Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2719 → Rev 2724

/CHANGELOG
3,7 → 3,7
********** ALCASAR CHANGELOG **********
-------------------- 3.4.0 --------------------
NEWS
- Replace DNSmasq server with Unbound
- Replace 4 DNSmasq servers with Unbound
- Add LDAPS (LDAP SSL) support.
- Add a global group named "default" for all users (the "ldap" group still exists for users authenticated through LDAP).
- Add LDAP filter.
/VERSION
1,0 → 0,0
3.3.3
3.4b
/alcasar.sh
84,7 → 84,7
SED="/bin/sed -i"
# ****************** End of global parameters *********************
 
license ()
license()
{
if [ $Lang == "fr" ]
then
106,9 → 106,9
then
exit 1
fi
}
} # End of license()
 
header_install ()
header_install()
{
clear
echo "-----------------------------------------------------------------------------"
115,7 → 115,7
echo " ALCASAR V$VERSION Installation"
echo "Application Libre pour le Contrôle d'Accès Sécurisé et Authentifié au Réseau"
echo "-----------------------------------------------------------------------------"
}
} # End of header_install()
 
########################################################
## Function "testing" ##
124,7 → 124,7
## - Test free space on /var (>10G) ##
## - Test Internet access ##
########################################################
testing ()
testing()
{
# Test of Mageia version
# extract the current Mageia version and hardware architecture (i586 ou X64)
255,7 → 255,7
 
if [ -z "$INTIF" ]; then
interfacesList=$(/usr/sbin/ip -br link show | cut -d' ' -f1 | grep -v "^\(lo\|tun0\|$EXTIF\)\$")
interfacesCount=$(echo "$interfacesList" | wc -l)
interfacesCount=$(echo "$interfacesList" | wc -w)
if [ $interfacesCount -eq 0 ]; then
if [ "$Lang" == 'fr' ]
then echo "Aucune interface de disponible pour le réseau interne"
267,7 → 267,6
else
interfacesSorted=$(/usr/sbin/ip -br addr | grep -v "^\(lo\|tun0\|$EXTIF\) " | sort -b -k3n -k2r -k1)
interfacePreferred=$(echo "$interfacesSorted" | head -1 | cut -d' ' -f1)
 
if [ "$Lang" == 'fr' ]
then echo 'Liste des interfaces disponible :'
else echo 'List of available interfaces:'
416,7 → 415,7
exit 1
fi
echo ". : ok"
} # end of testing ()
} # End of testing()
 
#######################################################################
## Function "init" ##
423,7 → 422,7
## - Creation of ALCASAR conf file "/usr/local/etc/alcasar.conf ##
## - Creation of random password for GRUB, mariadb (admin and user) ##
#######################################################################
init ()
init()
{
if [ "$mode" != "update" ]
then
494,7 → 493,7
DOMAIN=$DOMAIN
EOF
chmod o-rwx $CONF_FILE
} # End of init ()
} # End of init()
 
#########################################################
## Function "network" ##
504,7 → 503,7
## - Write "/etc/hosts" file ##
## - write "hosts.allow" & "hosts.deny" files ##
#########################################################
network ()
network()
{
header_install
if [ "$mode" != "update" ]
761,7 → 760,7
$SED "s?\[ -f \$IPTABLES_CONFIG \] .*?#&?" /usr/libexec/iptables.init # comment the test (flush all rules & policies)
#
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh
} # End of network ()
} # End of network()
 
###################################################
## Function "ACC" ##
770,7 → 769,7
## - creation of the first ACC admin account ##
## - secure the ACC access ##
###################################################
ACC ()
ACC()
{
[ -d $DIR_WEB ] && rm -rf $DIR_WEB
mkdir $DIR_WEB
876,24 → 875,24
[ -e /var/Save/security/acc_access.log ] || touch /var/Save/security/acc_access.log
chown root:apache /var/Save/security/acc_access.log
chmod 664 /var/Save/security/acc_access.log
} # End of ACC ()
} # End of ACC()
 
