Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2724 → Rev 2719

/CHANGELOG
3,7 → 3,7
********** ALCASAR CHANGELOG **********
-------------------- 3.4.0 --------------------
NEWS
- Replace 4 DNSmasq servers with Unbound
- Replace DNSmasq server with Unbound
- Add LDAPS (LDAP SSL) support.
- Add a global group named "default" for all users (the "ldap" group still exists for users authenticated through LDAP).
- Add LDAP filter.
/web/acc/admin/services.php
170,7 → 170,7
$MainServiceStatus['radiusd'] = checkServiceStatus("radiusd");
$MainServiceStatus['mysqld'] = checkServiceStatus("mysqld");
$MainServiceStatus['lighttpd'] = checkServiceStatus("lighttpd");
$MainServiceStatus['unbound'] = checkServiceStatus("unbound");
$MainServiceStatus['unbound'] = checkServiceStatus("unbound-forward");
$MainServiceStatus['ulogd_ssh'] = checkServiceStatus("ulogd-ssh");
$MainServiceStatus['ulogd_ext_access'] = checkServiceStatus("ulogd-ext-access");
$MainServiceStatus['ulogd_traceability'] = checkServiceStatus("ulogd-traceability");
/alcasar.sh
84,7 → 84,7
SED="/bin/sed -i"
# ****************** End of global parameters *********************
 
license()
license ()
{
if [ $Lang == "fr" ]
then
106,9 → 106,9
then
exit 1
fi
} # End of license()
}
 
header_install()
header_install ()
{
clear
echo "-----------------------------------------------------------------------------"
115,7 → 115,7
echo " ALCASAR V$VERSION Installation"
echo "Application Libre pour le Contrôle d'Accès Sécurisé et Authentifié au Réseau"
echo "-----------------------------------------------------------------------------"
} # End of header_install()
}
 
########################################################
## Function "testing" ##
124,7 → 124,7
## - Test free space on /var (>10G) ##
## - Test Internet access ##
########################################################
testing()
testing ()
{
# Test of Mageia version
# extract the current Mageia version and hardware architecture (i586 ou X64)
255,7 → 255,7
 
if [ -z "$INTIF" ]; then
interfacesList=$(/usr/sbin/ip -br link show | cut -d' ' -f1 | grep -v "^\(lo\|tun0\|$EXTIF\)\$")
interfacesCount=$(echo "$interfacesList" | wc -w)
interfacesCount=$(echo "$interfacesList" | wc -l)
if [ $interfacesCount -eq 0 ]; then
if [ "$Lang" == 'fr' ]
then echo "Aucune interface de disponible pour le réseau interne"
267,6 → 267,7
else
interfacesSorted=$(/usr/sbin/ip -br addr | grep -v "^\(lo\|tun0\|$EXTIF\) " | sort -b -k3n -k2r -k1)
interfacePreferred=$(echo "$interfacesSorted" | head -1 | cut -d' ' -f1)
 
if [ "$Lang" == 'fr' ]
then echo 'Liste des interfaces disponible :'
else echo 'List of available interfaces:'
415,7 → 416,7
exit 1
fi
echo ". : ok"
} # End of testing()
} # end of testing ()
 
#######################################################################
## Function "init" ##
422,7 → 423,7
## - Creation of ALCASAR conf file "/usr/local/etc/alcasar.conf ##
## - Creation of random password for GRUB, mariadb (admin and user) ##
#######################################################################
init()
init ()
{
if [ "$mode" != "update" ]
then
493,7 → 494,7
DOMAIN=$DOMAIN
EOF
chmod o-rwx $CONF_FILE
} # End of init()
} # End of init ()
 
#########################################################
## Function "network" ##
503,7 → 504,7
## - Write "/etc/hosts" file ##
## - write "hosts.allow" & "hosts.deny" files ##
#########################################################
network()
network ()
{
header_install
if [ "$mode" != "update" ]
760,7 → 761,7
$SED "s?\[ -f \$IPTABLES_CONFIG \] .*?#&?" /usr/libexec/iptables.init # comment the test (flush all rules & policies)
#
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh
} # End of network()
} # End of network ()
 
