| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar.sh 2409 2017-09-14 18:52:54Z tom.houdayer $
|
2 |
# $Id: alcasar.sh 2412 2017-09-17 12:11:23Z tom.houdayer $
|
| 3 |
|
3 |
|
| 4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
| 5 |
|
5 |
|
| 6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
| 7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
| Line 384... |
Line 384... |
| 384 |
done
|
384 |
done
|
| 385 |
fi
|
385 |
fi
|
| 386 |
# On crée aléatoirement les mots de passe et les secrets partagés
|
386 |
# On crée aléatoirement les mots de passe et les secrets partagés
|
| 387 |
rm -f $PASSWD_FILE
|
387 |
rm -f $PASSWD_FILE
|
| 388 |
grubpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c16`
|
388 |
grubpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c16`
|
| 389 |
echo -n "Password to protect the GRUB boot menu (!!!qwerty keyboard) : " > $PASSWD_FILE
|
389 |
echo "# Password to protect the GRUB boot menu (/!\\ qwerty keyboard):" > $PASSWD_FILE
|
| 390 |
echo "$grubpwd" >> $PASSWD_FILE
|
390 |
echo "grub=$grubpwd" >> $PASSWD_FILE
|
| 391 |
md5_grubpwd=`/usr/bin/openssl passwd -1 $grubpwd`
|
391 |
md5_grubpwd=`/usr/bin/openssl passwd -1 $grubpwd`
|
| 392 |
$SED "/^password.*/d" /boot/grub/menu.lst
|
392 |
$SED "/^password.*/d" /boot/grub/menu.lst
|
| 393 |
$SED "1ipassword --md5 $md5_grubpwd" /boot/grub/menu.lst
|
393 |
$SED "1ipassword --md5 $md5_grubpwd" /boot/grub/menu.lst
|
| 394 |
mysqlpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c16`
|
394 |
mysqlpwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c16`
|
| 395 |
echo -n "Name and password of Mysql/mariadb administrator : " >> $PASSWD_FILE
|
395 |
echo "# Password of MariaDB administrator:" >> $PASSWD_FILE
|
| 396 |
echo "root / $mysqlpwd" >> $PASSWD_FILE
|
396 |
echo "db_root=$mysqlpwd" >> $PASSWD_FILE
|
| 397 |
radiuspwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c16`
|
397 |
radiuspwd=`cat /dev/urandom | tr -dc [:alnum:] | head -c16`
|
| 398 |
echo -n "Name and password of Mysql/mariadb user : " >> $PASSWD_FILE
|
398 |
echo "# Name and password of MariaDB user:" >> $PASSWD_FILE
|
| - |
|
399 |
echo "db_user=$DB_USER" >> $PASSWD_FILE
|
| 399 |
echo "$DB_USER / $radiuspwd" >> $PASSWD_FILE
|
400 |
echo "db_password=$radiuspwd" >> $PASSWD_FILE
|
| 400 |
secretuam=`cat /dev/urandom | tr -dc [:alnum:] | head -c16`
|
401 |
secretuam=`cat /dev/urandom | tr -dc [:alnum:] | head -c16`
|
| 401 |
echo -n "Shared secret between the script 'intercept.php' and coova-chilli : " >> $PASSWD_FILE
|
402 |
echo "# Shared secret between the script 'intercept.php' and coova-chilli:" >> $PASSWD_FILE
|
| 402 |
echo "$secretuam" >> $PASSWD_FILE
|
403 |
echo "secret_uam=$secretuam" >> $PASSWD_FILE
|
| 403 |
secretradius=`cat /dev/urandom | tr -dc [:alnum:] | head -c16`
|
404 |
secretradius=`cat /dev/urandom | tr -dc [:alnum:] | head -c16`
|
| 404 |
echo -n "Shared secret between coova-chilli and FreeRadius : " >> $PASSWD_FILE
|
405 |
echo "# Shared secret between coova-chilli and FreeRadius:" >> $PASSWD_FILE
|
| 405 |
echo "$secretradius" >> $PASSWD_FILE
|
406 |
echo "secret_radius=$secretradius" >> $PASSWD_FILE
|
| 406 |
chmod 640 $PASSWD_FILE
|
407 |
chmod 640 $PASSWD_FILE
|
| 407 |
# copy scripts in in /usr/local/bin
|
408 |
# copy scripts in in /usr/local/bin
|
| 408 |
cp -f $DIR_SCRIPTS/alcasar* $DIR_DEST_BIN/. ; chown root:root $DIR_DEST_BIN/alcasar* ; chmod 740 $DIR_DEST_BIN/alcasar*
|
409 |
cp -f $DIR_SCRIPTS/alcasar* $DIR_DEST_BIN/. ; chown root:root $DIR_DEST_BIN/alcasar* ; chmod 740 $DIR_DEST_BIN/alcasar*
|
| 409 |
# copy conf files in /usr/local/etc
|
410 |
# copy conf files in /usr/local/etc
|
| 410 |
cp -f $DIR_CONF/etc/alcasar* $DIR_DEST_ETC/. ; chown -R root:apache $DIR_DEST_ETC ; chmod 770 $DIR_DEST_ETC ; chmod 660 $DIR_DEST_ETC/alcasar*
|
411 |
cp -f $DIR_CONF/etc/alcasar* $DIR_DEST_ETC/. ; chown -R root:apache $DIR_DEST_ETC ; chmod 770 $DIR_DEST_ETC ; chmod 660 $DIR_DEST_ETC/alcasar*
|
| 411 |
$SED "s?^radiussecret.*?radiussecret=\"$secretradius\"?g" $DIR_DEST_BIN/alcasar-logout.sh
|
- |
|
| 412 |
$SED "s?^DB_RADIUS=.*?DB_RADIUS=\"$DB_RADIUS\"?g" $DIR_DEST_BIN/alcasar-mysql.sh
|
412 |
$SED "s?^DB_RADIUS=.*?DB_RADIUS=\"$DB_RADIUS\"?g" $DIR_DEST_BIN/alcasar-mysql.sh
|
| 413 |
$SED "s?^DB_USER=.*?DB_USER=\"$DB_USER\"?g" $DIR_DEST_BIN/alcasar-mysql.sh $DIR_DEST_BIN/alcasar-conf.sh
|
- |
|
| 414 |
$SED "s?^radiuspwd=.*?radiuspwd=\"$radiuspwd\"?g" $DIR_DEST_BIN/alcasar-mysql.sh $DIR_DEST_BIN/alcasar-conf.sh
|
- |
|
| 415 |
# generate central conf file
|
413 |
# generate central conf file
|
| 416 |
cat <<EOF > $CONF_FILE
|
414 |
cat <<EOF > $CONF_FILE
|
| 417 |
##########################################
|
415 |
##########################################
|
| 418 |
## ##
|
416 |
## ##
|
| 419 |
## ALCASAR Parameters ##
|
417 |
## ALCASAR Parameters ##
|