WebSVN – ALCASAR – Diff – /alcasar.sh



 
#!/bin/bash
#  $Id: alcasar.sh 1366 2014-05-29 09:21:47Z richard $ 
 
# alcasar.sh
 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
# Ce programme est un logiciel libre ; This software is free and open source

	      userdel -r havp 2>/dev/null
	      groupdel havp 2>/dev/null
	fi
	groupadd -f havp
	useradd -r -g havp -s /bin/false -c "system user for havp" havp
	mkdir -p /var/tmp/havp /var/log/havp /var/run/havp
	chown -R havp /var/tmp/havp /var/log/havp /var/run/havp
	[ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default
	$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config
	$SED "s?^# PORT.*?PORT 8090?g" /etc/havp/havp.config				# datas come on 8090			
	$SED "s?^# BIND_ADDRESS.*?BIND_ADDRESS 127.0.0.1?g" /etc/havp/havp.config	# we listen only on loopback

	[ -d /var/log/firewall ] || mkdir -p /var/log/firewall
	nl=1
	for log_type in traceability ssh ext-access
	do
		[ -e /lib/systemd/system/ulogd-$log_type.service ] || cp -f /lib/systemd/system/ulogd.service /lib/systemd/system/ulogd-$log_type.service
		/var/log/firewall/$log_type.log ] || echo "" > /var/log/firewall/$log_type.log
		cp -f /etc/ulogd.conf /etc/ulogd-$log_type.conf
		$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf 
		$SED '/OPRINT/,$d' /etc/ulogd-$log_type.conf
		cat << EOF >> /etc/ulogd-$log_type.conf
[LOGEMU]

	[ `grep "^nfsen:" /etc/passwd | wc -l` == 1 ] || useradd -m nfsen
	usermod -G www-data nfsen
# Add PortTracker plugin
	mkdir -p /var/www/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins
	chown -R nfsen:www-data /var/www/nfsen
	chown -R apache:apache /usr/share/nfsen
	cp -f $DIR_CONF/nfsen/PortTracker.pm /tmp/nfsen-1.3.6p1/contrib/PortTracker/
# use of our conf file and init unit
	cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.6p1/etc/
	cp $DIR_CONF/nfsen/nfsen.service /lib/systemd/system/
# Installation of nfsen

	/usr/bin/perl5 install.pl etc/nfsen.conf
	/usr/bin/perl5 install.pl etc/nfsen.conf # to avoid a Perl mistake "Semaphore introuvable"
# Create RRD DB for porttracker (only in it still doesn't exist)
	cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.pm /usr/share/nfsen/plugins/
	cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.php /var/www/nfsen/plugins/
	[ -d /var/log/netflow/porttracker ] || sudo -u apache nftrack -I -d /var/log/netflow/porttracker
	chown -R apache:www-data /var/log/netflow/porttracker/
	chmod -R 775 /var/log/netflow/porttracker
# Apache conf file
	rm -f /etc/httpd/conf/conf.d/nfsen.conf
	cat <<EOF >> /etc/httpd/conf/conf.d/nfsen.conf

