Merge pull request #10 from LorbusChris/dev

Add MotD updater, greenboot-motd package

README.md

@@ -6,19 +6,19 @@ The following directory structure is created:
 
 ```
 /etc
-    /greenboot.d
-                /check
-                      /required
-                      /wanted
-                /green
-                /red
+└── greenboot
+    ├── check
+    │   ├── required.d
+    │   └── wanted.d
+    ├── green.d
+    └── red.d
 ```
 
 ### Custom Health Checks
 You have multiple options to customize greenboot’s health checking behaviour:
 
-* Drop scripts representing health checks that MUST NOT FAIL in order to reach a GREEN boot status into `/etc/greenboot.d/check/required`.
-* Drop scripts representing health checks that MAY FAIL into `/etc/greenboot.d/check/wanted`.
+* Drop scripts representing health checks that MUST NOT FAIL in order to reach a GREEN boot status into `/etc/greenboot/check/required.d`.
+* Drop scripts representing health checks that MAY FAIL into `/etc/greenboot/check/wanted.d`.
 * Create oneshot health check service units that MUST NOT FAIL like the following and drop them into `/etc/systemd/system` (don't forget to `systemctl enable` them afterwards):
 ```
 [Unit]
@@ -47,7 +47,7 @@ WantedBy=greenboot.target
 ```
 
 ### Custom GREEN Status Procedures
-* Drop scripts representing procedures you want to run after a GREEN boot status has been reached into `/etc/greenboot.d/green`.
+* Drop scripts representing procedures you want to run after a GREEN boot status has been reached into `/etc/greenboot/green.d`.
 
 ### Custom RED Status Procedures
-* Drop scripts representing procedures you want to run after a RED boot status has been reached into `/etc/greenboot.d/red`.
+* Drop scripts representing procedures you want to run after a RED boot status has been reached into `/etc/greenboot/red.d`.

etc/greenboot/check/required.d/00_required_scripts_start.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -euo pipefail
+
+echo "Running greenboot Required Health Check Scripts"

etc/greenboot/check/wanted.d/00_wanted_scripts_start.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -euo pipefail
+
+echo "Running greenboot Wanted Health Check Scripts"

etc/greenboot/green.d/01_greenboot_motd.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -euo pipefail
+
+ln -snf /etc/greenboot/motd/greenboot.motd /run/greenboot/motd

etc/greenboot/motd/greenboot.motd

@@ -0,0 +1 @@
+Health Check SUCCEEDED. Boot Status is GREEN.

etc/greenboot/motd/redboot.motd

@@ -0,0 +1,2 @@
+Health Check FAILED! Boot Status is RED!
+Run `journalctl -u greenboot-healthcheck` for more information.

etc/greenboot/red.d/01_redboot_motd.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -euo pipefail
+
+ln -snf /etc/greenboot/motd/redboot.motd /run/greenboot/motd

greenboot.spec

@@ -4,7 +4,7 @@
 %global build_timestamp %(date +"%Y%m%d%H%M%%S")
 
 Name:               greenboot
-Version:            0.1
+Version:            0.2
 Release:            1%{?dist}
 Summary:            Generic Health Check Framework for systemd
 License:            LGPLv2+
@@ -19,11 +19,12 @@ Requires:           systemd
 %description
 %{summary}.
 
-%package notifications
-Summary:            Notification scripts for greenboot
+%package motd
+Summary:            MotD updater for greenboot
+Requires:           pam >= 1.3.1
 
-%description notifications
-Notification scripts for greenboot
+%description motd
+Message of the Day updater for greenboot
 
