From 93634c19b8cb5d5a9dd87720f29ddcf4d1ec8323 Mon Sep 17 00:00:00 2001 From: Christian Glombek Date: Tue, 26 Jun 2018 23:57:17 +0200 Subject: [PATCH 1/3] Add MotD updater, greenboot-motd package --- .../required/00_required_scripts_start.sh | 4 --- .../check/wanted/00_wanted_scripts_start.sh | 4 --- etc/greenboot.d/green/00_greenboot_motd.sh | 4 +++ .../green/00_greenboot_notification.sh | 4 --- etc/greenboot.d/motd/greenboot.motd | 1 + etc/greenboot.d/motd/redboot.motd | 1 + etc/greenboot.d/red/00_redboot_motd.sh | 4 +++ .../red/00_redboot_notification.sh | 4 --- greenboot.spec | 34 +++++++++++-------- tests/Vagrantfile | 2 +- 10 files changed, 31 insertions(+), 31 deletions(-) delete mode 100644 etc/greenboot.d/check/required/00_required_scripts_start.sh delete mode 100644 etc/greenboot.d/check/wanted/00_wanted_scripts_start.sh create mode 100644 etc/greenboot.d/green/00_greenboot_motd.sh delete mode 100644 etc/greenboot.d/green/00_greenboot_notification.sh create mode 100644 etc/greenboot.d/motd/greenboot.motd create mode 100644 etc/greenboot.d/motd/redboot.motd create mode 100644 etc/greenboot.d/red/00_redboot_motd.sh delete mode 100644 etc/greenboot.d/red/00_redboot_notification.sh diff --git a/etc/greenboot.d/check/required/00_required_scripts_start.sh b/etc/greenboot.d/check/required/00_required_scripts_start.sh deleted file mode 100644 index f02a148..0000000 --- a/etc/greenboot.d/check/required/00_required_scripts_start.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -euo pipefail - -echo "Running greenboot Required Scripts" diff --git a/etc/greenboot.d/check/wanted/00_wanted_scripts_start.sh b/etc/greenboot.d/check/wanted/00_wanted_scripts_start.sh deleted file mode 100644 index bfee53a..0000000 --- a/etc/greenboot.d/check/wanted/00_wanted_scripts_start.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -euo pipefail - -echo "Running greenboot Wanted Scripts" diff --git a/etc/greenboot.d/green/00_greenboot_motd.sh b/etc/greenboot.d/green/00_greenboot_motd.sh new file mode 100644 index 0000000..29ae19f --- /dev/null +++ b/etc/greenboot.d/green/00_greenboot_motd.sh @@ -0,0 +1,4 @@ +#!/bin/bash +set -euo pipefail + +ln -snf /etc/greenboot.d/motd/greenboot.motd /run/greenboot/motd diff --git a/etc/greenboot.d/green/00_greenboot_notification.sh b/etc/greenboot.d/green/00_greenboot_notification.sh deleted file mode 100644 index 39f45ea..0000000 --- a/etc/greenboot.d/green/00_greenboot_notification.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -euo pipefail - -echo "Health Check SUCCESS! Boot status is GREEN" diff --git a/etc/greenboot.d/motd/greenboot.motd b/etc/greenboot.d/motd/greenboot.motd new file mode 100644 index 0000000..bd20863 --- /dev/null +++ b/etc/greenboot.d/motd/greenboot.motd @@ -0,0 +1 @@ +Health Check SUCCEEDED. Boot Status is GREEN. diff --git a/etc/greenboot.d/motd/redboot.motd b/etc/greenboot.d/motd/redboot.motd new file mode 100644 index 0000000..0f394d7 --- /dev/null +++ b/etc/greenboot.d/motd/redboot.motd @@ -0,0 +1 @@ +Health Check FAILED! Boot Status is RED! diff --git a/etc/greenboot.d/red/00_redboot_motd.sh b/etc/greenboot.d/red/00_redboot_motd.sh new file mode 100644 index 0000000..ec5da10 --- /dev/null +++ b/etc/greenboot.d/red/00_redboot_motd.sh @@ -0,0 +1,4 @@ +#!/bin/bash +set -euo pipefail + +ln -snf /etc/greenboot.d/motd/redboot.motd /run/greenboot/motd diff --git a/etc/greenboot.d/red/00_redboot_notification.sh b/etc/greenboot.d/red/00_redboot_notification.sh deleted file mode 100644 index 02522b3..0000000 --- a/etc/greenboot.d/red/00_redboot_notification.