home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
ftp.ac-grenoble.fr
/
2015.02.ftp.ac-grenoble.fr.tar
/
ftp.ac-grenoble.fr
/
pub
/
slis
/
updates_rsync
/
slis_update-2.0
< prev
next >
Wrap
Text File
|
2004-06-22
|
127KB
|
4,376 lines
#!/bin/bash
# slis_update-2.0
# Script de mise α jour tΘlΘchargΘ rΘguliΦrement par rsync par tous les
# serveurs SLIS version initiale 2.0
# This script is part of the SLIS Project initiated by the CARMI-Internet
# (AcadΘmie de Grenoble - France 38).
# Ce script fait partie du projet SLIS dΘmarrΘ par le CARMI-Internet
# (AcadΘmie de Grenoble - France 38).
#
# SLIS : Serveur de communications Linux pour l'Internet Scolaire.
# Copyright (C) 1998-2000 Bruno Bzeznik
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program (For example ./COPYING);
# if not, write to the Free Software Foundation, Inc., 675 Mass Ave,
# Cambridge, MA 02139, USA.
#
# Please send all comments and bug reports by electronic mail to:
# Bruno Bzeznik <Bruno@ac-grenoble.fr>
# or to <slis@ac-grenoble.fr>
#
# Envoyez vos suggestions et reports de bugs par e-mail α
# Bruno Bzeznik <Bruno@ac-grenoble.fr>
# ou α <slis@ac-grenoble.fr>
#
### VARIABLES ###
UPDDIR=/home/hadmin/updates # Rep pour les flags
LOGTAG="slis_update[$$]" # Ce qui apparait en syslog
PAS_UPD_KERNEL=0 # Si ce flag est a un, alors la mise a jour du noyau
# (qui necessite reboot) ne sera pas faite cette fois.
# Recuperation de la variable HOSTNAME :
grep HOSTNAME /etc/sysconfig/network > /tmp/hostname
. /tmp/hostname
rm -rf /tmp/hostname
WEBMASTER=`ls -ld /home/httpd/html |awk '{print $3}'` # Webmaster designΘ par l'admin local
. /home/hadmin/slis.conf
##################
# Gestion d'un lock
if [ -e /var/lock/slis_upd ]
then
logger -t "$LOGTAG" "Deja en cours. Abandon."
exit
fi
touch /var/lock/slis_upd
sleep 1
logger -t "$LOGTAG" "Script Version 2.0 Debut."
############################################################################
### Mise a jour 2.0-1 - 24/06/2000
# Correction de petits bugs de l'interface quant a l'affichage des utilisateurs
# car dans RH6.2, il y a des comptes en plus dans /etc/passwd
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-1 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.0-1.tgz .
cd /
tar zxf /tmp/upd-2.0-1.tgz
touch $UPDDIR/2.0-1
logger -t "$LOGTAG" "UPDATE 2.0-1 effectuee."
fi
###
############################################################################
### Mise a jour 137 - 04/07/2000
# Update securite wu_ftpd
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/137 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/wu-ftpd-2.6.0-14.6x.i386.rpm .
rpm -U ./wu-ftpd-2.6.0-14.6x.i386.rpm
touch $UPDDIR/137
logger -t "$LOGTAG" "Update 137 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-3b - 04/07/2000
# Ouverture de la ligne numeris (si existante) au demarrage
# Rend obsolete : 2.0-3
############################################################################
if [ ! \( -e $UPDDIR/2.0-3b \) ]
then
echo "ping -c 1 -w 20 $SMART_HOST_IP > /dev/null" > /etc/rc.d/rc3.d/S11Ouverture_ligne
echo "ping -c 1 -w 40 $SMART_HOST_IP > /dev/null" >> /etc/rc.d/rc3.d/S11Ouverture_ligne
chmod 755 /etc/rc.d/rc3.d/S11Ouverture_ligne
touch $UPDDIR/2.0-3b
logger -t "$LOGTAG" "UPDATE 2.0-3b effectuee."
fi
###
############################################################################
### Mise a jour 2.0-5 - 13/07/2000
# Bug smb. Lancement de smb au demarrage
# Rend obsolete:
############################################################################
if [ ! \( -e $UPDDIR/2.0-5 \) ]
then
rm -rf /etc/rc.d/rc3.d/K*smb
rm -rf /etc/rc.d/rc5.d/K*smb
ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc3.d/S91smb
ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc5.d/S91smb
/etc/rc.d/init.d/smb start >/dev/null 2>/dev/null
touch $UPDDIR/2.0-5
logger -t "$LOGTAG" "UPDATE 2.0-5 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-6 - 31/08/2000
# Update securite makewhatis
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-6 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/man-1.5h1-2.6.x.i386.rpm .
rpm -U ./man-1.5h1-2.6.x.i386.rpm
touch $UPDDIR/2.0-6
logger -t "$LOGTAG" "Update 2.0-6 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-7 - 31/08/2000
# Update securite pam
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-7 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/pam-0.72-20.i386.rpm .
rpm -U ./pam-0.72-20.i386.rpm
touch $UPDDIR/2.0-7
logger -t "$LOGTAG" "Update 2.0-7 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-8b - 27/09/2000
# Nouvelle fonction: aspiration de sites
# Rend obsolete : 2.0-8
############################################################################
if [ ! \( -e $UPDDIR/2.0-8b \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/wget-1.5.3-6.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-web-get.tgz .
rpm -U ./wget-1.5.3-6.i386.rpm
cd /
tar zxf /tmp/upd-web-get.tgz
$SLIS_BINDIR/mkwgetlauncher
touch $UPDDIR/2.0-8b
logger -t "$LOGTAG" "Update 2.0-8b effectuee."
fi
###
############################################################################
### Mise a jour CS-1b - 28/09/2000
# Ameliorations fonction aspiration de sites
# Rend obsolete : 2.0-9,2.0-9b,2.0-9c,CS-1
############################################################################
if [ ! \( -e $UPDDIR/CS-1b \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-web-get-1.tgz .
