/CHANGELOG |
---|
1,12 → 1,13 |
# $Id$ |
********** ALCASAR CHANGELOG ********** |
-------------------- 3.4.0 -------------------- |
-------------------- 3.3.3 -------------------- |
NEWS |
- Add Qwant in safesearch option for whitelist and blacklist |
BUGS |
- Keep custom blacklists when upgrading from dansguardian to e2guardian |
- Automatically launch database migration scripts after import user database. |
-------------------- 3.3.2 -------------------- |
NEWS |
/alcasar.sh |
---|
416,7 → 416,7 |
echo "secret_radius=$secretradius" >> $PASSWD_FILE |
chmod 640 $PASSWD_FILE |
# copy scripts in in /usr/local/bin |
cp -f $DIR_SCRIPTS/alcasar* $DIR_DEST_BIN/. ; chown root:root $DIR_DEST_BIN/alcasar* ; chmod 740 $DIR_DEST_BIN/alcasar* |
cp -fr $DIR_SCRIPTS/alcasar* $DIR_DEST_BIN/. ; chown -R root:root $DIR_DEST_BIN/alcasar* ; chmod -R 740 $DIR_DEST_BIN/alcasar* |
# copy conf files in /usr/local/etc |
cp -f $DIR_CONF/etc/alcasar* $DIR_DEST_ETC/. ; chown -R root:apache $DIR_DEST_ETC ; chmod 770 $DIR_DEST_ETC ; chmod 660 $DIR_DEST_ETC/alcasar* |
$SED "s?^DB_RADIUS=.*?DB_RADIUS=\"$DB_RADIUS\"?g" $DIR_DEST_BIN/alcasar-mysql.sh |
/scripts/alcasar-conf.sh |
---|
31,9 → 31,6 |
LDAP_mode=`grep ^LDAP= $CONF_FILE|cut -d"=" -f2` |
HOSTNAME=`grep ^HOSTNAME= $CONF_FILE|cut -d"=" -f2` |
DOMAIN=`grep ^DOMAIN= $CONF_FILE|cut -d"=" -f2` |
PASSWD_FILE="/root/ALCASAR-passwords.txt" |
DB_USER=$(grep '^db_user=' $PASSWD_FILE | cut -d'=' -f 2-) |
DB_PASS=$(grep '^db_password=' $PASSWD_FILE | cut -d'=' -f 2-) |
SED="/bin/sed -i" |
DNS1=`grep ^DNS1= $CONF_FILE | cut -d'=' -f2` # server DNS1 (for WL domain names) |
DOMAIN=${DOMAIN:=localdomain} |
73,11 → 70,7 |
[ -d $DIR_UPDATE ] && rm -rf $DIR_UPDATE |
mkdir $DIR_UPDATE |
# backup the users database (test to delete in future version) |
if [ -e $DIR_BIN/alcasar-mysql.sh ]; then |
$DIR_BIN/alcasar-mysql.sh --dump |
else |
/usr/local/sbin/alcasar-mysql.sh --dump |
fi |
$DIR_BIN/alcasar-mysql.sh --dump |
cp /var/Save/base/`ls -1t /var/Save/base|head -1` $DIR_UPDATE |
# backup the logo |
cp -f $DIR_WEB/images/organisme.png $DIR_UPDATE |
152,7 → 145,7 |
echo "SMS=off" >> $DIR_UPDATE/etc/alcasar.conf |
fi |
if [ $(grep -c '^SMS_NUM=' $DIR_UPDATE/etc/alcasar.conf) -eq 0 ]; then |
echo "SMS_NUM=0" >> $DIR_UPDATE/etc/alcasar.conf |
echo "SMS_NUM=" >> $DIR_UPDATE/etc/alcasar.conf |
fi |
fi |
###################### End of modifications between versions ####################### |
169,7 → 162,7 |
chown -R root:apache /etc/pki |
chmod -R 750 /etc/pki |
# Import of the users database |
gzip -dc < `ls $DIR_UPDATE/alcasar-users-database*` | mysql -u$DB_USER -p$DB_PASS |
$DIR_BIN/alcasar-mysql.sh --import `ls $DIR_UPDATE/alcasar-users-database*` |
# Retrieve local parameters |
cp -rf $DIR_UPDATE/etc/* $DIR_ETC/ |
mv -f $DIR_UPDATE/etc/hosts /etc/hosts |
/scripts/alcasar-migrations/alcasar-migration-3.2.0_dbStructure.sh |
