Subversion Repositories ALCASAR

Rev

Rev 3147 | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2941 rexy 1
#!/bin/bash
2
 
3
# alcasar-rpm.sh
4
# by 3abtux and Rexy
5
# This script is distributed under the Gnu General Public License (GPL)
6
 
2990 rexy 7
# script de mise en place des dépots RPM + installation des RPM complémentaires
8
# configure the RPM repository + complementary RPM installation
2941 rexy 9
 
10
Lang=`echo $LANG|cut -c 1-2`
2971 rexy 11
SED="/bin/sed -i"
3077 rexy 12
VERSION="8"
2941 rexy 13
ARCH="x86_64"
14
# The kernel version we compile netflow for
3147 rexy 15
KERNEL="kernel-server-5.15.126-1.mga8-1-1.mga8"
2941 rexy 16
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
17
# (old) perl-Socket6 : needed by nfsen
18
# "fonts-dejavu-common" & "fonts-ttf-dejavu" : fonts needed by wkhtmltopdf
3077 rexy 19
# "lsscsi" & nvme-cli" & "php-dom" : needed by phpsysinfo
2941 rexy 20
# "socat" : avoid a warning when run the install script of letsencrypt ("acme.sh")
21
# "sudo" : needed after a reinstallation (to be investigated)
3053 rexy 22
# "postfix" + "cyrus-sasl" + "lib64sasl2-plug-plain" : email registration method
3170 rexy 23
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm php-gd php-ldap php-mysqli php-mbstring php-sockets php-curl php-pdo_sqlite php-cli php-dom php-filter unbound e2guardian postfix mariadb ntp bind-utils openssh-server rng-utils rsync fail2ban gnupg2 ulogd ipset usb_modeswitch vnstat dos2unix p7zip msec kernel-userspace-headers kernel-firmware kernel-firmware-nonfree dhcp-server tcpdump fonts-dejavu-common fonts-ttf-dejavu lsscsi nvme-cli sudo socat postfix cyrus-sasl lib64sasl2-plug-plain iftop"
2941 rexy 24
 
25
rpm_repository_sync ()
26
{
3111 rexy 27
	cat <<EOF > /etc/urpmi/urpmi.cfg
2941 rexy 28
{
29
downloader: wget
30
}
31
EOF
3111 rexy 32
	echo ${!MIRRORLIST}
33
	urpmi.addmedia core --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/core/release
34
	urpmi.addmedia core-updates --update --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/core/updates
35
	urpmi.addmedia nonfree --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/nonfree/release
36
	urpmi.addmedia nonfree-updates --update --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/nonfree/updates
2941 rexy 37
}
38
 
39
rpm_error ()
40
{
3111 rexy 41
	# restore previous rpm conf file & removed RPMs
42
	[ -e /etc/urpmi/urpmi.cfg.old ] && mv /etc/urpmi/urpmi.cfg.old /etc/urpmi/urpmi.cfg
43
	urpmi --no-verify-rpm --auto rpms/$ARCH/wkhtmltopdf*.rpm
44
	urpmi --auto --quiet freeradius-ldap lighttpd-mod_auth
45
	echo
46
	if [ $Lang == "fr" ]
47
	then
48
		echo "Relancez l'installation ultérieurement."
49
		echo "Si vous rencontrez à nouveau ce problème, modifier les variables MIRRORLIST[1&2] du fichier 'scripts/alcasar-rpm.sh'"
50
	else
51
		echo "Try an other install later."
52
		echo "If this problem occurs again, change the MIRRORLIST[1&2] variables in the file 'scripts/alcasar-rpm.sh'"
53
	fi
2941 rexy 54
}
55
 
56
# extract the current Mageia version and hardware architecture (i586 ou X64)
57
fic=`cat /etc/product.id`
58
old="$IFS"
59
IFS=","
60
set $fic
61
for i in $*
62
do
63
	if [ "`echo $i|grep distribution|cut -d'=' -f1`" == "distribution" ]
64
	then
65
		DISTRIBUTION=`echo $i|cut -d"=" -f2`
66
	fi
67
	if [ "`echo $i|grep version|cut -d'=' -f1`" == "version" ]
68
	then
69
		CURRENT_VERSION=`echo $i|cut -d"=" -f2`
70
	fi
71
	if [ "`echo $i|grep arch|cut -d'=' -f1`" == "arch" ]
72
	then
73
		ARCH=`echo $i|cut -d"=" -f2`
74
	fi
75
done
76
IFS="$old"
77
 