cd /
tar zxf /tmp/upd-web-get-1.tgz
# Generation d'une heure de mirroring aleatoire
r=`/usr/local/sbin/rand60`
if [ $r -ge 0 -a $r -lt 10 ]; then h="21"; fi
if [ $r -ge 10 -a $r -lt 20 ]; then h="22"; fi
if [ $r -ge 20 -a $r -lt 30 ]; then h="23"; fi
if [ $r -ge 30 -a $r -lt 40 ]; then h="00"; fi
if [ $r -ge 40 -a $r -lt 50 ]; then h="01"; fi
if [ $r -ge 50 ]; then h="02"; fi
$SLIS_BINDIR/remplace 23 $h $SLIS_BINDIR/mkwgetlauncher
mkdir /home/httpd/html/miroirs
touch /home/httpd/html/miroirs/.miroirs
chmod 755 $SLIS_BINDIR/mkwgetlauncher
$SLIS_BINDIR/mkwgetlauncher
touch $UPDDIR/CS-1b
logger -t "$LOGTAG" "Update CS-1b effectuee."
fi
###
############################################################################
### Mise a jour CS-2 - 02/10/2000
# Correction de quelques petits bugs:
# - web_get*: simplification et modif de la fonction d'aspiration et ajout
# d'explications sur la recursivite. Correc faute d'orthographe.
# - users_listdel.html: message "obsolete"
# - squid_purge: ajout d'un GMT-2 pour workaround heures affichees par prostat
# Rend obsolete : CS-2
############################################################################
if [ ! \( -e $UPDDIR/CS-2 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-CS-2.tgz .
cd /
tar zxf /tmp/upd-CS-2.tgz
touch $UPDDIR/CS-2
logger -t "$LOGTAG" "Update CS-2 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-10 - 02/10/2000
# Update securite syslog
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-10 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/sysklogd-1.3.31-17.i386.rpm .
rpm -U ./sysklogd-1.3.31-17.i386.rpm
/etc/rc.d/init.d/syslog restart >/dev/null 2>/dev/null
touch $UPDDIR/2.0-10
logger -t "$LOGTAG" "Update 2.0-10 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-12 - 12/10/2000
# Manque un lien
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-12 \) ]
then
ln -fs /usr/local/sbin/etrn.pl /usr/local/sbin/etrn
touch $UPDDIR/2.0-12
logger -t "$LOGTAG" "Update 2.0-12 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-13 - 19/10/2000
# Nouveau binaire sendmail et nouvelle conf avec anti-spam
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-13 \) ]
then
# Telechargement de l'update
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.0-13.tgz .
# Arret de sendmail
/etc/rc.d/init.d/sendmail stop >/dev/null 2>/dev/null
sleep 3
/etc/rc.d/init.d/sendmail stop >/dev/null 2>/dev/null
sleep 1
killall -9 sendmail >/dev/null 2>/dev/null
# Si apres ca, il n'est pas mort..!
# Decompactage
cd /
tar zxf /tmp/upd-2.0-13.tgz
touch /etc/mail/statistics
ln -s /etc/sendmail.cf /etc/mail/sendmail.cf
# Lancement du configurateur
$SLIS_BINDIR/mksendmailcf
# Demarrage de sendmail
/etc/rc.d/init.d/sendmail start >/dev/null 2>/dev/null
touch $UPDDIR/2.0-13
logger -t "$LOGTAG" "Update 2.0-13 effectuee."
fi
###
############################################################################
### Mise a jour CS-3 - 26/10/2000
# Nouveau sendmail.cf
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/CS-3 \) ]
then
# Telechargement de l'update
cd /etc
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/sendmail.cf.slis.gz .
rm -rf sendmail.cf.slis
gzip -d sendmail.cf.slis.gz
# Arret de sendmail
/etc/rc.d/init.d/sendmail stop >/dev/null 2>/dev/null
sleep 3
/etc/rc.d/init.d/sendmail stop >/dev/null 2>/dev/null
sleep 1
killall -9 sendmail >/dev/null 2>/dev/null
# Si apres ca, il n'est pas mort..!
# Lancement du configurateur
$SLIS_BINDIR/mksendmailcf
# Demarrage de sendmail
/etc/rc.d/init.d/sendmail start >/dev/null 2>/dev/null
touch $UPDDIR/CS-3
logger -t "$LOGTAG" "Update CS-3 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-vnc - 5/11/2000
# Nouvelle fonction: prise en main distante sur le reseau local par VNC
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-vnc -o -e $UPDDIR/vnc \) ]
then
# Telechargement de l'update
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-vnc.tgz .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/ipmasqadm-0.4.2-2.i386.rpm .
rpm -U ipmasqadm-0.4.2-2.i386.rpm
cd /
tar zxf /tmp/upd-vnc.tgz
# Ajout dans /etc/rc.local
echo "# Ajout par upd-vnc" >> /etc/rc.d/rc.local
echo "cp -f /dev/null /var/spool/vncports" >> /etc/rc.d/rc.local
touch $UPDDIR/2.0-vnc
logger -t "$LOGTAG" "Update vnc effectuee."
fi
###
############################################################################
### Mise a jour 2.0-14 - 09/11/2000 - Nouvelle version le 04/12/2000
# Updates securite
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-14 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/iputils-20001010-1.6x.i386.rpm .
rpm -e gnupg
rpm -e ypbind yp-tools
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/rmt-0.4b19-5.6x.i386.rpm .
rpm -F iputils-20001010-1.6x.i386.rpm
rpm -F rmt-0.4b19-5.6x.i386.rpm
touch $UPDDIR/2.0-14
logger -t "$LOGTAG" "Update 2.0-14 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-15 - 27/11/2000
# Mise a jour du systeme rpm
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-15 \) ]
then
# Telechargement du RPM
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/rpm-3.0.5-9.6x.i386.rpm .
# Installation du RPM
rpm -U rpm-3.0.5-9.6x.i386.rpm
# Verification et fin de la MAJ
rpm -q rpm-3.0.5-9.6x > /dev/null 2> /dev/null
if [ $? = 0 ]
then
touch $UPDDIR/2.0-15
logger -t "$LOGTAG" "Update 2.0-15 effectuee."
else
logger -t "$LOGTAG" "Update 2.0-15 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-16 - 04/12/2000
# Install de postgres
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-16 \) ]
then
# Telechargement des RPMS
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/postgresql-7.0.3-2.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/postgresql-server-7.0.3-2.i386.rpm .
