Subversion Repositories ALCASAR

Rev

Rev 3190 | Rev 3200 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2941 rexy 1
#!/bin/bash
2
 
3
# alcasar-rpm.sh
4
# by 3abtux and Rexy
5
# This script is distributed under the Gnu General Public License (GPL)
6
 
2990 rexy 7
# script de mise en place des dépots RPM + installation des RPM complémentaires
8
# configure the RPM repository + complementary RPM installation
2941 rexy 9
 
10
Lang=`echo $LANG|cut -c 1-2`
2971 rexy 11
SED="/bin/sed -i"
3190 rexy 12
VERSION="9"
2941 rexy 13
ARCH="x86_64"
14
# The kernel version we compile netflow for
3190 rexy 15
KERNEL="kernel-server-6.6.22-1.mga9"
2941 rexy 16
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
17
# (old) perl-Socket6 : needed by nfsen
18
# "fonts-dejavu-common" & "fonts-ttf-dejavu" : fonts needed by wkhtmltopdf
3077 rexy 19
# "lsscsi" & nvme-cli" & "php-dom" : needed by phpsysinfo
2941 rexy 20
# "socat" : avoid a warning when run the install script of letsencrypt ("acme.sh")
21
# "sudo" : needed after a reinstallation (to be investigated)
3053 rexy 22
# "postfix" + "cyrus-sasl" + "lib64sasl2-plug-plain" : email registration method
3193 rexy 23
# "nmap" : "/usr/share/nmap/nmap-mac-prefixes" is used to display MAC manufacturers in ACC
24
 
3190 rexy 25
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm php-gd php-ldap php-mysqli php-mbstring php-sockets php-curl php-pdo_sqlite php-cli php-dom php-filter unbound e2guardian postfix mariadb ntpsec bind-utils openssh-server rng-utils rsync fail2ban gnupg2 ulogd ipset usb_modeswitch vnstat dos2unix p7zip msec kernel-userspace-headers kernel-firmware kernel-firmware-nonfree dhcp-server tcpdump fonts-dejavu-common fonts-ttf-dejavu lsscsi nvme-cli sudo socat postfix cyrus-sasl lib64sasl2-plug-plain iftop"
2941 rexy 26
 
27
rpm_repository_sync ()
28
{
3111 rexy 29
	cat <<EOF > /etc/urpmi/urpmi.cfg
2941 rexy 30
{
31
downloader: wget
32
}
33
EOF
3111 rexy 34
	echo ${!MIRRORLIST}
35
	urpmi.addmedia core --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/core/release
36
	urpmi.addmedia core-updates --update --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/core/updates
37
	urpmi.addmedia nonfree --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/nonfree/release
38
	urpmi.addmedia nonfree-updates --update --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/nonfree/updates
2941 rexy 39
}
40
 
41
rpm_error ()
42
{
3111 rexy 43
	# restore previous rpm conf file & removed RPMs
44
	[ -e /etc/urpmi/urpmi.cfg.old ] && mv /etc/urpmi/urpmi.cfg.old /etc/urpmi/urpmi.cfg
45
	urpmi --no-verify-rpm --auto rpms/$ARCH/wkhtmltopdf*.rpm
46
	echo
47
	if [ $Lang == "fr" ]
48
	then
49
		echo "Relancez l'installation ultérieurement."
50
		echo "Si vous rencontrez à nouveau ce problème, modifier les variables MIRRORLIST[1&2] du fichier 'scripts/alcasar-rpm.sh'"
51
	else
52
		echo "Try an other install later."
53
		echo "If this problem occurs again, change the MIRRORLIST[1&2] variables in the file 'scripts/alcasar-rpm.sh'"
54
	fi
2941 rexy 55
}
56
 
57
# We prefer wget than curl
58
urpmi --no-verify-rpm --auto rpms/$ARCH/wget*.rpm
59
 