78
# We prefer wget than curl
79
urpmi --no-verify-rpm --auto rpms/$ARCH/wget*.rpm
80
 
81
# Set the RPM repository (if not already set)
3111 rexy 82
cp /etc/urpmi/urpmi.cfg /etc/urpmi/urpmi.cfg.old
2941 rexy 83
ACTIVE_REPO=`cat /etc/urpmi/urpmi.cfg|grep "mageia.org"|wc -l`
2990 rexy 84
MIRROR_NBR=3
85
#                       For French
86
MIRRORLIST1="http://ftp.free.fr/mirrors/mageia.org/distrib/$VERSION/$ARCH"
2941 rexy 87
#                       For Europeans
2990 rexy 88
MIRRORLIST2="https://www.mirrorservice.org/pub/mageia/distrib/$VERSION/$ARCH"
89
#                       For everybody
90
MIRRORLIST3="https://mirrors.mageia.org/api/mageia.$VERSION.$ARCH.list"
2941 rexy 91
try_nb="0"; nb_repository="0"
92
while [ "$nb_repository" != "4" ]
93
do
94
	try_nb=`expr $try_nb + 1`
95
	MIRRORLIST="MIRRORLIST$try_nb"
96
	rpm_repository_sync
97
	nb_repository=`cat /etc/urpmi/urpmi.cfg|grep mirrorlist|wc -l`
98
	if [ "$nb_repository" != "4" ]
99
	then
100
		if [ $Lang == "fr" ]
101
		then
102
			echo "Une erreur a été détectée lors de la synchronisation avec le dépot N°$try_nb."
103
		else
104
			echo "An error occurs when synchronising the repositories N°$try_nb"
105
		fi
106
		if [ $(expr $try_nb) -eq $MIRROR_NBR ]
107
		then
108
			rpm_error
109
			exit 1
110
		fi
111
		if [ $Lang == "fr" ]
112
		then
113
			echo "Voulez-vous tenter une synchronisation avec un autre dépôt ? (O/n)"
114
		else
115
			echo "Do you want to try a synchronisation with an other repository? (Y/n)"
116
		fi
117
		response=0
118
		PTN='^[oOnNyY]?$'
119
		until [[ "$response" =~ $PTN ]]
120
		do
121
			read response
122
		done
123
		if [ "$response" = "n" ] || [ "$response" = "N" ]
124
		then
3111 rexy 125
			[ -e /etc/urpmi/urpmi.cfg.old ] && mv /etc/urpmi/urpmi.cfg.old /etc/urpmi/urpmi.cfg # restore previous rpm conf file
2941 rexy 126
			exit 1
127
		fi
128
	fi
129
done
3093 rexy 130
 
131
# At this time, we only skip Kernel update
132
echo "/^kernel/" > /etc/urpmi/skip.list
133
if [ `egrep '^exclude=' /etc/dnf/dnf.conf |wc -l` -eq "1" ]; then
134
	$SED "s?^exclude=.*?exclude=kernel\*?g" /etc/dnf/dnf.conf
135
else
136
	echo "exclude=kernel*" >> /etc/dnf/dnf.conf
137
fi
138
 
139
# Remove some RPMs in order to avoid error and automatic update
3111 rexy 140
urpme wkhtmltopdf freeradius-ldap lighttpd-mod_auth
3093 rexy 141
 
2941 rexy 142
# download the kernel used by ALCASAR
143
if [ $Lang == "fr" ]
144
then
145
	echo "Récupération du noyau Linux exploité par ALCASAR. Veuillez patienter ..."
146
else
147
	echo "Download the Linux kernel used by ALCASAR. Please wait ..."
148
fi
149
urpmi --auto --quiet $KERNEL
3093 rexy 150
 
