Subversion Repositories ALCASAR

Rev

Rev 3170 | Rev 3193 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2941 rexy 1
#!/bin/bash
2
 
3
# alcasar-rpm.sh
4
# by 3abtux and Rexy
5
# This script is distributed under the Gnu General Public License (GPL)
6
 
2990 rexy 7
# script de mise en place des dépots RPM + installation des RPM complémentaires
8
# configure the RPM repository + complementary RPM installation
2941 rexy 9
 
10
Lang=`echo $LANG|cut -c 1-2`
2971 rexy 11
SED="/bin/sed -i"
3190 rexy 12
VERSION="9"
2941 rexy 13
ARCH="x86_64"
14
# The kernel version we compile netflow for
3190 rexy 15
KERNEL="kernel-server-6.6.22-1.mga9"
2941 rexy 16
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
17
# (old) perl-Socket6 : needed by nfsen
18
# "fonts-dejavu-common" & "fonts-ttf-dejavu" : fonts needed by wkhtmltopdf
3077 rexy 19
# "lsscsi" & nvme-cli" & "php-dom" : needed by phpsysinfo
2941 rexy 20
# "socat" : avoid a warning when run the install script of letsencrypt ("acme.sh")
21
# "sudo" : needed after a reinstallation (to be investigated)
3053 rexy 22
# "postfix" + "cyrus-sasl" + "lib64sasl2-plug-plain" : email registration method
3190 rexy 23
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm php-gd php-ldap php-mysqli php-mbstring php-sockets php-curl php-pdo_sqlite php-cli php-dom php-filter unbound e2guardian postfix mariadb ntpsec bind-utils openssh-server rng-utils rsync fail2ban gnupg2 ulogd ipset usb_modeswitch vnstat dos2unix p7zip msec kernel-userspace-headers kernel-firmware kernel-firmware-nonfree dhcp-server tcpdump fonts-dejavu-common fonts-ttf-dejavu lsscsi nvme-cli sudo socat postfix cyrus-sasl lib64sasl2-plug-plain iftop"
2941 rexy 24
 
25
rpm_repository_sync ()
26
{
3111 rexy 27
	cat <<EOF > /etc/urpmi/urpmi.cfg
2941 rexy 28
{
29
downloader: wget
30
}
31
EOF
3111 rexy 32
	echo ${!MIRRORLIST}
33
	urpmi.addmedia core --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/core/release
34
	urpmi.addmedia core-updates --update --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/core/updates
35
	urpmi.addmedia nonfree --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/nonfree/release
36
	urpmi.addmedia nonfree-updates --update --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/nonfree/updates
2941 rexy 37
}
38
 
39
rpm_error ()
40
{
3111 rexy 41
	# restore previous rpm conf file & removed RPMs
42
	[ -e /etc/urpmi/urpmi.cfg.old ] && mv /etc/urpmi/urpmi.cfg.old /etc/urpmi/urpmi.cfg
43
	urpmi --no-verify-rpm --auto rpms/$ARCH/wkhtmltopdf*.rpm
44
	echo
45
	if [ $Lang == "fr" ]
46
	then
47
		echo "Relancez l'installation ultérieurement."
48
		echo "Si vous rencontrez à nouveau ce problème, modifier les variables MIRRORLIST[1&2] du fichier 'scripts/alcasar-rpm.sh'"
49
	else
50
		echo "Try an other install later."
51
		echo "If this problem occurs again, change the MIRRORLIST[1&2] variables in the file 'scripts/alcasar-rpm.sh'"
52
	fi
2941 rexy 53
}
54
 
55
# We prefer wget than curl
56
urpmi --no-verify-rpm --auto rpms/$ARCH/wget*.rpm
57
 
58
# Set the RPM repository (if not already set)
3111 rexy 59
cp /etc/urpmi/urpmi.cfg /etc/urpmi/urpmi.cfg.old
2941 rexy 60
ACTIVE_REPO=`cat /etc/urpmi/urpmi.cfg|grep "mageia.org"|wc -l`
2990 rexy 61
MIRROR_NBR=3
62
#                       For French
63
MIRRORLIST1="http://ftp.free.fr/mirrors/mageia.org/distrib/$VERSION/$ARCH"
2941 rexy 64
#                       For Europeans
2990 rexy 65
MIRRORLIST2="https://www.mirrorservice.org/pub/mageia/distrib/$VERSION/$ARCH"
66
#                       For everybody
67
MIRRORLIST3="https://mirrors.mageia.org/api/mageia.$VERSION.$ARCH.list"
2941 rexy 68
try_nb="0"; nb_repository="0"
69
while [ "$nb_repository" != "4" ]
70
do
71
	try_nb=`expr $try_nb + 1`
72
	MIRRORLIST="MIRRORLIST$try_nb"
73
	rpm_repository_sync
74
	nb_repository=`cat /etc/urpmi/urpmi.cfg|grep mirrorlist|wc -l`
75
	if [ "$nb_repository" != "4" ]
76
	then
77
		if [ $Lang == "fr" ]
78
		then
79
			echo "Une erreur a été détectée lors de la synchronisation avec le dépot N°$try_nb."
80
		else
81
			echo "An error occurs when synchronising the repositories N°$try_nb"
82
		fi
83
		if [ $(expr $try_nb) -eq $MIRROR_NBR ]
84
		then
85
			rpm_error
86
			exit 1
87
		fi
88
		if [ $Lang == "fr" ]
89
		then
90
			echo "Voulez-vous tenter une synchronisation avec un autre dépôt ? (O/n)"
91
		else
92
			echo "Do you want to try a synchronisation with an other repository? (Y/n)"
93
		fi
94
		response=0
95
		PTN='^[oOnNyY]?$'
96
		until [[ "$response" =~ $PTN ]]
97
		do
98
			read response
99
		done
100
		if [ "$response" = "n" ] || [ "$response" = "N" ]
101
		then
3111 rexy 102
			[ -e /etc/urpmi/urpmi.cfg.old ] && mv /etc/urpmi/urpmi.cfg.old /etc/urpmi/urpmi.cfg # restore previous rpm conf file
2941 rexy 103
			exit 1
104
		fi
105
	fi
106
done
3093 rexy 107
 
