octoleo/telegram-bot-bash
1
1
Fork 0
mirror of https://github.com/octoleo/telegram-bot-bash.git synced 2024-09-21 05:09:02 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #123 from topkecleon/develop

Browse Source 
Token format test and advice for BSD/MacOS
This commit is contained in:
Kay Marquardt 2020-05-19 17:38:52 +02:00 committed by GitHub
commit d5606098c7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 94 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.html
View File

@ -91,7 +91,8 @@ Written by Drew (@topkecleon), Daniil Gentili (@danogentili), and Kay M (@gnadel
<p>Released to the public domain wherever applicable. Elsewhere, consider it released under the <a href="http://www.wtfpl.net/txt/copying/">WTFPLv2</a>.</p>
<h2>Prerequisites</h2>
<p>Uses <a href="http://github.com/dominictarr/JSON.sh">JSON.sh</a>, but no more TMUX.</p>
<p>Even bashbot is written in bash, it depends on commands typically availible in a Unix/Linux Environment. More concret on the common commands provided by <a href="https://en.wikipedia.org/wiki/List_of_GNU_Core_Utilities_commands">coreutils</a>, <a href="https://en.wikipedia.org/wiki/BusyBox#Commands">busybox</a> or <a href="https://landley.net/toybox/help.html">toybox</a>, see <a href="doc/7_develop.md#common-commands">Developer Notes</a></p>
<p>Even bashbot is written in bash, it depends on commands typically availible in a Unix/Linux Environment. More concret on the common commands provided by recent versions of <a href="https://en.wikipedia.org/wiki/List_of_GNU_Core_Utilities_commands">coreutils</a>, <a href="https://en.wikipedia.org/wiki/BusyBox#Commands">busybox</a> or <a href="https://landley.net/toybox/help.html">toybox</a>, see <a href="doc/7_develop.md#common-commands">Developer Notes</a></p>
<p><em>Note for MacOS and BSD Users:</em> As bashbot use behavior of recent bash and (gnu)sed versions, bashbot may not run without installing additional software, see <a href="doc/0_install.md">Install Bashbot</a></p>
<p>Bashbot <a href="https://github.com/topkecleon/telegram-bot-bash">Documentation</a> and <a href="https://github.com/topkecleon/telegram-bot-bash/releases">Downloads</a> are availible on www.github.com</p>
<h2>Documentation</h2>
<ul>
@ -150,8 +151,7 @@ Written by Drew (@topkecleon), Daniil Gentili (@danogentili), and Kay M (@gnadel
<li><a href="examples/README.md">Examples Dir</a></li>
</ul>
<h3>Your really first bashbot in a nutshell</h3>
<p>Note for MacOS: you must install install a more current bash, see <a href="doc/0_install.md">Install Bashbot</a></p>
<p>To install and run bashbot you need acess to a linux/unix/bsd command line. If you don't know how to get accces to a linux/unix/bsd like command line you should stop reading here :-(</p>
<p>To install and run bashbot you need acess to a linux/unix command line. If you don't know how to get accces to a linux/unix/bsd like command line you should stop reading here :-(</p>
<p>In addition you need a <a href="https://telegram.org">Telegram client</a> and a mobile phone to <a href="https://telegramguide.com/create-a-telegram-account/">register an account</a>. If you don't want to register for Telegram you should stop reading here ;-)</p>
<p>After you're registered to Telegram send a message to <a href="https://telegram.me/botfather">@botfather</a>, <a href="doc/1_firstbot.md">create a new Telegram Bot token</a> and write it down. You need the token to install the bot.</p>
<p>Now open a linux/unix/bsd terminal and check if bash is installed: <code>which bash &amp;&amp; echo "bash installed!"</code>. If you get an error message bash is not installed.</p>
@ -181,8 +181,8 @@ It features background tasks and interactive chats, and can serve as an interfac
<p>A powerful tool to improve your scripts is <code>shellcheck</code>. You can <a href="https://www.shellcheck.net/">use it online</a> or <a href="https://github.com/koalaman/shellcheck#installing">install shellcheck locally</a>. Shellcheck is used extensive in bashbot development to enshure a high code quality, e.g. it's not allowed to push changes without passing all shellcheck tests. In addition bashbot has a <a href="doc/7_develop.md">test suite</a> to check if important functionality is working as expected.</p>
<h3>Do not use #!/usr/bin/env bash</h3>
<p><strong>We stay with /bin/bash shebang, because it's more save from security perspective.</strong></p>
<p>Using the system provided bash makes it harder for attackers or users to place alternative versions of bash and avoids using possibly broken, mangled or compromised bash executables.</p>
<p>If you are a MacOS user or forced to use an alternative bash, see <a href="doc/0_install.md">Install Bashbot</a></p>
<p>Using a fixed path to the system provided bash makes it harder for attackers or users to place alternative versions of bash and avoids using a possibly broken, mangled or compromised bash executable.</p>
<p>If you are a BSD / MacOS user or must to use an other bash location, see <a href="doc/0_install.md">Install Bashbot</a></p>
<h3>Run your Bot as a restricted user</h3>
<p><strong>I recommend to run your bot as a user, with almost no access rights.</strong> All files your Bot have write access to are in danger to be overwritten/deleted if your bot is hacked. For the same reason ervery file your Bot can read is in danger to be disclosed. Restict your Bots access rigths to the absolute minimum.</p>
<p><strong>Never run your Bot as root, this is the most dangerous you can do!</strong> Usually the user 'nobody' has almost no rights on Unix/Linux systems. See <a href="doc/4_expert.md">Expert use</a> on how to run your Bot as an other user.</p>
@ -228,6 +228,6 @@ It features background tasks and interactive chats, and can serve as an interfac
<p>@Gnadelwartz</p>
<h2>That's it!</h2>
<p>If you feel that there's something missing or if you found a bug, feel free to submit a pull request!</p>
<h4>$$VERSION$$ V0.94-2-gced78d3</h4>
<h4>$$VERSION$$ V0.94-9-g46af634</h4>
</body>
</html>

