[tools] update.script

[@how@]

Hello,
update script not part from directadmin.com
**** USE IT YOUR OWN RISKS ****

*****
*****
*****

GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 2006,2007 Free Software Foundation, Inc.
51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Update script made by Wael Isa
H188, R4008, Arad 240, Kingdom of Bahrain
http://www.web4host.net
Version: 1.4
Release Date: 1 / 9 / 2006

*****
*****
*****

If you find update script useful, please consider to make a donation to support this freeware.
Please keep in mind that donations are welcome, but in no way required to use and distribute update.script.
You can donate using 2checkout.com & paypal accepted - CLICK HERE

update.script Version: 1.4
update script tested in this OS 32bit and 64bit.

• RedHat Linux
• RedHat Fedora
• RedHat Enterprise
• CentOS
• Please report about other OS to add here

and update to

• OpenSSL (You need to build ssh, apache, php, etc after upgrade)
• Exim
• OpenSSH
• ProFTP
• ProFTP with mod_clamav
• phpMyAdmin
• AVG
• ClamAV
• MODclamAV
• MRTG
• SquirrelMail
• SquirrelMail full language pack
• SpamAssassin
• IMAP (You need to build php after upgrade)
• MODsecurity 2.5.x (Apache 2.x Only)
• MODsecurity 2.5.x Rules
• MODsecurity 1.x (Apache 1.x Only)
• MODsecurity 1.x Rules
• MODevasive
• KISS My Firewall
• eAccelerator
• Freetype
• Webmin control panel (You need to open one port 10000 in your firewall)
• MailScanner
• Suhosin

Just download/chmod

Code:

mkdir /usr/local/updatescript
cd /usr/local/updatescript
wget http://tools.web4host.net/update.script
chmod 755 update.script

Run this to read how to use.

Code:

./update.script

Run this to update update.script

Code:

./update.script UPDATEME

Run this to see release date and version

Code:

./update.script DATE

Run this to clean update script folder

Code:

./update.script CLEAN

Note:-
1- Run this to clean or update update script before you use
2- Select best mirror for your server mirror.conf , if you want new mirror.conf file just delete old one in update script folder.


*****
*****
*****

ClamAV

Code:

nano -w /etc/exim.conf

before

Code:

primary_hostname =

add

Code:

av_scanner = clamd:127.0.0.1 3310

after

Code:

check_message:

add

Code:

deny message = This message contains malformed MIME ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = *
deny message = This message contains an attachment of a type which we do not accept (.$found_extension)
demime = bat:com:pif:prf:scr:vbs
warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus

save then restart exim

Code:

/sbin/service exim restart

*****
*****
*****

ProFTP with mod_clamav
Edit

Code:

nano /etc/proftpd.conf

add this before </Global>

Code:

<IfModule mod_clamav.c>
   ClamAV on
   ClamServer 127.0.0.1
   ClamPort 3310
</IfModule>

save and restart proftp

Code:

/sbin/service proftpd restart

*****
*****
*****

MODsecurity 2.x

Code:

nano -w /etc/httpd/conf/extra/httpd-includes.conf

and add this
32bit

Code:

LoadFile /usr/lib/libxml2.so
LoadModule security2_module     /usr/lib/apache/mod_security2.so
<IfModule mod_security2.c>
# ModSecurity2 ONLY
# Do not change anything in included files
#
Include /etc/modsecurity2/*.conf
</IfModule>

64bit

Code:

LoadFile /usr/lib64/libxml2.so
LoadModule security2_module     /usr/lib/apache/mod_security2.so
<IfModule mod_security2.c>
# ModSecurity2 ONLY
# Do not change anything in included files
#
Include /etc/modsecurity2/*.conf
</IfModule>

Code:

/sbin/service httpd restart

*****
*****
*****

MODsecurity 1.x

Code:

nano -w /etc/httpd/conf/httpd.conf

add

Code:

<IfModule mod_security.c>
# Only inspect dynamic requests
# (YOU MUST TEST TO MAKE SURE IT WORKS AS EXPECTED)
#SecFilterEngine DynamicOnly

SecFilterEngine On

# Reject requests with status 500
SecFilterDefaultAction "deny,log,status:500"

# Some sane defaults
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies On
# enable version 1 (RFC 2965) cookies
SecFilterCookieFormat 1

#SecServerResponseToken Off

#If you want to scan the output, uncomment these
#SecFilterScanOutput On
#SecFilterOutputMimeTypes "(null) text/html text/plain"

# Accept almost all byte values
SecFilterForceByteRange 1 255

# Server masking is optional
#fake server banner - NOYB used - no one needs to know what we are using
SecServerSignature "Power MOD by web4host.net"

#SecUploadDir /tmp
#SecUploadKeepFiles Off

# Only record the interesting stuff
SecAuditEngine RelevantOnly
#SecAuditLog logs/audit_log

# You normally won't need debug logging
#SecFilterDebugLevel 0
#SecFilterDebugLog logs/modsec_debug_log

# Mini Rules
Include /etc/modsecurity/mini.conf
</IfModule>

Code:

/sbin/service httpd restart

*****
*****
*****

MODevasive
Apache 1

Code:

nano -w /etc/httpd/conf/httpd.conf

add

Code:

<IfModule mod_evasive.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSWhitelist 127.0.0.1
DOSEmailNotify your-email@your-domain.tld
</IfModule>

Code:

/sbin/service httpd restart

if did not work try

Code:

/usr/local/directadmin/customapache/

then edit httpd.conf

Code:

nano -w /etc/httpd/conf/httpd.conf

after this

Code:

LoadModule perl_module        /usr/lib/apache/libperl.so

add

Code:

LoadModule evasive_module     /usr/lib/apache/mod_evasive.so

after this

Code:

<IfDefine HAVE_PYTHON>
AddModule mod_python.c
</IfDefine>

add

Code:

AddModule mod_evasive.c

Code:

/sbin/service httpd restart

Apache 2

Code:

nano -w /etc/httpd/conf/extra/httpd-includes.conf

add

Code:

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSWhitelist 127.0.0.1
DOSEmailNotify your-email@your-domain.tld
</IfModule>

Code:

/sbin/service httpd restart

if you want do test you need to remove (DOSWhitelist) from httpd.conf

Code:

wget http://tools.web4host.net/modevasive/test.txt
mv test.txt test.pl
chmod 755 test.pl
./test.pl

*****
*****
*****

KISS My Firewall
Ready for Direct Admin & Plesk & Webmin & cPanel.
if you want use other SSH port just add in TCP_IN & TCP_OUT
Running anywhere on the command line, you simply type:

Code:

kiss start

To stop the firewall, type:

Code:

kiss stop

To get status information, type:

Code:

kiss status

If you want to block an offenders IP address/subnet, simply edit the BLOCK_LIST variable in the /usr/bin/kiss file. You can separate IP addresses and subnet's with a space. Once you are finished, simply restart KISS by typing:

Code:

kiss restart

Last, but not least, it is recommended that you configure the firewall to allow only for needed ports. Using trusted IP addresses/subnets is also recommended. These variables are located near the beginning of the /usr/bin/kiss file and are self-explanatory. Once you make changes, you should always restart KISS for the changes to take effect:
kiss restart

edit kiss and set what os you use
# Enabled this for Pre Fedora Core 2 or Red Hat

Code:

EXTN="o"

# Enabled this for Fedore Core 2 or later

Code:

EXTN="ko"

like CentOS use EXTN="ko" just remove # before EXTN="ko" then kiss start

*****
*****
*****

eAccelerator
when done you see link look like

Code:

/usr/local/lib/php/extensions/no-debug-non-zts-20020429/eaccelerator.so

copy your like to add in php.ini
edit php.ini

Code:

nano -w /usr/local/lib/php.ini

add this after Windows Extensions , in the list down.

