WebSVN – ALCASAR – Diff – /alcasar.sh



#!/bin/bash
#  $Id: alcasar.sh 2396 2017-08-27 13:35:35Z tom.houdayer $ 
 
# alcasar.sh
 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
# Ce programme est un logiciel libre ; This software is free and open source

	fi
	IFS="$old"
# Test if ALCASAR is already installed
	if [ -e $CONF_FILE ]
	then
		current_version=`grep ^VERSION= $CONF_FILE | cut -d"=" -f2`
		if [ $Lang == "fr" ]
			then echo -n "La version "; echo -n $current_version ; echo " d'ALCASAR est déjà installée";
			else echo -n "ALCASAR Version "; echo -n $current_version ; echo " is already installed";
		fi
		response=0

			done
		else
       			PRIVATE_IP_MASK=$DEFAULT_PRIVATE_IP_MASK
		fi
	else
		PRIVATE_IP_MASK=`grep ^PRIVATE_IP= conf/etc/alcasar.conf|cut -d"=" -f2` 
		rm -rf conf/etc/alcasar.conf
	fi
# Define LAN side global parameters
	hostnamectl set-hostname $HOSTNAME.$DOMAIN
	PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK | cut -d"=" -f2`				# private network address (ie.: 192.168.182.0)

	PRIVATE_FIRST_IP=`echo $PRIVATE_NETWORK | cut -d"." -f1-3`"."`expr $private_network_ending + 1`	# First network address (ex.: 192.168.182.1)
	PRIVATE_LAST_IP=`echo $PRIVATE_BROADCAST | cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1`	# last network address (ex.: 192.168.182.254)
	PRIVATE_MAC=`/usr/sbin/ip link show $INTIF | grep ether | cut -d" " -f6| sed 's/:/-/g'| awk '{print toupper($0)}'` 	# MAC address of INTIF
# Define Internet parameters
	DNS1=`grep ^nameserver /etc/resolv.conf|awk -F" " '{print $2}'|head -n 1`				# 1st DNS server
	nb_dns=`grep -c ^nameserver /etc/resolv.conf`
	if [ $nb_dns == 2 ]
		then
		DNS2=`grep ^nameserver /etc/resolv.conf|cut -d" " -f2|tail -n 1`			# 2nd DNS server (if exist)
	fi
	DNS1=${DNS1:=208.67.220.220}

	chown root:apache $DIR_DEST_ETC/alcasar-*
	chmod 660 $DIR_DEST_ETC/alcasar-*
# Configuration des fichier WEB d'interception (secret partagé avec coova-chilli)
	$SED "s?^\$uamsecret =.*?\$uamsecret = \"$secretuam\";?g" $DIR_WEB/intercept.php
# user 'chilli' creation (in order to run conup/off and up/down scripts
	chilli_exist=`grep -c ^chilli: /etc/passwd`
	if [ "$chilli_exist" == "1" ]
	then
	      userdel -r chilli 2>/dev/null
	fi
	groupadd -f chilli

## - configuration of havp, libclamav and freshclam		##
##################################################################
antivirus ()		
{
# create 'havp' user
	havp_exist=`grep -c ^havp: /etc/passwd`
	if [ "$havp_exist" == "1" ]
	then
	      userdel -r havp 2>/dev/null
	      groupdel havp 2>/dev/null
	fi

##			Fonction "tinyproxy"				##
## - configuration of tinyproxy (proxy between filterde users and havp)	##
##########################################################################
tinyproxy ()		
{
	tinyproxy_exist=`grep -c ^tinyproxy: /etc/passwd`
	if [ "$tinyproxy_exist" == "1" ]
	then
	      userdel -r tinyproxy 2>/dev/null
	      groupdel tinyproxy 2>/dev/null
	fi

	echo "net.ipv6.conf.default.autoconf = 0" >> /etc/sysctl.d/alcasar.conf
# switch to multi-users runlevel (instead of x11)
	ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
#	GRUB modifications (only one time)
# Limit wait time to 3s - Create an alcasar entry instead of linux-nonfb - Change the default banner
	vm_vga=`lsmod | egrep -c "virtio|vmwgfx"` # test if in VM
	grub_already_modified=`grep -c ALCASAR /boot/grub/menu.lst`
	[ -e /etc/mageia-release.default ]  || cp /etc/mageia-release /etc/mageia-release.default
	if [ $grub_already_modified == 0 ] 
		then
		$SED "s?^timeout.*?timeout 3?g" /boot/grub/menu.lst
		$SED "s?^title linux?title ALCASAR?g" /boot/grub/menu.lst

