Index: /branches/amp_4_0/Makefile =================================================================== --- /branches/amp_4_0/Makefile (revision 2704) +++ /branches/amp_4_0/Makefile (working copy) @@ -10,6 +10,12 @@ SubDir += lib src tools ExtensionsDir = monitoring auditing rs_api vpn_mgmt license_server avx_mgmt ResourceIp = 192.168.100.11 +GPG_KEY_NAME = Array Networks +GPG_PASSPHRASE = arrayclick1 +RPM_DIR = $(TOP)/system/ +PKG_NAME = amp +#RPM_FILES = $(find $(RPM_DIR)/ -name $(PKG_NAME)*.rpm) +RPM_FILES = $(wildcard $(RPM_DIR)$(PKG_NAME)*.rpm) all: tools/create_ver_h.pl AMP @@ -32,6 +38,8 @@ $(RM) -fr $(TOP)/update/pack/ $(RM) -fr $(TOP)/update/avxupdate.tar.gz $(RM) -fr $(TOP)/update/avxupdate.array + @for i in ${ExtensionsDir} ;do echo ${PWD}/extensions/$${i}; cd ${PWD}/extensions/$${i}; \ + rm -rf rpm || exit "$$?"; cd ${PWD}; done rpm: tar zcvf amp.tar.gz amp.spec conf lib Makefile Makefile.master README src tools update scripts init @@ -45,15 +53,16 @@ rpmbuild -ta imc.tar.gz --define "%_topdir `pwd`/build/infosec/" amp: - tar zcvf amp.tar.gz amp.spec conf lib Makefile Makefile.master README src tools update scripts init platform + @for i in ${ExtensionsDir} ;do cd ${PWD}/extensions/$${i}; /bin/sh build.sh; cd ${PWD}; done + tar zcvf amp.tar.gz amp.spec conf lib Makefile Makefile.master README src tools update scripts init platform extensions rpmbuild -ta amp.tar.gz --define "%_topdir `pwd`/build/array/" + rm -rf extensions/license_server/license_server.tar extensions/license_server/libevent_openssl-2.1.so.7 extensions/license_server/libevent-2.1.so.7 + rm -f extensions/monitoring/monitoring.tar.gz + rm -f extensions/auditing/auditing.tar.gz + rm -f extensions/rs_api/rs_api.tar.gz + rm -f extensions/vpn_mgmt/vpn_mgmt.tar.gz mkdir -p $(TOP)/system cp $(TOP)/build/array/RPMS/x86_64/amp-[0-9]* $(TOP)/system/ - mkdir -p $(TOP)/exts - @for i in ${ExtensionsDir} ;do cd ${PWD}/extensions/$${i}; /bin/sh build.sh; \ - cp ${PWD}/extensions/$${i}/rpm/RPMS/x86_64/$${i}-[0-9]* $(PWD)/exts/; cd ${PWD}; done - mkdir -p $(TOP)/all_in_one - mv $(TOP)/exts $(TOP)/all_in_one/ mv $(TOP)/system $(TOP)/all_in_one/ curl -O http://$(ResourceIp)/all_dep.tar.gz && tar zxvf all_dep.tar.gz && mv $(TOP)/all_dep $(TOP)/all_in_one/ && rm -rf all_dep.tar.gz cp $(TOP)/build_scripts/install.sh $(TOP)/all_in_one/ && cp $(TOP)/scripts/uninstall_extensions.sh $(TOP)/all_in_one/ @@ -76,7 +85,26 @@ curl -O http://$(ResourceIp)/all_dep.tar.gz && tar zxvf all_dep.tar.gz && mv $(TOP)/all_dep $(TOP)/all_in_one/ && rm -rf all_dep.tar.gz cp $(TOP)/build_scripts/install.sh $(TOP)/all_in_one/ && cp $(TOP)/scripts/uninstall_extensions.sh $(TOP)/all_in_one/ tar -zcvf all_in_one.tgz all_in_one +sign: + @echo "Starting RPM signing process..." + @echo "Signing the RPM with GPG key: ${GPG_KEY_NAME} ..." + @if [ -z "$(GPG_PASSPHRASE)" ]; then \ + echo "Error: GPG_PASSPHRASE is not set."; \ + exit 1; \ + fi + for rpm_file in $(RPM_FILES); do \ + if [ -f "$$rpm_file" ]; then \ + echo "Signing $$rpm_file ..."; \ + echo "$(GPG_PASSPHRASE)" | rpmsign --addsign --define "_gpg_sign_cmd gpg --batch --yes --pinentry-mode loopback --passphrase-fd 0 --passphrase-repeat 1 --armor" "$$rpm_file" || { \ + echo "Warning: Failed to sign $$rpm_file"; \ + }; \ + else \ + echo "Error: RPM file $$rpm_file not found. Skipping."; \ + fi \ + done + @echo "Signing process complete." +.PHONY: build sign extension: cd extensions && make && cd .. @@ -86,4 +114,4 @@ pack: ./scripts/buildpack -.PHONY: all clean rpm pack +.PHONY: all sign clean rpm pack Index: /branches/amp_4_0/amp.spec =================================================================== --- /branches/amp_4_0/amp.spec (revision 2704) +++ /branches/amp_4_0/amp.spec (working copy) @@ -37,9 +37,31 @@ Array Management Platform (AMP) is designed to help customers centrally manage and monitor products released by Array Networks %prep +if [ "$1" = "2" ]; then + rm -rf /ca/extensions/license_server +fi + %setup -q -c +%pre +if [ "$1" = "2" ]; then + rm -rf /ca/extensions/auditing + rm -rf /ca/extensions/monitoring + rm -rf /ca/extensions/avx_mgmt + rm -rf /ca/extensions/rs_api + rm -rf /ca/extensions/vpn_mgmt +fi + %post +python /ca/extensions/license_server/license_server_db.py -c +bash /ca/extensions/monitoring/start.sh +cp -r /ca/extensions/auditing/syslogd/kibana.yml /etc/kibana/kibana.yml || echo "Warning: Failed to copy kibana.yml" +/bin/bash /ca/extensions/auditing/start.sh || echo "Warning: Failed to execute start.sh" +%systemd_post acm_syslogd.service +python /ca/extensions/avx_mgmt/avx_mgmt_db.py -c +bash /ca/extensions/avx_mgmt/start.sh +/bin/bash /ca/extensions/rs_api/start.sh || echo "Warning: Failed to execute start.sh" +/bin/bash /ca/extensions/vpn_mgmt/start.sh || echo "Warning: Failed to execute start.sh" rm -rf /ca/etc/.gnupg tar xvfz /ca/etc/gnupg_homedir.tgz -C /ca/etc/ @@ -74,8 +96,31 @@ > /ca/etc/array fi +%preun +if [ "$1" = "0" ]; then + bash /ca/extensions/license_server/stop.sh + python /ca/extensions/license_server/license_server_db.py -d + bash /ca/extensions/monitoring/stop.sh + /bin/bash /ca/extensions/auditing/stop.sh || echo "Warning: Failed to execute stop.sh" + %systemd_preun acm_syslogd.service + bash /ca/extensions/avx_mgmt/stop.sh + python /ca/extensions/avx_mgmt/avx_mgmt_db.py -d + bash /ca/extensions/rs_api/stop.sh + /bin/bash /ca/extensions/vpn_mgmt/stop.sh + +fi %postun if [ "$1" = "0" ]; then + rm -rf /var/crash/license.info + rm -rf /var/crash/timer.rec + rm -rf /ca/extensions/license_server/ + rm -rf /ca/extensions/monitoring + rm -rf /ca/extensions/auditing + rm -rf /ca/extensions/avx_mgmt + rm -rf /ca/extensions/vpn_mgmt +fi +%systemd_postun_with_restart acm_syslogd.service +if [ "$1" = "0" ]; then # remove all file & dir that generated while amp running. rm -rf /ca/config if [ -d "/ca/webui/" ]; then @@ -87,10 +132,54 @@ fi %build -make +make && cd extensions/license_server/license_server && make %install rm -rf %{buildroot} +install -p -D -m 0755 extensions/license_server/libevent_openssl-2.1.so.7 %{buildroot}/lib64/libevent_openssl-2.1.so.7 +install -p -D -m 0755 extensions/license_server/libevent-2.1.so.7 %{buildroot}/lib64/libevent-2.1.so.7 +install -p -D -m 0755 extensions/license_server/license_server/server/license_server %{buildroot}/ca/extensions/license_server/license_server +install -p -D -m 0755 extensions/license_server/license_server/server/serial.py %{buildroot}/ca/extensions/license_server/serial.py +install -p -D -m 0755 extensions/license_server/start.sh %{buildroot}/ca/extensions/license_server/start.sh +install -p -D -m 0755 extensions/license_server/stop.sh %{buildroot}/ca/extensions/license_server/stop.sh +install -p -D -m 0755 extensions/license_server/metadata.json %{buildroot}/ca/extensions/license_server/metadata.json +install -p -D -m 0755 extensions/license_server/license_server_db.py %{buildroot}/ca/extensions/license_server/license_server_db.py +cp -r extensions/license_server/webui %{buildroot}/ca/extensions/license_server/ + + +install -p -D -m 0755 extensions/monitoring/metadata.json %{buildroot}/ca/extensions/monitoring/metadata.json +install -p -D -m 0755 extensions/monitoring/start.sh %{buildroot}/ca/extensions/monitoring/start.sh +install -p -D -m 0755 extensions/monitoring/stop.sh %{buildroot}/ca/extensions/monitoring/stop.sh +install -p -D -m 0755 extensions/monitoring/monitor_db.py %{buildroot}/ca/extensions/monitoring/monitor_db.py +cp -r extensions/monitoring/webui %{buildroot}/ca/extensions/monitoring/ +cp -r extensions/monitoring/model %{buildroot}/ca/extensions/monitoring/ + +install -d -m 0755 %{buildroot}/ca/extensions/auditing +install -p -m 0755 extensions/auditing/metadata.json %{buildroot}/ca/extensions/auditing/metadata.json +install -p -m 0755 extensions/auditing/start.sh %{buildroot}/ca/extensions/auditing/start.sh +install -p -m 0755 extensions/auditing/stop.sh %{buildroot}/ca/extensions/auditing/stop.sh + +cp -a extensions/auditing/webui %{buildroot}/ca/extensions/auditing/ +cp -a extensions/auditing/syslogd %{buildroot}/ca/extensions/auditing/ + +install -Dm 0644 extensions/auditing/syslogd/acm_syslogd.service %{buildroot}%{_unitdir}/acm_syslogd.service + +install -p -D -m 0755 extensions/avx_mgmt/metadata.json %{buildroot}/ca/extensions/avx_mgmt/metadata.json +install -p -D -m 0755 extensions/avx_mgmt/start.sh %{buildroot}/ca/extensions/avx_mgmt/start.sh +install -p -D -m 0755 extensions/avx_mgmt/stop.sh %{buildroot}/ca/extensions/avx_mgmt/stop.sh +install -p -D -m 0755 extensions/avx_mgmt/avx_mgmt_db.py %{buildroot}/ca/extensions/avx_mgmt/avx_mgmt_db.py +cp -r extensions/avx_mgmt/webui %{buildroot}/ca/extensions/avx_mgmt/ + +install -p -D -m 0755 extensions/rs_api/start.sh %{buildroot}/ca/extensions/rs_api/start.sh +install -p -D -m 0755 extensions/rs_api/stop.sh %{buildroot}/ca/extensions/rs_api/stop.sh +install -p -D -m 0755 extensions/rs_api/metadata.json %{buildroot}/ca/extensions/rs_api/metadata.json +cp -r extensions/rs_api/webui %{buildroot}/ca/extensions/rs_api/ + +install -p -D -m 0755 extensions/vpn_mgmt/metadata.json %{buildroot}/ca/extensions/vpn_mgmt/metadata.json +install -p -D -m 0755 extensions/vpn_mgmt/start.sh %{buildroot}/ca/extensions/vpn_mgmt/start.sh +install -p -D -m 0755 extensions/vpn_mgmt/stop.sh %{buildroot}/ca/extensions/vpn_mgmt/stop.sh +cp -r extensions/vpn_mgmt/webui %{buildroot}/ca/extensions/vpn_mgmt/ + install -dDm 0755 %{buildroot}/usr/bin/ install -dDm 0755 %{buildroot}/usr/lib64/ install -dDm 0755 %{buildroot}/usr/sbin/ @@ -179,6 +268,20 @@ mkdir -p %{buildroot}/ca/webui/htdocs/new/src/hive/media/docs %files +%defattr (-,root,root,0755) +/ca/extensions/license_server/ +/lib64/libevent-2.1.so.7 +/lib64/libevent_openssl-2.1.so.7 + +/ca/extensions/monitoring + +/ca/extensions/auditing +%attr(0644,root,root) %{_unitdir}/acm_syslogd.service + +/ca/extensions/avx_mgmt +/ca/extensions/rs_api/ +/ca/extensions/vpn_mgmt/ + %defattr(-,root,root,-) %attr (755,root,root)/usr/bin/telnet %attr (755,root,root)/usr/sbin/tcpdump Index: /branches/amp_4_0/extensions/auditing/build.sh =================================================================== --- /branches/amp_4_0/extensions/auditing/build.sh (revision 2704) +++ /branches/amp_4_0/extensions/auditing/build.sh (working copy) @@ -38,29 +38,3 @@ echo "Creating source tarball ${PKG_NAME}.tar.gz..." tar -czf "${RPM_DIR}/SOURCES/${PKG_NAME}.tar.gz" -C "${SRC_DIR}" . -# === Build RPM using external SPEC file === -echo "Building RPM using ${SPEC_FILE}..." -mkdir -p "${RPM_DIR}/SPECS" -cp "${SPEC_FILE}" "${RPM_DIR}/SPECS/" - -rpmbuild -bb "${RPM_DIR}/SPECS/$(basename ${SPEC_FILE})" --define "_topdir ${RPM_DIR}" - -echo "RPM build completed successfully." - -# === Sign the RPM with GPG key === -echo "Signing the RPM with GPG key: ${GPG_KEY_NAME} ..." -RPM_FILES=$(find "${RPM_DIR}/RPMS" -name "${PKG_NAME}*.rpm") - -for rpm_file in $RPM_FILES; do - echo "Signing $rpm_file ..." - echo "$GPG_PASSPHRASE" | rpmsign --addsign --define "_gpg_sign_cmd gpg --batch --yes --pinentry-mode loopback --no-tty --passphrase-fd 0 --armor" "$rpm_file" - if [ $? -eq 0 ]; then - echo "Successfully signed $rpm_file" - else - echo "Warning: Failed to sign $rpm_file" - fi -done -echo "RPM signing process completed." - -echo "RPM located at:" -find "${RPM_DIR}/RPMS" -name "${PKG_NAME}*.rpm" Index: /branches/amp_4_0/extensions/avx_mgmt/build.sh =================================================================== --- /branches/amp_4_0/extensions/avx_mgmt/build.sh (revision 2704) +++ /branches/amp_4_0/extensions/avx_mgmt/build.sh (working copy) @@ -31,29 +31,3 @@ echo "Creating source tarball..." tar -czf "${RPM_DIR}/SOURCES/${PKG_NAME}.tar.gz" -C "${SRC_DIR}" . -# === Build RPM === -echo "Building RPM from avx_mgmt.spec..." -rpmbuild -bb "${TOP_DIR}/avx_mgmt.spec" --define "_topdir ${RPM_DIR}" - -echo "RPM build completed successfully." - -# === Sign the RPM with GPG key === -echo "Signing the RPM with GPG key: ${GPG_KEY_NAME} ..." -RPM_FILES=$(find "${RPM_DIR}/RPMS" -name "${PKG_NAME}*.rpm") - -for rpm_file in $RPM_FILES; do - echo "Signing $rpm_file ..." - echo "$GPG_PASSPHRASE" | rpmsign --addsign --define "_gpg_sign_cmd gpg --batch --yes --pinentry-mode loopback --no-tty --passphrase-fd 0 --armor" "$rpm_file" - if [ $? -eq 0 ]; then - echo "Successfully signed $rpm_file" - else - echo "Warning: Failed to sign $rpm_file" - fi -done -echo "RPM signing process completed." - -# === Output location === -echo "Built RPM packages:" -find "${RPM_DIR}/RPMS" -name "${PKG_NAME}*.rpm" - -echo "=== Build & Signing completed ===" Index: /branches/amp_4_0/extensions/license_server/build.sh =================================================================== --- /branches/amp_4_0/extensions/license_server/build.sh (revision 2704) +++ /branches/amp_4_0/extensions/license_server/build.sh (working copy) @@ -1,8 +1,8 @@ #! /usr/bin/env bash -cp /lib64/libevent-2.0.so.5 ./ -cp /lib64/libevent_openssl-2.0.so.5 ./ -tar -cf license_server.tar webui metadata.json start.sh stop.sh license_server libevent-2.0.so.5 libevent_openssl-2.0.so.5 license_server_db.py +cp /lib64/libevent-2.1.so.7 ./ +cp /lib64/libevent_openssl-2.1.so.7 ./ +tar -cf license_server.tar webui metadata.json start.sh stop.sh license_server libevent-2.1.so.7 libevent_openssl-2.1.so.7 license_server_db.py mkdir -p rpm/SOURCES cp license_server.tar rpm/SOURCES/ -rpmbuild -bb rpm.spec --define "_topdir `pwd`/rpm" -rm -rf license_server.tar libevent_openssl-2.0.so.5 libevent-2.0.so.5 +#rpmbuild -bb rpm.spec --define "_topdir `pwd`/rpm" +#rm -rf license_server.tar libevent_openssl-2.1.so.7 libevent-2.1.so.7 Index: /branches/amp_4_0/extensions/license_server/license_server_db.py =================================================================== --- /branches/amp_4_0/extensions/license_server/license_server_db.py (revision 2704) +++ /branches/amp_4_0/extensions/license_server/license_server_db.py (working copy) @@ -3,7 +3,7 @@ import json import argparse import pycurl, threading -from StringIO import StringIO +from io import StringIO class DB(object): @@ -32,8 +32,8 @@ def execute_sql_ingnore_exception(self, sql): try: self.execute_sql(sql) - except Exception, e: - print str(e) + except Exception as e: + print(str(e)) self.conn.rollback() def close(self): Index: /branches/amp_4_0/extensions/monitoring/build.sh =================================================================== --- /branches/amp_4_0/extensions/monitoring/build.sh (revision 2704) +++ /branches/amp_4_0/extensions/monitoring/build.sh (working copy) @@ -22,33 +22,3 @@ # === Copy tarball to SOURCES === cp ${PKG_NAME}.tar.gz ${RPM_DIR}/SOURCES/ -# === Build RPM === -echo "Running rpmbuild..." -rpmbuild -bb "${TOP_DIR}/${PKG_NAME}.spec" --define "_topdir ${RPM_DIR}" - -echo "RPM build completed." - -# === Sign the RPM with GPG key === -echo "Signing the RPM with GPG key: ${GPG_KEY_NAME} ..." -RPM_FILES=$(find "${RPM_DIR}/RPMS" -name "${PKG_NAME}*.rpm") - -for rpm_file in $RPM_FILES; do - echo "Signing $rpm_file ..." - echo "$GPG_PASSPHRASE" | rpmsign --addsign --define "_gpg_sign_cmd gpg --batch --yes --pinentry-mode loopback --no-tty --passphrase-fd 0 --armor" "$rpm_file" - if [ $? -eq 0 ]; then - echo "Successfully signed $rpm_file" - else - echo "Warning: Failed to sign $rpm_file" - fi -done -echo "RPM signing process completed." - -# === Cleanup === -echo "Cleaning up..." -rm -f ${PKG_NAME}.tar.gz - -# === Output Location === -echo "Built RPM files:" -find ${RPM_DIR}/RPMS -name "${PKG_NAME}*.rpm" - -echo "=== Build & Signing completed ===" Index: /branches/amp_4_0/extensions/rs_api/build.sh =================================================================== --- /branches/amp_4_0/extensions/rs_api/build.sh (revision 2704) +++ /branches/amp_4_0/extensions/rs_api/build.sh (working copy) @@ -36,29 +36,3 @@ echo "Creating source tarball ${PKG_NAME}.tar.gz..." tar -czf "${RPM_DIR}/SOURCES/${PKG_NAME}.tar.gz" -C "${SRC_DIR}" . -# === Build RPM using external SPEC file === -echo "Building RPM using ${SPEC_FILE}..." -mkdir -p "${RPM_DIR}/SPECS" -cp "${SPEC_FILE}" "${RPM_DIR}/SPECS/" - -rpmbuild -bb "${RPM_DIR}/SPECS/$(basename ${SPEC_FILE})" --define "_topdir ${RPM_DIR}" - -echo "RPM build completed successfully." - -# === Sign the RPM with GPG key === -echo "Signing the RPM with GPG key: ${GPG_KEY_NAME} ..." -RPM_FILES=$(find "${RPM_DIR}/RPMS" -name "${PKG_NAME}*.rpm") - -for rpm_file in $RPM_FILES; do - echo "Signing $rpm_file ..." - echo "$GPG_PASSPHRASE" | rpmsign --addsign --define "_gpg_sign_cmd gpg --batch --yes --pinentry-mode loopback --no-tty --passphrase-fd 0 --armor" "$rpm_file" - if [ $? -eq 0 ]; then - echo "Successfully signed $rpm_file" - else - echo "Warning: Failed to sign $rpm_file" - fi -done -echo "RPM signing process completed." - -echo "RPM located at:" -find "${RPM_DIR}/RPMS" -name "${PKG_NAME}*.rpm" Index: /branches/amp_4_0/extensions/vpn_license_server/license_server_db.py =================================================================== --- /branches/amp_4_0/extensions/vpn_license_server/license_server_db.py (revision 2704) +++ /branches/amp_4_0/extensions/vpn_license_server/license_server_db.py (working copy) @@ -32,7 +32,7 @@ def execute_sql_ingnore_exception(self, sql): try: self.execute_sql(sql) - except Exception, e: + except Exception as e: print str(e) self.conn.rollback() Index: /branches/amp_4_0/extensions/vpn_mgmt/build.sh =================================================================== --- /branches/amp_4_0/extensions/vpn_mgmt/build.sh (revision 2704) +++ /branches/amp_4_0/extensions/vpn_mgmt/build.sh (working copy) @@ -36,27 +36,3 @@ echo "Creating source tarball ${PKG_NAME}.tar.gz..." tar -czf "${RPM_DIR}/SOURCES/${PKG_NAME}.tar.gz" -C "${SRC_DIR}" . -# === Build RPM using external SPEC file === -echo "Building RPM using ${SPEC_FILE}..." -mkdir -p "${RPM_DIR}/SPECS" -cp "${SPEC_FILE}" "${RPM_DIR}/SPECS/" - -rpmbuild -bb "${RPM_DIR}/SPECS/$(basename ${SPEC_FILE})" --define "_topdir ${RPM_DIR}" - -echo "RPM build completed successfully." - -# === Sign the RPM with GPG key === -echo "Signing the RPM with GPG key: ${GPG_KEY_NAME} ..." -RPM_FILES=$(find "${RPM_DIR}/RPMS" -name "${PKG_NAME}*.rpm") - -for rpm_file in $RPM_FILES; do - echo "Signing $rpm_file ..." - echo "$GPG_PASSPHRASE" | rpmsign --addsign --define "_gpg_sign_cmd gpg --batch --yes --pinentry-mode loopback --passphrase-fd 0 --armor" "$rpm_file" || { - echo "Warning: Failed to sign $rpm_file" - } -done - -echo "RPM signing process completed." - -echo "RPM located at:" -find "${RPM_DIR}/RPMS" -name "${PKG_NAME}*.rpm"