Subversion Repositories ALCASAR

Rev

Rev 3200 | Rev 3206 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
2941 rexy 1
#!/bin/bash
2
 
3
# alcasar-rpm.sh
4
# by 3abtux and Rexy
5
# This script is distributed under the Gnu General Public License (GPL)
6
 
2990 rexy 7
# script de mise en place des dépots RPM + installation des RPM complémentaires
8
# configure the RPM repository + complementary RPM installation
2941 rexy 9
 
10
Lang=`echo $LANG|cut -c 1-2`
2971 rexy 11
SED="/bin/sed -i"
3190 rexy 12
VERSION="9"
2941 rexy 13
ARCH="x86_64"
14
# The kernel version we compile netflow for
3203 rexy 15
KERNEL="kernel-server-6.6.28-1.mga9"
2941 rexy 16
# ****** Alcasar needed RPMS - paquetages nécessaires au fonctionnement d'Alcasar ******
17
# (old) perl-Socket6 : needed by nfsen
18
# "fonts-dejavu-common" & "fonts-ttf-dejavu" : fonts needed by wkhtmltopdf
3077 rexy 19
# "lsscsi" & nvme-cli" & "php-dom" : needed by phpsysinfo
2941 rexy 20
# "socat" : avoid a warning when run the install script of letsencrypt ("acme.sh")
21
# "sudo" : needed after a reinstallation (to be investigated)
3053 rexy 22
# "postfix" + "cyrus-sasl" + "lib64sasl2-plug-plain" : email registration method
3193 rexy 23
# "nmap" : "/usr/share/nmap/nmap-mac-prefixes" is used to display MAC manufacturers in ACC
24
 
3190 rexy 25
PACKAGES="vim-enhanced freeradius freeradius-mysql freeradius-ldap lighttpd lighttpd-mod_auth php-fpm php-gd php-ldap php-mysqli php-mbstring php-sockets php-curl php-pdo_sqlite php-cli php-dom php-filter unbound e2guardian postfix mariadb ntpsec bind-utils openssh-server rng-utils rsync fail2ban gnupg2 ulogd ipset usb_modeswitch vnstat dos2unix p7zip msec kernel-userspace-headers kernel-firmware kernel-firmware-nonfree dhcp-server tcpdump fonts-dejavu-common fonts-ttf-dejavu lsscsi nvme-cli sudo socat postfix cyrus-sasl lib64sasl2-plug-plain iftop"
2941 rexy 26
 
27
rpm_repository_sync ()
28
{
3111 rexy 29
	cat <<EOF > /etc/urpmi/urpmi.cfg
2941 rexy 30
{
31
downloader: wget
32
}
33
EOF
3111 rexy 34
	echo ${!MIRRORLIST}
35
	urpmi.addmedia core --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/core/release
36
	urpmi.addmedia core-updates --update --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/core/updates
37
	urpmi.addmedia nonfree --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/nonfree/release
38
	urpmi.addmedia nonfree-updates --update --probe-synthesis --mirrorlist ${!MIRRORLIST} /media/nonfree/updates
2941 rexy 39
}
40
 
41
rpm_error ()
42
{
3111 rexy 43
	# restore previous rpm conf file & removed RPMs
44
	[ -e /etc/urpmi/urpmi.cfg.old ] && mv /etc/urpmi/urpmi.cfg.old /etc/urpmi/urpmi.cfg
45
	urpmi --no-verify-rpm --auto rpms/$ARCH/wkhtmltopdf*.rpm
46
	echo
47
	if [ $Lang == "fr" ]
48
	then
49
		echo "Relancez l'installation ultérieurement."
50
		echo "Si vous rencontrez à nouveau ce problème, modifier les variables MIRRORLIST[1&2] du fichier 'scripts/alcasar-rpm.sh'"
51
	else
52
		echo "Try an other install later."
53
		echo "If this problem occurs again, change the MIRRORLIST[1&2] variables in the file 'scripts/alcasar-rpm.sh'"
54
	fi
2941 rexy 55
}
56
 
