From 6a951f57bc6ed6d884345af4169d0e96e831f466 Mon Sep 17 00:00:00 2001 From: William Stearns Date: Thu, 11 Jul 2024 16:44:02 -0400 Subject: [PATCH] Installer script fixes for unsupported operating systems. --- .../install_scripts/ansible-installer.sh | 127 +++++++----------- installer/install_scripts/install_rita.sh | 9 +- installer/install_scripts/install_rita.yml | 47 +++++-- 3 files changed, 92 insertions(+), 91 deletions(-) diff --git a/installer/install_scripts/ansible-installer.sh b/installer/install_scripts/ansible-installer.sh index 8fbc7d5..216e503 100755 --- a/installer/install_scripts/ansible-installer.sh +++ b/installer/install_scripts/ansible-installer.sh @@ -17,14 +17,10 @@ source ./helper.sh #the original idea and multiple improvements. -#Tested on: -#FIXME - -ansible_installer_version="0.3.6" +ansible_installer_version="0.3.7" #Uncomment one of the following lines to set the default program to download and install data_needed="rita" -#data_needed="achunter" @@ -73,13 +69,13 @@ enable_repositories() { else . /etc/os-release case "$ID/$VERSION_ID" in - alma/8*|rocky/8*) - dnf config-manager --set-enabled powertools - dnf install epel-release + alma/8*|almalinux/8*|rocky/8*) + $SUDO dnf config-manager --set-enabled powertools + $SUDO dnf install -y epel-release ;; - alma/9*|rocky/9*) - dnf config-manager --set-enabled crb - dnf install epel-release + alma/9*|almalinux/9*|rocky/9*) + $SUDO dnf config-manager --set-enabled crb + $SUDO dnf install -y epel-release ;; centos/7) yum install epel-release @@ -92,6 +88,17 @@ enable_repositories() { dnf config-manager --set-enabled crb dnf install epel-release epel-next-release ;; + debian/12|zorin/16) + : #Does not appear that any extra repositories are needed + ;; + kali/*) + sudo apt update + sudo apt install software-properties-common || sudo apt install python-software-properties + sudo add-apt-repository --yes --update ppa:ansible/ansible + ;; + ol/*) #Oracle linux, which is also the base for security onion 2470 + : + ;; rhel/7) subscription-manager repos --enable rhel-*-optional-rpms --enable rhel-*-extras-rpms --enable rhel-ha-for-rhel-*-server-rpms yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm @@ -107,6 +114,9 @@ enable_repositories() { fedora/*) : #It does not appear that fedora needs any extra repositories ;; + pop/*) + : #popos does not appear to need any extra repositories + ;; ubuntu/*) sudo apt update sudo apt install software-properties-common || sudo apt install python-software-properties @@ -125,10 +135,12 @@ patch_system() { status "Patching system" #================ if [ -x /usr/bin/apt-get -a -x /usr/bin/dpkg-query ]; then - while ! $SUDO sudo add-apt-repository universe ; do - echo "Error subscribing to universe repository, perhaps because a system update is running; will wait 60 seconds and try again." >&2 - sleep 60 - done + if [ -s /etc/os-release ] && egrep -iq '(^ID=ubuntu|^ID=pop|^ID=Zorin OS)' /etc/os-release ; then #The "universe" repository is only available on Ubuntu (and, in theory, popos and Zorin) Kali DOES NOT have universe + while ! $SUDO add-apt-repository universe ; do + echo "Error subscribing to universe repository, perhaps because a system update is running; will wait 60 seconds and try again." >&2 + sleep 60 + done + fi while ! $SUDO apt-get -q -y update >/dev/null ; do echo "Error updating package metadata, perhaps because a system update is running; will wait 60 seconds and try again." >&2 sleep 60 @@ -209,21 +221,26 @@ install_tool() { echo "ansible_installer version $ansible_installer_version" >&2 -if [ -n "$1" ]; then - if [ "$1" = "rita" ]; then - data_needed="rita" - elif [ "$1" = "achunter" ]; then - data_needed="achunter" - else - echo "I do not recognize the command line parameter you specified - please put rita or achunter as the first command line parameter to say which program you need installed, followed by the host on which you want rita installed. Exiting." - exit 1 - fi -fi -if [ -n "$2" ]; then - install_target="$2" -else - install_target="localhost" -fi +#FIXME We no longer need these choices, remove the following block +#if [ -n "$1" ]; then +# if [ "$1" = "rita" ]; then +# data_needed="rita" +# shift +# elif [ "$1" = "achunter" ]; then +# data_needed="achunter" +# shift +# else +# install_target="$1" +# shift +# fi +#fi +#if [ -n "$1" ]; then +# install_target="$1" +#fi +# +#if [ -z "$install_target" ]; then +# install_target="localhost" +#fi require_sudo @@ -254,7 +271,7 @@ else status "Installing needed tools" #================ install_tool python3 "python3" - install_tool pip3 "python3-pip" + install_tool pip3 "python3-pip" #Note, oracle linux does not come with pip at all. The "python3-pip-wheel" package does not include pip. python3 -m pip -V ; retcode="$?" if [ "$retcode" != 0 ]; then fail "Unable to run python3's pip, exiting." @@ -292,55 +309,9 @@ if ! echo "$PATH" | grep -q '/usr/local/bin' ; then fi fi -#ansible-galaxy install community.docker #FIXME Removeme ansible-galaxy collection install community.docker --force -# if [ "$data_needed" = "rita" ]; then - #This may not be needed with ansible-playbook's "-i" param followed by a comma separated list of hosts that ends in a comma - ##FIXME - this won't support a comma separated list of hosts, forcing us to install to one remote target at a time. - #if [ -d "/opt/local/etc/ansible/" ]; then - # ans_hosts="/opt/local/etc/ansible/hosts" - #elif [ -d "/etc/ansible" ]; then - # ans_hosts="/etc/ansible/hosts" - #else - # echo "Unable to locate ansible configuration directory to manage the hosts file, exiting." - # exit 1 - #fi - #if ! grep -q '^'"$install_target"'$' "$ans_hosts" - # #There's no entry for this host in the ansible hosts file, we must add it. - # echo "" >>"$ans_hosts" - # echo "#Added by the rita installer" >>"$ans_hosts" - # echo '['"${install_target}-group"']' >>"$ans_hosts" - # echo "$install_target" >>"$ans_hosts" - # echo "" >>"$ans_hosts" - #fi - - # status "Installing rita via ansible on $install_target" #================ - # if [ "$install_target" = "localhost" -o "$install_target" = "127.0.0.1" -o "$install_target" = "::1" ]; then - # ansible-playbook --connection=local -K -i "127.0.0.1," -e "install_hosts=127.0.0.1," ~/.ansible/playbooks/install_rita.yml - # else - # status "Setting up future ssh connections to $install_target . You may be asked to provide your ssh password to $install_target ." #================ - # sshprep "$install_target" - # ansible-playbook -K -i "${install_target}," -e "install_hosts=${install_target}," ~/.ansible/playbooks/install_rita.yml - # fi - -# elif [ "$data_needed" = "achunter" ]; then -# echo 'Not implemented yet, exiting.' >&2 -# else -# echo 'I do not know what program to install, skipping.' >&2 -# fi - -# echo "Unless you see warnings above that an install failed, you should have RITA installed." >&2 -# echo '!!!!!!!!!!!!You must log out and log back in to make sure your PATH is set correctly!!!!!!!!!!!!' >&2 - - - - - - - - -popd > /dev/null \ No newline at end of file +popd > /dev/null diff --git a/installer/install_scripts/install_rita.sh b/installer/install_scripts/install_rita.sh index 91241ac..8e06e60 100755 --- a/installer/install_scripts/install_rita.sh +++ b/installer/install_scripts/install_rita.sh @@ -4,7 +4,14 @@ RITA_VERSION="REPLACE_ME" set -e -install_target="$1" +if [ -n "$1" ]; then + install_target="$1" +else + echo "Please add the name of the system on which you want rita installed as a command line option. If you want to install rita on this computer, use 127.0.0.1 ." >&2 + echo "The final command will look like:" >&2 + echo "$0 the_computer_name_or_ip_on_which_to_install_rita" >&2 + exit 1 +fi # change working directory to directory of this script pushd "$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")" > /dev/null diff --git a/installer/install_scripts/install_rita.yml b/installer/install_scripts/install_rita.yml index 1410314..d6a98e3 100644 --- a/installer/install_scripts/install_rita.yml +++ b/installer/install_scripts/install_rita.yml @@ -33,8 +33,8 @@ #Known distribution? - name: "RITA Install: Checking Linux distribution." ansible.builtin.fail: - msg: "Distribution name: {{ ansible_distribution }} does not appear to be recognized - please contact ACM" - when: ( ansible_distribution != 'AlmaLinux' and ansible_distribution != 'CentOS' and ansible_distribution != 'Fedora' and ansible_distribution != 'OracleLinux' and ansible_distribution != 'Rocky' and ansible_distribution != 'Debian' and ansible_distribution != 'Ubuntu' and ansible_distribution != 'Kali' ) + msg: "Distribution name: {{ ansible_distribution }} does not appear to be recognized - please contact ACM" + when: ( ansible_distribution != 'AlmaLinux' and ansible_distribution != 'CentOS' and ansible_distribution != 'Fedora' and ansible_distribution != 'OracleLinux' and ansible_distribution != 'Pop!_OS' and ansible_distribution != 'Rocky' and ansible_distribution != 'Debian' and ansible_distribution != 'Ubuntu' and ansible_distribution != 'Kali' and ansible_distribution != 'Zorin OS' ) # and ansible_distribution != 'RedHat' tags: - linux @@ -42,7 +42,7 @@ - name: "RITA Install: Checking Linux distribution version." ansible.builtin.fail: msg: "Warning: Linux distribution {{ ansible_distribution }} {{ ansible_distribution_major_version }} may not have been tested - please contact ACM and report whether the install worked or not" - when: ( ( ansible_distribution == 'AlmaLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'CentOS' and (ansible_distribution_major_version != '7' and ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Fedora' and (ansible_distribution_major_version != '40') ) or ( ansible_distribution == 'OracleLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Rocky' and (ansible_distribution_major_version != '8') ) or ( ansible_distribution == 'Debian' and (ansible_distribution_major_version != '12') ) or ( ansible_distribution == 'Kali' and (ansible_distribution_major_version != '2024') ) or ( ansible_distribution == 'Ubuntu' and (ansible_distribution_major_version != '20' and ansible_distribution_major_version != '24') ) ) + when: ( ( ansible_distribution == 'AlmaLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'CentOS' and (ansible_distribution_major_version != '7' and ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Fedora' and (ansible_distribution_major_version != '40') ) or ( ansible_distribution == 'OracleLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Pop!