Code:

zend_extension="/usr/local/lib/php/extensions/no-debug-non-zts-20020429/eaccelerator.so"
eaccelerator.shm_size="32"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

save and restart apache

Code:

/sbin/service httpd restart

*****
*****
*****

Freetype
Note: no need to use if if you use custombuild, only how use customapache.

Code:

cd /usr/local/directadmin/customapache/

Apache 1

Code:

nano -w  configure.php

Apache 2

Code:

nano -w  configure2.php

replace

Code:

--with-gd \
--with-gd-dir=/usr/local \

by

Code:

--with-gd \
--with-gd-dir=/usr/local/lib \
--with-freetype \
--with-freetype-dir=/usr/local/lib \

save then run

Code:

./build clean
./build gd

Apache 1

Code:

./build clean
./build gd
./build php d
service httpd restart

Apache 2

Code:

./build clean
./build gd
./build php_ap2 d
service httpd restart

*****
*****
*****

IMAP
Apache 1

Code:

nano -w  configure.php

Apache 2

Code:

nano -w  configure2.php

add

Code:

--with-imap=/usr/local/imap-2004c1 \

after

Code:

--with-zip \

save then build php and restart apache

Code:

service httpd restart

*****
*****
*****

AVG Anti-Virus
Clean folder HOME (full)

Code:

avgscan -clean -ext=* -rt -arc /home

clean folder HOME (without archives)

Code:

avgscan -clean -ext=* -rt /home

Update AVG DB

Code:

avgupdate --path="/opt/avg/avg8/update/download"

ill add more soon.

*****
*****
*****

Nobody Check Security Tool
The Nobody Check tool is a new and unique security tool that can detect malicious processes that are running on your Linux server and report them to you in real time or by email. The tool can be configured to run at selected times and doesn’t eat up resources or interfere with server operations.

edit and set your email then save

Code:

nano -w /usr/local/nobody_check/nc.conf

edit

Code:

nano -w /etc/crontab

add

Code:

# nobody_check
*/15 * * * * root /usr/local/nobody_check/nobody_check >/dev/null 2>&1

save

*****
*****
*****

MailScanner
Edit

Code:

nano -w  /etc/exim.conf

find

Code:

primary_hostname

add before

Code:

spool_directory = /var/spool/exim.in
queue_only = true
queue_only_override = false

EDIT

Code:

nano -w /etc/init.d/exim

find

Code:

QUEUE=
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -bd"
[ -n "$QUEUE" ] && EXIM_OPTS="$EXIM_OPTS -q$QUEUE"

replace to

Code:

QUEUE="15m"
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -bd"
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -C /etc/exim_outgoing.conf"
[ -n "$QUEUE" ] && EXIM_OPTS="$EXIM_OPTS -q$QUEUE"

EDIT

Code:

nano -w /opt/MailScanner/etc/MailScanner.conf

and update this to your information

Code:

%org-name% = yoursite
%org-long-name% = Your Organisation Name Here
%web-site% = www.your-organisation.com

Search & set this

Code:

Run As User = mail
Run As Group = mail
Incoming Queue Dir = /var/spool/exim.in/input
Outgoing Queue Dir = /var/spool/exim/input
MTA = exim
Sendmail = /usr/sbin/exim -C /etc/exim.conf
Sendmail2 = /usr/sbin/exim -C /etc/exim_outgoing.conf
Virus Scanners = none
Use SpamAssassin = yes
Always Include SpamAssassin Report = yes

now MailScanner work without anti virus
you can scan all mail using AVG, ClamAV or BOTH same time
just install AVG and ClamAV then edit

Code:

nano -w /opt/MailScanner/etc/MailScanner.conf

find

Code:

Virus Scanners = none

replace to

Code:

Virus Scanners = avg

and restart MailScanner

Code:

killall -9 MailScanner
/opt/MailScanner/bin/check_mailscanner

Edit

Code:

nano -w /etc/crontab

Add

Code:

37      5 * * * /opt/MailScanner/bin/update_phishing_sites
07      * * * * /opt/MailScanner/bin/update_bad_phishing_sites
58     23 * * * /opt/MailScanner/bin/clean.quarantine
3,23,43 * * * * /opt/MailScanner/bin/check_mailscanner
# Remove # if you want MailScanner to update anti virus
#42      * * * * /opt/MailScanner/bin/update_virus_scanners

now MailScanner use AVG to scan all mail and exim (exim.conf) scan all mail use ClamAV

*****
*****
*****

MODclamAV

Code:

nano -w /etc/httpd/conf/extra/httpd-includes.conf

and add this

Code:

# mod ClamAV
Include conf/extra/mod_clamav.conf

save then restart apache

Code:

/sbin/service httpd restart

*****
*****
*****

Suhosin

Code:

nano -w /usr/local/lib/php.ini

and add this at then end

Code:

;************************************************************************
;                           suhosin Parameters
;       For a full list of parameters and their documentation go to:
;         (http://www.hardened-php.net/suhosin/configuration.html)
;************************************************************************
[suhosin]
extension="/usr/local/lib/php/extensions/no-debug-non-zts-20060613/suhosin.so"
; Logging Configuration 
# Use your link in place of web4host.net
suhosin.filter.action = [302,]http://www.web4host.net/index.php
suhosin.log.syslog.facility = 9
suhosin.log.syslog.priority = 1
suhosin.log.use-x-forwarded-for = Off

; Executor Options 
suhosin.executor.max_depth = 0
suhosin.executor.include.max_traversal = 4
suhosin.executor.include.whitelist =
#suhosin.executor.include.blacklist = "php://, http://, ftp://, gzip://,https://, ftps://, compress.zlib://"
suhosin.executor.include.blacklist = "php://, http://, ftp://, gzip://,https://, ftps://"
suhosin.executor.func.whitelist =
suhosin.executor.func.blacklist = system, shell_exec, exec, passthru, php_uname, popen, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setgid, posix_uname, proc_close, proc_nice, proc_open, proc_terminate
#suhosin.executor.func.blacklist = dl, system, passthru, pclose, proc_nice, proc_terminate, posix_getpwuid, posix_uname, pfosckopen, leak, posix_setuid, escapeshellcmd, escapeshellarg, hypot, pg_host, pos, posix_access, posix_getcwd, posix_getgid, posix_getservbyname,myshellexec,getpid, posix_getsid,  posix_isatty, posix_kill, posix_mkfifo, posix_mknod, posix_setgid, posix_setsid, posix_setuid, posix_times, posix_uname, ps_fill, posix_getpwuid, ini_restore, symlink, ini_get_all, zip_open, zip_read, rar_open, bzopen, bzread, bzwrite, shellcode, backtick, cmd, virtual, pcntl_exec, ini_alter, show_source, apache_get_modules, apache_get_version, apache_note, openlog, tmpfile, crack_check, crack_closedict, php_ini_scanned_files, inurl, apache_setenv, closelog, debugger_off, debugger_on, define_syslog_variables, syslog, ftp_exec, posix_setpgid, posix_setsid, posix_setuid, get_current_user, getmyuid, getmygid, listen, netscript, ini_restore, php.ini, id, popen, shell_exec, php_uname, getPath, dir_writeable, read_dir, execute_command, diskfreespace, disk_total_space, proc_open, switch, mkdir
suhosin.executor.eval.whitelist =
suhosin.executor.eval.blacklist =
suhosin.executor.allow_symlink = Off
suhosin.executor.disable_emodifier = Off
suhosin.executor.disable_eval = Off

; Misc Options 
suhosin.apc_bug_workaround = Off
suhosin.sql.bailout_on_error = Off
suhosin.sql.comment = 0
suhosin.sql.multiselect = 0
suhosin.sql.opencomment = 0
suhosin.sql.union = 0
suhosin.sql.user_postfix =
suhosin.sql.user_prefix =
suhosin.multiheader = Off
suhosin.memory_limit = 128
suhosin.mail.protect = 1

