Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1349 → Rev 1350

/alcasar.sh
253,22 → 253,22
fi
# On crée aléatoirement les mots de passe et les secrets partagés
rm -f $PASSWD_FILE
grubpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # mot de passe de protection du menu Grub
echo -n "Password to protect the boot menu (GRUB) : " > $PASSWD_FILE
grubpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8`
echo -n "Password to protect the GRUB boot menu (!!!qwerty keyboard) : " > $PASSWD_FILE
echo "$grubpwd" >> $PASSWD_FILE
md5_grubpwd=`/usr/bin/openssl passwd -1 $grubpwd`
$SED "/^password.*/d" /boot/grub/menu.lst
$SED "1ipassword --md5 $md5_grubpwd" /boot/grub/menu.lst
mysqlpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # mot de passe de l'administrateur Mysqld
mysqlpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8`
echo -n "Name and password of Mysql/mariadb administrator : " >> $PASSWD_FILE
echo "root / $mysqlpwd" >> $PASSWD_FILE
radiuspwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # mot de passe de l'utilisateur Mysqld (utilisé par freeradius)
radiuspwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8`
echo -n "Name and password of Mysql/mariadb user : " >> $PASSWD_FILE
echo "$DB_USER / $radiuspwd" >> $PASSWD_FILE
secretuam=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # secret partagé entre intercept.php et coova-chilli
secretuam=`cat /dev/urandom | tr -dc [:alnum:] | head -c8`
echo -n "Shared secret between the script 'intercept.php' and coova-chilli : " >> $PASSWD_FILE
echo "$secretuam" >> $PASSWD_FILE
secretradius=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # secret partagé entre coova-chilli et FreeRadius
secretradius=`cat /dev/urandom | tr -dc [:alnum:] | head -c8`
echo -n "Shared secret between coova-chilli and FreeRadius : " >> $PASSWD_FILE
echo "$secretradius" >> $PASSWD_FILE
chmod 640 $PASSWD_FILE
395,7 → 395,7
[ -e /etc/hosts.default ] || cp /etc/hosts /etc/hosts.default
cat <<EOF > /etc/hosts
127.0.0.1 localhost
$PRIVATE_IP $HOSTNAME.$DOMAIN
$PRIVATE_IP $HOSTNAME.$DOMAIN $HOSTNAME $ORGANISME $ORGANISME.$DOMAIN
EOF
# Config EXTIF (Internet)
cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$EXTIF
582,7 → 582,7
chmod 755 $DIR_DEST_ETC/digest
until [ -s $DIR_DEST_ETC/digest/key_admin ]
do
/usr/sbin/htdigest -c $DIR_DEST_ETC/digest/key_admin $HOSTNAME.$DOMAIN $admin_portal
/usr/bin/htdigest -c $DIR_DEST_ETC/digest/key_admin $HOSTNAME.$DOMAIN $admin_portal
done
$DIR_DEST_SBIN/alcasar-profil.sh --list
fi
1603,7 → 1603,7
chmod 755 $DIR_DEST_ETC/digest
until [ -s $DIR_DEST_ETC/digest/key_admin ]
do
/usr/sbin/htdigest -c $DIR_DEST_ETC/digest/key_admin $HOSTNAME.$DOMAIN $admin_portal
/usr/bin/htdigest -c $DIR_DEST_ETC/digest/key_admin $HOSTNAME.$DOMAIN $admin_portal
done
$DIR_DEST_SBIN/alcasar-profil.sh --list
fi
/scripts/alcasar-urpmi.sh
12,7 → 12,7
VERSION="4"
ARCH="i586"
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
PACKAGES="freeradius freeradius-mysql freeradius-ldap freeradius-web apache apache-mod_ssl apache-mod_php dansguardian ipset postfix mariadb ntp bind-utils openssh-server php-mysqli php-xml php-ldap php-mysql php-mbstring php-sockets rng-utils dnsmasq rsync clamav perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd man pm-fallback-policy gammu usbutils locales-en "
PACKAGES="freeradius freeradius-mysql freeradius-ldap freeradius-web apache apache-mod_ssl apache-mod_php dansguardian postfix mariadb ntp bind-utils openssh-server php-xml php-ldap php-mysql php-mbstring php-sockets rng-utils dnsmasq rsync clamav perl-rrdtool perl-MailTools perl-Socket6 fail2ban gnupg ulogd man"
 
