Version 0.0.2 adding SElinux info

Author: innovara

rpmbuild/BUILD/sysmotd/README.txt

@@ -0,0 +1,129 @@
+Summary
+=======
+
+sysmotd is essentially a shell script that produces a Message Of The Day
+(MOTD) including system information and statistics.
+
+It has been developed and tested on Fedora Linux and it might work on
+other Red Hat-based distributions with very small tweaks. It should also
+be relatively simple to port to other distributions that do not have
+their own dynamic MOTD generator.
+
+As of time of writting, Fedora only uses pam_motd.so for ssh log ins.
+
+How it looks like
+=================
+
+A picture is worth a thousand words.
+
+Background
+==========
+
+I am a long term Fedora user. Having worked with some Ubuntu servers
+lately, I found myself missing the system information and statistics
+that you get when you log in. When I installed Fedora 37 on a Raspberry
+Pi4, I saw that cockpit would generate a MOTD, and I decided to research
+a bit to find out if I could add my own message with some system statistics in
+it.
+
+Out of the various sources I found, I would like to give credit to a
+couple that helped me a lot in getting the information that I wanted and
+what tools to use.
+
+[1] https://github.com/angela-d/motd-for-centos
+
+[2] https://gist.github.com/cha55son/6042560
+
+While those sources gave me a good start, I wanted to reduce the number
+of dependencies to a minimum and to make the dynamic part of the MOTD as
+efficient as possible. Hence I re-wrote re-wrote those and started
+looking into how to avoid using the user's profile to trigger the
+script. That leads us to the next section.
+
+Structure and how it works
+==========================
+
+My understanding is that Debian and Ubuntu distribute a patched version
+of pam_motd.so. Theirs runs scripts in /etc/update-motd.d. Also, their
+PAM configuration includes lines for static and dyanamic MOTDs.
+
+[3] https://wiki.debian.org/motd
+
+Using a patched version of pam\_motd.so would have been the preferred
+approach since the script updating the dynamic part of the MOTD would only 
+run when a user logged in. However, I didn't know how difficult it would
+be to get a change like that approved for Fedora. My assumption was, and
+still is, that the people behind Fedora or Red Hat know that Debian and
+Ubuntu are using this dynamic MOTD approach and if they have not
+implemented it yet, it is because they have some valid reasons.
+
+Having made that assumption, I resorted to use a systemd service to call 
+the script and a timer to call the service, every minute. However, not all the
+parts of the script that generate the corresponding part of the MOTD run
+every minute.
+
+So, sysmotd is comprised of:
+
+### /usr/libexec/sysmotd
+
+The shell script. It produces 3 files which are saved under
+/run/motd.d
+
+-   00-sysmotd-header.motd: colorful header that changes every 60
+    minutes.
+-   01-sysmotd-sysinfo.motd: system information which is updated every
+    60 seconds.
+-   02-sysmotd-updates.motd: updates available which is updated every 60
+    minutes. It uses Fedora's own dnf cache which runs whenever it runs.
+
+### /usr/lib/systemd/system/sysmotd.service
+
+A systemd service to run the script. It is disabled and it should stay
+like that.
+
+### /usr/lib/systemd/system/sysmotd.timer
+
+A systemd timer to run the service every 60 seconds. The script works
+out which parts of the MOTD to update. It is enabled and started when
+the dnf package is installed.
+
+### /usr/lib/systemd/system-preset/50-sysmotd.preset
+
+A systemd preset file to disable sysmotd.service and enable
+sysmotd.timer by default.
+
+In summary, what you get when you install sysmotd is a systemd timer
+that every 60 seconds runs a service, that runs a script, which in turn
+updates the header every 60 minutes, system's information every 60
+seconds, and the updates available every 60 minutes too.
+
+How to install sysmotd and dependencies
+=======================================
+
+These are the Fedora packages that you need to have installed for
+sysmotd to work:
+
+bash
+coreutils
+dnf
+figlet
+findutils
+gawk
+lolcat
+procps-ng
+systemd
+
+Most systems will have all of them installed apart from figlet and
+lolcat.
+
+To install sysmotd and its dependencies, my recommendation is to
+download the rpm package under rpmbuild/RPMS/noarch in this repo, and
+install it with dnf.
+
+    sudo dnf install sysmotd-0.0.1-1.fc37.noarch.rpm
+
+If you rather not install a package from an unknown source, and I
+wouldn't blame you for that, you can clone this repo and, after
+inspecting the files listed under the structure section, copy them to
+their respective folders. Please note that if you do this, and you are
+running selinux enforced, you will have to fix the context of the files.

