WebSVN – ALCASAR – Diff – /scripts/alcasar-conf.sh

 #/bin/sh
-# $Id: alcasar-conf.sh 631 2011-06-12 10:34:00Z richard $
+# $Id: alcasar-conf.sh 632 2011-06-12 17:48:40Z richard $
 # $Author: richard $
 # by rexy
 # Ce script permet de créer ou de charger l'archive des fichiers de configuration (/tmp/alcasar-conf.tar.gz)
 DIR_UPDATE="/tmp/conf"				# répertoire de stockage des fichier de conf pour une mise à jour
 DIR_WEB="/var/www/html"				# répertoire du centre de gestion
 		[ -d $DIR_UPDATE ] && rm -rf $DIR_UPDATE
 		mkdir $DIR_UPDATE
 # Sauvegarde de la base des usagers
 		/usr/local/sbin/alcasar-mysql.sh -dump
 		cp /var/Save/base/`ls /var/Save/base|tail -1` $DIR_UPDATE
-# Sauvegarde du nom d'organisme
-		echo `cat /root/ALCASAR-parameters.txt|grep Organism|cut -d":" -f2|tr -d " "` > $DIR_UPDATE/organisme
 # Sauvegarde du logo
 		cp -f $DIR_WEB/images/organisme.png $DIR_UPDATE
 # Sauvegarde des fichiers exploités par dansguardian
 		cp -f /etc/dansguardian/lists/exceptioniplist $DIR_UPDATE
 		cp -f /etc/dansguardian/lists/exceptionsitelist $DIR_UPDATE
 			cp -f /etc/pki/CA/private/alcasar-ca.key $DIR_UPDATE
 		fi
 # si version < 2.2
 		if ([ $MAJ_RUNNING_VERSION -lt 2 ] || ([ $MAJ_RUNNING_VERSION -eq 2 ] && [ $MIN_RUNNING_VERSION -lt 2 ]))
 		then
+			ORGANISM=`cat /root/ALCASAR-parameters.txt|grep Organism|cut -d":" -f2|tr -d " "` # Sauvegarde du nom d'organisme
 			rm -f $DIR_UPDATE/etc/alcasar-ethers		# This file doesn't contain comments
 			# Create the initial conf file (doesn't exist in earlier versions)
 			cat <<EOF > $CONF_FILE
 ##########################################
 ##                                      ##
 ##                                      ##
 ##########################################
 INSTALL_DATE=$DATE
 VERSION=$RUNNING_VERSION
-ORGANISM=
+ORGANISM=$ORGANISM
 EOF
 		PUBLIC_IP=`grep IPADDR /etc/sysconfig/network-scripts/ifcfg-$EXTIF|cut -d"=" -f2` 	# @ip du portail (côté Internet)
 		PUBLIC_NETMASK=`grep NETMASK /etc/sysconfig/network-scripts/ifcfg-$EXTIF|cut -d"=" -f2`
 		PUBLIC_PREFIX=`/bin/ipcalc -p $PUBLIC_IP $PUBLIC_NETMASK |cut -d"=" -f2`		# prefixe du réseau (ex. 24)
 		PUBLIC_GATEWAY=`grep GATEWAY /etc/sysconfig/network-scripts/default-ifcfg-$EXTIF|cut -d"=" -f2`
 		if [[ "$?" -ne 0 ]]
 		then
 			echo "Syntax error for the IP address of the second DNS server ($DNS2)"
 			exit 0
 		fi
+		PUBLIC_IP=`echo $PUBLIC_IP_MASK | cut -d"/" -f1`
+		PUBLIC_NETMASK=`/bin/ipcalc -m $PUBLIC_IP_MASK | cut -d"=" -f2`
 		PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1`
-		PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2`	# @ masque du réseau de consult (255.255.255.0)
+		PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2`
 		private_network_calc
+		VERSION=`grep VERSION $CONF_FILE|cut -d"=" -f2`
+		INSTALL_DATE=`grep INSTALL_DATE $CONF_FILE|cut -d"=" -f2`
+		ORGANISME=`grep ORGANISM $CONF_FILE|cut -d"=" -f2`
 # /etc/hosts
 		cat <<EOF > /etc/hosts
 .0.0.1	localhost
 $PRIVATE_IP	$HOSTNAME
 		$SED "s?^IPADDR=.*?IPADDR=$PUBLIC_IP?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