###################################################
## Function "ACC" ##
769,7 → 770,7
## - creation of the first ACC admin account ##
## - secure the ACC access ##
###################################################
ACC()
ACC ()
{
[ -d $DIR_WEB ] && rm -rf $DIR_WEB
mkdir $DIR_WEB
875,24 → 876,24
[ -e /var/Save/security/acc_access.log ] || touch /var/Save/security/acc_access.log
chown root:apache /var/Save/security/acc_access.log
chmod 664 /var/Save/security/acc_access.log
} # End of ACC()
} # End of ACC ()
 
##################################################################
## Fonction "CA" ##
## - Creating the CA and the server certificate (lighttpd) ##
##################################################################
CA()
CA ()
{
$DIR_DEST_BIN/alcasar-CA.sh
chown -R root:apache /etc/pki
chmod -R 750 /etc/pki
} # End of CA()
} # End of CA ()
 
#############################################################
## Function "time_server" ##
## - Configuring NTP server ##
#############################################################
time_server()
time_server ()
{
# Set the Internet time server
[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default
917,7 → 918,7
chown -R ntp:ntp /var/lib/ntp
# Synchronize now
ntpd -4 -q -g &
} # End of time_server()
} # End of time_server ()
 
#####################################################################
## Function "init_db" ##
927,7 → 928,7
## - Radius database creation ##
## - Copy of accounting tables (mtotacct, totacct) & userinfo ##
#####################################################################
init_db()
init_db ()
{
if [ "`systemctl is-active mysqld`" == "active" ]
then
940,7 → 941,6
$SED "s?^;collation_server =.*?collation_server = utf8_unicode_ci?g" /etc/my.cnf
$SED "s?^;character_set_server =.*?character_set_server = utf8?g" /etc/my.cnf # accentuated user names are allowed
[ -e /etc/my.cnf.d/feedback.cnf ] && $SED "s?^plugin-load.*?#&?g" /etc/my.cnf.d/feedback.cnf # remove the feedback plugin (ALCASAR doesn't report anything !)
[ -e /etc/my.cnf.d/auth_gssapi.cnf ] && $SED "s?^plugin-load.*?#&?g" /etc/my.cnf.d/auth_gssapi.cnf # remove GSS plugin (ALCASAR doesn't use Kerberos)
/usr/sbin/mysqld-prepare-db-dir > /dev/null 2>&1
/usr/bin/systemctl set-environment MYSQLD_OPTS="--skip-grant-tables --skip-networking"
/usr/bin/systemctl start mysqld
957,6 → 957,7
fi
# Secure the server
/usr/bin/mysql --execute "GRANT ALL PRIVILEGES ON *.* TO root@'localhost' IDENTIFIED BY '$mysqlpwd';"
 
MYSQL="/usr/bin/mysql -uroot -p$mysqlpwd --execute"
$MYSQL "DROP DATABASE IF EXISTS test;DROP DATABASE IF EXISTS tmp;"
$MYSQL "CONNECT mysql;DELETE from user where User='';DELETE FROM user WHERE User='root' AND Host NOT IN ('localhost','127.0.0.1','::1');FLUSH PRIVILEGES;"
970,7 → 971,7
$SED "/^ExecStop=/a ExecStartPost=$DIR_DEST_BIN/alcasar-mysql.sh -acct_stop" /lib/systemd/system/mysqld.service
/usr/bin/systemctl unset-environment MYSQLD_OPTS
/usr/bin/systemctl daemon-reload
} # End of init_db()
} # End of init_db ()
 