# Installation des RPMS
rpm -U postgresql-7.0.3-2.i386.rpm
rpm -U postgresql-server-7.0.3-2.i386.rpm 2> /dev/null
/sbin/ldconfig
# Verification et fin de la MAJ
rpm -q postgresql-server-7.0.3-2 > /dev/null 2> /dev/null
if [ $? = 0 ]
then
touch $UPDDIR/2.0-16
logger -t "$LOGTAG" "Update 2.0-16 effectuee."
else
logger -t "$LOGTAG" "Update 2.0-16 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-17 - 27/11/2000
# Install de php4+mod_php4+php-pgsql
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-17 \) ]
then
# Telechargement des RPMS
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/libjpeg-6b-10.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/php-4.0.3pl1-1.6.2slis.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/php-pgsql-4.0.3pl1-1.6.2slis.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/mod_php-4.0.3pl1-1.6.2slis.i386.rpm .
# Installation des RPMS
rpm -U libjpeg-6b-10.i386.rpm
rpm -U php-4.0.3pl1-1.6.2slis.i386.rpm
rpm -U php-pgsql-4.0.3pl1-1.6.2slis.i386.rpm
rpm -U mod_php-4.0.3pl1-1.6.2slis.i386.rpm
# Verification et fin de la MAJ
rpm -q php-pgsql-4.0.3pl1-1.6.2slis > /dev/null 2> /dev/null
RC1=$?
rpm -q mod_php-4.0.3pl1-1.6.2slis > /dev/null 2> /dev/null
if [ $? = 0 -a $RC1 = 0 ]
then
# Un php.ini specifique pour hadmin
sed "s/max_execution_time = 30/max_execution_time = 120/" /etc/php.ini > /etc/hadmin/php.ini
sed "s,/usr/sbin/httpd -f /etc/hadmin/conf/httpd.conf,export PHPRC=\"/etc/hadmin\";/usr/sbin/httpd -f /etc/hadmin/conf/httpd.conf;export -n PHPRC," /etc/rc.d/rc.local > /tmp/rc.local
cp -f /etc/rc.d/rc.local /etc/rc.d/rc.local.upd-2.0-17
mv -f /tmp/rc.local /etc/rc.d/rc.local
chmod 755 /etc/rc.d/rc.local
# Activation du safe mode php dans le php.ini du httpd standard
sed "s/^safe_mode.*=.*Off/safe_mode = On/" /etc/php.ini > /tmp/php.ini
mv -f /tmp/php.ini /etc/php.ini
sed "s,safe_mode_exec_dir.*=.*,safe_mode_exec_dir = /usr/local/phpexec," /etc/php.ini > /tmp/php.ini
mv -f /tmp/php.ini /etc/php.ini
mkdir /usr/local/phpexec
# Flag de la MAJ
touch $UPDDIR/2.0-17
logger -t "$LOGTAG" "Update 2.0-17 effectuee."
else
logger -t "$LOGTAG" "Update 2.0-17 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-18 - 01/12/2000
# MAJ d'apache
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-18 \) ]
then
# Telechargement des paquetages
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/apache-1.3.14-2.6.2.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.0-18.tgz .
# Installation du RPM apache et de l'archive contenant la conf
/etc/rc.d/init.d/httpd stop
killall httpd
rpm -U apache-1.3.14-2.6.2.i386.rpm
cd /
tar zxf /tmp/upd-2.0-18.tgz
RC1=$?
# Remise en etat des droits au cas ou l'archive ne soit pas correcte
chown -R hadmin.hadmin /etc/hadmin
chmod -R 750 /etc/hadmin
chown -R nobody.nobody /etc/httpd
chmod -R 750 /etc/httpd
# Redemarrage
/etc/rc.d/init.d/httpd start
export PHPRC="/etc/hadmin"
/usr/sbin/httpd -f /etc/hadmin/conf/httpd.conf
export -n PHPRC
# Verifications et fin de la MAJ
rpm -q apache-1.3.14-2.6.2 > /dev/null 2> /dev/null
if [ $? = 0 -a $RC1 = 0 ]
then
touch $UPDDIR/2.0-18
logger -t "$LOGTAG" "Update 2.0-18 effectuee."
else
logger -t "$LOGTAG" "Update 2.0-18 ECHEC."
fi
fi
###
############################################################################
### Mise a jour CS-5 - 04/12/2000
# Bug de mkwgetlaucher et mkpushsiteconf (crontab mal programmee)
# Rend obsolete : C-5
############################################################################
if [ ! \( -e $UPDDIR/CS-5 \) ]
then
# Aspiration
cd /usr/local/sbin
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/mkwgetlauncher .
chmod 755 /usr/local/sbin/mkwgetlauncher
/usr/local/sbin/mkwgetlauncher
# Replication
cd /usr/local/sbin
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/mkpushsiteconf .
chmod 755 /usr/local/sbin/mkpushsiteconf
/usr/local/sbin/mkpushsiteconf
touch $UPDDIR/CS-5
logger -t "$LOGTAG" "UPDATE CS-5 effectuee"
fi
###
############################################################################
### Mise a jour CS-6 - 05/12/2000
# Initialisation de postgres
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/CS-6 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-CS-6.tgz .