108
# At this time, we only skip Kernel update
109
echo "/^kernel/" > /etc/urpmi/skip.list
3190 rexy 110
if [ `grep -E '^exclude=' /etc/dnf/dnf.conf |wc -l` -eq "1" ]; then
3093 rexy 111
	$SED "s?^exclude=.*?exclude=kernel\*?g" /etc/dnf/dnf.conf
112
else
113
	echo "exclude=kernel*" >> /etc/dnf/dnf.conf
114
fi
115
 
2941 rexy 116
# download the kernel used by ALCASAR
117
if [ $Lang == "fr" ]
118
then
119
	echo "Récupération du noyau Linux exploité par ALCASAR. Veuillez patienter ..."
120
else
121
	echo "Download the Linux kernel used by ALCASAR. Please wait ..."
122
fi
123
urpmi --auto --quiet $KERNEL
3093 rexy 124
 
2941 rexy 125
# download updated RPM in cache
126
if [ $Lang == "fr" ]
127
then
128
	echo "Récupération des paquetages de mise à jour. Veuillez patienter ..."
129
	echo "Il est temps d'aller prendre un café (ou une bonne bière) ;-)"
130
else
131
	echo "Updated RPM download. Please wait ..."
132
	echo "You should now take a coffe (or a good beer) ;-)"
133
fi
134
urpmi --auto --auto-update --quiet --test --retry 2
135
if [ "$?" != "0" ]
136
then
137
	echo
138
	if [ $Lang == "fr" ]
139
	then
140
		echo "Une erreur a été détectée lors de la récupération des paquetages."
141
	else
142
		echo "An error occurs when downloading RPMS"
143
	fi
144
	rpm_error
145
	exit 1
146
fi
147
 
148
# update with cached RPM
149
urpmi --auto --auto-update
150
if [ "$?" != "0" ]
151
then
152
	echo
153
	if [ $Lang == "fr" ]
154
	then
155
		echo "Une erreur a été détectée lors de la mise à jour des paquetages."
156
	else
157
		echo "An error occurs when updating packages"
158
	fi
159
	rpm_error
160
	exit 1
161
fi
162
# Clean the RPM cache
163
urpmi --clean
164
 
165
# Download of ALCASAR specifics RPM in cache (and test)
166
if [ $Lang == "fr" ]
167
then
168
	echo "Récupération des paquetages complémentaires. Veuillez patienter ..."
169
else
170
	echo "Download of complementary packages. Please wait ..."
171
fi
172
urpmi --auto --no-recommends $PACKAGES --quiet --test --retry 2
173
if [ "$?" != "0" ]
174
then
175
	echo
176
	if [ $Lang == "fr" ]
177
	then
178
		echo "Une erreur a été détectée lors de la récupération des paquetages complémentaires."
179
	else
180
		echo "An error occurs when downloading complementary packages"
181
	fi
182
	rpm_error
183
	exit 1
184
fi
185
 
186
# update with cached RPM
187
urpmi --auto --no-recommends $PACKAGES
188
if [ "$?" != "0" ]
189
then
190
	echo
191
	if [ $Lang == "fr" ]
192
	then
193
		echo "Une erreur a été détectée lors de l'installation des paquetages complémentaires."
194
	else
195
		echo "An error occurs when installing complementary packages"
196
	fi
197
	rpm_error
198
	exit 1
199
fi
200
 
201
# Keep only the kernel version we compil netflow with, and remove all others
202
kernelVersion=$(rpm -qa | grep -e ^kernel-server -e ^kernel-desktop)
203
for i in $kernelVersion
204
do
205
	if [ $i != $KERNEL ];then
206
		urpme --auto $i
207
	fi
208
done
3093 rexy 209
 