###################################################################
## Function "freeradius" ##
978,7 → 979,7
## - Set the shared secret between coova-chilli and freeradius ##
## - Adapt the Mysql conf file and counters ##
###################################################################
freeradius()
freeradius ()
{
cp -f $DIR_CONF/empty-radiusd-db.sql /etc/raddb/
chown -R radius:radius /etc/raddb
1048,7 → 1049,7
/usr/bin/systemctl daemon-reload
# Allow apache to change some conf files (ie : ldap on/off)
chgrp apache /etc/raddb /etc/raddb/sites-available /etc/raddb/mods-available
} # End of freeradius()
} # End freeradius ()
 
#############################################################################
## Function "chilli" ##
1055,7 → 1056,7
## - Creation of the conf file and init file (systemd) for coova-chilli ##
## - Adapt the authentication web page (intercept.php) ##
#############################################################################
chilli()
chilli ()
{
# chilli unit for systemd
cat << EOF > /lib/systemd/system/chilli.service
1246,13 → 1247,13
fi
groupadd -f chilli
useradd -r -g chilli -s /bin/false -c "system user for coova-chilli" chilli
} # End of chilli()
} # End of chilli ()
 
################################################################
## Function "e2guardian" ##
## - Set the parameters of this HTML proxy (as controler) ##
################################################################
e2guardian()
e2guardian ()
{
mkdir -p /var/e2guardian /var/log/e2guardian
chown -R e2guardian /var/e2guardian /var/log/e2guardian
1307,13 → 1308,13
# Keep a copy of URL & domain filter configuration files
[ -e $DIR_DG/lists/bannedsitelist.default ] || mv $DIR_DG/lists/bannedsitelist $DIR_DG/lists/bannedsitelist.default
[ -e $DIR_DG/lists/bannedurllist.default ] || mv $DIR_DG/lists/bannedurllist $DIR_DG/lists/bannedurllist.default
} # End of e2guardian()
} # End of e2guardian ()
 
##################################################################
## Function "antivirus" ##
## - Set the parameters of havp, libclamav and freshclam ##
##################################################################
antivirus()
antivirus ()
{
# create 'havp' user
havp_exist=`grep -c ^havp: /etc/passwd`
1361,13 → 1362,13
$SED "s?MaxAttempts.*?MaxAttempts 3?g" /etc/freshclam.conf
# update now
/usr/bin/freshclam --no-warnings
} # End of antivirus()
} # End of antivirus ()
 
################################################################################
## Function "tinyproxy" ##
## - Set the parameters of tinyproxy (proxy between filtered users and havp) ##
################################################################################
tinyproxy()
tinyproxy ()
{
tinyproxy_exist=`grep -c ^tinyproxy: /etc/passwd`
if [ "$tinyproxy_exist" == "1" ]
1416,13 → 1417,12
WantedBy=multi-user.target
EOF
 
} # end of tinyproxy()
 
##############################################################
## function "ulogd" ##
## - Ulog config for multi-log files ##
##############################################################
ulogd()
} # end of tinyproxy
##############################################################################
## function "ulogd" ##
## - Ulog config for multi-log files ##
##############################################################################
ulogd ()
{
# Three instances of ulogd (three different logfiles)
[ -d /var/log/firewall ] || mkdir -p /var/log/firewall
1444,8 → 1444,9
chown -R root:apache /var/log/firewall
chmod 750 /var/log/firewall
chmod 640 /var/log/firewall/*
} # End of ulogd()
} # End of ulogd ()
 
 
##########################################################
## Function "nfsen" ##
## - install the nfsen grapher ##
1511,19 → 1512,19
# cp $DIR_CONF/nfsen/GeoLiteCity* /tmp/
# tar xzf /tmp/SURFmap_*.tar.gz -C /tmp/
# cd /tmp/
# /usr/bin/sh SURFmap/install.sh (no more used since Google sells the access to googleMap API)
# /usr/bin/sh SURFmap/install.sh
# clear the installation
# rm -rf /tmp/SURFmap*
rm -rf /tmp/nfsen-*
cd $DirTmp || { echo "Unable to find $DirTmp directory"; exit 1; }
chown -R apache:apache /var/www/html/acc/manager/nfsen /usr/share/nfsen /var/log/nfsen
} # End of nfsen()
} # End of nfsen ()
 
