887,7 → 887,7 |
[ -e /etc/my.cnf.default ] || cp /etc/my.cnf /etc/my.cnf.default |
$SED "s?^#bind-address.*?bind-address=127.0.0.1?g" /etc/my.cnf |
$SED "s?^tmpdir.*?tmpdir=/tmp?g" /etc/my.cnf |
systemctl start mysqld.service |
/usr/bin/systemctl start mysqld.service |
sleep 4 |
mysqladmin -u root password $mysqlpwd |
MYSQL="/usr/bin/mysql -uroot -p$mysqlpwd --exec" |
902,7 → 902,7 |
[ -e /lib/systemd/system/mysqld.service.default ] || cp /lib/systemd/system/mysqld.service /lib/systemd/system/mysqld.service.default |
$SED "/ExecStartPost=/a ExecStop=/usr/local/sbin/alcasar-mysql.sh -acct_stop" /usr/lib/systemd/system/mysqld.service |
$SED "/ExecStartPost=/a ExecStartPost=/usr/local/sbin/alcasar-mysql.sh -acct_stop" /lib/systemd/system/mysqld.service |
systemctl daemon-reload |
/usr/bin/systemctl daemon-reload |
} # End of init_db () |
|
########################################################################## |
971,7 → 971,7 |
# make certain that mysql is up before radius start |
[ -e /lib/systemd/system/radiusd.service.default ] || cp /lib/systemd/system/radiusd.service /lib/systemd/system/radiusd.service.default |
$SED "s?^After=.*?After=syslog.target network.target mysqld.service?g" /lib/systemd/system/radiusd.service |
systemctl daemon-reload |
/usr/bin/systemctl daemon-reload |
} # End radius () |
|
########################################################################## |
1448,7 → 1448,7 |
# Add the listen port to collect netflow packet (nfcapd) |
$SED "s?'\$ziparg $extensions.*?\$ziparg $extensions -b 127.0.0.1;'?g" /usr/libexec/NfSenRC.pm |
# expire delay for the profile "live" |
systemctl start nfsen |
/usr/bin/systemctl start nfsen |
/bin/nfsen -m live -e 62d 2>/dev/null |
# add SURFmap plugin |
cp $DIR_CONF/nfsen/SURFmap_v3.3.1.tar.gz /tmp/ |
1887,13 → 1887,13 |
# processes launched at boot time (Systemctl) |
for i in alcasar-load_balancing mysqld httpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat |
do |
systemctl -q enable $i.service |
/usr/bin/systemctl -q enable $i.service |
done |
|
# disable processes at boot time (Systemctl) |
for i in ulogd |
do |
systemctl -q disable $i.service |
/usr/bin/systemctl -q disable $i.service |
done |
|
# Apply French Security Agency (ANSSI) rules |
1931,7 → 1931,7 |
# Remove unused services and users |
for svc in sshd |
do |
/bin/systemctl -q disable $svc.service |
/usr/bin/systemctl -q disable $svc.service |
done |
# Load and apply the previous conf file |
if [ "$mode" = "update" ] |