WebSVN – ALCASAR – Diff – /alcasar.sh

 #!/bin/bash
-#  $Id: alcasar.sh 2861 2020-10-04 20:41:06Z rexy $
+#  $Id: alcasar.sh 2863 2020-10-05 15:51:53Z rexy $
 # alcasar.sh
 # ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
 # This script is distributed under the Gnu General Public License (GPL)
 #  team@alcasar.net
 # Clamd adaptation to e2guardian
 [ -e /lib/systemd/system/clamav-daemon.service.default ] || cp /lib/systemd/system/clamav-daemon.service /lib/systemd/system/clamav-daemon.service.default
 	$SED "/^[Service]/a ExecStartPre=\/bin\/chown e2guardian:e2guardian \/run\/clamav" /lib/systemd/system/clamav-daemon.service
 	$SED "/^[Service]/a ExecStartPre=\/bin\/mkdir -p \/run\/clamav" /lib/systemd/system/clamav-daemon.service
 [ -e /etc/clamd.conf.default ] || cp /etc/clamd.conf /etc/clamd.conf.default
-	$SED "s?^User.*?User e2guardian?g" /etc/clamd.conf
 	$SED "s?^MaxThreads.*?MaxThreads 32?g" /etc/clamd.conf
 	$SED "s?^#LogTime.*?LogTime yes?g" /etc/clamd.conf # enable logtime for each message
 	$SED "s?^LogVerbose.*?LogVerbose no?g" /etc/clamd.conf
 	$SED "s?^#LogRotate.*?LogRotate yes?g" /etc/clamd.conf
-	chown -R e2guardian:e2guardian /var/log/clamav /var/lib/clamav
+	chown -R clamav:clamav /var/log/clamav /var/lib/clamav
 	chmod 775 /var/log/clamav /var/lib/clamav
 	chmod 664 /var/log/clamav/*
 # update virus database every 4 hours (24h/6)
 	[ -e /etc/freshclam.conf.default ] || cp /etc/freshclam.conf /etc/freshclam.conf.default
 	$SED "s?^Checks.*?Checks 6?g" /etc/freshclam.conf
 	$SED "s?^NotifyClamd.*?# NotifyClamd /etc/clamd.conf?g" /etc/freshclam.conf
 	$SED "/^DatabaseMirror/a DatabaseMirror db.fr.clamav.net" /etc/freshclam.conf
 	$SED "s?^MaxAttempts.*?MaxAttempts 3?g" /etc/freshclam.conf
-	$SED "s?^DatabaseOwner.*?DatabaseOwner e2guardian?g" /etc/freshclam.conf
 # update now
 	/usr/bin/freshclam --no-warnings --quiet
 } # End of antivirus()
 ##############################################################
 } # End of gammu_smsd()
 ############################################################
 ##                 Fonction "msec"                        ##
 ## - Apply the "fileserver" security level                ##
-## - remove the "system request" for rebboting            ##
+## - remove the "system request" for rebooting            ##
 ## - Fix several file permissions                         ##
 ############################################################
 msec()
+{
 /etc/freeradius-web/admin.conf          root.apache     640
 /etc/raddb/client.conf                  radius.radius   640
 /etc/raddb/radius.conf                  radius.radius   640
 /etc/raddb/mods-available/ldap          radius.apache   660
 /etc/raddb/sites-available/alcasar      radius.apache   660
-/etc/pki/CA/                            root.apache     750
+/etc/pki/CA/                            root.apache     750 force
-/etc/pki/CA/*                           root.apache     640
+/etc/pki/CA/*                           root.apache     640 force
-/etc/pki/CA/private/                    root.root       700
+/etc/pki/CA/private/                    root.root       700 force
-/etc/pki/CA/private/*                   root.root       600
+/etc/pki/CA/private/*                   root.root       600 force
-/etc/pki/tls/private/                   root.apache     750
+/etc/pki/tls/private/                   root.apache     750 force
-/etc/pki/tls/private/*                  root.apache     640
+/etc/pki/tls/private/*                  root.apache     640 force
+/var/log/clamav/                        clamav.clamav   755 force
+/var/log/clamav/*                       clamav.clamav   764 force
+/var/lib/clamav/                        clamav.clamav   755 force
 EOF
 # apply now hourly & daily checks
 /usr/sbin/msec
 /etc/cron.weekly/msec

Subversion Repositories ALCASAR

(root)/alcasar.sh @ 2643 – Rev 2861 → 2863