Subversion Repositories ALCASAR

Rev

Rev 1485 | Rev 1488 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 1485 Rev 1486
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
#  $Id: alcasar.sh 1485 2014-11-12 08:12:40Z richard $
2 
#  $Id: alcasar.sh 1486 2014-11-13 11:15:17Z richard $
3 
 
 3 
 
4 
# alcasar.sh
 4 
# alcasar.sh
5 
 
 5 
 
6 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
6 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
7 
# Ce programme est un logiciel libre ; This software is free and open source
 7 
# Ce programme est un logiciel libre ; This software is free and open source
Line 1220... Line 1220...
1220 
	then
 1220 
	then
1221 
	      userdel -r havp 2>/dev/null
 1221 
	      userdel -r havp 2>/dev/null
1222 
	      groupdel havp 2>/dev/null
 1222 
	      groupdel havp 2>/dev/null
1223 
	fi
 1223 
	fi
1224 
	groupadd -f havp
 1224 
	groupadd -f havp
1225 
	useradd -r -g havp -s /bin/false -c "system user for havp" havp
 1225 
	useradd -r -g havp -s /bin/false -c "system user for havp (antivirus proxy)" havp
1226 
	mkdir -p /var/tmp/havp /var/log/havp /var/run/havp
 1226 
	mkdir -p /var/tmp/havp /var/log/havp /var/run/havp
1227 
	chown -R havp:havp /var/tmp/havp /var/log/havp /var/run/havp
 1227 
	chown -R havp:havp /var/tmp/havp /var/log/havp /var/run/havp
1228 
	[ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default
 1228 
	[ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default
1229 
	$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config
 1229 
	$SED "/^REMOVETHISLINE/d" /etc/havp/havp.config
1230 
	$SED "s?^# PIDFILE.*?PIDFILE /var/run/havp/havp.pid?g" /etc/havp/havp.config	# pidfile
 1230 
	$SED "s?^# PIDFILE.*?PIDFILE /var/run/havp/havp.pid?g" /etc/havp/havp.config	# pidfile
Line 1256... Line 1256...
1256 
	$SED "s?MaxAttempts.*?MaxAttempts 3?g" /etc/freshclam.conf
 1256 
	$SED "s?MaxAttempts.*?MaxAttempts 3?g" /etc/freshclam.conf
1257 
# update now
 1257 
# update now
1258 
	/usr/bin/freshclam --no-warnings
 1258 
	/usr/bin/freshclam --no-warnings
1259 
} # End of antivirus ()
 1259 
} # End of antivirus ()
1260 
 
 1260 
 
1261 
##################################################################
 1261 
##########################################################################
1262 
##			Fonction "antivirus"			##
 1262 
##			Fonction "tinyproxy"				##
1263 
## - configuration of havp, libclamav and freshclam		##
 1263 
## - configuration of tinyproxy (proxy between filterde users and havp)	##
1264 
##################################################################
 1264 
##########################################################################
1265 
tinyproxy ()
1265 
tinyproxy ()
1266 
{
 1266 
{
- 
 
 1267 
	tinyproxy_exist=`grep tinyproxy /etc/passwd|wc -l`
- 
 
 1268 
	if [ "$tinyproxy_exist" == "1" ]
- 
 
 1269 
	then
- 
 
 1270 
	      userdel -r tinyproxy 2>/dev/null
- 
 
 1271 
	      groupdel tinyproxy 2>/dev/null
- 
 
 1272 
	fi
- 
 
 1273 
	groupadd -f tinyproxy
- 
 
 1274 
	useradd -r -g tinyproxy -s /bin/false -c "system user for tinyproxy" havp
- 
 
 1275 
	mkdir -p /var/log/tinyproxy /var/run/tinyproxy
- 
 
 1276 
	chown -R tinyproxy:tinyproxy /var/log/tinyproxy /var/run/tinyproxy
- 
 
 1277 
	[ -e /etc/tinyproxy/tinyproxy.conf.default ] || cp /etc/tinyproxy/tinyproxy.conf /etc/tinyproxy/tinyproxy.conf.default
- 
 
 1278 
	$SED "s?^User.*?User tinyproxy?g" /etc/tinyproxy/tinyproxy.conf
- 
 
 1279 
	$SED "s?^Group.*?Group tinyproxy?g" /etc/tinyproxy/tinyproxy.conf
- 
 
 1280 
	$SED "s?^Port.*?Port 8090?g" /etc/tinyproxy/tinyproxy.conf			# Listen Port
- 
 
 1281 
	$SED "s?^#Listen.*?Listen $PRIVATE_IP?g" /etc/tinyproxy/tinyproxy.conf		# Listen NIC (only intif)
- 
 
 1282 
	$SED "s?^#LogFile.*?LogFile /var/log/tinyproxy/tinyproxy.log?g" /etc/tinyproxy/tinyproxy.conf
- 
 
 1283 
	$SED "s?^LogLevel.*?LogLevel Error?g" /etc/tinyproxy/tinyproxy.conf		# Only errors are logged
- 
 
 1284 
	$SED "s?^#Upstream.*?Upstream 127.0.0.1:8090?g" /etc/tinyproxy/tinyproxy.conf	# forward to HAVP
- 
 
 1285 
	$SED "s?^#DisableViaHeader.*?DisableViaHeader Yes?g" /etc/tinyproxy/tinyproxy.conf	# Stealth mode
1267 
 
 1286 
 
1268 
} # end of tinyproxy
 1287 
} # end of tinyproxy
1269 
##################################################################################
 1288 
##################################################################################
1270 
##			function "ulogd"					##
 1289 
##			function "ulogd"					##
1271 
## - Ulog config for multi-log files 						##
 1290 
## - Ulog config for multi-log files 						##
Line 1792... Line 1811...
1792 
 
 1811 
 
1793 
[Install]
 1812 
[Install]
1794 
WantedBy=multi-user.target
 1813 
WantedBy=multi-user.target
1795 
EOF
 1814 
EOF
1796 
# processes launched at boot time (SYSV)
 1815 
# processes launched at boot time (SYSV)
1797 
	for i in havp
1816 
	for i in havp tinyproxy
1798 
	do
 1817 
	do
1799 
		/sbin/chkconfig --add $i
 1818 
		/sbin/chkconfig --add $i
1800 
	done
 1819 
	done
1801 
# processes launched at boot time (Systemctl)
 1820 
# processes launched at boot time (Systemctl)
1802 
	for i in alcasar-load_balancing mysqld httpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban
 1821 
	for i in alcasar-load_balancing mysqld httpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban
Line 2009... Line 2028...
2009 
			MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1`
 2028 
			MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1`
2010 
			MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2|cut -c1`
 2029 
			MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2|cut -c1`
2011 
			UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3`
 2030 
			UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3`
2012 
			mode="update"
 2031 
			mode="update"
2013 
		fi
 2032 
		fi
2014 
		for func in init network ACC CA init_db radius radius_web chilli dansguardian antivirus ulogd nfsen dnsmasq BL cron fail2ban gammu_smsd post_install
 2033 
		for func in init network ACC CA init_db radius radius_web chilli dansguardian antivirus tinyproxy ulogd nfsen dnsmasq BL cron fail2ban gammu_smsd post_install
2015 
		do
 2034 
		do
2016 
			$func
 2035 
			$func
2017 
# echo "*** 'debug' : end of function $func ***"; read a
 2036 
# echo "*** 'debug' : end of function $func ***"; read a
2018 
		done
 2037 
		done
2019 
		;;
 2038 
		;;