26230. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 5/14/2018 1:18:39 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

26230.1 Files compared

#	Location	File	Last Modified
1	MCCF_EDI_TAS_Infrastructure.zip\MCCF_EDI_TAS_Infrastructure\mag_sys_build	mag-init.sh	Tue Mar 27 23:50:46 2018 UTC
2	MCCF_EDI_TAS_Infrastructure.zip\MCCF_EDI_TAS_Infrastructure\mag_sys_build	mag-init.sh	Fri May 11 17:41:18 2018 UTC

26230.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	6	1160
Changed	5	12
Inserted	0	0
Removed	0	0

26230.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

26230.4 Active regular expressions

No regular expressions were active.

26230.5 Comparison detail

	1	#! /bin/ba sh
	2	# ==== Beg in Header ====
	3	# mag-init .sh v1.0 2 017-Dec-11 PII )
	4	# Initial release n otes:
	5	# Source taken from prior "ta s-init.sh" . This fil e does "go ld image" creation
	6	# Other p arts of th e original "tas-init .sh" remai n separate ly.
	7	# Known D efects:
	8	# - No s ecurity (M cAfee) ins talled
	9	# - Cent rify SSH s ervice un- tested in MAG enviro nment
	10	#
	11	# These ar e the avai lable comm and-line o ptions:
	12	# -c or - -nocolor : Turn O ff Color D ebug outpu t
	13	# -l or - -logfile : Change logfile ( must come next)
	14	# -f or - -fqdn : Use FQ DN instead of detect ing it (mu st come ne xt)
	15	# -s or - -satlicens e : Use th e given ke y to subsc ribe to th e VA Satel lite
	16	# -u or - -user : Set Bi tBucket Us ername to access pla ybook
	17	# -p or - -pass : Set Bi tBucket Pa ssword to access pla ybook
	18	#
	19	# This scr ipt assume s a system in Micros oft Azure Government Cloud
	20	#
	21	# The task s this scr ipt perfor ms are ess entially t o create a "gold ima ge"
	22	# from whi ch VA soft ware can b e added to the syste m.
	23	#
	24	# A log of the progr ess and re sults of t his script is locate d at $LOGT XT
	25	# If run i nteractive ly, the pr ogress & r esults (di fferent fr om the log file)
	26	# are shown on the screen . If the c olorized o utput of t he interac tive
	27	# scr een are no t working, you can t urn off th e color wi th a -c op tion
	28	#
	29	# ==== End Header == ==
	30	# Don't wa ste any ti me -- if y ou're not root, exit now
	31	if [ "${UI D}" != "0" ]; then
	32	echo " $0 Error: You must r un this sc ript as ro ot" >&2
	33	exit 1
	34	fi
	35
	36	# create a nd blank t he logfile
	37	LOGFILE=/v ar/log/$0. log ; cp / dev/null $ {LOGFILE} ; chmod a+ r ${LOGFIL E}
