Subversion Repositories ALCASAR

Rev

Rev 3103 | Rev 3111 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2941 rexy 1
#!/bin/bash
2
 
3
# alcasar-rpm.sh
4
# by 3abtux and Rexy
5
# This script is distributed under the Gnu General Public License (GPL)
6
 
2990 rexy 7
# script de mise en place des dépots RPM + installation des RPM complémentaires
8
# configure the RPM repository + complementary RPM installation
2941 rexy 9
 
10
Lang=`echo $LANG|cut -c 1-2`
2971 rexy 11
SED="/bin/sed -i"
3077 rexy 12
VERSION="8"
2941 rexy 13
ARCH="x86_64"
14
# The kernel version we compile netflow for
3103 rexy 15
KERNEL="kernel-server-5.15.82-1.mga8-1-1.mga8"
2941 rexy 16
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
17
# (old) perl-Socket6 : needed by nfsen
18
# "fonts-dejavu-common" & "fonts-ttf-dejavu" : fonts needed by wkhtmltopdf
3077 rexy 19
# "lsscsi" & nvme-cli" & "php-dom" : needed by phpsysinfo
2941 rexy 20
# "socat" : avoid a warning when run the install script of letsencrypt ("acme.sh")
21
# "sudo" : needed after a reinstallation (to be investigated)
2990 rexy 22
# "clamav" + "clamav-db" : needed because of a lack of mutual dependance
3053 rexy 23
# "postfix" + "cyrus-sasl" + "lib64sasl2-plug-plain" : email registration method
3099 rexy 24
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm php-gd php-ldap php-mysqli php-mbstring php-sockets php-curl php-pdo_sqlite php-cli php-dom unbound e2guardian postfix mariadb ntp bind-utils openssh-server rng-utils rsync clamav clamav-db clamd fail2ban gnupg2 ulogd ipset usb_modeswitch vnstat dos2unix p7zip msec kernel-userspace-headers kernel-firmware kernel-firmware-nonfree dhcp-server tcpdump fonts-dejavu-common fonts-ttf-dejavu lsscsi nvme-cli sudo socat postfix cyrus-sasl lib64sasl2-plug-plain iftop"
2941 rexy 25
 
26
rpm_repository_sync ()
27
{
28
cat <<EOF > /etc/urpmi/urpmi.cfg
29
{
30
downloader: wget
31
}
32
EOF
33
echo ${!MIRRORLIST}
34
urpmi.addmedia core --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/core/release
35
urpmi.addmedia core-updates --update --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/core/updates
36
urpmi.addmedia nonfree --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/nonfree/release
37
urpmi.addmedia nonfree-updates --update --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/nonfree/updates
38
}
39
 
40
rpm_error ()
41
{
42
echo
43
if [ $Lang == "fr" ]
44
then
45
	echo "Relancez l'installation ultérieurement."
46
	echo "Si vous rencontrez à nouveau ce problème, modifier les variables MIRRORLIST[1&2] du fichier 'scripts/alcasar-rpm.sh'"
47
else
48
	echo "Try an other install later."
49
	echo "If this problem occurs again, change the MIRRORLIST[1&2] variables in the file 'scripts/alcasar-rpm.sh'"
50
fi
51
}
52
 
53
# extract the current Mageia version and hardware architecture (i586 ou X64)
54
fic=`cat /etc/product.id`
55
old="$IFS"
56
IFS=","
57
set $fic
58
for i in $*
59
do
60
	if [ "`echo $i|grep distribution|cut -d'=' -f1`" == "distribution" ]
61
	then
62
		DISTRIBUTION=`echo $i|cut -d"=" -f2`
63
	fi
64
	if [ "`echo $i|grep version|cut -d'=' -f1`" == "version" ]
65
	then
66
		CURRENT_VERSION=`echo $i|cut -d"=" -f2`
67
	fi
68
	if [ "`echo $i|grep arch|cut -d'=' -f1`" == "arch" ]
69
	then
70
		ARCH=`echo $i|cut -d"=" -f2`
71
	fi
72
done
73
IFS="$old"
74
 
