEcho "Creating webadmin sub-installer..."
-bash makeself/makeself.sh temp/webadmin/ temp/base/webadminInstall.run "WebAdmin Installer" "bash webadminInstall.sh" > /dev/null
-
-# Generate LDAP Proxy sub-installer
-timeEcho "Creating LDAP Proxy sub-installer..."
-bash makeself/makeself.sh temp/LDAPProxy/ temp/base/LDAPProxyInstall.run "LDAP Proxy Installer" "bash LDAPProxyInstall.sh" > /dev/null
-
 # Generate final installer
 timeEcho "Creating final installer..."
-bash makeself/makeself.sh temp/base/ NetSUSLPInstaller.run "NetSUSLP Installer" "bash NetSUSInstaller.sh"
+bash makeself/makeself.sh temp/installer/ NetSUSLPInstaller.run "NetSUSLP Installer" "bash install.sh"
 
 timeEcho "Cleaning up..."
-#cp temp/*/*.run .  # Uncomment this if you want to test the sub-installers outside of the main installer
 rm -Rf temp 2>&1 > /dev/null
 timeEcho "Finished creating the NetSUS Installer.  "
 

diff --git a/LDAPProxy/LDAPProxyInstall.sh b/LDAPProxy/LDAPProxyInstall.sh
@@ -1,60 +1,69 @@
 #!/bin/bash
 # This script controls the flow of the LDAP Proxy installation
-pathToScript=$0
-detectedOS=$1
 
-# Logger
-source logger.sh
+log "Starting LDAP Proxy Installation"
 
-logEvent "Starting LDAP Proxy Installation"
-if [[ $detectedOS == 'Ubuntu' ]]; then
+apt_install() {
+	if [[ $(apt-cache -n search ^${1}$ | awk '{print $1}' | grep ^${1}$) == "$1" ]] && [[ $(dpkg -s $1 2>&- | awk '/Status: / {print $NF}') != "installed" ]]; then
+		apt-get -qq -y install $1 >> $logFile 2>&1
+		if [[ $? -ne 0 ]]; then
+			exit 1
+		fi
+	fi
+}
+
+yum_install() {
+	if yum -q list $1 &>- && [[ $(rpm -qa $1) == "" ]] ; then
+		yum install $1 -y -q >> $logFile 2>&1
+		if [[ $? -ne 0 ]]; then
+			exit 1
+		fi
+	fi
+}
+
+# Install required software
+if [[ $(which apt-get 2>&-) != "" ]]; then
 	export DEBIAN_FRONTEND=noninteractive
 	echo -e " \
 slapd    slapd/internal/generated_adminpw    password   netsuslp
 slapd    slapd/password2    password    netsuslp
 slapd    slapd/internal/adminpw    password netsuslp
 slapd    slapd/password1    password    netsuslp
 " | sudo debconf-set-selections
-    apt-get -qq -y install slapd >> $logFile
-    export DEBIAN_FRONTEND=
+	apt_install slapd
+	unset DEBIAN_FRONTEND
 fi
-
-if [[ $detectedOS == 'CentOS' ]] || [[ $detectedOS == 'RedHat' ]]; then
-	if ! rpm -qa "*openldap-servers*" | grep -q "openldap-servers" ; then
-		yum install openldap-servers -y -q >> $logFile
-	fi
+if [[ $(which yum 2>&-) != "" ]]; then
+	yum_install openldap-servers
+	yum_install expect
 fi
 
-if [[ $detectedOS == 'Ubuntu' ]]; then
-    rm -rf /etc/ldap/slapd.d/ >> $logFile
-	cp -R ./etc/* /etc/
-	sed -i "s/SLAPD_SERVICES=\"ldap:\/\/\/ ldapi:\/\/\/\"/SLAPD_SERVICES=\"ldap:\/\/\/ ldapi:\/\/\/ ldaps:\/\/\/\"/g" /etc/default/slapd
+# Create appliance configuration directory
+if [ ! -d "/var/appliance/conf" ]; then
+	mkdir /var/appliance/conf
 fi
 