	38	MyIP=
	39	MyHostname =
	40	MyDomain=
	41	MyFQDN=
	42	MAGLEVEL=
	43	VARH7BSTRA P="http:// DNS . URL /pub/boots trap/rhel7 .sh"
	44	VARH7LICDE V=9-mccf-p reprod-el7
	45	VARH7LICNP ROD=9-mccf -preprod-e l7
	46	VARH7LICPR OD=9-mccf- prod-el7
	47	#
	48	# VA DNS S ervers & T AS CI serv ers for MA G Environm ent
	49	# NOTE: Fo r now, the DNS serve rs are ide ntical to EDE DNS se rvers
	50	# That i s expected to change at some t ime in the future
	51	VAMAGDNS1= IP
	52	VAMAGDNS2= IP
	53	#
	54	# Security Playbook Location
	55	SECURITYSR C=bitbucke t.org/half aker/mag_s ys_build
	56	SECURITYDI R=mag_sys_ build
	57	SECURITYYM L=./playbo oks/all_hi gh.yml
	58	if [ -f "$ {SECURITYY ML}" ] ; t hen
	59	echo " $0 Error: You cannot run this script fro m here" >& 2
	60	exit 1
	61	fi
	62	TASSRC=bit bucket.org /halfaker/ mccf_devop s
	63	TASDIR=mcc f_devops
	64	#
	65	# Define c olors and terminal e scape sequ ences for intereacti ve use
	66	UseColor=Y es
	67	CLEAR="\\0 33c"
	68	COL60="\\0 33[60G"
	69	NORMAL="\\ 033[0;39m"
	70	WHITE="\\0 33[1;39m"
	71	GREEN="\\0 33[1;32m"
	72	RED="\\033 [1;31m"
	73	YELLOW="\\ 033[1;33m"
	74	BLUE="\\03 3[1;34m"
	75
	76	SHOWPROCES S="${COL60 }${BLUE}Pr ocessing${ NORMAL}"
	77	SHOWBUILD= "${COL60}$ {BLUE}Buil ding..${NO RMAL}"
	78	SHOWINSTAL L="${COL60 }${BLUE}In stalling${ NORMAL}"
	79	SHOWSKIP=" ${COL60}${ WHITE}[${Y ELLOW} SKI P ${WHITE} ] ${NORMAL }"
	80	SHOWOK="${ COL60}${WH ITE}[${GRE EN} -OK- $ {WHITE}] $ {NORMAL}"
	81	SHOWDONE=" ${COL60}${ WHITE}[${G REEN} DONE ${WHITE}] ${NORMAL} "
	82	SHOWPASS=" ${COL60}${ WHITE}[${G REEN} PASS ${WHITE}] ${NORMAL} "
	83	SHOWISSUE= "${COL60}$ {WHITE}[${ YELLOW}ISS UE ${WHITE }] ${NORMA L}"
	84	SHOWFAIL=" ${COL60}${ WHITE}[${R ED} FAIL $ {WHITE}] $ {NORMAL}"
	85	#
	86	# LOGTXT s ends argum ents passe d to the d efined log file
	87	LOGTXT() {
	88	echo "$ *" >> ${LO GFILE}
	89	}
	90	# DEBUG se nds the ar guments pa ssed to th e terminal with an E OL at the end
	91	DEBUG() {
	92	if [ -t 1 ] ; the n echo -e "$*" ; fi
	93	}
	94	# EDEBUG s ends the a rguments p assed to t he termina l WITH NO EOL charac ter
	95	EDEBUG() {
	96	if [ -t 1 ] ; the n echo -en "$*" ; fi
	97	}
	98
	99	SHOWUSAGE( ) {
	100	# -c or - -nocolor : Turn O ff Color D ebug outpu t
	101	# -l or - -logfile : Change logfile ( must come next)
	102	# -s or - -satlicens e : Use th e given ke y to subsc ribe to th e VA Satel lite
	103	# -f or - -fqdn : Use FQ DN instead of detect ing it (mu st come ne xt)