75
# We prefer wget than curl
76
urpmi --no-verify-rpm --auto rpms/$ARCH/wget*.rpm
77
 
78
# Set the RPM repository (if not already set)
79
ACTIVE_REPO=`cat /etc/urpmi/urpmi.cfg|grep "mageia.org"|wc -l`
2990 rexy 80
MIRROR_NBR=3
81
#                       For French
82
MIRRORLIST1="http://ftp.free.fr/mirrors/mageia.org/distrib/$VERSION/$ARCH"
2941 rexy 83
#                       For Europeans
2990 rexy 84
MIRRORLIST2="https://www.mirrorservice.org/pub/mageia/distrib/$VERSION/$ARCH"
85
#                       For everybody
86
MIRRORLIST3="https://mirrors.mageia.org/api/mageia.$VERSION.$ARCH.list"
2941 rexy 87
try_nb="0"; nb_repository="0"
88
while [ "$nb_repository" != "4" ]
89
do
90
	try_nb=`expr $try_nb + 1`
91
	MIRRORLIST="MIRRORLIST$try_nb"
92
	rpm_repository_sync
93
	nb_repository=`cat /etc/urpmi/urpmi.cfg|grep mirrorlist|wc -l`
94
	if [ "$nb_repository" != "4" ]
95
	then
96
		if [ $Lang == "fr" ]
97
		then
98
			echo "Une erreur a été détectée lors de la synchronisation avec le dépot N°$try_nb."
99
		else
100
			echo "An error occurs when synchronising the repositories N°$try_nb"
101
		fi
102
		if [ $(expr $try_nb) -eq $MIRROR_NBR ]
103
		then
104
			rpm_error
105
			exit 1
106
		fi
107
		if [ $Lang == "fr" ]
108
		then
109
			echo "Voulez-vous tenter une synchronisation avec un autre dépôt ? (O/n)"
110
		else
111
			echo "Do you want to try a synchronisation with an other repository? (Y/n)"
112
		fi
113
		response=0
114
		PTN='^[oOnNyY]?$'
115
		until [[ "$response" =~ $PTN ]]
116
		do
117
			read response
118
		done
119
		if [ "$response" = "n" ] || [ "$response" = "N" ]
120
		then
121
			exit 1
122
		fi
123
	fi
124
done
3093 rexy 125
 
126
# At this time, we only skip Kernel update
127
echo "/^kernel/" > /etc/urpmi/skip.list
128
if [ `egrep '^exclude=' /etc/dnf/dnf.conf |wc -l` -eq "1" ]; then
129
	$SED "s?^exclude=.*?exclude=kernel\*?g" /etc/dnf/dnf.conf
130
else
131
	echo "exclude=kernel*" >> /etc/dnf/dnf.conf
132
fi
133
 
134
# Remove some RPMs in order to avoid error and automatic update
135
urpme wkhtmltopdf freeradius-ldap
136
 
2941 rexy 137
# download the kernel used by ALCASAR
138
if [ $Lang == "fr" ]
139
then
140
	echo "Récupération du noyau Linux exploité par ALCASAR. Veuillez patienter ..."
141
else
142
	echo "Download the Linux kernel used by ALCASAR. Please wait ..."
143
fi
144
urpmi --auto --quiet $KERNEL
3093 rexy 145
 
2941 rexy 146
# download updated RPM in cache
147
if [ $Lang == "fr" ]
148
then
149
	echo "Récupération des paquetages de mise à jour. Veuillez patienter ..."
150
	echo "Il est temps d'aller prendre un café (ou une bonne bière) ;-)"
151
else
152
	echo "Updated RPM download. Please wait ..."
153
	echo "You should now take a coffe (or a good beer) ;-)"
154
fi
155
urpmi --auto --auto-update --quiet --test --retry 2
156
if [ "$?" != "0" ]
157
then
158
	echo
159
	if [ $Lang == "fr" ]
160
	then
161
		echo "Une erreur a été détectée lors de la récupération des paquetages."
162
	else
163
		echo "An error occurs when downloading RPMS"
164
	fi
165
	rpm_error
166
	exit 1
167
fi
168
 