rpmbuild/BUILD/sysmotd/sysmotd

@@ -21,9 +21,9 @@
 
 # directory where the motd files will live
 rundir="/run/motd.d"
-header="$rundir/00-header.motd"
-sysinfo="$rundir/01-sysinfo.motd"
-updates="$rundir/02-updates.motd"
+header="$rundir/00-sysmotd-header.motd"
+sysinfo="$rundir/01-sysmotd-sysinfo.motd"
+updates="$rundir/02-sysmotd-updates.motd"
 
 # some variables
 . /etc/os-release
@@ -33,15 +33,15 @@ hostname=$(uname -n)
 
 # uptime
 uptime=$(awk '{print int($1)}' /proc/uptime)
-upDays=$((uptime/60/60/24))
-upHours=$((uptime/60/60%24))
-upMins=$((uptime/60%60))
-upSecs=$((uptime%60))
+up_days=$((uptime/60/60/24))
+up_hours=$((uptime/60/60%24))
+up_mins=$((uptime/60%60))
+up_secs=$((uptime%60))
 
 # avg load
-load1=$(awk '{print $1}' /proc/loadavg)
-load5=$(awk '{print $2}' /proc/loadavg)
-load15=$(awk '{print $3}' /proc/loadavg)
+load_1=$(awk '{print $1}' /proc/loadavg)
+load_5=$(awk '{print $2}' /proc/loadavg)
+load_15=$(awk '{print $3}' /proc/loadavg)
 
 # memory
 mem_total=$(awk '/MemTotal/ {print $2;}' /proc/meminfo)
@@ -62,6 +62,13 @@ users=$(users | wc -w)
 # processes
 processes=$(ps aux --no-headers | wc -l)
 
+# SELinux
+se_status=$(sestatus | awk '/^SELinux status:/ {print $3;}')
+if [[ "$se_status" != "disabled" ]]; then
+       semode=$(sestatus | awk '/^Current mode/ {print ($3);}')
+       se_status="${se_status} (${semode})"
+fi
+
 ### MOTD ###
 
 # colourful header. Updated every 60 minutes only but no real performance gain
@@ -77,13 +84,14 @@ echo -e "Welcome to ${PRETTY_NAME} ($(uname -o) $(uname -r))
 
 System information as of $(date)
 
-Hostname:\t${hostname}\t\tMemory usage:\t$((${mem_used}/1024))/$((${mem_total}/1024))M (${mem_perc}%)
-Uptime:\t\t${upDays}d ${upHours}h ${upMins}m ${upSecs}s\t\t\tSwap usage:\t$((${swap_used}/1024))/$((${swap_total}/1024))M (${swap_perc}%)
-Load 1-5-15min:\t${load1}-${load5}-${load15}\t\t\tUsage of /:\t${root_used}/${root_total} (${root_perc})
-Processes:\t${processes}\t\t\t\tUsers:\t\t${users}
+Hostname:\t${hostname}
+Uptime:\t\t${up_days}d ${up_hours}h ${up_mins}m ${up_secs}s\t\t\tUsage of /:\t${root_used}/${root_total} (${root_perc})
+Load 1-5-15min:\t${load_1}-${load_5}-${load_15}\t\t\tSElinux:\t${se_status}
+Memory usage:\t$((${mem_used}/1024))/$((${mem_total}/1024))M (${mem_perc}%)\t\t\tProcesses:\t${processes}
+Swap usage:\t$((${swap_used}/1024))/$((${swap_total}/1024))M (${swap_perc}%)\t\t\tUsers:\t\t${users}
 " > $sysinfo
 