	104	DEBUG " "
	105	DEBUG "$ 0 Usage Su mmary:"
	106	DEBUG "$ 0 has the following options:"
	107	DEBUG " -c \| --n ocolor : t urns off c olorized o utput to t erminal"
	108	DEBUG " -l \| --l ogfile {lo gfile} : c hanges the default l ogfile"
	109	DEBUG " -f \| --f qdn {FQDN} : overrid es the sys tem FQDN"
	110	DEBUG " -s \| --s atlicense {satellite license k ey} : assi gns the "
	111	DEBUG " V A RedHat S atellite S erver Subs cription K ey"
	112	DEBUG " -u \| --u ser : set username f or BitBuck et pull"
	113	DEBUG " -p \| --p ass : set password f or BitBuck et pull"
	114	DEBUG " "
	115	DEBUG "C orrect you r command line and t ry again.. ."
	116	DEBUG " "
	117	DEBUG "$ 0: Exiting with erro r. "
	118	exit 1
	119	}
	120	# ReadArgs reads the command l ine argume nts passed to it
	121	# and polu lates shel l variable s accordin gly
	122	ReadArgs() {
	123	LOGTXT " Entering R eadArgs `d ate`"
	124	while [[ $# -gt 0 ]] ; do
	125	key="$ 1"
	126
	127	case $ {key} in
	128	-c \| --nocolor )
	129	UseColor= No
	130	CLEAR=""
	131	COL60=""
	132	NORMAL=""
	133	WHITE=""
	134	GREEN=""
	135	RED=""
	136	YELLOW=""
	137	BLUE=""
	138	shift # p ast argume nt
	139	LOGTXT "P rocessing without co lor"
	140	;;
	141	-l \| --logfile )
	142	if [[ $# -ge 2 ]] ; then
	143	LOGFILE ="$2"
	144	else
	145	DEBUG " $1 argumen t requires another a rgument af ter it"
	146	LOGTXT "Error in $1 argumen t (no next argument provided)"
	147	SHOWUSA GE
	148	fi
	149	LOGTXT "U sing LogFi le ${LOGFI LE} instea d"
	150	# DEBUG "Log outpu t redirect ed to ${LO GFILE}"
	151	shift # p ast argume nt
	152	shift # p ast logfil e entry
	153	;;
	154	-f \| --fqdn )
	155	if [[ $# -ge 2 ]] ; then
	156	MyFQDN= "$2"
	157	else
	158	DEBUG " argument $ 1 requires another a rgument af ter it"
	159	LOGTXT "Error in $1 argumen t (no next argument provided)"
	160	SHOWUSA GE
	161	fi
	162	LOGTXT "O verriding FQDN looku p. Using $ {MyFQDN} i nstead"
	163	# DEBUG "Overridin g FQDN loo kup. Using ${MyFQDN} instead"
	164	shift # p ast argume nt
	165	shift # p ast fqdn e ntry
	166	;;
	167	-u \| --user )
	168	if [[ $# -ge 2 ]] ; then
	169	BBUSER= "$2"
	170	LOGTXT "Setting B itBucket U ser from C ommand Lin e"
	171	else
	172	DEBUG " argument $ 1 requires another a rgument af ter it"
	173	LOGTXT "Error in $1 argumen t (no next argument provided)"
	174	SHOWUSA GE
	175	fi
	176	shift # p ast argume nt
	177	shift # p ast user e ntry
	178	;;
	179	-p \| --pass \| --password )
	180	if [[ $# -ge 2 ]] ; then
	181	BBPASS= "$2"
	182	DEBUG " "
	183	LOGTXT "Setting B itBucket P assword fr om Command Line"
	184	else
	185	DEBUG " argument $ 1 requires another a rgument af ter it"
	186	LOGTXT "Error in $1 argumen t (no next argument provided)"
	187	SHOWUSA GE
	188	fi
	189	shift # p ast argume nt
	190	shift # p ast passwo rd entry
	191	;;
	192	-s \| --satlice nse )
	193	if [[ $# -ge 2 ]] ; then
	194	VARH7LI C="$2"
	195	LOGTXT "Setting S atellite L icense fro m Command Line"
	196	else
	197	DEBUG " argument $ 1 requires another a rgument af ter it"
	198	LOGTXT "Error in $1 argumen t (no next argument provided)"
	199	SHOWUSA GE
	200	fi
	201	shift # p ast argume nt
	202	shift # p ast user e ntry
	203	;;
	204	-u \| --user )
	205	if [[ $# -ge 2 ]] ; then
	206	BBUSER= "$2"
	207	LOGTXT "Setting B itBucket U ser from C ommand Lin e"
	208	else
	209	DEBUG " argument $ 1 requires another a rgument af ter it"