##################################################################
## Fonction "CA" ##
## - Creating the CA and the server certificate (lighttpd) ##
##################################################################
CA ()
CA()
{
$DIR_DEST_BIN/alcasar-CA.sh
chown -R root:apache /etc/pki
chmod -R 750 /etc/pki
} # End of CA ()
} # End of CA()
 
#############################################################
## Function "time_server" ##
## - Configuring NTP server ##
#############################################################
time_server ()
time_server()
{
# Set the Internet time server
[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default
918,7 → 917,7
chown -R ntp:ntp /var/lib/ntp
# Synchronize now
ntpd -4 -q -g &
} # End of time_server ()
} # End of time_server()
 
#####################################################################
## Function "init_db" ##
928,7 → 927,7
## - Radius database creation ##
## - Copy of accounting tables (mtotacct, totacct) & userinfo ##
#####################################################################
init_db ()
init_db()
{
if [ "`systemctl is-active mysqld`" == "active" ]
then
941,6 → 940,7
$SED "s?^;collation_server =.*?collation_server = utf8_unicode_ci?g" /etc/my.cnf
$SED "s?^;character_set_server =.*?character_set_server = utf8?g" /etc/my.cnf # accentuated user names are allowed
[ -e /etc/my.cnf.d/feedback.cnf ] && $SED "s?^plugin-load.*?#&?g" /etc/my.cnf.d/feedback.cnf # remove the feedback plugin (ALCASAR doesn't report anything !)
[ -e /etc/my.cnf.d/auth_gssapi.cnf ] && $SED "s?^plugin-load.*?#&?g" /etc/my.cnf.d/auth_gssapi.cnf # remove GSS plugin (ALCASAR doesn't use Kerberos)
/usr/sbin/mysqld-prepare-db-dir > /dev/null 2>&1
/usr/bin/systemctl set-environment MYSQLD_OPTS="--skip-grant-tables --skip-networking"
/usr/bin/systemctl start mysqld
957,7 → 957,6
fi
# Secure the server
/usr/bin/mysql --execute "GRANT ALL PRIVILEGES ON *.* TO root@'localhost' IDENTIFIED BY '$mysqlpwd';"
 
MYSQL="/usr/bin/mysql -uroot -p$mysqlpwd --execute"
$MYSQL "DROP DATABASE IF EXISTS test;DROP DATABASE IF EXISTS tmp;"
$MYSQL "CONNECT mysql;DELETE from user where User='';DELETE FROM user WHERE User='root' AND Host NOT IN ('localhost','127.0.0.1','::1');FLUSH PRIVILEGES;"
971,7 → 970,7
$SED "/^ExecStop=/a ExecStartPost=$DIR_DEST_BIN/alcasar-mysql.sh -acct_stop" /lib/systemd/system/mysqld.service
/usr/bin/systemctl unset-environment MYSQLD_OPTS
/usr/bin/systemctl daemon-reload
} # End of init_db ()
} # End of init_db()
 
###################################################################
## Function "freeradius" ##
979,7 → 978,7
## - Set the shared secret between coova-chilli and freeradius ##
## - Adapt the Mysql conf file and counters ##
###################################################################
freeradius ()
freeradius()
{
cp -f $DIR_CONF/empty-radiusd-db.sql /etc/raddb/
chown -R radius:radius /etc/raddb
1049,7 → 1048,7
/usr/bin/systemctl daemon-reload
# Allow apache to change some conf files (ie : ldap on/off)
chgrp apache /etc/raddb /etc/raddb/sites-available /etc/raddb/mods-available
} # End freeradius ()
} # End of freeradius()
 
#############################################################################
## Function "chilli" ##
1056,7 → 1055,7
## - Creation of the conf file and init file (systemd) for coova-chilli ##
## - Adapt the authentication web page (intercept.php) ##
#############################################################################
chilli ()
chilli()
{
# chilli unit for systemd
cat << EOF > /lib/systemd/system/chilli.service
1247,13 → 1246,13
fi
groupadd -f chilli
useradd -r -g chilli -s /bin/false -c "system user for coova-chilli" chilli
} # End of chilli ()
} # End of chilli()
 