60
# Set the RPM repository (if not already set)
3111 rexy 61
cp /etc/urpmi/urpmi.cfg /etc/urpmi/urpmi.cfg.old
2941 rexy 62
ACTIVE_REPO=`cat /etc/urpmi/urpmi.cfg|grep "mageia.org"|wc -l`
2990 rexy 63
MIRROR_NBR=3
64
#                       For French
65
MIRRORLIST1="http://ftp.free.fr/mirrors/mageia.org/distrib/$VERSION/$ARCH"
2941 rexy 66
#                       For Europeans
2990 rexy 67
MIRRORLIST2="https://www.mirrorservice.org/pub/mageia/distrib/$VERSION/$ARCH"
68
#                       For everybody
69
MIRRORLIST3="https://mirrors.mageia.org/api/mageia.$VERSION.$ARCH.list"
2941 rexy 70
try_nb="0"; nb_repository="0"
71
while [ "$nb_repository" != "4" ]
72
do
73
	try_nb=`expr $try_nb + 1`
74
	MIRRORLIST="MIRRORLIST$try_nb"
75
	rpm_repository_sync
76
	nb_repository=`cat /etc/urpmi/urpmi.cfg|grep mirrorlist|wc -l`
77
	if [ "$nb_repository" != "4" ]
78
	then
79
		if [ $Lang == "fr" ]
80
		then
81
			echo "Une erreur a été détectée lors de la synchronisation avec le dépot N°$try_nb."
82
		else
83
			echo "An error occurs when synchronising the repositories N°$try_nb"
84
		fi
85
		if [ $(expr $try_nb) -eq $MIRROR_NBR ]
86
		then
87
			rpm_error
88
			exit 1
89
		fi
90
		if [ $Lang == "fr" ]
91
		then
92
			echo "Voulez-vous tenter une synchronisation avec un autre dépôt ? (O/n)"
93
		else
94
			echo "Do you want to try a synchronisation with an other repository? (Y/n)"
95
		fi
96
		response=0
97
		PTN='^[oOnNyY]?$'
98
		until [[ "$response" =~ $PTN ]]
99
		do
100
			read response
101
		done
102
		if [ "$response" = "n" ] || [ "$response" = "N" ]
103
		then
3111 rexy 104
			[ -e /etc/urpmi/urpmi.cfg.old ] && mv /etc/urpmi/urpmi.cfg.old /etc/urpmi/urpmi.cfg # restore previous rpm conf file
2941 rexy 105
			exit 1
106
		fi
107
	fi
108
done
3093 rexy 109
 
110
# At this time, we only skip Kernel update
111
echo "/^kernel/" > /etc/urpmi/skip.list
3190 rexy 112
if [ `grep -E '^exclude=' /etc/dnf/dnf.conf |wc -l` -eq "1" ]; then
3093 rexy 113
	$SED "s?^exclude=.*?exclude=kernel\*?g" /etc/dnf/dnf.conf
114
else
115
	echo "exclude=kernel*" >> /etc/dnf/dnf.conf
116
fi
117
 
2941 rexy 118
# download the kernel used by ALCASAR
119
if [ $Lang == "fr" ]
120
then
121
	echo "Récupération du noyau Linux exploité par ALCASAR. Veuillez patienter ..."
122
else
123
	echo "Download the Linux kernel used by ALCASAR. Please wait ..."
124
fi
125
urpmi --auto --quiet $KERNEL
3093 rexy 126
 
2941 rexy 127
# download updated RPM in cache
128
if [ $Lang == "fr" ]
129
then
130
	echo "Récupération des paquetages de mise à jour. Veuillez patienter ..."
131
	echo "Il est temps d'aller prendre un café (ou une bonne bière) ;-)"
132
else
133
	echo "Updated RPM download. Please wait ..."
134
	echo "You should now take a coffe (or a good beer) ;-)"
135
fi
136
urpmi --auto --auto-update --quiet --test --retry 2
137
if [ "$?" != "0" ]
138
then
139
	echo
140
	if [ $Lang == "fr" ]
141
	then
142
		echo "Une erreur a été détectée lors de la récupération des paquetages."
143
	else
144
		echo "An error occurs when downloading RPMS"
145
	fi
146
	rpm_error
147
	exit 1
148
fi
149
 
