#! /bin/bash . /usr/src/m2/framework/bash_functions.sh get_ssh_data() { local server_ip="$1" SSH_USERNAME="" SSH_PORT="" SSH_KEY="" read -r SSH_USERNAME SSH_PORT < <( MYSQL_PWD="$DB_PASSWORD" /usr/bin/mysql -h "$DB_HOST" -u "$DB_USERNAME" "$DB_NAME" -sNe "SELECT ssh_username, ssh_port FROM servers WHERE server_ip = '$server_ip'") if [[ -z $SSH_USERNAME ]]; then SSH_USERNAME=root fi if [[ -z $SSH_PORT ]]; then SSH_PORT=22 fi SSH_KEY="" if [[ -e "/var/www/.ssh/id_rsa" ]]; then SSH_KEY="/var/www/.ssh/id_rsa" elif [[ -e "/root/.ssh/id_rsa" ]]; then SSH_KEY="/root/.ssh/id_rsa" else report "Neither /var/www/.ssh/id_rsa nor /root/.ssh/id_rsa exists in the system" 1 report "Please configure keys to $DB_HOST as descrided here: http://wiki.kolmisoft.com/index.php/Configure_SSH_connection_between_servers" 3 fi } set_database_variables if [[ $DB_HOST = 'localhost' || $DB_HOST = "127.0.0.1" ]]; then report "DB is on local server. Will not check SSH conectivity to DB server" 0 exit 0 fi get_ssh_data "$DB_HOST" if [[ -z $SSH_KEY ]]; then exit 1; fi # Check ssh connection if ! ssh_ouput=$(ssh -o "BatchMode=yes" -o "ConnectTimeout=15" -i $SSH_KEY -p$SSH_PORT $SSH_USERNAME@$DB_HOST "echo 2>&1" 2>&1); then report "Unable to connect to remote DB server $DB_HOST over SSH (ssh -i $SSH_KEY -p$SSH_PORT $SSH_USERNAME@$DB_HOST)" 1 report "ssh output: $ssh_ouput" 3 else report "DB server $DB_HOSTANME is reachable over ssh using key $SSH_KEY" 0 fi # Check mysql conenction if ! mysql_output=$(MYSQL_PWD="$DB_PASSWORD" /usr/bin/mysql --connect-timeout=15 -h "$DB_HOST" -u "$DB_USERNAME" "$DB_NAME" -sNe "SELECT 1 from dual" 2>&1); then report "Unable to connect to remote DB server: MYSQL_PWD=$DB_PASSWORD /usr/bin/mysql --connect-timeout=15 -h $DB_HOST -u $DB_USERNAME $DB_NAME" 1 report "mysql_output: $mysql_output" 3 fi # Check permissions # Get List of IP addresses in current server and construct string for DB search # "'m2'@'IP1'", "'m2@'IP2'", etc export DB_NAME ip_list=$(ip -o addr | awk '!/^[0-9]*: ?lo|inet6|link\/ether/ {gsub("/", " "); printf "%s ", $4}' | perl -e '$l=(<>);$s=join(",",map{"\""."'\''"."$ENV{DB_NAME}"."'\''"."@"."'\''".$_."'\''"."\""} split /\s+/, $l);print $s') if ! mysql_output=$(MYSQL_PWD="$DB_PASSWORD" /usr/bin/mysql -h "$DB_HOST" -u "$DB_USERNAME" "$DB_NAME" -sNe "select PRIVILEGE_TYPE from information_schema.user_privileges where grantee in ($ip_list);" 2>&1); then report "Unable to ger DB permission list for '$DB_USERNAME'@'$DB_HOST'" 1 report "mysql_output: $mysql_output" 3 else bad_grant=0 for db_grant in "REPLICATION SLAVE" "REPLICATION CLIENT" FILE SUPER; do if ! echo "$mysql_output" | grep -qF "$db_grant"; then report "Grant $db_grant is missing for '$DB_USERNAME'@'IP_OF_THIS_SERVER' at DB server $DB_HOST" 1 bad_grant=1 fi done if (( bad_grant > 0 )); then report "Connect localy to DB and execute these commands:" 3 report "GRANT PROCESS, SUPER, FILE, REPLICATION SLAVE , REPLICATION CLIENT ON * . * TO '$DB_NAME'@'IP_OF_THIS_SERVER';" 3 else report "All DB permisions are granted for this server in DB $DB_HOSTNAME" 0 fi fi