		echo
		echo "- Le centre de controle d'ALCASAR (ACC) est à l'adresse http://alcasar.localdomain"
		echo
		echo "                   Appuyez sur 'Entrée' pour continuer"
	else	
		echo "#                        End of ALCASAR install process                     #"
		echo "#                                                                           #"
		echo "#         Application Libre pour le Contrôle Authentifié et Sécurisé        #"
		echo "#                     des Accès au Réseau ( ALCASAR )                       #"
		echo "#                                                                           #"
		echo "#############################################################################"

				then echo "#### Installation avec mise à jour ####";
				else echo "#### Installation with update     ####";
			fi
# Extract the central configuration file
			tar -xf /tmp/alcasar-conf* conf/etc/alcasar.conf 
			ORGANISME=`grep ^ORGANISM= conf/etc/alcasar.conf|cut -d"=" -f2`
			PREVIOUS_VERSION=`grep ^VERSION= conf/etc/alcasar.conf|cut -d"=" -f2`
			MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1`
			MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2|cut -c1`
			UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3`
			mode="update"
		fi

Rev 2395	Rev 2396
Line 1...	Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar.sh 2395 2017-08-27 13:32:57Z tom.houdayer $`	2	`# $Id: alcasar.sh 2396 2017-08-27 13:35:35Z tom.houdayer $`
3		3
4	`# alcasar.sh`	4	`# alcasar.sh`
5		5
6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`	6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`
7	`# Ce programme est un logiciel libre ; This software is free and open source`	7	`# Ce programme est un logiciel libre ; This software is free and open source`
Line 160...	Line 160...
160	`fi`	160	`fi`
161	`IFS="$old"`	161	`IFS="$old"`
162	`# Test if ALCASAR is already installed`	162	`# Test if ALCASAR is already installed`
163	`if [ -e $CONF_FILE ]`	163	`if [ -e $CONF_FILE ]`
164	`then`	164	`then`
165	current_version=`cat $CONF_FILE \| grep VERSION \| cut -d"=" -f2`	165	current_version=`grep ^VERSION= $CONF_FILE \| cut -d"=" -f2`
166	`if [ $Lang == "fr" ]`	166	`if [ $Lang == "fr" ]`
167	`then echo -n "La version "; echo -n $current_version ; echo " d'ALCASAR est déjà installée";`	167	`then echo -n "La version "; echo -n $current_version ; echo " d'ALCASAR est déjà installée";`
168	`else echo -n "ALCASAR Version "; echo -n $current_version ; echo " is already installed";`	168	`else echo -n "ALCASAR Version "; echo -n $current_version ; echo " is already installed";`
169	`fi`	169	`fi`
170	`response=0`	170	`response=0`
Line 470...	Line 470...
470	`done`	470	`done`
471	`else`	471	`else`
472	`PRIVATE_IP_MASK=$DEFAULT_PRIVATE_IP_MASK`	472	`PRIVATE_IP_MASK=$DEFAULT_PRIVATE_IP_MASK`
473	`fi`	473	`fi`
474	`else`	474	`else`
475	PRIVATE_IP_MASK=`grep PRIVATE_IP conf/etc/alcasar.conf\|cut -d"=" -f2`	475	PRIVATE_IP_MASK=`grep ^PRIVATE_IP= conf/etc/alcasar.conf\|cut -d"=" -f2`
476	`rm -rf conf/etc/alcasar.conf`	476	`rm -rf conf/etc/alcasar.conf`
477	`fi`	477	`fi`
478	`# Define LAN side global parameters`	478	`# Define LAN side global parameters`
479	`hostnamectl set-hostname $HOSTNAME.$DOMAIN`	479	`hostnamectl set-hostname $HOSTNAME.$DOMAIN`
480	PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK \| cut -d"=" -f2` # private network address (ie.: 192.168.182.0)	480	PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK \| cut -d"=" -f2` # private network address (ie.: 192.168.182.0)
Line 497...	Line 497...
497	PRIVATE_FIRST_IP=`echo $PRIVATE_NETWORK \| cut -d"." -f1-3`"."`expr $private_network_ending + 1` # First network address (ex.: 192.168.182.1)	497	PRIVATE_FIRST_IP=`echo $PRIVATE_NETWORK \| cut -d"." -f1-3`"."`expr $private_network_ending + 1` # First network address (ex.: 192.168.182.1)
