WebSVN – ALCASAR – Diff – /scripts/alcasar-conf.sh

 #/bin/bash
-# $Id: alcasar-conf.sh 1554 2015-01-11 22:42:51Z richard $
+# $Id: alcasar-conf.sh 1564 2015-02-09 23:18:36Z richard $
 # alcasar-conf.sh
 # by REXY
 # This script is distributed under the Gnu General Public License (GPL)
 DIR_UPDATE="/tmp/conf"				# répertoire de stockage des fichier de conf pour une mise à jour
 DIR_WEB="/var/www/html"				# répertoire du centre de gestion
 DIR_BIN="/usr/local/bin"			# répertoire des scripts d'admin
 DIR_SBIN="/usr/local/sbin"			# répertoire des scripts d'admin
 DIR_ETC="/usr/local/etc"			# répertoire des fichiers de conf
-DIR_SAVE="/var/Save/system_backup"		# répertoire de sauvegarde
 CONF_FILE="$DIR_ETC/alcasar.conf"		# main alcasar conf file
 VERSION="/var/www/html/VERSION"			# contient la version en cours
 EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2`	# EXTernal InterFace
 INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2`	# INTernal InterFace
 HOSTNAME="alcasar"
 SED="/bin/sed -i"
 RUNNING_VERSION=`cat $VERSION|cut -d" " -f1`
 MAJ_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f1`
 MIN_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f2|cut -c1`
 UPD_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f3`
-DOMAIN=`grep DOMAIN $CONF_FILE|cut -d"=" -f2` 2>/dev/null # Error if (Version < 2.2) (no conf file)
+DOMAIN=`grep DOMAIN $CONF_FILE|cut -d"=" -f2` 2>/dev/null
 DOMAIN=${DOMAIN:=localdomain}
 DATE=`date '+%d %B %Y - %Hh%M'`
 private_network_calc ()
+{
 	PRIVATE_PREFIX=`/bin/ipcalc -p $PRIVATE_IP $PRIVATE_NETMASK |cut -d"=" -f2`				# prefixe du réseau (ex. 24)
 		cp -f /etc/dansguardian/lists/bannedurllist $DIR_UPDATE
 		cp -rf /etc/dansguardian/lists/blacklists/ossi $DIR_UPDATE
 # sauvegarde des fichiers : de conf, de filtrage, d'exception, digest, etc.
 		mkdir $DIR_UPDATE/etc/
 		cp -rf $DIR_ETC/* $DIR_UPDATE/etc/
-# particularité des versions
+# sauvegarde des certificats (serveur et CA)
+		cert_date=`/usr/bin/openssl x509 -noout -in /etc/pki/tls/certs/alcasar.crt -dates|grep After|cut -d"=" -f2`
+		cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE
+		cp -f /etc/pki/tls/private/alcasar.key $DIR_UPDATE
-# si version <= 2.8
+		cp -f /etc/pki/CA/alcasar-ca.crt $DIR_UPDATE
-		if [ $MAJ_RUNNING_VERSION -lt 2 ] || ([ $MAJ_RUNNING_VERSION -eq 2 ] && [ $MIN_RUNNING_VERSION -lt 8 ])
+		cp -f /etc/pki/CA/private/alcasar-ca.key $DIR_UPDATE
-		then
+		if [ -e /etc/pki/tls/certs/server-chain.crt ]; then
-			$SED "s?alcasar?alcasar.$DOMAIN?g" $DIR_UPDATE/etc/digest/*	# add the domainname to the hostname
+			cp -f /etc/pki/tls/certs/server-chain.crt $DIR_UPDATE
 		else
-# si version > 2.8 : sauvegarde des certificats (serveur et CA)
-			cert_date=`/usr/bin/openssl x509 -noout -in /etc/pki/tls/certs/alcasar.crt -dates|grep After|cut -d"=" -f2`
