| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar.sh 3180 2024-03-04 17:33:37Z rexy $
|
2 |
# $Id: alcasar.sh 3190 2024-04-07 22:35:03Z rexy $
|
| 3 |
|
3 |
|
| 4 |
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
4 |
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
| 5 |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
|
5 |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
|
| 6 |
# contact : info@alcasar.net
|
6 |
# contact : info@alcasar.net
|
| 7 |
|
7 |
|
| Line 72... |
Line 72... |
| 72 |
|
72 |
|
| 73 |
license()
|
73 |
license()
|
| 74 |
{
|
74 |
{
|
| 75 |
if [ $Lang == "fr" ]
|
75 |
if [ $Lang == "fr" ]
|
| 76 |
then
|
76 |
then
|
| - |
|
77 |
echo " *******************************"
|
| - |
|
78 |
echo " **** Licence d'utilisation ****"
|
| - |
|
79 |
echo " *******************************"
|
| - |
|
80 |
echo
|
| 77 |
cat $DIR_INSTALL/gpl-warning.fr.txt | more
|
81 |
echo "ALCASAR est un logiciel libre"
|
| - |
|
82 |
echo
|
| - |
|
83 |
echo "Avant de l'installer, vous devez accepter les termes de sa licence 'GPL-V3'"
|
| - |
|
84 |
echo "Le descriptif de cette licence est disponible dans le fichier 'GPL-3.0.txt'"
|
| - |
|
85 |
echo "Une traduction française est disponible dans le fichier 'GPL-3.0.fr.txt'."
|
| - |
|
86 |
echo
|
| - |
|
87 |
echo "Les objectifs de cette licence sont de garantir à l'utilisateur :"
|
| - |
|
88 |
echo "- La liberté d'exécuter le logiciel, pour n'importe quel usage ;"
|
| - |
|
89 |
echo "- La liberté d'étudier et d'adapter le logiciel à ses besoins ;"
|
| - |
|
90 |
echo "- La liberté de redistribuer des copies ;"
|
| - |
|
91 |
echo "- L'obligation de faire bénéficier à la communauté les versions modifiées."
|
| - |
|
92 |
echo
|
| 78 |
else
|
93 |
else
|
| - |
|
94 |
echo " *******************************"
|
| - |
|
95 |
echo " **** User License ****"
|
| - |
|
96 |
echo " *******************************"
|
| - |
|
97 |
echo
|
| - |
|
98 |
echo "ALCASAR is an open source software"
|
| - |
|
99 |
echo
|
| - |
|
100 |
echo "Before install it, you must understand and accept the license 'GPL-V3'"
|
| - |
|
101 |
echo "you can read this license in the file 'GPL-3.0.txt'"
|
| - |
|
102 |
echo
|
| - |
|
103 |
echo "The goals of this license are :"
|
| 79 |
cat $DIR_INSTALL/gpl-warning.txt | more
|
104 |
echo "- the freedom of using the software ;"
|
| - |
|
105 |
echo "- the freedom of studying et adapting it for its own uses ;"
|
| - |
|
106 |
echo "- the freedom of redistributing copies of it ;"
|
| - |
|
107 |
echo "- the compulsory of giving the modify versions to the community"
|
| - |
|
108 |
echo
|
| 80 |
fi
|
109 |
fi
|
| 81 |
response=0
|
110 |
response=0
|
| 82 |
PTN='^[oOyYnN]?$'
|
111 |
PTN='^[oOyYnN]?$'
|
| 83 |
until [[ "$response" =~ $PTN ]]
|
112 |
until [[ "$response" =~ $PTN ]]
|
| 84 |
do
|
113 |
do
|
| Line 103... |
Line 132... |
| 103 |
echo "-----------------------------------------------------------------------------"
|
132 |
echo "-----------------------------------------------------------------------------"
|
| 104 |
} # End of header_install()
|
133 |
} # End of header_install()
|
| 105 |
|
134 |
|
| 106 |
########################################################
|
135 |
