Subversion Repositories ALCASAR

Rev

Rev 3257 | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log

Rev 3257 Rev 3269
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
#  $Id: alcasar.sh 3257 2025-02-25 23:41:27Z rexy $
 2 
#  $Id: alcasar.sh 3269 2025-04-21 21:57:13Z rexy $
3 
 
 3 
 
4 
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
 4 
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
5 
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, apache, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
 5 
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, apache, php, netfilter, e2guardian, ntpd, openssl, unbound, gammu, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
6 
# contact : info@alcasar.net
 6 
# contact : info@alcasar.net
7 
 
 7 
 
Line 454... Line 454...
454 
	echo "set superusers=\"root\"" >> /etc/grub.d/40_custom
 454 
	echo "set superusers=\"root\"" >> /etc/grub.d/40_custom
455 
	echo "password_pbkdf2 root $pbkdf2" >> /etc/grub.d/40_custom
 455 
	echo "password_pbkdf2 root $pbkdf2" >> /etc/grub.d/40_custom
456 
	echo "# Login name and password to protect GRUB2 boot menu (!!!qwerty keyboard) : " > $PASSWD_FILE
 456 
	echo "# Login name and password to protect GRUB2 boot menu (!!!qwerty keyboard) : " > $PASSWD_FILE
457 
	echo "GRUB2_user=root" >> $PASSWD_FILE
 457 
	echo "GRUB2_user=root" >> $PASSWD_FILE
458 
	echo "GRUB2_password=$grub2pwd" >> $PASSWD_FILE
 458 
	echo "GRUB2_password=$grub2pwd" >> $PASSWD_FILE
459 
	mysqlpwd=`cat /dev/urandom | tr -dc '[:alnum:]' | head -c16`
 459 
	dbpwd=`cat /dev/urandom | tr -dc '[:alnum:]' | head -c16`
460 
	echo "# Login name and Password of MariaDB administrator:" >> $PASSWD_FILE
 460 
	echo "# Login name and Password of MariaDB administrator:" >> $PASSWD_FILE
461 
	echo "db_root=$mysqlpwd" >> $PASSWD_FILE
 461 
	echo "db_root=$dbpwd" >> $PASSWD_FILE
462 
	radiuspwd=`cat /dev/urandom | tr -dc '[:alnum:]' | head -c16`
 462 
	radiuspwd=`cat /dev/urandom | tr -dc '[:alnum:]' | head -c16`
463 
	echo "# Login name and password of MariaDB user:" >> $PASSWD_FILE
 463 
	echo "# Login name and password of MariaDB user:" >> $PASSWD_FILE
464 
	echo "db_user=$DB_USER" >> $PASSWD_FILE
 464 
	echo "db_user=$DB_USER" >> $PASSWD_FILE
465 
	echo "db_password=$radiuspwd" >> $PASSWD_FILE
 465 
	echo "db_password=$radiuspwd" >> $PASSWD_FILE
466 
	secretuam=`cat /dev/urandom | tr -dc '[:alnum:]' | head -c16`
 466 
	secretuam=`cat /dev/urandom | tr -dc '[:alnum:]' | head -c16`
Line 475... Line 475...
475 
	chmod 640 $PASSWD_FILE
 475 
	chmod 640 $PASSWD_FILE
476 
#  copy scripts in in /usr/local/bin
 476 
#  copy scripts in in /usr/local/bin
477 
	cp -fr $DIR_SCRIPTS/alcasar* $DIR_DEST_BIN/. ; chown -R root:root $DIR_DEST_BIN/alcasar* ; chmod -R 740 $DIR_DEST_BIN/alcasar*
 477 
	cp -fr $DIR_SCRIPTS/alcasar* $DIR_DEST_BIN/. ; chown -R root:root $DIR_DEST_BIN/alcasar* ; chmod -R 740 $DIR_DEST_BIN/alcasar*
478 
#  copy conf files in /usr/local/etc
 478 
#  copy conf files in /usr/local/etc
479 
	cp -f $DIR_CONF/etc/alcasar* $DIR_DEST_ETC/. ; chown -R root:apache $DIR_DEST_ETC ; chmod 770 $DIR_DEST_ETC ; chmod 660 $DIR_DEST_ETC/alcasar*
 479 
	cp -f $DIR_CONF/etc/alcasar* $DIR_DEST_ETC/. ; chown -R root:apache $DIR_DEST_ETC ; chmod 770 $DIR_DEST_ETC ; chmod 660 $DIR_DEST_ETC/alcasar*
480 
	$SED "s?^DB_RADIUS=.*?DB_RADIUS=\"$DB_RADIUS\"?g" $DIR_DEST_BIN/alcasar-mysql.sh
 480 
	$SED "s?^DB_RADIUS=.*?DB_RADIUS=\"$DB_RADIUS\"?g" $DIR_DEST_BIN/alcasar-mariadb.sh
481 
# generate main conf file
 481 
# generate main conf file
482 
	cat <<EOF > $CONF_FILE
 482 
	cat <<EOF > $CONF_FILE
483 
##########################################
 483 
##########################################
484 
##                                      ##
 484 
##                                      ##
485 
##          ALCASAR Parameters          ##
 485 
##          ALCASAR Parameters          ##
Line 1060... Line 1060...
1060 
sleep 2 # wait for time server responce
 1060 
sleep 2 # wait for time server responce
1061 
} # End of time_server()
 1061 
} # End of time_server()
1062 
 