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -euo pipefail - -echo "Health Check FAILURE! Boot status is RED" diff --git a/greenboot.spec b/greenboot.spec index 902592b..0cfbb60 100644 --- a/greenboot.spec +++ b/greenboot.spec @@ -4,7 +4,7 @@ %global build_timestamp %(date +"%Y%m%d%H%M%%S") Name: greenboot -Version: 0.1 +Version: 0.2 Release: 1%{?dist} Summary: Generic Health Check Framework for systemd License: LGPLv2+ @@ -19,11 +19,12 @@ Requires: systemd %description %{summary}. -%package notifications -Summary: Notification scripts for greenboot +%package motd +Summary: MotD updater for greenboot +Requires: pam >= 1.3.1 -%description notifications -Notification scripts for greenboot +%description motd +Message of the Day updater for greenboot %package ostree Summary: OSTree specific scripts for greenboot @@ -49,15 +50,18 @@ install -Dpm 0644 usr/lib/systemd/system/greenboot-healthcheck.service %{buildro install -Dpm 0644 usr/lib/systemd/system/greenboot.service %{buildroot}%{_unitdir}/greenboot.service install -Dpm 0644 usr/lib/systemd/system/redboot.service %{buildroot}%{_unitdir}/redboot.service mkdir -p %{buildroot}%{_sysconfdir}/%{name}.d/check/required -install -Dpm 0755 etc/greenboot.d/check/required/00_required_scripts_start.sh %{buildroot}%{_sysconfdir}/%{name}.d/check/required/00_required_scripts_start.sh mkdir %{buildroot}%{_sysconfdir}/%{name}.d/check/wanted -install -Dpm 0755 etc/greenboot.d/check/wanted/00_wanted_scripts_start.sh %{buildroot}%{_sysconfdir}/%{name}.d/check/wanted/00_wanted_scripts_start.sh mkdir %{buildroot}%{_sysconfdir}/%{name}.d/green -install -Dpm 0755 etc/greenboot.d/green/00_greenboot_notification.sh %{buildroot}%{_sysconfdir}/%{name}.d/green/00_greenboot_notification.sh +install -Dpm 0755 etc/greenboot.d/green/00_greenboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}.d/green/00_greenboot_motd.sh mkdir %{buildroot}%{_sysconfdir}/%{name}.d/red -install -Dpm 0755 etc/greenboot.d/red/00_redboot_notification.sh %{buildroot}%{_sysconfdir}/%{name}.d/red/00_redboot_notification.sh +install -Dpm 0755 etc/greenboot.d/red/00_redboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}.d/red/00_redboot_motd.sh install -Dpm 0755 etc/greenboot.d/red/98_ostree_rollback.sh %{buildroot}%{_sysconfdir}/%{name}.d/red/98_ostree_rollback.sh install -Dpm 0755 etc/greenboot.d/red/99_reboot.sh %{buildroot}%{_sysconfdir}/%{name}.d/red/99_reboot.sh +install -Dpm 0644 etc/greenboot.d/motd/greenboot.motd %{buildroot}%{_sysconfdir}/%{name}.d/motd/greenboot.motd +install -Dpm 0644 etc/greenboot.d/motd/redboot.motd %{buildroot}%{_sysconfdir}/%{name}.d/motd/redboot.motd +mkdir -p %{buildroot}/run/greenboot +mkdir -p %{buildroot}%{_sysconfdir}/motd.d +ln -snf /run/greenboot/motd %{buildroot}%{_sysconfdir}/motd.d/greenboot %post %systemd_post greenboot.target @@ -94,11 +98,13 @@ install -Dpm 0755 etc/greenboot.d/red/99_reboot.sh %{buildroot}%{_sysconfdir}/%{ %dir %{_sysconfdir}/%{name}.d/green %dir %{_sysconfdir}/%{name}.d/red -%files notifications -%{_sysconfdir}/%{name}.d/check/required/00_required_scripts_start.sh -%{_sysconfdir}/%{name}.d/check/wanted/00_wanted_scripts_start.sh -%{_sysconfdir}/%{name}.d/green/00_greenboot_notification.sh -%{_sysconfdir}/%{name}.d/red/00_redboot_notification.sh +%files motd +%{_sysconfdir}/%{name}.d/motd/greenboot.motd +%{_sysconfdir}/%{name}.d/motd/redboot.motd +%{_sysconfdir}/%{name}.d/green/00_greenboot_motd.sh +%{_sysconfdir}/%{name}.d/red/00_redboot_motd.sh +%dir /run/greenboot +%config %{_sysconfdir}/motd.d/greenboot %files ostree %{_sysconfdir}/%{name}.d/red/98_ostree_rollback.sh diff --git a/tests/Vagrantfile b/tests/Vagrantfile index 3d4c74a..4ed5faa 100644 --- a/tests/Vagrantfile +++ b/tests/Vagrantfile @@ -10,7 +10,7 @@ Vagrant.configure("2") do |config| config.vm.provision "shell", inline: <<-SHELL curl https://copr.fedorainfracloud.org/coprs/lorbus/greenboot/repo/fedora-28/lorbus-greenboot-fedora-28.repo --output /etc/yum.repos.d/_copr_lorbus-greenboot.repo - rpm-ostree install greenboot greenboot-notifications + rpm-ostree install greenboot greenboot-motd rpm-ostree ex livefs # mv /vagrant/10_failing_check.sh /etc/greenboot.d/check/required/10_failing_check.sh systemctl enable greenboot.target From 13e140712d6818ed4cc0c161c9dda84062da2434 Mon Sep 17 00:00:00 2001 From: Christian Glombek Date: Wed, 27 Jun 2018 02:45:55 +0200 Subject: [PATCH 2/3] /etc/greenboot.d -> /etc/greenboot --- README.md | 20 +++++----- etc/greenboot.d/green/00_greenboot_motd.sh | 4 -- etc/greenboot.d/red/00_redboot_motd.sh | 4 -- etc/greenboot/green.d/00_greenboot_motd.sh | 4 ++ .../motd/greenboot.motd | 0 .../motd/redboot.motd | 0 etc/greenboot/red.d/00_redboot_motd.sh | 4 ++ .../red.d}/98_ostree_rollback.sh | 0 .../red => greenboot/red.d}/99_reboot.sh | 0 greenboot.spec | 40 +++++++++---------- tests/Vagrantfile | 6 ++- usr/libexec/greenboot/greenboot.sh | 26 ++++++------ 12 files changed, 56 insertions(+), 52 deletions(-) delete mode 100644 etc/greenboot.d/green/00_greenboot_motd.sh delete mode 100644 etc/greenboot.d/red/00_redboot_motd.sh create mode 100644 etc/greenboot/green.d/00_greenboot_motd.sh rename etc/{greenboot.d => greenboot}/motd/greenboot.motd (100%) rename etc/{greenboot.d => greenboot}/motd/redboot.motd (100%) create mode 100644 etc/greenboot/red.d/00_redboot_motd.sh rename etc/{greenboot.d/red => greenboot/red.d}/98_ostree_rollback.sh (100%) rename etc/{greenboot.d/red => greenboot/red.d}/99_reboot.sh (100%) diff --git a/README.md b/README.md index 937f2a4..f02ffd4 100644 --- a/README.md +++ b/README.md @@ -6,19 +6,19 @@ The following directory structure is created: ``` /etc - /greenboot.d - /check - /required - /wanted - /green - /red + /greenboot + /check + /required.d + /wanted.d + /green.d + /red.d ``` ### Custom Health Checks You have multiple options to customize greenboot’s health checking behaviour: -* Drop scripts representing health checks that MUST NOT FAIL in order to reach a GREEN boot status into `/etc/greenboot.d/check/required`. -* Drop scripts representing health checks that MAY FAIL into `/etc/greenboot.d/check/wanted`. +* Drop scripts representing health checks that MUST NOT FAIL in order to reach a GREEN boot status into `/etc/greenboot/check/required.d`. +* Drop scripts representing health checks that MAY FAIL into `/etc/greenboot/check/wanted.d`. * Create oneshot health check service units that MUST NOT FAIL like the following and drop them into `/etc/systemd/system` (don't forget to `systemctl enable` them afterwards): ``` [Unit] @@ -47,7 +47,7 @@ WantedBy=greenboot.target ``` ### Custom GREEN Status Procedures -* Drop scripts representing procedures you want to run after a GREEN boot status has been reached into `/etc/greenboot.d/green`. +* Drop scripts representing procedures you want to run after a GREEN boot status has been reached into `/etc/greenboot/green.d`. ### Custom RED Status Procedures -* Drop scripts representing procedures you want to run after a RED boot status has been reached into `/etc/greenboot.d/red`. +* Drop scripts representing procedures you want to run after a RED boot status has been reached into `/etc/greenboot/red.d`. diff --git a/etc/greenboot.d/green/00_greenboot_motd.sh b/etc/greenboot.d/green/00_greenboot_motd.sh deleted file mode 100644 index 29ae19f..0000000 --- a/etc/greenboot.d/green/00_greenboot_motd.