fatalerrors/init.sh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

several improvement and armonisation in filefct.sh, module auth and patch_snmp improved

Browse Source
This commit is contained in:
fatalerrors
2022-01-27 13:17:56 +01:00
parent baac34cb85
commit 55a9e49101
16 changed files with 204 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
init.sh
View File

@@ -36,7 +36,7 @@ export LC_ALL=C
export LANG=C export LANG=C
# Version of init # Version of init
export VERSION="0.99.14" export VERSION="0.99.15"
# Store script's path (realpath -s resolve symlinks if init.sh is a symlink) # Store script's path (realpath -s resolve symlinks if init.sh is a symlink)
export MYPATH=$(dirname $(realpath -s $0)) export MYPATH=$(dirname $(realpath -s $0))

86
lib/filefct.sh
View File

@@ -12,7 +12,7 @@
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Backup original installation files # Backup original installation files
# (or any old files if runned several time on same file) # (or any old files if runned several time on same file)
backupdist() backup_dist()
{ {
if [[ $# -lt 1 ]]; then if [[ $# -lt 1 ]]; then
prnt E "backupdist(): At least one argument is required." prnt E "backupdist(): At least one argument is required."
@@ -51,7 +51,7 @@ export -f backupdist
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Select source file according to our priority mechanisme # Select source file according to our priority mechanism
select_file() select_file()
{ {
local infile=$1 local infile=$1
@@ -69,10 +69,29 @@ select_file()
} }
# ------------------------------------------------------------------------------
# Select source directory according to our priority mechanism
select_directory()
{
local indir=$1
if [[ -d $MYPATH/repo/hosts/$HOSTNAME/$indir ]]; then
local source="$MYPATH/repo/hosts/$HOSTNAME/$indir"
elif [[ -d $MYPATH/repo/common/$indir ]]; then
local source="$MYPATH/repo/common/$indir"
else
# Not found in repository, we expect full name
local source="$indir"
fi
unset indir
echo $source
unset source
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Install file to the host (specific first then general) # Install file to the host (specific first then general)
# Todo: implement wildcard support # Todo: implement wildcard support
installfile() install_file()
{ {
local filelist="" local filelist=""
local i=0 local i=0
@@ -123,7 +142,7 @@ export -f installfile
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Add the content of a file at the end of an other # Add the content of a file at the end of an other
appendfile() append_file()
{ {
local srcfile=$(select_file $1) local srcfile=$(select_file $1)
local dstfile=$2 local dstfile=$2
@@ -148,7 +167,7 @@ export -f appendfile
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# determine if a directory is empty # determine if a directory is empty
isdirempty() is_dir_empty()
{ {
dir=$1 dir=$1
@@ -172,7 +191,7 @@ export -f isdirempty
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# copy and patch a file replacing all @var@ by the corresponding value in # copy and patch a file replacing all @var@ by the corresponding value in
# the environment or the variable list given in parameter # the environment or the variable list given in parameter
patchfile() patch_file()
{ {
local srcfile=$(select_file $1) && shift local srcfile=$(select_file $1) && shift
local dstfile=$1 && shift local dstfile=$1 && shift
@@ -217,7 +236,7 @@ export -f patchfile
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Put a small header in a file showing it have been automatically modified # Put a small header in a file showing it have been automatically modified
tagfile() tag_file()
{ {
for f in $@; do for f in $@; do
local text="# File automatically modified by init.sh on $(stdtime)." local text="# File automatically modified by init.sh on $(stdtime)."
@@ -233,17 +252,60 @@ export -f tagfile
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# check a file exists and return error if not # check files exists and return 1 if one do not
file_exists() file_exists()
{ {
prnt I "Checking $@ files existance..."
for f in $@; do for f in $@; do
if [[ ! -f $(select_file $f) ]]; then if [[ ! -f $(select_file $f) ]]; then
prnt E "file_exists(): The $f file is missing, can't continue." echo $f
die 10 return 1
fi fi
done done
return 0
} }
export -f file_exists export -f file_exists
# ------------------------------------------------------------------------------
# check if file exists and return error if not
file_must_exists()
{
prnt I "Checking $@ files existance..."
local mf=$(file_exists $@)
if [[ $? -ne 0 ]]; then
prnt E "file_must_exists(): The $mf file is missing, can't continue."
die 10
fi
unset mf
}
export -f file_must_exists
# ------------------------------------------------------------------------------
# check files exists and return 1 if one do not
directory_exists()
{
for d in $@; do
if [[ ! -d $(select_directory $d) ]]; then
echo $d
return 1
fi
done
return 0
}
export -f directory_exists
# ------------------------------------------------------------------------------
# check if file exists and return error if not
directory_must_exists()
{
prnt I "Checking $@ directories existance..."
local md=$(directory_exists $@)
if [[ $? -ne 0 ]]; then
prnt E "directory_must_exists(): The $md directory is missing, can't continue."
die 10
fi
unset md
}
export -f directory_must_exists
# EOF # EOF

