• Ricardo's avatar
    Added scripts to check the packages' versions and the files' integrity · 540b2fa1
    Ricardo authored
    
    
    We are adding some scripts to check the packages' versions and the integrity
    of the files in the disks. Basically, this tool is divided into two main
    features: the checking of packages with their versions and the checking of
    files with their md5sum hashes.
    
    To check packages' versions, we are using a scenario composed by a base file
    hosted in the SDI server and scripts sent to the SDI hosts. The base file is
    just a list of packages' versions that we judge as correct, it means, a
    host has a installed package in a wrong version if and only if the version
    installed in the host is not equal to the version present in the base file.
    So, we have a script called "generate_pack_base.sh" which generates the base
    file under $PRDDIR/packs/, with the name "packs_base". Notice that the SDI
    server must host a Debian mirror to do this. Notice also that we update the
    crontab to run this script daily.
    
    With the base file correctly generated in the SDI server, we will send some
    scripts to the hosts. First of all, we send, under "onconnect.d", the
    "prd_packs" script, which contains the function that will check the packages'
    versions. Then, under "hourly.d", we send the "prd_integrity" script, that
    will call the function defined in "prd_packs". Basically, the function
    downloads the base file from the SDI server (via sendfile feature) and
    compare the versions defined in the base file with the versions installed
    in the hosts. Depending on the differences found between both, prd_packs
    will print some different messages and make the host enter into different
    states. The states defined by prd_packs script are:
    
    prequest.st: The host is downloading (or waiting to) the base file;
    dpkg_configure_error.st: The host cannot install any package because
        requires 'dpkg --configure -a';
    dpkg_error.st: 'dpkg -l dpkg' is returning an error code;
    empty_cron_error.st: The host has no scheduled updates;
    perror1.st: Some package is not correctly installed;
    perror2.st: Some package is installed with an old version;
    perror3.st: Some package is useless (installed in the host, but not present
        in the base file);
    perror4.st: Some package is installed with an newer version;
    packs_pok.st: Everything is ok.
    
    When some error is found, prd_packs tries to fix it by downloading and
    installing the failed packages again.
    
    The scenario of checking files with their md5sum is very similar. The SDI
    server hosts some base files and the SDI hosts compare their files with the
    ones present in the base file. However, we have some differences here.
    First of all, we have the "generate_mdsum_base.sh" script, which will
    generate the base files by the same way. This script will be updated in the
    crontab, too. But now we have two different base files to generate. This is
    because we have, in PRD, two classes of schools: Regular ones and Testing
    ones. Schools in different classes may have different files. Because of
    this, we are gerenating base files for both classes. The bases will be
    present under $PRD/mdsum/base_md5_{normal,test}.bz2. Since we are
    checking all files in all packages, the base files are too big. That's the
    cause of compressing them with the bunzip2 format.
    
    Like prd_packs, we send, under "onconnect.d", the function that will check
    the mdsums. "prd_integrity", after calling the prd_packs' function, will
    call the prd_md5's function.
    
    Since the compacted file base still too big, the SDI hosts shouldn't
    download it every time prd_integrity is called. Instead, the SDI hosts
    download it once, keep in the disk and use the same file in the next time.
    If the base file must be updated, the hosts will download it again. That's
    the cause of having a "prd_export" hourly script. This script only send to
    the hosts the md5sum of the base files. With this, the hosts will know if
    the file they have needs to be updated by checking its md5sum. Like
    prd_packs, prd_md5 can generate some states. They are:
    
    mrequest.st: The host is downloading (or waiting to) some base file;
    merror.st: Some file is corrupt (its mdsum is not equal to the one
        defined in the base file);
    md5_mok.st: Everything is ok.
    
    When some error is found, prd_md5 tries to fix it by downloading and
    installing the package which contains the failed file.
    
    Finally, a Makefile has been created to set this scenario. It can
    install, uninstall and purge the prd_packs and prd_md5 scripts.
    Signed-off-by: default avatarRicardo <rto07@c3sl.ufpr.br>
    540b2fa1