###########################################################
## Function "vnstat" ##
## - Initialization of Vnstat and vnstat phpFrontEnd ##
###########################################################
vnstat()
vnstat ()
{
[ -e /etc/vnstat.conf.default ] || cp /etc/vnstat.conf /etc/vnstat.conf.default
$SED "s?^Interface.*?Interface \"$EXTIF\"?g" /etc/vnstat.conf
1532,17 → 1533,18
$SED "s?\$iface_list =.*?\$iface_list = array('$EXTIF');?" $DIR_ACC/manager/stats/config.php
$SED "s?\$iface_title\['.*?\$iface_title\['$EXTIF'\] = \$title;?" $DIR_ACC/manager/stats/config.php
/usr/bin/vnstat -i $EXTIF -u --force
} # End of vnstat()
} # End of vnstat
 
###################################################################
## Function "dnsmasq" ##
## - creation of the conf files of dnsmasq (whitelist for ipset )##
###################################################################
dnsmasq()
##################################################################
## Function "dnsmasq" ##
## - creation of the conf files of the 4 intances of dnsmasq ##
## - creation of the file managing domain name (local & remote) ##
##################################################################
dnsmasq ()
{
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
[ -e /etc/dnsmasq.conf.default ] || mv /etc/dnsmasq.conf /etc/dnsmasq.conf.default
# dnsmasq listen on udp 55 ("dnsmasq with whitelist")
# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelist")
cat << EOF > /etc/dnsmasq-whitelist.conf
# Configuration file for "dnsmasq with whitelist"
# ADD Toulouse university whitelist domains
1560,18 → 1562,17
server=$DNS1
server=$DNS2
EOF
 
# Create dnsmasq-whitelist unit
mv /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq.service.default
cp /lib/systemd/system/dnsmasq.service.default /lib/systemd/system/dnsmasq-whitelist.service
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service
} # End of dnsmasq()
} # End dnsmasq
 
#########################################################
## Function "unbound" ##
## - create the conf files for 4 unbound services ##
## - create the systemd files for 4 unbound services ##
#########################################################
##################################################
## Function "unbound" ##
##################################################
unbound ()
{
[ -d /etc/unbound/conf.d ] || mkdir -p /etc/unbound/conf.d
1584,10 → 1585,11
[ -d /etc/unbound/conf.d/blackhole ] || mkdir /etc/unbound/conf.d/blackhole
[ -d /var/log/unbound ] || { mkdir /var/log/unbound; chown unbound:unbound /var/log/unbound; }
[ -e /etc/unbound/unbound.conf.default ] || cp /etc/unbound/unbound.conf /etc/unbound/unbound.conf.default
 
# Local static DNS configuration
[ -e /etc/unbound/conf.d/common/local-dns/global.conf ] || touch /etc/unbound/conf.d/common/local-dns/global.conf
 
# Forward zone configuration file for all unbound dns servers
# Forward zone configuration file for all unbound dns servers
cat << EOF > /etc/unbound/conf.d/common/forward-zone.conf
forward-zone:
name: "."
1595,7 → 1597,7
forward-addr: $DNS2
EOF
 
# Custom configuration file for manual DNS configuration
# Custom configuration file for manual DNS configuration
cat << EOF > /etc/unbound/conf.d/common/local-forward/custom.conf
## Ajouter un bloc pour chaque nom de domaine géré par un autre seveur DNS
## Add one block for each domain name managed by an other DNS server
1611,7 → 1613,7
## INFO : local hostnames are resolved in /etc/hosts file
EOF
 
# Configuration file of ALCASAR main domains for $INTIF
# Configuration file of ALCASAR main domains for $INTIF
cat << EOF > /etc/unbound/conf.d/common/local-dns/${INTIF}.conf
server:
local-zone: "$HOSTNAME.$DOMAIN" static
1622,7 → 1624,7
local-data: "$DOMAIN. A"
EOF
 