16
README.md
View File

@ -12,7 +12,9 @@ Elsewhere, consider it released under the [WTFPLv2](http://www.wtfpl.net/txt/cop
Uses [JSON.sh](http://github.com/dominictarr/JSON.sh), but no more TMUX.
Even bashbot is written in bash, it depends on commands typically availible in a Unix/Linux Environment.
More concret on the common commands provided by [coreutils](https://en.wikipedia.org/wiki/List_of_GNU_Core_Utilities_commands), [busybox](https://en.wikipedia.org/wiki/BusyBox#Commands) or [toybox](https://landley.net/toybox/help.html), see [Developer Notes](doc/7_develop.md#common-commands)
More concret on the common commands provided by recent versions of [coreutils](https://en.wikipedia.org/wiki/List_of_GNU_Core_Utilities_commands), [busybox](https://en.wikipedia.org/wiki/BusyBox#Commands) or [toybox](https://landley.net/toybox/help.html), see [Developer Notes](doc/7_develop.md#common-commands)
*Note for MacOS and BSD Users:* As bashbot use behavior of recent bash and (gnu)sed versions, bashbot may not run without installing additional software, see [Install Bashbot](doc/0_install.md)
Bashbot [Documentation](https://github.com/topkecleon/telegram-bot-bash) and [Downloads](https://github.com/topkecleon/telegram-bot-bash/releases) are availible on www.github.com
@ -60,9 +62,7 @@ Bashbot [Documentation](https://github.com/topkecleon/telegram-bot-bash) and [Do
### Your really first bashbot in a nutshell
Note for MacOS: you must install install a more current bash, see [Install Bashbot](doc/0_install.md)
To install and run bashbot you need acess to a linux/unix/bsd command line. If you don't know how to get accces to a linux/unix/bsd like command line you should stop reading here :-(
To install and run bashbot you need acess to a linux/unix command line. If you don't know how to get accces to a linux/unix/bsd like command line you should stop reading here :-(
In addition you need a [Telegram client](https://telegram.org) and a mobile phone to [register an account](https://telegramguide.com/create-a-telegram-account/).
If you don't want to register for Telegram you should stop reading here ;-)
@ -116,10 +116,10 @@ In addition bashbot has a [test suite](doc/7_develop.md) to check if important f
**We stay with /bin/bash shebang, because it's more save from security perspective.**
Using the system provided bash makes it harder for attackers or users to place alternative versions of bash and avoids using
possibly broken, mangled or compromised bash executables.
Using a fixed path to the system provided bash makes it harder for attackers or users to place alternative versions of bash
and avoids using a possibly broken, mangled or compromised bash executable.
If you are a MacOS user or forced to use an alternative bash, see [Install Bashbot](doc/0_install.md)
If you are a BSD / MacOS user or must to use an other bash location, see [Install Bashbot](doc/0_install.md)
### Run your Bot as a restricted user
**I recommend to run your bot as a user, with almost no access rights.**
@ -192,4 +192,4 @@ This may happen if to many wrong requests are sent to api.telegram.org, e.g. usi
If you feel that there's something missing or if you found a bug, feel free to submit a pull request!
#### $$VERSION$$ V0.94-2-gced78d3
#### $$VERSION$$ V0.94-9-g46af634