498	PRIVATE_LAST_IP=`echo $PRIVATE_BROADCAST \| cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # last network address (ex.: 192.168.182.254)	498	PRIVATE_LAST_IP=`echo $PRIVATE_BROADCAST \| cut -d"." -f1-3`"."`expr $private_broadcast_ending - 1` # last network address (ex.: 192.168.182.254)
499	PRIVATE_MAC=`/usr/sbin/ip link show $INTIF \| grep ether \| cut -d" " -f6\| sed 's/:/-/g'\| awk '{print toupper($0)}'` # MAC address of INTIF	499	PRIVATE_MAC=`/usr/sbin/ip link show $INTIF \| grep ether \| cut -d" " -f6\| sed 's/:/-/g'\| awk '{print toupper($0)}'` # MAC address of INTIF
500	`# Define Internet parameters`	500	`# Define Internet parameters`
501	DNS1=`grep ^nameserver /etc/resolv.conf\|awk -F" " '{print $2}'\|head -n 1` # 1st DNS server	501	DNS1=`grep ^nameserver /etc/resolv.conf\|awk -F" " '{print $2}'\|head -n 1` # 1st DNS server
502	nb_dns=`grep ^nameserver /etc/resolv.conf\|wc -l`	502	nb_dns=`grep -c ^nameserver /etc/resolv.conf`
503	`if [ $nb_dns == 2 ]`	503	`if [ $nb_dns == 2 ]`
504	`then`	504	`then`
505	DNS2=`grep ^nameserver /etc/resolv.conf\|cut -d" " -f2\|tail -n 1` # 2nd DNS server (if exist)	505	DNS2=`grep ^nameserver /etc/resolv.conf\|cut -d" " -f2\|tail -n 1` # 2nd DNS server (if exist)
506	`fi`	506	`fi`
507	`DNS1=${DNS1:=208.67.220.220}`	507	`DNS1=${DNS1:=208.67.220.220}`
Line 1306...	Line 1306...
1306	`chown root:apache $DIR_DEST_ETC/alcasar-*`	1306	`chown root:apache $DIR_DEST_ETC/alcasar-*`
1307	`chmod 660 $DIR_DEST_ETC/alcasar-*`	1307	`chmod 660 $DIR_DEST_ETC/alcasar-*`
1308	`# Configuration des fichier WEB d'interception (secret partagé avec coova-chilli)`	1308	`# Configuration des fichier WEB d'interception (secret partagé avec coova-chilli)`
1309	`$SED "s?^\$uamsecret =.*?\$uamsecret = \"$secretuam\";?g" $DIR_WEB/intercept.php`	1309	`$SED "s?^\$uamsecret =.*?\$uamsecret = \"$secretuam\";?g" $DIR_WEB/intercept.php`
1310	`# user 'chilli' creation (in order to run conup/off and up/down scripts`	1310	`# user 'chilli' creation (in order to run conup/off and up/down scripts`
1311	chilli_exist=`grep chilli /etc/passwd\|wc -l`	1311	chilli_exist=`grep -c ^chilli: /etc/passwd`
1312	`if [ "$chilli_exist" == "1" ]`	1312	`if [ "$chilli_exist" == "1" ]`
1313	`then`	1313	`then`
1314	`userdel -r chilli 2>/dev/null`	1314	`userdel -r chilli 2>/dev/null`
1315	`fi`	1315	`fi`
1316	`groupadd -f chilli`	1316	`groupadd -f chilli`
Line 1383...	Line 1383...
1383	`## - configuration of havp, libclamav and freshclam ##`	1383	`## - configuration of havp, libclamav and freshclam ##`
1384	`##################################################################`	1384	`##################################################################`
1385	`antivirus ()`	1385	`antivirus ()`
1386	`{`	1386	`{`
1387	`# create 'havp' user`	1387	`# create 'havp' user`
1388	havp_exist=`grep havp /etc/passwd\|wc -l`	1388	havp_exist=`grep -c ^havp: /etc/passwd`
1389	`if [ "$havp_exist" == "1" ]`	1389	`if [ "$havp_exist" == "1" ]`
1390	`then`	1390	`then`
1391	`userdel -r havp 2>/dev/null`	1391	`userdel -r havp 2>/dev/null`
1392	`groupdel havp 2>/dev/null`	1392	`groupdel havp 2>/dev/null`
1393	`fi`	1393	`fi`
Line 1436...	Line 1436...
1436	`## Fonction "tinyproxy" ##`	1436	`## Fonction "tinyproxy" ##`
1437	`## - configuration of tinyproxy (proxy between filterde users and havp) ##`	1437	`## - configuration of tinyproxy (proxy between filterde users and havp) ##`
1438	`##########################################################################`	1438	`##########################################################################`
1439	`tinyproxy ()`	1439	`tinyproxy ()`
1440	`{`	1440	`{`
1441	tinyproxy_exist=`grep tinyproxy /etc/passwd\|wc -l`	1441	tinyproxy_exist=`grep -c ^tinyproxy: /etc/passwd`
1442	`if [ "$tinyproxy_exist" == "1" ]`	1442	`if [ "$tinyproxy_exist" == "1" ]`
1443	`then`	1443	`then`
1444	`userdel -r tinyproxy 2>/dev/null`	1444	`userdel -r tinyproxy 2>/dev/null`
1445	`groupdel tinyproxy 2>/dev/null`	1445	`groupdel tinyproxy 2>/dev/null`
1446	`fi`	1446	`fi`
Line 2162...	Line 2162...