 %package ostree
 Summary:            OSTree specific scripts for greenboot
@@ -48,16 +49,23 @@ install -Dpm 0644 usr/lib/systemd/system/greenboot.target %{buildroot}%{_unitdir
 install -Dpm 0644 usr/lib/systemd/system/greenboot-healthcheck.service %{buildroot}%{_unitdir}/greenboot-healthcheck.service
 install -Dpm 0644 usr/lib/systemd/system/greenboot.service %{buildroot}%{_unitdir}/greenboot.service
 install -Dpm 0644 usr/lib/systemd/system/redboot.service %{buildroot}%{_unitdir}/redboot.service
-mkdir -p %{buildroot}%{_sysconfdir}/%{name}.d/check/required
-install -Dpm 0755 etc/greenboot.d/check/required/00_required_scripts_start.sh %{buildroot}%{_sysconfdir}/%{name}.d/check/required/00_required_scripts_start.sh
-mkdir    %{buildroot}%{_sysconfdir}/%{name}.d/check/wanted
-install -Dpm 0755 etc/greenboot.d/check/wanted/00_wanted_scripts_start.sh %{buildroot}%{_sysconfdir}/%{name}.d/check/wanted/00_wanted_scripts_start.sh
-mkdir    %{buildroot}%{_sysconfdir}/%{name}.d/green
-install -Dpm 0755 etc/greenboot.d/green/00_greenboot_notification.sh %{buildroot}%{_sysconfdir}/%{name}.d/green/00_greenboot_notification.sh
-mkdir    %{buildroot}%{_sysconfdir}/%{name}.d/red
-install -Dpm 0755 etc/greenboot.d/red/00_redboot_notification.sh %{buildroot}%{_sysconfdir}/%{name}.d/red/00_redboot_notification.sh
-install -Dpm 0755 etc/greenboot.d/red/98_ostree_rollback.sh %{buildroot}%{_sysconfdir}/%{name}.d/red/98_ostree_rollback.sh
-install -Dpm 0755 etc/greenboot.d/red/99_reboot.sh %{buildroot}%{_sysconfdir}/%{name}.d/red/99_reboot.sh
+mkdir -p %{buildroot}%{_sysconfdir}/%{name}/check/required.d
+install -Dpm 0755 etc/greenboot/check/required.d/00_required_scripts_start.sh %{buildroot}%{_sysconfdir}/%{name}/check/required.d/00_required_scripts_start.sh
+mkdir    %{buildroot}%{_sysconfdir}/%{name}/check/wanted.d
+install -Dpm 0755 etc/greenboot/check/wanted.d/00_wanted_scripts_start.sh %{buildroot}%{_sysconfdir}/%{name}/check/wanted.d/00_wanted_scripts_start.sh
+mkdir    %{buildroot}%{_sysconfdir}/%{name}/green.d
+install -Dpm 0755 etc/greenboot/green.d/00_greenboot_notification.sh %{buildroot}%{_sysconfdir}/%{name}/green.d/00_greenboot_notification.sh
+install -Dpm 0755 etc/greenboot/green.d/01_greenboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}/green.d/01_greenboot_motd.sh
+mkdir    %{buildroot}%{_sysconfdir}/%{name}/red.d
+install -Dpm 0755 etc/greenboot/red.d/00_redboot_notification.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/00_redboot_notification.sh
+install -Dpm 0755 etc/greenboot/red.d/01_redboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/01_redboot_motd.sh
+install -Dpm 0755 etc/greenboot/red.d/98_ostree_rollback.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/98_ostree_rollback.sh
+install -Dpm 0755 etc/greenboot/red.d/99_reboot.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/99_reboot.sh
+install -Dpm 0644 etc/greenboot/motd/greenboot.motd %{buildroot}%{_sysconfdir}/%{name}/motd/greenboot.motd
+install -Dpm 0644 etc/greenboot/motd/redboot.motd %{buildroot}%{_sysconfdir}/%{name}/motd/redboot.motd
+mkdir -p %{buildroot}/run/greenboot
+mkdir -p %{buildroot}%{_sysconfdir}/motd.d
+ln -snf /run/greenboot/motd %{buildroot}%{_sysconfdir}/motd.d/greenboot
 
 %post
 %systemd_post greenboot.target
@@ -89,22 +97,28 @@ install -Dpm 0755 etc/greenboot.d/red/99_reboot.sh %{buildroot}%{_sysconfdir}/%{
 %{_unitdir}/greenboot-healthcheck.service
 %{_unitdir}/greenboot.service
 %{_unitdir}/redboot.service
-%dir %{_sysconfdir}/%{name}.d/check/required
-%dir %{_sysconfdir}/%{name}.d/check/wanted
-%dir %{_sysconfdir}/%{name}.d/green
-%dir %{_sysconfdir}/%{name}.d/red
-
-%files notifications
-%{_sysconfdir}/%{name}.d/check/required/00_required_scripts_start.sh
-%{_sysconfdir}/%{name}.d/check/wanted/00_wanted_scripts_start.sh
-%{_sysconfdir}/%{name}.d/green/00_greenboot_notification.sh
-%{_sysconfdir}/%{name}.d/red/00_redboot_notification.sh
+%dir %{_sysconfdir}/%{name}/check/required.d
+%{_sysconfdir}/%{name}/check/required.d/00_required_scripts_start.sh
+%dir %{_sysconfdir}/%{name}/check/wanted.d
+%{_sysconfdir}/%{name}/check/wanted.d/00_wanted_scripts_start.sh
+%dir %{_sysconfdir}/%{name}/green.d
+%{_sysconfdir}/%{name}/green.d/00_greenboot_notification.sh
+%dir %{_sysconfdir}/%{name}/red.d
+%{_sysconfdir}/%{name}/red.d/00_redboot_notification.sh
+
+%files motd
+%{_sysconfdir}/%{name}/motd/greenboot.motd
+%{_sysconfdir}/%{name}/motd/redboot.motd
+%{_sysconfdir}/%{name}/green.d/01_greenboot_motd.sh
+%{_sysconfdir}/%{name}/red.d/01_redboot_motd.sh
+%dir /run/greenboot
+%config %{_sysconfdir}/motd.d/greenboot
 
 %files ostree
-%{_sysconfdir}/%{name}.d/red/98_ostree_rollback.sh
+%{_sysconfdir}/%{name}/red.d/98_ostree_rollback.sh
 
 %files reboot
-%{_sysconfdir}/%{name}.d/red/99_reboot.sh
+%{_sysconfdir}/%{name}/red.d/99_reboot.sh
 