################################################################
## Function "e2guardian" ##
## - Set the parameters of this HTML proxy (as controler) ##
################################################################
e2guardian ()
e2guardian()
{
mkdir -p /var/e2guardian /var/log/e2guardian
chown -R e2guardian /var/e2guardian /var/log/e2guardian
1308,13 → 1307,13
# Keep a copy of URL & domain filter configuration files
[ -e $DIR_DG/lists/bannedsitelist.default ] || mv $DIR_DG/lists/bannedsitelist $DIR_DG/lists/bannedsitelist.default
[ -e $DIR_DG/lists/bannedurllist.default ] || mv $DIR_DG/lists/bannedurllist $DIR_DG/lists/bannedurllist.default
} # End of e2guardian ()
} # End of e2guardian()
 
##################################################################
## Function "antivirus" ##
## - Set the parameters of havp, libclamav and freshclam ##
##################################################################
antivirus ()
antivirus()
{
# create 'havp' user
havp_exist=`grep -c ^havp: /etc/passwd`
1362,13 → 1361,13
$SED "s?MaxAttempts.*?MaxAttempts 3?g" /etc/freshclam.conf
# update now
/usr/bin/freshclam --no-warnings
} # End of antivirus ()
} # End of antivirus()
 
################################################################################
## Function "tinyproxy" ##
## - Set the parameters of tinyproxy (proxy between filtered users and havp) ##
################################################################################
tinyproxy ()
tinyproxy()
{
tinyproxy_exist=`grep -c ^tinyproxy: /etc/passwd`
if [ "$tinyproxy_exist" == "1" ]
1417,12 → 1416,13
WantedBy=multi-user.target
EOF
 
} # end of tinyproxy
##############################################################################
## function "ulogd" ##
## - Ulog config for multi-log files ##
##############################################################################
ulogd ()
} # end of tinyproxy()
 
##############################################################
## function "ulogd" ##
## - Ulog config for multi-log files ##
##############################################################
ulogd()
{
# Three instances of ulogd (three different logfiles)
[ -d /var/log/firewall ] || mkdir -p /var/log/firewall
1444,9 → 1444,8
chown -R root:apache /var/log/firewall
chmod 750 /var/log/firewall
chmod 640 /var/log/firewall/*
} # End of ulogd ()
} # End of ulogd()
 
 
##########################################################
## Function "nfsen" ##
## - install the nfsen grapher ##
1512,19 → 1511,19
# cp $DIR_CONF/nfsen/GeoLiteCity* /tmp/
# tar xzf /tmp/SURFmap_*.tar.gz -C /tmp/
# cd /tmp/
# /usr/bin/sh SURFmap/install.sh
# /usr/bin/sh SURFmap/install.sh (no more used since Google sells the access to googleMap API)
# clear the installation
# rm -rf /tmp/SURFmap*
rm -rf /tmp/nfsen-*
cd $DirTmp || { echo "Unable to find $DirTmp directory"; exit 1; }
chown -R apache:apache /var/www/html/acc/manager/nfsen /usr/share/nfsen /var/log/nfsen
} # End of nfsen ()
} # End of nfsen()
 
###########################################################
## Function "vnstat" ##
## - Initialization of Vnstat and vnstat phpFrontEnd ##
###########################################################
vnstat ()
vnstat()
{
[ -e /etc/vnstat.conf.default ] || cp /etc/vnstat.conf /etc/vnstat.conf.default
$SED "s?^Interface.*?Interface \"$EXTIF\"?g" /etc/vnstat.conf
1533,18 → 1532,17
$SED "s?\$iface_list =.*?\$iface_list = array('$EXTIF');?" $DIR_ACC/manager/stats/config.php
$SED "s?\$iface_title\['.*?\$iface_title\['$EXTIF'\] = \$title;?" $DIR_ACC/manager/stats/config.php
/usr/bin/vnstat -i $EXTIF -u --force
} # End of vnstat
} # End of vnstat()
 