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -euo pipefail - -ln -snf /etc/greenboot.d/motd/greenboot.motd /run/greenboot/motd diff --git a/etc/greenboot.d/red/00_redboot_motd.sh b/etc/greenboot.d/red/00_redboot_motd.sh deleted file mode 100644 index ec5da10..0000000 --- a/etc/greenboot.d/red/00_redboot_motd.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -euo pipefail - -ln -snf /etc/greenboot.d/motd/redboot.motd /run/greenboot/motd diff --git a/etc/greenboot/green.d/00_greenboot_motd.sh b/etc/greenboot/green.d/00_greenboot_motd.sh new file mode 100644 index 0000000..f71966b --- /dev/null +++ b/etc/greenboot/green.d/00_greenboot_motd.sh @@ -0,0 +1,4 @@ +#!/bin/bash +set -euo pipefail + +ln -snf /etc/greenboot/motd/greenboot.motd /run/greenboot/motd diff --git a/etc/greenboot.d/motd/greenboot.motd b/etc/greenboot/motd/greenboot.motd similarity index 100% rename from etc/greenboot.d/motd/greenboot.motd rename to etc/greenboot/motd/greenboot.motd diff --git a/etc/greenboot.d/motd/redboot.motd b/etc/greenboot/motd/redboot.motd similarity index 100% rename from etc/greenboot.d/motd/redboot.motd rename to etc/greenboot/motd/redboot.motd diff --git a/etc/greenboot/red.d/00_redboot_motd.sh b/etc/greenboot/red.d/00_redboot_motd.sh new file mode 100644 index 0000000..90c5d64 --- /dev/null +++ b/etc/greenboot/red.d/00_redboot_motd.sh @@ -0,0 +1,4 @@ +#!/bin/bash +set -euo pipefail + +ln -snf /etc/greenboot/motd/redboot.motd /run/greenboot/motd diff --git a/etc/greenboot.d/red/98_ostree_rollback.sh b/etc/greenboot/red.d/98_ostree_rollback.sh similarity index 100% rename from etc/greenboot.d/red/98_ostree_rollback.sh rename to etc/greenboot/red.d/98_ostree_rollback.sh diff --git a/etc/greenboot.d/red/99_reboot.sh b/etc/greenboot/red.d/99_reboot.sh similarity index 100% rename from etc/greenboot.d/red/99_reboot.sh rename to etc/greenboot/red.d/99_reboot.sh diff --git a/greenboot.spec b/greenboot.spec index 0cfbb60..4f542db 100644 --- a/greenboot.spec +++ b/greenboot.spec @@ -49,16 +49,16 @@ install -Dpm 0644 usr/lib/systemd/system/greenboot.target %{buildroot}%{_unitdir install -Dpm 0644 usr/lib/systemd/system/greenboot-healthcheck.service %{buildroot}%{_unitdir}/greenboot-healthcheck.service install -Dpm 0644 usr/lib/systemd/system/greenboot.service %{buildroot}%{_unitdir}/greenboot.service install -Dpm 0644 usr/lib/systemd/system/redboot.service %{buildroot}%{_unitdir}/redboot.service -mkdir -p %{buildroot}%{_sysconfdir}/%{name}.d/check/required -mkdir %{buildroot}%{_sysconfdir}/%{name}.d/check/wanted -mkdir %{buildroot}%{_sysconfdir}/%{name}.d/green -install -Dpm 0755 etc/greenboot.d/green/00_greenboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}.d/green/00_greenboot_motd.sh -mkdir %{buildroot}%{_sysconfdir}/%{name}.d/red -install -Dpm 0755 etc/greenboot.d/red/00_redboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}.d/red/00_redboot_motd.sh -install -Dpm 0755 etc/greenboot.d/red/98_ostree_rollback.sh %{buildroot}%{_sysconfdir}/%{name}.d/red/98_ostree_rollback.sh -install -Dpm 0755 etc/greenboot.d/red/99_reboot.sh %{buildroot}%{_sysconfdir}/%{name}.d/red/99_reboot.sh -install -Dpm 0644 etc/greenboot.d/motd/greenboot.motd %{buildroot}%{_sysconfdir}/%{name}.d/motd/greenboot.motd -install -Dpm 0644 etc/greenboot.d/motd/redboot.motd %{buildroot}%{_sysconfdir}/%{name}.d/motd/redboot.motd +mkdir -p %{buildroot}%{_sysconfdir}/%{name}/check/required.d +mkdir %{buildroot}%{_sysconfdir}/%{name}/check/wanted.d +mkdir %{buildroot}%{_sysconfdir}/%{name}/green.d +install -Dpm 0755 etc/greenboot/green.d/00_greenboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}/green.d/00_greenboot_motd.sh +mkdir %{buildroot}%{_sysconfdir}/%{name}/red.d +install -Dpm 0755 etc/greenboot/red.d/00_redboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/00_redboot_motd.sh +install -Dpm 0755 etc/greenboot/red.d/98_ostree_rollback.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/98_ostree_rollback.sh +install -Dpm 0755 etc/greenboot/red.d/99_reboot.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/99_reboot.sh +install -Dpm 0644 etc/greenboot/motd/greenboot.motd %{buildroot}%{_sysconfdir}/%{name}/motd/greenboot.motd +install -Dpm 0644 etc/greenboot/motd/redboot.motd %{buildroot}%{_sysconfdir}/%{name}/motd/redboot.motd mkdir -p %{buildroot}/run/greenboot mkdir -p %{buildroot}%{_sysconfdir}/motd.d ln -snf /run/greenboot/motd %{buildroot}%{_sysconfdir}/motd.d/greenboot @@ -93,24 +93,24 @@ ln -snf /run/greenboot/motd %{buildroot}%{_sysconfdir}/motd.d/greenboot %{_unitdir}/greenboot-healthcheck.service %{_unitdir}/greenboot.service %{_unitdir}/redboot.service -%dir %{_sysconfdir}/%{name}.d/check/required -%dir %{_sysconfdir}/%{name}.d/check/wanted -%dir %{_sysconfdir}/%{name}.d/green -%dir %{_sysconfdir}/%{name}.d/red +%dir %{_sysconfdir}/%{name}/check/required.d +%dir %{_sysconfdir}/%{name}/check/wanted.d +%dir %{_sysconfdir}/%{name}/green.d +%dir %{_sysconfdir}/%{name}/red.d %files motd -%{_sysconfdir}/%{name}.d/motd/greenboot.motd -%{_sysconfdir}/%{name}.d/motd/redboot.motd -%{_sysconfdir}/%{name}.d/green/00_greenboot_motd.sh -%{_sysconfdir}/%{name}.d/red/00_redboot_motd.sh +%{_sysconfdir}/%{name}/motd/greenboot.motd +%{_sysconfdir}/%{name}/motd/redboot.motd +%{_sysconfdir}/%{name}/green.d/00_greenboot_motd.sh +%{_sysconfdir}/%{name}/red.d/00_redboot_motd.sh %dir /run/greenboot %config %{_sysconfdir}/motd.d/greenboot %files ostree -%{_sysconfdir}/%{name}.d/red/98_ostree_rollback.sh +%{_sysconfdir}/%{name}/red.d/98_ostree_rollback.sh %files reboot -%{_sysconfdir}/%{name}.d/red/99_reboot.sh +%{_sysconfdir}/%{name}/red.d/99_reboot.sh %changelog * Thu Jun 14 2018 Christian Glombek - 0.1-1 diff --git a/tests/Vagrantfile b/tests/Vagrantfile index 4ed5faa..8202241 100644 --- a/tests/Vagrantfile +++ b/tests/Vagrantfile @@ -12,7 +12,11 @@ Vagrant.configure("2") do |config| curl https://copr.fedorainfracloud.org/coprs/lorbus/greenboot/repo/fedora-28/lorbus-greenboot-fedora-28.repo --output /etc/yum.repos.d/_copr_lorbus-greenboot.repo rpm-ostree install greenboot greenboot-motd rpm-ostree ex livefs - # mv /vagrant/10_failing_check.sh /etc/greenboot.d/check/required/10_failing_check.sh + # Uncomment the following line to test red boot status behaviour + # mv /home/vagrant/sync/10_failing_check.sh /etc/greenboot.d/check/required/10_failing_check.sh + # Add pam_motd to sshd pam config until openssh is rebuilt + # see https://src.fedoraproject.org/rpms/openssh/c/4ef6823ff4d342f144dfca9eaaa4ffe5b46a1258 + sed -i '/session optional pam_keyinit.so force revoke/a session optional pam_motd.so' /etc/pam.d/sshd systemctl enable greenboot.target systemctl start greenboot.target sleep 5 diff --git