From 2e94aefbc0595510657a439774e3b344137af476 Mon Sep 17 00:00:00 2001 From: Tanguy MAZE Date: Thu, 13 Dec 2018 18:51:03 +0100 Subject: [PATCH] WIP add scripts --- files/check_crontab.sh | 27 +++++++++++++++++++++++++++ files/update_script | 3 +-- files/update_script.sh | 6 ++++++ provision.yml | 24 ++++++++++++++++++++++++ 4 files changed, 58 insertions(+), 2 deletions(-) create mode 100755 files/check_crontab.sh create mode 100755 files/update_script.sh diff --git a/files/check_crontab.sh b/files/check_crontab.sh new file mode 100755 index 0000000..4e3b4a7 --- /dev/null +++ b/files/check_crontab.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +cron=/etc/crontab +md5old=/etc/crontab_save + +log=/var/log/check_crontab.log + +printf "##### %s #####\n" "$(date)" >>$log +if [ ! -f $md5old ] +then + printf "Error: %s don't exist\nCreating %s ...\n" "$md5old" "$md5old" >>$log + md5sum $cron >$md5old + exit 1 +fi +if [ ! -s $md5old ] +then + printf "Error: %s is empty\nadding md5 hash to %s ...\n" "$md5old" "$md5old" >>$log + md5sum $cron >$md5old + exit 1 +fi +if [ ! $(md5sum -c $md5old 2>/dev/null | grep $cron | cut -d' ' -f2) = "OK" ] +then + printf "Error: %s modified\nsending mail ...\n" >>$log + echo "crontab has changed T_T" | mail -s "!!! PANIC !!! PANIC !!!! PANIC !!!" root +else + printf "file OK\n" >>$log +fi diff --git a/files/update_script b/files/update_script index 9aca3d1..ea47349 100644 --- a/files/update_script +++ b/files/update_script @@ -26,6 +26,5 @@ SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # m h dom mon dow command -00 4 * * * root /usr/sbin/update_script.sh - +00 4 * * 0 root /usr/sbin/update_script.sh @reboot root /usr/sbin/update_script.sh diff --git a/files/update_script.sh b/files/update_script.sh new file mode 100755 index 0000000..ef2fb1c --- /dev/null +++ b/files/update_script.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +# ajouter "0 4 * * 1 root /02" a /etc/crontab + +printf "##### %s #####\n" "$(date)" >>/var/log/update_script.log +apt update >>/var/log/update_script.log 2>&1 && DEBIAN_FRONTEND=noninteractive apt upgrade -y >>/var/log/update_script.log 2>&1 diff --git a/provision.yml b/provision.yml index fa806d9..bdecaac 100644 --- a/provision.yml +++ b/provision.yml @@ -32,6 +32,30 @@ service: name: "fail2ban" state: "restarted" + - name: "Upload update_script.sh" + copy: + src: "files/update_script.sh" + dest: "/usr/sbin/update_script.sh" + owner: "root" + group: "root" + - name: "Upload update_script" + copy: + src: "files/update_script" + dest: "/etc/cron.d/update_script" + owner: "root" + group: "root" + - name: "Upload check_crontab.sh" + copy: + src: "files/check_crontab.sh" + dest: "/usr/sbin/check_crontab.sh" + owner: "root" + group: "root" + - name: "Upload check_crontab" + copy: + src: "files/check_crontab" + dest: "/etc/cron.d/check_crontab" + owner: "root" + group: "root" - name: "Create .ssl directory" file: path: "/home/tanguy/.ssl"