55
modules/authnz.sh
View File

@@ -20,30 +20,51 @@
# * DEFAULT_SHELL: The shell to use when creating new users # * DEFAULT_SHELL: The shell to use when creating new users
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_authnz=0.1.6 export VER_authnz=0.2.0
export DEP_authnz="upgrade_dist" export DEP_authnz="upgrade_dist"
# Users (from Ldap) # Users (from Ldap)
add_remote_user() add_remote_user()
{ {
echo "+$1::::::" >> /etc/passwd if [[ $(grep "^$1:" /etc/passwd) ]]; then
echo "+$1::::::::" >> /etc/shadow prnt W "A local user with name $1 already exists, adding anyway!"
fi
if [[ $(grep "^+$1:" /etc/passwd) ]]; then
prnt W "The remote user $1 is already declared, nothing to do in passwd."
else
echo "+$1::::::" >> /etc/passwd
prnt I "User $1 added to passwd..."
fi
if [[ $(grep "^+$1:" /etc/passwd) ]]; then
prnt W "The remote user $1 is already connectable, nothing to do in shadow."
else
echo "+$1::::::::" >> /etc/shadow
prnt I "User $1 added to shadow..."
fi
} }
# Remove users # Remove users
remove_user() remove_user()
{ {
# Using sed is more universal than any distro commands if [[ $(grep "^$1:" /etc/{passwd,shadow,group,gshadow}) ]]; then
sed -i -e "/^$1/d" /etc/passwd /etc/shadow /etc/group /etc/gshadow # Using sed is more universal than any distro commands
sed -i -e "/^$1:/d" /etc/{passwd,shadow,group,gshadow}
else
prnt W "User $1 don't exists in auth files, nothing to do."
fi
} }
# Create a local user # Create a local user
create_user() create_local_user()
{ {
if [[ $(noerror --noout id $1) != 0 ]]; then if [[ $(noerror --noout id $1) != 0 ]]; then
prnt I "Creating user $1..." prnt I "Creating user $1..."
# The following should be replaced by a more universal version if [[ $(directory_exists home_skell) ]]; then
useradd --create-home --shell $DEFAULT_SHELL --user-group $1 useradd --create-home --shell $DEFAULT_SHELL --user-group $1 \
--skell $(select_directory home_skell)
else
useradd --create-home --shell $DEFAULT_SHELL --user-group $1
fi
else else
prnt W "The user $1 already exists. Nothing to do..." prnt W "The user $1 already exists. Nothing to do..."
fi fi
@@ -52,8 +73,8 @@ create_user()
# Authentication # Authentication
authnz() authnz()
{ {
backupdist /etc/passwd /etc/shadow /etc/group backup_dist /etc/passwd /etc/shadow /etc/group
tagfile /etc/passwd /etc/shadow /etc/group tag_file /etc/passwd /etc/shadow /etc/group
for usr in $REMOVE_USERS; do for usr in $REMOVE_USERS; do
prnt I "Removing user $usr..." prnt I "Removing user $usr..."
remove_user $usr remove_user $usr
@@ -62,14 +83,14 @@ authnz()
if [[ $WITH_LDAP_KERB == yes ]]; then if [[ $WITH_LDAP_KERB == yes ]]; then
pkginst krb5-user libpam-krb5 libnss-ldap libpam-ldap nscd pkginst krb5-user libpam-krb5 libnss-ldap libpam-ldap nscd
backupdist /etc/krb5.conf /etc/libnss-ldap.conf /etc/pam_ldap.conf \ backup_dist /etc/krb5.conf /etc/libnss-ldap.conf /etc/pam_ldap.conf \
/etc/nsswitch.conf /etc/pam.d/common-session \ /etc/nsswitch.conf /etc/pam.d/common-session \
/etc/pam.d/common-account /etc/pam.d/common-password \ /etc/pam.d/common-account /etc/pam.d/common-password \
/etc/pam.d/common-auth /etc/pam.d/common-auth
installfile authnz/krb5.conf authnz/libnss-ldap.conf \ install_file authnz/krb5.conf authnz/libnss-ldap.conf \
authnz/pam_ldap.conf authnz/nsswitch.conf /etc authnz/pam_ldap.conf authnz/nsswitch.conf /etc
tagfile /etc/krb5.conf /etc/libnss-ldap.conf /etc/pam-ldap.conf tag_file /etc/krb5.conf /etc/libnss-ldap.conf /etc/pam-ldap.conf
sed -i -e "s/@REALM@/${REALM^^}/g" -e "s/@DOMAIN@/$REALM/g" \ sed -i -e "s/@REALM@/${REALM^^}/g" -e "s/@DOMAIN@/$REALM/g" \
-e "s/@KDC_SERVER@/$KDC_SERVER/" -e "s/@KADM_SERVER@/$KADM_SERVER/" \ -e "s/@KDC_SERVER@/$KDC_SERVER/" -e "s/@KADM_SERVER@/$KADM_SERVER/" \
/etc/krb5.conf /etc/krb5.conf
@@ -79,8 +100,8 @@ authnz()
-e "s/@LDAP_ADM@/$LDAP_ADM/" /etc/pam-ldap.conf -e "s/@LDAP_ADM@/$LDAP_ADM/" /etc/pam-ldap.conf
installfile authnz/common-{session,account,password,auth} /etc/pam.d install_file authnz/common-{session,account,password,auth} /etc/pam.d
tagfile /etc/pam.d/common-{session,account,password,auth} tag_file /etc/pam.d/common-{session,account,password,auth}
scv_restart nscd scv_restart nscd
@@ -96,7 +117,7 @@ authnz()
for usr in $LOCAL_USERS; do for usr in $LOCAL_USERS; do
prnt I "Creating user $usr..." prnt I "Creating user $usr..."
create_user $usr create_local_user $usr
done done
} }
@@ -114,7 +135,7 @@ precheck_authnz()
else else
prnt W "No distant user but LDAP/Kerberos is activated!" prnt W "No distant user but LDAP/Kerberos is activated!"
fi fi
file_exists auth/{krb5,libnss-ldap,pam_ldap,nsswitch}.conf file_must_exists auth/{krb5,libnss-ldap,pam_ldap,nsswitch}.conf
pam/common-{session,account,password,auth} pam/common-{session,account,password,auth}
else else
if [[ -n $REMOTE_USERS ]]; then if [[ -n $REMOTE_USERS ]]; then