---|
0,0 → 1,78 |
#!/bin/bash |
# |
# $Id$ |
# |
# alcasar-migration-3.2.0_dbStructure.sh |
# by Tom HOUDAYER |
# |
# This script is distributed under the Gnu General Public License (GPL) |
# |
# Migrate database structure to ALCASAR 3.2.0 |
# Changes: |
# - Set database engine of radius tables to InnoDB |
# - Set column names in lowercase in radius tables |
# - Set index names in lowercase in radius tables |
# - Set RADIUS attribute length to 64 caracters |
PASSWD_FILE="/root/ALCASAR-passwords.txt" |
DB_PASS=$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) |
DRY_RUN=false |
if [ $# -eq 1 ] && [ "$1" == "--simulation" ]; then |
DRY_RUN=true |
fi |
db_query () { |
if $DRY_RUN && [[ ! "$1" =~ ^'SELECT ' ]]; then |
echo "[SQL] request: \"$1\"" |
else |
mysql -u root -p"$DB_PASS" -D radius -e "$1" -Ns |
[ $? -ne 0 ] && echo "[SQL] ERROR (\"$1\")" |
fi |
} |
# Set database engine of radius tables to InnoDB |
db_res=$(db_query "SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = 'radius' AND ENGINE != 'InnoDB';") |
if [ -n "$db_res" ]; then |
while read -r tableName; do |
db_query "ALTER TABLE $tableName ENGINE = InnoDB;" |
done <<< "$db_res" |
fi |
# Set column names in lowercase in radius tables |
db_res=$(db_query "SELECT COLUMN_NAME, TABLE_NAME, COLUMN_TYPE FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = 'radius' AND TABLE_NAME IN ('mtotacct', 'totacct', 'userinfo') AND BINARY COLUMN_NAME REGEXP BINARY '[A-Z]';") |
if [ -n "$db_res" ]; then |
while read -r line; do |
columnName=$(echo "$line" | cut -f1) |
tableName=$(echo "$line" | cut -f2) |
columnType=$(echo "$line" | cut -f3) |
columnNameLower=${columnName,,} |
db_query "ALTER TABLE $tableName CHANGE $columnName $columnNameLower $columnType;" |
done <<< "$db_res" |
fi |
# Set index names in lowercase in radius tables |
db_res=$(db_query "SELECT INDEX_NAME, TABLE_NAME, GROUP_CONCAT(COLUMN_NAME SEPARATOR ',') FROM ( SELECT INDEX_NAME, TABLE_NAME, COLUMN_NAME FROM INFORMATION_SCHEMA.STATISTICS WHERE TABLE_SCHEMA = 'radius' AND TABLE_NAME IN('mtotacct', 'totacct', 'userinfo') AND INDEX_NAME != 'PRIMARY' AND BINARY INDEX_NAME REGEXP BINARY '[A-Z]' ORDER BY SEQ_IN_INDEX ) AS indexes GROUP BY TABLE_NAME, INDEX_NAME;") |
if [ -n "$db_res" ]; then |
while read -r line; do |
indexName=$(echo "$line" | cut -f1) |
tableName=$(echo "$line" | cut -f2) |
indexColumns=$(echo "$line" | cut -f3) |
indexNameLower=${indexName,,} |
db_query "ALTER TABLE $tableName DROP INDEX $indexName, ADD INDEX $indexNameLower ($indexColumns);" |
done <<< "$db_res" |
fi |
# Set RADIUS attribute length to 64 caracters |
db_query "ALTER TABLE radacct MODIFY COLUMN acctuniqueid varchar(64) COLLATE utf8_bin NOT NULL DEFAULT '';" |
db_query "ALTER TABLE radcheck MODIFY COLUMN attribute varchar(64) COLLATE utf8_bin NOT NULL DEFAULT '';" |
