Newly created file becomes 0 kb (data gets overwri

2019-03-04 13:04发布

I'm having a strange problem that's driving me crazy! The task in hand is to start one set of files during the first login of "root" user and another set of files during the second login of the same user. I decided to use the ".profile" and ".bashrc" files and to reload the ".bashrc" file towards the end of the task happening during the first login.

During the first login, I create a private key and certificate signing request, and call an API to get the certificate. I store this certificate and private key in a file location and then modify the ".bashrc" to invoke the second set of files, which make use of this certificate and key to authenticate an application to run.

The problem is that the certificate and key are overwritten and become null randomly after the first boot. I've attached the code below for your review.

FIRST SET OF FILES

".profile" script

# .bash_profile
umask 022
if [ -f ~/.bashrc ]; then
    source ~/.bashrc
fi

".bashrc" script

/myFolder/backgroundTask1.sh &
/myFolder/certificateGenerator.sh

backgroundTask1.sh script

pipe=/myFolder/testpipe
if [[ ! -p $pipe ]]; then
    mkfifo $pipe
fi

while true
do
    ## Do some status LED blinking task here
done &

while true
do
    if read line < $pipe; then
        if [[ "$line" == 'success' ]]; then
           ## Kill the background LED blinking task created in the above while loop
           kill $!
           rm $pipe
           exit
        elif [[ "$line" == 'failed' ]]; then
           kill $!
           rm $pipe
           exit
        fi
    fi
done

certificateGenerator.sh script

PLEASE NOTE THE LAST FEW LINES WHERE I MODIFY THE BASHRC SCRIPT

Please also note the files /anotherFolder/myKey.key and /anotherFolder/myCert.crt

#!/bin/bash
## Named pipe location for communicating to backgroundTask1
pipe=/myFolder/testpipe
openssl req -new -newkey rsa:2048 -nodes -out certificateSigningRequest.csr -keyout /anotherFolder/myKey.key -subj "/C=myCountry/ST=myState/L=myCity/O=myCompany/OU=myOU/CN=myDevice"
cert_req=$(<$certificateSigningRequest.csr)

## Get AD token from Azure for talking to my custom API hosted on Azure
response=$(curl -o - -s -w "%{http_code}\n" -X POST \
    https://login.microsoftonline.com/myCompany.onmicrosoft.com/oauth2/token \
    -H 'content-type: application/x-www-form-urlencoded' \
    -d 'grant_type=client_credentials&resource=https%3A%2F%2Fmanagement.core.windows.net%2F&client_id=myClientID&client_secret=mySecret')
if [ $?==0 ]; then
    status=$(echo $response | tail -c 4)
    body=${response::-3}
    token=$(echo $body | jq -r '.access_token')
fi

## Send CSR to my custom API to get certificate
response=$(jq -n --arg csr "$cert_req" \
             '{
                 cert: {
                     csr: $csr
                 }
             }' |
         curl -o - -s -w "%{http_code}\n" -X POST \
             https://myCustomAPI.azurewebsites.net/api/v1/customEndpoint \
             -H "authorization: Bearer $token" \
             -H "content-type: application/json" \
             -d @-
)        

## Parse the response to find out if the request succeeded
if [ $?==0 ]; then
    destCertDir=/anotherFolder/myCert.crt
    status=$(echo $response | tail -c 4)
    body=${response::-3}
    cert=$(echo $body | jq -r '.certificate')
    if [ "$status" == "$http_success" ]; then
        echo "$cert" > "$destCertDir"
        ## Change .bashrc for next boot
        echo '/myFolder/backgroundTask2.sh &' > ~/.bashrc
        echo '/myFolder/applicationAuthenticator.sh' >> ~/.bashrc
        echo "success" > $pipe
        exit
    fi
fi

SECOND SET OF FILES

".profile" script

# .bash_profile
umask 022
if [ -f ~/.bashrc ]; then
    source ~/.bashrc
fi

".bashrc" script

/myFolder/backgroundTask2.sh &
/myFolder/applicationAuthenticator.sh

backgroundTask2.sh script

pipe=/myFolder/testpipe2
if [[ ! -p $pipe ]]; then
    mkfifo $pipe
fi

while true
do
    ## Do some status LED blinking task here
done &

while true
do
    if read line < $pipe; then
        if [[ "$line" == 'success' ]]; then
           ## Kill the background LED blinking task created in the above while loop
           kill $!
           rm $pipe
           exit
        elif [[ "$line" == 'failed' ]]; then
           kill $!
           rm $pipe
           exit
        fi
    fi
done

applicationAuthenticator.sh script

PLEASE NOTE HOW I MODIFY BASHRC TO STARTUP NORMAL FROM NEXT REBOOT TOWARDS THE END OF THIS SCRIPT

#!/bin/bash
## Named pipe location for communicating to backgroundTask2
pipe=/myFolder/testpipe2

response=$(curl https://myProduct/myCustomAPI.com \
           --cert /anotherFoler/myCert.crt --key /anotherFolder/myKey.key \
           -H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8' \
           -d 'data=xxx')
if [[ $response == 204 ]; then
    echo '' > ~/.bashrc
    echo "success" > $pipe
    exit
else
    echo "failed" > $pipe
    exit
fi

Problem Even thought the first set of files create the key and certificate, they are overwritten to NULL after the first reboot.

To make sure that they exist before reboot, I go to the location "/anotherFolder" and check the files physically. They have the full key and certificate before reboot. When I reboot and see that the script fails, the same key and certificate files (which had actual data before reboot) now have NULL values.

0条回答
登录 后发表回答