| 393,7 → 393,6 |
|---|
| USERCTL=no |
| EOF |
| # Configuration du serveur de temps |
| echo "synchronisation horaire ..." |
| [ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default |
| cat <<EOF > /etc/ntp.conf |
| server 0.fr.pool.ntp.org |
| 406,7 → 405,6 |
|---|
| logfile /var/log/ntp.log |
| EOF |
| chown -R ntp:ntp /etc/ntp |
| ntpd -q -g & |
| # Configuration du serveur dhcpd de secours (mode bypass) |
| [ -e /etc/dhcpd.conf.default ] || cp /etc/dhcpd.conf /etc/dhcpd.conf.default 2> /dev/null |
| cat <<EOF > /etc/dhcpd.conf |
| 511,6 → 509,8 |
|---|
| # Création des fichiers de clés des deux autres profils (backup + manager) contenant ce compte |
| $DIR_DEST_SBIN/alcasar-profil.sh -list |
| fi |
| # synchronisation horaire |
| ntpd -q -g & |
| # Sécurisation du centre |
| rm -f /etc/httpd/conf/webapps.d/* |
| cat <<EOF > /etc/httpd/conf/webapps.d/alcasar.conf |
| 933,27 → 933,29 |
|---|
| |
| ################################################################## |
| ## Fonction antivirus ## |
| ## - mise en place havp + clamav ## |
| ## - configuration havp + clamav ## |
| ################################################################## |
| antivirus () |
| { |
| # création de la partition de stockage temporaire (100Mo) |
| useradd -r havp |
| dd if=/dev/zero of=/tmp/havp-disk bs=1024k count=30 |
| mkfs.ext4 -qF /tmp/havp-disk |
| mkdir /var/tmp/havp /var/log/havp /var/run/havp |
| echo "# Entry for havp tmp files scan partition" >> /etc/fstab |
| echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab |
| mount /var/tmp/havp |
| # copie et configuration d'HAVP |
| cp $DIR_CONF/havp/havp $DIR_DEST_SBIN |
| cp -r $DIR_CONF/havp/etc/havp $DIR_DEST_ETC |
| cp $DIR_CONF/havp/etc/init.d/havp /etc/init.d/ |
| chkconfig --level 345 havp on |
| chkconfig --level 01267 havp off |
| chown -R havp.havp /var/tmp/havp /var/log/havp /var/run/havp |
| chown -R havp.apache $DIR_DEST_ETC/havp |
| chmod 770 $DIR_DEST_ETC/havp |
| dd if=/dev/zero of=/tmp/havp-disk bs=1024k count=30 |
| mkfs.ext4 -qF /tmp/havp-disk |
| mkdir /var/tmp/havp |
| echo "# Entry for havp tmp files scan partition" >> /etc/fstab |
| echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab |
| mount /var/tmp/havp |
| chown -R havp /var/tmp/havp |
| # configuration d'HAVP |
| [ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default |
| $SED "/^REMOVETHISLINE/d" /etc/havp/havp.config |
| $SED "s?^# PARENTPROXY.*?PARENTPROXY 127.0.0.1?g" /etc/havp/havp.config |
| $SED "s?^# PARENTPORT.*?PARENTPORT 3128?g" /etc/havp/havp.config |
| $SED "s?^# PORT.*?PORT 8090?g" /etc/havp/havp.config |
| $SED "s?^# BIND_ADDRESS.*?BIND_ADDRESS 127.0.0.1?g" /etc/havp/havp.config |
| $SED "s?^ENABLECLAMLIB.*?ENABLECLAMLIB true?g" /etc/havp/havp.config |
| # mise à jour de la base antivirale de clamav toutes les 2 heures |
| $SED "s?^Checks.*?Checks 12?g" /etc/freshclam.conf |
| $SED "s?^NotifyClamd.*?# NotifyClamd /etc/clamd.conf?g" /etc/freshclam.conf |
| } |
| |
| ################################################################################## |
| 1168,7 → 1170,7 |
|---|
| chmod 644 /etc/logrotate.d/* |
| # processus lancés par défaut au démarrage |
| $SED "s?^# chkconfig:.*?# chkconfig: 345 11 90?g" /etc/init.d/mysqld # pour éviter les alertes de dépendance de services (netfs) |
| for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named |
| for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named havp freshclam |
| do |
| /sbin/chkconfig --add $i |
| done |