150
# update with cached RPM
151
urpmi --auto --auto-update
152
if [ "$?" != "0" ]
153
then
154
	echo
155
	if [ $Lang == "fr" ]
156
	then
157
		echo "Une erreur a été détectée lors de la mise à jour des paquetages."
158
	else
159
		echo "An error occurs when updating packages"
160
	fi
161
	rpm_error
162
	exit 1
163
fi
164
# Clean the RPM cache
165
urpmi --clean
166
 
167
# Download of ALCASAR specifics RPM in cache (and test)
168
if [ $Lang == "fr" ]
169
then
170
	echo "Récupération des paquetages complémentaires. Veuillez patienter ..."
171
else
172
	echo "Download of complementary packages. Please wait ..."
173
fi
174
urpmi --auto --no-recommends $PACKAGES --quiet --test --retry 2
175
if [ "$?" != "0" ]
176
then
177
	echo
178
	if [ $Lang == "fr" ]
179
	then
180
		echo "Une erreur a été détectée lors de la récupération des paquetages complémentaires."
181
	else
182
		echo "An error occurs when downloading complementary packages"
183
	fi
184
	rpm_error
185
	exit 1
186
fi
187
 
188
# update with cached RPM
189
urpmi --auto --no-recommends $PACKAGES
190
if [ "$?" != "0" ]
191
then
192
	echo
193
	if [ $Lang == "fr" ]
194
	then
195
		echo "Une erreur a été détectée lors de l'installation des paquetages complémentaires."
196
	else
197
		echo "An error occurs when installing complementary packages"
198
	fi
199
	rpm_error
200
	exit 1
201
fi
202
 
203
# Keep only the kernel version we compil netflow with, and remove all others
204
kernelVersion=$(rpm -qa | grep -e ^kernel-server -e ^kernel-desktop)
205
for i in $kernelVersion
206
do
207
	if [ $i != $KERNEL ];then
208
		urpme --auto $i
209
	fi
210
done
3093 rexy 211
 
2941 rexy 212
# delete unused RPMs
213
if [ $Lang == "fr" ]
214
then
215
	echo "Cleaning the system : "
216
else
217
	echo "Nettoyage du système : "
218
fi
3170 rexy 219
unused_rpm="shorewall mandi plymouth squid polkit pm-utils dnsmasq clamav clamd clamav-db"
2988 rexy 220
/usr/sbin/urpme --auto -a $unused_rpm
3093 rexy 221
for rpm in `rpm -qa|grep mga7`; do urpme --auto $rpm; done
2941 rexy 222
/usr/sbin/urpme --auto --auto-orphans
223
 
224
# Save chilli launch script (erase with new rpm one)
225
[ -e /etc/chilli.conf ] && cp /etc/chilli.conf /tmp/
226
# Install home made RPMs
227
for pkg in `ls rpms/$ARCH/*.rpm`
228
do
229
    urpmi --no-verify --auto $pkg
230
done
231
# restore chilli launch script
232
[ -e /tmp/chilli.conf ] && mv /tmp/chilli.conf /etc/
3093 rexy 233
 