# Configuration file for lo of forward unbound
# Configuration file for lo of forward unbound
cat << EOF > /etc/unbound/conf.d/forward/iface.lo.conf
server:
interface: 127.0.0.1@53
1637,7 → 1639,7
view-first: yes
EOF
 
# Configuration file for $INTIF of forward unbound
# Configuration file for $INTIF of forward unbound
cat << EOF > /etc/unbound/conf.d/forward/iface.${INTIF}.conf
server:
interface: ${PRIVATE_IP}@53
1652,7 → 1654,7
view-first: yes
EOF
 
# Configuration file for forward unbound
# Configuration file for forward unbound
cat << EOF > /etc/unbound/unbound.conf
server:
verbosity: 1
1659,6 → 1661,7
hide-version: yes
hide-identity: yes
do-ip6: no
 
include: /etc/unbound/conf.d/common/forward-zone.conf
include: /etc/unbound/conf.d/common/local-forward/*
include: /etc/unbound/conf.d/common/local-dns/*
1665,7 → 1668,7
include: /etc/unbound/conf.d/forward/*
EOF
 
# Configuration file for $INTIF of blacklist unbound
# Configuration file for $INTIF of blacklist unbound
cat << EOF > /etc/unbound/conf.d/blacklist/iface.${INTIF}.conf
server:
interface: ${PRIVATE_IP}@54
1675,7 → 1678,7
access-control-tag-data: $PRIVATE_IP_MASK "blacklist" "A $PRIVATE_IP"
EOF
 
# Configuration file for blacklist unbound
# Configuration file for blacklist unbound
cat << EOF > /etc/unbound/unbound-blacklist.conf
server:
verbosity: 1
1686,14 → 1689,16
chroot: ""
define-tag: "blacklist"
log-local-actions: yes
 
include: /etc/unbound/conf.d/common/forward-zone.conf
include: /etc/unbound/conf.d/common/local-forward/*
include: /etc/unbound/conf.d/common/local-dns/*
include: /etc/unbound/conf.d/blacklist/*
 
include: /usr/local/share/unbound-bl-enabled/*
EOF
 
# Configuration file for $INTIF of whitelist unbound
# Configuration file for $INTIF of whitelist unbound
cat << EOF > /etc/unbound/conf.d/whitelist/iface.${INTIF}.conf
server:
interface: ${PRIVATE_IP}@55
1703,7 → 1708,7
access-control-tag-data: $PRIVATE_IP_MASK "whitelist" "A $PRIVATE_IP"
EOF
 
# Configuration file for whitelist unbound
# Configuration file for whitelist unbound
cat << EOF > /etc/unbound/unbound-whitelist.conf
server:
verbosity: 1
1712,18 → 1717,21
do-ip6: no
do-not-query-localhost: no
define-tag: "whitelist"
 
local-zone: "." transparent
local-zone-tag: "." "whitelist"
 
include: /usr/local/share/unbound-wl-enabled/*
include: /etc/unbound/conf.d/whitelist/*
include: /etc/unbound/conf.d/common/local-dns/*
include: /etc/unbound/conf.d/common/local-forward/*
 
forward-zone:
name: "."
forward-addr: 127.0.0.1@55
EOF
 
# Configuration file for $INTIF of blackhole unbound
# Configuration file for $INTIF of blackhole unbound
cat << EOF > /etc/unbound/conf.d/blackhole/iface.${INTIF}.conf
server:
interface: ${PRIVATE_IP}@56
1735,7 → 1743,7
local-data: ". A $PRIVATE_IP"
EOF
 