cd /
tar zxf /tmp/upd-CS-6.tgz
chmod 1777 /tmp
# mot de passe postgres
POSTGRESPASS=`$SLIS_BINDIR/pspg`
# mot de passe hadmin
ADMINPASS=`$SLIS_BINDIR/pspg`
# mot de passe slis
SLISPASS=`$SLIS_BINDIR/pspg`
# Stockage des mots de passe dans des fichiers de conf
# Fichier de conf pour le php de l'interface SLIS
echo "<?php" > /home/hadmin/html/config_pgsql.inc.php
echo "\$POSTGRESPASS=\"$POSTGRESPASS\";" >> /home/hadmin/html/config_pgsql.inc.php
echo "\$POSTGRESUSER=\"postgres\";" >> /home/hadmin/html/config_pgsql.inc.php
echo "\$ADMINPASS=\"$ADMINPASS\";" >> /home/hadmin/html/config_pgsql.inc.php
echo "\$ADMINUSER=\"hadmin\";" >> /home/hadmin/html/config_pgsql.inc.php
echo "\$SLISPASS=\"$SLISPASS\";" >> /home/hadmin/html/config_pgsql.inc.php
echo "\$SLISUSER=\"slis\";" >> /home/hadmin/html/config_pgsql.inc.php
echo "\$PGSQL_SERVER=\"127.0.0.1\";" >> /home/hadmin/html/config_pgsql.inc.php
echo "\$BASE_HADMIN=\"hadmin\";" >> /home/hadmin/html/config_pgsql.inc.php
echo "\$BASE_DHCP=\"dhcp\";" >> /home/hadmin/html/config_pgsql.inc.php
echo "\$BASE_SLIS=\"slis\";" >> /home/hadmin/html/config_pgsql.inc.php
echo "?>" >> /home/hadmin/html/config_pgsql.inc.php
# Fichier de conf pour perl
echo "\$POSTGRESPASS=\"$POSTGRESPASS\";" > /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
echo "\$POSTGRESUSER=\"postgres\";" >> /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
echo "\$ADMINPASS=\"$ADMINPASS\";" >> /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
echo "\$ADMINUSER=\"hadmin\";" >> /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
echo "\$SLISPASS=\"$SLISPASS\";" >> /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
echo "\$SLISUSER=\"slis\";" >> /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
echo "\$PGSQL_SERVER=\"127.0.0.1\";" >> /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
echo "\$BASE_HADMIN=\"hadmin\";" >> /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
echo "\$BASE_DHCP=\"dhcp\";" >> /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
echo "\$BASE_SLIS=\"slis\";" >> /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
# Fichier de conf pour le php des utilisateurs
echo "<?php" > /home/httpd/html/config_pgsql.inc.php
echo "\$PGSQL_PASS=\"$SLISPASS\";" >> /home/httpd/html/config_pgsql.inc.php
echo "\$PGSQL_USER=\"slis\";" >> /home/httpd/html/config_pgsql.inc.php
echo "\$PGSQL_SERVER=\"127.0.0.1\";" >> /home/httpd/html/config_pgsql.inc.php
echo "\$PGSQL_BASE=\"slis\";" >> /home/httpd/html/config_pgsql.inc.php
echo "?>" >> /home/httpd/html/config_pgsql.inc.php
# Securite sur ces fichiers de config
chmod 750 /home/hadmin/html/config_pgsql.inc.php
chown hadmin.hadmin /home/hadmin/html/config_pgsql.inc.php
chmod 750 /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
chown hadmin.hadmin /home/hadmin/cgi-bin/base/config_pgsql.inc.pl
chmod 750 /home/httpd/html/config_pgsql.inc.php
chown nobody.nobody /home/httpd/html/config_pgsql.inc.php
# Premier demarrage de postgres
/etc/rc.d/init.d/postgresql start
# Config du boot
/sbin/chkconfig --add postgresql
# Appel du script d'init qui tourne sous postgres
su - postgres -c "$SLIS_BINDIR/init_pgsql.sh $POSTGRESPASS $ADMINPASS $SLISPASS> /dev/null"
rm -rf /tmp/dhcp.dump
touch $UPDDIR/CS-6
logger -t "$LOGTAG" "UPDATE CS-6 effectuee"
fi
###
############################################################################
### Mise a jour CS-7 - 05/12/2000
# Installation de l'interface d'administration dhcp
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/CS-7 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-CS-7.tgz .
cd /
tar zxf /tmp/upd-CS-7.tgz
RC=$?
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/CS-7
logger -t "$LOGTAG" "Update CS-7 effectuee."
else
logger -t "$LOGTAG" "Update CS-7 ECHEC."
fi
fi
###
############################################################################
### Mise a jour CS-8 - 07/12/2000
# Installation de phppgadmin
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/CS-8 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-CS-8.tgz .
cd /
tar zxf /tmp/upd-CS-8.tgz
RC=$?
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/CS-8
logger -t "$LOGTAG" "Update CS-8 effectuee."
else
logger -t "$LOGTAG" "Update CS-8 ECHEC."
fi
fi
###
############################################################################
### Mise a jour CS-9 - 07/12/2000
# Patch pour supprimmer postgres des users affichΘs
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/CS-9 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-CS-9.tgz .
cd /
tar zxf /tmp/upd-CS-9.tgz
RC=$?
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/CS-9
logger -t "$LOGTAG" "Update CS-9 effectuee."
else
logger -t "$LOGTAG" "Update CS-9 ECHEC."
fi
fi
###
############################################################################
### Mise a jour CS-10 - 12/12/2000
# MAJ de l'interface dhcp
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/CS-10 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-CS-10.tgz .
cd /
tar zxf /tmp/upd-CS-10.tgz
RC=$?
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/CS-10
logger -t "$LOGTAG" "Update CS-10 effectuee."
else
logger -t "$LOGTAG" "Update CS-10 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-19 - 05/12/2000
# MAJ d'arpwatch
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-19 \) ]
then
# Telech
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/arpwatch-2.1a4-29slis.i386.rpm .
# Desinstall de l'ancienne version (non slis)
rpm -e arpwatch
# Install du rpm pour slis
rpm -i arpwatch-2.1a4-29slis.i386.rpm
# Ajout d'un lien (le RPM provient de RH 7.0)
ln -fs /etc/rc.d/init.d /etc/init.d
# Verif et fin MAJ
rpm -q arpwatch-2.1a4-29slis 2>/dev/null >/dev/null
if [ $? = 0 ]
then
echo "local6.* /var/log/arpwatch" >> /etc/syslog.conf
killall -HUP syslogd
touch $UPDDIR/2.0-19
logger -t "$LOGTAG" "Update 2.0-19 effectuee."
else
logger -t "$LOGTAG" "Update 2.0-19 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-20 - 05/12/2000
# Conf de logrotate pour syslog
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-20 \) ]
then
echo "
/var/log/arpwatch {
postrotate
/usr/bin/killall -HUP syslogd
endscript
}
/var/log/slis {
postrotate
/usr/bin/killall -HUP syslogd
endscript
}
/var/log/diald {
postrotate
/usr/bin/killall -HUP syslogd
endscript
}
" >> /etc/logrotate.d/syslog
touch $UPDDIR/2.0-20
logger -t "$LOGTAG" "Update 2.0-20 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-21 - 10/12/2000
# Nouveaux menus "fonction avancees"
# Rend obsolete : Les fichiers correspondant dans upd-CS-8.tgz
############################################################################
if [ ! \( -e $UPDDIR/2.0-21 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.0-21.tgz .
cd /
tar zxf /tmp/upd-2.0-21.tgz
RC=$?