##################################################################
## Function "dnsmasq" ##
## - creation of the conf files of the 4 intances of dnsmasq ##
## - creation of the file managing domain name (local & remote) ##
##################################################################
dnsmasq ()
###################################################################
## Function "dnsmasq" ##
## - creation of the conf files of dnsmasq (whitelist for ipset )##
###################################################################
dnsmasq()
{
[ -d /var/log/dnsmasq ] || mkdir /var/log/dnsmasq
[ -e /etc/dnsmasq.conf.default ] || mv /etc/dnsmasq.conf /etc/dnsmasq.conf.default
# 3rd dnsmasq listen on udp 55 ("dnsmasq with whitelist")
# dnsmasq listen on udp 55 ("dnsmasq with whitelist")
cat << EOF > /etc/dnsmasq-whitelist.conf
# Configuration file for "dnsmasq with whitelist"
# ADD Toulouse university whitelist domains
1562,17 → 1560,18
server=$DNS1
server=$DNS2
EOF
 
# Create dnsmasq-whitelist unit
mv /lib/systemd/system/dnsmasq.service /lib/systemd/system/dnsmasq.service.default
cp /lib/systemd/system/dnsmasq.service.default /lib/systemd/system/dnsmasq-whitelist.service
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/dnsmasq -C /etc/dnsmasq-whitelist.conf?g" /lib/systemd/system/dnsmasq-whitelist.service
$SED "s?^PIDFile=.*?PIDFile=/var/run/dnsmasq-whitelist.pid?g" /lib/systemd/system/dnsmasq-whitelist.service
} # End dnsmasq
} # End of dnsmasq()
 
##################################################
## Function "unbound" ##
##################################################
#########################################################
## Function "unbound" ##
## - create the conf files for 4 unbound services ##
## - create the systemd files for 4 unbound services ##
#########################################################
unbound ()
{
[ -d /etc/unbound/conf.d ] || mkdir -p /etc/unbound/conf.d
1585,11 → 1584,10
[ -d /etc/unbound/conf.d/blackhole ] || mkdir /etc/unbound/conf.d/blackhole
[ -d /var/log/unbound ] || { mkdir /var/log/unbound; chown unbound:unbound /var/log/unbound; }
[ -e /etc/unbound/unbound.conf.default ] || cp /etc/unbound/unbound.conf /etc/unbound/unbound.conf.default
 
# Local static DNS configuration
[ -e /etc/unbound/conf.d/common/local-dns/global.conf ] || touch /etc/unbound/conf.d/common/local-dns/global.conf
 
# Forward zone configuration file for all unbound dns servers
# Forward zone configuration file for all unbound dns servers
cat << EOF > /etc/unbound/conf.d/common/forward-zone.conf
forward-zone:
name: "."
1597,7 → 1595,7
forward-addr: $DNS2
EOF
 
# Custom configuration file for manual DNS configuration
# Custom configuration file for manual DNS configuration
cat << EOF > /etc/unbound/conf.d/common/local-forward/custom.conf
## Ajouter un bloc pour chaque nom de domaine géré par un autre seveur DNS
## Add one block for each domain name managed by an other DNS server
1613,7 → 1611,7
## INFO : local hostnames are resolved in /etc/hosts file
EOF
 
# Configuration file of ALCASAR main domains for $INTIF
# Configuration file of ALCASAR main domains for $INTIF
cat << EOF > /etc/unbound/conf.d/common/local-dns/${INTIF}.conf
server:
local-zone: "$HOSTNAME.$DOMAIN" static
1624,7 → 1622,7
local-data: "$DOMAIN. A"
EOF
 
# Configuration file for lo of forward unbound
# Configuration file for lo of forward unbound
cat << EOF > /etc/unbound/conf.d/forward/iface.lo.conf
server:
interface: 127.0.0.1@53
1639,7 → 1637,7
view-first: yes
EOF
 