57
# We prefer wget than curl
58
urpmi --no-verify-rpm --auto rpms/$ARCH/wget*.rpm
59
 
60
# Set the RPM repository (if not already set)
3111 rexy 61
cp /etc/urpmi/urpmi.cfg /etc/urpmi/urpmi.cfg.old
2941 rexy 62
ACTIVE_REPO=`cat /etc/urpmi/urpmi.cfg|grep "mageia.org"|wc -l`
2990 rexy 63
MIRROR_NBR=3
64
#                       For French
65
MIRRORLIST1="http://ftp.free.fr/mirrors/mageia.org/distrib/$VERSION/$ARCH"
2941 rexy 66
#                       For Europeans
2990 rexy 67
MIRRORLIST2="https://www.mirrorservice.org/pub/mageia/distrib/$VERSION/$ARCH"
68
#                       For everybody
69
MIRRORLIST3="https://mirrors.mageia.org/api/mageia.$VERSION.$ARCH.list"
2941 rexy 70
try_nb="0"; nb_repository="0"
71
while [ "$nb_repository" != "4" ]
72
do
73
	try_nb=`expr $try_nb + 1`
74
	MIRRORLIST="MIRRORLIST$try_nb"
75
	rpm_repository_sync
76
	nb_repository=`cat /etc/urpmi/urpmi.cfg|grep mirrorlist|wc -l`
77
	if [ "$nb_repository" != "4" ]
78
	then
79
		if [ $Lang == "fr" ]
80
		then
81
			echo "Une erreur a été détectée lors de la synchronisation avec le dépot N°$try_nb."
82
		else
83
			echo "An error occurs when synchronising the repositories N°$try_nb"
84
		fi
85
		if [ $(expr $try_nb) -eq $MIRROR_NBR ]
86
		then
87
			rpm_error
88
			exit 1
89
		fi
90
		if [ $Lang == "fr" ]
91
		then
92
			echo "Voulez-vous tenter une synchronisation avec un autre dépôt ? (O/n)"
93
		else
94
			echo "Do you want to try a synchronisation with an other repository? (Y/n)"
95
		fi
96
		response=0
97
		PTN='^[oOnNyY]?$'
98
		until [[ "$response" =~ $PTN ]]
99
		do
100
			read response
101
		done
102
		if [ "$response" = "n" ] || [ "$response" = "N" ]
103
		then
3111 rexy 104
			[ -e /etc/urpmi/urpmi.cfg.old ] && mv /etc/urpmi/urpmi.cfg.old /etc/urpmi/urpmi.cfg # restore previous rpm conf file
2941 rexy 105
			exit 1
106
		fi
107
	fi
108
done
3093 rexy 109
 
3200 rexy 110
# Clean the RPM cache
111
urpmi --clean
112
 
3093 rexy 113
# At this time, we only skip Kernel update
114
echo "/^kernel/" > /etc/urpmi/skip.list
3190 rexy 115
if [ `grep -E '^exclude=' /etc/dnf/dnf.conf |wc -l` -eq "1" ]; then
3093 rexy 116
	$SED "s?^exclude=.*?exclude=kernel\*?g" /etc/dnf/dnf.conf
117
else
118
	echo "exclude=kernel*" >> /etc/dnf/dnf.conf
119
fi
120
 
2941 rexy 121
# download the kernel used by ALCASAR
122
if [ $Lang == "fr" ]
123
then
124
	echo "Récupération du noyau Linux exploité par ALCASAR. Veuillez patienter ..."
125
else
126
	echo "Download the Linux kernel used by ALCASAR. Please wait ..."
127
fi
128
urpmi --auto --quiet $KERNEL
3093 rexy 129
 