 1062 
 
1063 
#####################################################################
 1063 
#####################################################################
1064 
##                           "init_db"                             ##
 1064 
##                           "init_db"                             ##
1065 
## - Mysql initialization                                          ##
 1065 
## - MariaDb initialization                                          ##
1066 
## - Set admin (root) password                                     ##
 1066 
## - Set admin (root) password                                     ##
1067 
## - Remove unused users & databases                               ##
 1067 
## - Remove unused users & databases                               ##
1068 
## - Radius database creation                                      ##
 1068 
## - Radius database creation                                      ##
1069 
## - Copy of accounting tables (mtotacct, totacct) & userinfo      ##
 1069 
## - Copy of accounting tables (mtotacct, totacct) & userinfo      ##
1070 
#####################################################################
 1070 
#####################################################################
1071 
init_db()
 1071 
init_db()
1072 
{
 1072 
{
1073 
	if [ "`systemctl is-active mysqld`" == "active" ]
 1073 
	if [ "`systemctl is-active mariadb`" == "active" ]
1074 
	then
 1074 
	then
1075 
		systemctl stop mysqld
 1075 
		systemctl stop mariadb
1076 
	fi
 1076 
	fi
1077 
	rm -rf /var/lib/mysql # to be sure that there is no former installation
 1077 
	rm -rf /var/lib/mysql # to be sure that there is no former installation
1078 
	[ -e /etc/my.cnf.default ] || cp /etc/my.cnf /etc/my.cnf.default
 1078 
	[ -e /etc/my.cnf.default ] || cp /etc/my.cnf /etc/my.cnf.default
1079 
	$SED "s?^tmpdir.*?tmpdir=/tmp?g" /etc/my.cnf
 - 
 
1080 
	$SED "s?^port.*?#&?g" /etc/my.cnf # we use unix socket only
 1079 
	$SED "s?^port.*?#&?g" /etc/my.cnf # we use unix socket only
- 
 
 1080 
	[ -e /etc/my.cnf.d/server.cnf.default ] || cp /etc/my.cnf.d/server.cnf /etc/my.cnf.d/server.cnf.default
- 
 
 1081 
	$SED "s?^tmpdir.*?tmpdir=/tmp?g" /etc/my.cnf.d/server.cnf
1081 
	$SED "s?^;collation_server =.*?collation_server = utf8_unicode_ci?g" /etc/my.cnf
 1082 
	$SED "s?^;collation_server =.*?collation_server = utf8_unicode_ci?g" /etc/my.cnf.d/server.cnf
1082 
	$SED "s?^;character_set_server =.*?character_set_server = utf8?g" /etc/my.cnf  # accentuated user names are allowed
 1083 
	$SED "s?^;character_set_server =.*?character_set_server = utf8?g" /etc/my.cnf.d/server.cnf  # accentuated user names are allowed
1083 
	[ -e /etc/my.cnf.d/feedback.cnf ] && $SED "s?^plugin-load.*?#&?g" /etc/my.cnf.d/feedback.cnf # remove the feedback plugin (ALCASAR doesn't report anything !)
 - 
 