27
README.txt
View File

@ -17,12 +17,16 @@ Uses [JSON.sh](http://github.com/dominictarr/JSON.sh), but no more TMUX.
Even bashbot is written in bash, it depends on commands typically availible in
a Unix/Linux Environment.
More concret on the common commands provided by
More concret on the common commands provided by recent versions of
[coreutils](https://en.wikipedia.org/wiki/List_of_GNU_Core_Utilities_commands),
[busybox](https://en.wikipedia.org/wiki/BusyBox#Commands) or
[toybox](https://landley.net/toybox/help.html), see [Developer
Notes](doc/7_develop.md#common-commands)
*Note for MacOS and BSD Users:* As bashbot use behavior of recent bash and
(gnu)sed versions, bashbot may not run without installing additional software,
see [Install Bashbot](doc/0_install.md)
Bashbot [Documentation](https://github.com/topkecleon/telegram-bot-bash) and
[Downloads](https://github.com/topkecleon/telegram-bot-bash/releases) are
@ -71,12 +75,9 @@ availible on www.github.com
### Your really first bashbot in a nutshell
Note for MacOS: you must install install a more current bash, see [Install
Bashbot](doc/0_install.md)
To install and run bashbot you need acess to a linux/unix/bsd command line. If
you don't know how to get accces to a linux/unix/bsd like command line you
should stop reading here :-(
To install and run bashbot you need acess to a linux/unix command line. If you
don't know how to get accces to a linux/unix/bsd like command line you should
stop reading here :-(
In addition you need a [Telegram client](https://telegram.org) and a mobile
phone to [register an
@ -159,12 +160,12 @@ functionality is working as expected.
**We stay with /bin/bash shebang, because it's more save from security
perspective.**
Using the system provided bash makes it harder for attackers or users to place
alternative versions of bash and avoids using
possibly broken, mangled or compromised bash executables.
Using a fixed path to the system provided bash makes it harder for attackers or
users to place alternative versions of bash
and avoids using a possibly broken, mangled or compromised bash executable.
If you are a MacOS user or forced to use an alternative bash, see [Install
Bashbot](doc/0_install.md)
If you are a BSD / MacOS user or must to use an other bash location, see
[Install Bashbot](doc/0_install.md)
### Run your Bot as a restricted user
**I recommend to run your bot as a user, with almost no access rights.**
@ -269,4 +270,4 @@ tor proxy on your server you may uncomment the ```BASHBOT_CURL_ARGS``` line in
If you feel that there's something missing or if you found a bug, feel free to
submit a pull request!
#### $$VERSION$$ V0.94-2-gced78d3
#### $$VERSION$$ V0.94-9-g46af634