_OS' and (ansible_distribution_major_version != '22') ) or ( ansible_distribution == 'Rocky' and (ansible_distribution_major_version != '8' and ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Debian' and (ansible_distribution_major_version != '12') ) or ( ansible_distribution == 'Kali' and (ansible_distribution_major_version != '2024') ) or ( ansible_distribution == 'Ubuntu' and (ansible_distribution_major_version != '20' and ansible_distribution_major_version != '22' and ansible_distribution_major_version != '24') ) or ( ansible_distribution == 'Zorin OS' and (ansible_distribution_major_version != '16') ) ) #or ( ansible_distribution != 'RedHat' and (ansible_distribution_major_version == '9') ) ignore_errors: True #We print a warning but do not abort if this is an unknown combination of distribution and major version. tags: @@ -109,7 +109,7 @@ state: latest update_cache: true cache_valid_time: 3600 - when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' ) #While Kali is based on Debian, it does not include the aptitude package. + when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' ) #While Kali is based on Debian, it does not include the aptitude package. tags: - packages - linux @@ -194,7 +194,7 @@ - packages - linux - linuxdeb - when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu' ) + when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' ) - name: "RITA Install: Install packages on Debian and Ubuntu." @@ -211,7 +211,7 @@ - packages - linux - linuxdeb - when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' ) + when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' ) - name: "RITA Install: Install packages on Kali." apt: @@ -244,7 +244,7 @@ apt_key: url: https://download.docker.com/linux/debian/gpg state: present - when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' ) + when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Zorin OS' ) tags: - packages - linux @@ -271,6 +271,28 @@ - linux - linuxdeb + - name: "RITA Install: Add Docker Repository to PopOS." + apt_repository: + repo: deb https://download.docker.com/linux/ubuntu jammy stable + state: present + when: ( ansible_distribution == 'Pop!_OS' and ansible_distribution_major_version == '22' ) + #Ubuntu jammy appears to be the right one to use. + tags: + - packages + - linux + - linuxdeb + + - name: "RITA Install: Add Docker Repository to Zorin." + apt_repository: + repo: deb https://download.docker.com/linux/ubuntu focal stable + state: present + when: ( ansible_distribution == 'Zorin OS' and ansible_distribution_major_version == '16' ) + #Ubuntu focal appears to be the right one to use. + tags: + - packages + - linux + - linuxdeb + - name: "RITA Install: Add Docker repository to Fedora distributions." yum_repository: name: docker-ce @@ -365,7 +387,7 @@ - docker - linux - linuxdeb - when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu') + when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' ) - name: "RITA Install: Install docker on rpm-based distributions." @@ -482,8 +504,8 @@ ansible.builtin.file: path: "{{ item }}" state: directory - owner: root #FIXME - check - group: root #FIXME - check + owner: root + group: root mode: 0755 loop: - /etc/rita/ @@ -585,7 +607,7 @@ stat: path: /var/run/reboot-required get_checksum: no - when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu' ) + when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' ) tags: - packages - linux @@ -594,10 +616,11 @@ - name: "RITA Install: Rebooting system if needed." reboot: reboot_timeout: 120 - when: ( ansible_connection != 'local' and ( ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu' ) and ( reboot_required_file.stat.exists ) ) or ( ( ansible_distribution == 'AlmaLinux' or ansible_distribution == 'CentOS' or ansible_distribution == 'Fedora' or ansible_distribution == 'OracleLinux' or ansible_distribution == 'RedHat' or ansible_distribution == 'Rocky' ) and ( reboot_result.rc == 1 ) ) ) + when: ( ansible_connection != 'local' and ( ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' ) and ( reboot_required_file.stat.exists ) ) or ( ( ansible_distribution == 'AlmaLinux' or ansible_distribution == 'CentOS' or ansible_distribution == 'Fedora' or ansible_distribution == 'OracleLinux' or ansible_distribution == 'RedHat' or ansible_distribution == 'Rocky' ) and ( reboot_result.rc == 1 ) ) ) register: reboot_status async: 1 poll: 0 + ignore_errors: True #If unable to reboot (as ansible refuses to do if installing to localhost) we leave the error at the end of the output but don't treat it as a failure. tags: - packages - linux