########################################################
|
| 107 |
## "system_testing" ##
|
136 |
## "system_testing" ##
|
| 108 |
## - Test Mageia version ##
|
137 |
## - Test distribution version ##
|
| 109 |
## - Test ALCASAR version (if already installed) ##
|
138 |
## - Test ALCASAR version (if already installed) ##
|
| 110 |
## - Test free space on /var (>10G) ##
|
139 |
## - Test free space on /var (>10G) ##
|
| 111 |
## - Test Internet access ##
|
140 |
## - Test Internet access ##
|
| 112 |
########################################################
|
141 |
########################################################
|
| 113 |
system_testing()
|
142 |
system_testing()
|
| 114 |
{
|
143 |
{
|
| 115 |
# Test of Mageia version
|
144 |
# Test of Mageia version
|
| 116 |
# extract the current Mageia version and hardware architecture (X86_64)
|
145 |
# extract the current Mageia version and hardware architecture (X86_64)
|
| 117 |
fic=`cat /etc/product.id`
|
146 |
fic="/etc/product.id"
|
| 118 |
unknown_os=0
|
- |
|
| 119 |
old="$IFS"
|
- |
|
| 120 |
IFS=","
|
- |
|
| 121 |
set $fic
|
- |
|
| 122 |
for i in "$@"
|
- |
|
| 123 |
do
|
- |
|
| 124 |
if [ "`echo $i|grep distribution|cut -d'=' -f1`" == "distribution" ]
|
- |
|
| 125 |
then
|
- |
|
| 126 |
DISTRIBUTION=`echo $i|cut -d"=" -f2`
|
147 |
DISTRIBUTION_NAME=`cat $fic|cut -d"," -f2|cut -d"=" -f2`
|
| 127 |
unknown_os=`expr $unknown_os + 1`
|
- |
|
| 128 |
fi
|
- |
|
| 129 |
if [ "`echo $i|grep version|cut -d'=' -f1`" == "version" ]
|
- |
|
| 130 |
then
|
- |
|
| 131 |
CURRENT_VERSION=`echo $i|cut -d"=" -f2`
|
148 |
DISTRIBUTION_VERSION=`cat $fic|cut -d"," -f4|cut -d"=" -f2`
|
| 132 |
unknown_os=`expr $unknown_os + 1`
|
- |
|
| 133 |
fi
|
- |
|
| 134 |
if [ "`echo $i|grep arch|cut -d'=' -f1`" == "arch" ]
|
- |
|
| 135 |
then
|
- |
|
| 136 |
ARCH=`echo $i|cut -d"=" -f2`
|
149 |
DISTRIBUTION_ARCH=`cat $fic|cut -d"," -f7|cut -d"=" -f2`
|
| 137 |
unknown_os=`expr $unknown_os + 1`
|
- |
|
| 138 |
fi
|
- |
|
| 139 |
done
|
- |
|
| 140 |
if [ "$ARCH" != "x86_64" ]
|
150 |
if [ "$DISTRIBUTION_ARCH" != "x86_64" ]
|
| 141 |
then
|
151 |
then
|
| 142 |
if [ $Lang == "fr" ]
|
152 |
if [ $Lang == "fr" ]
|
| 143 |
then echo "Votre architecture matérielle doit être en 64bits"
|
153 |
then echo "Votre architecture matérielle doit être en 64bits"
|
| 144 |
else echo "You hardware architecture must be 64bits"
|
154 |
else echo "You hardware architecture must be 64bits"
|
| 145 |
fi
|
155 |
fi
|
| 146 |
exit 1
|
156 |
exit 1
|
| 147 |
fi
|
157 |
fi
|
| 148 |
IFS="$old"
|
- |
|
| 149 |
if [[ ( $unknown_os != 3 ) || ("$DISTRIBUTION" != "Mageia" ) || (( "$CURRENT_VERSION" != "7" ) && ( "$CURRENT_VERSION" != "8" ))]]
|
158 |
if [[("$DISTRIBUTION_NAME" != "Mageia" ) || (( "$DISTRIBUTION_VERSION" != "8" ) && ( "$DISTRIBUTION_VERSION" != "9" ))]]
|
| 150 |
then
|
159 |
then
|
| 151 |
if [ -e /var/tmp/alcasar-conf.tar.gz ] # update
|
160 |
if [ -e /var/tmp/alcasar-conf.tar.gz ] # update
|
| 152 |
then
|
161 |
then
|
| 153 |
echo
|
162 |
echo
|
| 154 |
if [ $Lang == "fr" ]
|
163 |
if [ $Lang == "fr" ]
|
| Line 368... |
Line 377... |
| 368 |
echo "ONBOOT=yes"
|
377 |
echo "ONBOOT=yes"
|
| 369 |
exit 1
|
378 |
exit 1
|
| 370 |
fi
|
379 |
fi
|
| 371 |
echo -n "."
|
380 |
echo -n "."