2941 rexy 210
# delete unused RPMs
211
if [ $Lang == "fr" ]
212
then
213
	echo "Cleaning the system : "
214
else
215
	echo "Nettoyage du système : "
216
fi
3170 rexy 217
unused_rpm="shorewall mandi plymouth squid polkit pm-utils dnsmasq clamav clamd clamav-db"
2988 rexy 218
/usr/sbin/urpme --auto -a $unused_rpm
3093 rexy 219
for rpm in `rpm -qa|grep mga7`; do urpme --auto $rpm; done
2941 rexy 220
/usr/sbin/urpme --auto --auto-orphans
221
 
222
# Save chilli launch script (erase with new rpm one)
223
[ -e /etc/chilli.conf ] && cp /etc/chilli.conf /tmp/
224
# Install home made RPMs
225
for pkg in `ls rpms/$ARCH/*.rpm`
226
do
227
    urpmi --no-verify --auto $pkg
228
done
229
# restore chilli launch script
230
[ -e /tmp/chilli.conf ] && mv /tmp/chilli.conf /etc/
3093 rexy 231
 
2941 rexy 232
# Clean the RPM cache
233
urpmi --clean
234
# the ipt-netflow RPM add the kernel module ipt_NETFLOW (the modules dependance tree need to be updated). "2>/dev/null" in order not to display a error (the running kernel is not the ALCASAR one during the installation process)
235
/sbin/depmod -a 2>/dev/null
236
# test if all needed rpms are correctly installed
237
count_pkg=0; nb_pkg=0;
238
for pkg in $PACKAGES
239
do
240
	nb_pkg=`expr $nb_pkg + 1`
241
	if rpm -q --quiet $pkg ; then
242
		count_pkg=`expr $count_pkg + 1`
243
	else
244
		echo "error installing $pkg"
245
	fi
246
done
247
if [ $count_pkg -ne $nb_pkg ]
248
then
249
	exit 1
250
fi
3093 rexy 251
 
2941 rexy 252
# test if all custom rpms are correctly installed
253
count_pkg=0; nb_pkg=0;
254
for pkg in `ls rpms/$ARCH/|sed 's/.x86_64.rpm//'`
255
do
256
	nb_pkg=`expr $nb_pkg + 1`
257
	if rpm -q --quiet $pkg ; then
258
		count_pkg=`expr $count_pkg + 1`
259
	else
260
		echo "error installing $pkg"
261
	fi
262
done
263
if [ $count_pkg -ne $nb_pkg ]
264
then
265
	exit 1
266
fi
3104 rexy 267
 
268
# .rpmnew handling (unused with ALCASAR)
269
[ -e /etc/shadow.rpmnew ] && rm -f /etc/shadow.rpmnew
270
[ -e /etc/sysconfig/system.rpmnew ] && rm -f /etc/sysconfig/system.rpmnew
271
[ -e /etc/rpm/macros.rpmnew ] && rm -f /etc/rpm/macros.rpmnew
272
[ -e /etc/fstab.rpmnew ] && rm -f /etc/fstab.rpmnew
273
[ -e /etc/shells.rpmnew ] && rm -f /etc/shells.rpmnew
274
[ -e /etc/hosts.rpmnew ] && rm -f /etc/hosts.rpmnew
275
[ -e /etc/systemd/journald.conf.rpmnew ] && rm -f /etc/systemd/journald.conf.rpmnew
276
[ -e /etc/raddb/certs/dh.rpmnew ] && rm -f /etc/raddb/certs/dh.rpmnew
277
 
278
# .rpmnew handling (used with ALCASAR)
279
[ -e /etc/php.ini.rpmnew ] && mv -f /etc/php.ini.rpmnew /etc/php.ini.default
280
[ -e /etc/lighttpd/lighttpd.conf.rpmnew ] && mv -f /etc/lighttpd/lighttpd.conf.rpmnew /etc/lighttpd/lighttpd.conf.default
281
[ -e /etc/lighttpd/modules.conf.rpmnew ] && mv -f /etc/lighttpd/modules.conf.rpmnew /etc/lighttpd/modules.conf.default
282
[ -e /etc/e2guardian/e2guardian.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardian.conf.rpmnew /etc/e2guardian/e2guardian.conf.default
283
[ -e /etc/e2guardian/e2guardianf1.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardianf1.conf.rpmnew /etc/e2guardian/e2guardianf1.conf.default
284
[ -e /etc/e2guardian/lists/urlregexplist.rpmnew ] && mv -f /etc/e2guardian/lists/urlregexplist.rpmnew /etc/e2guardian/lists/urlregexplist.default
285
[ -e /etc/e2guardian/lists/bannedregexpurllist.rpmnew ] && mv -f /etc/e2guardian/lists/bannedregexpurllist.rpmnew /etc/e2guardian/lists/bannedregexpurllist.default
286
[ -e /etc/vnstat.conf.rpmnew ] && mv -f /etc/vnstat.conf.rpmnew /etc/vnstat.conf.default
287
[ -e /etc/fail2ban/jail.conf.rpmnew ] && mv -f /etc/fail2ban/jail.conf.rpmnew /etc/fail2ban/jail.conf.default
288
[ -e /etc/ssh/sshd_config.rpmnew ] && mv -f /etc/ssh/sshd_config.rpmnew /etc/ssh/sshd_config.default
289
 
2941 rexy 290
exit 0