2941 rexy 130
# download updated RPM in cache
131
if [ $Lang == "fr" ]
132
then
133
	echo "Récupération des paquetages de mise à jour. Veuillez patienter ..."
134
	echo "Il est temps d'aller prendre un café (ou une bonne bière) ;-)"
135
else
136
	echo "Updated RPM download. Please wait ..."
137
	echo "You should now take a coffe (or a good beer) ;-)"
138
fi
139
urpmi --auto --auto-update --quiet --test --retry 2
140
if [ "$?" != "0" ]
141
then
142
	echo
143
	if [ $Lang == "fr" ]
144
	then
145
		echo "Une erreur a été détectée lors de la récupération des paquetages."
146
	else
147
		echo "An error occurs when downloading RPMS"
148
	fi
149
	rpm_error
150
	exit 1
151
fi
152
 
153
# update with cached RPM
154
urpmi --auto --auto-update
155
if [ "$?" != "0" ]
156
then
157
	echo
158
	if [ $Lang == "fr" ]
159
	then
160
		echo "Une erreur a été détectée lors de la mise à jour des paquetages."
161
	else
162
		echo "An error occurs when updating packages"
163
	fi
164
	rpm_error
165
	exit 1
166
fi
167
 
168
# Download of ALCASAR specifics RPM in cache (and test)
169
if [ $Lang == "fr" ]
170
then
171
	echo "Récupération des paquetages complémentaires. Veuillez patienter ..."
172
else
173
	echo "Download of complementary packages. Please wait ..."
174
fi
175
urpmi --auto --no-recommends $PACKAGES --quiet --test --retry 2
176
if [ "$?" != "0" ]
177
then
178
	echo
179
	if [ $Lang == "fr" ]
180
	then
181
		echo "Une erreur a été détectée lors de la récupération des paquetages complémentaires."
182
	else
183
		echo "An error occurs when downloading complementary packages"
184
	fi
185
	rpm_error
186
	exit 1
187
fi
188
 
189
# update with cached RPM
190
urpmi --auto --no-recommends $PACKAGES
191
if [ "$?" != "0" ]
192
then
193
	echo
194
	if [ $Lang == "fr" ]
195
	then
196
		echo "Une erreur a été détectée lors de l'installation des paquetages complémentaires."
197
	else
198
		echo "An error occurs when installing complementary packages"
199
	fi
200
	rpm_error
201
	exit 1
202
fi
203
 
204
# Keep only the kernel version we compil netflow with, and remove all others
205
kernelVersion=$(rpm -qa | grep -e ^kernel-server -e ^kernel-desktop)
206
for i in $kernelVersion
207
do
208
	if [ $i != $KERNEL ];then
209
		urpme --auto $i
210
	fi
211
done
3093 rexy 212
 
2941 rexy 213
# delete unused RPMs
214
if [ $Lang == "fr" ]
215
then
216
	echo "Cleaning the system : "
217
else
218
	echo "Nettoyage du système : "
219
fi
3170 rexy 220
unused_rpm="shorewall mandi plymouth squid polkit pm-utils dnsmasq clamav clamd clamav-db"
2988 rexy 221
/usr/sbin/urpme --auto -a $unused_rpm
3093 rexy 222
for rpm in `rpm -qa|grep mga7`; do urpme --auto $rpm; done
2941 rexy 223
/usr/sbin/urpme --auto --auto-orphans
224
 
225
# Save chilli launch script (erase with new rpm one)
226
[ -e /etc/chilli.conf ] && cp /etc/chilli.conf /tmp/
227
# Install home made RPMs
228
for pkg in `ls rpms/$ARCH/*.rpm`
229
do
230
    urpmi --no-verify --auto $pkg
231
done
232
# restore chilli launch script
233
[ -e /tmp/chilli.conf ] && mv /tmp/chilli.conf /etc/
3093 rexy 234
 
