2
# WARNING: REQUIRES /bin/sh
4
# - must run on /bin/sh on solaris 9
5
# - must run on /bin/sh on AIX 6.x
7
# Copyright:: Copyright (c) 2010-2015 Chef Software, Inc.
8
# License:: Apache License, Version 2.0
10
# Licensed under the Apache License, Version 2.0 (the "License");
11
# you may not use this file except in compliance with the License.
12
# You may obtain a copy of the License at
14
# http://www.apache.org/licenses/LICENSE-2.0
16
# Unless required by applicable law or agreed to in writing, software
17
# distributed under the License is distributed on an "AS IS" BASIS,
18
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19
# See the License for the specific language governing permissions and
20
# limitations under the License.
25
# This section has some helper functions to make life easier.
28
# $tmp_dir: secure-ish temp directory that can be used during installation.
31
# Check whether a command exists - returns 0 if it does, 1 if it does not
33
if command -v $1 >/dev/null 2>&1
41
# Output the instructions to report bug about this script
43
echo "Version: $version"
45
echo "Please file a Bug Report at https://github.com/chef/omnitruck/issues/new"
46
echo "Alternatively, feel free to open a Support Ticket at https://www.chef.io/support/tickets"
47
echo "More Chef support resources can be found at https://www.chef.io/support"
49
echo "Please include as many details about the problem as possible i.e., how to reproduce"
50
echo "the problem (if possible), type of the Operating System and its version, etc.,"
51
echo "and any other relevant details that might help us with troubleshooting."
56
echo "Package checksum mismatch!"
61
unable_to_retrieve_package() {
62
echo "Unable to retrieve a valid package!"
64
echo "Metadata URL: $metadata_url"
65
if test "x$download_url" != "x"; then
66
echo "Download URL: $download_url"
68
if test "x$stderr_results" != "x"; then
69
echo "\nDEBUG OUTPUT FOLLOWS:\n$stderr_results"
75
echo "Omnitruck artifact does not exist for version $version on platform $platform"
77
echo "Either this means:"
78
echo " - We do not support $platform"
79
echo " - We do not have an artifact for $version"
81
echo "This is often the latter case due to running a prerelease or RC version of chef"
82
echo "or a gem version which was only pushed to rubygems and not omnitruck."
84
echo "You may be able to set your knife[:bootstrap_version] to the most recent stable"
85
echo "release of Chef to fix this problem (or the most recent stable major version number)."
87
echo "In order to test the version parameter, adventurous users may take the Metadata URL"
88
echo "below and modify the '&v=<number>' parameter until you successfully get a URL that"
89
echo "does not 404 (e.g. via curl or wget). You should be able to use '&v=11' or '&v=12'"
92
echo "If you cannot fix this problem by setting the bootstrap_version, it probably means"
93
echo "that $platform is not supported."
95
# deliberately do not call report_bug to suppress bug report noise.
96
echo "Metadata URL: $metadata_url"
97
if test "x$download_url" != "x"; then
98
echo "Download URL: $download_url"
100
if test "x$stderr_results" != "x"; then
101
echo "\nDEBUG OUTPUT FOLLOWS:\n$stderr_results"
106
capture_tmp_stderr() {
107
# spool up /tmp/stderr from all the commands we called
108
if test -f "$tmp_dir/stderr"; then
109
output=`cat $tmp_dir/stderr`
110
stderr_results="${stderr_results}\nSTDERR from $1:\n\n$output\n"
115
# do_wget URL FILENAME
117
echo "trying wget..."
118
wget -O "$2" "$1" 2>$tmp_dir/stderr
121
grep "ERROR 404" $tmp_dir/stderr 2>&1 >/dev/null
122
if test $? -eq 0; then
127
# check for bad return status or empty output
128
if test $rc -ne 0 || test ! -s "$2"; then
129
capture_tmp_stderr "wget"
136
# do_curl URL FILENAME
138
echo "trying curl..."
139
curl --retry 5 -sL -D $tmp_dir/stderr "$1" > "$2"
142
grep "404 Not Found" $tmp_dir/stderr 2>&1 >/dev/null
143
if test $? -eq 0; then
148
# check for bad return status or empty output
149
if test $rc -ne 0 || test ! -s "$2"; then
150
capture_tmp_stderr "curl"
157
# do_fetch URL FILENAME
159
echo "trying fetch..."
160
fetch -o "$2" "$1" 2>$tmp_dir/stderr
161
# check for bad return status
162
test $? -ne 0 && return 1
166
# do_perl URL FILENAME
168
echo "trying perl..."
