WebSVN – ALCASAR – Path Comparison – /

Ignore whitespace Rev 108 → Rev 109

 /alcasar.sh
 ,7 → 393,6
 USERCTL=no
 EOF
 # Configuration du serveur de temps
-        echo "synchronisation horaire ..."
         [ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default
         cat <<EOF > /etc/ntp.conf
 server 0.fr.pool.ntp.org
 ,7 → 405,6
 logfile /var/log/ntp.log
 EOF
         chown -R ntp:ntp /etc/ntp
-ntpd -q -g &
 # Configuration du serveur dhcpd de secours (mode bypass)
         [ -e /etc/dhcpd.conf.default ] || cp /etc/dhcpd.conf /etc/dhcpd.conf.default 2> /dev/null
         cat <<EOF > /etc/dhcpd.conf
 ,6 → 509,8
 # Création des fichiers de clés des deux autres profils (backup + manager) contenant ce compte
                 $DIR_DEST_SBIN/alcasar-profil.sh -list
         fi
+# synchronisation horaire
+        ntpd -q -g &
 # Sécurisation du centre
         rm -f /etc/httpd/conf/webapps.d/*
         cat <<EOF > /etc/httpd/conf/webapps.d/alcasar.conf
 ,27 → 933,29
 ##################################################################
 ##                      Fonction antivirus                      ##
-## - mise en place havp + clamav                                ##
+## - configuration havp + clamav                                ##
 ##################################################################
 antivirus ()
 {
 # création de la partition de stockage temporaire (100Mo)
-useradd -r havp
-dd if=/dev/zero of=/tmp/havp-disk bs=1024k count=30
-mkfs.ext4 -qF /tmp/havp-disk
-mkdir /var/tmp/havp /var/log/havp /var/run/havp
-echo "# Entry for havp tmp files scan partition" >> /etc/fstab
-echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab
-mount /var/tmp/havp
-# copie et configuration d'HAVP
-cp $DIR_CONF/havp/havp $DIR_DEST_SBIN
-cp -r $DIR_CONF/havp/etc/havp $DIR_DEST_ETC
-cp $DIR_CONF/havp/etc/init.d/havp /etc/init.d/
-chkconfig --level 345 havp on
-chkconfig --level 01267 havp off
-chown -R havp.havp /var/tmp/havp /var/log/havp /var/run/havp
-chown -R havp.apache $DIR_DEST_ETC/havp
-chmod  770 $DIR_DEST_ETC/havp
+        dd if=/dev/zero of=/tmp/havp-disk bs=1024k count=30
+        mkfs.ext4 -qF /tmp/havp-disk
+        mkdir /var/tmp/havp
+        echo "# Entry for havp tmp files scan partition" >> /etc/fstab
+        echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab
+        mount /var/tmp/havp
+        chown -R havp /var/tmp/havp
+# configuration d'HAVP
+        [ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default
+        $SED "/^REMOVETHISLINE/d" /etc/havp/havp.config
+        $SED "s?^# PARENTPROXY.*?PARENTPROXY 127.0.0.1?g" /etc/havp/havp.config
+        $SED "s?^# PARENTPORT.*?PARENTPORT 3128?g" /etc/havp/havp.config
+        $SED "s?^# PORT.*?PORT 8090?g" /etc/havp/havp.config
+        $SED "s?^# BIND_ADDRESS.*?BIND_ADDRESS 127.0.0.1?g" /etc/havp/havp.config
+        $SED "s?^ENABLECLAMLIB.*?ENABLECLAMLIB true?g" /etc/havp/havp.config
+# mise à jour de la base antivirale de clamav toutes les 2 heures
+        $SED "s?^Checks.*?Checks 12?g" /etc/freshclam.conf
+        $SED "s?^NotifyClamd.*?# NotifyClamd /etc/clamd.conf?g" /etc/freshclam.conf
 }
 ##################################################################################
 ,7 → 1170,7
         chmod 644 /etc/logrotate.d/*
 # processus lancés par défaut au démarrage
         $SED "s?^# chkconfig:.*?# chkconfig: 345 11 90?g" /etc/init.d/mysqld  # pour éviter les alertes de dépendance de services (netfs)
-        for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named
+        for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named havp freshclam
         do
                 /sbin/chkconfig --add $i
         done

