67,7 → 67,7 |
# backup the users database (test to delete in future version) |
$DIR_BIN/alcasar-mysql.sh --dump |
cp /var/Save/base/"$(ls -1t /var/Save/base|head -1)" $DIR_UPDATE |
# backup the logo |
# backup organism logo |
cp -f $DIR_WEB/images/organisme.png $DIR_UPDATE |
# backup BL/WL custom files |
mkdir $DIR_UPDATE/custom_bl |
81,10 → 81,9 |
cp -rf $DIR_BLACKLIST/ossi-* $DIR_UPDATE/custom_bl/ 2>/dev/null |
fi |
done |
# backup of different conf files (main conf file, filtering, digest, /etc/hosts, etc.) |
# backup conf files (main conf file, filtering, digest, etc.) |
mkdir $DIR_UPDATE/etc/ |
cp -rf $DIR_ETC/* $DIR_UPDATE/etc/ |
cp /etc/hosts $DIR_UPDATE/etc/ |
# backup of the security certificates (server & CA) |
cp -f /etc/pki/tls/certs/alcasar.crt* $DIR_UPDATE |
cp -f /etc/pki/tls/private/alcasar.key* $DIR_UPDATE |
96,33 → 95,6 |
else |
cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE/server-chain.pem |
fi |
# pureip & safesearch status |
[ -d /etc/dansguardian ] && dg_path=/etc/dansguardian || dg_path=/etc/e2guardian |
|
if ! grep -Eq '^WL_SAFESEARCH=' $DIR_UPDATE/etc/alcasar.conf; then |
if [ -f /etc/dnsmasq-whitelist.conf ] && grep -iq "SafeSearch" /etc/dnsmasq-whitelist.conf; then |
echo 'WL_SAFESEARCH=on' >> $DIR_UPDATE/etc/alcasar.conf |
else |
echo 'WL_SAFESEARCH=off' >> $DIR_UPDATE/etc/alcasar.conf |
fi |
fi |
|
if ! grep -Eq '^BL_SAFESEARCH=' $DIR_UPDATE/etc/alcasar.conf; then |
if [ -f /etc/dnsmasq-blacklist.conf ] && grep -iq "SafeSearch" /etc/dnsmasq-blacklist.conf; then |
echo 'BL_SAFESEARCH=on' >> $DIR_UPDATE/etc/alcasar.conf |
else |
echo 'BL_SAFESEARCH=off' >> $DIR_UPDATE/etc/alcasar.conf |
fi |
fi |
|
if ! grep -Eq '^BL_PUREIP=' $DIR_UPDATE/etc/alcasar.conf; then |
if grep -Eq "^\*ip" $dg_path/lists/bannedsitelist; then |
echo 'BL_PUREIP=on' >> $DIR_UPDATE/etc/alcasar.conf |
else |
echo 'BL_PUREIP=off' >> $DIR_UPDATE/etc/alcasar.conf |
fi |
fi |
|
# archive file creation |
cd /var/tmp || { echo "Unable to find /var/tmp directory"; } |
tar -cf alcasar-conf.tar conf/ |
133,59 → 105,25 |
--load|-load) |
cd /var/tmp || { echo "Unable to find /var/tmp directory"; } |
tar -xf alcasar-conf*.tar.gz |
######################### modifications between versions ####################### |
# Retrieve the previous version |
# copy alcasar.conf parameters |
PREVIOUS_VERSION=`grep ^VERSION= $DIR_UPDATE/etc/alcasar.conf|cut -d"=" -f2` |
MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1` |
MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2` |
UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3|cut -c1` |
## From 3.2.0 & 3.2.1 ## |
## rewrite /etc/hosts file managing hostname resolution |
PRIVATE_IP=`grep ^PRIVATE_IP= $CONF_FILE|cut -d"=" -f2|cut -d"/" -f1` |
HOSTNAME=`grep ^HOSTNAME= $CONF_FILE|cut -d"=" -f2-` |
domainNames="$HOSTNAME $HOSTNAME.$DOMAIN" |
[ "$HOSTNAME" != 'alcasar' ] && domainNames="alcasar $domainNames" |
if [ "$(grep -c "$PRIVATE_IP\s$domainNames" $DIR_UPDATE/etc/hosts )" -eq 0 ]; then |
cat << EOF > $DIR_UPDATE/etc/hosts |
127.0.0.1 localhost |
$PRIVATE_IP $domainNames |
EOF |
fi |
