From 6f51fba7fa563194827441e66f7d8f3b80027119 Mon Sep 17 00:00:00 2001
From: lgromero <lgromero@qindel.com>
Date: Tue, 1 Oct 2024 15:44:16 +0200
Subject: [PATCH] refs #799 adds apparmor exception to write in kea conf

---
 installer/ogdhcp_installer.sh                | 49 ++++++++++++++++++--
 src/DhcpBundle/Controller/DhcpController.php |  4 +-
 2 files changed, 47 insertions(+), 6 deletions(-)

diff --git a/installer/ogdhcp_installer.sh b/installer/ogdhcp_installer.sh
index ef5ddd0..80f6cba 100755
--- a/installer/ogdhcp_installer.sh
+++ b/installer/ogdhcp_installer.sh
@@ -334,6 +334,39 @@ get_ip_address() {
 get_php_fpm_version() {
     php -v | grep -oP "PHP \K\d+\.\d+"
 }
+add_write_permission_apparmor() {
+# Archivo de perfil de AppArmor
+APPARMOR_FILE="/etc/apparmor.d/usr.sbin.kea-dhcp4"
+
+# Comprobar si ya existe la regla para /etc/kea/
+if ! grep -q "/etc/kea/ " "$APPARMOR_FILE"; then
+    echo "Añadiendo la regla para /etc/kea/..."
+    sudo sed -i '/#include <tunables\/global>/a \
+/etc/kea/ rw,' "$APPARMOR_FILE"
+else
+    echo "La regla para /etc/kea/ ya existe."
+    # Asegurarse de que tiene los permisos correctos
+    sudo sed -i 's|/etc/kea/.*|/etc/kea/ rw,|' "$APPARMOR_FILE"
+fi
+
+# Comprobar si ya existe la regla para /etc/kea/**
+if ! grep -q "/etc/kea/\*\* " "$APPARMOR_FILE"; then
+    echo "Añadiendo la regla para /etc/kea/**..."
+    sudo sed -i '/#include <tunables\/global>/a \
+/etc/kea/** rw,' "$APPARMOR_FILE"
+else
+    echo "La regla para /etc/kea/** ya existe."
+    # Asegurarse de que tiene los permisos correctos
+    sudo sed -i 's|/etc/kea/\*\*.*|/etc/kea/** rw,|' "$APPARMOR_FILE"
+fi
+
+# Recargar AppArmor para aplicar los cambios
+echo "Recargando AppArmor..."
+sudo apparmor_parser -r "$APPARMOR_FILE"
+sudo systemctl restart kea-ctrl-agent kea-dhcp4
+
+echo "Perfil de AppArmor modificado y servicios reiniciados."
+}
 
 # Función para configurar Nginx
 setup_nginx() {
@@ -505,15 +538,23 @@ fi
 
 
 runComposer ${INSTALL_TARGET}
-# Creando configuración de Apache.
-setup_nginx $INSTALL_TARGET
 setup_nginx $INSTALL_TARGET
 if [ $? -ne 0 ]; then
-	errorAndLog "Error configuring Apache for OpenGnsys Admin"
+	errorAndLog "Error configuring Nginx for OpenGnsys Admin"
 	exit 1
 fi
 modify_php_fpm_config
-sudo apt-get update
+if [ $? -ne 0 ]; then
+    errorAndLog "Error configuring PHP-FPM for OpenGnsys Admin"
+    exit 1
+fi
+
+add_write_permission_apparmor
+if [ $? -ne 0 ]; then
+    errorAndLog "Error adding write permission to AppArmor profile"
+    exit 1
+fi
+
 # install_kea
 # install_php
 # install_composer
diff --git a/src/DhcpBundle/Controller/DhcpController.php b/src/DhcpBundle/Controller/DhcpController.php
index 496f7b4..97174c6 100644
--- a/src/DhcpBundle/Controller/DhcpController.php
+++ b/src/DhcpBundle/Controller/DhcpController.php
@@ -128,7 +128,7 @@ class DhcpController
     private function getSubnetsService(): ?array
     {
         try {
-            $response = $this->curlRequestService->executeCurlCommand('config-get');
+            $response = $this->curlKeaService->executeCurlCommand('config-get');
 
             if (!$response) {
                 $this->logger->error('Error: No se pudo acceder al archivo de configuración Kea.');
@@ -180,7 +180,7 @@ class DhcpController
  *     @OA\Response(
  *         response=400,
  *         description="Error al obtener las subredes",
- *     )
+ *     )executeCurlCommand
  * )
  * @Route("/ogdhcp/v1/subnets", methods={"GET"})
  */