; Transparent Encryption Options 
suhosin.session.encrypt = On
suhosin.session.cryptkey =
suhosin.session.cryptua = On
suhosin.session.cryptdocroot = On
suhosin.session.cryptraddr = 0
suhosin.session.checkraddr = 0
suhosin.session.max_id_length = 128
suhosin.cookie.checkraddr = 0
suhosin.cookie.cryptdocroot = On
suhosin.cookie.cryptkey =
suhosin.cookie.cryptlist =
suhosin.cookie.cryptraddr = 0
suhosin.cookie.cryptua = On
suhosin.cookie.disallow_nul = 1
suhosin.cookie.disallow_ws = 0
suhosin.cookie.encrypt = On
suhosin.cookie.plainlist =

; Filtering Optionins
suhosin.cookie.max_array_depth = 100
suhosin.cookie.max_array_index_length = 64
suhosin.cookie.max_name_length = 64
suhosin.cookie.max_totalname_length = 256
suhosin.cookie.max_value_length = 10000
suhosin.cookie.max_vars = 2048
suhosin.get.disallow_nul = On
suhosin.get.disallow_ws = 0
suhosin.get.max_array_depth = 50
suhosin.get.max_array_index_length = 64
suhosin.get.max_name_length = 64
suhosin.get.max_totalname_length = 256
suhosin.get.max_value_length = 512
suhosin.get.max_vars = 2048
suhosin.perdir = 0
suhosin.coredump = Off
suhosin.post.disallow_nul = On
suhosin.post.disallow_ws = 0
suhosin.post.max_array_depth = 100
suhosin.post.max_array_index_length = 64
suhosin.post.max_name_length = 64
suhosin.post.max_totalname_length = 256
suhosin.post.max_value_length = 65000
suhosin.post.max_vars = 2048
suhosin.protectkey = On
suhosin.request.disallow_nul = On
suhosin.request.disallow_ws = 0
suhosin.request.max_array_depth = 100
suhosin.request.max_array_index_length = 64
suhosin.request.max_totalname_length = 256
suhosin.request.max_value_length = 65000
suhosin.request.max_varname_length = 64
suhosin.request.max_vars = 2048
suhosin.stealth = On
suhosin.upload.max_uploads = 25
suhosin.upload.disallow_elf = 1
suhosin.upload.disallow_binary = Off
suhosin.upload.remove_binary =
suhosin.upload.verification_script =
suhosin.session.max_id_length = 128
suhosin.simulation = Off
    ;************************************************************************
    ;                       End suhosin Parameters
    ;************************************************************************

save then restart apache

Code:

/sbin/service httpd restart

*****
*****
*****

Thanks for smtalk and SeLLeRoNe

*****
*****
*****

Best Regards,
Wael Isa

[jca]

Wael thanks for this wonderful script, yet how about keeping the version number of each release installed? This way running a command would let us know what needs to be updated. This could save a lot of time.

[HanSieT]

I cant seem to download the script it says

Code:

[root@tehl33tbox updatescript]# wget http://tools.supernamechange.com/updatescript
--10:39:35--  http://tools.supernamechange.com/updatescript
           => `updatescript'
Resolving tools.supernamechange.com... 72.55.156.182
Connecting to tools.supernamechange.com|72.55.156.182|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
10:39:37 ERROR 404: Not Found.

Wael is your server down?

Thanks for bringing it back btw

*edit * link should be http://tools.supernamechange.com/update.script and not http://tools.supernamechange.com/updatescript

[@how@]

main post updated now.
thanks.

Wael

[eymbo]

Thanks @how@ for all of your hard work mate. It has been a script that has helped me a lot.

I was wondering where freetype went to?

[@how@]

yes, updated again.

Wael

[Vital]

AVG link is dead. can you check it?

