| Line 1... |
Line 1... |
| 1 |
#!/bin/sh
|
1 |
#!/bin/sh
|
| 2 |
# $Id: alcasar.sh 109 2010-05-10 19:46:20Z richard $
|
2 |
# $Id: alcasar.sh 110 2010-05-11 16:35:34Z richard $
|
| 3 |
|
3 |
|
| 4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
| 5 |
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
|
5 |
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
|
| 6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 7 |
|
7 |
|
| Line 942... |
Line 942... |
| 942 |
mkfs.ext4 -qF /tmp/havp-disk
|
942 |
mkfs.ext4 -qF /tmp/havp-disk
|
| 943 |
mkdir /var/tmp/havp
|
943 |
mkdir /var/tmp/havp
|
| 944 |
echo "# Entry for havp tmp files scan partition" >> /etc/fstab
|
944 |
echo "# Entry for havp tmp files scan partition" >> /etc/fstab
|
| 945 |
echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab
|
945 |
echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab
|
| 946 |
mount /var/tmp/havp
|
946 |
mount /var/tmp/havp
|
| 947 |
chown -R havp /var/tmp/havp
|
947 |
chown -R havp /var/tmp/havp /var/log/havp
|
| 948 |
# configuration d'HAVP
|
948 |
# configuration d'HAVP
|
| 949 |
[ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default
|
949 |
[ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default
|
| 950 |
$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config
|
950 |
$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config
|
| 951 |
$SED "s?^# PARENTPROXY.*?PARENTPROXY 127.0.0.1?g" /etc/havp/havp.config
|
951 |
$SED "s?^# PARENTPROXY.*?PARENTPROXY 127.0.0.1?g" /etc/havp/havp.config
|
| 952 |
$SED "s?^# PARENTPORT.*?PARENTPORT 3128?g" /etc/havp/havp.config
|
952 |
$SED "s?^# PARENTPORT.*?PARENTPORT 3128?g" /etc/havp/havp.config
|
| Line 1167... |
Line 1167... |
| 1167 |
$SED "s?^Host_Alias.*?Host_Alias LAN_ORG=$PRIVATE_NETWORK_MASK,localhost #réseau de l'organisme?g" /etc/sudoers
|
1167 |
$SED "s?^Host_Alias.*?Host_Alias LAN_ORG=$PRIVATE_NETWORK_MASK,localhost #réseau de l'organisme?g" /etc/sudoers
|
| 1168 |
# prise en compte de la rotation des logs sur 1 an (concerne mysql, htttpd, dansguardian, squid, radiusd, ulogd)
|
1168 |
# prise en compte de la rotation des logs sur 1 an (concerne mysql, htttpd, dansguardian, squid, radiusd, ulogd)
|
| 1169 |
cp -f $DIR_CONF/logrotate.d/* /etc/logrotate.d/
|
1169 |
cp -f $DIR_CONF/logrotate.d/* /etc/logrotate.d/
|
| 1170 |
chmod 644 /etc/logrotate.d/*
|
1170 |
chmod 644 /etc/logrotate.d/*
|
| 1171 |
# processus lancés par défaut au démarrage
|
1171 |
# processus lancés par défaut au démarrage
|
| - |
|
1172 |
$SED "s?^# Default-Start.*?# Default-Start: 3 4 5?g" /etc/init.d/mysqld
|
| 1172 |
$SED "s?^# chkconfig:.*?# chkconfig: 345 11 90?g" /etc/init.d/mysqld # pour éviter les alertes de dépendance de services (netfs)
|
1173 |
$SED "s?^# Default-Stop.*?# Default-Stop: 0 1 2?g" /etc/init.d/mysqld # pour éviter les alertes de dépendance de services (netfs)
|
| 1173 |
for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named havp freshclam
|
1174 |
for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named havp freshclam
|
| 1174 |
do
|
1175 |
do
|
| 1175 |
/sbin/chkconfig --add $i
|
1176 |
/sbin/chkconfig --add $i
|
| 1176 |
done
|
1177 |
done
|
| 1177 |
# On mets en place la sécurité sur les fichiers
|
1178 |
# On mets en place la sécurité sur les fichiers
|