-if [[ $detectedOS == 'CentOS' ]] || [[ $detectedOS == 'RedHat' ]]; then
-	rm -rf /etc/openldap/slapd.d/ >> $logFile
-	cp -R ./etc/ldap/slapdyum.conf /etc/openldap/slapd.conf
-	sed -i "s/SLAPD_URLS=\"ldapi:\/\/\/ ldap:\/\/\/\"/SLAPD_URLS=\"ldapi:\/\/\/ ldap:\/\/\/\ ldaps:\/\/\/\"/g" /etc/sysconfig/slapd
-fi
-
-cp -R ./var/* /var/
-
-if [[ $detectedOS == 'CentOS' ]] || [[ $detectedOS == 'RedHat' ]]; then
-	rm /var/appliance/conf/slapd.conf
-	mv /var/appliance/conf/slapdyum.conf /var/appliance/conf/slapd.conf
-else
-	rm /var/appliance/conf/slapdyum.conf
-fi
-
-
-if [[ $detectedOS == 'Ubuntu' ]]; then
+# Configure slapd
+if [ -d "/etc/ldap" ]; then
+	rm -rf /etc/ldap/slapd.d/ >> $logFile
+	cp ./resources/slapd.conf /etc/ldap/slapd.conf >> $logFile
+	cp ./resources/slapd.conf /var/appliance/conf/slapd.conf >> $logFile
+	sed -i '/\/var\/appliance\/conf\//d' /etc/apparmor.d/usr.sbin.slapd
+	sed -i -e '/<abstractions\/ssl_certs>/{:a;n;/^$/!ba;i\  \/var\/appliance\/conf\/ r,\n  \/var\/appliance\/conf\/* r,' -e '}' /etc/apparmor.d/usr.sbin.slapd
+	sed -i "s/SLAPD_SERVICES=\"ldap:\/\/\/ ldapi:\/\/\/\"/SLAPD_SERVICES=\"ldap:\/\/\/ ldapi:\/\/\/ ldaps:\/\/\/\"/g" /etc/default/slapd
 	cp /etc/ssl/certs/ssl-cert-snakeoil.pem /var/appliance/conf/appliance.chain.pem
 	cp /etc/ssl/certs/ssl-cert-snakeoil.pem /var/appliance/conf/appliance.certificate.pem
 	cp /etc/ssl/private/ssl-cert-snakeoil.key /var/appliance/conf/appliance.private.key
 	chown openldap /var/appliance/conf/appliance.private.key
 fi
-if [[ $detectedOS == 'CentOS' ]] || [[ $detectedOS == 'RedHat' ]]; then
-	cp /etc/pki/tls/certs/server-chain.crt /var/appliance/conf/appliance.chain.pem
+if [ -d "/etc/openldap" ]; then
+	rm -rf /etc/openldap/slapd.d/ >> $logFile
+	cp ./resources/slapdyum.conf /etc/openldap/slapd.conf >> $logFile
+	cp ./resources/slapdyum.conf /var/appliance/conf/slapd.conf >> $logFile
+	if [ -f "/etc/sysconfig/slapd" ]; then
+		sed -i "s/SLAPD_URLS=\"ldapi:\/\/\/ ldap:\/\/\/\"/SLAPD_URLS=\"ldapi:\/\/\/ ldap:\/\/\/\ ldaps:\/\/\/\"/g" /etc/sysconfig/slapd
+	fi
+	cp /etc/pki/tls/certs/localhost.crt /var/appliance/conf/appliance.chain.pem
 	cp /etc/pki/tls/certs/localhost.crt /var/appliance/conf/appliance.certificate.pem
 	cp /etc/pki/tls/private/localhost.key /var/appliance/conf/appliance.private.key
 	chown ldap /var/appliance/conf/appliance.private.key
@@ -63,18 +72,13 @@ if [[ $detectedOS == 'CentOS' ]] || [[ $detectedOS == 'RedHat' ]]; then
 	modutil -create -dbdir /etc/openldap/certs -force
 	openssl pkcs12 -inkey /var/appliance/conf/appliance.private.key -in /var/appliance/conf/appliance.certificate.pem -export -out /tmp/openldap.p12 -nodes -name 'LDAP-Certificate' -password pass:
 	certutil -A -d /etc/openldap/certs -n "CA Chain" -t CT,, -a -i /var/appliance/conf/appliance.chain.pem
-	pk12util -i /tmp/openldap.p12 -d /etc/openldap/certs -W ""
-	rm /tmp/openldap.p12
+	expect -c 'log_user 0; spawn pk12util -i /tmp/openldap.p12 -d /etc/openldap/certs -W ""; expect "Enter new password: "; send "netsuslp\r"; expect "Re-enter password: "; send "netsuslp\r"'
+	rm -f /tmp/openldap.p12
 	chown -R ldap:ldap /etc/openldap/certs/
 fi
 
+log "OK"
 
+log "Finished deploying the LDAP Proxy"
 
-
-
-
-logEvent "OK"
-
-logEvent "Finished deploying the LDAP Proxy"
-
-exit 0
+exit 0