169
# update with cached RPM
170
urpmi --auto --auto-update
171
if [ "$?" != "0" ]
172
then
173
	echo
174
	if [ $Lang == "fr" ]
175
	then
176
		echo "Une erreur a été détectée lors de la mise à jour des paquetages."
177
	else
178
		echo "An error occurs when updating packages"
179
	fi
180
	rpm_error
181
	exit 1
182
fi
183
# Clean the RPM cache
184
urpmi --clean
185
 
186
# Download of ALCASAR specifics RPM in cache (and test)
187
if [ $Lang == "fr" ]
188
then
189
	echo "Récupération des paquetages complémentaires. Veuillez patienter ..."
190
else
191
	echo "Download of complementary packages. Please wait ..."
192
fi
193
urpmi --auto --no-recommends $PACKAGES --quiet --test --retry 2
194
if [ "$?" != "0" ]
195
then
196
	echo
197
	if [ $Lang == "fr" ]
198
	then
199
		echo "Une erreur a été détectée lors de la récupération des paquetages complémentaires."
200
	else
201
		echo "An error occurs when downloading complementary packages"
202
	fi
203
	rpm_error
204
	exit 1
205
fi
206
 
207
# update with cached RPM
208
urpmi --auto --no-recommends $PACKAGES
209
if [ "$?" != "0" ]
210
then
211
	echo
212
	if [ $Lang == "fr" ]
213
	then
214
		echo "Une erreur a été détectée lors de l'installation des paquetages complémentaires."
215
	else
216
		echo "An error occurs when installing complementary packages"
217
	fi
218
	rpm_error
219
	exit 1
220
fi
221
 
222
# Keep only the kernel version we compil netflow with, and remove all others
223
kernelVersion=$(rpm -qa | grep -e ^kernel-server -e ^kernel-desktop)
224
for i in $kernelVersion
225
do
226
	if [ $i != $KERNEL ];then
227
		urpme --auto $i
228
	fi
229
done
3093 rexy 230
 
2941 rexy 231
# delete unused RPMs
232
if [ $Lang == "fr" ]
233
then
234
	echo "Cleaning the system : "
235
else
236
	echo "Nettoyage du système : "
237
fi
3104 rexy 238
unused_rpm="shorewall mandi plymouth squid polkit pm-utils dnsmasq"
2988 rexy 239
/usr/sbin/urpme --auto -a $unused_rpm
3093 rexy 240
for rpm in `rpm -qa|grep mga7`; do urpme --auto $rpm; done
2941 rexy 241
/usr/sbin/urpme --auto --auto-orphans
242
 
243
# Save chilli launch script (erase with new rpm one)
244
[ -e /etc/chilli.conf ] && cp /etc/chilli.conf /tmp/
245
# Install home made RPMs
246
for pkg in `ls rpms/$ARCH/*.rpm`
247
do
248
    urpmi --no-verify --auto $pkg
249
done
250
# restore chilli launch script
251
[ -e /tmp/chilli.conf ] && mv /tmp/chilli.conf /etc/
3093 rexy 252
 
2941 rexy 253
# Clean the RPM cache
254
urpmi --clean
255
# the ipt-netflow RPM add the kernel module ipt_NETFLOW (the modules dependance tree need to be updated). "2>/dev/null" in order not to display a error (the running kernel is not the ALCASAR one during the installation process)
256
/sbin/depmod -a 2>/dev/null
257
# test if all needed rpms are correctly installed
258
count_pkg=0; nb_pkg=0;
259
for pkg in $PACKAGES
260
do
261
	nb_pkg=`expr $nb_pkg + 1`
262
	if rpm -q --quiet $pkg ; then
263
		count_pkg=`expr $count_pkg + 1`
264
	else
265
		echo "error installing $pkg"
266
	fi
267
done
268
if [ $count_pkg -ne $nb_pkg ]
269
then
270
	exit 1
271
fi
3093 rexy 272
 