1084 
	[ -e /etc/my.cnf.d/auth_gssapi.cnf ] && $SED "s?^plugin-load.*?#&?g" /etc/my.cnf.d/auth_gssapi.cnf # remove GSS plugin (ALCASAR doesn't use Kerberos)
 - 
 
1085 
	/usr/sbin/mysqld-prepare-db-dir > /dev/null 2>&1
 1084 
	/usr/sbin/mariadb-prepare-db-dir > /dev/null 2>&1
1086 
	/usr/bin/systemctl set-environment MYSQLD_OPTS="--skip-grant-tables --skip-networking"
 1085 
	/usr/bin/systemctl set-environment MYSQLD_OPTS="--skip-grant-tables --skip-networking"
1087 
	/usr/bin/systemctl start mysqld
 1086 
	/usr/bin/systemctl start mysqld
1088 
	nb_round=1
 1087 
	nb_round=1
1089 
	while [ ! -S /var/lib/mysql/mysql.sock ] && [ $nb_round -lt 10 ] # we wait until mariadb is on
 1088 
	while [ ! -S /var/lib/mysql/mysql.sock ] && [ $nb_round -lt 10 ] # we wait until mariadb is on
1090 
	do
 1089 
	do
Line 1095... Line 1094...
1095 
	then
 1094 
	then
1096 
		echo "Problème : la base données 'MariaDB' ne s'est pas lancée !"
 1095 
		echo "Problème : la base données 'MariaDB' ne s'est pas lancée !"
1097 
		exit
 1096 
		exit
1098 
	fi
 1097 
	fi
1099 
# Secure the server
 1098 
# Secure the server
1100 
	/usr/bin/mysql --execute "GRANT ALL PRIVILEGES ON *.* TO root@'localhost' IDENTIFIED BY '$mysqlpwd';"
 1099 
	/usr/bin/mariadb --execute "GRANT ALL PRIVILEGES ON *.* TO root@'localhost' IDENTIFIED BY '$dbpwd';"
1101 
	MYSQL="/usr/bin/mysql -uroot -p$mysqlpwd --execute"
 1100 
	SQL="/usr/bin/mariadb -uroot -p$dbpwd --execute"
1102 
	$MYSQL "DROP DATABASE IF EXISTS test;DROP DATABASE IF EXISTS tmp;"
 1101 
	$SQL "DROP DATABASE IF EXISTS test;DROP DATABASE IF EXISTS tmp;"
1103 
	$MYSQL "CONNECT mysql;DELETE from user where User='';DELETE FROM user WHERE User='root' AND Host NOT IN ('localhost','127.0.0.1','::1');FLUSH PRIVILEGES;"
 1102 
	$SQL "CONNECT mysql;DELETE from user where User='';DELETE FROM user WHERE User='root' AND Host NOT IN ('localhost','127.0.0.1','::1');FLUSH PRIVILEGES;"
1104 
# Create 'radius' database
 1103 
# Create 'radius' database
1105 
	$MYSQL "CREATE DATABASE IF NOT EXISTS $DB_RADIUS;GRANT ALL ON $DB_RADIUS.* TO $DB_USER@localhost IDENTIFIED BY '$radiuspwd';FLUSH PRIVILEGES;"
 1104 
	$SQL "CREATE DATABASE IF NOT EXISTS $DB_RADIUS;GRANT ALL ON $DB_RADIUS.* TO $DB_USER@localhost IDENTIFIED BY '$radiuspwd';FLUSH PRIVILEGES;"
1106 
# Add an empty radius database structure
 1105 
# Add an empty radius database structure
1107 
	/usr/bin/mysql -u$DB_USER -p$radiuspwd $DB_RADIUS < $DIR_CONF/empty-radiusd-db.sql
 1106 
	/usr/bin/mariadb -u$DB_USER -p$radiuspwd $DB_RADIUS < $DIR_CONF/empty-radiusd-db.sql
1108 
# modify the start script in order to close accounting connexion when the system is comming down or up
 1107 
# modify the start script in order to close accounting connexion when the system is comming down or up
1109 
	cp /lib/systemd/system/mysqld.service /etc/systemd/system/mysqld.service
 1108 
	cp /lib/systemd/system/mysqld.service /etc/systemd/system/mariadb.service
- 
 