2941 rexy 234
# Clean the RPM cache
235
urpmi --clean
236
# the ipt-netflow RPM add the kernel module ipt_NETFLOW (the modules dependance tree need to be updated). "2>/dev/null" in order not to display a error (the running kernel is not the ALCASAR one during the installation process)
237
/sbin/depmod -a 2>/dev/null
238
# test if all needed rpms are correctly installed
239
count_pkg=0; nb_pkg=0;
240
for pkg in $PACKAGES
241
do
242
	nb_pkg=`expr $nb_pkg + 1`
243
	if rpm -q --quiet $pkg ; then
244
		count_pkg=`expr $count_pkg + 1`
245
	else
246
		echo "error installing $pkg"
247
	fi
248
done
249
if [ $count_pkg -ne $nb_pkg ]
250
then
251
	exit 1
252
fi
3093 rexy 253
 
2941 rexy 254
# test if all custom rpms are correctly installed
255
count_pkg=0; nb_pkg=0;
256
for pkg in `ls rpms/$ARCH/|sed 's/.x86_64.rpm//'`
257
do
258
	nb_pkg=`expr $nb_pkg + 1`
259
	if rpm -q --quiet $pkg ; then
260
		count_pkg=`expr $count_pkg + 1`
261
	else
262
		echo "error installing $pkg"
263
	fi
264
done
265
if [ $count_pkg -ne $nb_pkg ]
266
then
267
	exit 1
268
fi
3104 rexy 269
 
270
# .rpmnew handling (unused with ALCASAR)
271
[ -e /etc/shadow.rpmnew ] && rm -f /etc/shadow.rpmnew
272
[ -e /etc/sysconfig/system.rpmnew ] && rm -f /etc/sysconfig/system.rpmnew
273
[ -e /etc/rpm/macros.rpmnew ] && rm -f /etc/rpm/macros.rpmnew
274
[ -e /etc/fstab.rpmnew ] && rm -f /etc/fstab.rpmnew
275
[ -e /etc/shells.rpmnew ] && rm -f /etc/shells.rpmnew
276
[ -e /etc/hosts.rpmnew ] && rm -f /etc/hosts.rpmnew
277
[ -e /etc/systemd/journald.conf.rpmnew ] && rm -f /etc/systemd/journald.conf.rpmnew
278
[ -e /etc/raddb/certs/dh.rpmnew ] && rm -f /etc/raddb/certs/dh.rpmnew
279
 
280
# .rpmnew handling (used with ALCASAR)
281
[ -e /etc/php.ini.rpmnew ] && mv -f /etc/php.ini.rpmnew /etc/php.ini.default
282
[ -e /etc/lighttpd/lighttpd.conf.rpmnew ] && mv -f /etc/lighttpd/lighttpd.conf.rpmnew /etc/lighttpd/lighttpd.conf.default
283
[ -e /etc/lighttpd/modules.conf.rpmnew ] && mv -f /etc/lighttpd/modules.conf.rpmnew /etc/lighttpd/modules.conf.default
284
[ -e /etc/e2guardian/e2guardian.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardian.conf.rpmnew /etc/e2guardian/e2guardian.conf.default
285
[ -e /etc/e2guardian/e2guardianf1.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardianf1.conf.rpmnew /etc/e2guardian/e2guardianf1.conf.default
286
[ -e /etc/e2guardian/lists/urlregexplist.rpmnew ] && mv -f /etc/e2guardian/lists/urlregexplist.rpmnew /etc/e2guardian/lists/urlregexplist.default
287
[ -e /etc/e2guardian/lists/bannedregexpurllist.rpmnew ] && mv -f /etc/e2guardian/lists/bannedregexpurllist.rpmnew /etc/e2guardian/lists/bannedregexpurllist.default
288
[ -e /etc/vnstat.conf.rpmnew ] && mv -f /etc/vnstat.conf.rpmnew /etc/vnstat.conf.default
289
[ -e /etc/fail2ban/jail.conf.rpmnew ] && mv -f /etc/fail2ban/jail.conf.rpmnew /etc/fail2ban/jail.conf.default
290
[ -e /etc/ssh/sshd_config.rpmnew ] && mv -f /etc/ssh/sshd_config.rpmnew /etc/ssh/sshd_config.default
291
 
2941 rexy 292
exit 0