2941 rexy 273
# test if all custom rpms are correctly installed
274
count_pkg=0; nb_pkg=0;
275
for pkg in `ls rpms/$ARCH/|sed 's/.x86_64.rpm//'`
276
do
277
	nb_pkg=`expr $nb_pkg + 1`
278
	if rpm -q --quiet $pkg ; then
279
		count_pkg=`expr $count_pkg + 1`
280
	else
281
		echo "error installing $pkg"
282
	fi
283
done
284
if [ $count_pkg -ne $nb_pkg ]
285
then
286
	exit 1
287
fi
3104 rexy 288
 
289
# .rpmnew handling (unused with ALCASAR)
290
[ -e /etc/shadow.rpmnew ] && rm -f /etc/shadow.rpmnew
291
[ -e /etc/sysconfig/system.rpmnew ] && rm -f /etc/sysconfig/system.rpmnew
292
[ -e /etc/rpm/macros.rpmnew ] && rm -f /etc/rpm/macros.rpmnew
293
[ -e /etc/fstab.rpmnew ] && rm -f /etc/fstab.rpmnew
294
[ -e /etc/shells.rpmnew ] && rm -f /etc/shells.rpmnew
295
[ -e /etc/hosts.rpmnew ] && rm -f /etc/hosts.rpmnew
296
[ -e /etc/systemd/journald.conf.rpmnew ] && rm -f /etc/systemd/journald.conf.rpmnew
297
[ -e /etc/raddb/certs/dh.rpmnew ] && rm -f /etc/raddb/certs/dh.rpmnew
298
 
299
# .rpmnew handling (used with ALCASAR)
300
[ -e /etc/php.ini.rpmnew ] && mv -f /etc/php.ini.rpmnew /etc/php.ini.default
301
[ -e /etc/lighttpd/lighttpd.conf.rpmnew ] && mv -f /etc/lighttpd/lighttpd.conf.rpmnew /etc/lighttpd/lighttpd.conf.default
302
[ -e /etc/lighttpd/modules.conf.rpmnew ] && mv -f /etc/lighttpd/modules.conf.rpmnew /etc/lighttpd/modules.conf.default
303
[ -e /etc/e2guardian/e2guardian.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardian.conf.rpmnew /etc/e2guardian/e2guardian.conf.default
304
[ -e /etc/e2guardian/e2guardianf1.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardianf1.conf.rpmnew /etc/e2guardian/e2guardianf1.conf.default
305
[ -e /etc/e2guardian/lists/urlregexplist.rpmnew ] && mv -f /etc/e2guardian/lists/urlregexplist.rpmnew /etc/e2guardian/lists/urlregexplist.default
306
[ -e /etc/e2guardian/lists/bannedregexpurllist.rpmnew ] && mv -f /etc/e2guardian/lists/bannedregexpurllist.rpmnew /etc/e2guardian/lists/bannedregexpurllist.default
307
[ -e /etc/clamd.conf.rpmnew ] && mv -f /etc/clamd.conf.rpmnew /etc/clamd.conf.default
308
[ -e /etc/freshclam.conf.rpmnew ] && mv -f /etc/freshclam.conf.rpmnew /etc/freshclam.conf.default
309
[ -e /etc/vnstat.conf.rpmnew ] && mv -f /etc/vnstat.conf.rpmnew /etc/vnstat.conf.default
310
[ -e /etc/fail2ban/jail.conf.rpmnew ] && mv -f /etc/fail2ban/jail.conf.rpmnew /etc/fail2ban/jail.conf.default
311
[ -e /etc/ssh/sshd_config.rpmnew ] && mv -f /etc/ssh/sshd_config.rpmnew /etc/ssh/sshd_config.default
312
 
2941 rexy 313
exit 0