2941 rexy 151
# download updated RPM in cache
152
if [ $Lang == "fr" ]
153
then
154
	echo "Récupération des paquetages de mise à jour. Veuillez patienter ..."
155
	echo "Il est temps d'aller prendre un café (ou une bonne bière) ;-)"
156
else
157
	echo "Updated RPM download. Please wait ..."
158
	echo "You should now take a coffe (or a good beer) ;-)"
159
fi
160
urpmi --auto --auto-update --quiet --test --retry 2
161
if [ "$?" != "0" ]
162
then
163
	echo
164
	if [ $Lang == "fr" ]
165
	then
166
		echo "Une erreur a été détectée lors de la récupération des paquetages."
167
	else
168
		echo "An error occurs when downloading RPMS"
169
	fi
170
	rpm_error
171
	exit 1
172
fi
173
 
174
# update with cached RPM
175
urpmi --auto --auto-update
176
if [ "$?" != "0" ]
177
then
178
	echo
179
	if [ $Lang == "fr" ]
180
	then
181
		echo "Une erreur a été détectée lors de la mise à jour des paquetages."
182
	else
183
		echo "An error occurs when updating packages"
184
	fi
185
	rpm_error
186
	exit 1
187
fi
188
# Clean the RPM cache
189
urpmi --clean
190
 
191
# Download of ALCASAR specifics RPM in cache (and test)
192
if [ $Lang == "fr" ]
193
then
194
	echo "Récupération des paquetages complémentaires. Veuillez patienter ..."
195
else
196
	echo "Download of complementary packages. Please wait ..."
197
fi
198
urpmi --auto --no-recommends $PACKAGES --quiet --test --retry 2
199
if [ "$?" != "0" ]
200
then
201
	echo
202
	if [ $Lang == "fr" ]
203
	then
204
		echo "Une erreur a été détectée lors de la récupération des paquetages complémentaires."
205
	else
206
		echo "An error occurs when downloading complementary packages"
207
	fi
208
	rpm_error
209
	exit 1
210
fi
211
 
212
# update with cached RPM
213
urpmi --auto --no-recommends $PACKAGES
214
if [ "$?" != "0" ]
215
then
216
	echo
217
	if [ $Lang == "fr" ]
218
	then
219
		echo "Une erreur a été détectée lors de l'installation des paquetages complémentaires."
220
	else
221
		echo "An error occurs when installing complementary packages"
222
	fi
223
	rpm_error
224
	exit 1
225
fi
226
 
227
# Keep only the kernel version we compil netflow with, and remove all others
228
kernelVersion=$(rpm -qa | grep -e ^kernel-server -e ^kernel-desktop)
229
for i in $kernelVersion
230
do
231
	if [ $i != $KERNEL ];then
232
		urpme --auto $i
233
	fi
234
done
3093 rexy 235
 
2941 rexy 236
# delete unused RPMs
237
if [ $Lang == "fr" ]
238
then
239
	echo "Cleaning the system : "
240
else
241
	echo "Nettoyage du système : "
242
fi
3170 rexy 243
unused_rpm="shorewall mandi plymouth squid polkit pm-utils dnsmasq clamav clamd clamav-db"
2988 rexy 244
/usr/sbin/urpme --auto -a $unused_rpm
3093 rexy 245
for rpm in `rpm -qa|grep mga7`; do urpme --auto $rpm; done
2941 rexy 246
/usr/sbin/urpme --auto --auto-orphans
247
 
248
# Save chilli launch script (erase with new rpm one)
249
[ -e /etc/chilli.conf ] && cp /etc/chilli.conf /tmp/
250
# Install home made RPMs
251
for pkg in `ls rpms/$ARCH/*.rpm`
252
do
253
    urpmi --no-verify --auto $pkg
254
done
255
# restore chilli launch script
256
[ -e /tmp/chilli.conf ] && mv /tmp/chilli.conf /etc/
3093 rexy 257
 
