| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar.sh 3271 2025-04-22 22:37:55Z rexy $
|
2 |
# $Id: alcasar.sh 3272 2025-04-23 14:33:51Z rexy $
|
| 3 |
|
3 |
|
| 4 |
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
4 |
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
| 5 |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, apache, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
|
5 |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, apache, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
|
| 6 |
# contact : info@alcasar.net
|
6 |
# contact : info@alcasar.net
|
| 7 |
|
7 |
|
| Line 1073... |
Line 1073... |
| 1073 |
{
|
1073 |
{
|
| 1074 |
if [ "`systemctl is-active mariadb`" == "active" ]
|
1074 |
if [ "`systemctl is-active mariadb`" == "active" ]
|
| 1075 |
then
|
1075 |
then
|
| 1076 |
systemctl stop mariadb
|
1076 |
systemctl stop mariadb
|
| 1077 |
fi
|
1077 |
fi
|
| - |
|
1078 |
if [ "`systemctl is-active mysqld`" == "active" ]
|
| - |
|
1079 |
then
|
| - |
|
1080 |
systemctl stop mysqld
|
| - |
|
1081 |
fi
|
| 1078 |
rm -rf /var/lib/mysql # to be sure that there is no former installation
|
1082 |
rm -rf /var/lib/mysql # to be sure that there is no former installation
|
| 1079 |
[ -e /etc/my.cnf.default ] || cp /etc/my.cnf /etc/my.cnf.default
|
1083 |
[ -e /etc/my.cnf.default ] || cp /etc/my.cnf /etc/my.cnf.default
|
| 1080 |
$SED "s?^port.*?#&?g" /etc/my.cnf # we use unix socket only
|
1084 |
$SED "s?^port.*?#&?g" /etc/my.cnf # we use unix socket only
|
| 1081 |
[ -e /etc/my.cnf.d/server.cnf.default ] || cp /etc/my.cnf.d/server.cnf /etc/my.cnf.d/server.cnf.default
|
1085 |
[ -e /etc/my.cnf.d/server.cnf.default ] || cp /etc/my.cnf.d/server.cnf /etc/my.cnf.d/server.cnf.default
|
| 1082 |
$SED "s?^tmpdir.*?tmpdir=/tmp?g" /etc/my.cnf.d/server.cnf
|
1086 |
$SED "s?^tmpdir.*?tmpdir=/tmp?g" /etc/my.cnf.d/server.cnf
|
| 1083 |
$SED "s?^;collation_server =.*?collation_server = utf8_unicode_ci?g" /etc/my.cnf.d/server.cnf
|
1087 |
$SED "s?^;collation_server =.*?collation_server = utf8_unicode_ci?g" /etc/my.cnf.d/server.cnf
|
| 1084 |
$SED "s?^;character_set_server =.*?character_set_server = utf8?g" /etc/my.cnf.d/server.cnf # accentuated user names are allowed
|
1088 |
$SED "s?^;character_set_server =.*?character_set_server = utf8?g" /etc/my.cnf.d/server.cnf # accentuated user names are allowed
|
| - |
|
1089 |
# Create our own systemd unit
|
| 1085 |
/usr/sbin/mariadb-prepare-db-dir > /dev/null 2>&1
|
1090 |
cp /lib/systemd/system/mysqld.service /etc/systemd/system/mariadb.service
|
| - |
|
1091 |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/mariadbd?g" /etc/systemd/system/mariadb.service
|
| 1086 |
/usr/bin/systemctl set-environment MYSQLD_OPTS="--skip-grant-tables --skip-networking"
|
1092 |
/usr/bin/systemctl set-environment MYSQLD_OPTS="--skip-grant-tables --skip-networking"
|
| - |
|
1093 |
[ ! -e /usr/bin/mariadb_install_db ] && ln -s /usr/bin/mariadb-install-db /usr/bin/mariadb_install_db # avoid Mageia bug (https://bugs.mageia.org/show_bug.cgi?id=34200)
|
| 1087 |
/usr/bin/systemctl start mysqld
|
1094 |
/usr/bin/systemctl start mariadb
|
| 1088 |
nb_round=1
|
1095 |
nb_round=1
|
| 1089 |
while [ ! -S /var/lib/mysql/mysql.sock ] && [ $nb_round -lt 10 ] # we wait until mariadb is on
|
1096 |
while [ ! -S /var/lib/mysql/mysql.sock ] && [ $nb_round -lt 10 ] # we wait until mariadb is on
|
| 1090 |
do
|
1097 |
do
|
| 1091 |
nb_round=`expr $nb_round + 1`
|
1098 |
nb_round=`expr $nb_round + 1`
|
| 1092 |
sleep 2
|
1099 |
sleep 2
|
| 1093 |
done
|
1100 |
done
|
| 1094 |
if [ ! -S /var/lib/mysql/mysql.sock ]
|
1101 |
if [ ! -S /var/lib/mysql/mysql.sock ]
|
| 1095 |
then
|
1102 |
then
|
| - |
|
1103 |
if [ $Lang == "fr" ]
|
| 1096 |
echo "Problème : la base données 'MariaDB' ne s'est pas lancée !"
