From 5d3295c86c853e99a1c76820ce9ff0fd081ee8c4 Mon Sep 17 00:00:00 2001 From: Robb Ebright Date: Wed, 1 Jan 2020 21:03:30 -0500 Subject: [PATCH] first stab at icecast password change on install --- airtime_mvc/public/setup/database-setup.php | 21 +++++++++++++++++++ install | 9 ++++++++ installer/lib/requirements-debian-buster.apt | 2 ++ installer/lib/requirements-debian-jessie.apt | 2 ++ installer/lib/requirements-debian-stretch.apt | 2 ++ installer/lib/requirements-ubuntu-bionic.apt | 2 ++ installer/lib/requirements-ubuntu-precise.apt | 2 ++ installer/lib/requirements-ubuntu-xenial.apt | 2 ++ ...uirements-ubuntu-xenial_docker_minimal.apt | 2 ++ 9 files changed, 44 insertions(+) diff --git a/airtime_mvc/public/setup/database-setup.php b/airtime_mvc/public/setup/database-setup.php index 17038ac74..bbbecd9fc 100644 --- a/airtime_mvc/public/setup/database-setup.php +++ b/airtime_mvc/public/setup/database-setup.php @@ -79,6 +79,7 @@ class DatabaseSetup extends Setup { $this->setNewDatabaseConnection(self::$_properties["dbname"]); $this->checkSchemaExists(); $this->createDatabaseTables(); + $this->updateIcecastPassword(); } /** @@ -175,5 +176,25 @@ class DatabaseSetup extends Setup { array(self::DB_NAME,)); } } + /** + * Updates the icecast password in the database based upon the temp file created during install + * @throws AirtimeDatabaseException + */ + private function updateIcecastPassword() { + if (!file_exists(LIBRETIME_CONF_DIR . '/icecast_pass')) { + throw new AirtimeDatabaseException("The Icecast Password file was not accessible", array()); + }; + $icecastPass = file_get_contents(LIBRETIME_CONF_DIR . '/icecast_pass', true); + error_log($icecastPass); + $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_pass' AND SET value = :icecastpass WHERE keyname = 's1_admin_pass'; " + . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's2_pass'; " + . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's2_admin_pass'; " + . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's3_pass'; " + . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's3_admin_pass'; " + . "INSERT INTO cc_pref (keystr, valstr) VALUES ('default_icecast_password', :icecastpass )"); + if (!$statement->execute(array(":icecastpass" => $icecastPass))) { + throw new AirtimeDatabaseException("Could not update the database with icecast password!", array()); + } + } } diff --git a/install b/install index 1dcd695b5..b1b8a1f42 100755 --- a/install +++ b/install @@ -894,6 +894,12 @@ if [ "$icecast" = "t" ]; then else icecast_unit_name="icecast" fi + icecast_pass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-12};echo;) + echo $icecast_pass > /tmp/icecast_pass + xmlstarlet ed --inplace -u /icecast/authentication/source-password -v $icecast_pass /etc/icecast2/icecast.xml + xmlstarlet ed --inplace -u /icecast/authentication/relay-password -v $icecast_pass /etc/icecast2/icecast.xml + xmlstarlet ed --inplace -u /icecast/authentication/admin-password -v $icecast_pass /etc/icecast2/icecast.xml + # restart in case icecast was already started (like is the case on debian) systemInitCommand restart ${icecast_unit_name} verbose "...Done" @@ -1100,6 +1106,9 @@ if [ ! -d "/etc/airtime" ]; then mkdir /etc/airtime fi +# need to copy the icecast_pass from temp to /etc/airtime so installer can read it + cp /tmp/icecast_pass /etc/airtime/icecast_pass + chown -R ${web_user}:${web_user} /etc/airtime diff --git a/installer/lib/requirements-debian-buster.apt b/installer/lib/requirements-debian-buster.apt index e50bd7aed..5c665ec07 100644 --- a/installer/lib/requirements-debian-buster.apt +++ b/installer/lib/requirements-debian-buster.apt @@ -67,3 +67,5 @@ liquidsoap libopus0 systemd-sysv + +xmlstarlet diff --git a/installer/lib/requirements-debian-jessie.apt b/installer/lib/requirements-debian-jessie.apt index 548835c90..4e22102cc 100644 --- a/installer/lib/requirements-debian-jessie.apt +++ b/installer/lib/requirements-debian-jessie.apt @@ -63,3 +63,5 @@ libopus0 sysvinit sysvinit-utils + +xmlstarlet diff --git a/installer/lib/requirements-debian-stretch.apt b/installer/lib/requirements-debian-stretch.apt index 5f11226cb..c71175f6a 100644 --- a/installer/lib/requirements-debian-stretch.apt +++ b/installer/lib/requirements-debian-stretch.apt @@ -67,3 +67,5 @@ liquidsoap libopus0 systemd-sysv + +xmlstarlet diff --git a/installer/lib/requirements-ubuntu-bionic.apt b/installer/lib/requirements-ubuntu-bionic.apt index 08e6f21a6..58be7819f 100644 --- a/installer/lib/requirements-ubuntu-bionic.apt +++ b/installer/lib/requirements-ubuntu-bionic.apt @@ -81,3 +81,5 @@ build-essential libssl-dev libffi-dev python-dev + +xmlstarlet diff --git a/installer/lib/requirements-ubuntu-precise.apt b/installer/lib/requirements-ubuntu-precise.apt index 7c217f659..ed31b628f 100644 --- a/installer/lib/requirements-ubuntu-precise.apt +++ b/installer/lib/requirements-ubuntu-precise.apt @@ -70,3 +70,5 @@ liquidsoap-plugin-pulseaudio liquidsoap-plugin-taglib liquidsoap-plugin-voaacenc liquidsoap-plugin-vorbis + +xmlstarlet diff --git a/installer/lib/requirements-ubuntu-xenial.apt b/installer/lib/requirements-ubuntu-xenial.apt index 70336c10c..41381915f 100644 --- a/installer/lib/requirements-ubuntu-xenial.apt +++ b/installer/lib/requirements-ubuntu-xenial.apt @@ -81,3 +81,5 @@ build-essential libssl-dev libffi-dev python-dev + +xmlstarlet diff --git a/installer/lib/requirements-ubuntu-xenial_docker_minimal.apt b/installer/lib/requirements-ubuntu-xenial_docker_minimal.apt index 6d414ba2d..09c94f817 100644 --- a/installer/lib/requirements-ubuntu-xenial_docker_minimal.apt +++ b/installer/lib/requirements-ubuntu-xenial_docker_minimal.apt @@ -76,3 +76,5 @@ build-essential libssl-dev libffi-dev python-dev + +xmlstarlet