Skip to content

/ install-script

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LB-64, Add TLS support #85

Closed
wants to merge 2 commits into from
+111 −17
Closed

LB-64, Add TLS support #85

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b2c917d
Check accessibility of port 6514 in case of TLS and port 514 in case …
Shweta-jain Mar 2, 2017
9c1d1cd
Add Error messages for the condition when certificate and rsyslog-gnu…
Mar 9, 2017
File filter...
Filter file types
Clear filters
Jump to…
Jump to file
Failed to load files.

Always

Just for now

Prev

Add Error messages for the condition when certificate and rsyslog-gnu… 

…tls package do not install
  • Loading branch information
Ubuntu
Ubuntu committed Mar 9, 2017
commit 9c1d1cda6e0b811c2c0c223c1ce13a6d942d44e9
17 Linux Script/configure-linux.sh
View file
Open in desktop
@@ -78,7 +78,7 @@ LOGGLY_DISTRIBUTION_ID="41058"

#Instruction link on how to configure loggly on linux manually. This will get overwritten by the child script which calls this
#on how to configure the child application
MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure rsyslog on Linux are available at https://www.loggly.com/docs/rsyslog-manual-configuration/. Rsyslog troubleshooting instructions are available at https://www.loggly.com/docs/troubleshooting-rsyslog/"
MANUAL_CONFIG_INSTRUCTION="Manual instructions to configure rsyslog on Linux are available at https://www.loggly.com/docs/rsyslog-tls-configuration/. Rsyslog troubleshooting instructions are available at https://www.loggly.com/docs/troubleshooting-rsyslog/"

#this variable is set if the script is invoked via some other calling script
IS_INVOKED=
@@ -483,6 +483,10 @@ downloadTlsCerts()
curl -O https://logdog.loggly.com/media/logs-01.loggly.com_sha12.crt
sudo cp -Prf logs-01.loggly.com_sha12.crt /etc/rsyslog.d/keys/ca.d/logs-01.loggly.com_sha12.crt
sudo rm logs-01.loggly.com_sha12.crt
if [ ! -f /etc/rsyslog.d/keys/ca.d//logs-01.loggly.com_sha12.crt ]; then
logMsgToConfigSysLog "ERROR" "ERROR: Certificate could not be downloaded."
exit 1
fi
}

This comment has been minimized.

Sign in to view
@mostlyjason

mostlyjason Mar 8, 2017
Contributor

Can we log an error message if the certificate cannot be downloaded?

This comment has been minimized.

Sign in to view
@mostlyjason

mostlyjason Mar 8, 2017
Contributor

@Shwetajain148 sorry I had this review in pending for several days and forgot to submit it

This comment has been minimized.

Sign in to view
@Shwetajain148

Shwetajain148 Mar 9, 2017
Author Contributor

@mostlyjason I have added the error message in the case when the certificate could not be found.

confString()
@@ -550,8 +554,19 @@ action(type=\"omfwd\" protocol=\"tcp\" target=\"$LOGS_01_HOST\" port=\"$LOGGLY_S
"
if [ "$RSYSLOG_VERSION_TMP" -le "7" ]; then
/bin/bash -c "sudo $PKG_MGR install rsyslog-gnutls -y"

This comment has been minimized.

Sign in to view
@mostlyjason

mostlyjason Mar 8, 2017
Contributor

Can we log an error message if the package installation fails?

This comment has been minimized.

Sign in to view
@Shwetajain148

Shwetajain148 Mar 9, 2017
Author Contributor

@mostlyjason Added the error message. Please review.

This comment has been minimized.

Sign in to view
@mostlyjason

mostlyjason Mar 9, 2017
Contributor

Will this also pass if the package has been previously installed and they are running the script again?

This comment has been minimized.

Sign in to view
@mchaudhary

mchaudhary Mar 9, 2017
Contributor

Yes that should work. I will let @Shwetajain148 comment and then merge this tomorrow morning.

This comment has been minimized.

Sign in to view
@Shwetajain148

Shwetajain148 Mar 10, 2017
edited
Author Contributor

@mchaudhary @mostlyjason Yes. In the case of already installed package, when script will try to install it, will get the following output:

"rsyslog-gnutls is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 47 not upgraded."

And then the script will go for the next steps.

This comment has been minimized.

Sign in to view
@mostlyjason

mostlyjason Mar 10, 2017
Contributor

Okay great
if [ $(dpkg-query -W -f='${Status}' rsyslog-gnutls 2>/dev/null | grep -c "ok installed") -eq 0 ];
then
logMsgToConfigSysLog "ERROR" "ERROR: The rsyslog-gnutls package was not downloaded. Please download it and then run the script again."
exit 1
fi
inputStrTls=$inputStr_TLS_RSYS_7
elif [ "$RSYSLOG_VERSION_TMP" -ge "8" ]; then
/bin/bash -c "sudo $PKG_MGR install rsyslog-gnutls -y"
if [ $(dpkg-query -W -f='${Status}' rsyslog-gnutls 2>/dev/null | grep -c "ok installed") -eq 0 ];
then
logMsgToConfigSysLog "ERROR" "ERROR: The rsyslog-gnutls package was not downloaded. Please download it and then run the script again."
exit 1
fi

This comment has been minimized.

Sign in to view
@Shwetajain148

Shwetajain148 Mar 9, 2017
Author Contributor

@mostlyjason I could observe that TLS logging requires the rsyslog-gnutls package in case of rsyslog version 8 as well. Otherwise, logging didn't work.
Also, I have added the error message in case package doesn't install successfully.

This comment has been minimized.

Sign in to view
@mostlyjason

mostlyjason Mar 9, 2017
Contributor

Okay please test on all the various distributions as well
inputStrTls=$inputStr_TLS_RSYS_8
fi
inputStr=$inputStr_NO_TLS
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.