FPUB File Publication Scripts to Publish from Test Apache instance to a Prod Apache instance
File Locations:
/etc/fpub.allowed
/usr/bin/fpub_scp
/usr/bin/fpub
/etc/fpub.allowed
/usr/bin/fpub_scp
/usr/bin/fpub
/etc/fpub.allowed contains:
/var/www/html/testfolder:/var/www/html/prodfolder
/var/www/html/testfolder2:/var/www/html/prodfolder2
/var/www/html/testfolder:/var/www/html/prodfolder
/var/www/html/testfolder2:/var/www/html/prodfolder2
/usr/bin/fpub_scp contains:
#!/usr/bin/perl -w
use strict;
my $user = 'webmaster';
my $file = $ARGV[0];
my $target = $ARGV[1];
my $file = $ARGV[0];
my $target = $ARGV[1];
die "fpub_scp invoked with non-existant or unreadable file: $file" if ! $file or !
-r $file;
die "fpub_scp invoked with no target" if ! $target;
die "fpub_scp invoked with no target" if ! $target;
# Array of allowed publishing locations
my @locations = ();
my @locations = ();
# Read list of allowed publish locations from /etc/fpub.allowed
my $allowed_file = '/etc/fpub.allowed';
if (! -r $allowed_file) {
print "Cannot read list of allowed publish locations: $allowed_filen";
print "fpub cannot run until /etc/fpub.allowed is created.n";
exit 1;
}
my $allowed_file = '/etc/fpub.allowed';
if (! -r $allowed_file) {
print "Cannot read list of allowed publish locations: $allowed_filen";
print "fpub cannot run until /etc/fpub.allowed is created.n";
exit 1;
}
# Read the list of allowed locations from the allowed_file. While cruising the
list
# make sure that the paths are directories, and strip trailing slashes. Fail
# make sure that the paths are directories, and strip trailing slashes. Fail
fatally
# if there are any dicrepencies.
open ALLOW, $allowed_file or die "Error Opening $allowed_file: $!";
while (my $line = <ALLOW>) {
chomp $line;
# if there are any dicrepencies.
open ALLOW, $allowed_file or die "Error Opening $allowed_file: $!";
while (my $line = <ALLOW>) {
chomp $line;
my $loc = [];
if ($line =~ /([^:]*):(.*)/) {
$loc->[0] = $1;
$loc->[1] = $2;
} else {
$loc->[0] = $line;
}
if ($line =~ /([^:]*):(.*)/) {
$loc->[0] = $1;
$loc->[1] = $2;
} else {
$loc->[0] = $line;
}
if (! -d $loc->[0]) {
print "Location specified in $allowed_file is not a directory:n";
print "Location: $locn";
exit 100;
}
print "Location specified in $allowed_file is not a directory:n";
print "Location: $locn";
exit 100;
}
# Strip trailing slashes
$loc->[0] =~ s//*$//;
$loc->[1] =~ s//*$//;
$loc->[0] =~ s//*$//;
$loc->[1] =~ s//*$//;
# All paths must be abolute
if ($loc->[0] !~ /^// || ($loc->[1] && $loc->[1] !~ /^//)) {
print "All paths in fsup.allowed file must be absolute.n";
exit 130;
}
if ($loc->[0] !~ /^// || ($loc->[1] && $loc->[1] !~ /^//)) {
print "All paths in fsup.allowed file must be absolute.n";
exit 130;
}
push @locations, $loc;
}
close ALLOW;
}
close ALLOW;
# Make sure that the the file specified is in an allowed publish location
# If the location has an applicable replacement, modify destination
my $allowed = 0;
my $destination = $file;
foreach my $loc (@locations) {
if (substr($file, 0, length($loc->[0])) eq $loc->[0]) {
$allowed = 1;
$destination =~ s/^$loc->[0]/$loc->[1]/ if $loc->[1];
}
}
# If the location has an applicable replacement, modify destination
my $allowed = 0;
my $destination = $file;
foreach my $loc (@locations) {
if (substr($file, 0, length($loc->[0])) eq $loc->[0]) {
$allowed = 1;
$destination =~ s/^$loc->[0]/$loc->[1]/ if $loc->[1];
}
}
if (! $allowed) {
print "The file you have specified is not in the allowed locations
print "The file you have specified is not in the allowed locations
list.n";
print "File: $filenn";
print "Listing allowed publish locations:nn";
foreach my $loc (@locations) {
print "$locn";
}
exit 120;
}
print "File: $filenn";
print "Listing allowed publish locations:nn";
foreach my $loc (@locations) {
print "$locn";
}
exit 120;
}
# Push the file to the remote location
system("scp $file $target:$destination");
/usr/bin/fpub contains:
#!/usr/bin/perl -w
use strict;
use Cwd qw(abs_path);
use Sys::Syslog qw(:standard :macros);
use File::Spec;
use Sys::Syslog qw(:standard :macros);
use File::Spec;
openlog('fpub', 'ndelay', LOG_USER);
# User to run as, system to scp to (should be put in a config file)
my $user = 'webmaster';
my $target = 'webprod';
my $user = 'webmaster';
my $target = 'webprod';
my $relfile = $ARGV[0];
# Make sure that a file was specified
if (! $relfile) {
print "No file specified for publishing.n";
print "Usage: fpub /file/to.publishn";
print "Also, use "fpub list_allowed" to see allowed publishing
if (! $relfile) {
print "No file specified for publishing.n";
print "Usage: fpub /file/to.publishn";
print "Also, use "fpub list_allowed" to see allowed publishing
locations.n";
exit 1;
}
exit 1;
}
# List allowed publish locations if requested by the user
if ($relfile eq 'list_allowed') {
print "Listing allowed publish locations:nn";
open ALLOW, '/etc/fpub.allowed' or die "Could not open allowed locations
if ($relfile eq 'list_allowed') {
print "Listing allowed publish locations:nn";
open ALLOW, '/etc/fpub.allowed' or die "Could not open allowed locations
file /etc/fpub.allowed: $!";
while (<ALLOW>) {
print $_;
}
print $_;
}
close ALLOW;
print "n";
exit 0;
}
}
# Get the absolute path of the file
my $file = File::Spec->rel2abs($relfile);
my $file = File::Spec->rel2abs($relfile);
print "Publishing file: $filen";
my $username = getpwuid($>);
syslog(LOG_INFO, "fpub ($username) publishing file $file");
syslog(LOG_INFO, "fpub ($username) publishing file $file");
my $scpret = system("sudo -u $user fpub_scp $file $target");
if ($scpret == 100) {
syslog(LOG_ERR, "fpub ($username) fpub.allowed error, could not publish
syslog(LOG_ERR, "fpub ($username) fpub.allowed error, could not publish
file: $file");
} elsif ($scpret == 120) {
syslog(LOG_WARNING, "fpub ($username) publish disallowed for file: $file");
} elsif ($scpret == 130) {
syslog(LOG_ERR, "fpub ($username) fpub.allowed contains relative paths");
} elsif ($scpret != 0) {
syslog(LOG_ERR, "fpub ($username) unspecified error. File: $file");
}
} elsif ($scpret == 120) {
syslog(LOG_WARNING, "fpub ($username) publish disallowed for file: $file");
} elsif ($scpret == 130) {
syslog(LOG_ERR, "fpub ($username) fpub.allowed contains relative paths");
} elsif ($scpret != 0) {
syslog(LOG_ERR, "fpub ($username) unspecified error. File: $file");
}
closelog();
No comments:
Post a Comment