27
bashbot.sh
View File

@ -11,7 +11,7 @@
# This file is public domain in the USA and all free countries.
# Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying)
#
#### $$VERSION$$ V0.94-0-gbdb50c8
#### $$VERSION$$ V0.94-7-g3d92bf3
#
# Exit Codes:
# - 0 sucess (hopefully)
@ -28,6 +28,7 @@ if [ -t 1 ] && [ -n "$TERM" ]; then
RED='\e[31m'
GREEN='\e[32m'
ORANGE='\e[35m'
GREY='\e[1;30m'
NC='\e[0m'
fi
@ -110,7 +111,10 @@ if [ -z "${BOTTOKEN}" ]; then
printf '%s\n' "${BOTTOKEN}" > "${TOKENFILE}"
fi
fi
[ -z "${BOTTOKEN}" ] && BOTTOKEN="$(< "${TOKENFILE}")"
# read BOTTOKEN from file and removen everyting from first newline to end
BOTTOKEN="$(< "${TOKENFILE}")"
BOTTOKEN="${BOTTOKEN%%$'\n'*}"
# setup botadmin file
if [ ! -f "${BOTADMIN}" ]; then
if [ -z "${CLEAR}" ]; then
@ -148,6 +152,23 @@ if [ -z "${BOTTOKEN}" ]; then
exit 2
fi
fi
# do we have BSD sed
if ! sed '1ia' </dev/null 2>/dev/null; then
echo -e "${ORANGE}Warning: You may run on a BSD style system without gnu utils ...${NC}"
fi
# BOTTOKEN format checks
if [[ ! "${BOTTOKEN}" =~ ^[0-9]{8,10}:[a-zA-Z0-9_-]{35}$ ]]; then
echo -e "${ORANGE}Warning, your bottoken may incorrect. it should have the following format:${NC}"
echo -e "${GREY}123456789${RED}:${GREY}Aa-Zz_0Aa-Zz_1Aa-Zz_2Aa-Zz_3Aa-Zz_4${ORANGE} => ${NC}\c"
echo -e "${GREY}8-10 digits${RED}:${GREY}35 alnum characters + '_-'${NC}"
echo -e "${ORANGE}Your current token is: '${GREY}^$(cat -ve <<<"${BOTTOKEN//:/${RED}:${GREY}}")${ORANGE}'${NC}"
[[ ! "${BOTTOKEN}" =~ ^[0-9]{8,10}: ]] &&\
echo -e "${ORANGE}Possible problem in the digits part, len is $(($(wc -c <<<"${BOTTOKEN%:*}")-1))${NC}"
[[ ! "${BOTTOKEN}" =~ :[a-zA-Z0-9_-]{35}$ ]] &&\
echo -e "${ORANGE}Posilbe problem in the charatcers part, len is $(($(wc -c <<<"${BOTTOKEN#*:}")-1))${NC}"
fi
exit
##################
# here we start with the real stuff
@ -840,7 +861,7 @@ if [ "${SOURCE}" != "yes" ]; then
;;
*)
echo -e "${RED}${REALME}: BAD REQUEST${NC}"
echo -e "${RED}Available arguments: start, stop, kill, status, count, broadcast, help, suspendback, resumeback, killback${NC}"
echo -e "${RED}Available arguments: ${GREY}start, stop, kill, status, count, broadcast, help, suspendback, resumeback, killback${NC}"
exit 4
;;
esac

15
doc/0_install.md
View File

@ -43,15 +43,18 @@ If you modified ```commands.sh``` move your changes to ```mycommands.sh```, this
Now you can restart your bashbot instances.
### Note for MacOS Users
### Note for BSD and MacOS
You must install a more current version of bash, as the default bash is way to old,
**On MacOS** you must install a more recent version of bash, as the default bash is way to old,
see e.g. [Install Bash on Mac](http://macappstore.org/bash/)
After installation / update of bashbot you must change the shebang line to point to your bash location
e.g. with the provided script ```bash -c "examples/bash2env *.sh */*.sh"```
**On BSD and MacOS** I recommend to install gnu coreutils and include them in front of your PATH
environment variable before running bashbot, e.g. the gnu versions of sed, grep, find ...
We stay with /bin/bash shebang, because using the system bash is more save, see
In adition you must adjust the shebang line of the scripts ```bashbot.sh``` and ```json.sh``` to point to to the correct bash
or use the example script: ```examples/bash2env *.sh */*.sh```
Bashbot will stay with /bin/bash shebang, as using a fixed path is more secure than the portable /usr/bin/env variant, see
[Security Considerations](../README.md#Security-Considerations)
### Notes on Updates
@ -98,5 +101,5 @@ The old format is supported for backward compatibility, but may fail for corner
#### [Next Create Bot](1_firstbot.md)
#### $$VERSION$$ V0.94-3-gca803c0
#### $$VERSION$$ V0.94-8-g876361f

