| 58,25 → 58,12 |
|---|
| function archive() { |
| mkdir -p $DIR_ARCHIVE |
| mkdir -p $DIR_TMP |
| nb_files=`ls $DIR_LOG/firewall/tracability.log*.gz 2>/dev/null | wc -w` |
| if [ $nb_files -ne 0 ]; then |
| mv $(echo $(ls -rt $DIR_LOG/firewall/tracability.log*.gz | tail -n 1 -)) $DIR_TMP/tracability-HTTP.log-$NOW.gz |
| fi |
| nb_files=`ls $DIR_BASE/radius-*.sql 2>/dev/null | wc -w` |
| if [ $nb_files -ne 0 ]; then |
| mv $(echo $(ls -rt $DIR_BASE/radius-*.sql | tail -n 1 -)) $DIR_TMP/ |
| fi |
| mv $(echo $(ls -rt $DIR_LOG/firewall/tracability.log*.gz | tail -n 1 -)) $DIR_TMP/tracability-HTTP.log-$NOW.gz |
| mv $(echo $(ls -rt $DIR_BASE/radius-*.sql | tail -n 1 -)) $DIR_TMP/ |
| cd /var/log/nfsen/profiles-data/live/ipt_netflow |
| nb_files=`find . -mtime -7 -name 'nfcapd.[0-9]*' | wc -l` |
| if [ $nb_files -ne 0 ]; then |
| find . -mtime -7 -name 'nfcapd.[0-9]*' | xargs tar -cf $DIR_TMP/tracability-ALL.log-$NOW.tar; |
| fi |
| find . -mtime -7 -name 'nfcapd.[0-9]*' | xargs tar -cf $DIR_TMP/tracability-ALL.log-$NOW.tar; |
| cd /tmp/ |
| nb_files=`ls archive-$NOW/* 2>/dev/null | wc -w` |
| if [ $nb_files -ne 0 ]; then |
| tar cvzf /tmp/$FILE archive-$NOW/* |
| else echo "no file to archive" |
| fi |
| tar cvzf /tmp/$FILE archive-$NOW/* |
| } # end archive |
| |
| # Core script |
| 91,24 → 78,22 |
|---|
| --now | -n) |
| cleanup |
| archive |
| if [ -e /tmp/$FILE ]; then |
| if [ $CRYPT -eq "1" ]; then |
| { |
| # 1 ) chiffrement/signature =1 ==> gpg --encrypt avec test de la clé présente |
| gpg --output $DIR_ARCHIVE/$FILE-crypt.gpg --armor --encrypt --recipient $GPG_USER /tmp/$FILE |
| } |
| elif [ $SIGN -eq "1" ]; then |
| { |
| # 2) signature = 1 Chiffrement = 0 --> gpg --encrypt idem test de la clé présente |
| gpg --output $DIR_ARCHIVE/$FILE-sign.gpg --sign --recipient $GPG_USER /tmp/$FILE |
| gpg --output $DIR_ARCHIVE/$FILE-sign.gpg --sign --recipient $GPG_USER --detach-sign /tmp/$FILE |
| } |
| else |
| { |
| # 3) chiffrement/signature = 0 --> cp simple avec suppression des droits d'écriture |
| cp /tmp/$FILE $DIR_ARCHIVE/. |
| } |
| fi |
| if [ $CRYPT -eq "1" ]; then |
| { |
| # 1 ) chiffrement/signature =1 ==> gpg --encrypt avec test de la clé présente |
| gpg --output $DIR_ARCHIVE/$FILE-crypt.gpg --armor --encrypt --recipient $GPG_USER /tmp/$FILE |
| } |
| elif [ $SIGN -eq "1" ]; then |
| { |
| # 2) signature = 1 Chiffrement = 0 --> gpg --encrypt idem test de la clé présente |
| gpg --output $DIR_ARCHIVE/$FILE-sign.gpg --sign --recipient $GPG_USER /tmp/$FILE |
| gpg --output $DIR_ARCHIVE/$FILE-sign.gpg --sign --recipient $GPG_USER --detach-sign /tmp/$FILE |
| } |
| else |
| { |
| # 3) chiffrement/signature = 0 --> cp simple avec suppression des droits d'écriture |
| cp /tmp/$FILE $DIR_ARCHIVE/. |
| } |
| fi |
| rm -rf /tmp/archive-* |
| chown root:apache $DIR_ARCHIVE/* |