 1109 
	$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/mariadbd?g" /etc/systemd/system/mariadb.service
1110 
	$SED "/^ExecStart=/a ExecStop=$DIR_DEST_BIN/alcasar-mysql.sh -acct_stop" /etc/systemd/system/mysqld.service
 1110 
	$SED "/^ExecStart=/a ExecStop=$DIR_DEST_BIN/alcasar-mariadb.sh -acct_stop" /etc/systemd/system/mariadb.service
1111 
	$SED "/^ExecStop=/a ExecStartPost=$DIR_DEST_BIN/alcasar-mysql.sh -acct_stop" /etc/systemd/system/mysqld.service
 1111 
	$SED "/^ExecStop=/a ExecStartPost=$DIR_DEST_BIN/alcasar-mariadb.sh -acct_stop" /etc/systemd/system/mariadb.service
1112 
	/usr/bin/systemctl unset-environment MYSQLD_OPTS
 1112 
	/usr/bin/systemctl unset-environment MYSQLD_OPTS
- 
 
 1113 
	/usr/bin/systemctl stop mysqld
1113 
	/usr/bin/systemctl daemon-reload
 1114 
	/usr/bin/systemctl start mariadb
1114 
} # End of init_db()
 1115 
} # End of init_db()
1115 
 
 1116 
 
1116 
###################################################################
 1117 
###################################################################
1117 
##                           "freeradius"                        ##
 1118 
##                           "freeradius"                        ##
1118 
## - Set the configuration files                                 ##
 1119 
## - Set the configuration files                                 ##
1119 
## - Set the shared secret between coova-chilli and freeradius   ##
 1120 
## - Set the shared secret between coova-chilli and freeradius   ##
1120 
## - Adapt the Mysql conf file and counters                      ##
 1121 
## - Adapt the MariaDB conf file and counters                      ##
1121 
###################################################################
 1122 
###################################################################
1122 
freeradius()
 1123 
freeradius()
1123 
{
 1124 
{
1124 
	cp -f $DIR_CONF/empty-radiusd-db.sql /etc/raddb/
 1125 
	cp -f $DIR_CONF/empty-radiusd-db.sql /etc/raddb/
1125 
	chown -R radius:radius /etc/raddb
 1126 
	chown -R radius:radius /etc/raddb
Line 1188... Line 1189...
1188 
	chown -R radius:radius /etc/raddb/mods-config/sql/main/mysql/queries.conf
 1189 
	chown -R radius:radius /etc/raddb/mods-config/sql/main/mysql/queries.conf
1189 
# sqlcounter modifications
 1190 
# sqlcounter modifications
1190 
	[ -e /etc/raddb/mods-available/sqlcounter.default ] || cp /etc/raddb/mods-available/sqlcounter /etc/raddb/mods-available/sqlcounter.default
 1191 
	[ -e /etc/raddb/mods-available/sqlcounter.default ] || cp /etc/raddb/mods-available/sqlcounter /etc/raddb/mods-available/sqlcounter.default
1191 
	cp -f $DIR_CONF/radius/sqlcounter /etc/raddb/mods-available/sqlcounter
 1192 
	cp -f $DIR_CONF/radius/sqlcounter /etc/raddb/mods-available/sqlcounter
1192 
	chown -R radius:radius /etc/raddb/mods-available/sqlcounter
 1193 
	chown -R radius:radius /etc/raddb/mods-available/sqlcounter
1193 
# make certain that mysql is up before freeradius start
 1194 
# make certain that mariaDB is up before freeradius start
1194 
	cp /lib/systemd/system/radiusd.service /etc/systemd/system/radiusd.service
 1195 
	cp /lib/systemd/system/radiusd.service /etc/systemd/system/radiusd.service
1195 