2941 rexy 258
# Clean the RPM cache
259
urpmi --clean
260
# the ipt-netflow RPM add the kernel module ipt_NETFLOW (the modules dependance tree need to be updated). "2>/dev/null" in order not to display a error (the running kernel is not the ALCASAR one during the installation process)
261
/sbin/depmod -a 2>/dev/null
262
# test if all needed rpms are correctly installed
263
count_pkg=0; nb_pkg=0;
264
for pkg in $PACKAGES
265
do
266
	nb_pkg=`expr $nb_pkg + 1`
267
	if rpm -q --quiet $pkg ; then
268
		count_pkg=`expr $count_pkg + 1`
269
	else
270
		echo "error installing $pkg"
271
	fi
272
done
273
if [ $count_pkg -ne $nb_pkg ]
274
then
275
	exit 1
276
fi
3093 rexy 277
 
2941 rexy 278
# test if all custom rpms are correctly installed
279
count_pkg=0; nb_pkg=0;
280
for pkg in `ls rpms/$ARCH/|sed 's/.x86_64.rpm//'`
281
do
282
	nb_pkg=`expr $nb_pkg + 1`
283
	if rpm -q --quiet $pkg ; then
284
		count_pkg=`expr $count_pkg + 1`
285
	else
286
		echo "error installing $pkg"
287
	fi
288
done
289
if [ $count_pkg -ne $nb_pkg ]
290
then
291
	exit 1
292
fi
3104 rexy 293
 
294
# .rpmnew handling (unused with ALCASAR)
295
[ -e /etc/shadow.rpmnew ] && rm -f /etc/shadow.rpmnew
296
[ -e /etc/sysconfig/system.rpmnew ] && rm -f /etc/sysconfig/system.rpmnew
297
[ -e /etc/rpm/macros.rpmnew ] && rm -f /etc/rpm/macros.rpmnew
298
[ -e /etc/fstab.rpmnew ] && rm -f /etc/fstab.rpmnew
299
[ -e /etc/shells.rpmnew ] && rm -f /etc/shells.rpmnew
300
[ -e /etc/hosts.rpmnew ] && rm -f /etc/hosts.rpmnew
301
[ -e /etc/systemd/journald.conf.rpmnew ] && rm -f /etc/systemd/journald.conf.rpmnew
302
[ -e /etc/raddb/certs/dh.rpmnew ] && rm -f /etc/raddb/certs/dh.rpmnew
303
 
304
# .rpmnew handling (used with ALCASAR)
305
[ -e /etc/php.ini.rpmnew ] && mv -f /etc/php.ini.rpmnew /etc/php.ini.default
306
[ -e /etc/lighttpd/lighttpd.conf.rpmnew ] && mv -f /etc/lighttpd/lighttpd.conf.rpmnew /etc/lighttpd/lighttpd.conf.default
307
[ -e /etc/lighttpd/modules.conf.rpmnew ] && mv -f /etc/lighttpd/modules.conf.rpmnew /etc/lighttpd/modules.conf.default
308
[ -e /etc/e2guardian/e2guardian.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardian.conf.rpmnew /etc/e2guardian/e2guardian.conf.default
309
[ -e /etc/e2guardian/e2guardianf1.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardianf1.conf.rpmnew /etc/e2guardian/e2guardianf1.conf.default
310
[ -e /etc/e2guardian/lists/urlregexplist.rpmnew ] && mv -f /etc/e2guardian/lists/urlregexplist.rpmnew /etc/e2guardian/lists/urlregexplist.default
311
[ -e /etc/e2guardian/lists/bannedregexpurllist.rpmnew ] && mv -f /etc/e2guardian/lists/bannedregexpurllist.rpmnew /etc/e2guardian/lists/bannedregexpurllist.default
312
[ -e /etc/vnstat.conf.rpmnew ] && mv -f /etc/vnstat.conf.rpmnew /etc/vnstat.conf.default
313
[ -e /etc/fail2ban/jail.conf.rpmnew ] && mv -f /etc/fail2ban/jail.conf.rpmnew /etc/fail2ban/jail.conf.default
314
[ -e /etc/ssh/sshd_config.rpmnew ] && mv -f /etc/ssh/sshd_config.rpmnew /etc/ssh/sshd_config.default
315
 
2941 rexy 316
exit 0