From 7a4831dbd03a2600b194c1ec6b29919fbb6f3a1f Mon Sep 17 00:00:00 2001 From: "Kay Marquardt (Gnadelwartz)" Date: Tue, 2 Apr 2019 21:43:38 +0200 Subject: [PATCH 1/9] disable clear and color output for bashbot.rc --- bashbot.rc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/bashbot.rc b/bashbot.rc index 631f20e..821471f 100755 --- a/bashbot.rc +++ b/bashbot.rc @@ -1,7 +1,7 @@ #!/bin/sh # description: Start or stop telegram-bash-bot # -#### $$VERSION$$ v0.5-rc-4-g92e9e9c +#### $$VERSION$$ v0.5-rc-5-g352c64f # ### BEGIN INIT INFO # Provides: bashbot @@ -12,6 +12,7 @@ # Description: Start or stop telegram-bot-bash server ### END INIT INFO +TERM="" # disable bashbot clear and color output runas="root" # not recommended! runcmd="echo Dry run:" # not actived until you edit lines below From c075ea601ec09e897b78658853f5fbf0230165b7 Mon Sep 17 00:00:00 2001 From: "Kay Marquardt (Gnadelwartz)" Date: Wed, 3 Apr 2019 12:58:48 +0200 Subject: [PATCH 2/9] add botname to startbot --- bashbot.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bashbot.sh b/bashbot.sh index cb56652..1a85d23 100755 --- a/bashbot.sh +++ b/bashbot.sh @@ -10,7 +10,7 @@ # This file is public domain in the USA and all free countries. # Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying) # -#### $$VERSION$$ v0.5-rc-4-g92e9e9c +#### $$VERSION$$ v0.5-rc-6-g7a4831d # # Exit Codes: # - 0 sucess (hopefully) @@ -546,7 +546,7 @@ case "$1" in "start") $CLEAR tmux kill-session -t $ME&>/dev/null - tmux new-session -d -s $ME "bash $SCRIPT startbot" && echo -e "${GREEN}Bot started successfully.${NC}" + tmux new-session -d -s $ME "bash $SCRIPT startbot $ME" && echo -e "${GREEN}Bot started successfully.${NC}" echo "Tmux session name $ME" || echo -e "${RED}An error occurred while starting the bot. ${NC}" send_markdown_message "${CHAT[ID]}" "*Bot started*" ;; From 7a1c01dfb15af4e09b53dec3823795d60b67a122 Mon Sep 17 00:00:00 2001 From: "Kay Marquardt (Gnadelwartz)" Date: Thu, 4 Apr 2019 12:45:31 +0200 Subject: [PATCH 3/9] explain to use sudo with bashbot.rc --- README.md | 39 ++++++++++++++++++++++++++++----------- bashbot.rc | 34 +++++++++++++++++++++------------- 2 files changed, 49 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index c31e743..7dd5d5e 100644 --- a/README.md +++ b/README.md @@ -386,29 +386,46 @@ E.g. the Emoticons ``` 😁 😘 ❤️ 😊 👍 ``` are encoded as: Bashbot is desingned to run manually by the user who installed it. Nevertheless it's possible to run it by an other user-ID, as a system service or sceduled from cron. This is onyl recommended for experiend linux users. ### Run as other user or system service -Running bashbot as an other user is only possible (and strongly recommended) for root. +Running bashbot as an other user is only possibleers with sudo rigths. -Setup the environment for the user you want to run bashbot and enter new username: +Setup the environment for the user you want to run bashbot and enter desired username, e.g. nobody : ```bash ./bashbot.sh init ``` -Edit the example rc file ```bashbot.rc```, uncomment the ```runcmd``` availible on your system and fill the name of your Bot in ```name```. +Edit the example file ```bashbot.rc```, uncomment the ```runcmd=``` availible on your system and edit the following lines to fit xyour configuration: +``` +####################### +# Configuration Section +# edit the next line to fit the user you want to run bashbot, e.g. nobody: +runas="nobody" + +# uncomment one of the following lines +# runcmd="su $runas -s /bin/bash -c " # runasuser with su +# runcmd="runuser $runas -s /bin/bash -c " # runasuser with runuser + +# edit the values of the following lines to fit your config: +start="/usr/local/telegram-bot-bash/bashbot.sh" # location of your bashbot.sh script +name='' # your bot name as given to botfather, e.g. mysomething_bot + +# END Configuration +####################### +``` From now on always use bashbot.rc to start/stop your bot: ```bash -./bashbot.rc start +sudo ./bashbot.rc start ``` Type ```ps -ef | grep bashbot``` to verify your Bot