| 887,7 → 887,7 |
|---|
| [ -e /etc/my.cnf.default ] || cp /etc/my.cnf /etc/my.cnf.default |
| $SED "s?^#bind-address.*?bind-address=127.0.0.1?g" /etc/my.cnf |
| $SED "s?^tmpdir.*?tmpdir=/tmp?g" /etc/my.cnf |
| systemctl start mysqld.service |
| /usr/bin/systemctl start mysqld.service |
| sleep 4 |
| mysqladmin -u root password $mysqlpwd |
| MYSQL="/usr/bin/mysql -uroot -p$mysqlpwd --exec" |
| 902,7 → 902,7 |
|---|
| [ -e /lib/systemd/system/mysqld.service.default ] || cp /lib/systemd/system/mysqld.service /lib/systemd/system/mysqld.service.default |
| $SED "/ExecStartPost=/a ExecStop=/usr/local/sbin/alcasar-mysql.sh -acct_stop" /usr/lib/systemd/system/mysqld.service |
| $SED "/ExecStartPost=/a ExecStartPost=/usr/local/sbin/alcasar-mysql.sh -acct_stop" /lib/systemd/system/mysqld.service |
| systemctl daemon-reload |
| /usr/bin/systemctl daemon-reload |
| } # End of init_db () |
| |
| ########################################################################## |
| 971,7 → 971,7 |
|---|
| # make certain that mysql is up before radius start |
| [ -e /lib/systemd/system/radiusd.service.default ] || cp /lib/systemd/system/radiusd.service /lib/systemd/system/radiusd.service.default |
| $SED "s?^After=.*?After=syslog.target network.target mysqld.service?g" /lib/systemd/system/radiusd.service |
| systemctl daemon-reload |
| /usr/bin/systemctl daemon-reload |
| } # End radius () |
| |
| ########################################################################## |
| 1448,7 → 1448,7 |
|---|
| # Add the listen port to collect netflow packet (nfcapd) |
| $SED "s?'\$ziparg $extensions.*?\$ziparg $extensions -b 127.0.0.1;'?g" /usr/libexec/NfSenRC.pm |
| # expire delay for the profile "live" |
| systemctl start nfsen |
| /usr/bin/systemctl start nfsen |
| /bin/nfsen -m live -e 62d 2>/dev/null |
| # add SURFmap plugin |
| cp $DIR_CONF/nfsen/SURFmap_v3.3.1.tar.gz /tmp/ |
| 1887,13 → 1887,13 |
|---|
| # processes launched at boot time (Systemctl) |
| for i in alcasar-load_balancing mysqld httpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat |
| do |
| systemctl -q enable $i.service |
| /usr/bin/systemctl -q enable $i.service |
| done |
| |
| # disable processes at boot time (Systemctl) |
| for i in ulogd |
| do |
| systemctl -q disable $i.service |
| /usr/bin/systemctl -q disable $i.service |
| done |
| |
| # Apply French Security Agency (ANSSI) rules |
| 1931,7 → 1931,7 |
|---|
| # Remove unused services and users |
| for svc in sshd |
| do |
| /bin/systemctl -q disable $svc.service |
| /usr/bin/systemctl -q disable $svc.service |
| done |
| # Load and apply the previous conf file |
| if [ "$mode" = "update" ] |