	$SED "s?^After=.*?After=syslog.target network.target mysqld.service?g" /etc/systemd/system/radiusd.service
 1196 
	$SED "s?^After=.*?After=syslog.target network.target mariadb.service?g" /etc/systemd/system/radiusd.service
1196 
	/usr/bin/systemctl daemon-reload
 1197 
	/usr/bin/systemctl daemon-reload
1197 
# Allow apache to change some conf files (ie : ldap on/off)
 1198 
# Allow apache to change some conf files (ie : ldap on/off)
1198 
	chgrp apache /etc/raddb /etc/raddb/sites-available /etc/raddb/mods-available
 1199 
	chgrp apache /etc/raddb /etc/raddb/sites-available /etc/raddb/mods-available
1199 
	chmod 750 /etc/raddb /etc/raddb/sites-available /etc/raddb/mods-available
 1200 
	chmod 750 /etc/raddb /etc/raddb/sites-available /etc/raddb/mods-available
1200 
} # End of freeradius()
 1201 
} # End of freeradius()
Line 1868... Line 1869...
1868 
22 0 * * 0 root nice -n 19 run-parts --report /etc/cron.weekly
 1869 
22 0 * * 0 root nice -n 19 run-parts --report /etc/cron.weekly
1869 
42 0 1 * * root nice -n 19 run-parts --report /etc/cron.monthly
 1870 
42 0 1 * * root nice -n 19 run-parts --report /etc/cron.monthly
1870 
EOF
 1871 
EOF
1871 
	[ -e /etc/anacrontab.default ] || cp /etc/anacrontab /etc/anacrontab.default
 1872 
	[ -e /etc/anacrontab.default ] || cp /etc/anacrontab /etc/anacrontab.default
1872 
	cat <<EOF >> /etc/anacrontab
 1873 
	cat <<EOF >> /etc/anacrontab
1873 
7	8	cron.MysqlDump		nice /etc/cron.d/alcasar-mysql
 1874 
7	8	cron.MariaDBDump	nice /etc/cron.d/alcasar-mariadb
1874 
7	10	cron.logExport		nice /etc/cron.d/alcasar-archive
 1875 
7	10	cron.logExport		nice /etc/cron.d/alcasar-archive
1875 
EOF
 1876 
EOF
1876 
	cat <<EOF > /etc/cron.d/alcasar-mysql
 1877 
	cat <<EOF > /etc/cron.d/alcasar-mariadb
1877 
# Verify, repair and export users database (every monday at 4:45 am)
 1878 
# Verify, repair and export users database (every monday at 4:45 am)
1878 
45 4 * * 1 root $DIR_DEST_BIN/alcasar-mysql.sh --dump
 1879 
45 4 * * 1 root $DIR_DEST_BIN/alcasar-mariadb.sh --dump
1879 
# Remove users whose expiration date is exceeded for more more than 7 days (every Monday at 4:40 am)
 1880 
# Remove users whose expiration date is exceeded for more more than 7 days (every Monday at 4:40 am)
1880 
40 4 * * * root $DIR_DEST_BIN/alcasar-mysql.sh --expire_user 2>&1 >/dev/null
 1881 
40 4 * * * root $DIR_DEST_BIN/alcasar-mariadb.sh --expire_user 2>&1 >/dev/null
1881 
EOF
 1882 
EOF
1882 
	cat <<EOF > /etc/cron.d/alcasar-archive
 1883 
	cat <<EOF > /etc/cron.d/alcasar-archive
1883 
# Archiving logs (traceability & users database) (every Monday at 5:35 am)
 1884 
# Archiving logs (traceability & users database) (every Monday at 5:35 am)
1884 
35 5 * * 1 root $DIR_DEST_BIN/alcasar-archive.sh --now
 1885 
35 5 * * 1 root $DIR_DEST_BIN/alcasar-archive.sh --now
1885 
EOF
 1886 
EOF
Line 2052... Line 2053...
2052 
	groupadd -f gammu_smsd
 2053 
	groupadd -f gammu_smsd
2053 
	useradd -r -g gammu_smsd -s /bin/false -c "system user for gammu_smsd" gammu_smsd
 2054 
	useradd -r -g gammu_smsd -s /bin/false -c "system user for gammu_smsd" gammu_smsd
2054 
	usermod -a -G dialout gammu_smsd
 2055 
	usermod -a -G dialout gammu_smsd
2055 
 