# Configuration file for $INTIF of forward unbound
# Configuration file for $INTIF of forward unbound
cat << EOF > /etc/unbound/conf.d/forward/iface.${INTIF}.conf
server:
interface: ${PRIVATE_IP}@53
1654,7 → 1652,7
view-first: yes
EOF
 
# Configuration file for forward unbound
# Configuration file for forward unbound
cat << EOF > /etc/unbound/unbound.conf
server:
verbosity: 1
1661,7 → 1659,6
hide-version: yes
hide-identity: yes
do-ip6: no
 
include: /etc/unbound/conf.d/common/forward-zone.conf
include: /etc/unbound/conf.d/common/local-forward/*
include: /etc/unbound/conf.d/common/local-dns/*
1668,7 → 1665,7
include: /etc/unbound/conf.d/forward/*
EOF
 
# Configuration file for $INTIF of blacklist unbound
# Configuration file for $INTIF of blacklist unbound
cat << EOF > /etc/unbound/conf.d/blacklist/iface.${INTIF}.conf
server:
interface: ${PRIVATE_IP}@54
1678,7 → 1675,7
access-control-tag-data: $PRIVATE_IP_MASK "blacklist" "A $PRIVATE_IP"
EOF
 
# Configuration file for blacklist unbound
# Configuration file for blacklist unbound
cat << EOF > /etc/unbound/unbound-blacklist.conf
server:
verbosity: 1
1689,16 → 1686,14
chroot: ""
define-tag: "blacklist"
log-local-actions: yes
 
include: /etc/unbound/conf.d/common/forward-zone.conf
include: /etc/unbound/conf.d/common/local-forward/*
include: /etc/unbound/conf.d/common/local-dns/*
include: /etc/unbound/conf.d/blacklist/*
 
include: /usr/local/share/unbound-bl-enabled/*
EOF
 
# Configuration file for $INTIF of whitelist unbound
# Configuration file for $INTIF of whitelist unbound
cat << EOF > /etc/unbound/conf.d/whitelist/iface.${INTIF}.conf
server:
interface: ${PRIVATE_IP}@55
1708,7 → 1703,7
access-control-tag-data: $PRIVATE_IP_MASK "whitelist" "A $PRIVATE_IP"
EOF
 
# Configuration file for whitelist unbound
# Configuration file for whitelist unbound
cat << EOF > /etc/unbound/unbound-whitelist.conf
server:
verbosity: 1
1717,21 → 1712,18
do-ip6: no
do-not-query-localhost: no
define-tag: "whitelist"
 
local-zone: "." transparent
local-zone-tag: "." "whitelist"
 
include: /usr/local/share/unbound-wl-enabled/*
include: /etc/unbound/conf.d/whitelist/*
include: /etc/unbound/conf.d/common/local-dns/*
include: /etc/unbound/conf.d/common/local-forward/*
 
forward-zone:
name: "."
forward-addr: 127.0.0.1@55
EOF
 
# Configuration file for $INTIF of blackhole unbound
# Configuration file for $INTIF of blackhole unbound
cat << EOF > /etc/unbound/conf.d/blackhole/iface.${INTIF}.conf
server:
interface: ${PRIVATE_IP}@56
1743,7 → 1735,7
local-data: ". A $PRIVATE_IP"
EOF
 
# Configuration file for blackhole unbound
# Configuration file for blackhole unbound
cat << EOF > /etc/unbound/unbound-blackhole.conf
server:
verbosity: 1
1750,7 → 1742,6
hide-version: yes
hide-identity: yes
do-ip6: no
 
include: /etc/unbound/conf.d/blackhole/*
include: /etc/unbound/conf.d/common/local-dns/*
include: /etc/unbound/conf.d/common/local-forward/*
1762,7 → 1753,6
fi
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/unbound -d -c /etc/unbound/unbound.conf?g" /lib/systemd/system/unbound.service
$SED "s?^After=.*?After=syslog.target network-online.target chilli.service?g" /lib/systemd/system/unbound.service
 
for list in blacklist blackhole whitelist
do
cp -f /lib/systemd/system/unbound.service /lib/systemd/system/unbound-$list.service
1769,17 → 1759,15
$SED "s?^ExecStart=.*?ExecStart=/usr/sbin/unbound -d -c /etc/unbound/unbound-$list.conf?g" /lib/systemd/system/unbound-$list.service
$SED "s?^PIDFile=.*?PIDFile=/var/run/unbound-$list.pid?g" /lib/systemd/system/unbound-$list.service
done
 
