WebSVN – ALCASAR – Path Comparison – / – /alcasar.sh Rev 70 and /alcasar.sh Rev 71

Ignore whitespace Rev 70 → Rev 71

 /alcasar.sh
 ,6 → 28,7
 #       param_chilli    : Configuration du daemon 'coova-chilli' et de la page d'authentification
 #       param_squid     : Configuration du proxy squid en mode 'cache'
 #       param_dansguardian : Configuration de l'analyseur de contenu DansGuardian
+#       antivius        : Installation havp + clamav
 #       firewall        : Mise en place des règles du parefeu et de l'interface WEB FirewallEyes
 #       param_awstats   : Configuration de l'interface des statistiques de consultation WEB
 #       bind            : Configuration du serveur de noms
 ,10 → 452,13
                 [ -d $DIR_SAVE/$i ] || mkdir -p $DIR_SAVE/$i
         done
         chown -R root:apache $DIR_SAVE
-# Configuration php
+# Configuration et sécurisation php
+        [ -e /etc/php.ini.default ] || cp /etc/php.ini /etc/php.ini.default
         $SED "s?^upload_max_filesize.*?upload_max_filesize = 20M?g" /etc/php.ini
         $SED "s?^post_max_size.*?post_max_size = 20M?g" /etc/php.ini
-# Configuration Apache
+        $SED "s?^html_errors.*?html_errors = Off?g" /etc/php.ini
+        $SED "s?^expose_php.*?expose_php = Off?g" /etc/php.ini
+# Configuration et sécurisation Apache
         [ -e /etc/httpd/conf/httpd.conf.default ] || cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.default
         $SED "s?^#ServerName.*?ServerName $PRIVATE_IP?g" /etc/httpd/conf/httpd.conf
         $SED "s?^Listen.*?#Listen 127.0.0.1:80?g" /etc/httpd/conf/httpd.conf
 ,6 → 917,27
         chmod -R g+rw /etc/dansguardian
 } # End of param_dansguardian ()
+##################################################################
+##                      Fonction antivirus                      ##
+## - mise en place havp + clamav                                ##
+##################################################################
+antivirus ()
+{
+# création de la partition de stockage temporaire (100Mo)
+useradd -r havp
+dd if=/dev/zero of=/tmp/havp-disk bs=1024k count=30
+mkfs.ext4 -qF /tmp/havp-disk
+mkdir /var/tmp/havp
+chown havp:havp /var/tmp/havp
+echo "# Entry for havp tmp files scan partition" >> /etc/fstab
+echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab
+cp $DIR_CONF/havp/havp $DIR_DEST_SBIN
+cp -r $DIR_CONF/havp/etc/havp $DIR_DEST_ETC
+cp $DIR_CONF/havp/etc/init.d/havp /etc/init.d/
+chkconfig --level 345 havp on
+chkconfig --level 01267 havp off
+}
 ##################################################################################
 ##                              Fonction firewall                               ##
 ## - adaptation des scripts du parefeu                                          ##
 ,7 → 1280,7
                 else
                         mode="install"
                 fi
-                for func in init network gestion AC init_db param_radius param_web_radius param_chilli param_squid param_dansguardian firewall param_awstats param_bind cron post_install
+                for func in init network gestion AC init_db param_radius param_web_radius param_chilli param_squid param_dansguardian antivirus firewall param_awstats param_bind cron post_install
                 do
                         $func
 # echo "*** 'debug' : end of function $func ***"; read a

Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 70 → Rev 71