12
modules/conf_ceph.sh
View File

@@ -15,7 +15,7 @@
# Mount points are hardcoded and should bet set differently # Mount points are hardcoded and should bet set differently
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_conf_ceph="0.0.3" export VER_conf_ceph="0.0.4"
export DEP_conf_ceph="upgrade_dist" export DEP_conf_ceph="upgrade_dist"
conf_ceph() conf_ceph()
@@ -34,8 +34,8 @@ conf_ceph()
# hosts files required for Ceph bootstrap when DNS not yet started # hosts files required for Ceph bootstrap when DNS not yet started
if [[ ! $(grep "# Ceph" /etc/hosts) ]]; then if [[ ! $(grep "# Ceph" /etc/hosts) ]]; then
prnt I "Adding server list to /etc/hosts" prnt I "Adding server list to /etc/hosts"
backupdist /etc/hosts backup_dist /etc/hosts
tagfile /etc/hosts tag_file /etc/hosts
echo >> /etc/hosts echo >> /etc/hosts
echo "# Ceph servers:" >> /etc/hosts echo "# Ceph servers:" >> /etc/hosts
for srv in $CEPH_SRV_NAMES; do for srv in $CEPH_SRV_NAMES; do
@@ -47,7 +47,7 @@ conf_ceph()
prnt W "Ceph servers already in /etc/hosts, nothing to do" prnt W "Ceph servers already in /etc/hosts, nothing to do"
fi fi
backupdist /etc/fstab backup_dist /etc/fstab
prnt I "Adding ceph entries to /etc/fstab" prnt I "Adding ceph entries to /etc/fstab"
fstabchanged=true fstabchanged=true
echo >> /etc/fstab echo >> /etc/fstab
@@ -63,7 +63,7 @@ conf_ceph()
elif [[ $CEPH_STATUS == smb ]]; then elif [[ $CEPH_STATUS == smb ]]; then
pkginst smbclient pkginst smbclient
backupdist /etc/fstab backup_dist /etc/fstab
prnt I "Adding Samba entries to /etc/fstab" prnt I "Adding Samba entries to /etc/fstab"
fstabchanged=true fstabchanged=true
echo >> /etc/fstab echo >> /etc/fstab
@@ -90,7 +90,7 @@ conf_ceph()
fi fi
if [[ $fstabchanged == true ]]; then if [[ $fstabchanged == true ]]; then
tagfile /etc/fstab tag_file /etc/fstab
fi fi
unset fstabchanged unset fstabchanged