# Configuration file for blackhole unbound
# Configuration file for blackhole unbound
cat << EOF > /etc/unbound/unbound-blackhole.conf
server:
verbosity: 1
1742,6 → 1750,7
hide-version: yes
hide-identity: yes
do-ip6: no
 
include: /etc/unbound/conf.d/blackhole/*
include: /etc/unbound/conf.d/common/local-dns/*
include: /etc/unbound/conf.d/common/local-forward/*
1753,6 → 1762,7
fi
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/unbound -d -c /etc/unbound/unbound.conf?g" /lib/systemd/system/unbound.service
$SED "s?^After=.*?After=syslog.target network-online.target chilli.service?g" /lib/systemd/system/unbound.service
 
for list in blacklist blackhole whitelist
do
cp -f /lib/systemd/system/unbound.service /lib/systemd/system/unbound-$list.service
1759,15 → 1769,17
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/unbound -d -c /etc/unbound/unbound-$list.conf?g" /lib/systemd/system/unbound-$list.service
$SED "s?^PIDFile=.*?PIDFile=/var/run/unbound-$list.pid?g" /lib/systemd/system/unbound-$list.service
done
 
$SED "s?^After=.*?After=syslog.target network-online.target chilli.service dnsmasq-whitelist.service?g" /lib/systemd/system/unbound-whitelist.service
} # End of unbound()
} # End unbound
 
##################################################
## Function "dhcpd" ##
##################################################
dhcpd()
dhcpd ()
{
[ -e /etc/dhcpd.conf.default ] || cp /etc/dhcpd.conf /etc/dhcpd.conf.default
 
cat <<EOF > /etc/dhcpd.conf
ddns-update-style none;
subnet $PRIVATE_NETWORK netmask $PRIVATE_NETMASK {
1774,12 → 1786,13
option routers $PRIVATE_IP;
option subnet-mask $PRIVATE_NETMASK;
option domain-name-servers $PRIVATE_IP;
 
range dynamic-bootp $PRIVATE_SECOND_IP $PRIVATE_LAST_IP;
default-lease-time 21600;
max-lease-time 43200;
}
EOF
} # End of dhcpd()
}
 
##########################################################
## Function "BL" ##
1789,7 → 1802,7
## - URLs for E²guardian ##
## - IPs for NetFilter ##
##########################################################
BL()
BL ()
{
# copy the Toulouse university BL in order to be adapted to ALCASAR architecture (alcasar-bl.sh -adapt)
rm -rf $DIR_DG/lists/blacklists
1844,13 → 1857,13
# enable the default categories
$DIR_DEST_BIN/alcasar-bl.sh --cat_choice
rm -rf /tmp/blacklists
} # End of BL()
} # End BL()
 
#######################################################
## Function "cron" ##
## - write all cron & anacron files ##
#######################################################
cron()
cron ()
{
# 'crontab' with standard cron at midnight instead of 4:0 am (default)
[ -e /etc/crontab.default ] || cp /etc/crontab /etc/crontab.default
1926,7 → 1939,7
 
# removing the users crons
rm -f /var/spool/cron/*
} # End of cron()
} # End cron()
 
######################################################################
## Fonction "Fail2Ban" ##
1947,7 → 1960,7
$SED '/ExecStart=/a\ExecStop=/usr/bin/fail2ban-client stop' /usr/lib/systemd/system/fail2ban.service
$SED '/Type=/a\PIDFile=/var/run/fail2ban/fail2ban.pid' /usr/lib/systemd/system/fail2ban.service
$SED '/After=*/c After=syslog.target network.target lighttpd.service' /usr/lib/systemd/system/fail2ban.service
} # End of fail2ban()
} # End fail2ban()
 
#########################################################
## Fonction "gammu_smsd" ##
2036,7 → 2049,7
# Udev rule for fixing the enumeration of ttyUSB port on some MODEM (when they switch randomly the order of their ports at boot time)
# example : http://hintshop.ludvig.co.nz/show/persistent-names-usb-serial-devices/
 
} # End of gammu_smsd()
} # End gammu_smsd()
 
############################################################
## Fonction "msec" ##
2071,8 → 2084,9
/usr/sbin/msec
/etc/cron.weekly/msec
 