-			cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE
-			cp -f /etc/pki/tls/private/alcasar.key $DIR_UPDATE
-			cp -f /etc/pki/CA/alcasar-ca.crt $DIR_UPDATE
-			cp -f /etc/pki/CA/private/alcasar-ca.key $DIR_UPDATE
-			if [ -e /etc/pki/tls/certs/server-chain.crt ]; then
-				cp -f /etc/pki/tls/certs/server-chain.crt $DIR_UPDATE
-			else
-				cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE/server-chain.crt
+			cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE/server-chain.crt
-			fi
 		fi
-# Changes since V2.6
-# SSH_ADMIN_FROM is redefined
-		$SED "s?^Admin_from_IP=.*?SSH_ADMIN_FROM=0.0.0.0/0.0.0.0?" $CONF_FILE
-# macallowed is replaced with macauth
-		rm -f $DIR_UPDATE/etc/alcasar-macallowed
-# The option 'EXT_LAN_FILTERING' is deleted
-		$SED "/^EXT_LAN/d" $CONF_FILE
-# The category "ip" no longer exist
-		$SED "/\/ip\/urls/d" $DIR_UPDATE/bannedurllist;	$SED "/\/ip\/domains/d" $DIR_UPDATE/bannedsitelist
-		$SED "/blacklists\/ip/d" $DIR_UPDATE/etc/alcasar-bl-categories; $SED "/^ip/d" $DIR_UPDATE/etc/alcasar-bl-categories-enabled
-# BL and WL are now dynamically built in "/usr/local/share"
-		rm -rf $DIR_UPDATE/etc/alcasar-dnsfilter-enabled $DIR_UPDATE/etc/alcasar-dnsfilter-available
-# Bing et Youtube are added to the safesearching system
-		Bing=`grep bing $DIR_UPDATE/urlregexplist | wc -l`
-		if [ $Bing -ne "1" ]; then
-			SafeSearch=`grep ^\"\(\^http\:\/\/ $DIR_UPDATE/urlregexplist | wc -l`
-			if [ $SafeSearch -eq "0" ]; then
-			cat <<EOF >> $DIR_UPDATE/urlregexplist
-# Bing - add 'adlt=strict'
-#"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"
-# Youtube - add 'edufilter=your_ID'
-#"(^http://[0-9a-z]+\.youtube\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&edufilter=ABCD1234567890abcdef"
-EOF
-			else
-			cat <<EOF >> $DIR_UPDATE/urlregexplist
-# Bing - add 'adlt=strict'
-"(^http://[0-9a-z]+\.bing\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&adlt=strict"
-# Youtube - add 'edufilter=your_ID'
-"(^http://[0-9a-z]+\.youtube\.[a-z]+[-/%.0-9a-z]*\?)(.*)"->"\1\2&edufilter=ABCD1234567890abcdef"
-EOF
-			fi
-		fi
-# YOUTUBE_ID variable added in the conf file
-	YOUTUBE_ID=`grep ^YOUTUBE_ID $CONF_FILE | cut -d"=" -f2`
-	YOUTUBE_ID=${YOUTUBE_ID:="-1"}
-	if [ $YOUTUBE_ID = "-1" ]; then
-		echo "YOUTUBE_ID=ABCD1234567890abcdef" >> $CONF_FILE
-	fi
 # DNSMASQ conf file
 	 	cp /etc/sysconfig/dnsmasq $DIR_UPDATE
 # ALCASAR conf file
-	cp $CONF_FILE $DIR_UPDATE/etc/
+		cp $CONF_FILE $DIR_UPDATE/etc/
 # création de l'archive et copie dans le répertoire WEB associé
 		cd /tmp
 		tar -cf alcasar-conf.tar conf/
 		gzip -f alcasar-conf.tar
-		[ -d $DIR_SAVE ] && cp alcasar-conf.tar.gz $DIR_SAVE/$fichier
 		rm -rf $DIR_UPDATE
 		;;
 	--load|-load)
 		cd /tmp
 		tar -xf /tmp/alcasar-conf*.tar.gz

Subversion Repositories ALCASAR

(root)/scripts/alcasar-conf.sh @ 2974 – Rev 1554 → 1564