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/2.0-21
logger -t "$LOGTAG" "Update 2.0-21 effectuee."
else
logger -t "$LOGTAG" "Update 2.0-21 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-22 - 05/12/2000
# MAJ d'arpwatch
# Rend obsolete : Une partie de 2.0-19
############################################################################
# Remarque: Si vous voulez utiliser arpwatch, vous pouvez le lancer a partir
# de votre script academique. Par defaut, Arpwatch n'est pas lance. Cela
# releve d'un choix academique.
if [ ! \( -e $UPDDIR/2.0-22 \) ]
then
# Telech
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/arpwatch-2.1a4-29slisA.i386.rpm .
# Install du rpm pour slis
rpm -U arpwatch-2.1a4-29slisA.i386.rpm
# Verif et fin MAJ
rpm -q arpwatch-2.1a4-29slisA 2>/dev/null >/dev/null
if [ $? = 0 ]
then
touch $UPDDIR/2.0-22
logger -t "$LOGTAG" "Update 2.0-22 effectuee."
else
logger -t "$LOGTAG" "Update 2.0-22 ECHEC."
fi
fi
###
############################################################################
### Mise a jour CS-11 - 15/12/2000
# Patch de l'interface dhcp
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/CS-11 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-CS-11.tgz .
cd /
tar zxf /tmp/upd-CS-11.tgz
RC=$?
chown root.root /tmp
chmod 777 /tmp
chmod +t /tmp
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/CS-11
logger -t "$LOGTAG" "Update CS-11 effectuee."
else
logger -t "$LOGTAG" "Update CS-11 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-23 - 17/01/2001
# Installation des modules perl DBI et DBD::Pg
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-23 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/DBI-1.13-1.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/DBD-Pg-SLIS.tgz .
rpm -U DBI-1.13-1.i386.rpm
cd /
tar zxf /tmp/DBD-Pg-SLIS.tgz
RC=$?
# Verifications
rpm -q DBI 2>/dev/null >/dev/null
if [ $? = 0 -a $RC = 0 ]
then
touch $UPDDIR/2.0-23
logger -t "$LOGTAG" "UPDATE 2.0-23 effectuee"
else
logger -t "$LOGTAG" "UPDATE 2.0-23 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-24b - 01/02/2001
# SECURITE BIND
# Rend obsolete : 2.0-24
############################################################################
if [ ! \( -e $UPDDIR/2.0-24b \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/bind-8.2.3-0.6.x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/bind-utils-8.2.3-0.6.x.i386.rpm .
rpm -U bind-8.2.3-0.6.x.i386.rpm
rpm -U bind-utils-8.2.3-0.6.x.i386.rpm
# Verifications
rpm -q bind-utils-8.2.3 2>/dev/null >/dev/null
RC=$?
rpm -q bind-8.2.3 2>/dev/null >/dev/null
if [ $? = 0 -a $RC = 0 ]
then
/etc/rc.d/init.d/named restart
touch $UPDDIR/2.0-24b
logger -t "$LOGTAG" "UPDATE 2.0-24b effectuee"
else
logger -t "$LOGTAG" "UPDATE 2.0-24b ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-25 - 22/01/2001
# SECURITE MODUTILS
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-25 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/modutils-2.3.21-0.6.2.i386.rpm .
rpm -U modutils-2.3.21-0.6.2.i386.rpm
# Verifications
rpm -q modutils-2.3.21 2>/dev/null >/dev/null
RC=$?
if [ $RC = 0 ]
then
touch $UPDDIR/2.0-25
logger -t "$LOGTAG" "UPDATE 2.0-25 effectuee"
else
logger -t "$LOGTAG" "UPDATE 2.0-25 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-26 - 29/01/2001
# Installation de xntpd
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-26 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/xntp3-5.93-14.i386.rpm .
rpm -U xntp3-5.93-14.i386.rpm
# Verifications et fin de l'install
rpm -q xntp3-5.93-14 2>/dev/null >/dev/null
RC=$?
if [ $RC = 0 ]
then
/sbin/chkconfig --add xntpd
/etc/rc.d/init.d/xntpd start
touch $UPDDIR/2.0-26
logger -t "$LOGTAG" "UPDATE 2.0-26 effectuee"
else
logger -t "$LOGTAG" "UPDATE 2.0-26 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-27 - 20/01/2001
# Interface de configuration de l'onduleur
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-27 \) ]
then
# Si on ne tue pas mgeupsd, alors le tar va echouer
killall mgeupsd
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.0-27.tgz .
cd /
tar zxf /tmp/upd-2.0-27.tgz
RC=$?
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/2.0-27
logger -t "$LOGTAG" "Update 2.0-27 effectuee."
else
logger -t "$LOGTAG" "Update 2.0-27 ECHEC."
fi
fi
###
############################################################################
### Mise a jour CS-12 - 01/02/2001
# Amelioration des fonctions de filtrage d'url
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/CS-12 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-CS-12.tgz .
cd /
tar zxf /tmp/upd-CS-12.tgz
RC=$?
