From patchwork Tue Dec 24 12:58:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tremer X-Patchwork-Id: 2665 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 47hxB60dj3z3xXr for ; Tue, 24 Dec 2019 12:59:10 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 47hxB36jt7z2tm; Tue, 24 Dec 2019 12:59:07 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 47hxB35072z2ySS; Tue, 24 Dec 2019 12:59:07 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 47hxB13gWCz2xk6 for ; Tue, 24 Dec 2019 12:59:05 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 47hxB06jGSz2Km; Tue, 24 Dec 2019 12:59:04 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909ed25519; t=1577192344; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=nTplIlQG36Hyte1RTfl1hK4gUgWDX862LKuBEQ03Ffg=; b=cF6SbJUyn9YCVcTsdEX+MHaRczfg7WkDXSEmjpXbfNSFCX/vRKjk36YJYC00XhfsLvj0i4 DdomPmmauR6B2TCg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909rsa; t=1577192344; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=nTplIlQG36Hyte1RTfl1hK4gUgWDX862LKuBEQ03Ffg=; b=D17z6idTQGnx/IDd1Kg5ulSFsSHmldv2yIVhL9mhTuCrutAt9y1swEaR5GMKvJCyBY4UsV Ec6kqFKTtJb1D7myjtitpxPMa4cXBcyyG+2WuNXeWH0An3ilZS/7aZ9x0D6Zn/Vxuts1H/ GwF65cTQKPr8J3kC6ekjTdVnPamCFzDx8kMv5QN4ytlmd64NhtcgCj9Uj6mvBxTOpV98H5 u3PMSIZvJEkIXxNiYRU2alcQ4kJmVEwmvCVraenWrpi1fqLeU5/30882bC/foPi08DXupW tKZPWSZ6VAZHfW03RfsyPZVXqem3u3XJe4NiNFzt5y3aOgll6cNnDGgTyojzxQ== From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH 1/3] amazon-ssm-agent: New package Date: Tue, 24 Dec 2019 12:58:52 +0000 Message-Id: <20191224125854.11552-1-michael.tremer@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michael Tremer Errors-To: development-bounces@lists.ipfire.org Sender: "Development" AWS Systems Manager Agent (SSM Agent) is Amazon software that can be installed and configured on an Amazon EC2 instance, an on-premises server, or a virtual machine (VM). SSM Agent makes it possible for Systems Manager to update, manage, and configure these resources. The agent processes requests from the Systems Manager service in the AWS Cloud, and then runs them as specified in the request. SSM Agent then sends status and execution information back to the Systems Manager service by using the Amazon Message Delivery Service. Signed-off-by: Michael Tremer --- config/backup/includes/amazon-ssm-agent | 1 + .../packages/x86_64/amazon-ssm-agent | 13 ++ lfs/amazon-ssm-agent | 118 ++++++++++++++++++ make.sh | 1 + src/initscripts/packages/amazon-ssm-agent | 42 +++++++ src/paks/amazon-ssm-agent/install.sh | 36 ++++++ src/paks/amazon-ssm-agent/uninstall.sh | 36 ++++++ src/paks/amazon-ssm-agent/update.sh | 26 ++++ 8 files changed, 273 insertions(+) create mode 100644 config/backup/includes/amazon-ssm-agent create mode 100644 config/rootfiles/packages/x86_64/amazon-ssm-agent create mode 100644 lfs/amazon-ssm-agent create mode 100644 src/initscripts/packages/amazon-ssm-agent create mode 100644 src/paks/amazon-ssm-agent/install.sh create mode 100644 src/paks/amazon-ssm-agent/uninstall.sh create mode 100644 src/paks/amazon-ssm-agent/update.sh diff --git a/config/backup/includes/amazon-ssm-agent b/config/backup/includes/amazon-ssm-agent new file mode 100644 index 000000000..d202bcf26 --- /dev/null +++ b/config/backup/includes/amazon-ssm-agent @@ -0,0 +1 @@ +/etc/amazon/ssm diff --git a/config/rootfiles/packages/x86_64/amazon-ssm-agent b/config/rootfiles/packages/x86_64/amazon-ssm-agent new file mode 100644 index 000000000..98f93cdfd --- /dev/null +++ b/config/rootfiles/packages/x86_64/amazon-ssm-agent @@ -0,0 +1,13 @@ +#etc/amazon +etc/amazon/ssm +etc/amazon/ssm/amazon-ssm-agent.json +etc/amazon/ssm/seelog.xml +etc/rc.d/init.d/amazon-ssm-agent +usr/bin/amazon-ssm-agent +usr/bin/ssm-cli +usr/bin/ssm-document-worker +usr/bin/ssm-session-logger +usr/bin/ssm-session-worker +var/ipfire/backup/addons/includes/amazon-ssm-agent +#var/lib/amazon +var/lib/amazon/ssm diff --git a/lfs/amazon-ssm-agent b/lfs/amazon-ssm-agent new file mode 100644 index 000000000..da164ced8 --- /dev/null +++ b/lfs/amazon-ssm-agent @@ -0,0 +1,118 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2019 