169
perl -e 'use LWP::Simple; getprint($ARGV[0]);' "$1" > "$2" 2>$tmp_dir/stderr
172
grep "404 Not Found" $tmp_dir/stderr 2>&1 >/dev/null
173
if test $? -eq 0; then
178
# check for bad return status or empty output
179
if test $rc -ne 0 || test ! -s "$2"; then
180
capture_tmp_stderr "perl"
187
# do_python URL FILENAME
189
echo "trying python..."
190
python -c "import sys,urllib2 ; sys.stdout.write(urllib2.urlopen(sys.argv[1]).read())" "$1" > "$2" 2>$tmp_dir/stderr
193
grep "HTTP Error 404" $tmp_dir/stderr 2>&1 >/dev/null
194
if test $? -eq 0; then
199
# check for bad return status or empty output
200
if test $rc -ne 0 || test ! -s "$2"; then
201
capture_tmp_stderr "python"
207
# returns 0 if checksums match
209
if exists sha256sum; then
210
echo "Comparing checksum with sha256sum..."
211
checksum=`sha256sum $1 | awk '{ print $1 }'`
212
return `test "x$checksum" = "x$2"`
213
elif exists shasum; then
214
echo "Comparing checksum with shasum..."
215
checksum=`shasum -a 256 $1 | awk '{ print $1 }'`
216
return `test "x$checksum" = "x$2"`
218
echo "WARNING: could not find a valid checksum program, pre-install shasum or sha256sum in your O/S image to get valdation..."
223
# do_download URL FILENAME
225
echo "downloading $1"
229
if test "x$platform" = "xsolaris2"; then
230
if test "x$platform_version" = "x5.9" -o "x$platform_version" = "x5.10"; then
231
# solaris 9 lacks openssl, solaris 10 lacks recent enough credentials - your base O/S is completely insecure, please upgrade
232
url=`echo $url | sed -e 's/https/http/'`
236
# we try all of these until we get success.
237
# perl, in particular may be present but LWP::Simple may not be installed
240
do_wget $url $2 && return 0
244
do_curl $url $2 && return 0
247
if exists fetch; then
248
do_fetch $url $2 && return 0
252
do_perl $url $2 && return 0
255
if exists python; then
256
do_python $url $2 && return 0
259
unable_to_retrieve_package
262
# install_file TYPE FILENAME
263
# TYPE is "rpm", "deb", "solaris", "sh", etc.
265
echo "Installing $project $version"
268
if test "x$platform" = "xnexus" || test "x$platform" = "xios_xr"; then
269
echo "installing with yum..."
272
echo "installing with rpm..."
273
rpm -Uvh --oldpackage --replacepkgs "$2"
277
echo "installing with dpkg..."
281
echo "installing with installp..."
282
installp -aXYgd "$2" all
285
echo "installing with pkgadd..."
286
echo "conflict=nocheck" > $tmp_dir/nocheck
287
echo "action=nocheck" >> $tmp_dir/nocheck
288
echo "mail=" >> $tmp_dir/nocheck
289
pkgrm -a $tmp_dir/nocheck -n $project >/dev/null 2>&1 || true
290
pkgadd -G -n -d "$2" -a $tmp_dir/nocheck $project
293
echo "installing with installer..."
294
cd / && /usr/sbin/installer -pkg "$2" -target /
297
echo "installing dmg file..."
298
hdiutil detach "/Volumes/chef_software" >/dev/null 2>&1 || true
299
hdiutil attach "$2" -mountpoint "/Volumes/chef_software"
300
cd / && /usr/sbin/installer -pkg `find "/Volumes/chef_software" -name \*.pkg` -target /
301
hdiutil detach "/Volumes/chef_software"
304
echo "installing with sh..."
308
echo "Unknown filetype: $1"
313
if test $? -ne 0; then
314
echo "Installation failed"
320
if test "x$TMPDIR" = "x"; then
325
# secure-ish temp dir creation without having mktemp available (DDoS-able but not expliotable)
326
tmp_dir="$tmp/install.sh.$$"