$SED "s?^After=.*?After=syslog.target network-online.target chilli.service dnsmasq-whitelist.service?g" /lib/systemd/system/unbound-whitelist.service
} # End unbound
} # End of unbound()
 
##################################################
## Function "dhcpd" ##
##################################################
dhcpd ()
dhcpd()
{
[ -e /etc/dhcpd.conf.default ] || cp /etc/dhcpd.conf /etc/dhcpd.conf.default
 
cat <<EOF > /etc/dhcpd.conf
ddns-update-style none;
subnet $PRIVATE_NETWORK netmask $PRIVATE_NETMASK {
1786,13 → 1774,12
option routers $PRIVATE_IP;
option subnet-mask $PRIVATE_NETMASK;
option domain-name-servers $PRIVATE_IP;
 
range dynamic-bootp $PRIVATE_SECOND_IP $PRIVATE_LAST_IP;
default-lease-time 21600;
max-lease-time 43200;
}
EOF
}
} # End of dhcpd()
 
##########################################################
## Function "BL" ##
1802,7 → 1789,7
## - URLs for E²guardian ##
## - IPs for NetFilter ##
##########################################################
BL ()
BL()
{
# copy the Toulouse university BL in order to be adapted to ALCASAR architecture (alcasar-bl.sh -adapt)
rm -rf $DIR_DG/lists/blacklists
1857,13 → 1844,13
# enable the default categories
$DIR_DEST_BIN/alcasar-bl.sh --cat_choice
rm -rf /tmp/blacklists
} # End BL()
} # End of BL()
 
#######################################################
## Function "cron" ##
## - write all cron & anacron files ##
#######################################################
cron ()
cron()
{
# 'crontab' with standard cron at midnight instead of 4:0 am (default)
[ -e /etc/crontab.default ] || cp /etc/crontab /etc/crontab.default
1939,7 → 1926,7
 
# removing the users crons
rm -f /var/spool/cron/*
} # End cron()
} # End of cron()
 
######################################################################
## Fonction "Fail2Ban" ##
1960,7 → 1947,7
$SED '/ExecStart=/a\ExecStop=/usr/bin/fail2ban-client stop' /usr/lib/systemd/system/fail2ban.service
$SED '/Type=/a\PIDFile=/var/run/fail2ban/fail2ban.pid' /usr/lib/systemd/system/fail2ban.service
$SED '/After=*/c After=syslog.target network.target lighttpd.service' /usr/lib/systemd/system/fail2ban.service
} # End fail2ban()
} # End of fail2ban()
 
#########################################################
## Fonction "gammu_smsd" ##
2049,7 → 2036,7
# Udev rule for fixing the enumeration of ttyUSB port on some MODEM (when they switch randomly the order of their ports at boot time)
# example : http://hintshop.ludvig.co.nz/show/persistent-names-usb-serial-devices/
 
} # End gammu_smsd()
} # End of gammu_smsd()
 
############################################################
## Fonction "msec" ##
2084,9 → 2071,8
/usr/sbin/msec
/etc/cron.weekly/msec
 
} # End msec()
} # End of msec()
 
 
##################################################################
## Fonction "letsencrypt" ##
## - Install Let's Encrypt client ##
2138,7 → 2124,7
cd $pwdInstall || { echo "Unable to find $pwdInstall directory"; exit 1; }
rm -rf /tmp/acme.sh-*
 
} # END letsencrypt()
} # End of letsencrypt()
 
##################################################################
## Fonction "post_install" ##
2352,7 → 2338,7
fi
clear
reboot
} # End post_install ()
} # End of post_install()
 