20
modules/conf_locale.sh
View File

@@ -20,14 +20,14 @@
# Character table (ISO or UTF) # Character table (ISO or UTF)
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_conf_locale="0.1.3" export VER_conf_locale="0.1.5"
conf_locale() conf_locale()
{ {
pkginst locales locales-all pkginst locales locales-all
local gen_fname=/etc/locale.gen local gen_fname=/etc/locale.gen
backupdist $gen_fname backup_dist $gen_fname
tagfile $gen_fname tag_file $gen_fname
# Removing locales not in the list # Removing locales not in the list
prnt I "Deactivating initial locales from installation..." prnt I "Deactivating initial locales from installation..."
@@ -49,16 +49,18 @@ conf_locale()
prnt I "Regenerating locales cache..." prnt I "Regenerating locales cache..."
locale-gen locale-gen
prnt I "Definingdsystem language..." prnt I "Defining system language..."
[[ ! $SYSLOCALE ]] && [[ -z $SYSLOCALE ]] &&
export SYSLOCALE=C export SYSLOCALE=C
local sys_fname=/etc/default/locale local sys_fname=/etc/default/locale
backupdist $sys_fname backup_dist $sys_fname
tagfile $sys_fname tag_file $sys_fname
echo "LANG=$SYSLOCALE" >> $sys_fname echo "LANG=$SYSLOCALE" >> $sys_fname
# We define all LC_* but LC_ALL as recommended by GNU
for cfg in ADDRESS IDENTIFICATION MEASUREMENT MONETARY NAME NUMERIC PAPER \ for cfg in ADDRESS IDENTIFICATION MEASUREMENT MONETARY NAME NUMERIC PAPER \
TELEPHONE TIME; do TELEPHONE TIME; do
echo "LC_$cfg=$SYSLOCALE" >> $sys_fname echo "LC_$cfg=$SYSLOCALE" >> $sys_fname
done done
} }
@@ -72,7 +74,7 @@ precheck_conf_locale()
fi fi
if [[ -z $SYSLOCALE ]]; then if [[ -z $SYSLOCALE ]]; then
prnt W "No system locale defined, we'll use s." prnt W "No system locale defined, we will use C as default."
export SYSLOCALE="C" export SYSLOCALE="C"
fi fi
prnt m "The default locale will be $SYSLOCALE" prnt m "The default locale will be $SYSLOCALE"

10
modules/conf_mail.sh
View File

@@ -13,7 +13,7 @@
# * MAIL_RELAY: Name of the mail relay server # * MAIL_RELAY: Name of the mail relay server
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_conf_mail="0.0.5" export VER_conf_mail="0.0.6"
export DEP_conf_mail="upgrade_dist" export DEP_conf_mail="upgrade_dist"
conf_mail() conf_mail()
@@ -24,12 +24,12 @@ conf_mail()
local pfmain="/etc/postfix/main.cf" local pfmain="/etc/postfix/main.cf"
prnt I "Configuration de postfix..." prnt I "Configuration de postfix..."
installfile postfix/main.cf $pfmain install_file postfix/main.cf $pfmain
tagfile $pfmain tag_file $pfmain
sed -i -e "s/@HOSTNAME@/$HOSTNAME/" -e "s/@REALM@/$REALM/" \ sed -i -e "s/@HOSTNAME@/$HOSTNAME/" -e "s/@REALM@/$REALM/" \
-e "s/@MAIL_RELAY@/$MAIL_RELAY/" $pfmain -e "s/@MAIL_RELAY@/$MAIL_RELAY/" $pfmain
tagfile /etc/mailname tag_file /etc/mailname
echo $HOSTNAME.$REALM > /etc/mailname echo $HOSTNAME.$REALM > /etc/mailname
svc_restart postfix svc_restart postfix
@@ -41,7 +41,7 @@ precheck_conf_mail()
prnt E "Aucun domaine principal renseigné." prnt E "Aucun domaine principal renseigné."
die 158 die 158
fi fi
file_exists postfix/main.cf file_must_exists postfix/main.cf
} }
export -f conf_mail export -f conf_mail

