Mercurial > trustbridge
view packaging/linux-installer.inc.in @ 761:49168bcb02e2
(Issue55) Sign a linux installer
This uses the same RSA key that is used for Windows codesigning
to create an additonal
S:<base64encodedsignature> line.
Signed is everything up to the last \r\n before the S:
line.
The hash algorithm is sha256
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Mon, 07 Jul 2014 18:52:48 +0200 |
parents | 7c1f34115ede |
children | 654a8ca9d5b4 |
line wrap: on
line source
#!/bin/bash set -u ME=`basename "$0"` DEFAULT_PREFIX="$HOME/TrustBridge" SYSDEFAULT_PREFIX="/usr/local" CFGPATH="${XDG_CONFIG_HOME:-$HOME/.config}/BSI" DATAPATH="${XDG_DATA_HOME:-$HOME/.local/share}/BSI/TrustBridge" SYSCFGPATH="/etc/TrustBridge" # FIXME: # Set the real data path for system wide installation once its known. SYSDATAPATH="$DATAPATH" INSTCFGNAME="TrustBridge-inst.cfg" FORCE=0 SYSINST=0 DEINSTALL=0 BINNAMES="###BINNAMES###" declare -A instcfg oldinstcfg declare inst_default_prefix instdata_path instcfg_path instcfg_file instcfg=( [TIMESTMP]=`date -u +%Y%m%d%H%M%S` [VERSION]='@PROJECT_VERSION@' [PREFIX]='' ) oldinstcfg=( [TIMESTMP]='' [VERSION]='' [PREFIX]='' ) version() { cat <<EOF TrustBridge ${instcfg[VERSION]} Installer Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik Software engineering by Intevation GmbH This is free software. You may redistribute copies of it under the terms of the GNU GPL (v>=2). See LICENSE.txt for details. There is NO WARRANTY, to the extent permitted by law. EOF exit 0 } fatal() { echo "$1" >&2 if [ $DEINSTALL -eq 1 ] ; then echo "Deinstallation failed." >&2 else echo "Installation failed." >&2 fi exit 1 } usage() { cat <<EOF Usage: $ME [OPTION]... Install TrustBridge. Options: -p, --prefix=PATH install files in PATH -f, --force install to given prefix, even when a current installation with different prefix exists. -d, --deinstall deinstall files from current installation -s, --system=PATH make an system wide (de)installation --help display this help and exit --version output version information and exit EOF exit $1 } yorn() { local c while true ; do read -n 1 c echo case "$c" in y|Y|j|J) return 0 ;; n|N) return 1 ;; *) echo >&2 "Answer [Y]es or [N]o: " esac done } parse_args() { OPTS=`getopt \ -l deinstall,force,help,prefix:,system,version \ -o d,f,p:,s -n "$ME" -- "$@"` [ $? -eq 0 ] || usage 23 eval set -- "$OPTS" while true ; do case "$1" in --prefix|-p) instcfg[PREFIX]="$2" shift 2 ;; --system|-s) SYSINST=1 shift 1 ;; --force|-f) FORCE=1 shift 1 ;; --deinstall|-d) DEINSTALL=1 shift 1 ;; --help) usage 0 ;; --version) version ;; --) shift break ;; esac done } init_vars() { if [ $SYSINST -eq 1 ] ; then inst_default_prefix="$SYSDEFAULT_PREFIX" instcfg_path="${SYSCFGPATH}" instdata_path="${SYSDATAPATH}" else inst_default_prefix="$DEFAULT_PREFIX" instcfg_path="${CFGPATH}" instdata_path="${DATAPATH}" fi instcfg_file="${instcfg_path}/${INSTCFGNAME}" } write_instcfg() { install -d `dirname "$instcfg_file"` echo "# Created by TrustBridge-Installer, don't touch!" >"$instcfg_file" for key in "${!instcfg[@]}" ; do echo "${key}=${instcfg[$key]}" >>"$instcfg_file" done } read_oldinstcfg() { if [ -r "$instcfg_file" ] ; then echo "Reading '$instcfg_file' ..." for key in "${!oldinstcfg[@]}" ; do oldinstcfg[$key]=`sed -n "/$key/s/[^=]*=\(.*\)/\1/p" "$instcfg_file"` done fi } check_priv() { if [ $SYSINST -eq 1 -a "$UID" -ne 0 ] ; then fatal "System wide installation requires root privileges!" fi } rm_empty_dirs() { # Args: $1 - DIRECTORY # # Recursively remove DIRECTORY and all it _parent_ directories as # long as they are empty. local directory="$1" while [ -d "$directory" -a -z "$(ls 2>/dev/null -A "$directory")" ] ; do echo "Deleting empty directory '$directory' ..." rmdir "$directory" directory=`dirname "$directory"` done } rm_files() { for file in "$@" ; do if [ -e "$file" ] ; then echo "Deleting $file ..." rm "$file" fi done } setup_cronjob() { # FIXME: handle case of system wide installation. local tmpcrontab=`mktemp` crontab -l | grep -vF "${instcfg[PREFIX]}/bin/trustbridge-tray-starter.sh" \ >"$tmpcrontab" if [ "$1" != "deinstall" ] ; then echo "$(( $RANDOM / 555 )) 12 * * * \"${instcfg[PREFIX]}/bin/trustbridge-tray-starter.sh\"" \ >>"$tmpcrontab" fi crontab "$tmpcrontab" rm "$tmpcrontab" } remove_cronjob() { setup_cronjob deinstall } deinstall_certs() { local cinst="${oldinstcfg[PREFIX]}/bin/cinst" local certlist=`ls 2>/dev/null -1 ${instdata_path}/list-*.txt | sort -nr | head -n 1` echo "Uninstalling certificates ..." if [ "$certlist" ] ; then echo "Using certificate list '$certlist'." if [ -x "$cinst" ] ; then "$cinst" "list=$certlist" "choices=uninstall" else echo >&2 "WARNING: can't execute $cinst for certificate deinstallation." fi else echo "No certificate list found. Nothing to do." fi } deinstall_etc() { echo "Removing cron job ..." remove_cronjob # FIXME: delete all files created by the application. local tbcfg_files=( "${instcfg_path}/TrustBridge.ini" "${instcfg_path}/trustbridge-tray-starter.cfg" "$instcfg_file" ) echo "Removing certificate lists from: ${instdata_path}:" rm_files "$instdata_path"/list-*.txt rm_empty_dirs "$instdata_path" echo "Removing configuration files:" rm_files "${tbcfg_files[@]}" rm_empty_dirs "$instcfg_path" } deinstall() { if [ "${oldinstcfg[PREFIX]}" ] ; then echo "Really deinstall TrustBridge from '${oldinstcfg[PREFIX]}'?" yorn || exit 0 deinstall_certs local deinstdir="${oldinstcfg[PREFIX]}/bin" echo "Deinstalling from '${oldinstcfg[PREFIX]}'." for file in $BINNAMES ; do local path="${deinstdir}/$file" echo "Deleting '$path' ..." rm "$path" || echo >&2 "WARNING: Could not delete: '$path'!" done rm_empty_dirs "$deinstdir" deinstall_etc echo "Deinstallation finished." else echo "No current installation found! No harm done." fi } #====================================================================== # main() parse_args "$@" init_vars check_priv read_oldinstcfg cat <<EOF ------------------------------------------------------------------------ TrustBridge - Installer Version ${instcfg[VERSION]} ------------------------------------------------------------------------ EOF if [ $DEINSTALL -eq 1 ] ; then deinstall # Stop after deinstallation: exit 0 fi if [ -z "${instcfg[PREFIX]}" ] ; then if [ "${oldinstcfg[PREFIX]}" ] ; then inst_default_prefix="${oldinstcfg[PREFIX]}" echo "An existing installation (v${oldinstcfg[VERSION]}) was detected!" echo "It is HIGHLY RECOMMENDED to accept the default prefix" echo "to update the current installation." echo "For a new prefix you should deinstall first!" fi echo -n "Select installation prefix for TrustBridge [${inst_default_prefix}]: " read -e instcfg[PREFIX] [ -z "${instcfg[PREFIX]}" ] && instcfg[PREFIX]="${inst_default_prefix}" else # Prefix was given on invocation: if [ "${oldinstcfg[PREFIX]}" -a \ "${instcfg[PREFIX]}" != "${oldinstcfg[PREFIX]}" -a \ $FORCE -ne 1 ] ; then fatal "Prefix differs from current installation (${oldinstcfg[PREFIX]}). Aborting!" fi fi echo "Installing to '${instcfg[PREFIX]}':" if [ ! -d "${instcfg[PREFIX]}" ] ; then echo "creating installation directory ..." install -d "${instcfg[PREFIX]}" || fatal "Could not create '${instcfg[PREFIX]}'!" fi echo "unpacking files ..." cd "${instcfg[PREFIX]}" set +u set -- '-c' # ---------------------------------------------------------------------- # regular shar archive inserted here: ###SHAR### # ---------------------------------------------------------------------- echo "Preparing trustbridge-tray-starter ..." sed -i "/^PREFIX=/c\PREFIX='${instcfg[PREFIX]}'" \ "${instcfg[PREFIX]}/bin/trustbridge-tray-starter.sh" sed -i "/^CFGDIR=/c\CFGDIR='${instcfg_path}'" \ "${instcfg[PREFIX]}/bin/trustbridge-tray-starter.sh" echo "Setting up cronjob ..." setup_cronjob echo "Writing installation configuration to: $instcfg_file ..." write_instcfg exit 0