#####################################################################################
# Main Install loop #
2386,10 → 2372,16
exit 0
;;
-i | --install)
header_install
license
header_install
testing
for func in license testing
do
header_install
$func
if [ $DEBUG_ALCASAR == "on" ]
then
echo "*** 'debug' : end of install '$func' ***"
read
fi
done
# RPMs install
$DIR_SCRIPTS/alcasar-urpmi.sh
if [ "$?" != "0" ]
/readme.txt
1,22 → 1,22
$Id: readme-2.0.txt 581 2011-04-21 16:59:59Z richard $
 
Alcasar-3.3.3
ALCASAR-3.4
 
*********** English **********
- New installation : Need the DVD of Linux Mageia6 (Mageia-6-x86_64-DVD.iso) or the ISO file of ALCASAR (Mageiar).
- New installation : Boot your system with the ISO file of ALCASAR. This ISO is a dedicated version of Linux Mageia (Linux Mageia + ALCASAR = Mageiar).
--> Follow ALCASAR installation documentation.
- Update a 3.2 or higher
--> On your running ALCASAR, retrieve the last version of ALCASAR archive file (lftp http://ftp.alcasar.net)
--> Run the installation of the new version & choose "update"
- Update ALCASAR 3.2 or higher
--> On your running ALCASAR, retrieve the last version of ALCASAR archive file "alcasar-x.y.z.tar.gz" (for example, with the command "lftp http://ftp.alcasar.net")
--> uncompress this archive and run it. During the installation process of this new version, choose "update"
- Update an older version
--> Write network parameters of your running ALCASAR. Save the users database
--> Install the new version & import the old users database
--> Save and store the users database of your current ALCASAR
--> Install the new version. Import the previous saved users database
*********** Français ********
- Nouvelle installation : elle s'effectue sur la base du DVD de Linux Mageia6 (Mageia-6-x86_64-DVD.iso) ou de l'image ISO d'ALCASAR (Mageiar).
--> Suivez la procédure d'installation d'ALCASAR.
- Nouvelle installation : Démarrez votre système avec l'image ISO d'ALCASAR. Cette ISO est une version dédiée de Linux Mageia (Linux MAgeia + ALCASAR = Mageiar).
--> Suivez la documentation d'installation d'ALCASAR.
- Mise à jour d'une version 3.2 ou supérieure
--> Sur votre ALCASAR en fonctionnement, récupérez la dernière version du fichier archive d'ALCASAR (lftp http://ftp.alcasar.net)
--> Lancez l'installation de la nouvelle version et choisissez "mise à jour"
--> Sur votre ALCASAR en fonctionnement, copiez la dernière version du fichier archive d'ALCASAR "alcasar-x.y.z.tar.gz" (par exemple avec la commande "lftp http://ftp.alcasar.net")
--> Décompressez cette archive et lancez l'installation. Pendant le processus d'installation, choisissez "mise à jour"
- Mise à jour d'une version plus ancienne
--> Notez les paramètres réseau de votre ALCASAR en fonctionnement. Sauvegardez la base des utilisateurs
--> Installez la nouvelle version et importez l'ancienne base des utilisateurs
--> Sauvegardez et archivez la base des utilisateurs de votre ALCASAR
--> Installez la nouvelle version. Importez la base des utilisateurs précédemment archivée.
/web/acc/admin/services.php
170,7 → 170,7
$MainServiceStatus['radiusd'] = checkServiceStatus("radiusd");
$MainServiceStatus['mysqld'] = checkServiceStatus("mysqld");
$MainServiceStatus['lighttpd'] = checkServiceStatus("lighttpd");
$MainServiceStatus['unbound'] = checkServiceStatus("unbound-forward");
$MainServiceStatus['unbound'] = checkServiceStatus("unbound");
$MainServiceStatus['ulogd_ssh'] = checkServiceStatus("ulogd-ssh");
$MainServiceStatus['ulogd_ext_access'] = checkServiceStatus("ulogd-ext-access");
$MainServiceStatus['ulogd_traceability'] = checkServiceStatus("ulogd-traceability");