is running as the desired user. If you started bashbot by bashbot.rc you must use bashbot.rc also to manage your Bot! The following commands are availible: ```bash -./bashbot.rc start -./bashbot.rc stop -./bashbot.rc status -./bashbot.rc suspendback -./bashbot.rc resumeback -./bashbot.rc killback +sudo ./bashbot.rc start +sudo ./bashbot.rc stop +sudo ./bashbot.rc status +sudo ./bashbot.rc suspendback +sudo ./bashbot.rc resumeback +sudo ./bashbot.rc killback ``` To change back the environment to your user-ID run ```./bashbot.rc init``` again and enter your user name. @@ -445,4 +462,4 @@ No - its not less (in)secure as any other Bot written in any other language. But If you feel that there's something missing or if you found a bug, feel free to submit a pull request! -#### $$VERSION$$ v0.5-rc-4-g92e9e9c +#### $$VERSION$$ v0.5-rc-7-gc075ea6 diff --git a/bashbot.rc b/bashbot.rc index 821471f..3eb79e7 100755 --- a/bashbot.rc +++ b/bashbot.rc @@ -1,7 +1,7 @@ #!/bin/sh # description: Start or stop telegram-bash-bot # -#### $$VERSION$$ v0.5-rc-5-g352c64f +#### $$VERSION$$ v0.5-rc-7-gc075ea6 # ### BEGIN INIT INFO # Provides: bashbot @@ -12,22 +12,30 @@ # Description: Start or stop telegram-bot-bash server ### END INIT INFO +# save default values TERM="" # disable bashbot clear and color output -runas="root" # not recommended! +runas="nobody" # not recommended! runcmd="echo Dry run:" # not actived until you edit lines below -# uncomment the next line to run as other user, e.g. www -# runas="nobody" +####################### +# Configuration Section -# uncomment one of the following lines -# runcmd="su $runas -s /bin/bash -c " # runasuser with su -# runcmd="runuser $runas -s /bin/bash -c " # runasuser with runuser +# edit the next line to fit the user you want to run bashbot, e.g. nobody: +runas="nobody" -# adjust the the values of the following lines -start="/usr/local/telegram-bot-bash/bashbot.sh" -lockfile=/usr/local/telegram-bot-bash/lockfile -name='new-session' # telegram name of your bot +# uncomment one of the following lines to fit your system +# runcmd="su $runas -s /bin/bash -c " # runasuser with *su* +# runcmd="runuser $runas -s /bin/bash -c " # runasuser with *runuser* +# edit the values of the following lines to fit your config: +start="/usr/local/telegram-bot-bash/bashbot.sh" # location of your bashbot.sh script +name='' # your bot name as given to botfather, e.g. mysomething_bot + +# END Configuration +####################### + +lockfile="$(dirname $start)/lockfile" +[ "$name" = "" ] && name="$runas" case "$1" in 'start') @@ -47,10 +55,10 @@ case "$1" in 'status') ps -f -u "$runas" | grep "$name" | grep -qF "bashbot.sh startbot" if [ "$?" = "0" ]; then - echo "$name is running" + echo "bashbot ($name) is running" RETVAL=0 else - echo "$name is stopped" + echo "bashbot ($name) is stopped" RETVAL=1 fi ;; From 1870ae065496976c377f6e191b9a978ef5e8c068 Mon Sep 17 00:00:00 2001 From: "Kay Marquardt (Gnadelwartz)" Date: Thu, 4 Apr 2019 12:49:33 +0200 Subject: [PATCH 4/9] fix typos --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 7dd5d5e..0e03052 100644 --- a/README.md +++ b/README.md @@ -386,14 +386,14 @@ E.g. the Emoticons ``` 😁 😘 ❤️ 😊 👍 ``` are encoded as: Bashbot is desingned to run manually by the user who installed it. Nevertheless it's possible to run it by an other user-ID, as a system service or sceduled from cron. This is onyl recommended for experiend linux users. ### Run as other user or system service -Running bashbot as an other user is only possibleers with sudo rigths. +Running bashbot as an other user is only possible with sudo rigths. Setup the environment for the user you want to run bashbot and enter desired username, e.g. nobody : ```bash ./bashbot.sh init ``` -Edit the example file ```bashbot.rc```, uncomment the ```runcmd=``` availible on your system and edit the following lines to fit xyour configuration: +Edit the file ```bashbot.rc``` and edit the following lines to fit your configuration: ``` ####################### # Configuration Section @@ -462,4 +462,4 @@ No - its not less (in)secure as any other Bot written in any other language. But If you feel that there's something missing or if you found a bug, feel free to submit a pull request! -#### $$VERSION$$ v0.5-rc-7-gc075ea6 +#### $$VERSION$$ v0.5-rc-8-g7a1c01d From fd81668c8f9657eb2352ba365d214743c1df0bd5 Mon Sep 17 00:00:00 2001 From: "Kay Marquardt (Gnadelwartz)" Date: Thu, 4 Apr 2019 14:11:01 +0200 Subject: [PATCH 5/9] minor README addition --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 0e03052..6e8ea48 100644 --- a/README.md +++ b/README.md @@ -394,7 +394,7 @@ Setup the environment for the user you want to run bashbot and enter desired use ``` Edit the file ```bashbot.rc``` and edit the following lines to fit your configuration: -``` +```bash ####################### # Configuration Section @@ -462,4 +462,4 @@ No - its not less (in)secure as any other Bot written in any other language. But If you feel that there's something missing or if you found a bug, feel free to submit a pull request! -#### $$VERSION$$ v0.5-rc-8-g7a1c01d +#### $$VERSION$$ v0.5-rc-9-g1870ae0 From e5e266697a24e0354853ec2c6945317e03eb370f Mon Sep 17 00:00:00 2001 From: "Kay Marquardt (Gnadelwartz)" Date: Thu, 4 Apr 2019 15:05:19 +0200 Subject: [PATCH 6/9] Bashbot Version 0.5 --- README.md | 2 +- [^ | 0 bashbot.cron | 2 +- bashbot.rc | 2 +- bashbot.sh | 2 +- commands.sh | 2 +- notify | 2 +- question | 2 +- version | 2 +- 9 files changed, 8 insertions(+), 8 deletions(-) create mode 100644 [^ diff --git a/README.md b/README.md index 6e8ea48..6a9c2a5 100644 --- a/README.md +++ b/README.md @@ -462,4 +462,4 @@ No - its not less (in)secure as any other Bot written in any other language. But If you feel that there's something missing or if you found a bug, feel free to submit a pull request! -#### $$VERSION$$ v0.5-rc-9-g1870ae0 +#### $$VERSION$$ v0.5-0-gfd81668 diff --git a/[^ b/[^ new file mode 100644 index 0000000..e69de29 diff --git a/bashbot.cron b/bashbot.cron index bff1aca..2a1937c 100644 --- a/bashbot.cron +++ b/bashbot.cron @@ -7,7 +7,7 @@ # This file is public domain in the USA and all free countries. # Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying) # -#### $$VERSION$$ v0.5-rc-4-g92e9e9c +#### $$VERSION$$ v0.5-0-gfd81668 SHELL=/bin/sh diff --git a/bashbot.rc b/bashbot.rc index 3eb79e7..e145a0b 100755 --- a/bashbot.rc +++ b/bashbot.rc @@ -1,7 +1,7 @@ #!/bin/sh # description: Start or stop telegram-bash-bot # -#### $$VERSION$$ v0.5-rc-7-gc075ea6 +#### $$VERSION$$ v0.5-0-gfd81668 # ### BEGIN INIT INFO # Provides: bashbot diff --git a/bashbot.sh b/bashbot.sh index 1a85d23..78c42e3 100755 --- a/bashbot.sh +++ b/bashbot.sh @@ -10,7 +10,7 @@ # This file is public domain in the USA and all free countries. # Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying) # -#### $$VERSION$$ v0.5-rc-6-g7a4831d +#### $$VERSION$$ v0.5-0-gfd81668 # # Exit Codes: # - 0 sucess (hopefully) diff --git a/commands.sh b/commands.sh index cd3eadb..54a62d0 100755 --- a/commands.sh +++ b/commands.sh @@ -4,7 +4,7 @@ # This file is public domain in the USA and all free countries. # Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying) # -#### $$VERSION$$ v0.5-rc-3-gf67503c +#### $$VERSION$$ v0.5-0-gfd81668 # adjust your language setting here, e.g.when run from other user or cron. # https://github.com/topkecleon/telegram-bot-bash#setting-up-your-environment diff --git a/notify b/notify index 9e09814..7ee82fa 100755 --- a/notify +++ b/notify @@ -2,7 +2,7 @@ # This file is public domain in the USA and all free countries. # Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying) -#### $$VERSION$$ v0.5-rc-3-gf67503c +#### $$VERSION$$ v0.5-0-gfd81668 # adjust your language setting here # https://github.com/topkecleon/telegram-bot-bash#setting-up-your-environment diff --git a/question b/question index 96cd161..eae4ba8 100755 --- a/question +++ b/question @@ -3,7 +3,7 @@ # This file is public domain in the USA and all free countries. # Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying) -#### $$VERSION$$ v0.5-rc-3-gf67503c +#### $$VERSION$$ v0.5-0-gfd81668 # adjust your language setting here # https://github.com/topkecleon/telegram-bot-bash#setting-up-your-environment diff --git a/version b/version index 79e21fe..72b8108 100755 --- a/version +++ b/version @@ -1,6 +1,6 @@ #!