18
modules/conf_network.sh
View File

@@ -20,16 +20,16 @@
# * NET{4,6}_MANUAL_FILE_$iface: filename for manual configuration of $iface # * NET{4,6}_MANUAL_FILE_$iface: filename for manual configuration of $iface
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_conf_syslog="0.0.5" export VER_conf_syslog="0.0.6"
conf_network() conf_network()
{ {
local if_file="/etc/network/interfaces" local if_file="/etc/network/interfaces"
backupdist $if_file backup_dist $if_file
# The interfaces header contain loopback interface declaration # The interfaces header contain loopback interface declaration
installfile interfaces.head $if_file install_file interfaces.head $if_file
tagfile $if_file tag_file $if_file
# First configure IPv4 ifaces # First configure IPv4 ifaces
local iface= local iface=
@@ -61,7 +61,7 @@ conf_network()
elif [[ $(eval echo \$NET4_MODE_$iface) == manual ]]; then elif [[ $(eval echo \$NET4_MODE_$iface) == manual ]]; then
local fname=$(eval echo \$NET4_MANUAL_FILE_$iface) local fname=$(eval echo \$NET4_MANUAL_FILE_$iface)
appendfile $fname $if_file append_file $fname $if_file
unset fname unset fname
fi fi
done done
@@ -94,7 +94,7 @@ conf_network()
elif [[ $(eval echo \$NET6_MODE_$iface) == manual ]]; then elif [[ $(eval echo \$NET6_MODE_$iface) == manual ]]; then
local fname=$(eval echo \$NET6_MANUAL_FILE_$iface) local fname=$(eval echo \$NET6_MANUAL_FILE_$iface)
appendfile $fname $if_file append_file $fname $if_file
unset fname unset fname
fi fi
done done
@@ -105,7 +105,7 @@ conf_network()
precheck_conf_network() precheck_conf_network()
{ {
file_exists interfaces.head file_must_exists interfaces.head
if [[ -z $IPV4_IFACES ]]; then if [[ -z $IPV4_IFACES ]]; then
prnt W "No IPv4 interfaces to configure." prnt W "No IPv4 interfaces to configure."
else else
@@ -124,7 +124,7 @@ precheck_conf_network()
prnt I " * Interface $iface will use DHCP." prnt I " * Interface $iface will use DHCP."
;; ;;
"manual") "manual")
file_exists $(eval echo \$NET4_MANUAL_FILE_$iface) file_must_exists $(eval echo \$NET4_MANUAL_FILE_$iface)
prnt I " * Interface $iface will use manual IPv4 configuration in a file." prnt I " * Interface $iface will use manual IPv4 configuration in a file."
;; ;;
*) *)
@@ -153,7 +153,7 @@ precheck_conf_network()
prnt I " * Interface $iface will use DHCPv6." prnt I " * Interface $iface will use DHCPv6."
;; ;;
"manual") "manual")
file_exists $(eval echo \$NET6_MANUAL_FILE_$iface) file_must_exists $(eval echo \$NET6_MANUAL_FILE_$iface)
prnt I " * Interface $iface will use manual IPv6 configuration in a file." prnt I " * Interface $iface will use manual IPv6 configuration in a file."
;; ;;
*) *)

10
modules/conf_ntp.sh
View File

@@ -11,7 +11,7 @@
# * NTPSERVERS: list of NTP servers # * NTPSERVERS: list of NTP servers
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_conf_ntp="0.1.4" export VER_conf_ntp="0.1.5"
export DEP_conf_ntp="" export DEP_conf_ntp=""
conf_ntp() conf_ntp()
@@ -28,9 +28,9 @@ conf_ntp()
prnt I "Installation du fichier de configuration de NTP." prnt I "Installation du fichier de configuration de NTP."
local dest="/etc/ntp.conf.work" local dest="/etc/ntp.conf.work"
backupdist /etc/ntp.conf backup_dist /etc/ntp.conf
tagfile $dest tag_file $dest
installfile ntp.conf $dest install_file ntp.conf $dest
local line="" local line=""
for srv in $NTP_SERVERS; do for srv in $NTP_SERVERS; do
line="${line}server $srv iburst\n" line="${line}server $srv iburst\n"
@@ -52,7 +52,7 @@ precheck_conf_ntp()
prnt E "No configured NTP server!" prnt E "No configured NTP server!"
die 151 die 151
else else
file_exists ntp.conf file_must_exists ntp.conf
prnt m "The NTP servers to be used will be:" prnt m "The NTP servers to be used will be:"
for srv in $NTP_SERVERS; do for srv in $NTP_SERVERS; do
prnt m " * $srv" prnt m " * $srv"

10
modules/conf_ssh.sh
View File

@@ -11,7 +11,7 @@
# none # none
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_conf_ssh="0.1.1" export VER_conf_ssh="0.1.2"
export DEP_conf_ssh="upgrade_dist" export DEP_conf_ssh="upgrade_dist"
conf_ssh() conf_ssh()
@@ -24,9 +24,9 @@ conf_ssh()
prnt I "Installation des fichiers de configuration de SSH..." prnt I "Installation des fichiers de configuration de SSH..."
for f in /etc/ssh/ssh{,d}_config; do for f in /etc/ssh/ssh{,d}_config; do
backupdist $f backup_dist $f
installfile ssh/$(basename $f) $f install_file ssh/$(basename $f) $f
tagfile $f tag_file $f
done done
sed -i -e "s/@SSHD_PERMITROOT_RANGE@/$SSHD_PERMITROOT_RANGE/" /etc/ssh/sshd_config sed -i -e "s/@SSHD_PERMITROOT_RANGE@/$SSHD_PERMITROOT_RANGE/" /etc/ssh/sshd_config
@@ -36,7 +36,7 @@ conf_ssh()
precheck_conf_ssh() precheck_conf_ssh()
{ {
file_exists ssh/ssh{,d}_config file_must_exists ssh/ssh{,d}_config
} }
export -f conf_ssh export -f conf_ssh

