Line 1... |
Line 1... |
1 |
#!/bin/sh
|
1 |
#!/bin/sh
|
2 |
# $Id: alcasar.sh 57 2010-04-05 13:05:53Z franck $
|
2 |
# $Id: alcasar.sh 59 2010-04-05 21:19:42Z richard $
|
3 |
|
3 |
|
4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
5 |
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
|
5 |
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
7 |
|
7 |
|
Line 61... |
Line 61... |
61 |
SQUID_PORT="3128" # Port d'écoute du proxy Squid
|
61 |
SQUID_PORT="3128" # Port d'écoute du proxy Squid
|
62 |
UAMPORT="3990"
|
62 |
UAMPORT="3990"
|
63 |
# ****** Paths - chemin des commandes *******
|
63 |
# ****** Paths - chemin des commandes *******
|
64 |
SED="/bin/sed -i"
|
64 |
SED="/bin/sed -i"
|
65 |
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
|
65 |
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
|
66 |
PACKAGES="freeradius freeradius-mysql freeradius-ldap freeradius-web apache-mpm-prefork apache-mod_ssl apache-mod_php squid dansguardian postfix MySQL logwatch ntp awstats mondo cdrecord buffer vim-enhanced bind-utils wget arpscan ulogd dhcp-server openssh-server php-xml coova-chilli pam_ccreds rng-utils lsb-release bind"
|
66 |
PACKAGES="freeradius freeradius-mysql freeradius-ldap freeradius-web apache-mpm-prefork apache-mod_ssl apache-mod_php squid dansguardian postfix MySQL logwatch ntp awstats mondo cdrecord buffer vim-enhanced bind-utils wget arpscan ulogd dhcp-server openssh-server php-xml coova-chilli pam_ccreds rng-utils lsb-release bind clamav"
|
67 |
# ****************** End of global parameters *********************
|
67 |
# ****************** End of global parameters *********************
|
68 |
|
68 |
|
69 |
header_install ()
|
69 |
header_install ()
|
70 |
{
|
70 |
{
|
71 |
clear
|
71 |
clear
|
Line 211... |
Line 211... |
211 |
/usr/sbin/urpme --auto-orphans --auto
|
211 |
/usr/sbin/urpme --auto-orphans --auto
|
212 |
# On vide le répertoire temporaire
|
212 |
# On vide le répertoire temporaire
|
213 |
urpmi --clean
|
213 |
urpmi --clean
|
214 |
# On crée aléatoirement les mots de passe et les secrets partagés
|
214 |
# On crée aléatoirement les mots de passe et les secrets partagés
|
215 |
rm -f $FIC_PASSWD
|
215 |
rm -f $FIC_PASSWD
|
- |
|
216 |
grubpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # mot de passe de protection du menu Grub
|
- |
|
217 |
echo -n "mot de passe de protection du menu de démarrage (GRUB) : " > $FIC_PASSWD
|
- |
|
218 |
echo "$grubpwd" >> $FIC_PASSWD
|
- |
|
219 |
md5_grubpwd=`/usr/bin/md5pass $grubpwd`
|
- |
|
220 |
sed -i "/^password.*/d" /boot/grub/menu.lst
|
- |
|
221 |
sed -i "1ipassword --md5 $md5_grubpwd" /boot/grub/menu.lst
|
216 |
mysqlpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # mot de passe de l'administrateur Mysqld
|
222 |
mysqlpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # mot de passe de l'administrateur Mysqld
|
217 |
echo -n "compte et mot de passe de l'administrateur Mysqld : " > $FIC_PASSWD
|
223 |
echo -n "compte et mot de passe de l'administrateur Mysqld : " >> $FIC_PASSWD
|
218 |
echo "root / $mysqlpwd" >> $FIC_PASSWD
|
224 |
echo "root / $mysqlpwd" >> $FIC_PASSWD
|
219 |
radiuspwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # mot de passe de l'utilisateur Mysqld (utilisé par freeradius)
|
225 |
radiuspwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # mot de passe de l'utilisateur Mysqld (utilisé par freeradius)
|
220 |
echo -n "compte et mot de passe de l'utilisateur Mysqld : " >> $FIC_PASSWD
|
226 |
echo -n "compte et mot de passe de l'utilisateur Mysqld : " >> $FIC_PASSWD
|
221 |
echo "$DB_USER / $radiuspwd" >> $FIC_PASSWD
|
227 |
echo "$DB_USER / $radiuspwd" >> $FIC_PASSWD
|
222 |
secretuam=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # secret partagé entre intercept.php et coova-chilli
|
228 |
secretuam=`cat /dev/urandom | tr -dc [:alnum:] | head -c8` # secret partagé entre intercept.php et coova-chilli
|
Line 941... |
Line 947... |
941 |
$SED "s?^HostAliases=.*?HostAliases=\"$PRIVATE_IP\"?g" /etc/awstats/awstats.conf
|
947 |
$SED "s?^HostAliases=.*?HostAliases=\"$PRIVATE_IP\"?g" /etc/awstats/awstats.conf
|
942 |
$SED "s?^DNSLookup=.*?DNSLookup=0?g" /etc/awstats/awstats.conf
|
948 |
$SED "s?^DNSLookup=.*?DNSLookup=0?g" /etc/awstats/awstats.conf
|
943 |
$SED "s?^DirData=.*?DirData=\"/var/lib/awstats\"?g" /etc/awstats/awstats.conf # corrige le fichier de config awstats natif ...