327
(umask 077 && mkdir $tmp_dir) || exit 1
334
# script_cli_parameters.sh
336
# This section reads the CLI parameters for the install script and translates
337
# them to the local parameters to be used later by the script.
340
# $version: Requested version to be installed.
341
# $channel: Channel to install the product from
342
# $project: Project to be installed
343
# $cmdline_filename: Name of the package downloaded on local disk.
344
# $cmdline_dl_dir: Name of the directory downloaded package will be saved to on local disk.
351
while getopts pnv:c:f:P:d: opt
355
v) version="$OPTARG";;
356
c) channel="$OPTARG";;
357
p) channel="current";; # compat for prerelease option
358
n) channel="current";; # compat for nightlies option
359
f) cmdline_filename="$OPTARG";;
360
P) project="$OPTARG";;
361
d) cmdline_dl_dir="$OPTARG";;
364
"usage: $0 [-P project] [-c release_channel] [-v version] [-f filename | -d download_dir]"
369
shift `expr $OPTIND - 1`
372
# platform_detection.sh
374
# This section makes platform detection compatible with omnitruck on the system
378
# $platform: Name of the platform.
379
# $platform_version: Version of the platform.
380
# $machine: System's architecture.
384
# Platform and Platform Version detection
386
# NOTE: This should now match ohai platform and platform_version matching.
387
# do not invented new platform and platform_version schemas, just make this behave
388
# like what ohai returns as platform and platform_version for the server.
390
# ALSO NOTE: Do not mangle platform or platform_version here. It is less error
391
# prone and more future-proof to do that in the server, and then all omnitruck clients
392
# will 'inherit' the changes (install.sh is not the only client of the omnitruck
393
# endpoint out there).
399
if test -f "/etc/lsb-release" && grep -q DISTRIB_ID /etc/lsb-release && ! grep -q wrlinux /etc/lsb-release; then
400
platform=`grep DISTRIB_ID /etc/lsb-release | cut -d "=" -f 2 | tr '[A-Z]' '[a-z]'`
401
platform_version=`grep DISTRIB_RELEASE /etc/lsb-release | cut -d "=" -f 2`
402
elif test -f "/etc/debian_version"; then
404
platform_version=`cat /etc/debian_version`
405
elif test -f "/etc/redhat-release"; then
406
platform=`sed 's/^\(.\+\) release.*/\1/' /etc/redhat-release | tr '[A-Z]' '[a-z]'`
407
platform_version=`sed 's/^.\+ release \([.0-9]\+\).*/\1/' /etc/redhat-release`
409
# If /etc/redhat-release exists, we act like RHEL by default
410
if test "$platform" = "fedora"; then
411
# FIXME: stop remapping fedora to el
412
# FIXME: remove client side platform_version mangling and hard coded yolo
413
# Change platform version for use below.
414
platform_version="6.0"
417
if test "$platform" = "xenserver"; then
418
# Current XenServer 6.2 is based on CentOS 5, platform is not reset to "el" server should hanlde response
421
# FIXME: use "redhat"
425
elif test -f "/etc/system-release"; then
426
platform=`sed 's/^\(.\+\) release.\+/\1/' /etc/system-release | tr '[A-Z]' '[a-z]'`
427
platform_version=`sed 's/^.\+ release \([.0-9]\+\).*/\1/' /etc/system-release | tr '[A-Z]' '[a-z]'`
428
# amazon is built off of fedora, so act like RHEL
429
if test "$platform" = "amazon linux ami"; then
430
# FIXME: remove client side platform_version mangling and hard coded yolo, and remapping to deprecated "el"
432
platform_version="6.0"
435
elif test -f "/usr/bin/sw_vers"; then
437
# Matching the tab-space with sed is error-prone
438
platform_version=`sw_vers | awk '/^ProductVersion:/ { print $2 }' | cut -d. -f1,2`
440
# x86_64 Apple hardware often runs 32-bit kernels (see OHAI-63)
441
x86_64=`sysctl -n hw.optional.x86_64`
442
if test $x86_64 -eq 1; then
445
elif test -f "/etc/release"; then
446
machine=`/usr/bin/uname -p`
447
if grep -q SmartOS /etc/release; then
449
platform_version=`grep ^Image /etc/product | awk '{ print $3 }'`
452
platform_version=`/usr/bin/uname -r`
454
elif test -f "/etc/SuSE-release"; then
455
if grep -q 'Enterprise' /etc/SuSE-release;
458
platform_version=`awk '/^VERSION/ {V = $3}; /^PATCHLEVEL/ {P = $3}; END {print V "." P}' /etc/SuSE-release`
461
platform_version=`awk '/^VERSION =/ { print $3 }' /etc/SuSE-release`
463
elif test "x$os" = "xFreeBSD"; then
465
platform_version=`uname -r | sed 's/-.*//'`
466
elif test "x$os" = "xAIX"; then
468
platform_version="`uname -v`.`uname -r`"
470
elif test -f "/etc/os-release"; then
472
if test "x$CISCO_RELEASE_INFO" != "x"; then
473
. $CISCO_RELEASE_INFO
477
platform_version=$VERSION
480
if test "x$platform" = "x"; then
481
echo "Unable to determine platform version!"