	210	LOGTXT "Error in $1 argumen t (no next argument provided)"
	211	SHOWUSA GE
	212	fi
	213	shift # p ast argume nt
	214	shift # p ast user e ntry
	215	;;
	216	-p \| --pass )
	217	if [[ $# -ge 2 ]] ; then
	218	BBPASS= "$2"
	219	LOGTXT "Setting B itBucket P assword fr om Command Line"
	220	else
	221	DEBUG " argument $ 1 requires another a rgument af ter it"
	222	LOGTXT "Error in $1 argumen t (no next argument provided)"
	223	SHOWUSA GE
	224	fi
	225	shift # p ast argume nt
	226	shift # p ast user e ntry
	227	;;
	228	* ) DEBUG "$1 is not a valid argu ment"
	229	LOGTXT "$ 1 is not a valid arg ument"
	230	SHOWUSAGE
	231	;;
	232	esac
	233	done
	234	LOGTXT " Exited Rea dArgs"
	235	}
	236
	237	# DetectSy stem attem pts to ide ntify the system we' re on base d on IP ad dress
	238	# and PTR record (if any)
	239	DetectSyst em() {
	240	LOGTXT " Entering D etectSyste m `date`"
	241	EDEBUG " Detecting System IP: "
	242	# This m ethod uses our defin ed gateway to determ ine the IP address u sed
	243	# for ge tting out. .. in most cases, th is will be our prima ry IP addr ess
	244	Internet IP="`ip ro ute get 8. 8.8.8 \| aw k '{print $NF; exit} '`"
	245	LOGTXT " InternetIP found to be ${Inter netIP}"
	246	# The ho stname -I option ret urns ALL I Ps (other than loopb ack)
	247	# In the EDE envir onment the re are oft en 2 inter faces
	248	IPs="`ho stname -I` "
	249	LOGTXT " List of al l IPs on o ur interfa ces is: ${ IPs}"
	250	MyIP=${I nternetIP}
	251	#
	252	# If we' ve been gi ven the FQ DN, don't bother det ecting it
	253	if [ ! - z "${MyFQD N}" ] ; th en
	254	LOGTXT "Using pr ovided FQD N ${MyFQDN } and rout able IP ${ MyIP}"
	255	EDEBUG "${WHITE} ${MyIP}${N ORMAL}"
	256	DEBUG "${SHOWOK} "
	257	# We wer en't told our FQDN, so we have to try to GET it
	258	# The on ly other w ay to get our FQDN i s through the VA DNS servers
	259	elif PTR=" `host ${My IP} ${VAMA GDNS1} \| DNS . URL `" ; then
	260	MyFQDN ="`echo ${ PTR} \| sed 's/.* poi nter //'`"
	261	LOGTXT "${MyIP} has PTR of ${MyFQDN} from ${VA MAGDNS1}"
	262	EDEBUG "${WHITE} ${MyIP}${N ORMAL}"
	263	DEBUG "${SHOWOK} "
	264	# If our IP isn't listed in the VA DNS server (a nd it wasn 't provide d)
	265	# We hav e little c hoice but to exit -- we don't know who w e are!
	266	else
	267	LOGTXT "Failed t o determin e which IP to use"
	268	EDEBUG "${YELLOW }${IPs}${N ORMAL}"
	269	DEBUG "${SHOWISS UE}"
	270	exit 1 0
	271	fi
	272	#
	273	# At thi s point we should ha ve defined MyFQDN an d MyIP
	274	# Lets v erify and set the My Hostname & MyDomain settings
	275	EDEBUG " Detecting System nam es: "
	276	if [ -z "${MyFQDN} " ] ; then
	277	LOGTXT "Failed t o find an FQDN: fix DNS/PTR or specifiy on the com mand line with -f"
	278	DEBUG "${SHOWFAI L}"
	279	DEBUG "Failed t o find you r FQDN in DNS"
	280	DEBUG " - Fix y our DNS (P TR) entrie s for this IP addres s, or"
	281	DEBUG " - use t he --fqdn option to force the value in t his script "
	282	exit 1 0
	283	elif ! M yHostname= "`echo ${M yFQDN} \| a wk -F. '{ print $1 } '`" ; then
	284	LOGTXT "Error ge tting host name from ${MyFQDN}"
	285	DEBUG "${SHOWFAI L}"
	286	DEBUG "Failed t o get a va lid hostna me from yo ur FQDN: $ {MyFQDN}"
	287	exit 1 0
	288	elif ! M yDomain="` echo ${MyF QDN} \| sed s/^${MyHo stname}\./ /`" ; then
	289	DEBUG "${SHOWFAI L}"
	290	DEBUG "Failed t o get a va lid domain name from your FQDN : ${MyFQDN }"