## apache & dansguardian are replaced with lighttpd & EĀ²guardian |
if [ "$(rpm -qa | grep '^\(apache\|apache-mod_php\|apache-mod_ssl\|dansguardian\)-' | wc -l)" -ne 0 ]; then |
rm_rpm="apache apache-mod_php apache-mod_ssl dansguardian" |
/usr/sbin/urpme --auto -a $rm_rpm 2>/dev/null |
/usr/sbin/urpme --auto --auto-orphans |
rm -rf /etc/httpd/ /var/log/httpd/ /var/dansguardian/ /etc/dansguardian/ |
fi |
## lighttpd need a .pem certificate (aggregation with private key & server crt) |
for line in `cat $DIR_UPDATE/etc/alcasar.conf | grep "=" | grep -v "^#" | grep -v " "| grep -v "VERSION"` |
do |
key=`echo $line | cut -d"=" -f1` |
key=$key= |
value=`echo $line|cut -d"=" -f2-` |
if [ "$value" != "" ] |
then |
echo "key = $key ; value = $value" |
sed -i "s?^$key.*?$key$value?g" /usr/local/etc/alcasar.conf |
fi |
done |
## lighttpd need a .pem certificate (aggregation with private key & server crt) |
[ ! -f $DIR_UPDATE/alcasar.pem ] && (cat $DIR_UPDATE/alcasar.key; echo; cat $DIR_UPDATE/alcasar.crt) > $DIR_UPDATE/alcasar.pem |
## From 3.3.0 ## |
# add "SMS=off" in conf file |
if [ "$(grep -c '^SMS=' $DIR_UPDATE/etc/alcasar.conf)" -eq 0 ]; then |
echo "SMS=off" >> $DIR_UPDATE/etc/alcasar.conf |
fi |
if [ "$(grep -c '^SMS_NUM=' $DIR_UPDATE/etc/alcasar.conf)" -eq 0 ]; then |
echo "SMS_NUM=" >> $DIR_UPDATE/etc/alcasar.conf |
fi |
## From 3.4.0 ## |
# Fix subdomain dot position (.domain.org to domain.org.) for Unbound |
for file in $DIR_E2G/exceptionsitelist $DIR_BLACKLIST/ossi-bl*/domains $DIR_BLACKLIST/ossi-wl*/domains; do |
[ -f $file ] && $SED "s/^\.\(.*\)$/\1./g" $file |
done |
# Add LDAPS parameters to config file |
if [ "$(grep -c '^LDAP_SSL=' $DIR_UPDATE/etc/alcasar.conf)" -eq 0 ]; then |
echo "LDAP_SSL=on" >> $DIR_UPDATE/etc/alcasar.conf |
fi |
if [ "$(grep -c '^LDAP_CERT_REQUIRED=' $DIR_UPDATE/etc/alcasar.conf)" -eq 0 ]; then |
echo "LDAP_CERT_REQUIRED=" >> $DIR_UPDATE/etc/alcasar.conf |
fi |
# remove DNSMASQ primary service (keep only one instance for whitelist on port 55) |
[ -e /etc/dnsmasq.conf.default ] && mv /etc/dnsmasq.conf.default /etc/dnsmasq.conf |
[ -e /lib/systemd/system/dnsmasq.service.default ] && rm /lib/systemd/system/dnsmasq.service.default |
[ -e /lib/systemd/system/dnsmasq.service ] && rm /lib/systemd/system/dnsmasq.service |
###################### End of modifications between versions ####################### |
# Retrieve the logo |
# Retrieve organism logo |
[ -e $DIR_UPDATE/organisme.png ] && cp -f $DIR_UPDATE/organisme.png $DIR_WEB/images/ |
chown apache:apache $DIR_WEB/images/organisme.png $DIR_WEB/intercept.php |
# Retrieve the security certificates (CA and server) |
204,9 → 142,7 |
# Import of the users database |
$DIR_BIN/alcasar-mysql.sh --import "$(ls $DIR_UPDATE/alcasar-users-database*)" |
# Retrieve local parameters |
cp -rf $DIR_UPDATE/etc/* $DIR_ETC/ |
mv -f $DIR_UPDATE/etc/hosts /etc/hosts |
chmod 755 /etc/hosts |
#TODO cp -rf $DIR_UPDATE/etc/* $DIR_ETC/ |
# Retrieve BL/WL custom files |
cp -f $DIR_UPDATE/custom_bl/exceptioniplist $DIR_E2G/ |
cp -f $DIR_UPDATE/custom_bl/exceptionsitelist $DIR_E2G/ |