487
# NOTE: platform manging in the install.sh is DEPRECATED
489
# - install.sh should be true to ohai and should not remap
490
# platform or platform versions.
492
# - remapping platform and mangling platform version numbers is
493
# now the complete responsibility of the server-side endpoints
496
major_version=`echo $platform_version | cut -d. -f1`
498
# FIXME: should remove this case statement completely
500
# FIXME: "el" is deprecated, should use "redhat"
501
platform_version=$major_version
504
if test "x$major_version" = "x5"; then
505
# This is here for potential back-compat.
506
# We do not have 5 in versions we publish for anymore but we
507
# might have it for earlier versions.
510
platform_version=$major_version
514
platform_version=$major_version
517
platform_version=$major_version
520
platform_version=$major_version
524
if test "x$platform_version" = "x"; then
525
echo "Unable to determine platform version!"
530
if test "x$platform" = "xsolaris2"; then
531
# hack up the path on Solaris to find wget, pkgadd
532
PATH=/usr/sfw/bin:/usr/sbin:$PATH
536
echo "$platform $platform_version $machine"
539
# end of platform_detection.sh
545
# This section calls omnitruck to get the information about the build to be
562
echo "Getting information for $project $channel $version for $platform..."
564
metadata_filename="$tmp_dir/metadata.txt"
565
metadata_url="http://omnitruck-direct.chef.io/$channel/$project/metadata?v=$version&p=$platform&pv=$platform_version&m=$machine"
567
do_download "$metadata_url" "$metadata_filename"
569
cat "$metadata_filename"
572
# check that all the mandatory fields in the downloaded metadata are there
573
if grep '^url' $metadata_filename > /dev/null && grep '^sha256' $metadata_filename > /dev/null; then
574
echo "downloaded metadata file looks valid..."
576
echo "downloaded metadata file is corrupted or an uncaught error was encountered in downloading the file..."
577
# this generally means one of the download methods downloaded a 404 or something like that and then reported a successful exit code,
578
# and this should be fixed in the function that was doing the download.
583
download_url=`awk '$1 == "url" { print $2 }' "$metadata_filename"`
584
sha256=`awk '$1 == "sha256" { print $2 }' "$metadata_filename"`
587
# end of fetch_metadata.sh
593
# This section fetchs a package from $download_url and verifies its metadata.
599
# $cmdline_filename: Name of the package downloaded on local disk.
600
# $cmdline_dl_dir: Name of the directory downloaded package will be saved to on local disk.
603
# $download_filename: Name of the downloaded file on local disk.
604
# $filetype: Type of the file downloaded.
607
filename=`echo $download_url | sed -e 's/^.*\///'`
608
filetype=`echo $filename | sed -e 's/^.*\.//'`
610
# use either $tmp_dir, the provided directory (-d) or the provided filename (-f)
611
if test "x$cmdline_filename" != "x"; then
612
download_filename="$cmdline_filename"
613
elif test "x$cmdline_dl_dir" != "x"; then
614
download_filename="$cmdline_dl_dir/$filename"
616
download_filename="$tmp_dir/$filename"
619
# ensure the parent directory where to download the installer always exists
620
download_dir=`dirname $download_filename`
621
(umask 077 && mkdir -p $download_dir) || exit 1
623
# check if we have that file locally available and if so verify the checksum
624
cached_file_available="false"
625
if test -f $download_filename; then
626
echo "$download_filename already exists, verifiying checksum..."
627
if do_checksum "$download_filename" "$sha256"; then
628
echo "checksum compare succeeded, using existing file!"
629
cached_file_available="true"
631
echo "checksum mismatch, downloading latest version of the file"
635
# download if no local version of the file available
636
if test "x$cached_file_available" != "xtrue"; then
637
do_download "$download_url" "$download_filename"
638
do_checksum "$download_filename" "$sha256" || checksum_mismatch
642
# end of fetch_package.sh
648
# Installs a package and removed the temp directory.
651
# $download_filename: Name of the file to be installed.
652
# $filetype: Type of the file to be installed.
653
# $version: The version requested. Used only for warning user if not set.
656
if test "x$version" = "x"; then
658
echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING"
660
echo "You are installing an omnibus package without a version pin. If you are installing"
661
echo "on production servers via an automated process this is DANGEROUS and you will"
662
echo "be upgraded without warning on new releases, even to new major releases."
663
echo "Letting the version float is only appropriate in desktop, test, development or"
664
echo "CI/CD environments."
666
echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING"
670
install_file $filetype "$download_filename"
672
if test "x$tmp_dir" != "x"; then
677
# end of install_package.sh