} # End of msec()
} # End msec()
 
 
##################################################################
## Fonction "letsencrypt" ##
## - Install Let's Encrypt client ##
2124,7 → 2138,7
cd $pwdInstall || { echo "Unable to find $pwdInstall directory"; exit 1; }
rm -rf /tmp/acme.sh-*
 
} # End of letsencrypt()
} # END letsencrypt()
 
##################################################################
## Fonction "post_install" ##
2338,7 → 2352,7
fi
clear
reboot
} # End of post_install()
} # End post_install ()
 
#####################################################################################
# Main Install loop #
2372,16 → 2386,10
exit 0
;;
-i | --install)
for func in license testing
do
header_install
$func
if [ $DEBUG_ALCASAR == "on" ]
then
echo "*** 'debug' : end of install '$func' ***"
read
fi
done
header_install
license
header_install
testing
# RPMs install
$DIR_SCRIPTS/alcasar-urpmi.sh
if [ "$?" != "0" ]
/VERSION
1,0 → 0,0
3.4b
3.3.3
/readme.txt
1,22 → 1,22
$Id: readme-2.0.txt 581 2011-04-21 16:59:59Z richard $
 
ALCASAR-3.4
Alcasar-3.3.3
 
*********** English **********
- New installation : Boot your system with the ISO file of ALCASAR. This ISO is a dedicated version of Linux Mageia (Linux Mageia + ALCASAR = Mageiar).
- New installation : Need the DVD of Linux Mageia6 (Mageia-6-x86_64-DVD.iso) or the ISO file of ALCASAR (Mageiar).
--> Follow ALCASAR installation documentation.
- Update ALCASAR 3.2 or higher
--> On your running ALCASAR, retrieve the last version of ALCASAR archive file "alcasar-x.y.z.tar.gz" (for example, with the command "lftp http://ftp.alcasar.net")
--> uncompress this archive and run it. During the installation process of this new version, choose "update"
- Update a 3.2 or higher
--> On your running ALCASAR, retrieve the last version of ALCASAR archive file (lftp http://ftp.alcasar.net)
--> Run the installation of the new version & choose "update"
- Update an older version
--> Save and store the users database of your current ALCASAR
--> Install the new version. Import the previous saved users database
--> Write network parameters of your running ALCASAR. Save the users database
--> Install the new version & import the old users database
*********** Français ********
- Nouvelle installation : Démarrez votre système avec l'image ISO d'ALCASAR. Cette ISO est une version dédiée de Linux Mageia (Linux MAgeia + ALCASAR = Mageiar).
--> Suivez la documentation d'installation d'ALCASAR.
- Nouvelle installation : elle s'effectue sur la base du DVD de Linux Mageia6 (Mageia-6-x86_64-DVD.iso) ou de l'image ISO d'ALCASAR (Mageiar).
--> Suivez la procédure d'installation d'ALCASAR.
- Mise à jour d'une version 3.2 ou supérieure
--> Sur votre ALCASAR en fonctionnement, copiez la dernière version du fichier archive d'ALCASAR "alcasar-x.y.z.tar.gz" (par exemple avec la commande "lftp http://ftp.alcasar.net")
--> Décompressez cette archive et lancez l'installation. Pendant le processus d'installation, choisissez "mise à jour"
--> Sur votre ALCASAR en fonctionnement, récupérez la dernière version du fichier archive d'ALCASAR (lftp http://ftp.alcasar.net)
--> Lancez l'installation de la nouvelle version et choisissez "mise à jour"
- Mise à jour d'une version plus ancienne
--> Sauvegardez et archivez la base des utilisateurs de votre ALCASAR
--> Installez la nouvelle version. Importez la base des utilisateurs précédemment archivée.
--> Notez les paramètres réseau de votre ALCASAR en fonctionnement. Sauvegardez la base des utilisateurs
--> Installez la nouvelle version et importez l'ancienne base des utilisateurs