2941 rexy 235
# Clean the RPM cache
236
urpmi --clean
237
# the ipt-netflow RPM add the kernel module ipt_NETFLOW (the modules dependance tree need to be updated). "2>/dev/null" in order not to display a error (the running kernel is not the ALCASAR one during the installation process)
238
/sbin/depmod -a 2>/dev/null
239
# test if all needed rpms are correctly installed
240
count_pkg=0; nb_pkg=0;
241
for pkg in $PACKAGES
242
do
243
	nb_pkg=`expr $nb_pkg + 1`
244
	if rpm -q --quiet $pkg ; then
245
		count_pkg=`expr $count_pkg + 1`
246
	else
247
		echo "error installing $pkg"
248
	fi
249
done
250
if [ $count_pkg -ne $nb_pkg ]
251
then
252
	exit 1
253
fi
3093 rexy 254
 
2941 rexy 255
# test if all custom rpms are correctly installed
256
count_pkg=0; nb_pkg=0;
257
for pkg in `ls rpms/$ARCH/|sed 's/.x86_64.rpm//'`
258
do
259
	nb_pkg=`expr $nb_pkg + 1`
260
	if rpm -q --quiet $pkg ; then
261
		count_pkg=`expr $count_pkg + 1`
262
	else
263
		echo "error installing $pkg"
264
	fi
265
done
266
if [ $count_pkg -ne $nb_pkg ]
267
then
268
	exit 1
269
fi
3104 rexy 270
 
271
# .rpmnew handling (unused with ALCASAR)
272
[ -e /etc/shadow.rpmnew ] && rm -f /etc/shadow.rpmnew
273
[ -e /etc/sysconfig/system.rpmnew ] && rm -f /etc/sysconfig/system.rpmnew
274
[ -e /etc/rpm/macros.rpmnew ] && rm -f /etc/rpm/macros.rpmnew
275
[ -e /etc/fstab.rpmnew ] && rm -f /etc/fstab.rpmnew
276
[ -e /etc/shells.rpmnew ] && rm -f /etc/shells.rpmnew
277
[ -e /etc/hosts.rpmnew ] && rm -f /etc/hosts.rpmnew
278
[ -e /etc/systemd/journald.conf.rpmnew ] && rm -f /etc/systemd/journald.conf.rpmnew
279
[ -e /etc/raddb/certs/dh.rpmnew ] && rm -f /etc/raddb/certs/dh.rpmnew
280
 
281
# .rpmnew handling (used with ALCASAR)
282
[ -e /etc/php.ini.rpmnew ] && mv -f /etc/php.ini.rpmnew /etc/php.ini.default
283
[ -e /etc/lighttpd/lighttpd.conf.rpmnew ] && mv -f /etc/lighttpd/lighttpd.conf.rpmnew /etc/lighttpd/lighttpd.conf.default
284
[ -e /etc/lighttpd/modules.conf.rpmnew ] && mv -f /etc/lighttpd/modules.conf.rpmnew /etc/lighttpd/modules.conf.default
285
[ -e /etc/e2guardian/e2guardian.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardian.conf.rpmnew /etc/e2guardian/e2guardian.conf.default
286
[ -e /etc/e2guardian/e2guardianf1.conf.rpmnew ] && mv -f /etc/e2guardian/e2guardianf1.conf.rpmnew /etc/e2guardian/e2guardianf1.conf.default
287
[ -e /etc/e2guardian/lists/urlregexplist.rpmnew ] && mv -f /etc/e2guardian/lists/urlregexplist.rpmnew /etc/e2guardian/lists/urlregexplist.default
288
[ -e /etc/e2guardian/lists/bannedregexpurllist.rpmnew ] && mv -f /etc/e2guardian/lists/bannedregexpurllist.rpmnew /etc/e2guardian/lists/bannedregexpurllist.default
289
[ -e /etc/vnstat.conf.rpmnew ] && mv -f /etc/vnstat.conf.rpmnew /etc/vnstat.conf.default
290
[ -e /etc/fail2ban/jail.conf.rpmnew ] && mv -f /etc/fail2ban/jail.conf.rpmnew /etc/fail2ban/jail.conf.default
291
[ -e /etc/ssh/sshd_config.rpmnew ] && mv -f /etc/ssh/sshd_config.rpmnew /etc/ssh/sshd_config.default
292
 
2941 rexy 293
exit 0