 2056 
 
2056 
# Create 'gammu' database
 2057 
# Create 'gammu' database
2057 
	MYSQL="/usr/bin/mysql -uroot -p$mysqlpwd --execute"
 2058 
	SQL="/usr/bin/mariadb -uroot -p$dbpwd --execute"
2058 
	$MYSQL "CREATE DATABASE IF NOT EXISTS $DB_GAMMU; GRANT ALL ON $DB_GAMMU.* TO $DB_USER@localhost IDENTIFIED BY '$radiuspwd'; FLUSH PRIVILEGES;"
 2059 
	$SQL "CREATE DATABASE IF NOT EXISTS $DB_GAMMU; GRANT ALL ON $DB_GAMMU.* TO $DB_USER@localhost IDENTIFIED BY '$radiuspwd'; FLUSH PRIVILEGES;"
2059 
# Add a gammu database structure
 2060 
# Add a gammu database structure
2060 
	/usr/bin/mysql -u$DB_USER -p$radiuspwd $DB_GAMMU < $DIR_CONF/empty-gammu-smsd-db.sql
 2061 
	/usr/bin/mariadb -u$DB_USER -p$radiuspwd $DB_GAMMU < $DIR_CONF/empty-gammu-smsd-db.sql
2061 
 
 2062 
 
2062 
# Config file for the gammu_smsd daemon & gammu (ttyUSB0 as default com port)
 2063 
# Config file for the gammu_smsd daemon & gammu (ttyUSB0 as default com port)
2063 
	cat << EOF > /etc/gammurc
 2064 
	cat << EOF > /etc/gammurc
2064 
[gammu]
 2065 
[gammu]
2065 
device = /dev/ttyUSB0
 2066 
device = /dev/ttyUSB0
Line 2101... Line 2102...
2101 
# Create the systemd unit
 2102 
# Create the systemd unit
2102 
	cat << EOF > /etc/systemd/system/gammu-smsd.service
 2103 
	cat << EOF > /etc/systemd/system/gammu-smsd.service
2103 
[Unit]
 2104 
[Unit]
2104 
Description=SMS daemon for Gammu
 2105 
Description=SMS daemon for Gammu
2105 
Documentation=man:gammu-smsd(1)
 2106 
Documentation=man:gammu-smsd(1)
2106 
After=network.target mysqld.service
 2107 
After=network.target mariadb.service
2107 
 
 2108 
 
2108 
[Service]
 2109 
[Service]
2109 
Type=forking
 2110 
Type=forking
2110 
ExecStart=/usr/bin/gammu-smsd --config /etc/gammu_smsd_conf --user=gammu_smsd --group=gammu_smsd --pid=/run/gammu-smsd.pid --daemon
 2111 
ExecStart=/usr/bin/gammu-smsd --config /etc/gammu_smsd_conf --user=gammu_smsd --group=gammu_smsd --pid=/run/gammu-smsd.pid --daemon
2111 
ExecReload=/bin/kill -HUP $MAINPID
 2112 
ExecReload=/bin/kill -HUP $MAINPID
Line 2313... Line 2314...
2313 
	do
 2314 
	do
2314 
		find /var/log/$dir -type f -name "*.log-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]" -exec gzip {} \;
 2315 
		find /var/log/$dir -type f -name "*.log-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]" -exec gzip {} \;
2315 
	done
 2316 
	done
2316 
	/usr/bin/systemctl daemon-reload
 2317 
	/usr/bin/systemctl daemon-reload
2317 
# processes started at boot time (Systemctl)
 2318 
# processes started at boot time (Systemctl)
2318 
	for i in alcasar-network mysqld httpd ntpd iptables unbound unbound-blacklist unbound-whitelist unbound-blackhole radiusd nfcapd nfsen-ng e2guardian ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban vnstat sshd
 2319 
	for i in alcasar-network mariadb httpd ntpd iptables unbound unbound-blacklist unbound-whitelist unbound-blackhole radiusd nfcapd nfsen-ng e2guardian ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban vnstat sshd
2319 
	do
 2320 
	do
2320 
		/usr/bin/systemctl -q enable $i.service
 2321 
		/usr/bin/systemctl -q enable $i.service
2321 
	done
 2322 
	done
2322 
 
 2323 
 
2323 
# disable processes at boot time (Systemctl)
 2324 
# disable processes at boot time (Systemctl)