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/CS-12
logger -t "$LOGTAG" "Update CS-12 effectuee."
else
logger -t "$LOGTAG" "Update CS-12 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-28 - 05/02/2001
# Installation d'openldap et necessaires
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-28 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openldap-1.2.11-15.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openldap-servers-1.2.11-15.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/perl-MIME-Base64-2.11-6.i386.rpm .
rpm -U --nodeps openldap-1.2.11-15.i386.rpm
rpm -U openldap-servers-1.2.11-15.i386.rpm
rpm -U perl-MIME-Base64-2.11-6.i386.rpm
ln -sf /etc/rc.d/init.d /etc/init.d
# Verifications et fin de la MAJ
rpm -q openldap-servers-1.2.11-15 2>/dev/null >/dev/null
RC1=$?
rpm -q perl-MIME-Base64-2.11-6 2>/dev/null >/dev/null
RC2=$?
if [ $RC1 = 0 -a $RC2 = 0 ]
then
# Fabrication du slapd.conf initial
ROOTPASSWD=`grep "^root:" /etc/shadow|awk -F: '{print $2}'`
HOST_OU=`cat /etc/HOSTNAME |cut -d. -f1`
DOMAIN_OU=`cat /etc/HOSTNAME |cut -d. -f2`
BASE_LDAP="ou=education, o=gouv, c=fr"
echo "
include /etc/openldap/slapd.at.conf
include /etc/openldap/slapd.oc.conf
schemacheck off
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
database ldbm
suffix \"ou=$HOST_OU, ou=slis, ou=$DOMAIN_OU, $BASE_LDAP\"
rootdn \"cn=slismaster, ou=$HOST_OU, ou=slis, ou=$DOMAIN_OU, $BASE_LDAP\"
rootpw {crypt}$ROOTPASSWD
directory /var/lib/ldap
defaultaccess read
access to attr=userpassword
by dn=\"uid=ldap,ou=$HOST_OU,ou=slis,ou=$DOMAIN_OU,$BASE_LDAP\" read
by self read
by dn=\".*\" none
" > /etc/openldap/slapd.conf
/sbin/chkconfig --add ldap
/etc/rc.d/init.d/ldap start
touch $UPDDIR/2.0-28
logger -t "$LOGTAG" "UPDATE 2.0-28 effectuee"
else
logger -t "$LOGTAG" "UPDATE 2.0-28 ECHEC."
fi
fi
###
############################################################################
### Mise a jour CS-13 - 17/04/2001 10/05/2001
# Nouvelle interface de gestion - premiere mouture
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/CS-13 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-CS-13.tgz .
cd /
tar zxf /tmp/upd-CS-13.tgz
RC=$?
# Initialisation de la base SQL hadmin
export PGPASSWORD=`grep ADMINPASS /home/hadmin/html/config_pgsql.inc.php |cut -d\" -f2`
export PGUSER="hadmin"
psql hadmin < /tmp/hadmin.sql
RC2=$?
# Verification et fin de la MAJ
if [ $RC = 0 -a $RC2 = 0 ]
then
# Remise en etat des droits
bash /usr/local/sbin/permslis
# Recuperation des anciens comptes et stockage dans la base
/usr/local/sbin/passwd2sql
# Recuperation des anciennes donnes de connection pour stockage dans la base
export LANG="C"
/usr/local/sbin/old_isdnlog_2sql
# Initialisation des logs squid et apache
/usr/local/sbin/accesslog2sql /var/log/httpd/access_log.4 apache
/usr/local/sbin/accesslog2sql /var/log/httpd/access_log.3 apache
/usr/local/sbin/accesslog2sql /var/log/httpd/access_log.2 apache
/usr/local/sbin/accesslog2sql /var/log/httpd/access_log.1 apache
/usr/local/sbin/accesslog2sql /var/log/httpd/access_log apache
/usr/local/sbin/accesslog2sql /usr/local/squid/logs/access.log.1 squid
/bin/gzip -d -c /usr/local/squid/logs/access.log.0.gz > /usr/local/squid/logs/access.log.0
/usr/local/sbin/accesslog2sql /usr/local/squid/logs/access.log.0 squid
rm -f /usr/local/squid/logs/access.log.0
# Lancement de connslogd au demarrage
sed "s/etrnd/connslogd/" /etc/rc.d/rc.local > /tmp/rc.local
cp -f /etc/rc.d/rc.local /etc/rc.d/rc.local.CS-13
cp -f /tmp/rc.local /etc/rc.d/rc.local
chmod 755 /etc/rc.d/rc.local
if [ -f /etc/adsl ]
then
echo "/usr/local/sbin/connslogd&" >> /etc/rc.d/rc.local
fi
killall etrnd
/usr/local/sbin/connslogd&
# Programmation de la crontab (ajout de accesslog2sql et supp de etrnd_refresh)
/usr/bin/crontab -l |grep -v etrnd > /tmp/cron
echo "0 12,18,21,0,7 * * * /usr/local/sbin/accesslog2sql /usr/local/squid/logs/access.log squid" >> /tmp/cron
echo "0 13,19,22,1,8 * * * /usr/local/sbin/accesslog2sql /var/log/httpd/access_log apache" >> /tmp/cron
/usr/bin/crontab /tmp/cron
# Script de correction du bug des comptes depassant 8 caracteres
perl /usr/local/sbin/old_bug8_workaround
# Creation des users systeme
/usr/local/sbin/init_sysusers
# Creation du rep applis CyberEcole
mkdir /home/cyberecole/applis
chmod 775 /home/cyberecole/applis
chown smbadmin.profs /home/cyberecole/applis 2>/dev/null
# Importation CyberEcole
if [ "$CYBERECOLE" = "1" ]
then
/usr/local/sbin/old_cyberecole_2sql
fi
# Remise en etat des droits
bash /usr/local/sbin/permslis
touch $UPDDIR/CS-13
logger -t "$LOGTAG" "Update CS-13 effectuee."