10
modules/conf_syslog.sh
View File

@@ -11,15 +11,15 @@
# * SYSLOG_SRV: the syslog server name # * SYSLOG_SRV: the syslog server name
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_conf_syslog="0.0.3" export VER_conf_syslog="0.0.4"
conf_syslog() conf_syslog()
{ {
local syslogconf=/etc/rsyslog.conf local syslogconf=/etc/rsyslog.conf
prnt I "Configuration de rsyslog..." prnt I "Configuration de rsyslog..."
backupdist $syslogconf backup_dist $syslogconf
installfile rsyslog.conf $syslogconf install_file rsyslog.conf $syslogconf
tagfile $syslogconf tag_file $syslogconf
sed -i -e "s/@SYSLOG_SRV@/$SYSLOG_SRV/" $syslogconf sed -i -e "s/@SYSLOG_SRV@/$SYSLOG_SRV/" $syslogconf
svc_restart rsyslog svc_restart rsyslog
} }
@@ -30,7 +30,7 @@ precheck_conf_syslog()
prnt E "Undeclared syslog server name !" prnt E "Undeclared syslog server name !"
die 181 die 181
else else
file_exists rsyslog.conf file_must_exists rsyslog.conf
fi fi
} }

8
modules/install_chromium.sh
View File

@@ -13,14 +13,14 @@
# none # none
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_install_chromium="0.0.2" export VER_install_chromium="0.0.3"
export DEP_install_chromium="upgrade_dist" export DEP_install_chromium="upgrade_dist"
install_chromium() install_chromium()
{ {
# Add Debian Buster repo to sources.list.d directory # Add Debian Buster repo to sources.list.d directory
prnt I "Ajout du dépot Debian Buster aux sources logicielles..." prnt I "Ajout du dépot Debian Buster aux sources logicielles..."
installfile debian_buster.list /etc/apt/sources.list.d/ install_file debian_buster.list /etc/apt/sources.list.d/
# Install Debian GPG keys # Install Debian GPG keys
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys DCC9EFBF77E11517 apt-key adv --keyserver keyserver.ubuntu.com --recv-keys DCC9EFBF77E11517
@@ -29,8 +29,8 @@ install_chromium()
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 112695A0E562B32A apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 112695A0E562B32A
# Install package manager conf file for Chromium # Install package manager conf file for Chromium
installfile apt_chromium.conf /etc/apt/preferences.d/ install_file apt_chromium.conf /etc/apt/preferences.d/
tagfile /etc/apt/preferences.d/apt_chromium.conf tag_file /etc/apt/preferences.d/apt_chromium.conf
# Update package list and install # Update package list and install
prnt I "Mise à jour de la liste des dépots..." prnt I "Mise à jour de la liste des dépots..."

12
modules/install_mkagent.sh
View File

@@ -12,7 +12,7 @@
# * MK_PORT: Port check_mk agent will use to communicate with server # * MK_PORT: Port check_mk agent will use to communicate with server
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_install_mkagent="0.0.5" export VER_install_mkagent="0.0.6"
export DEP_install_mkagent="upgrade_dist install_pkg" export DEP_install_mkagent="upgrade_dist install_pkg"
install_mkagent() install_mkagent()
@@ -21,13 +21,13 @@ install_mkagent()
pkginst xinetd /tmp/check-mk-agent_${MK_VERSION}_all.deb pkginst xinetd /tmp/check-mk-agent_${MK_VERSION}_all.deb
rm /tmp/check-mk-agent_${MK_VERSION}_all.deb rm /tmp/check-mk-agent_${MK_VERSION}_all.deb
backupdist /etc/xinetd.d/check_mk backup_dist /etc/xinetd.d/check_mk
installfile cmk/check_mk /etc/xinetd.d/check_mk install_file cmk/check_mk /etc/xinetd.d/check_mk
tagfile /etc/xinetd.d/check_mk tag_file /etc/xinetd.d/check_mk
sed -i -e "s/@MK_SERVER_IP@/$MK_SERVER_IP/" /etc/xinetd.d/check_mk sed -i -e "s/@MK_SERVER_IP@/$MK_SERVER_IP/" /etc/xinetd.d/check_mk
mkdir -pv /usr/lib/check_mk_agent/plugins/28800 mkdir -pv /usr/lib/check_mk_agent/plugins/28800
installfile cmk/mk_apt /usr/lib/check_mk_agent/plugins/28800/mk_apt install_file cmk/mk_apt /usr/lib/check_mk_agent/plugins/28800/mk_apt
svc_restart xinetd svc_restart xinetd
} }
@@ -46,7 +46,7 @@ precheck_install_mkagent()
prnt E "Undeclared check_mk server." prnt E "Undeclared check_mk server."
die 162 die 162
fi fi
file_exists cmk/check_mk cmk/mk_apt file_must_exists cmk/check_mk cmk/mk_apt
} }
export -f install_mkagent export -f install_mkagent