|
1104 |
then echo "Problème : la base données 'MariaDB' ne s'est pas lancée !"
|
| - |
|
1105 |
else echo "Problem: the 'MariaDB' database didn't start!"
|
| - |
|
1106 |
fi
|
| 1097 |
exit
|
1107 |
exit
|
| 1098 |
fi
|
1108 |
fi
|
| 1099 |
# Secure the server
|
1109 |
# Secure the server
|
| 1100 |
/usr/bin/mariadb --execute "GRANT ALL PRIVILEGES ON *.* TO root@'localhost' IDENTIFIED BY '$dbpwd';"
|
1110 |
/usr/bin/mariadb --execute "GRANT ALL PRIVILEGES ON *.* TO root@'localhost' IDENTIFIED BY '$dbpwd';"
|
| 1101 |
SQL="/usr/bin/mariadb -uroot -p$dbpwd --execute"
|
1111 |
SQL="/usr/bin/mariadb -uroot -p$dbpwd --execute"
|
| Line 1104... |
Line 1114... |
| 1104 |
# Create 'radius' database
|
1114 |
# Create 'radius' database
|
| 1105 |
$SQL "CREATE DATABASE IF NOT EXISTS $DB_RADIUS;GRANT ALL ON $DB_RADIUS.* TO $DB_USER@localhost IDENTIFIED BY '$radiuspwd';FLUSH PRIVILEGES;"
|
1115 |
$SQL "CREATE DATABASE IF NOT EXISTS $DB_RADIUS;GRANT ALL ON $DB_RADIUS.* TO $DB_USER@localhost IDENTIFIED BY '$radiuspwd';FLUSH PRIVILEGES;"
|
| 1106 |
# Add an empty radius database structure
|
1116 |
# Add an empty radius database structure
|
| 1107 |
/usr/bin/mariadb -u$DB_USER -p$radiuspwd $DB_RADIUS < $DIR_CONF/empty-radiusd-db.sql
|
1117 |
/usr/bin/mariadb -u$DB_USER -p$radiuspwd $DB_RADIUS < $DIR_CONF/empty-radiusd-db.sql
|
| 1108 |
# modify the start script in order to close accounting connexion when the system is comming down or up
|
1118 |
# modify the start script in order to close accounting connexion when the system is comming down or up
|
| 1109 |
cp /lib/systemd/system/mysqld.service /etc/systemd/system/mariadb.service
|
- |
|
| 1110 |
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/mariadbd?g" /etc/systemd/system/mariadb.service
|
- |
|
| 1111 |
$SED "/^ExecStart=/a ExecStop=$DIR_DEST_BIN/alcasar-mariadb.sh -acct_stop" /etc/systemd/system/mariadb.service
|
1119 |
$SED "/^ExecStart=/a ExecStop=$DIR_DEST_BIN/alcasar-mariadb.sh -acct_stop" /etc/systemd/system/mariadb.service
|
| 1112 |
$SED "/^ExecStop=/a ExecStartPost=$DIR_DEST_BIN/alcasar-mariadb.sh -acct_stop" /etc/systemd/system/mariadb.service
|
1120 |
$SED "/^ExecStop=/a ExecStartPost=$DIR_DEST_BIN/alcasar-mariadb.sh -acct_stop" /etc/systemd/system/mariadb.service
|
| 1113 |
/usr/bin/systemctl unset-environment MYSQLD_OPTS
|
1121 |
/usr/bin/systemctl unset-environment MYSQLD_OPTS
|
| 1114 |
/usr/bin/systemctl stop mysqld
|
1122 |
/usr/bin/systemctl daemon-reload
|
| 1115 |
/usr/bin/systemctl start mariadb
|
1123 |
/usr/bin/systemctl restart mariadb
|
| 1116 |
} # End of init_db()
|
1124 |
} # End of init_db()
|
| 1117 |
|
1125 |
|
| 1118 |
###################################################################
|
1126 |
###################################################################
|
| 1119 |
## "freeradius" ##
|
1127 |
## "freeradius" ##
|
| 1120 |
## - Set the configuration files ##
|
1128 |
## - Set the configuration files ##
|