else
logger -t "$LOGTAG" "Update CS-13 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-30 - 08/03/2001
# Nouveau mknamedconf (essentiellement ameliorations pour version ADSL et cable)
# et daemon dns_autoconf qui verifie la conf DNS en permanence
# Rend obsolete: 2.0-2, 2.0-4
############################################################################
# MAJ desactivee car ne concerne que des SLIS experimentaux et le nouveau
# script de conf du DNS sera deploye dans les 2.1
#if [ ! \( -e $UPDDIR/2.0-30 \) ]
#then
# Telechargement du tar
# cd /tmp
# rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.0-30.tgz .
# cd /
# tar zxf /tmp/upd-2.0-30.tgz
# RC=$?
# Verification et fin de la MAJ
# if [ $RC = 0 ]
# then
# deja=`grep dns_autoconf /etc/rc.d/rc.local`
# if [ "$deja" = "" ]
# then
# echo >> /etc/rc.d/rc.local
# echo "# Surveillance de la conf DNS" >> /etc/rc.d/rc.local
# echo "/usr/local/sbin/dns_autoconf &" >> /etc/rc.d/rc.local
# fi
# /usr/local/sbin/dns_autoconf &
# touch $UPDDIR/2.0-30
# logger -t "$LOGTAG" "Update 2.0-30 effectuee."
# else
# logger -t "$LOGTAG" "Update 2.0-30 ECHEC."
# fi
#fi
###
############################################################################
### Mise a jour 2.0-31 - 21/03/2001
# Amelioration routage_net_on/off (rapiditΘ et adsl) et modification du
# message de l'interface "pas de proxy pour" qui prete a confusion.
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-31 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.0-31.tgz .
cd /
tar zxf /tmp/upd-2.0-31.tgz
RC=$?
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/2.0-31
logger -t "$LOGTAG" "Update 2.0-31 effectuee."
else
logger -t "$LOGTAG" "Update 2.0-31 ECHEC."
fi
fi
###
############################################################################
### Mise a jour CS-13c - 16/05/2001
# Deplacement de /var/lib/pgsql dans /home/pgsql
# car plus assez de place dans /var
############################################################################
if [ ! \( -e $UPDDIR/CS-13c \) ]
then
# Test au cas ou ce serai deja fait
if [ ! \( -e /home/pgsql \) ]
then
# Arret de postgres
/etc/rc.d/init.d/postgresql stop
sleep 20
/etc/rc.d/init.d/postgresql stop
sleep 20
killall postmaster 2>/dev/null
killall -9 postmaster 2>/dev/null
/sbin/fuser -kn tcp 5432
# Deplacement des fichiers
mv /var/lib/pgsql /var/lib/pgsql.old
mkdir /home/pgsql
cp -a /var/lib/pgsql.old/* /home/pgsql
ln -s /home/pgsql /var/lib/pgsql
rm -rf /var/lib/pgsql.old
# Redemarrage de postgres
/etc/rc.d/init.d/postgresql start
fi
touch $UPDDIR/CS-13c
logger -t "$LOGTAG" "Update CS-13c"
fi
###
########################################################################
### Mise a jour 2.0-32 - 16/05/2001
# Installation d'IMP et de Wordwiew
# Patch de la nouvelle interface, correction de bugs
# Rend obsolete :
########################################################################
if [ ! \( -e $UPDDIR/2.0-32 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/mswordview-0.5.2-1.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.0-32.tgz .
rpm -U mswordview-0.5.2-1.i386.rpm
rpm -q mswordview-0.5.2-1 2>/dev/null>/dev/null
RC1=$?
cd /
tar xfz /tmp/upd-2.0-32.tgz
RC2=$?
if [ $RC1 = 0 -a $RC2 = 0 ]
then
# CrΘation du compte hordemgr et de la base Horde
HORDEPASS=`$SLIS_BINDIR/pspg`
# Mot de passe postgres
export PGPASSWORD=`grep POSTGRESPASS /home/hadmin/html/config_pgsql.inc.php| cut -d\" -f2`
export PGUSER=postgres
# CrΘation user horde
psql template1 -tqc "drop user hordemgr" > /dev/null 2>/dev/null
psql template1 -tqc "create user hordemgr with password '$HORDEPASS' nocreatedb nocreateuser"
# crΘation base Horde
psql template1 -tqc "drop database horde" > /dev/null 2>/dev/null
psql template1 -tqc "create database horde"
# crΘation tables IMP
psql horde < /tmp/horde.sql
# Sauve HORDEPASS dans config_pgsql.inc.php des utilisateurs
mv /home/httpd/html/config_pgsql.inc.php /home/httpd/html/config_pgsql.inc.php.old
sed "s/?>//" /home/httpd/html/config_pgsql.inc.php.old > /home/httpd/html/config_pgsql.inc.php
echo "\$HORDEPASS=\"$HORDEPASS\";" >> /home/httpd/html/config_pgsql.inc.php
echo "\$HORDEUSER=\"hordemgr\";" >> /home/httpd/html/config_pgsql.inc.php
echo "\$HOSTNAME=\"$HOSTNAME\";" >> /home/httpd/html/config_pgsql.inc.php
echo "?>" >> /home/httpd/html/config_pgsql.inc.php
rm -f /home/httpd/html/config_pgsql.inc.php.old
# On indique le mot de passe de Horde dans les fichiers local.inc et db_pgsql.inc
sed "s/XXXHORDEPASSXXX/$HORDEPASS/" /usr/share/php/local.inc.dist > /usr/share/php/local.inc
sed "s/XXXHORDEPASSXXX/$HORDEPASS/" /usr/share/php/db_pgsql.inc.dist > /usr/share/php/db_pgsql.inc
# On remplace le lien sur l'interface des utilisateurs dans index.html
mv /home/httpd/html/index.html /home/httpd/html/index.old
sed "s/<a.*href=\/cgi-bin\/webmail.*/<a href=\/horde\/imp\/index.php3>/" /home/httpd/html/index.old > /home/httpd/html/index.html
# Un petit coup de relecture de HTTPD
killall -HUP httpd
# Retablissement du webmaster (ancien bug de process_web)
webmaster=`ls -ld /home/httpd/html/intranet |awk '{print $3}'`
if [ "$webmaster" != "" ]
then
echo "$webmaster" > $BASE/webmaster
fi
# Remise en etat des droits
/usr/local/sbin/permslis
# Conclusion
touch $UPDDIR/2.0-32
logger -t "$LOGTAG" "UPDATE 2.0-32 effectuee."
else
logger -t "$LOGTAG" "UPDATE 2.0-32 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-33 - 21/05/2001
# Correction bug de process_web par rapport a horde
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-33 \) ]
then
# Telechargement du tar
cd /usr/local/sbin
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/process_web .