|
| 372 |
# Test if default GW is alive
|
381 |
# Test if default GW is alive
|
| 373 |
arp_reply=`/usr/sbin/arping -b -I$EXTIF -c1 -w2 $PUBLIC_GATEWAY|grep response|cut -d" " -f2`
|
382 |
arp_reply=`LANG=en_US.UTF8 /usr/sbin/arping -b -I$EXTIF -c1 -w2 $PUBLIC_GATEWAY|grep response|cut -d" " -f2`
|
| 374 |
if [ "$(expr $arp_reply)" -eq 0 ]
|
383 |
if [ "$(expr $arp_reply)" -eq 0 ]
|
| 375 |
then
|
384 |
then
|
| 376 |
if [ $Lang == "fr" ]
|
385 |
if [ $Lang == "fr" ]
|
| 377 |
then
|
386 |
then
|
| 378 |
echo -e "\nÉchec"
|
387 |
echo -e "\nÉchec"
|
| Line 2222... |
Line 2231... |
| 2222 |
# GRUB2 modifications (Wait time : 3s - ALCASAR entry - VGA=791 - Change the default banner
|
2231 |
# GRUB2 modifications (Wait time : 3s - ALCASAR entry - VGA=791 - Change the default banner
|
| 2223 |
[ -e /etc/default/grub.default ] || cp /etc/default/grub /etc/default/grub.default
|
2232 |
[ -e /etc/default/grub.default ] || cp /etc/default/grub /etc/default/grub.default
|
| 2224 |
$SED "s?^GRUB_TIMEOUT=.*?GRUB_TIMEOUT=3?g" /etc/default/grub
|
2233 |
$SED "s?^GRUB_TIMEOUT=.*?GRUB_TIMEOUT=3?g" /etc/default/grub
|
| 2225 |
$SED "s?^GRUB_DISTRIBUTOR=.*?GRUB_DISTRIBUTOR=ALCASAR?g" /etc/default/grub
|
2234 |
$SED "s?^GRUB_DISTRIBUTOR=.*?GRUB_DISTRIBUTOR=ALCASAR?g" /etc/default/grub
|
| 2226 |
[ -e /etc/mageia-release.default ] || cp /etc/mageia-release /etc/mageia-release.default
|
2235 |
[ -e /etc/mageia-release.default ] || cp /etc/mageia-release /etc/mageia-release.default
|
| 2227 |
vm_vga=`lsmod | egrep -c "virtio|vmwgfx"` # test if in VM
|
2236 |
vm_vga=`lsmod | grep -c -E "virtio|vmwgfx"` # test if in VM
|
| 2228 |
if [ $vm_vga == 0 ] # is not a VM
|
2237 |
if [ $vm_vga == 0 ] # is not a VM
|
| 2229 |
then
|
2238 |
then
|
| 2230 |
cp -f $DIR_CONF/banner /etc/mageia-release # ALCASAR ASCII-Art
|
2239 |
cp -f $DIR_CONF/banner /etc/mageia-release # ALCASAR ASCII-Art
|
| 2231 |
echo >> /etc/mageia-release
|
2240 |
echo >> /etc/mageia-release
|
| 2232 |
$SED "s?^GRUB_CMDLINE_LINUX_DEFAULT=\"?&vga=791 ?" /etc/default/grub
|
2241 |
$SED "s?^GRUB_CMDLINE_LINUX_DEFAULT=\"?&vga=791 ?" /etc/default/grub
|
| Line 2367... |
Line 2376... |
| 2367 |
fi
|
2376 |
fi
|
| 2368 |
# Avoid some RPM automatic updates
|
2377 |
# Avoid some RPM automatic updates
|
| 2369 |
echo "/^kernel/" > /etc/urpmi/skip.list
|
2378 |
echo "/^kernel/" > /etc/urpmi/skip.list
|
| 2370 |
echo "/^wkhtmltopdf/" >> /etc/urpmi/skip.list
|
2379 |
echo "/^wkhtmltopdf/" >> /etc/urpmi/skip.list
|
| 2371 |
echo "/^freeradius/" >> /etc/urpmi/skip.list
|
2380 |
echo "/^freeradius/" >> /etc/urpmi/skip.list
|
| 2372 |
if [ `egrep '^exclude=' /etc/dnf/dnf.conf |wc -l` -eq "1" ]; then
|
2381 |
if [ `grep -E '^exclude=' /etc/dnf/dnf.conf |wc -l` -eq "1" ]; then
|
| 2373 |
$SED "s?^exclude=.*?exclude=kernel\* wkhtmltopdf freeradius?g" /etc/dnf/dnf.conf
|
2382 |
$SED "s?^exclude=.*?exclude=kernel\* wkhtmltopdf freeradius?g" /etc/dnf/dnf.conf
|
| 2374 |
else
|
2383 |
else
|
| 2375 |
echo "exclude=kernel* wkhtmltopdf freeradius" >> /etc/dnf/dnf.conf
|
2384 |
echo "exclude=kernel* wkhtmltopdf freeradius" >> /etc/dnf/dnf.conf
|
| 2376 |
fi
|
2385 |
fi
|
| 2377 |
# Test if conf file
|
2386 |
# Test if conf file
|