-# updates available updated every 60 minutes using CACHE.
+# available updates refreshes every 60 minutes using CACHE.
 # dnf's cache is updated by the system using its own service and timer. The conservative 
 # approach is to not to change this.
 NEED_UPDATE="FALSE"
@@ -98,4 +106,4 @@ if [[ "$NEED_UPDATE" = "TRUE" ]]; then
     else
        echo -e "There were ${n_updates} updates available when last checked.\n" > $updates
     fi
-fi
+fi

rpmbuild/BUILD/sysmotd/sysmotd.preset

@@ -0,0 +1,2 @@
+disable sysmotd.service
+enable sysmotd.timer

rpmbuild/RPMS/noarch/sysmotd-0.0.2-1.fc38.noarch.rpm

@@ -1,5 +1,5 @@
 Name:           sysmotd
-Version:        0.0.1
+Version:        0.0.2
 Release:        1%{?dist}
 Summary:        Generates a MOTD (Message Of The Day) including system information on Fedora Linux
 BuildArch:      noarch
@@ -67,5 +67,8 @@ rm -f /run/motd.d/*%{name}*
 
 
 %changelog
+* Thu Apr 27 2023 Manuel Fombuena <mfombuena@innovara.co.uk>
+- Version 0.0.2 adding SElinux info
+
 * Mon Dec 26 2022 Manuel Fombuena <mfombuena@innovara.co.uk>
 - First version being packaged

rpmbuild/SOURCES/sysmotd-0.0.2.tar.gz

@@ -2,7 +2,7 @@ Summary
 =======
 
 sysmotd is essentially a shell script that produces a Message Of The Day
-(MOTD) which includes system information and statistics.
+(MOTD) including system information and statistics.
 
 It has been developed and tested on Fedora Linux and it might work on
 other Red Hat-based distributions with very small tweaks. It should also
@@ -23,7 +23,7 @@ I am a long term Fedora user. Having worked with some Ubuntu servers
 lately, I found myself missing the system information and statistics
 that you get when you log in. When I installed Fedora 37 on a Raspberry
 Pi4, I saw that cockpit would generate a MOTD, and I decided to research
-a bit to find out if I could add my own with some system statistics on
+a bit to find out if I could add my own message with some system statistics in
 it.
 
 Out of the various sources I found, I would like to give credit to a
@@ -34,9 +34,9 @@ what tools to use.
 
 [2] https://gist.github.com/cha55son/6042560
 
-While these sources gave me a good start, I wanted to reduce the number
-of dependencies to a minimum and make the dynamic part of the MOTD as
-efficient as possible, so I soon re-wrote most of the stuff and started
+While those sources gave me a good start, I wanted to reduce the number
+of dependencies to a minimum and to make the dynamic part of the MOTD as
+efficient as possible. Hence I re-wrote re-wrote those and started
 looking into how to avoid using the user's profile to trigger the
 script. That leads us to the next section.
 
@@ -50,15 +50,15 @@ PAM configuration includes lines for static and dyanamic MOTDs.
 [3] https://wiki.debian.org/motd
 
 Using a patched version of pam\_motd.so would have been the preferred
-approach, since the script updating the dynamic part of the MOTD only
-runs when a user logs in. However, I didn't know how difficult it would
+approach since the script updating the dynamic part of the MOTD would only 
+run when a user logged in. However, I didn't know how difficult it would
 be to get a change like that approved for Fedora. My assumption was, and
 still is, that the people behind Fedora or Red Hat know that Debian and
 Ubuntu are using this dynamic MOTD approach and if they have not
 implemented it yet, it is because they have some valid reasons.
 
-In that context, I resorted to use a systemd service to call the script
-and a timer to call the service, every minute. However, not all the
+Having made that assumption, I resorted to use a systemd service to call 
+the script and a timer to call the service, every minute. However, not all the
 parts of the script that generate the corresponding part of the MOTD run
 every minute.
 