8
modules/install_pkg.sh
View File

@@ -13,7 +13,7 @@
# * PKGSEL: List of package to install # * PKGSEL: List of package to install
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_install_pkg="0.1.4" export VER_install_pkg="0.1.5"
export DEP_install_pkg="upgrade_dist" export DEP_install_pkg="upgrade_dist"
install_pkg() install_pkg()
@@ -29,9 +29,9 @@ install_pkg()
for pkg in $PKGS_BLACKLIST; do for pkg in $PKGS_BLACKLIST; do
prnt I "Placing $pkg into the blacklist..." prnt I "Placing $pkg into the blacklist..."
local dest=/etc/apt/preferences.d/blacklist_$pkg local dest=/etc/apt/preferences.d/blacklist_$pkg
installfile pkgman/blacklist.conf $dest && install_file pkgman/blacklist.conf $dest &&
sed -i -e "s/@pkg@/pkg/" $dest sed -i -e "s/@pkg@/pkg/" $dest
tagfile $dest tag_file $dest
# If blacklisted we suppose uninstall as well (if neeeded) # If blacklisted we suppose uninstall as well (if neeeded)
pkgrm $pkg pkgrm $pkg
@@ -59,6 +59,7 @@ precheck_install_pkg()
if [[ -z PKGS_BLACKLIST ]]; then if [[ -z PKGS_BLACKLIST ]]; then
prnt W "The packages $pkg will be placed into the blacklist !" prnt W "The packages $pkg will be placed into the blacklist !"
file_must_exists pkgman/blacklist.conf
fi fi
if [[ -z $PKGSEL ]]; then if [[ -z $PKGSEL ]]; then
@@ -66,7 +67,6 @@ precheck_install_pkg()
else else
prnt I "$(echo $PKGSEL | wc -w) additionnal package have to be installed." prnt I "$(echo $PKGSEL | wc -w) additionnal package have to be installed."
fi fi
file_exists pkgman/blacklist.conf
} }
export -f install_pkg export -f install_pkg

22
modules/install_profile.sh
View File

@@ -8,12 +8,12 @@
# https://opensource.org/licenses/BSD-3-Clause # https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_install_profile="0.0.5" export VER_install_profile="0.0.6"
export DEP_install_profile="install_pkg" export DEP_install_profile="install_pkg"
install_profile() install_profile()
{ {
installfile profile/ansi_shadow.flf /usr/share/figlet/ansi_shadow.flf install_file profile/ansi_shadow.flf /usr/share/figlet/ansi_shadow.flf
local usrlist="/root" local usrlist="/root"
if find /home -mindepth 1 -maxdepth 1 -type d | read; then if find /home -mindepth 1 -maxdepth 1 -type d | read; then
@@ -21,22 +21,22 @@ install_profile()
fi fi
for usr in $usrlist; do for usr in $usrlist; do
backupdist $usr/{.,}profile $usr/.bashrc backup_dist $usr/{.,}profile $usr/.bashrc
installfile profile/{{.,}profile,.bashrc} $usr/ install_file profile/{{.,}profile,.bashrc} $usr/
tagfile $usr/{{.,}profile,.bashrc} tag_file $usr/{{.,}profile,.bashrc}
installfile profile/.tmux/.tmux.conf{,.local} $usr/ install_file profile/.tmux/.tmux.conf{,.local} $usr/
tagfile $usr/.tmux.conf{,.local} tag_file $usr/.tmux.conf{,.local}
done done
unset usrlist unset usrlist
backupdist /etc/motd backup_dist /etc/motd
installfile profile/motd /etc/motd install_file profile/motd /etc/motd
tagfile /etc/motd tag_file /etc/motd
} }
precheck_install_profile() precheck_install_profile()
{ {
file_exists profile/{{.,}profile,.bashrc,.tmux/.tmux.conf{,.local}} file_must_exists profile/{{.,}profile,.bashrc,.tmux/.tmux.conf{,.local}}
} }
export -f install_profile export -f install_profile