/conf/rpms/i586/havp-0.91-1.i586.rpm
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property

/conf/rpms/x86_64/havp-0.91-1.x86_64.rpm
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+application/octet-stream
\ No newline at end of property

/CHANGELOG
1,5 → 1,6
# $Id$
********** CHANGELOG *********
10/05/10 - création RPM 35b et 64b d'havp. Adaptation des scripts.
15/04/10 - intégration havp + clamav
14/04/10 - remplacement de valeur DNS1 et DNS2 quand valeur= vide ; testé
05/04/10 - Réécriture de la procédure d'installation des RPM (téléchargement et test avant install)

 /scripts/alcasar-conf.sh
 ,8 → 90,6
                 cp -rf $DIR_UPDATE/etc/* $DIR_DEST_ETC/
                 chown root:apache $DIR_DEST_ETC/*
                 chmod 660 $DIR_DEST_ETC/*
-                chown havp:apache $DIR_DEST_ETC/havp
-                chmod 770 $DIR_DEST_ETC/havp
                 rm -rf $DIR_UPDATE
                 ;;
         *)

 /scripts/sbin/alcasar-uninstall.sh
 ,17 → 99,22
 [ -d /etc/dansguardian/lists/blacklists.default ] && mv -f /etc/dansguardian/lists/blacklists.default /etc/dansguardian/lists/blacklists && echo -n "10"
 sleep 1
 #antivirus
-echo -en "\n-11 antivirus(6) : "
+echo -en "\n-11 antivirus(5) : "
 if [ -e /etc/init.d/havp ]
 then
-        chkconfig --del havp && echo -n "1, "
-        umount /var/tmp/havp && echo -n "2, "
+        umount /var/tmp/havp && echo -n "1, "
         sleep 1
-        rm -rf /var/tmp/havp /var/log/havp /var/run/havp /usr/local/etc/havp && echo -n "3, "
-        rm -f /tmp/havp-disk && echo -n "4, "
+        rm -rf /var/tmp/havp && echo -n "2, "
+        rm -f /tmp/havp-disk && echo -n "3, "
         $SED "/^# Entry for havp/d" /etc/fstab
-        $SED "/^\/tmp\/havp-disk/d" /etc/fstab && echo -n "5, "
-        userdel havp && echo -n "6"
+        $SED "/^\/tmp\/havp-disk/d" /etc/fstab && echo -n "4, "
+        [ -e /etc/havp/havp.conf.default ] && mv /etc/havp/havp.conf.default /etc/havp/havp.conf && echo -n "5"
+        if [ -e /usr/local/sbin/havp ] # on traite la version 1.9a
+        then
+                rm -rf /usr/local/etc/havp
+                rm -rf /usr/local/sbin/havp
+                userdel -r havp
+        fi
 else    echo -n "non installé"
 fi
 sleep 1

 /scripts/alcasar-watchdog.sh
 ,7 → 18,7
         do
                 noresponse_ip=`echo $noresponse | cut -d" " -f1`
                 noresponse_mac=`echo $noresponse | cut -d" " -f2`
-                arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 $noresponse_ip|grep response|cut -d" " -f2`
+                arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c1 -w4 $noresponse_ip|grep response|cut -d" " -f2`
                 if [[ $(expr $arp_reply) -eq 0 ]]
                 then
                         logger "alcasar-watchdog $noresponse_ip ($noresponse_mac) reste muette. On déconnecte."
 ,10 → 33,10
         active_ip=`echo $system |cut -d" " -f2`
         active_session=`echo $system |cut -d" " -f5`
         active_mac=`echo $system | cut -d" " -f1`
-# on ne traite que les équipements exploitées par un usager authentifié
+# on ne traite que les équipements exploitées par un usager authentifié (test de 2 réponses en 4 secondes)
 if [[ $(expr $active_session) -eq 1 ]]
         then
-        arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c2 $active_ip|grep response|cut -d" " -f2`
+        arp_reply=`/usr/sbin/arping -b -I$INTIF -s$PRIVATE_IP -c2 -w4 $active_ip|grep response|cut -d" " -f2`
 # on stocke les adresses IP des stations muettes
         if [[ $(expr $arp_reply) -eq 0 ]]
                 then

Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 108 → Rev 109