[CiscoMike]

I love this however I'm terrified to do the openssh and/or openssl upgrades remotely. last time I did this over ssh it failed and i was locked out. and when i tried to update over KVMoIP, I kept over-running the buffer (and I used screen but the process would hang after I disconnected).

Soooo...anyone tried the SSL or SSH update or have any pointers for me? I'm on all brand new hardware but like I said, scary to try this update (for me at least, call me a *ussy lol)

[jca]

I've never had any problems, yet there's only a first time. I also keep webmin in case of a fail in ssh so I can login though there to fix things.

[CiscoMike]

I am having one problem:

Quote:

awk '{ print ($1+1) }' cnumber.h > cnumber.temp
rm -f cnumber.h; mv cnumber.temp cnumber.h
gcc version.c
rm -f exim
gcc -o exim
rfc2047.o: In function `rfc2047_decode2':
rfc2047.c.text+0x3fe): undefined reference to `libiconv_open'
rfc2047.c.text+0x4fc): undefined reference to `libiconv'
rfc2047.c.text+0x5d7): undefined reference to `libiconv_close'
collect2: ld returned 1 exit status
make[1]: *** [exim] Error 1
make[1]: Leaving directory `/usr/local/updatescript/exim-4.68/build-Linux-x86_64'
make: *** [go] Error 2

Installation directory is /usr/sbin


*** /usr/local/updatescript/exim-4.68/build-Linux-x86_64/exim does not exist or is empty
*** Have you built Exim successfully?
*** Exim installation failed ***
make: *** [install] Error 1
cp: cannot stat `/usr/sbin/exim-4.68-1': No such file or directory
chmod: cannot access `/usr/sbin/exim': No such file or directory
Shutting down exim:
Starting exim: /etc/init.d/exim: line 30: /usr/sbin/exim: No such file or directory



Exim update done

and now exim won't start. If I do a "service exim status" I get

Quote:

exim dead but subsys locked

Any ideas? \usr\sbin\exim does not exist. Even a "locate exim" doesn't show a file named exim anywhere.

[CiscoMike]

nevermind:

http://www.directadmin.com/forum/showthread.php?t=21291

sorry for the spam on this thread. This is an excellent script! well done!

[venon]

how I can enable LibClamAV support for PHP settings?

[@how@]

AVG updated & add Control panel Webmin


Wael

[milan]

Does it work with dovecot?

[Oddis]

Hi Wael

I updated from MODsecurity 1.9.4 to MODsecurity 1.9.5 and found that a few scripts was blocked.

MODsecurity 1.9.4 worked okay.
I guess the best thing to do, is to go back to MODsecurity 1.9.4 and therefore I hope that you have a copy of that version.

Thanks for a good script and any help

[@how@]

try to use other rules, just run this
./update.script CLEAN
./update.script
use L,M or H

Wael

[DutchTSE]

Quote:

xxx:/usr/local/updatescript# ./update.script UPDATEME ./update.script: line 1012: syntax error: unexpected end of file

Your script stopped working?
This fault happens with every command

[jca]

DutchTSE try to reinstall it.

Code:

cd /usr/local/updatescript
wget http://tools.supernamechange.com/update.script
chmod 755 update.script

[Oddis]

Thanks for a very quick reply Wael

Remember: You are way over my league.

I am sorry, but the information must be fed by spoon.
./update.script CLEAN
./update.script

use L,M or H ???

The two rules that are available after download is apache2.conf and mini.conf.

What I did was to firstly update MODsecurity to 1.9.5
I saw that some scripts was blocked, so I downloaded the MODsecurity Rules again. Still the same. I compared the new mini.conf with the past version and could not see any changes.

So, I assumed that it was MODsecurity 1.9.5 it selves and an lib.so, lib.a etc that is the reason for this.

Regards
Oddis

[Heuveltje]

Same error as DutchTSE :
./update.script: line 1012: syntax error: unexpected end of file

Something broke the script...