db_query "ALTER TABLE radcheck MODIFY COLUMN attribute varchar(64) COLLATE utf8_bin NOT NULL DEFAULT '';" |
db_query "ALTER TABLE radreply MODIFY COLUMN attribute varchar(64) COLLATE utf8_bin NOT NULL DEFAULT '';" |
db_query "ALTER TABLE radgroupcheck MODIFY COLUMN attribute varchar(64) COLLATE utf8_bin NOT NULL DEFAULT '';" |
db_query "ALTER TABLE radgroupreply MODIFY COLUMN attribute varchar(64) COLLATE utf8_bin NOT NULL DEFAULT '';" |
# Fix a potential bug |
db_query "UPDATE radreply SET attribute = 'Alcasar-Status-Page-Must-Stay-Open' WHERE attribute = 'Alcasar-Status-Page-Must-Stay-Op';" |
db_query "UPDATE radgroupreply SET attribute = 'Alcasar-Status-Page-Must-Stay-Open' WHERE attribute = 'Alcasar-Status-Page-Must-Stay-Op';" |
Property changes: |
Added: svn:eol-style |
+LF |
\ No newline at end of property |
Added: svn:executable |
+* |
\ No newline at end of property |
Added: svn:keywords |
+Id |
\ No newline at end of property |
/scripts/alcasar-migrations/alcasar-migration-3.3.0_dbRadiusAttrs.sh |
---|
0,0 → 1,103 |
#!/bin/bash |
# |
# $Id$ |
# |
# alcasar-migration-3.3.0_dbRadiusAttrs.sh |
# by Tom HOUDAYER |
# |
# This script is distributed under the Gnu General Public License (GPL) |
# |
# Migrate user database to ALCASAR 3.3.0 |
# Changes: |
# - Explode "Filter-Id" RADIUS attribute into "Alcasar-Filter", "Alcasar-Protocols-Filter", "Alcasar-Status-Page-Must-Stay-Open" and "Alcasar-Imputability-Warning" |
# - Rename "ChilliSpot-*" RADIUS attribute to "CoovaChilli-*" |
# - Rename "Max-All-Session" RADIUS attribute to "Alcasar-Expire-After" |
PASSWD_FILE="/root/ALCASAR-passwords.txt" |
DB_PASS=$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) |
DRY_RUN=false |
if [ $# -eq 1 ] && [ "$1" == "--simulation" ]; then |
DRY_RUN=true |
fi |
db_query () { |
if $DRY_RUN && [[ ! "$1" =~ ^'SELECT ' ]]; then |
echo "[SQL] request: \"$1\"" |
else |
mysql -u root -p"$DB_PASS" -D radius -e "$1" -Ns |
[ $? -ne 0 ] && echo "[SQL] ERROR (\"$1\")" |
fi |
} |
for step in $(seq 1 2); do |
if [ $step -eq 1 ]; then |
tableNameCheck='radcheck' |
tableNameReply='radreply' |
loginName='username' |
else |
tableNameCheck='radgroupcheck' |
tableNameReply='radgroupreply' |
loginName='groupname' |
fi |
# Explode "Filter-Id" RADIUS attribute into "Alcasar-Filter", "Alcasar-Protocols-Filter", "Alcasar-Status-Page-Must-Stay-Open" and "Alcasar-Imputability-Warning" |
db_res=$(db_query "SELECT $loginName, value FROM $tableNameReply WHERE attribute = 'Filter-Id';") |
if [ -n "$db_res" ]; then |
echo "$(echo "$db_res" | wc -l) \"Filter-Id\" found in table \"$tableNameReply\"." |
while read -r line; do |
login=$(echo "$line" | cut -f1) |
filterId=$(echo "$line" | cut -f2) |
echo " $login ($filterId)..." |
if [ ${filterId:5:1} == '1' ]; then # Filter: HAVP_WL |
filter='4' |
elif [ ${filterId:6:1} == '1' ]; then # Filter: HAVP_BL |
