blob: c385869e97ea36287ea128b52cf9fa552fa79bb1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
|
pre_install() {
SPLUNK_HOME="/opt/splunk"
group_exists=no
# Try to test for group existence in a 'modern' fashion
if which getent >/dev/null; then
if getent group splunk >/dev/null; then
group_exists=yes
fi
# or fall back
elif grep '^splunk:' /etc/group >/dev/null; then
group_exists=yes
fi
if [ "${group_exists}"x = nox ]; then
groupadd splunk
fi
if id splunk > /dev/null 2>&1; then
: #user already exists
else
useradd -c "Splunk Server" -d $SPLUNK_HOME -s /bin/bash -g splunk splunk
fi
}
post_install() {
SPLUNK_HOME="/opt/splunk"
if [ ! -f "$SPLUNK_HOME/etc/splunk-launch.conf" ]; then
sed "s%# SPLUNK_HOME=.*%SPLUNK_HOME=$SPLUNK_HOME%g" "$SPLUNK_HOME/etc/splunk-launch.conf.default" > "$SPLUNK_HOME/etc/splunk-launch.conf"
fi
# Build the post-install message in steps:
touch "$SPLUNK_HOME/ftr"
echo "-------------------------------------------------------------------------" > "$SPLUNK_HOME/ftr"
echo "Splunk has been installed in:" >> "$SPLUNK_HOME/ftr"
echo " $SPLUNK_HOME" >> "$SPLUNK_HOME/ftr"
echo "" >> "$SPLUNK_HOME/ftr"
echo "To start Splunk, run the command:" >> "$SPLUNK_HOME/ftr"
echo " $SPLUNK_HOME/bin/splunk start" >> "$SPLUNK_HOME/ftr"
echo "" >> "$SPLUNK_HOME/ftr"
echo "" >> "$SPLUNK_HOME/ftr"
echo "To use the Splunk web interface, point your browser to:" >> "$SPLUNK_HOME/ftr"
echo " http://$HOSTNAME:8000" >> "$SPLUNK_HOME/ftr"
echo "" >> "$SPLUNK_HOME/ftr"
echo "" >> "$SPLUNK_HOME/ftr"
echo "Complete documentation is at http://docs.splunk.com/Documentation/Splunk" >> "$SPLUNK_HOME/ftr"
echo "-------------------------------------------------------------------------" >> "$SPLUNK_HOME/ftr"
echo "Splunk has been installed to $SPLUNK_HOME"
echo "You can start Splunk by running 'systemctl start splunk'"
chown -R splunk:splunk "$SPLUNK_HOME"
}
pre_upgrade() {
SPLUNK_HOME="/opt/splunk"
echo "Attempting to stop the installed Splunk Server..."
$SPLUNK_HOME/bin/splunk stop
systemctl stop splunk
group_exists=no
# Try to test for group existence in a 'modern' fashion
if which getent >/dev/null; then
if getent group splunk >/dev/null; then
group_exists=yes
fi
# or fall back
elif grep '^splunk:' /etc/group >/dev/null; then
group_exists=yes
fi
if [ "${group_exists}"x = nox ]; then
groupadd splunk
fi
if id splunk > /dev/null 2>&1; then
: #user already exists
else
useradd -c "Splunk Server" -d $SPLUNK_HOME -s /bin/bash -g splunk splunk
fi
}
post_upgrade() {
SPLUNK_HOME="/opt/splunk"
# Build the post-upgrade message in steps:
touch "$SPLUNK_HOME/ftr"
echo "-------------------------------------------------------------------------" > "$SPLUNK_HOME/ftr"
echo "Splunk has been updated in:" >> "$SPLUNK_HOME/ftr"
echo " $SPLUNK_HOME" >> "$SPLUNK_HOME/ftr"
echo "" >> "$SPLUNK_HOME/ftr"
echo "To start Splunk, run the command:" >> "$SPLUNK_HOME/ftr"
echo " $SPLUNK_HOME/bin/splunk start" >> "$SPLUNK_HOME/ftr"
echo "" >> "$SPLUNK_HOME/ftr"
echo "" >> "$SPLUNK_HOME/ftr"
echo "To use the Splunk web interface, point your browser to:" >> "$SPLUNK_HOME/ftr"
echo " http://$HOSTNAME:8000" >> "$SPLUNK_HOME/ftr"
echo "" >> "$SPLUNK_HOME/ftr"
echo "" >> "$SPLUNK_HOME/ftr"
echo "Complete documentation is at http://docs.splunk.com/Documentation/Splunk" >> "$SPLUNK_HOME/ftr"
echo "-------------------------------------------------------------------------" >> "$SPLUNK_HOME/ftr"
echo "Splunk has been upgraded in $SPLUNK_HOME"
echo "Run 'systemctl start splunk' to complete the upgrade."
chown -R splunk:splunk "$SPLUNK_HOME"
}
pre_remove() {
SPLUNK_HOME="/opt/splunk"
echo "Attempting to stop the installed Splunk Server..."
$SPLUNK_HOME/bin/splunk stop
systemctl stop splunk
}
post_remove() {
SPLUNK_HOME="/opt/splunk"
# Remove any remaining files
rm -rf $SPLUNK_HOME
# Remove splunk user/group if there are no other splunk packages
if [ `pacman -Q | grep splunk | wc -l` -eq 1 ]; then
if id splunk > /dev/null 2>&1; then
userdel -r splunk
fi
group_exists=no
# Try to test for group existence in a 'modern' fashion
if which getent >/dev/null; then
if getent group splunk >/dev/null; then
group_exists=yes
fi
# or fall back
elif grep '^splunk:' /etc/group >/dev/null; then
group_exists=yes
fi
if [ "${group_exists}"x = yesx ]; then
groupdel splunk
fi
fi
}
|