1201,8 → 1201,8 |
################################################################## |
dansguardian () |
{ |
mkdir /var/dansguardian |
chown dansguardian /var/dansguardian |
mkdir -p /var/dansguardian /var/log/dansguardian |
chown -R dansguardian /var/dansguardian /var/log/dansguardian |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dansguardian -c /etc/dansguardian/dansguardian.conf?g" /lib/systemd/system/dansguardian.service |
$SED "s?^After=.*?After=network.target chilli.service?g" /lib/systemd/system/dansguardian.service |
[ -e $DIR_DG/dansguardian.conf.default ] || cp $DIR_DG/dansguardian.conf $DIR_DG/dansguardian.conf.default |
1271,8 → 1271,9 |
fi |
groupadd -f havp |
useradd -r -g havp -s /bin/false -c "system user for havp (antivirus proxy)" havp |
mkdir -p /var/tmp/havp /var/log/havp /var/run/havp |
mkdir -p /var/tmp/havp /var/log/havp /var/run/havp /var/log/clamav /var/lib/clamav |
chown -R havp:havp /var/tmp/havp /var/log/havp /var/run/havp |
chown -R clamav:clamav /var/log/clamav /var/lib/clamav |
[ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default |
$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config |
$SED "s?^# PIDFILE.*?PIDFILE /var/run/havp/havp.pid?g" /etc/havp/havp.config # pidfile |
1819,6 → 1820,7 |
$SED "s?^#Banner.*?Banner /etc/ssh/alcasar-banner-ssh?g" /etc/ssh/sshd_config |
# postfix banner anonymisation |
$SED "s?^smtpd_banner =.*?smtpd_banner = $myhostname ESMTP?g" /etc/postfix/main.cf |
chown -R postfix:postfix /var/lib/postfix |
# sshd écoute côté LAN et WAN |
$SED "s?^#ListenAddress 0\.0\.0\.0.*?ListenAddress 0\.0\.0\.0?g" /etc/ssh/sshd_config |
# sshd autorise les connections root par certificat |