 		$SED "s?^NETMASK=.*?NETMASK=$PUBLIC_NETMASK?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
 		$SED "s?^GATEWAY=.*?GATEWAY=$PUBLIC_GATEWAY?" /etc/sysconfig/network-scripts/ifcfg-$EXTIF
 		$SED "s?^IPADDR=.*?IPADDR=$PRIVATE_IP?" /etc/sysconfig/network-scripts/ifcfg-$INTIF
 		$SED "s?^NETMASK=.*?NETMASK=$PRIVATE_NETMASK?" /etc/sysconfig/network-scripts/ifcfg-$INTIF
-echo "NIC ok"
 # NTP server
-		$SED "s?^restrict.*?restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap\nrestrict 127.0.0.1?" /etc/ntp.conf
+		$SED "/127.0.0.1/!s?^restrict.*?restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap?g" /etc/ntp.conf
 # host.allow
 		cat <<EOF > /etc/hosts.allow
 ALL: LOCAL, 127.0.0.1, localhost, $PRIVATE_IP
 sshd: ALL
 ntpd: $PRIVATE_NETWORK_SHORT
 EOF
-# Alcasar control center
+# Alcasar Control Center
+echo "$VERSION du $INSTALL_DATE" > /var/www/html/VERSION; chown apache:apache /var/www/html/VERSION
 $SED "s?^Listen.*?Listen $PRIVATE_IP:80?g" /etc/httpd/conf/httpd.conf
 FIC_MOD_SSL=`find /etc/httpd/modules.d/ -type f -name *mod_ssl.conf`
 $SED "s?^Listen.*?Listen $PRIVATE_IP:443?g" $FIC_MOD_SSL
-$SED '/127.0.0.1/!s?Allow from .*?Allow from $PRIVATE_NETWORK_MASK?g'
+$SED "/127.0.0.1/!s?Allow from .*?Allow from $PRIVATE_NETWORK_MASK?g" /etc/httpd/conf/webapps.d/alcasar.conf
+# Dialup_Admin
+$SED "s?^nas1_name:.*?nas1_name: alcasar-$ORGANISME?g" /etc/freeradius-web/naslist.conf
+$SED "s?^nas1_ip:.*?nas1_ip: $PRIVATE_IP?g" /etc/freeradius-web/naslist.conf
+# coova
+$SED "s?ifconfig.*?ifconfig \$HS_LANIF $PRIVATE_IP?g" /etc/init.d/chilli
+$SED "s?^net.*?net\t\t$PRIVATE_NETWORK_MASK?g" /etc/chilli.conf
+$SED "s?^dynip.*?dynip\t\t$PRIVATE_DYN_IP?g" /etc/chilli.conf
+$SED "s?^statip.*?statip\t\t$PRIVATE_STAT_IP?g" /etc/chilli.conf
+$SED "s?^dns1.*?dns1\t\t$PRIVATE_IP?g" /etc/chilli.conf
+$SED "s?^dns2.*?dns2\t\t$PRIVATE_IP?g" /etc/chilli.conf
+$SED "s?^uamlisten.*?uamlisten\t$PRIVATE_IP?g" /etc/chilli.conf
+$SED "s?^\$organisme = .*?\$organisme = \"$ORGANISME\";?g" /var/www/html/intercept.php /var/www/html/status.php
+# awstat
+$SED "s?^HostAliases=.*?HostAliases=\"$PRIVATE_IP\"?g" /etc/awstats/awstats.conf
+# dnsmasq
+$SED "/127.0.0.1/!s?^listen-address=.*?listen-address=$PRIVATE_IP?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
+$SED "s?^server=.*?server=$DNS1?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
+$SED "/$DNS1/!s?^server=.*?server=$DNS2?g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf
+$SED "s?^dhcp-range=.*?dhcp-range=$PRIVATE_DYN_FIRST_IP,$PRIVATE_DYN_LAST_IP,$PRIVATE_NETMASK,12h?g" /etc/dnsmasq.conf
+$SED "s?^dhcp-option=option:router.*?dhcp-option=option:router,$PRIVATE_IP?g" /etc/dnsmasq.conf
 # Start / Stop SSH Daemon
 ssh_active=`grep SSH $CONF_FILE|cut -d"=" -f2`
 if [ $ssh_active = "on" ]
 	then
 else
 /sbin/chkconfig --del sshd
 fi
-$DIR_DEST_BIN/alcasar-iptables.sh
+$DIR_BIN/alcasar-iptables.sh
 		;;
 	*)
 		echo "Argument inconnu :$1";
 		echo "$usage"
 		exit 1

Subversion Repositories ALCASAR

(root)/scripts/alcasar-conf.sh @ 2798 – Rev 631 → 632