	291	LOGTXT "Error ge tting doma in from ${ MyFQDN}"
	292	exit 1 0
	293	fi
	294	EDEBUG " ${WHITE}${ MyFQDN}${N ORMAL}"
	295	DEBUG "$ {SHOWOK}"
	296
	297	# Next w e need to set the ho stname
	298	EDEBUG " Setting Ho stname to: "
	299	if ! hos tnamectl s et-hostnam e ${MyFQDN } ; then
	300	DEBUG "${SHOWFAI L}"
	301	DEBUG "Failed t o set host name to ${ MyFQDN} - Unknown ca use"
	302	LOGTXT "Error se tting host name to ${ MyFQDN}"
	303	exit 1 0
	304	fi
	305	# Ensure that we h ave oursel ves listed in /etc/h osts
	306	if ! gre p -q ${MyI P} /etc/ho sts ; then
	307	echo $ {MyIP} ${M yHostname} ${MyFQDN} >> /etc/h osts
	308	fi
	309	EDEBUG " ${WHITE}${ MyFQDN}${N ORMAL}"
	310	DEBUG "$ {SHOWOK}"
	311
	312	# Finall y we need to determi ne our env iroment: M AG, EDE, A WS, or HAC
	313	EDEBUG " Detected S ystem Envi ronment is : "
	314	if `echo $ {MyFQDN} \| grep '. DNS ' > /dev/n ull 2>&1` ; then
	315	if [ " ${MyHostna me:2:3}" = = "c20" ] ; then
	316	if [ ${MyHostn ame:11:1} == "8" ] ; then
	317	MA GLEVEL=DEV
	318	elif [ ${MyHos tname:11:1 } == "4" ] ; then
	319	MA GLEVEL=NPR OD
	320	elif [ ${MyHos tname:11:1 } == "2" ] ; then
	321	MA GLEVEL=PRO D
	322	else
	323	DE BUG "Erro r determin ing VA MAG install L EVEL -- as suming DEV "
	324	MA GLEVEL=DEV
	325	fi
	326	EDEB UG "${WHIT E}MAG-${MA GLEVEL}${N ORMAL}"
	327	DEBU G "${SHOW OK}"
	328	else
	329	DEBU G "${SHOWF AIL}"
	330	DEBU G "Error determinin g VA MAG i nstall env ironment - - check ho stname"
	331	LOGT XT "Error determinin g VA MAG i nstall env ironment - - check ho stname"
	332	exit 10
	333	fi
	334	else
	335	DEBUG "${SHOWFAI L}"
	336	DEBUG "Error de termining VA MAG ins tall envir onment -- check doma in name"
	337	LOGTXT "Error de termining VA MAG ins tall envir onment -- check doma in name"
	338	exit 1 0
	339	fi
	340	LOGTXT " Exited Rea dArgs"
	341
	342	LOGTXT " ${MyIP} is ${MyHostn ame}.${MyD omain}"
	343	LOGTXT " DetectSyst em exited"
	344	}
	345	# SetDNS o verrides t he default DNS serve rs (known NOT to res olve VA ad dresses in MAG)
	346	SetDNS() {
	347	LOGTXT " Entering S etDNS `dat e`"
	348	EDEBUG " Setting DN S Servers: "
	349	EDEBUG " ${WHITE}${ VAMAGDNS1} ${VAMAGDN S2}${NORMA L}"
	350	cat > /e tc/resolv. conf << -E ND
	351	search ${M yDomain}
	352	nameserver ${VAMAGDN S1}
	353	nameserver ${VAMAGDN S2}
	354	-END
	355	DEBUG "$ {SHOWOK}"
	356	LOGTXT " Exiting Se tDNS"
	357	}
	358
	359	# SetRepos removed u nused repo s from the yum.repos .d folder, and when we're
	360	# in the V A environm ent, signs us up for the Satel lite repos
	361	SetRepos() {
	362	LOGTXT " Entering S etRepos `d ate`"
	363	EDEBUG " Setting YU M Repo Ser vers: "
	364	# Remove any YUM c ached data (more tha n a yum cl ean)
	365	rm -rf / var/cache/ yum
	366
	367	# Before anything else, we'r e going to remove al l 32-bit p ackages
	368	# This i s done sil ently, and we don't care about any error s
	369	yum eras e "*i386" -y > /dev/ null 2>&1
	370	yum eras e "*i586" -y > /dev/ null 2>&1
	371	yum eras e "*i686" -y > /dev/ null 2>&1
	372
	373	# we NEV ER subscri be to epel repos (bu t they are subscribe d in MAG b y default)
	374	# so, un subscribe from any e pel repos (may be no ne, but th en this is harmless)
	375	#
	376	# As it turns out, this scri pt MAY be run on a s ystem that already s ubscribes
	377	# to the MCCF repo (s), and s o that nee ds to be r emoved as well.