|
949 |
$SED "s?^DirData=.*?DirData=\"/var/lib/awstats\"?g" /etc/awstats/awstats.conf # corrige le fichier de config awstats natif ...
|
944 |
$SED "s?^StyleSheet=.*?StyleSheet=\"/css/style.css\"?g" /etc/awstats/awstats.conf
|
950 |
$SED "s?^StyleSheet=.*?StyleSheet=\"/css/style.css\"?g" /etc/awstats/awstats.conf
|
945 |
$SED "s?^BuildReportFormat=.*?BuildReportFormat=xhtml?g" /etc/awstats/awstats.conf
|
951 |
$SED "s?^BuildReportFormat=.*?BuildReportFormat=xhtml?g" /etc/awstats/awstats.conf
|
- |
|
952 |
$SED "s?^UseFramesWhenCGI=.*?UseFramesWhenCGI=0?g" /etc/awstats/awstats.conf
|
946 |
cat <<EOF >> /etc/httpd/conf/webapps.d/alcasar.conf
|
953 |
cat <<EOF >> /etc/httpd/conf/webapps.d/alcasar.conf
|
947 |
<Directory $DIR_WEB/awstats>
|
954 |
<Directory $DIR_WEB/awstats>
|
948 |
SSLRequireSSL
|
955 |
SSLRequireSSL
|
949 |
Options ExecCGI
|
956 |
Options ExecCGI
|
950 |
AddHandler cgi-script .pl
|
957 |
AddHandler cgi-script .pl
|
Line 1140... |
Line 1147... |
1140 |
/etc/raddb/modules/ldap radius.apache 660
|
1147 |
/etc/raddb/modules/ldap radius.apache 660
|
1141 |
/etc/raddb/sites-available/alcasar radius.apache 660
|
1148 |
/etc/raddb/sites-available/alcasar radius.apache 660
|
1142 |
/etc/pki/* root.apache 750
|
1149 |
/etc/pki/* root.apache 750
|
1143 |
EOF
|
1150 |
EOF
|
1144 |
/usr/sbin/msec
|
1151 |
/usr/sbin/msec
|
- |
|
1152 |
# modification /etc/inittab
|
- |
|
1153 |
[ -e /etc/inittab.default ] || cp /etc/inittab /etc/inittab.default
|
- |
|
1154 |
# On supprime l'interception du "ctrl + alt + del" et on ne garde que 3 terminaux
|
- |
|
1155 |
$SED "s?^ca.*?#&?g" /etc/inittab
|
- |
|
1156 |
$SED "s?^4.*?#&?g" /etc/inittab
|
- |
|
1157 |
$SED "s?^5.*?#&?g" /etc/inittab
|
1145 |
if [ "$mode" = "update" ]
|
1158 |
$SED "s?^6.*?#&?g" /etc/inittab
|
1146 |
# on charge la conf d'un version précédente
|
1159 |
# on charge la conf d'un version précédente
|
- |
|
1160 |
if [ "$mode" = "update" ]
|
1147 |
then
|
1161 |
then
|
1148 |
$DIR_DEST_BIN/alcasar-conf.sh -load
|
1162 |
$DIR_DEST_BIN/alcasar-conf.sh -load
|
1149 |
fi
|
1163 |
fi
|
1150 |
cd $DIR_INSTALL
|
1164 |
cd $DIR_INSTALL
|
1151 |
echo ""
|
1165 |
echo ""
|