/bin/sh # -#### $$VERSION$$ v0.5-rc-3-gf67503c +#### $$VERSION$$ v0.5-0-gfd81668 # # Easy Versioning in git: # From 09678a18d82b1e8dec616bdbe590c3657b5ae804 Mon Sep 17 00:00:00 2001 From: Kay Marquardt Date: Thu, 4 Apr 2019 15:08:18 +0200 Subject: [PATCH 7/9] Delete [^ --- [^ | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 [^ diff --git a/[^ b/[^ deleted file mode 100644 index e69de29..0000000 From 8eef8400a1ac137b88db62491b15fb3eaa0d1d35 Mon Sep 17 00:00:00 2001 From: "Kay Marquardt (Gnadelwartz)" Date: Thu, 4 Apr 2019 15:25:27 +0200 Subject: [PATCH 8/9] Bashbot Version 0.5 - fix count message --- bashbot.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/bashbot.sh b/bashbot.sh index 78c42e3..d30fd4f 100755 --- a/bashbot.sh +++ b/bashbot.sh @@ -10,7 +10,7 @@ # This file is public domain in the USA and all free countries. # Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying) # -#### $$VERSION$$ v0.5-0-gfd81668 +#### $$VERSION$$ v0.5-2-g09678a1 # # Exit Codes: # - 0 sucess (hopefully) @@ -535,11 +535,13 @@ case "$1" in rm -f -r $TMPDIR/$3 ;; "count") - echo "A total of $(wc -l ${COUNT} | sed 's/count//g')users used me." + echo "A total of $(wc -l <"${COUNT}") users used me." + exit ;; "broadcast") - echo "Sending the broadcast $* to $(wc -l ${COUNT} | sed 's/count//g')users." - [ "$(wc -l ${COUNT} | sed 's/ count//g')" -gt "300" ] && sleep="sleep 0.5" + USERS="$(wc -l <"${COUNT}")" + echo "Sending the broadcast $* to $USERS users." + [ "$USERS" -gt "300" ] && sleep="sleep 0.5" shift for f in "$(cat ${COUNT})";do send_message ${f//COUNT} "$*"; $sleep;done ;; From 6ab657d08b1fb594b3dc30fffec2a4e1e11a21d2 Mon Sep 17 00:00:00 2001 From: "Kay Marquardt (Gnadelwartz)" Date: Mon, 8 Apr 2019 11:46:29 +0200 Subject: [PATCH 9/9] use sudo for bashbot.sh init --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 6a9c2a5..252a0e0 100644 --- a/README.md +++ b/README.md @@ -390,7 +390,7 @@ Running bashbot as an other user is only possible with sudo rigths. Setup the environment for the user you want to run bashbot and enter desired username, e.g. nobody : ```bash -./bashbot.sh init +sudo ./bashbot.sh init ``` Edit the file ```bashbot.rc``` and edit the following lines to fit your configuration: @@ -427,7 +427,7 @@ sudo ./bashbot.rc suspendback sudo ./bashbot.rc resumeback sudo ./bashbot.rc killback ``` -To change back the environment to your user-ID run ```./bashbot.rc init``` again and enter your user name. +To change back the environment to your user-ID run ```sudo ./bashbot.sh init``` again and enter your user name. To use bashbot as a system servive include a working ```bashbot.rc``` in your init system (systemd, /etc/init.d). @@ -453,7 +453,7 @@ Never run your Bot as root, this is the most dangerous you can do! Usually the u ### Secure your Bot installation Everyone who can read your Bot files can extract your Bots data. Especially your Bot Token in ```token``` must be protected against other users. No one exept you should have write access to the Bot files. The Bot itself need write access to ```count``` and ```tmp-bot-bash``` only, all other files should be write protected. -Runing ```./bashbot init``` sets the Bot permissions to reasonable default values as a starting point. +Runing ```./bashbot.sh init``` sets the Bot permissions to reasonable default values as a starting point. ### Is this Bot insecure? No - its not less (in)secure as any other Bot written in any other language. But you should know about the implications ... @@ -462,4 +462,4 @@ No - its not less (in)secure as any other Bot written in any other language. But If you feel that there's something missing or if you found a bug, feel free to submit a pull request! -#### $$VERSION$$ v0.5-0-gfd81668 +#### $$VERSION$$ v0.5-3-g8eef840