800,45 → 800,56 |
</html> |
EOF |
# Définition du premier compte lié au profil 'admin' |
if [ "$mode" = "install" ] |
then |
header_install |
admin_portal=! |
PTN='^[a-zA-Z0-9-]*$' |
until [[ $(expr $admin_portal : $PTN) -gt 0 ]] |
do |
if [ "$mode" = "install" ] |
then |
header_install |
if [ $Lang == "fr" ] |
then |
echo "" |
echo "Définissez un premier compte d'administration d'ALCASAR :" |
echo |
echo -n "Nom : " |
else |
echo "" |
echo "Define the first account allow to administrate ALCASAR :" |
echo |
echo -n "Account : " |
fi |
read admin_portal |
if [ "$admin_portal" == "" ] |
then |
admin_portal=! |
fi |
done |
admin_portal=! |
PTN='^[a-zA-Z0-9-]*$' |
until [[ $(expr $admin_portal : $PTN) -gt 0 ]] |
do |
header_install |
if [ $Lang == "fr" ] |
then |
echo "" |
echo "Définissez un premier compte d'administration d'ALCASAR :" |
echo |
echo -n "Nom : " |
else |
echo "" |
echo "Define the first account allow to administrate ALCASAR :" |
echo |
echo -n "Account : " |
fi |
read admin_portal |
if [ "$admin_portal" == "" ] |
then |
admin_portal=! |
fi |
done |
# Creation of keys file for the admin account ("admin") |
[ -d $DIR_DEST_ETC/digest ] && rm -rf $DIR_DEST_ETC/digest |
mkdir -p $DIR_DEST_ETC/digest |
chmod 755 $DIR_DEST_ETC/digest |
until [ -s $DIR_DEST_ETC/digest/key_admin ] |
do |
/usr/bin/htdigest -c $DIR_DEST_ETC/digest/key_admin "ALCASAR Control Center (ACC)" $admin_portal |
done |
$DIR_DEST_BIN/alcasar-profil.sh --list |
fi |
[ -d $DIR_DEST_ETC/digest ] && rm -rf $DIR_DEST_ETC/digest |
mkdir -p $DIR_DEST_ETC/digest |
chmod 755 $DIR_DEST_ETC/digest |
until [ -s $DIR_DEST_ETC/digest/key_admin ] |
do |
/usr/bin/htdigest -c $DIR_DEST_ETC/digest/key_admin "ALCASAR Control Center (ACC)" $admin_portal |
done |
$DIR_DEST_BIN/alcasar-profil.sh --list |
fi |
# ACC partitioning |
rm -f /etc/httpd/conf/webapps.d/alcasar* |
cat <<EOF > /etc/httpd/conf/webapps.d/alcasar.conf |
<Directory $DIR_WEB> |
AllowOverride None |
Order deny,allow |
Deny from all |
Allow from 127.0.0.1 |
Allow from $PRIVATE_NETWORK_MASK |
ErrorDocument 404 https://$HOSTNAME.$DOMAIN/ |
</Directory> |
<Directory $DIR_WEB/certs> |
AddType application/x-x509-ca-cert crt |
</Directory> |
<Directory $DIR_ACC> |
SSLRequireSSL |
AllowOverride None |
915,14 → 926,12 |
ErrorDocument 404 https://$HOSTNAME.$DOMAIN/ |
</Directory> |
EOF |
# Replacement of the extension .cer by .der in MIME type |
$SED "s?^application/pkix-cert.*?application/pkix-cert der?g" /etc/mime.types |
# Launch after coova (in order to wait tun0 to be up) |
$SED "s?^After=.*?After=network.target remote-fs.target nss-lookup.target chilli.service?g" /lib/systemd/system/httpd.service |
# Log file for ACC access imputability |
[ -e /var/Save/security/acc_access.log ] || touch /var/Save/security/acc_access.log |
chown root:apache /var/Save/security/acc_access.log |
chmod 664 /var/Save/security/acc_access.log |
# Launch after coova (in order to wait tun0 to be up) |
$SED "s?^After=.*?After=network.target remote-fs.target nss-lookup.target chilli.service?g" /lib/systemd/system/httpd.service |
# Log file for ACC access imputability |
[ -e /var/Save/security/acc_access.log ] || touch /var/Save/security/acc_access.log |
chown root:apache /var/Save/security/acc_access.log |
chmod 664 /var/Save/security/acc_access.log |
} # End of ACC () |
|
########################################################################## |