a/usr/libexec/greenboot/greenboot.sh b/usr/libexec/greenboot/greenboot.sh index c5dcf67..9e4fcf9 100755 --- a/usr/libexec/greenboot/greenboot.sh +++ b/usr/libexec/greenboot/greenboot.sh @@ -4,56 +4,56 @@ IFS=$'\n\t' run_required_scripts () { echo "Running Required Health Check Scripts..." - local required_scripts=`find /etc/greenboot.d/check/required -name '*.sh'` + local required_scripts=`find /etc/greenboot/check/required.d -name '*.sh'` local rc=0 for script in $required_scripts; do systemd-cat -t "$(basename $script)" bash $script || rc=$? if [ $rc -ne 0 ]; then - echo -e "\e[1;31mRequired Health Check Script '$(basename $script)' FAILURE (exit code '$rc')\e[0m" >&2 + echo "Required Health Check Script '$(basename $script)' FAILURE (exit code '$rc')" >&2 exit $rc fi - echo -e "\e[1;32mRequired Health Check Script '$(basename $script)' SUCCESS\e[0m" + echo "Required Health Check Script '$(basename $script)' SUCCESS" done } run_wanted_scripts () { echo "Running Wanted Health Check Scripts..." - local wanted_scripts=`find /etc/greenboot.d/check/wanted -name '*.sh'` + local wanted_scripts=`find /etc/greenboot/check/wanted.d -name '*.sh'` local rc=0 for script in $wanted_scripts; do systemd-cat -t "$(basename $script)" bash $script || rc=$? if [ $rc -eq 0 ]; then - echo -e "\e[1;32mWanted Health Check Script '$(basename $script)' SUCCESS\e[0m" + echo "Wanted Health Check Script '$(basename $script)' SUCCESS" else - echo -e "\e[1;31mWanted Health Check Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing...\e[0m" >&2 + echo "Wanted Health Check Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing..." >&2 fi done } run_green_scripts () { echo "Running Green Scripts..." - local green_scripts=`find /etc/greenboot.d/green -name '*.sh'` + local green_scripts=`find /etc/greenboot/green.d -name '*.sh'` local rc=0 for script in $green_scripts; do systemd-cat -t "$(basename $script)" bash $script || rc=$? if [ $rc -eq 0 ]; then - echo -e "\e[1;32mGreen Script '$(basename $script)' SUCCESS\e[0m" + echo "Green Script '$(basename $script)' SUCCESS" else - echo -e "\e[1;31mGreen Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing...\e[0m" >&2 + echo "Green Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing..." >&2 fi done } run_red_scripts () { echo "Running Red Scripts..." - local red_scripts=`find /etc/greenboot.d/red -name '*.sh'` + local red_scripts=`find /etc/greenboot/red.d -name '*.sh'` local rc=0 for script in $red_scripts; do systemd-cat -t "$(basename $script)" bash $script || rc=$? if [ $rc -eq 0 ]; then - echo -e "\e[1mRed Script '$(basename $script)' SUCCESS\e[0m" + echo "Red Script '$(basename $script)' SUCCESS" else - echo -e "\e[1;31mRed Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing...\e[0m" >&2 + echo "Red Script '$(basename $script)' FAILURE (exit code '$rc'). Continuing..." >&2 fi done } @@ -70,7 +70,7 @@ case "$@" in run_red_scripts ;; *) - echo -e "\e[31mIllegal Command\e[0m" >&2 + echo "Illegal Command" >&2 exit 127 ;; esac From 979092ba74eb4f5571b7a2609b47a07416993fde Mon Sep 17 00:00:00 2001 From: Christian Glombek Date: Fri, 29 Jun 2018 03:01:40 +0200 Subject: [PATCH 3/3] Address review by @jlebon and @dustymabe --- README.md | 12 ++++++------ .../required.d/00_required_scripts_start.sh | 4 ++++ .../check/wanted.d/00_wanted_scripts_start.sh | 4 ++++ .../green.d/00_greenboot_notification.sh | 4 ++++ ...00_greenboot_motd.sh => 01_greenboot_motd.sh} | 0 etc/greenboot/motd/redboot.motd | 1 + etc/greenboot/red.d/00_redboot_notification.sh | 4 ++++ .../{00_redboot_motd.sh => 01_redboot_motd.sh} | 0 greenboot.spec | 16 ++++++++++++---- tests/Vagrantfile | 4 ++-- 10 files changed, 37 insertions(+), 12 deletions(-) create mode 100644 etc/greenboot/check/required.d/00_required_scripts_start.sh create mode 100644 etc/greenboot/check/wanted.d/00_wanted_scripts_start.sh create mode 100644 etc/greenboot/green.d/00_greenboot_notification.sh rename etc/greenboot/green.d/{00_greenboot_motd.sh => 01_greenboot_motd.sh} (100%) create mode 100644 etc/greenboot/red.d/00_redboot_notification.sh rename etc/greenboot/red.d/{00_redboot_motd.sh => 01_redboot_motd.sh} (100%) diff --git a/README.md b/README.md index f02ffd4..33ced47 100644 --- a/README.md +++ b/README.md @@ -6,12 +6,12 @@ The following directory structure is created: ``` /etc - /greenboot - /check - /required.d - /wanted.d - /green.d - /red.d +└── greenboot + ├── check + │   ├── required.d + │   └── wanted.d + ├── green.d + └── red.d ``` ### Custom Health Checks diff --git a/etc/greenboot/check/required.d/00_required_scripts_start.sh b/etc/greenboot/check/required.d/00_required_scripts_start.sh new file mode 100644 index 0000000..5b4f51b --- /dev/null +++ b/etc/greenboot/check/required.d/00_required_scripts_start.sh @@ -0,0 +1,4 @@ +#!/bin/bash +set -euo pipefail + +echo "Running greenboot Required Health Check Scripts" diff --git a/etc/greenboot/check/wanted.d/00_wanted_scripts_start.sh b/etc/greenboot/check/wanted.d/00_wanted_scripts_start.sh new file mode 100644 index 0000000..b6a9397 --- /dev/null +++ b/etc/greenboot/check/wanted.d/00_wanted_scripts_start.sh @@ -0,0 +1,4 @@ +#!/bin/bash +set -euo pipefail + +echo "Running greenboot Wanted Health Check Scripts" diff --git a/etc/greenboot/green.d/00_greenboot_notification.sh b/etc/greenboot/green.d/00_greenboot_notification.sh new file mode 100644 index 0000000..39f45ea --- /dev/null +++ b/etc/greenboot/green.d/00_greenboot_notification.sh @@ -0,0 +1,4 @@ +#!/bin/bash +set -euo pipefail + +echo "Health Check SUCCESS! Boot status is GREEN" diff --git a/etc/greenboot/green.d/00_greenboot_motd.sh b/etc/greenboot/green.d/01_greenboot_motd.sh similarity index 100% rename from etc/greenboot/green.d/00_greenboot_motd.sh rename to etc/greenboot/green.d/01_greenboot_motd.sh diff --git a/etc/greenboot/motd/redboot.motd b/etc/greenboot/motd/redboot.motd index 0f394d7..be725dc 100644 --- a/etc/greenboot/motd/redboot.motd +++ b/etc/greenboot/motd/redboot.motd @@ -1 +1,2 @@ Health Check FAILED! Boot Status is RED! +Run `journalctl -u greenboot-healthcheck` for more information. diff --git a/etc/greenboot/red.d/00_redboot_notification.sh b/etc/greenboot/red.d/00_redboot_notification.sh new file mode 100644 index 0000000..02522b3 --- /dev/null +++ b/etc/greenboot/red.d/00_redboot_notification.sh @@ -0,0 +1,4 @@ +#!/bin/bash +set -euo pipefail + +echo "Health Check FAILURE! Boot status is RED" diff --git a/etc/greenboot/red.d/00_redboot_motd.sh b/etc/greenboot/red.d/01_redboot_motd.sh similarity index 100% rename from etc/greenboot/red.d/00_redboot_motd.sh rename to etc/greenboot/red.d/01_redboot_motd.sh diff --git a/greenboot.spec b/greenboot.spec index 4f542db..c15b3f6 100644 --- a/greenboot.spec +++ b/greenboot.spec @@ -50,11 +50,15 @@ install -Dpm 0644 usr/lib/systemd/system/greenboot-healthcheck.service %{buildro install -Dpm 0644 usr/lib/systemd/system/greenboot.service %{buildroot}%{_unitdir}/greenboot.service install -Dpm 0644 usr/lib/systemd/system/redboot.service %{buildroot}%{_unitdir}/redboot.service mkdir -p %{buildroot}%{_sysconfdir}/%{name}/check/required.d +install -Dpm 0755 etc/greenboot/check/required.d/00_required_scripts_start.sh %{buildroot}%{_sysconfdir}/%{name}/check/required.d/00_required_scripts_start.sh mkdir %{buildroot}%{_sysconfdir}/%{name}/check/wanted.d +install -Dpm 0755 etc/greenboot/check/wanted.d/00_wanted_scripts_start.sh %{buildroot}%{_sysconfdir}/%{name}/check/wanted.d/00_wanted_scripts_start.sh mkdir %{buildroot}%{_sysconfdir}/%{name}/green.d -install -Dpm 0755 etc/greenboot/green.d/00_greenboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}/green.d/00_greenboot_motd.sh +install -Dpm 0755 etc/greenboot/green.d/00_greenboot_notification.sh %{buildroot}%{_sysconfdir}/%{name}/green.d/00_greenboot_notification.sh +install -Dpm 0755 etc/greenboot/green.d/01_greenboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}/green.d/01_greenboot_motd.sh mkdir %{buildroot}%{_sysconfdir}/%{name}/red.d -install -Dpm 0755 etc/greenboot/red.d/00_redboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/00_redboot_motd.sh +install -Dpm 0755 etc/greenboot/red.d/00_redboot_notification.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/00_redboot_notification.sh +install -Dpm 0755 etc/greenboot/red.d/01_redboot_motd.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/01_redboot_motd.sh install -Dpm 0755 etc/greenboot/red.d/98_ostree_rollback.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/98_ostree_rollback.sh install -Dpm 0755 etc/greenboot/red.d/99_reboot.sh %{buildroot}%{_sysconfdir}/%{name}/red.d/99_reboot.sh install -Dpm 0644 etc/greenboot/motd/greenboot.motd %{buildroot}%{_sysconfdir}/%{name}/motd/greenboot.motd @@ -94,15 +98,19 @@ ln -snf /run/greenboot/motd %{buildroot}%{_sysconfdir}/motd.d/greenboot %{_unitdir}/greenboot.service %{_unitdir}/redboot.service %dir %{_sysconfdir}/%{name}/check/required.d +%{_sysconfdir}/%{name}/check/required.d/00_required_scripts_start.sh %dir %{_sysconfdir}/%{name}/check/wanted.d +%{_sysconfdir}/%{name}/check/wanted.d/00_wanted_scripts_start.sh %dir %{_sysconfdir}/%{name}/green.d +%{_sysconfdir}/%{name}/green.d/00_greenboot_notification.sh %dir %{_sysconfdir}/%{name}/red.d +%{_sysconfdir}/%{name}/red.d/00_redboot_notification.sh %files motd %{_sysconfdir}/%{name}/motd/greenboot.motd %{_sysconfdir}/%{name}/motd/redboot.motd -%{_sysconfdir}/%{name}/green.d/00_greenboot_motd.sh -%{_sysconfdir}/%{name}/red.d/00_redboot_motd.sh +%{_sysconfdir}/%{name}/green.d/01_greenboot_motd.sh +%{_sysconfdir}/%{name}/red.d/01_redboot_motd.sh %dir /run/greenboot %config %{_sysconfdir}/motd.d/greenboot diff --git a/tests/Vagrantfile b/tests/Vagrantfile index 8202241..ee749a0 100644 --- a/tests/Vagrantfile +++ b/tests/Vagrantfile @@ -13,7 +13,7 @@ Vagrant.configure("2") do |config| rpm-ostree install greenboot greenboot-motd rpm-ostree ex livefs # Uncomment the following line to test red boot status behaviour - # mv /home/vagrant/sync/10_failing_check.sh /etc/greenboot.d/check/required/10_failing_check.sh + # mv /home/vagrant/sync/10_failing_check.sh /etc/greenboot/check/required.d/10_failing_check.sh # Add pam_motd to sshd pam config until openssh is rebuilt # see https://src.fedoraproject.org/rpms/openssh/c/4ef6823ff4d342f144dfca9eaaa4ffe5b46a1258 sed -i '/session optional pam_keyinit.so force revoke/a session optional pam_motd.so' /etc/pam.d/sshd @@ -22,7 +22,7 @@ Vagrant.configure("2") do |config| sleep 5 journalctl -u greenboot.target journalctl -u greenboot - journalctl -t greenboot.sh + journalctl -u greenboot-healthcheck SHELL end