	378	HERE="${ PWD}"
	379	cd /etc/ yum.repos. d
	380	for i in epel* mcc f* ; do m v "$i" ."$ i" ; done > /dev/nul l 2>&1
	381	cd "${HE RE}"
	382
	383	# VA env ironments use VA SAT ELLITE rep os
	384	if ! yum repolist 2>/dev/nul l \| grep - q "^va-" > /dev/null 2>&1 ; th en
	385	EDEBUG "${WHITE} Subscribin g to VA Sa tellite ${ NORMAL}"
	386	if [ " ${MAGLEVEL }" == "DEV " ] ; then
	387	VARH 7LIC=${VAR H7LICDEV}
	388	elif [ "${MAGLEV EL}" == "N PROD" ] ; then
	389	VARH 7LIC=${VAR H7LICNPROD }
	390	elif [ "${MAGLEV EL}" == "P ROD" ] ; t hen
	391	VARH 7LIC=${VAR H7LICPROD}
	392	fi
	393	if [ - z "${VARH7 LIC}" ] ; then
	394	DEBU G " "
	395	EDEB UG "${WHIT E}Please e nter your License Ke y for the Satellite Servers: $ {YELLOW}"
	396	read VARH7LIC
	397	EDEB UG "${NORM AL}"
	398	fi
	399	# Add key to boo tstrap scr ipt provid ed by sat server adm ins
	400	if ! c url -s "${ VARH7BSTRA P}" \| sed "s#^ACTIVA TION_KEYS= .*#ACTIVAT ION_KEYS=$ {VARH7LIC} #" > ./vas atsubscrib e.sh 2> /d ev/null ; then
	401	DEBU G "${SHOWF AIL}"
	402	DEBU G "Failed to obtain VA Satell ite Subscr iption Scr ipt"
	403	LOGT XT "Failed to obtain VA Satell ite Subscr iption Scr ipt"
	404	exit 15
	405	fi
	406	if ! c hmod 700 . /vasatsubs cribe.sh ; then
	407	DEBU G "${SHOWF AIL}"
	408	DEBU G "Failed to obtain VA Satell ite Subscr iption Scr ipt"
	409	LOGT XT "Failed to obtain VA Satell ite Subscr iption Scr ipt"
	410	exit 15
	411	fi
	412	./vasa tsubscribe .sh >> "${ LOGFILE}" 2>&1
	413	if [ " $?" -ne 0 ] ; then
	414	# Od dly, this script som etimes fai ls the fir st time, b ut
	415	# SU CCEEDS if you just t ry again.. .
	416	DEBU G "${SHOWI SSUE}"
	417	EDEB UG "Retryi ng Satelli et Subscri ption..."
	418	if ! ./vasatsu bscribe.sh >> "${LOG FILE}" 2>& 1 ; then
	419	DE BUG "${SHO WFAIL}"
	420	DE BUG "Fail ure in Sat ellite Sub scription -- see log file"
	421	LO GTXT "Fail ure in Sat ellite Sub scription -- see log file"
	422	ex it 15
	423	fi
	424	fi
	425	rm -f ./vasatsub scribe.sh client-con fig-overri des.txt cl ient_confi g_update.p y
	426	else
	427	EDEBUG "${WHITE} Sat. Subsc ription al ready pres ent${NORMA L}"
	428	fi
	429	DEBUG "$ {SHOWOK}"
	430
	431	EDEBUG " Updating A LL with YU M... be pa tient (${Y ELLOW}Up t o 30 mins$ {WHITE}?${ NORMAL})"
	432	if ! yum install d eltarpm -y >> ${LOGF ILE} 2>&1 ; then
	433	DEBUG "${SHOWFAI L}"
	434	DEBUG "Failure in YUM ins tall delta rpm -- see logfile"
	435	LOGTXT "Failure in YUM ins tall delta rpm -- see logfile"
	436	exit 1 5
	437
	438	elif ! y um update -y >> ${LO GFILE} 2>& 1 ; then
	439	DEBUG "${SHOWFAI L}"
	440	DEBUG "Failure in YUM Upd ates -- se e logfile"
	441	LOGTXT "Failure in YUM Upd ates -- se e logfile"
	442	exit 1 5
	443	fi
	444	DEBUG "$ {SHOWOK}"
	445
	446	LOGTXT " Exiting Se tRepos"
	447	}
	448
	449	GetGITAnsi ble() {
	450	LOGTXT " Entering G etGITAnsib le `date`"
	451	# The pl aybooks th at complet e startup require An sible and are retrie ved with