46
examples/bash2env.sh
View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
# file: bash2env.sh
# simole helper script to convert bash shebang from
# ! /bin/bash TO ! /usr/bin/env bash
@ -6,7 +6,7 @@
# This file is public domain in the USA and all free countries.
# Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying)
#### $$VERSION$$ V0.94-0-gbdb50c8
#### $$VERSION$$ V0.94-7-g3d92bf3
# adjust your language setting here
# https://github.com/topkecleon/telegram-bot-bash#setting-up-your-environment
@ -15,23 +15,41 @@ export 'LANG=C.UTF-8'
export 'LANGUAGE=C.UTF-8'
unset IFS
MYSHEBANG=""
################
# uncomment thenfollowing line to make the conversion
# DOIT="yes"
# uncomment one of the following lines to make the conversion
# linux/unix bash
# MYSHEBANG="#!/bin/bash"
# BSD bash
# MYSHEBANG="#!/usr/bin/bash"
# homebrew gnu bash on MacOS
# MYSHEBANG="#!/usr/local/opt/bash"
# use portable /usr/bin/env
# MYSHEBANG="#!/usr/bin/env bash"
# bashbot default bash
FROMSHEBANG="#!/bin/bash"
# uncomment to convert back to bashbot default bash
# FROMSHEBANG="#!/usr/bin/env bash"
# MYSHEBANG="#!/bin/bash"
if [ "$1" = "" ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
echo "$0: convert bash shebang to /usr/bin/env bash"
echo "$0: convert bash shebang to point to your local installation"
echo "usage: $0 script [script ...]"
exit
fi
# loop tomprocess files
if [ "${DOIT}" = "yes" ]; then
echo "Warning, changes will be done!"
if [ "${MYSHEBANG}" != "" ]; then
echo "Warning, shebang will changed from ${FROMSHEBANG} changed to ${MYSHEBANG}!"
else
echo "Dry run, output changes only!"
echo "Uncomment DOIT=\"yes\" in script to make the changes permanent."
echo "Dry run, demonstration only!"
echo "Uncomment one of the MYSHEBANG= lines fitting your environment to make the changes permanent."
fi
@ -45,15 +63,15 @@ do
file "${file}"
if [[ "$(file -b "${file}")" =~ Bourne.*script.*text ]]; then
echo "Processing ${file} ..."
if head -n 1 "${file}" | grep -q '^#!/bin/bash'; then
if [ "${DOIT}" = "yes" ]; then
sed -i -e '1 s|^#!/bin/bash|#!/usr/bin/env bash|' "${file}"
if head -n 1 "${file}" | grep -q "^${FROMSHEBANG}"; then
if [ "${MYSHEBANG}" != "" ]; then
sed -i -e '1 s|^'"${FROMSHEBANG}"'|'"${MYSHEBANG}"'|' "${file}"
head -n 1 "${file}"
else
sed -n -e '1 s|^#!/bin/bash|#!/usr/bin/env bash (dry run)|p' "${file}"
sed -n -e '1 s|^'"${FROMSHEBANG}"'|#!/some/shebang/bash (dry run)|p' "${file}"
fi
else
echo "No #!/bin/bash shebang, nothing to convert."
echo "Found: $(head -n 1 "${file}") - Nothing to convert."
fi
echo -e "... done.\n"
else

2
modules/sendMessage.sh
View File

@ -5,7 +5,7 @@
# This file is public domain in the USA and all free countries.
# Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying)
#
#### $$VERSION$$ V0.94-0-gbdb50c8
#### $$VERSION$$ v0.941-0-ga055b77
# source once magic, function named like file
eval "$(basename "${BASH_SOURCE[0]}")(){ :; }"