#!/bin/perl
#realsecure to agentservicename and ISS to aISS
$startCommand = "/etc/init.d/agentservicename start";
$stopCommand = "/etc/init.d/agentservicename stop";
# THE ONLY LINES THAT SHOULD NEED TO BE EDITED IN THIS SCRIPT ARE THE THREE ABOVE
# THIS SCRIPT SHOULD AUTOMATICALLY DETECT ALL OTHER SENSOR SETTINGS
# THE FIRST VALUE ABOVE SHOULD BE "#!" FOLLOWED BY THE VALUE OF "which perl" FROM THE COMMAND LINE
# THE SECOND VALUE ABOVE SHOULD BE THE START COMMAND FOR THE APPLICABLE PLATFORM
# THE THIRD VALUE ABOVE SHOULD BE THE STOP COMMAND FOR THE APPLICABLE PLATFORM
print "\nResetting aISS sensors for SiteProtector connectivity...\n\n";
# STOPPING THE aISSDAEMON SERVICE
$adjustedStop = "|" . $stopCommand;
open STOP, $adjustedStop;
# WAITING UNTIL THE aISSDAEMON SERVICE IS NO LONGER RUNNING
# THIS IS DONE BY CHECKING ALL ACTIVE SERVICES AND VERIFYING THE aISSDaemon SERVICE IS GONE
$stopWait = 0;
open(PS_F, "ps -ef|");
while ($stopWait == 0) {
$stillRunning = 0;
while (<PS_F>) {
(@ps) = split;
foreach(@ps) {
if ($_ =~ /aISSDaemon/) {
$stillRunning = 1;
# print "aISSDaemon still running...\n";
}
}
}
if ($stillRunning == 0) {
$stopWait = 1;
}
}
close(PS_F);
close (STOP);
print "\n";
# OPEN CRYPT.POLICY AND READ IN ALL LINES, SET TO @CRYPT ARRAY.
open(INFILE, "/opt/aISS/aISSDaemon/crypt.policy") or die "Can't open crypt.policy file: $!";
@crypt = <INFILE>;
$cryptReset = 0;
print "Allowing first connection in crypt.policy: ";
# RESET ALLOW FIRST CONNECTION VALUE TO 1 WHEN STRING MATCH IS FOUND
foreach(@crypt) {
# print $_;
if ($_ =~ /allowfirst/) {
$_ = "allowfirstconnection =L 1;\n";
print "Done\n";
$cryptReset = 1;
}
# print $_, "\n";
}
# IF THERE IS NO STRING MATCH FOR ALLOW FIRST CONNECTION, ADD IT TO THE PROPER PLACE IN THE FILE
if ($cryptReset == 0) {
foreach(@crypt) {
# print $_;
if ($_ =~ /authent/) {
$_ = $_ . "allowfirstconnection =L 1;\n";
print "MaISSing...Added\n";
}
# print $_, "\n";
}
}
close(INFILE);
# OPEN CRYPT.POLICY FOR WRITING AND SUBMIT NEW VALUES
open(OUTFILE, ">/opt/aISS/aISSDaemon/crypt.policy") or die "Can't open crypt.policy file: $!";
foreach(@crypt) {
print OUTFILE $_;
# print $_, "\n";
}
close(OUTFILE);
# OPEN aISSDAEMON.POLICY AND READ IN ALL LINES, SET TO @DAEMON ARRAY.
$sensorCount = 0;
$masterCount = 0;
open(INFILE, "/opt/aISS/aISSDaemon/aISSDaemon.policy") or die "Can't open aISSDaemon.policy file: $!";
@daemon = <INFILE>;
# PERFORM LINE BY LINE CHECKS ON @DAEMON ARRAY AND PERFORM FUNCTIONS BELOW
foreach(@daemon) {
# print $_;
# RESET MASTER CONSOLE STATUS FOR EACH OCCURRENCE IN THE ARRAY
if ($_ =~ /master_console/) {
$_ = "master_console =S ;\n";
$masterCount = $masterCount + 1;
}
# SET ELEMENTS OF @SENSORLOC ARRAY TO PATHS IN POLICY PATH ENTRIES
if ($_ =~ /policy_path/) {
# THIS IS THE TRICKY PART, THE STRING BELOW SEARCHES FOR...
# NON-WHITESPACE --> WHITESPACE --> NON-WHITESPACE --> WHITESPACE --> POLICY PATH --> SEMICOLON
# THE PARENTHESES AROUND THE [\S]+ SET THE VALUE OF $1 TO THAT VALUE WHICH IS...
# THE THIRD OCCURRENCE OF NON-WHITESPACE (FIRST CHAR OF THE PATH) UP TO THE SEMICOLON (LAST CHAR OF THE PATH)
if ($_ =~ /[\S]+[\s]+[\S]+[\s]+([\S]+)+[;]/) {
$sensorLoc[$sensorCount] = $1;
$sensorCount = $sensorCount + 1;
print "Sensor #", $sensorCount, " found at path: -->", $1, "<--\n";
}
}
# print $_, "\n";
}
close(INFILE);
print "Resetting ", $masterCount, " occurrences of master status: Done\n";
# DELETE ALL PUBLIC KEYS IN ALL PATHS LISTED IN @SENSORLOC ARRAY
$feedbackCount = 1;
foreach(@sensorLoc) {
print "Deleting existing Certicom Keys on Sensor #", $feedbackCount, ": ";
$dirTemp = $_ . "Keys/CerticomNRA";
# print $dirTemp , "\n";
chdir ($dirTemp);
@filelist = glob("*");
# print @filelist, "\n";
unlink glob("*.PubKey");
@filelist = glob("*");
# print @filelist, "\n";
print "Done\n";
print "Deleting existing RSA Keys on Sensor #", $feedbackCount, ": ";
$dirTemp = $_ . "Keys/RSA";
# print $dirTemp , "\n";
chdir ($dirTemp);
@filelist = glob("*");
# print @filelist, "\n";
unlink glob("*.PubKey");
@filelist = glob("*");
# print @filelist, "\n";
print "Done\n";
$feedbackCount = $feedbackCount + 1;
}
# OPEN aISSDAEMON.POLICY FOR WRITING AND SUBMIT NEW VALUES
open(OUTFILE, ">/opt/aISS/aISSDaemon/aISSDaemon.policy") or die "Can't open aISSDaemon.policy file: $!";
foreach(@daemon) {
print OUTFILE $_;
# print $_, "\n";
}
close(OUTFILE);
print "\n";
# RESTARTING THE aISSDaemon SERVICE
$adjustedStart = "|" . $startCommand;
open START, $adjustedStart;
close(START);
print "\nAll aISS Sensors have been reset for SP connectivity.\n\n";
Monday, December 20, 2010
Subscribe to:
Posts (Atom)