	452	# GIT -- so we nee d to fetch them with YUM
	453	EDEBUG " Installing git & ans ible for f uture inst alls..."
	454	if ! yum install g it -y --di sablerepo= \mccf\ > > ${LOGFIL E} 2>&1 ; then
	455	DEBUG "${SHOWFAI L}"
	456	DEBUG "Failure installing git"
	457	LOGTXT "Failure installing git"
	458	exit 1 5
	459	fi
	460	if ! yum install a nsible -y --disabler epo=\mccf \ >> ${LO GFILE} 2>& 1 ; then
	461	DEBUG "${SHOWFAI L}"
	462	DEBUG "Failure installing ansible"
	463	LOGTXT "Failure installing ansible"
	464	exit 1 5
	465	fi
	466	DEBUG "$ {SHOWOK}"
	467
	468	LOGTXT " Exiting Ge tGITAnsibl e"
	469	}
	470
	471	#
	472	# InstallS ecurity
	473	#
	474	InstallSec urity() {
	475	LOGTXT " Entering I nstallSecu rity `date `"
	476	DEBUG " Entering I nstallSecu rity"
	477	STARTDIR ="`pwd`"
	478	#
	479	# If Bit Bucket Use rname, Pas sword, or Vault Pass words are not provid ed...
	480	if [ -z "${BBUSER} " ] ; then
	481	EDEBUG "${WHITE} Please ent er your At lassian Bi tBucket Ac count User Name: ${Y ELLOW}"
	482	read B BUSER
	483	fi
	484	if [ -z "${BBPASS} " ] ; then
	485	EDEBUG "${WHITE} Please ent er your pa ssword for the accou nt ${BBUSE R}: ${NORM AL}"
	486	read - s BBPASS
	487	DEBUG " "
	488	fi
	489	# Clean out any pr ior downlo ads
	490	if [ -d "${SECURIT YDIR}" ] ; then rm - rf "${SECU RITYDIR}" ; fi
	491	# Get th e REPO fro m BitBucke t
	492	EDEBUG " Downloadin g Security Playbook. .."
	493	if ! git clone --d epth 1 htt ps://${BBU SER}:${BBP ASS}@${SEC URITYSRC} >> ${LOGFI LE} 2>&1 ; then
