WebSVN – ALCASAR – Path Comparison – /

Ignore whitespace Rev 1365 → Rev 1366

 /alcasar.sh
 ,4 → 1,3
 #!/bin/bash
 #  $Id$
 ,7 → 1085,7
         fi
         groupadd -f havp
         useradd -r -g havp -s /bin/false -c "system user for havp" havp
-        mkdir -p /var/tmp/havp /var/log/havp
+        mkdir -p /var/tmp/havp /var/log/havp /var/run/havp
         chown -R havp /var/tmp/havp /var/log/havp /var/run/havp
         [ -e /etc/havp/havp.config.default ] || cp /etc/havp/havp.config /etc/havp/havp.config.default
         $SED "/^REMOVETHISLINE/d" /etc/havp/havp.config
 ,7 → 1132,7
         for log_type in traceability ssh ext-access
         do
                 [ -e /lib/systemd/system/ulogd-$log_type.service ] || cp -f /lib/systemd/system/ulogd.service /lib/systemd/system/ulogd-$log_type.service
-                /var/log/firewall/$log_type.log ] || touch /var/log/firewall/$log_type.log
+                /var/log/firewall/$log_type.log ] || echo "" > /var/log/firewall/$log_type.log
                 cp -f /etc/ulogd.conf /etc/ulogd-$log_type.conf
                 $SED "s?^nlgroup=.*?nlgroup=$nl?g" /etc/ulogd-$log_type.conf
                 $SED '/OPRINT/,$d' /etc/ulogd-$log_type.conf
 ,7 → 1163,7
 # Add PortTracker plugin
         mkdir -p /var/www/nfsen/plugins /var/log/netflow/porttracker /usr/share/nfsen/plugins
         chown -R nfsen:www-data /var/www/nfsen
-        chown -R apache:apache /usr/share/nfsen /var/log/netflow/porttracker
+        chown -R apache:apache /usr/share/nfsen
         cp -f $DIR_CONF/nfsen/PortTracker.pm /tmp/nfsen-1.3.6p1/contrib/PortTracker/
 # use of our conf file and init unit
         cp $DIR_CONF/nfsen/nfsen.conf /tmp/nfsen-1.3.6p1/etc/
 ,7 → 1176,7
 # Create RRD DB for porttracker (only in it still doesn't exist)
         cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.pm /usr/share/nfsen/plugins/
         cp /tmp/nfsen-1.3.6p1/contrib/PortTracker/PortTracker.php /var/www/nfsen/plugins/
-        [ d /var/log/netflow/porttracker ] || sudo -u apache nftrack -I -d /var/log/netflow/porttracker
+        [ -d /var/log/netflow/porttracker ] || sudo -u apache nftrack -I -d /var/log/netflow/porttracker
         chown -R apache:www-data /var/log/netflow/porttracker/
         chmod -R 775 /var/log/netflow/porttracker
 # Apache conf file

 /scripts/sbin/alcasar-bl.sh
 ,7 → 17,6
 DIR_tmp="/tmp/blacklists"
 FILE_tmp="/tmp/filesfilter.txt"
 FILE_ip_tmp="/tmp/filesipfilter.txt"
-FILE_IP_WL="/usr/local/share/ossi_wl"
 DIR_DG="/etc/dansguardian/lists"
 DIR_DG_BL="$DIR_DG/blacklists"
 BL_CATEGORIES="$DIR_CONF/alcasar-bl-categories"                         # list of names of the  BL categories
 ,10 → 24,11
 BL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-bl-categories-enabled"         #       '       '       BL enabled categories
 WL_CATEGORIES_ENABLED="$DIR_CONF/alcasar-wl-categories-enabled"         #       '       '       WL enabled categories
 DIR_SHARE="/usr/local/share"
+FILE_IP_WL="$DIR_SHARE/ossi_wl"
 DIR_DNS_BL="$DIR_SHARE/dnsmasq-bl"                                      # all the BL in the DNSMASQ format
 DIR_DNS_WL="$DIR_SHARE/dnsmasq-wl"                                      # all the WL    '       '       '
 DIR_IP_BL="$DIR_SHARE/iptables-bl"                                      # all the IP addresses of the BL
-DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled"                      # symbolic link to the dnsmasq  BL (only enabled categories)
+DIR_DNS_BL_ENABLED="$DIR_SHARE/dnsmasq-bl-enabled"                      # symbolic link to the domains BL (only enabled categories)
 DIR_DNS_WL_ENABLED="$DIR_SHARE/dnsmasq-wl-enabled"                      #       '       '       '       WL      '       '       '
 DIR_IP_BL_ENABLED="$DIR_SHARE/iptables-bl-enabled"                      #       '       '       ip BL (only enabled categories)
 DNSMASQ_BL_CONF="/etc/dnsmasq-blacklist.conf"                           # conf file of dnsmasq-blacklist
 ,10 → 149,10
                         chown apache $FILE_IP_WL
                 fi
                 # Saving ossi category
-                cp $DIR_IP_BL/ossi $DIR_tmp/ossi-ip
                 if [ -f $DIR_tmp/blacklists.tar.gz ]
                 then
-                        [ -d $DIR_DG_BL/ossi ] && mv -f $DIR_DG_BL/ossi $DIR_tmp
+                        [ -d $DIR_DG_BL/ossi ] && mv $DIR_DG_BL/ossi $DIR_tmp
+                        [ -e $DIR_IP_BL/ossi ] && mv $DIR_IP_BL/ossi $DIR_tmp/ossi-ip
                         rm -rf $DIR_DG_BL
                         mkdir $DIR_DG_BL
                         tar zxf $DIR_tmp/blacklists.tar.gz --directory=$DIR_DG/
 ,12 → 223,9
                         done
                 done
                 rm -f $FILE_tmp $FILE_ip_tmp
-                # Restoring ossi category
-                mv $DIR_tmp/ossi-ip $DIR_IP_BL/ossi
-                # Restoring whitelist ip
-                if [ -e $DIR_tmp/ossi_wl ]
-                then
-                        mv $DIR_tmpi/ossi_wl /usr/local/share/
+                # Restoring ossi files
+                [ -e $DIR_tmp/ossi-ip ] && mv $DIR_tmp/ossi-ip $DIR_IP_BL/ossi
+                [ -e $DIR_tmp/ossi_wl ] && mv $DIR_tmpi/ossi_wl $DIR_SHARE/ossi_wl
                 fi
                 rm -rf $DIR_tmp
                 echo

 /scripts/sbin/alcasar-uninstall.sh
 ,6 → 138,7
               rm -f /etc/ulogd-$log_type.conf && echo -n "$i, "
               i=`expr $i + 1`
               rm -f /lib/systemd/system/ulogd-$log_type && echo -n "$i"
+              done
 else echo -n "nothing to do"
 fi
 sleep 1
 ,7 → 146,7
 #nfsen
 echo -en "\n- nfsen(2) : "
         [ `grep "^nfsen:" /etc/passwd | wc -l` == 1 ] && userdel -r nfsen && echo -n "1, "
-        [ `grep "^www-data:" /etc/group | wc -l` == 1 ] && userdel -r www-data && groupdel www-data ; echo -n "2"
+        [ `grep "^www-data:" /etc/group | wc -l` == 1 ] && userdel -r www-data 2>/dev/null && groupdel www-data 2>/dev/null && echo -n "2"
 # We keep netflow RRD DB for the moment
 #[ -d /var/log/netflow ] && rm -rf /var/log/netflow && echo -n "3"

Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1365 → Rev 1366