21
modules/patch_snmp.sh
View File

@@ -8,22 +8,25 @@
# https://opensource.org/licenses/BSD-3-Clause # https://opensource.org/licenses/BSD-3-Clause
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_patch_snmp="0.0.3" export VER_patch_snmp="0.1.0"
export DEP_patch_snmp="install_pkg" export DEP_patch_snmp="install_pkg"
patch_snmp() patch_snmp()
{ {
pkginst snmpd pkginst snmpd
backupdist /etc/snmp/snmpd.conf /etc/default/snmpd \ backup_dist /etc/snmp/snmpd.conf /etc/default/snmpd \
/lib/systemd/system/snmpd.service /etc/init.d/snmpd /lib/systemd/system/snmpd.service /etc/init.d/snmpd
installfile snmpd/snmpd.conf /etc/snmp/snmpd.conf install_file snmpd/snmpd.conf /etc/snmp/snmpd.conf
tagfile /etc/snmp/snmpd.conf tagfile /etc/snmp/snmpd.conf
# No longer required with Debian >= 11 or Devuan >= 4 # No longer required with Debian >= 11 or Devuan >= 4
# installfile snmpd/snmpd.init /etc/init.d/snmpd if [[ ($SYS_DIST == 'debian' && $SYS_VER -lt 11) ||
installfile snmpd/snmpd.default /etc/default/snmpd ($SYS_DIST == 'devuan' && $SYS_VER -lt 4) ]]; then
tagfile /etc/default/snmpd install_file snmpd/snmpd.init /etc/init.d/snmpd
fi
install_file snmpd/snmpd.default /etc/default/snmpd
tag_file /etc/default/snmpd
if [[ -e /lib/systemd/system/snmpd.service ]]; then if [[ -e /lib/systemd/system/snmpd.service ]]; then
installfile snmpd/snmpd.service /lib/systemd/system/snmpd.service install_file snmpd/snmpd.service /lib/systemd/system/snmpd.service
if command -v systemctl &> /dev/null; then if command -v systemctl &> /dev/null; then
systemctl daemon-reload systemctl daemon-reload
fi fi
@@ -33,9 +36,9 @@ patch_snmp()
precheck_patch_snmp() precheck_patch_snmp()
{ {
file_exists snmpd/snmpd.{conf,default} file_must_exists snmpd/snmpd.{conf,default}
if [[ -e /lib/systemd/system/snmpd.service ]]; then if [[ -e /lib/systemd/system/snmpd.service ]]; then
file_exists snmpd/snmpd.service file_must_exists snmpd/snmpd.service
fi fi
} }

16
modules/upgrade_dist.sh
View File

@@ -15,7 +15,7 @@
# * PROXY_SRV_PORT: Working port for general purpose proxy if one declared # * PROXY_SRV_PORT: Working port for general purpose proxy if one declared
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
export VER_upgrade_dist="0.2.2" export VER_upgrade_dist="0.2.3"
# As aptitude might fail if clock is too far from real time, we need to depend # As aptitude might fail if clock is too far from real time, we need to depend
# on ntp # on ntp
@@ -26,10 +26,10 @@ upgrade_dist()
local proxyfile=/etc/apt/apt.conf.d/00proxy local proxyfile=/etc/apt/apt.conf.d/00proxy
local norecommends=/etc/apt/apt.conf.d/99no-recommends local norecommends=/etc/apt/apt.conf.d/99no-recommends
# We backup entire apt dir as future version will normalise source.list files # We backup entire apt dir
backupdist /etc/apt backup_dist /etc/apt
prnt I "Basic apt configuration..." prnt I "Basic apt configuration..."
tagfile $norecommend tag_file $norecommend
echo 'APT::Install-Recommends "false";' >> $norecommends echo 'APT::Install-Recommends "false";' >> $norecommends
echo 'APT::AutoRemove::RecommendsImportant "false";' >> $norecommends echo 'APT::AutoRemove::RecommendsImportant "false";' >> $norecommends
echo 'APT::AutoRemove::SuggestsImportant "false";' >> $norecommends echo 'APT::AutoRemove::SuggestsImportant "false";' >> $norecommends
@@ -42,17 +42,17 @@ upgrade_dist()
die 60 die 60
) )
fi fi
tagfile $proxyfile tag_file $proxyfile
echo "Acquire::http::Proxy \"http://${PROXY_APT}:${PROXY_APT_PORT}\";" >> $proxyfile echo "Acquire::http::Proxy \"http://${PROXY_APT}:${PROXY_APT_PORT}\";" >> $proxyfile
elif [[ -n $PROXY_SRV ]]; then elif [[ -n $PROXY_SRV ]]; then
tagfile $proxyfile tag_file $proxyfile
echo "Acquire::http::Proxy \"http://${PROXY_SRV}:${PROXY_SRV_PORT}\";" >> $proxyfile echo "Acquire::http::Proxy \"http://${PROXY_SRV}:${PROXY_SRV_PORT}\";" >> $proxyfile
else else
prnt I "No proxy configured, nothing to do." prnt I "No proxy configured, nothing to do."
fi fi
# Remplace source.list from dist with ours (be smarter) # Remplace source.list from dist with ours (be smarter)
installfile "pkgman/${SYS_DIST}_${SYS_VER}.list" /etc/apt/sources.list install_file "pkgman/${SYS_DIST}_${SYS_VER}.list" /etc/apt/sources.list
prnt I "Updating package list..." prnt I "Updating package list..."
pkgupdt pkgupdt
@@ -80,7 +80,7 @@ precheck_upgrade_dist()
prnt E "A general proxy server have been specified but not its working port." prnt E "A general proxy server have been specified but not its working port."
die 160 die 160
fi fi
file_exists pkgman/${SYS_DIST}_${SYS_VER}.list file_must_exists pkgman/${SYS_DIST}_${SYS_VER}.list
} }
cron_upgrade_dist() cron_upgrade_dist()