rpm_repository_sync ()
{
91,51 → 91,54
fi
# We prefer wget than curl
urpmi --no-verify-rpm --auto conf/rpms/$ARCH/wget*.rpm
# Set the RPM repository
MIRROR_NBR=2
# For Europeans
MIRRORLIST1="http://www.mirrorservice.org/sites/mageia.org/pub/mageia/distrib/$VERSION/$ARCH"
# For International install
MIRRORLIST2="http://mirrors.mageia.org/api/mageia.$VERSION.$ARCH.list"
try_nb="0"; nb_repository="0"
while [ "$nb_repository" != "2" ]
do
try_nb=`expr $try_nb + 1`
MIRRORLIST="MIRRORLIST$try_nb"
rpm_repository_sync
nb_repository=`cat /etc/urpmi/urpmi.cfg|grep mirrorlist|wc -l`
if [ "$nb_repository" != "2" ]
# Set the RPM repository (if not already set)
ACTIVE_REPO=`cat /etc/urpmi/urpmi.cfg|grep key-ids|wc -l`
if [ "$ACTIVE_REPO" != "2" ]
then
if [ $Lang == "fr" ]
then
echo "Une erreur a été détectée lors de la synchronisation avec le dépot N°$try_nb."
else
echo "An error occurs when synchronising the repositories N°$try_nb"
fi
if [ $(expr $try_nb) -eq $MIRROR_NBR ]
MIRROR_NBR=2
# For Europeans
MIRRORLIST1="http://www.mirrorservice.org/sites/mageia.org/pub/mageia/distrib/$VERSION/$ARCH"
# For International install
MIRRORLIST2="http://mirrors.mageia.org/api/mageia.$VERSION.$ARCH.list"
try_nb="0"; nb_repository="0"
while [ "$nb_repository" != "2" ]
do
try_nb=`expr $try_nb + 1`
MIRRORLIST="MIRRORLIST$try_nb"
rpm_repository_sync
nb_repository=`cat /etc/urpmi/urpmi.cfg|grep mirrorlist|wc -l`
if [ "$nb_repository" != "2" ]
then
rpm_error
if [ $Lang == "fr" ]
then
echo "Une erreur a été détectée lors de la synchronisation avec le dépot N°$try_nb."
else
echo "An error occurs when synchronising the repositories N°$try_nb"
fi
if [ $(expr $try_nb) -eq $MIRROR_NBR ]
then
rpm_error
exit 1
fi
if [ $Lang == "fr" ]
then
echo "Voulez-vous tenter une synchronisation avec un autre dépôt?"
else
echo "Do you wan't to try a synchronisation with an other repository?"
fi
response=0
PTN='^[oOnNyY]$'
until [[ $(expr $response : $PTN) -gt 0 ]]
do
read response
done
if [ "$response" = "n" ] || [ "$response" = "N" ]
then
exit 1
fi
fi
if [ $Lang == "fr" ]
then
echo "Voulez-vous tenter une synchronisation avec un autre dépôt?"
else
echo "Do you wan't to try a synchronisation with an other repository?"
fi
response=0
PTN='^[oOnNyY]$'
until [[ $(expr $response : $PTN) -gt 0 ]]
do
read response
done
if [ "$response" = "n" ] || [ "$response" = "N" ]
then
exit 1
fi
fi
done
 
done
fi
# download updated RPM in cache
if [ $Lang == "fr" ]
then