filter='3' |
elif [ ${filterId:7:1} == '1' ]; then # Filter: HAVP |
filter='2' |
else # Filter: NOT_FILTERED |
filter='' |
fi |
[ ! -z "$filter" ] && db_query "INSERT INTO $tableNameReply ($loginName, attribute, value, op) VALUES ('$login','Alcasar-Filter','$filter', '=');" |
if [ ${filterId:2:1} == '1' ]; then # FilterProto: PROFILE 3 (Custom) |
filterProto='4'; |
elif [ ${filterId:1:1} == '1' ]; then # FilterProto: PROFILE 2 (WEB + Mail + Remote access) |
filterProto='3'; |
elif [ ${filterId:0:1} == '1' ]; then # FilterProto: PROFILE 1 (WEB) |
filterProto='2'; |
else # FilterProto: PROFILE 0 (Not filtered) |
filterProto=''; |
fi |
[ ! -z "$filterProto" ] && db_query "INSERT INTO $tableNameReply ($loginName, attribute, value, op) VALUES ('$login','Alcasar-Protocols-Filter','$filterProto', '=');" |
if [ ${filterId:4:1} == '1' ]; then # status_open_required |
statusOpenRequired='2'; |
else |
statusOpenRequired=''; |
fi |
[ ! -z "$statusOpenRequired" ] && db_query "INSERT INTO $tableNameReply ($loginName, attribute, value, op) VALUES ('$login','Alcasar-Status-Page-Must-Stay-Open','$statusOpenRequired', '=');" |
if [ ${filterId:3:1} == '1' ]; then # imputability warning |
imputabilityWarning='1'; |
else |
imputabilityWarning=''; |
fi |
[ ! -z "$imputabilityWarning" ] && db_query "INSERT INTO $tableNameReply ($loginName, attribute, value, op) VALUES ('$login','Alcasar-Imputability-Warning','$imputabilityWarning', '=');" |
db_query "DELETE FROM $tableNameReply WHERE attribute = 'Filter-Id' AND $loginName = '$login';" |
done <<< "$db_res" |
fi |
# Rename "ChilliSpot-*" RADIUS attribute to "CoovaChilli-*" |
db_query "UPDATE $tableNameReply SET attribute = 'CoovaChilli-Max-Input-Octets' WHERE attribute = 'ChilliSpot-Max-Input-Octets';" |
db_query "UPDATE $tableNameReply SET attribute = 'CoovaChilli-Max-Output-Octets' WHERE attribute = 'ChilliSpot-Max-Output-Octets';" |
db_query "UPDATE $tableNameReply SET attribute = 'CoovaChilli-Max-Total-Octets' WHERE attribute = 'ChilliSpot-Max-Total-Octets';" |
db_query "UPDATE $tableNameReply SET attribute = 'CoovaChilli-Bandwidth-Max-Up' WHERE attribute = 'ChilliSpot-Bandwidth-Max-Up';" |
db_query "UPDATE $tableNameReply SET attribute = 'CoovaChilli-Bandwidth-Max-Down' WHERE attribute = 'ChilliSpot-Bandwidth-Max-Down';" |
# Rename "Max-All-Session" RADIUS attribute to "Alcasar-Expire-After" |
db_query "UPDATE $tableNameCheck SET attribute = 'Alcasar-Expire-After' WHERE attribute = 'Max-All-Session';" |
done |
Property changes: |
Added: svn:eol-style |
+LF |
\ No newline at end of property |
Added: svn:executable |
+* |
\ No newline at end of property |
Added: svn:keywords |
+Id |
\ No newline at end of property |
/scripts/alcasar-migrations/alcasar-migration-3.3.1_dbRadiusAttrs.sh |
---|
0,0 → 1,62 |
#!/bin/bash |
