WebSVN – ALCASAR – Diff – /alcasar.sh



#!/bin/bash
#  $Id: alcasar.sh 3093 2022-12-11 23:07:02Z rexy $
 
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, dnsmasq, unbound, gammu, clamav, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
# contact : info@alcasar.net
 

## - log rotate & ANSSI security parameters                     ##
## - Apply former conf in case of an update                     ##
##################################################################
post_install()
{
	MAGEIA_VERSION=`cat /etc/lsb-release|grep "DISTRIB_DESCRIPTION"|cut -d"=" -f2|tr -d '"'`
# change the SSHD options
	cp -f $DIR_CONF/banner /etc/ssh/alcasar-banner-ssh
	echo " Version $VERSION ($MAGEIA_VERSION)" >> /etc/ssh/alcasar-banner-ssh
	chmod 644 /etc/ssh/alcasar-banner-ssh ; chown root:root /etc/ssh/alcasar-banner-ssh
	[ -e /etc/ssh/sshd_config.default ] || cp /etc/ssh/sshd_config /etc/ssh/sshd_config.default
	$SED "s?^Banner.*?Banner /etc/ssh/alcasar-banner-ssh?g" /etc/ssh/sshd_config
	$SED "s?^#Banner.*?Banner /etc/ssh/alcasar-banner-ssh?g" /etc/ssh/sshd_config
# sshd listens on EXTIF & INTIF

# switch to multi-users runlevel (instead of x11)
	ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
# disable Core dump file
	[ -e /etc/security/limits.conf.default ]  || cp /etc/security/limits.conf /etc/security/limits.conf.default
	$SED "/^# End of file.*/i*\tsoft\tcore\t0\n*\thard\tcore\t0" /etc/security/limits.conf
 
# GRUB2 modifications (Wait time : 3s - ALCASAR entry - VGA=791 - Change the default banner
	[ -e /etc/default/grub.default ]  || cp /etc/default/grub /etc/default/grub.default
	$SED "s?^GRUB_TIMEOUT=.*?GRUB_TIMEOUT=3?g" /etc/default/grub
	$SED "s?^GRUB_DISTRIBUTOR=.*?GRUB_DISTRIBUTOR=ALCASAR?g" /etc/default/grub
	[ -e /etc/mageia-release.default ]  || cp /etc/mageia-release /etc/mageia-release.default

	if [ $vm_vga == 0 ] # is not a VM
	then
		cp -f $DIR_CONF/banner /etc/mageia-release # ALCASAR ASCII-Art
		echo >> /etc/mageia-release
		$SED "s?^GRUB_CMDLINE_LINUX_DEFAULT=\"?&vga=791 ?" /etc/default/grub
	else
		echo > /etc/mageia-release
	fi
	if [ $Lang == "fr" ]
	then
		echo "Bienvenue sur ALCASAR Version $VERSION ($MAGEIA_VERSION)" >> /etc/mageia-release
		echo "Connectez-vous à l'URL 'https://$HOSTNAME.$DOMAIN/acc'" >> /etc/mageia-release
	else
		echo "Welcome on ALCASAR Version $VERSION ($MAGEIA_VERSION)" >> /etc/mageia-release
		echo "Connect to 'https://$HOSTNAME.$DOMAIN/acc'" >> /etc/mageia-release
	fi
	/usr/bin/update-grub2
# Load and apply the previous conf file
	if [ "$mode" = "update" ]