Subversion Repositories ALCASAR

(root)/alcasar.sh @ 2681 – Rev 1365 → 1366

Rev 1365		Rev 1366
Line 1...		Line -...
1		-
2	`#!/bin/bash`	1	`#!/bin/bash`
3	`# $Id: alcasar.sh 1365 2014-05-28 14:38:29Z richard $`	2	`# $Id: alcasar.sh 1366 2014-05-29 09:21:47Z richard $`
4		3
5	`# alcasar.sh`	4	`# alcasar.sh`
6		5
7	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`	6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`
8	`# Ce programme est un logiciel libre ; This software is free and open source`	7	`# Ce programme est un logiciel libre ; This software is free and open source`
Line 1084...		Line 1083...
1084	`userdel -r havp 2>/dev/null`	1083	`userdel -r havp 2>/dev/null`
1085	`groupdel havp 2>/dev/null`	1084	`groupdel havp 2>/dev/null`
1086	`fi`	1085	`fi`
1087	`groupadd -f havp`	1086	`groupadd -f havp`
1088	`useradd -r -g havp -s /bin/false -c "system user for havp" havp`	1087	`useradd -r -g havp -s /bin/false -c "system user for havp" havp`
1089	`mkdir -p /var/tmp/havp /var/log/havp`	1088	`mkdir -p /var/tmp/havp /var/log/havp /var/run/havp`
1090	`chown -R havp /var/tmp/havp /var/log/havp /var/run/havp`	1089	`chown -R havp /var/tmp/havp /var/log/havp /var/run/havp`
1091	`[ -e /etc/havp/havp.config.default ] \|\| cp /etc/havp/havp.config /etc/havp/havp.config.default`	1090	`[ -e /etc/havp/havp.config.default ] \|\| cp /etc/havp/havp.config /etc/havp/havp.config.default`
1092	`$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config`	1091	`$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config`
1093	`$SED "s?^# PORT.*?PORT 8090?g" /etc/havp/havp.config # datas come on 8090`	1092	`$SED "s?^# PORT.*?PORT 8090?g" /etc/havp/havp.config # datas come on 8090`
1094	`$SED "s?^# BIND_ADDRESS.*?BIND_ADDRESS 127.0.0.1?g" /etc/havp/havp.config # we listen only on loopback`	1093	`$SED "s?^# BIND_ADDRESS.*?BIND_ADDRESS 127.0.0.1?g" /etc/havp/havp.config # we listen only on loopback`
Line 1131...		Line 1130...
1131	`[ -d /var/log/firewall ] \|\| mkdir -p /var/log/firewall`	1130	`[ -d /var/log/firewall ] \|\| mkdir -p /var/log/firewall`
1132	`nl=1`	1131	`nl=1`
1133	`for log_type in traceability ssh ext-access`	1132	`for log_type in traceability ssh ext-access`
1134	`do`	1133	`do`
1135	`[ -e /lib/systemd/system/ulogd-$log_type.service ] \|\| cp -f /lib/systemd/system/ulogd.service /lib/systemd/system/ulogd-$log_type.service`	1134	`[ -e /lib/systemd/system/ulogd-$log_type.service ] \|\| cp -f /lib/systemd/system/ulogd.service /lib/systemd/system/ulogd-$log_type.service`
1136	`/var/log/firewall/$log_type.log ] \|\| touch /var/log/firewall/$log_type.log`	1135	`/var/log/firewall/$log_type.log ] \|\| echo "" > /var/log/firewall/$log_type.log`
1137	`cp -f /etc/ulogd.conf /etc/ulogd-$log_type.conf`	1136	`cp -f /etc/ulogd.conf /etc/ulogd-$log_type.conf`
1138	`$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf`	1137	`$SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf`
1139	`$SED '/OPRINT/,$d' /etc/ulogd-$log_type.conf`	1138	`$SED '/OPRINT/,$d' /etc/ulogd-$log_type.conf`
1140	`cat << EOF >> /etc/ulogd-$log_type.conf`	1139	`cat << EOF >> /etc/ulogd-$log_type.conf`
1141	`[LOGEMU]`	1140	`[LOGEMU]`
Line 1162...		Line 1161...
1162	[ `grep "^nfsen:" /etc/passwd \| wc -l` == 1 ] \|\| useradd -m nfsen	1161	[ `grep "^nfsen:" /etc/passwd \| wc -l` == 1 ] \|\| useradd -m nfsen
1163	`usermod -G www-data nfsen`	1162	`usermod -G www-data nfsen`
1164	`# Add PortTracker plugin`	1163	`# Add PortTracker plugin`
1165	`mkdir -p /var/www/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins`	1164	`mkdir -p /var/www/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins`
1166	`chown -R nfsen:www-data /var/www/nfsen`	1165	`chown -R nfsen:www-data /var/www/nfsen`
1167	`chown -R apache:apache /usr/share/nfsen /var/log/netflow/porttracker`	1166	`chown -R apache:apache /usr/share/nfsen`
1168	`cp -f $DIR_CONF/nfsen/PortTracker.pm /tmp/nfsen-1.3.6p1/contrib/PortTracker/`	1167	`cp -f $DIR_CONF/nfsen/PortTracker.pm /tmp/nfsen-1.3.6p1/contrib/PortTracker/`
1169	`# use of our conf file and init unit`	1168	`# use of our conf file and init unit`
1170	`cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.6p1/etc/`	1169	`cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.6p1/etc/`
1171	`cp $DIR_CONF/nfsen/nfsen.service /lib/systemd/system/`	1170	`cp $DIR_CONF/nfsen/nfsen.service /lib/systemd/system/`
1172	`# Installation of nfsen`	1171	`# Installation of nfsen`
Line 1175...		Line 1174...
1175	`/usr/bin/perl5 install.pl etc/nfsen.conf`	1174	`/usr/bin/perl5 install.pl etc/nfsen.conf`
1176	`/usr/bin/perl5 install.pl etc/nfsen.conf # to avoid a Perl mistake "Semaphore introuvable"`	1175	`/usr/bin/perl5 install.pl etc/nfsen.conf # to avoid a Perl mistake "Semaphore introuvable"`
1177	`# Create RRD DB for porttracker (only in it still doesn't exist)`	1176	`# Create RRD DB for porttracker (only in it still doesn't exist)`
1178	`cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.pm /usr/share/nfsen/plugins/`	1177	`cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.pm /usr/share/nfsen/plugins/`
1179	`cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.php /var/www/nfsen/plugins/`	1178	`cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.php /var/www/nfsen/plugins/`
1180	`[ d /var/log/netflow/porttracker ] \|\| sudo -u apache nftrack -I -d /var/log/netflow/porttracker`	1179	`[ -d /var/log/netflow/porttracker ] \|\| sudo -u apache nftrack -I -d /var/log/netflow/porttracker`
1181	`chown -R apache:www-data /var/log/netflow/porttracker/`	1180	`chown -R apache:www-data /var/log/netflow/porttracker/`
1182	`chmod -R 775 /var/log/netflow/porttracker`	1181	`chmod -R 775 /var/log/netflow/porttracker`
1183	`# Apache conf file`	1182	`# Apache conf file`
1184	`rm -f /etc/httpd/conf/conf.d/nfsen.conf`	1183	`rm -f /etc/httpd/conf/conf.d/nfsen.conf`
1185	`cat <<EOF >> /etc/httpd/conf/conf.d/nfsen.conf`	1184	`cat <<EOF >> /etc/httpd/conf/conf.d/nfsen.conf`