WebSVN – ALCASAR – Diff – /alcasar.sh



#!/bin/sh
#  $Id: alcasar.sh 88 2010-04-18 10:43:35Z richard $ 
 
# alcasar.sh
# by Franck BOUIJOUX, Pascal LEVANT and Richard REY
# This script is distributed under the Gnu General Public License (GPL)
 

SQUID_PORT="3128"				# Port d'écoute du proxy Squid
UAMPORT="3990"
# ****** Paths - chemin des commandes *******
SED="/bin/sed -i"
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
PACKAGES="freeradius freeradius-mysql freeradius-ldap freeradius-web apache-mpm-prefork apache-mod_ssl apache-mod_php squid dansguardian postfix MySQL logwatch ntp awstats mondo cdrecord buffer vim-enhanced bind-utils wget arpscan ulogd dhcp-server openssh-server php-xml coova-chilli pam_ccreds rng-utils lsb-release bind clamav sudo"
# ****************** End of global parameters *********************
 
header_install ()
{
	clear

echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab
mount /var/tmp/havp
# copie et configuration d'HAVP
cp $DIR_CONF/havp/havp $DIR_DEST_SBIN
cp -r $DIR_CONF/havp/etc/havp $DIR_DEST_ETC
chmod  775 $DIR_DEST_ETC/havp
cp $DIR_CONF/havp/etc/init.d/havp /etc/init.d/
chkconfig --level 345 havp on
chkconfig --level 01267 havp off
chown -R havp.havp /var/tmp/havp /var/log/havp /var/run/havp $DIR_DEST_ETC/havp
}

	$SED "s?^Host_Alias.*?Host_Alias	LAN_ORG=$PRIVATE_NETWORK_MASK,localhost		#réseau de l'organisme?g" /etc/sudoers
# prise en compte de la rotation des logs sur 1 an (concerne mysql, htttpd, dansguardian, squid, radiusd, ulogd)
	cp -f $DIR_CONF/logrotate.d/* /etc/logrotate.d/
	chmod 644 /etc/logrotate.d/*
# processus lancés par défaut au démarrage
	$SED "s?^# chkconfig:.*?# chkconfig: 345 11 90?g" /etc/init.d/mysqld  # pour éviter les alertes de dépendance de services (netfs)
	for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named
	do
		/sbin/chkconfig --add $i
	done
# On mets en place la sécurité sur les fichiers

Rev 80	Rev 88
Line 1...	Line 1...
1	`#!/bin/sh`	1	`#!/bin/sh`
2	`# $Id: alcasar.sh 80 2010-04-17 22:54:06Z richard $`	2	`# $Id: alcasar.sh 88 2010-04-18 10:43:35Z richard $`
3		3
4	`# alcasar.sh`	4	`# alcasar.sh`
5	`# by Franck BOUIJOUX, Pascal LEVANT and Richard REY`	5	`# by Franck BOUIJOUX, Pascal LEVANT and Richard REY`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7		7
Line 62...	Line 62...
62	`SQUID_PORT="3128" # Port d'écoute du proxy Squid`	62	`SQUID_PORT="3128" # Port d'écoute du proxy Squid`
63	`UAMPORT="3990"`	63	`UAMPORT="3990"`
64	`# **** Paths - chemin des commandes *****`	64	`# **** Paths - chemin des commandes *****`
65	`SED="/bin/sed -i"`	65	`SED="/bin/sed -i"`
66	`# **** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ****`	66	`# **** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ****`
67	`PACKAGES="freeradius freeradius-mysql freeradius-ldap freeradius-web apache-mpm-prefork apache-mod_ssl apache-mod_php squid dansguardian postfix MySQL logwatch ntp awstats mondo cdrecord buffer vim-enhanced bind-utils wget arpscan ulogd dhcp-server openssh-server php-xml coova-chilli pam_ccreds rng-utils lsb-release bind clamav"`	67	`PACKAGES="freeradius freeradius-mysql freeradius-ldap freeradius-web apache-mpm-prefork apache-mod_ssl apache-mod_php squid dansguardian postfix MySQL logwatch ntp awstats mondo cdrecord buffer vim-enhanced bind-utils wget arpscan ulogd dhcp-server openssh-server php-xml coova-chilli pam_ccreds rng-utils lsb-release bind clamav sudo"`
68	`# **************** End of global parameters *******************`	68	`# **************** End of global parameters *******************`
69		69
70	`header_install ()`	70	`header_install ()`
71	`{`	71	`{`
72	`clear`	72	`clear`
Line 946...	Line 946...
946	`echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab`	946	`echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab`
947	`mount /var/tmp/havp`	947	`mount /var/tmp/havp`
948	`# copie et configuration d'HAVP`	948	`# copie et configuration d'HAVP`
949	`cp $DIR_CONF/havp/havp $DIR_DEST_SBIN`	949	`cp $DIR_CONF/havp/havp $DIR_DEST_SBIN`
950	`cp -r $DIR_CONF/havp/etc/havp $DIR_DEST_ETC`	950	`cp -r $DIR_CONF/havp/etc/havp $DIR_DEST_ETC`
-		951	`chmod 775 $DIR_DEST_ETC/havp`
951	`cp $DIR_CONF/havp/etc/init.d/havp /etc/init.d/`	952	`cp $DIR_CONF/havp/etc/init.d/havp /etc/init.d/`
952	`chkconfig --level 345 havp on`	953	`chkconfig --level 345 havp on`
953	`chkconfig --level 01267 havp off`	954	`chkconfig --level 01267 havp off`
954	`chown -R havp.havp /var/tmp/havp /var/log/havp /var/run/havp $DIR_DEST_ETC/havp`	955	`chown -R havp.havp /var/tmp/havp /var/log/havp /var/run/havp $DIR_DEST_ETC/havp`
955	`}`	956	`}`
Line 1163...	Line 1164...
1163	`$SED "s?^Host_Alias.*?Host_Alias LAN_ORG=$PRIVATE_NETWORK_MASK,localhost #réseau de l'organisme?g" /etc/sudoers`	1164	`$SED "s?^Host_Alias.*?Host_Alias LAN_ORG=$PRIVATE_NETWORK_MASK,localhost #réseau de l'organisme?g" /etc/sudoers`
1164	`# prise en compte de la rotation des logs sur 1 an (concerne mysql, htttpd, dansguardian, squid, radiusd, ulogd)`	1165	`# prise en compte de la rotation des logs sur 1 an (concerne mysql, htttpd, dansguardian, squid, radiusd, ulogd)`
1165	`cp -f $DIR_CONF/logrotate.d/* /etc/logrotate.d/`	1166	`cp -f $DIR_CONF/logrotate.d/* /etc/logrotate.d/`
1166	`chmod 644 /etc/logrotate.d/*`	1167	`chmod 644 /etc/logrotate.d/*`
1167	`# processus lancés par défaut au démarrage`	1168	`# processus lancés par défaut au démarrage`
-		1169	`$SED "s?^# chkconfig:.*?# chkconfig: 345 11 90?g" /etc/init.d/mysqld # pour éviter les alertes de dépendance de services (netfs)`
1168	`for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named`	1170	`for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named`
1169	`do`	1171	`do`
1170	`/sbin/chkconfig --add $i`	1172	`/sbin/chkconfig --add $i`
1171	`done`	1173	`done`
1172	`# On mets en place la sécurité sur les fichiers`	1174	`# On mets en place la sécurité sur les fichiers`

Subversion Repositories ALCASAR

(root)/alcasar.sh @ 2588 – Rev 80 → 88