393,7 → 393,6 |
USERCTL=no |
EOF |
# Configuration du serveur de temps |
echo "synchronisation horaire ..." |
[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default |
cat <<EOF > /etc/ntp.conf |
server 0.fr.pool.ntp.org |
406,7 → 405,6 |
logfile /var/log/ntp.log |
EOF |
chown -R ntp:ntp /etc/ntp |
ntpd -q -g & |
# Configuration du serveur dhcpd de secours (mode bypass) |
[ -e /etc/dhcpd.conf.default ] || cp /etc/dhcpd.conf /etc/dhcpd.conf.default 2> /dev/null |
cat <<EOF > /etc/dhcpd.conf |
511,6 → 509,8 |
# Création des fichiers de clés des deux autres profils (backup + manager) contenant ce compte |
$DIR_DEST_SBIN/alcasar-profil.sh -list |
fi |
# synchronisation horaire |
ntpd -q -g & |
# Sécurisation du centre |
rm -f /etc/httpd/conf/webapps.d/* |
cat <<EOF > /etc/httpd/conf/webapps.d/alcasar.conf |
933,27 → 933,29 |
|
################################################################## |
## Fonction antivirus ## |
## - mise en place havp + clamav ## |
## - configuration havp + clamav ## |
################################################################## |
antivirus () |
{ |
# création de la partition de stockage temporaire (100Mo) |
useradd -r havp |
dd if=/dev/zero of=/tmp/havp-disk bs=1024k count=30 |
mkfs.ext4 -qF /tmp/havp-disk |
mkdir /var/tmp/havp /var/log/havp /var/run/havp |
echo "# Entry for havp tmp files scan partition" >> /etc/fstab |
echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab |
mount /var/tmp/havp |
# copie et configuration d'HAVP |
cp $DIR_CONF/havp/havp $DIR_DEST_SBIN |
cp -r $DIR_CONF/havp/etc/havp $DIR_DEST_ETC |
cp $DIR_CONF/havp/etc/init.d/havp /etc/init.d/ |
chkconfig --level 345 havp on |
chkconfig --level 01267 havp off |
chown -R havp.havp /var/tmp/havp /var/log/havp /var/run/havp |
chown -R havp.apache $DIR_DEST_ETC/havp |
chmod 770 $DIR_DEST_ETC/havp |
dd if=/dev/zero of=/tmp/havp-disk bs=1024k count=30 |
mkfs.ext4 -qF /tmp/havp-disk |
mkdir /var/tmp/havp |
echo "# Entry for havp tmp files scan partition" >> /etc/fstab |
echo "/tmp/havp-disk /var/tmp/havp ext4 loop,mand,noatime,async" >> /etc/fstab |
mount /var/tmp/havp |
chown -R havp /var/tmp/havp |
# configuration d'HAVP |
[ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default |
$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config |
$SED "s?^# PARENTPROXY.*?PARENTPROXY 127.0.0.1?g" /etc/havp/havp.config |
$SED "s?^# PARENTPORT.*?PARENTPORT 3128?g" /etc/havp/havp.config |
$SED "s?^# PORT.*?PORT 8090?g" /etc/havp/havp.config |
$SED "s?^# BIND_ADDRESS.*?BIND_ADDRESS 127.0.0.1?g" /etc/havp/havp.config |
$SED "s?^ENABLECLAMLIB.*?ENABLECLAMLIB true?g" /etc/havp/havp.config |
# mise à jour de la base antivirale de clamav toutes les 2 heures |
$SED "s?^Checks.*?Checks 12?g" /etc/freshclam.conf |
$SED "s?^NotifyClamd.*?# NotifyClamd /etc/clamd.conf?g" /etc/freshclam.conf |
} |
|
################################################################################## |
1168,7 → 1170,7 |
chmod 644 /etc/logrotate.d/* |
# processus lancés par défaut au démarrage |
$SED "s?^# chkconfig:.*?# chkconfig: 345 11 90?g" /etc/init.d/mysqld # pour éviter les alertes de dépendance de services (netfs) |
for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named |
for i in netfs ntpd iptables ulogd squid chilli httpd radiusd mysqld dansguardian named havp freshclam |
do |
/sbin/chkconfig --add $i |
done |