Rev 3079	Rev 3093
Line 1...	Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar.sh 3079 2022-10-14 17:17:17Z rexy $`	2	`# $Id: alcasar.sh 3093 2022-12-11 23:07:02Z rexy $`
3		3
4	`# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)`	4	`# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)`
5	`# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, dnsmasq, unbound, gammu, clamav, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump`	5	`# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, dnsmasq, unbound, gammu, clamav, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump`
6	`# contact : info@alcasar.net`	6	`# contact : info@alcasar.net`
7		7
Line 2163...	Line 2163...
2163	`## - log rotate & ANSSI security parameters ##`	2163	`## - log rotate & ANSSI security parameters ##`
2164	`## - Apply former conf in case of an update ##`	2164	`## - Apply former conf in case of an update ##`
2165	`##################################################################`	2165	`##################################################################`
2166	`post_install()`	2166	`post_install()`
2167	`{`	2167	`{`
-		2168	MAGEIA_VERSION=`cat /etc/lsb-release\|grep "DISTRIB_DESCRIPTION"\|cut -d"=" -f2\|tr -d '"'`
2168	`# change the SSHD options`	2169	`# change the SSHD options`
2169	`cp -f $DIR_CONF/banner /etc/ssh/alcasar-banner-ssh`	2170	`cp -f $DIR_CONF/banner /etc/ssh/alcasar-banner-ssh`
2170	`echo " V$VERSION" >> /etc/ssh/alcasar-banner-ssh`	2171	`echo " Version $VERSION ($MAGEIA_VERSION)" >> /etc/ssh/alcasar-banner-ssh`
2171	`chmod 644 /etc/ssh/alcasar-banner-ssh ; chown root:root /etc/ssh/alcasar-banner-ssh`	2172	`chmod 644 /etc/ssh/alcasar-banner-ssh ; chown root:root /etc/ssh/alcasar-banner-ssh`
2172	`[ -e /etc/ssh/sshd_config.default ] \|\| cp /etc/ssh/sshd_config /etc/ssh/sshd_config.default`	2173	`[ -e /etc/ssh/sshd_config.default ] \|\| cp /etc/ssh/sshd_config /etc/ssh/sshd_config.default`
2173	`$SED "s?^Banner.*?Banner /etc/ssh/alcasar-banner-ssh?g" /etc/ssh/sshd_config`	2174	`$SED "s?^Banner.*?Banner /etc/ssh/alcasar-banner-ssh?g" /etc/ssh/sshd_config`
2174	`$SED "s?^#Banner.*?Banner /etc/ssh/alcasar-banner-ssh?g" /etc/ssh/sshd_config`	2175	`$SED "s?^#Banner.*?Banner /etc/ssh/alcasar-banner-ssh?g" /etc/ssh/sshd_config`
2175	`# sshd listens on EXTIF & INTIF`	2176	`# sshd listens on EXTIF & INTIF`
Line 2271...	Line 2272...
2271	`# switch to multi-users runlevel (instead of x11)`	2272	`# switch to multi-users runlevel (instead of x11)`
2272	`ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target`	2273	`ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target`
2273	`# disable Core dump file`	2274	`# disable Core dump file`
2274	`[ -e /etc/security/limits.conf.default ] \|\| cp /etc/security/limits.conf /etc/security/limits.conf.default`	2275	`[ -e /etc/security/limits.conf.default ] \|\| cp /etc/security/limits.conf /etc/security/limits.conf.default`
2275	`$SED "/^# End of file./i\tsoft\tcore\t0\n*\thard\tcore\t0" /etc/security/limits.conf`	2276	`$SED "/^# End of file./i\tsoft\tcore\t0\n*\thard\tcore\t0" /etc/security/limits.conf`
2276		-
2277	`# GRUB2 modifications (Wait time : 3s - ALCASAR entry - VGA=791 - Change the default banner`	2277	`# GRUB2 modifications (Wait time : 3s - ALCASAR entry - VGA=791 - Change the default banner`
2278	`[ -e /etc/default/grub.default ] \|\| cp /etc/default/grub /etc/default/grub.default`	2278	`[ -e /etc/default/grub.default ] \|\| cp /etc/default/grub /etc/default/grub.default`
2279	`$SED "s?^GRUB_TIMEOUT=.*?GRUB_TIMEOUT=3?g" /etc/default/grub`	2279	`$SED "s?^GRUB_TIMEOUT=.*?GRUB_TIMEOUT=3?g" /etc/default/grub`
2280	`$SED "s?^GRUB_DISTRIBUTOR=.*?GRUB_DISTRIBUTOR=ALCASAR?g" /etc/default/grub`	2280	`$SED "s?^GRUB_DISTRIBUTOR=.*?GRUB_DISTRIBUTOR=ALCASAR?g" /etc/default/grub`
2281	`[ -e /etc/mageia-release.default ] \|\| cp /etc/mageia-release /etc/mageia-release.default`	2281	`[ -e /etc/mageia-release.default ] \|\| cp /etc/mageia-release /etc/mageia-release.default`
Line 2283...	Line 2283...
2283	`if [ $vm_vga == 0 ] # is not a VM`	2283	`if [ $vm_vga == 0 ] # is not a VM`
2284	`then`	2284	`then`
2285	`cp -f $DIR_CONF/banner /etc/mageia-release # ALCASAR ASCII-Art`	2285	`cp -f $DIR_CONF/banner /etc/mageia-release # ALCASAR ASCII-Art`
2286	`echo >> /etc/mageia-release`	2286	`echo >> /etc/mageia-release`
2287	`$SED "s?^GRUB_CMDLINE_LINUX_DEFAULT=\"?&vga=791 ?" /etc/default/grub`	2287	`$SED "s?^GRUB_CMDLINE_LINUX_DEFAULT=\"?&vga=791 ?" /etc/default/grub`
-		2288	`else`
-		2289	`echo > /etc/mageia-release`
2288	`fi`	2290	`fi`
2289	`if [ $Lang == "fr" ]`	2291	`if [ $Lang == "fr" ]`
2290	`then`	2292	`then`
2291	`echo "Bienvenue sur ALCASAR V$VERSION" >> /etc/mageia-release`	2293	`echo "Bienvenue sur ALCASAR Version $VERSION ($MAGEIA_VERSION)" >> /etc/mageia-release`
2292	`echo "Connectez-vous à l'URL 'https://$HOSTNAME.$DOMAIN/acc'" >> /etc/mageia-release`	2294	`echo "Connectez-vous à l'URL 'https://$HOSTNAME.$DOMAIN/acc'" >> /etc/mageia-release`
2293	`else`	2295	`else`
2294	`echo "Welcome on ALCASAR V$VERSION" >> /etc/mageia-release`	2296	`echo "Welcome on ALCASAR Version $VERSION ($MAGEIA_VERSION)" >> /etc/mageia-release`
2295	`echo "Connect to 'https://$HOSTNAME.$DOMAIN/acc'" >> /etc/mageia-release`	2297	`echo "Connect to 'https://$HOSTNAME.$DOMAIN/acc'" >> /etc/mageia-release`
2296	`fi`	2298	`fi`
2297	`/usr/bin/update-grub2`	2299	`/usr/bin/update-grub2`
2298	`# Load and apply the previous conf file`	2300	`# Load and apply the previous conf file`
2299	`if [ "$mode" = "update" ]`	2301	`if [ "$mode" = "update" ]`

Subversion Repositories ALCASAR

(root)/alcasar.sh – Rev 3079 → 3093