 %changelog
 * Thu Jun 14 2018 Christian Glombek <[email protected]> - 0.1-1

tests/Vagrantfile

@@ -10,15 +10,19 @@ Vagrant.configure("2") do |config|
 
   config.vm.provision "shell", inline: <<-SHELL
     curl https://copr.fedorainfracloud.org/coprs/lorbus/greenboot/repo/fedora-28/lorbus-greenboot-fedora-28.repo --output /etc/yum.repos.d/_copr_lorbus-greenboot.repo
-    rpm-ostree install greenboot greenboot-notifications
+    rpm-ostree install greenboot greenboot-motd
     rpm-ostree ex livefs
-    # mv /vagrant/10_failing_check.sh /etc/greenboot.d/check/required/10_failing_check.sh
+    # Uncomment the following line to test red boot status behaviour
+    # mv /home/vagrant/sync/10_failing_check.sh /etc/greenboot/check/required.d/10_failing_check.sh
+    # Add pam_motd to sshd pam config until openssh is rebuilt
+    # see https://src.fedoraproject.org/rpms/openssh/c/4ef6823ff4d342f144dfca9eaaa4ffe5b46a1258
+    sed -i '/session    optional     pam_keyinit.so force revoke/a session    optional     pam_motd.so' /etc/pam.d/sshd
     systemctl enable greenboot.target
     systemctl start greenboot.target
     sleep 5
     journalctl -u greenboot.target
     journalctl -u greenboot
-    journalctl -t greenboot.sh
+    journalctl -u greenboot-healthcheck
   SHELL
 
 end

usr/libexec/greenboot/greenboot.sh

@@ -4,56 +4,56 @@ IFS=$'\n\t'
 
 run_required_scripts () {
   echo "Running Required Health Check Scripts..."
-  local required_scripts=`find /etc/greenboot.d/check/required -name '*.sh'`
+  local required_scripts=`find /etc/greenboot/check/required.d -name '*.sh'`
   local rc=0
   for script in $required_scripts; do
     systemd-cat -t "$(basename $script)" bash $script || rc=$?
     if [ $rc -ne 0 ]; then
-      echo -e "\e[1;31mRequired Health Check Script '$(basename $script)' FAILURE (exit code '$rc')\e[0m" >&2
+      echo "Required Health Check Script '$(basename $script)' FAILURE (exit code '$rc')" >&2
       exit $rc
     fi
-    echo -e "\e[1;32mRequired Health Check Script '$(basename $script)' SUCCESS\e[0m"
+    echo "Required Health Check Script '$(basename $script)' SUCCESS"
   done
 }
 
 run_wanted_scripts () {
   echo "Running Wanted Health Check Scripts..."
-  local wanted_scripts=`find /etc/greenboot.d/check/wanted -name '*.sh'`
+  local wanted_scripts=`find /etc/greenboot/check/wanted.d -name '*.sh'`
   local rc=0
   for script in $wanted_scripts; do
     systemd-cat -t "$(basename $script)" bash $script || rc=$?
     if [ $rc -eq 0 ]; then
-      echo -e "\e[1;32mWanted Health Check Script '$(basename $script)' SUCCESS\e[0m"
+      echo "Wanted Health Check Script '$(basename $script)' SUCCESS"
     else
-      echo -e "\e[1;31mWanted Health Check Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing...\e[0m" >&2
+      echo "Wanted Health Check Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing..." >&2
     fi
   done
 }
 
 run_green_scripts () {
   echo "Running Green Scripts..."
-  local green_scripts=`find /etc/greenboot.d/green -name '*.sh'`
+  local green_scripts=`find /etc/greenboot/green.d -name '*.sh'`
   local rc=0
   for script in $green_scripts; do
     systemd-cat -t "$(basename $script)" bash $script || rc=$?
     if [ $rc -eq 0 ]; then
-      echo -e "\e[1;32mGreen Script '$(basename $script)' SUCCESS\e[0m"
+      echo "Green Script '$(basename $script)' SUCCESS"
     else
-      echo -e "\e[1;31mGreen Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing...\e[0m" >&2
+      echo "Green Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing..." >&2
     fi
   done
 }
 
 run_red_scripts () {
   echo "Running Red Scripts..."
-  local red_scripts=`find /etc/greenboot.d/red -name '*.sh'`
+  local red_scripts=`find /etc/greenboot/red.d -name '*.sh'`
   local rc=0
   for script in $red_scripts; do
     systemd-cat -t "$(basename $script)" bash $script || rc=$?
     if [ $rc -eq 0 ]; then
-      echo -e "\e[1mRed Script '$(basename $script)' SUCCESS\e[0m"
+      echo "Red Script '$(basename $script)' SUCCESS"
     else
-      echo -e "\e[1;31mRed Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing...\e[0m" >&2
+      echo "Red Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing..." >&2
     fi
   done
 }
@@ -70,7 +70,7 @@ case "$@" in
     run_red_scripts
     ;;
   *)
-    echo -e "\e[31mIllegal Command\e[0m" >&2
+    echo "Illegal Command" >&2
     exit 127
     ;;
 esac