2162	`echo "net.ipv6.conf.default.autoconf = 0" >> /etc/sysctl.d/alcasar.conf`	2162	`echo "net.ipv6.conf.default.autoconf = 0" >> /etc/sysctl.d/alcasar.conf`
2163	`# switch to multi-users runlevel (instead of x11)`	2163	`# switch to multi-users runlevel (instead of x11)`
2164	`ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target`	2164	`ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target`
2165	`# GRUB modifications (only one time)`	2165	`# GRUB modifications (only one time)`
2166	`# Limit wait time to 3s - Create an alcasar entry instead of linux-nonfb - Change the default banner`	2166	`# Limit wait time to 3s - Create an alcasar entry instead of linux-nonfb - Change the default banner`
2167	vm_vga=`lsmod \| egrep "virtio\|vmwgfx" \| wc -l` # test if in VM	2167	vm_vga=`lsmod \| egrep -c "virtio\|vmwgfx"` # test if in VM
2168	grub_already_modified=`grep ALCASAR /boot/grub/menu.lst\|wc -l`	2168	grub_already_modified=`grep -c ALCASAR /boot/grub/menu.lst`
2169	`[ -e /etc/mageia-release.default ] \|\| cp /etc/mageia-release /etc/mageia-release.default`	2169	`[ -e /etc/mageia-release.default ] \|\| cp /etc/mageia-release /etc/mageia-release.default`
2170	`if [ $grub_already_modified == 0 ]`	2170	`if [ $grub_already_modified == 0 ]`
2171	`then`	2171	`then`
2172	`$SED "s?^timeout.*?timeout 3?g" /boot/grub/menu.lst`	2172	`$SED "s?^timeout.*?timeout 3?g" /boot/grub/menu.lst`
2173	`$SED "s?^title linux?title ALCASAR?g" /boot/grub/menu.lst`	2173	`$SED "s?^title linux?title ALCASAR?g" /boot/grub/menu.lst`
Line 2220...	Line 2220...
2220	`echo`	2220	`echo`
2221	`echo "- Le centre de controle d'ALCASAR (ACC) est à l'adresse http://alcasar.localdomain"`	2221	`echo "- Le centre de controle d'ALCASAR (ACC) est à l'adresse http://alcasar.localdomain"`
2222	`echo`	2222	`echo`
2223	`echo " Appuyez sur 'Entrée' pour continuer"`	2223	`echo " Appuyez sur 'Entrée' pour continuer"`
2224	`else`	2224	`else`
2225	`echo "# Enf of ALCASAR install process #"`	2225	`echo "# End of ALCASAR install process #"`
2226	`echo "# #"`	2226	`echo "# #"`
2227	`echo "# Application Libre pour le Contrôle Authentifié et Sécurisé #"`	2227	`echo "# Application Libre pour le Contrôle Authentifié et Sécurisé #"`
2228	`echo "# des Accès au Réseau ( ALCASAR ) #"`	2228	`echo "# des Accès au Réseau ( ALCASAR ) #"`
2229	`echo "# #"`	2229	`echo "# #"`
2230	`echo "#############################################################################"`	2230	`echo "#############################################################################"`
Line 2322...	Line 2322...
2322	`then echo "#### Installation avec mise à jour ####";`	2322	`then echo "#### Installation avec mise à jour ####";`
2323	`else echo "#### Installation with update ####";`	2323	`else echo "#### Installation with update ####";`
2324	`fi`	2324	`fi`
2325	`# Extract the central configuration file`	2325	`# Extract the central configuration file`
2326	`tar -xf /tmp/alcasar-conf* conf/etc/alcasar.conf`	2326	`tar -xf /tmp/alcasar-conf* conf/etc/alcasar.conf`
2327	ORGANISME=`grep ORGANISM conf/etc/alcasar.conf\|cut -d"=" -f2`	2327	ORGANISME=`grep ^ORGANISM= conf/etc/alcasar.conf\|cut -d"=" -f2`
2328	PREVIOUS_VERSION=`grep VERSION conf/etc/alcasar.conf\|cut -d"=" -f2`	2328	PREVIOUS_VERSION=`grep ^VERSION= conf/etc/alcasar.conf\|cut -d"=" -f2`
2329	MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION\|cut -d"." -f1`	2329	MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION\|cut -d"." -f1`
2330	MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION\|cut -d"." -f2\|cut -c1`	2330	MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION\|cut -d"." -f2\|cut -c1`
2331	UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION\|cut -d"." -f3`	2331	UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION\|cut -d"." -f3`
2332	`mode="update"`	2332	`mode="update"`
2333	`fi`	2333	`fi`

Subversion Repositories ALCASAR

(root)/alcasar.sh @ 2681 – Rev 2395 → 2396