	494	DEBUG "${SHOWFAI L}"
	495	DEBUG " Error ob taining pl aybook -- check the logfile @ ${LOGFILE} "
	496	DEBUG " However, the most likely err or is bad BitBucket permission s"
	497	LOGTXT "Sorry! g it clone f ailed..."
	498	exit 2 0
	499	else
	500	DEBUG "${SHOWOK} "
	501	fi
	502	if [ ! - d "${SECUR ITYDIR}" ] ; then
	503	DEBUG "${SHOWFAI L}"
	504	DEBUG " Error ac cessing fo lder `pwd` /${SECURIT YDIR}"
	505	exit 2 0
	506	fi
	507	cd "${SE CURITYDIR} "
	508	if [ ! - f "${SECUR ITYYML}" ] ; then
	509	DEBUG "${SHOWFAI L}"
	510	DEBUG " Error ac cessing fi le ${SECUR ITYYML}"
	511	exit 2 0
	512	fi
	513	DEBUG "$ {SHOWOK}"
	514	# Actual ly RUN the playbook
	515	EDEBUG " Running Se curity Pla ybooks -- be patient ! (${YELLO W}15 mins$ {WHITE}?${ NORMAL})"
	516	if ansib le-playboo k "${SECUR ITYYML}" > >${LOGFILE } 2>&1 ; t hen
	517	DEBUG "${SHOWOK} "
	518	else
	519	DEBUG "${SHOWFAI L}"
	520	DEBUG "Ansible P laybook Fa ilure -- S ee above"
	521	exit 2 0
	522	fi
	523	# Pre-fe tch the fo llow-on TA S build sc ript (with tas-init. sh)
	524	if ! git clone --d epth 1 htt ps://${BBU SER}:${BBP ASS}@${TAS SRC} >> ${ LOGFILE} 2 >&1 ; then
	525	DEBUG "${SHOWFAI L}"
	526	DEBUG " Error ob taining pl aybook -- check the logfile @ ${LOGFILE} "
	527	DEBUG " However, the most likely err or is bad BitBucket permission s"
	528	DEBUG " Still, t his is for the follo w-on build -- THIS b uild will continue"
	529	LOGTXT "Sorry! g it clone o f ${TASSRC } failed.. . Continui ng with MA G-INIT"
	530	fi
	531
	532	cd "${ST ARTDIR}"
	533	rm -rf " ${SECURITY DIR}"
	534	LOGTXT " Exiting In stallSecur ity"
	535	}
	536	#
	537	# THIS IS THE START OF ACTUAL PROCESSING
	538	#
	539	#
	540	LOGTXT "St arting $0 at `date`"
	541	EDEBUG ${C LEAR}
	542	DEBUG "Wel come to th e MAG Syst em Prepara tion Scrip t."
	543	DEBUG "We need to co nfirm and/ or set som e things u p before w e can inte grate"
	544	DEBUG "thi s system i nto MAG. P lease pay close atte ntion to t he output below:"
	545	DEBUG "Add itionally, a log fil e is creat ed at ${LO GFILE}"
	546	DEBUG " "
	547
	548	# We do as much as w e can in A nsible Pla ybooks, wh ich in thi s script a re
	549	# found in the Insta llSecurity routine. Everything done BEFO RE that is done
	550	# to valid ate and in stall git (where we get our pl aybook fro m) and ans ible
	551	# (which r uns the pl aybook)
	552	ReadArgs $ *
	553	# DetectSy stem makes sure we'r e running in the env ironment w e think we are
	554	DetectSyst em
	555	# Set DNS is require d, because we need t o access V A resource s to subsc ribe
	556	# to the V A RedHat R epositorie s
	557	SetDNS
	558	# With DNS set, we c an access the vasat servers to register for RH upd ates
	559	# If you d on't have a license key for th is, you ar e unable t o continue , as
	560	# you do n ot have a source for git and/o r ansible -- which a re require d
	561	SetRepos
	562	# Now that we're con nected to the RedHat YUM repos (via the VA Satelli te
	563	# server), we can ad d git and ansible to our syste m -- which will allo w
	564	# us to do all of th e IMPORTAN T work
	565	GetGITAnsi ble
	566	# InstallS ecurity ve rifies and changes t he system to conform to the VA
	567	# publicat ion "VA Ba seline Con figuration and Secur ity Standa rd RHEL 7"
	568	# As-of th e writing of this sc ript we ar e followin g version 1.1 (2017- 08-10)
	569	# HOWEVER, changes m ade becaus e of updat es/modific ations to this docum ent
	570	# will act ually appe ar in, and be reflec ted in, th e playbook called in the
	571	# InstallS ecurity pr ocedure
	572	InstallSec urity
	573	#
	574	# When we are done, and assumi ng there w asn't an e rror (if t here was, we
	575	# won't ge t this far -- the sc ript exits when fata l errors a re found)
	576	# we WARN the intera ctive user that a re boot is co ming -- th ey have
	577	# time the n to cance l (without losing an ything) th e reboot c ommand.
	578	LOGTXT "Co mpleted $0 at `date` "
	579	DEBUG "All done... e verything passed. Re booting sy stem in 30 seconds f or initial use"
	580	DEBUG " NO TE: We hav e just ins talled a I DE system that will need to in itialized. "
	581	DEBUG " Th e system w ill take A T LEAST 15 minutes t o be avail able at ne xt boot!"
	582	DEBUG " "
	583	DEBUG "Pre ss CTRL-C to abort t he reboot"
	584	sleep 30
	585	rm -f $0
	586	init 6