# |
# $Id$ |
# |
# alcasar-migration-3.3.1_dbRadiusAttrs.sh |
# by Tom HOUDAYER |
# |
# This script is distributed under the Gnu General Public License (GPL) |
# |
# Migrate user database to ALCASAR 3.3.1 |
# Changes: |
# - Move "CoovaChilli-Max-Total-Octets" RADIUS attribute from radreply to radcheck |
# - Delete "CoovaChilli-Max-Input-Octets" and "CoovaChilli-Max-Output-Octets" RADIUS attributes |
PASSWD_FILE="/root/ALCASAR-passwords.txt" |
DB_PASS=$(grep ^db_root= $PASSWD_FILE | cut -d'=' -f2-) |
DRY_RUN=false |
if [ $# -eq 1 ] && [ "$1" == "--simulation" ]; then |
DRY_RUN=true |
fi |
db_query () { |
if $DRY_RUN && [[ ! "$1" =~ ^'SELECT ' ]]; then |
echo "[SQL] request: \"$1\"" |
else |
mysql -u root -p"$DB_PASS" -D radius -e "$1" -Bs |
[ $? -ne 0 ] && echo "[SQL] ERROR (\"$1\")" |
fi |
} |
for step in $(seq 1 2); do |
if [ $step -eq 1 ]; then |
tableNameCheck='radcheck' |
tableNameReply='radreply' |
loginName='username' |
else |
tableNameCheck='radgroupcheck' |
tableNameReply='radgroupreply' |
loginName='groupname' |
fi |
# Move "CoovaChilli-Max-Total-Octets" RADIUS attribute from radreply to radcheck |
db_res=$(db_query "SELECT $loginName, value FROM $tableNameReply WHERE attribute = 'CoovaChilli-Max-Total-Octets';") |
if [ -n "$db_res" ]; then |
echo "$(echo "$db_res" | wc -l) \"CoovaChilli-Max-Total-Octets\" found in table \"$tableNameReply\"." |
while read -r line; do |
login=$(echo "$line" | cut -f1) |
value=$(echo "$line" | cut -f2) |
echo " $login..." |
db_query "INSERT INTO $tableNameCheck ($loginName, attribute, value, op) VALUES ('$login','CoovaChilli-Max-Total-Octets','$value', ':=');" |
done <<< "$db_res" |
db_query "DELETE FROM $tableNameReply WHERE attribute = 'CoovaChilli-Max-Total-Octets';" |
fi |
# Delete "CoovaChilli-Max-Input-Octets" and "CoovaChilli-Max-Output-Octets" RADIUS attributes |
db_query "DELETE FROM $tableNameReply WHERE attribute = 'CoovaChilli-Max-Input-Octets';" |
db_query "DELETE FROM $tableNameReply WHERE attribute = 'CoovaChilli-Max-Output-Octets';" |
done |
Property changes: |
Added: svn:eol-style |
+LF |
\ No newline at end of property |
Added: svn:executable |
+* |
\ No newline at end of property |
Added: svn:keywords |
+Id |
\ No newline at end of property |
/scripts/alcasar-mysql.sh |
---|
9,6 → 9,7 |
# Management of mysql 'radius' database (save / import / RAZ). Close the accounting open sessions |
rep_tr="/var/Save/base" # répertoire d'accueil des sauvegardes |
DIR_BIN="/usr/local/bin" |
PASSWD_FILE="/root/ALCASAR-passwords.txt" |
DB_RADIUS="radius" |
DB_USER=$(grep '^db_user=' $PASSWD_FILE | cut -d'=' -f 2-) |
117,6 → 118,10 |
stop_acct |
;; |
esac |
migrationsPath="$DIR_BIN/alcasar-migrations" |
"$migrationsPath/alcasar-migration-3.2.0_dbStructure.sh" |
"$migrationsPath/alcasar-migration-3.3.0_dbRadiusAttrs.sh" |
"$migrationsPath/alcasar-migration-3.3.1_dbRadiusAttrs.sh" |
fi |
;; |
-r | --raz | -raz) |