@@ -126,4 +126,4 @@ If you rather not install a package from an unknown source, and I
 wouldn't blame you for that, you can clone this repo and, after
 inspecting the files listed under the structure section, copy them to
 their respective folders. Please note that if you do this, and you are
-running selinux enforced, you will have to fix the context of the files.
+running selinux enforced, you will have to fix the context of the files.

rpmbuild/SPECS/sysmotd.spec

@@ -33,15 +33,15 @@ hostname=$(uname -n)
 
 # uptime
 uptime=$(awk '{print int($1)}' /proc/uptime)
-upDays=$((uptime/60/60/24))
-upHours=$((uptime/60/60%24))
-upMins=$((uptime/60%60))
-upSecs=$((uptime%60))
+up_days=$((uptime/60/60/24))
+up_hours=$((uptime/60/60%24))
+up_mins=$((uptime/60%60))
+up_secs=$((uptime%60))
 
 # avg load
-load1=$(awk '{print $1}' /proc/loadavg)
-load5=$(awk '{print $2}' /proc/loadavg)
-load15=$(awk '{print $3}' /proc/loadavg)
+load_1=$(awk '{print $1}' /proc/loadavg)
+load_5=$(awk '{print $2}' /proc/loadavg)
+load_15=$(awk '{print $3}' /proc/loadavg)
 
 # memory
 mem_total=$(awk '/MemTotal/ {print $2;}' /proc/meminfo)
@@ -62,6 +62,13 @@ users=$(users | wc -w)
 # processes
 processes=$(ps aux --no-headers | wc -l)
 
+# SELinux
+se_status=$(sestatus | awk '/^SELinux status:/ {print $3;}')
+if [[ "$se_status" != "disabled" ]]; then
+       semode=$(sestatus | awk '/^Current mode/ {print ($3);}')
+       se_status="${se_status} (${semode})"
+fi
+
 ### MOTD ###
 
 # colourful header. Updated every 60 minutes only but no real performance gain
@@ -77,13 +84,14 @@ echo -e "Welcome to ${PRETTY_NAME} ($(uname -o) $(uname -r))
 
 System information as of $(date)
 
-Hostname:\t${hostname}\t\tMemory usage:\t$((${mem_used}/1024))/$((${mem_total}/1024))M (${mem_perc}%)
-Uptime:\t\t${upDays}d ${upHours}h ${upMins}m ${upSecs}s\t\t\tSwap usage:\t$((${swap_used}/1024))/$((${swap_total}/1024))M (${swap_perc}%)
-Load 1-5-15min:\t${load1}-${load5}-${load15}\t\t\tUsage of /:\t${root_used}/${root_total} (${root_perc})
-Processes:\t${processes}\t\t\t\tUsers:\t\t${users}
+Hostname:\t${hostname}
+Uptime:\t\t${up_days}d ${up_hours}h ${up_mins}m ${up_secs}s\t\t\tUsage of /:\t${root_used}/${root_total} (${root_perc})
+Load 1-5-15min:\t${load_1}-${load_5}-${load_15}\t\t\tSElinux:\t${se_status}
+Memory usage:\t$((${mem_used}/1024))/$((${mem_total}/1024))M (${mem_perc}%)\t\t\tProcesses:\t${processes}
+Swap usage:\t$((${swap_used}/1024))/$((${swap_total}/1024))M (${swap_perc}%)\t\t\tUsers:\t\t${users}
 " > $sysinfo
 
-# updates available updated every 60 minutes using CACHE.
+# available updates refreshes every 60 minutes using CACHE.
 # dnf's cache is updated by the system using its own service and timer. The conservative 
 # approach is to not to change this.
 NEED_UPDATE="FALSE"
@@ -98,4 +106,4 @@ if [[ "$NEED_UPDATE" = "TRUE" ]]; then
     else
        echo -e "There were ${n_updates} updates available when last checked.\n" > $updates
     fi
-fi
+fi