84,6 → 84,7 |
# backup conf files (main conf file, filtering, digest, etc.) |
mkdir $DIR_UPDATE/etc/ |
cp -rf $DIR_ETC/* $DIR_UPDATE/etc/ |
cp -f /etc/hosts $DIR_UPDATE/etc/ |
# backup of the security certificates (server & CA) |
cp -f /etc/pki/tls/certs/alcasar.crt* $DIR_UPDATE |
cp -f /etc/pki/tls/private/alcasar.key* $DIR_UPDATE |
110,7 → 111,7 |
MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1` |
MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2` |
UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3|cut -c1` |
for line in `cat $DIR_UPDATE/etc/alcasar.conf | grep "=" | grep -v "^#" | grep -v " "| grep -v "VERSION"` |
for line in `cat $DIR_UPDATE/etc/alcasar.conf | grep "=" | grep -v "^#" | grep -v " "| grep -v "VERSION" |grep -v "INSTALL_DATE"|grep -v "PUBLIC"|grep -v "GW"|grep -v "DNS"|grep -v "SMS"` |
do |
key=`echo $line | cut -d"=" -f1` |
key=$key= |
117,7 → 118,6 |
value=`echo $line|cut -d"=" -f2-` |
if [ "$value" != "" ] |
then |
echo "key = $key ; value = $value" |
sed -i "s?^$key.*?$key$value?g" /usr/local/etc/alcasar.conf |
fi |
done |
133,16 → 133,25 |
cp -f $DIR_UPDATE/alcasar.key /etc/pki/tls/private/ |
cp -f $DIR_UPDATE/alcasar.pem /etc/pki/tls/private/ |
[ -e $DIR_UPDATE/server-chain.pem ] && cp -f $DIR_UPDATE/server-chain.pem /etc/pki/tls/certs/ # autosigned and official if exist |
chmod 755 /etc/pki/ |
chown root:apache /etc/pki/CA; chmod 750 /etc/pki/CA |
chmod 640 /etc/pki/CA/* |
chown root:apache /etc/pki/CA/alcasar-ca.crt; chmod 640 /etc/pki/CA/alcasar-ca.crt |
chown root:root /etc/pki/CA/private; chmod 700 /etc/pki/CA/private |
chmod 600 /etc/pki/CA/private/* |
chown -R root:apache /etc/pki/tls/private; chmod 750 /etc/pki/tls/private |
chmod 640 /etc/pki/tls/private/* |
chmod 644 /etc/pki/tls/certs/* # "freshclam" need to access to that bundle |
# Import of the users database |
$DIR_BIN/alcasar-mysql.sh --import "$(ls $DIR_UPDATE/alcasar-users-database*)" |
# Retrieve local parameters |
#TODO cp -rf $DIR_UPDATE/etc/* $DIR_ETC/ |
[ -d $DIR_UPDATE/etc/digest ] && cp -rf $DIR_UPDATE/etc/digest $DIR_ETC/ # ACC accounts |
[ -e $DIR_UPDATE/etc/alcasar-iptables-local.sh ] && cp -f $DIR_UPDATE/etc/alcasar-iptables-local.sh $DIR_ETC/ # local FW rules |
[ -e $DIR_UPDATE/etc/alcasar-iptables-local-mac-filtered ] && cp -f $DIR_UPDATE/etc/alcasar-iptables-local-mac-filtered $DIR_ETC/ # blocked MAC addresses |
[ -e $DIR_UPDATE/etc/alcasar-uamdomain ] && cp -f $DIR_UPDATE/etc/alcasar-uamdomain $DIR_ETC/ # exception domain names |
[ -e $DIR_UPDATE/etc/alcasar-uamallowed ] && cp -f $DIR_UPDATE/etc/alcasar-uamallowed $DIR_ETC/ # exception IP_addresses or network_IP_addresses |
[ -e $DIR_UPDATE/etc/alcasar-ethers ] && cp -f $DIR_UPDATE/etc/alcasar-ethers $DIR_ETC/ # DHCP static hosts |
[ -e $DIR_UPDATE/etc/alcasar-ethers-info ] && cp -f $DIR_UPDATE/etc/alcasar-ethers-info $DIR_ETC/ # DHCP static hosts information |
[ -e $DIR_UPDATE/etc/hosts ] && cp -f $DIR_UPDATE/etc/hosts /etc/ && $DIR_BIN/alcasar-dns-local.sh -hosts_to_unbound # local hosts name |
# Retrieve BL/WL custom files |
cp -f $DIR_UPDATE/custom_bl/exceptioniplist $DIR_E2G/ |
cp -f $DIR_UPDATE/custom_bl/exceptionsitelist $DIR_E2G/ |