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 2.3.786.0 +SUP_ARCH = x86_64 + +THISAPP = amazon-ssm-agent-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = amazon-ssm-agent +PAK_VER = 1 + +DEPS = "" + +export GOPATH = $(HOME)/gopath + +DIR_BUILD = $(GOPATH)/src/github.com/aws/amazon-ssm-agent + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = a2887445875d335b021c5044eab955dc + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) $(DIR_BUILD) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + + # The build system is searching for code in a certain path + mkdir -pv $$(dirname $(DIR_BUILD)) + ln -svf --relative $(DIR_APP) $(DIR_BUILD) + + # Disable style check + cd $(DIR_BUILD) && sed -e "/checkstyle.sh/d" -i makefile + + # Build + cd $(DIR_BUILD) && make build-linux + + # Install + mkdir -pv /etc/amazon/ssm /usr/bin /var/lib/amazon/ssm + cd $(DIR_BUILD) && install -v -m 755 \ + bin/linux_amd64/amazon-ssm-agent \ + bin/linux_amd64/ssm-cli \ + bin/linux_amd64/ssm-document-worker \ + bin/linux_amd64/ssm-session-worker \ + bin/linux_amd64/ssm-session-logger \ + /usr/bin + cd $(DIR_BUILD) && install -v -m 644 \ + seelog_unix.xml /etc/amazon/ssm/seelog.xml + cd $(DIR_BUILD) && install -v -m 644 \ + amazon-ssm-agent.json.template /etc/amazon/ssm/amazon-ssm-agent.json + + # Install initscript + $(call INSTALL_INITSCRIPT,amazon-ssm-agent) + + # Install backup include + install -v -m 644 $(DIR_SRC)/config/backup/includes/amazon-ssm-agent \ + /var/ipfire/backup/addons/includes/amazon-ssm-agent + + @rm -rf $(DIR_APP) $(DIR_BUILD) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index 64b08b7d9..34eae1cbb 100755 --- a/make.sh +++ b/make.sh @@ -1631,6 +1631,7 @@ buildipfire() { lfsmake2 tshark lfsmake2 geoip-generator lfsmake2 speedtest-cli + lfsmake2 amazon-ssm-agent } buildinstaller() { diff --git a/src/initscripts/packages/amazon-ssm-agent b/src/initscripts/packages/amazon-ssm-agent new file mode 100644 index 000000000..c385d890c --- /dev/null +++ b/src/initscripts/packages/amazon-ssm-agent @@ -0,0 +1,42 @@ +#!/bin/sh +######################################################################## +# Begin $rc_base/init.d/amazon-ssm-agent +######################################################################## + +. /etc/sysconfig/rc +. ${rc_functions} + +case "${1}" in + start) + # Do not launch the agent when we are not running on EC2 + if ! running_on_ec2; then + exit 0 + fi + + boot_mesg "Starting Amazon SSM Agent..." + /usr/bin/amazon-ssm-agent &>/dev/null & + evaluate_retval + ;; + + stop) + boot_mesg "Stopping Amazon SSM Agent..." + killproc /usr/bin/amazon-ssm-agent + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + status) + statusproc /usr/bin/amazon-ssm-agent + ;; + + *) + echo "Usage: ${0} {start|stop|restart|status}" + exit 1 + ;; +esac + +# End $rc_base/init.d/amazon-ssm-agent diff --git a/src/paks/amazon-ssm-agent/install.sh b/src/paks/amazon-ssm-agent/install.sh new file mode 100644 index 000000000..b9044906b --- /dev/null +++ b/src/paks/amazon-ssm-agent/install.sh @@ -0,0 +1,36 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh + +extract_files +restore_backup ${NAME} + +start_service ${NAME} + +# Enable autostart +ln -sf ../init.d/amazon-ssm-agent /etc/rc.d/rc0.d/K10amazon-ssm-agent +ln -sf ../init.d/amazon-ssm-agent /etc/rc.d/rc3.d/S41amazon-ssm-agent +ln -sf ../init.d/amazon-ssm-agent /etc/rc.d/rc6.d/K10amazon-ssm-agent + +exit 0 diff --git a/src/paks/amazon-ssm-agent/uninstall.sh b/src/paks/amazon-ssm-agent/uninstall.sh new file mode 100644 index 000000000..48f160762 --- /dev/null +++ b/src/paks/amazon-ssm-agent/uninstall.sh @@ -0,0 +1,36 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh + +extract_backup_includes + +stop_service ${NAME} + +make_backup ${NAME} + +remove_files + +rm -rfv /etc/rc.d/rc*.d/*amazon-ssm-agent + +exit 0 diff --git a/src/paks/amazon-ssm-agent/update.sh b/src/paks/amazon-ssm-agent/update.sh new file mode 100644 index 000000000..89c40d0d7 --- /dev/null +++ b/src/paks/amazon-ssm-agent/update.sh @@ -0,0 +1,26 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +./uninstall.sh +./install.sh