RC=$?
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
/usr/local/sbin/permslis
touch $UPDDIR/2.0-33
logger -t "$LOGTAG" "Update 2.0-33 effectuee."
else
logger -t "$LOGTAG" "Update 2.0-33 ECHEC."
fi
fi
###
############################################################################
### Mise a jour 2.0-34 - 22/05/2001
# Redemarrage de connslogd necessaire a cause de CS-13c
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-34 \) ]
then
killall connslogd
sleep 3
killall -9 connslogd 2>/dev/null
sleep 3
/usr/local/sbin/connslogd&
touch $UPDDIR/2.0-34
logger -t "$LOGTAG" "Update 2.0-34 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-35 - 06/06/2001
# Config specifique des libs php pour Horde (correction de bug)
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-35 \) ]
then
echo "
# Added for Horde
<Directory /home/httpd/html/horde>
Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all
<IfModule mod_php3.c>
php3_include_path '/usr/share/php:.'
php3_auto_prepend_file /usr/share/php/prepend.php3
php3_magic_quotes_gpc Off
php3_track_vars On
</IfModule>
<IfModule mod_php4.c>
php_value include_path '/usr/share/php:.'
php_value auto_prepend_file /usr/share/php/prepend.php3
php_flag magic_quotes_gpc Off
php_flag track_vars On
</IfModule>
</Directory>
" >> /etc/httpd/conf/httpd.conf
sed "s/auto_prepend_file/#auto_prepend_file/" /etc/php.ini > /tmp/php.ini
cp -f /etc/php.ini /etc/php.ini.upd-2.0-35
mv -f /tmp/php.ini /etc/php.ini
killall -HUP httpd
touch $UPDDIR/2.0-35
logger -t "$LOGTAG" "Update 2.0-35 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-36 - 08/06/2001
# Correction du bug du primary group
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-36 \) ]
then
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.0-36.tgz .
cd /
tar zxf /tmp/upd-2.0-36.tgz
RC=$?
# Revalidation des groupes
export PGPASSWORD=`grep ADMINPASS /home/hadmin/html/config_pgsql.inc.php |cut -d\" -f2`
export PGUSER="hadmin"
/usr/local/sbin/permslis
psql hadmin -tqc "update groups set tovalid='true'"
/usr/local/sbin/valid
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/2.0-36
logger -t "$LOGTAG" "Update 2.0-36 done."
else
logger -t "$LOGTAG" "Update 2.0-36 FAILED."
fi
fi
###
############################################################################
### Mise a jour 2.0-37 - 18/06/2001
# NOUVEAU SYSTEME DE FILTRAGE IP (FORWARD ET FIREWALL)
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-37 \) ]
then
# Les variables dont il est question ci-dessous manquent dans 2.0
# Elles font partie du script d'install des SLIS 2.1
# Creation de la variable ALLOWED_SMTP a partir des valeurs codees
# en dur dans process_filtrage_ip (ce script est d'ailleurs devenu obsolete)
R=$RANDOM
egrep "SMTP\w=" /usr/local/sbin/process_filtrage_ip > /tmp/smtp.$R
ALLOWED_SMTP=`awk -F\" -v ORS="," '{ print $2; }' /tmp/smtp.$R |sed "s/,$//"`
echo "ALLOWED_SMTP=\"$ALLOWED_SMTP\"" >> /home/hadmin/slis.conf
echo "\$ALLOWED_SMTP=\"$ALLOWED_SMTP\";" >> /home/hadmin/slis.conf.pl
echo "<?PHP \$ALLOWED_SMTP=\"$ALLOWED_SMTP\"; ?>" >> /home/hadmin/slis.conf.php
rm -f /tmp/smtp.$R
# Creation des variables ADMIN_NET et ADMIN_NET_MASK
# Elles definissent le reseau depuis lequel le meta-administrateur
# maintient les SLIS.
# Arbitrairement, on prend le reseau de classe C correspondant au smarthost
ADMIN_NET=`ipcalc --network $SMART_HOST_IP --netmask 255.255.255.0 |grep NETWORK|cut -d= -f2`
echo "ADMIN_NET=\"$ADMIN_NET\"" >> /home/hadmin/slis.conf
echo "ADMIN_NET_MASK=\"255.255.255.0\"" >> /home/hadmin/slis.conf
echo "\$ADMIN_NET=\"$ADMIN_NET\";" >> /home/hadmin/slis.conf.pl
echo "\$ADMIN_NET_MASK=\"255.255.255.0\";" >> /home/hadmin/slis.conf.pl
echo "<?PHP \$ADMIN_NET=\"$ADMIN_NET\"; ?>" >> /home/hadmin/slis.conf.php
echo "<?PHP \$ADMIN_NET_MASK=\"255.255.255.0\"; ?>" >> /home/hadmin/slis.conf.php
# Telechargement du tar
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.0-37.tgz .
cd /
tar zxf /tmp/upd-2.0-37.tgz
RC=$?
# Lancement
/usr/local/sbin/permslis
/usr/local/sbin/mkfilters
cp -u /home/hadmin/cgi-bin/base/subnets /home/hadmin/cgi-bin/queue/subnets
/usr/local/sbin/process_subnets
MAIL_ADMIN=`awk '{if (NR==3) print}' $BASE/params_admin.txt`
if [ "$MAIL_ADMIN" != "" ]
then
echo "
Le systeme de filtrage IP (routage et pare-feu) de votre SLIS vient de
changer. Le routage et le pare-feu ont ete regles de maniere optimale.
Cependant, si vous aviez eu besoin de changer le niveau de securite IP,
nous vous invitons a le refaire, dans les fonctions avancees, rubrique
Securite (filtrage ip).
" | mail -s "Information mise a jour" $MAIL_ADMIN
fi
# Verification et fin de la MAJ
if [ $RC = 0 ]
then
touch $UPDDIR/2.0-37
logger -t "$LOGTAG" "Update 2.0-37 done."
else
logger -t "$LOGTAG" "Update 2.0-37 FAILED."
fi
fi
###
############################################################################
### Mise a jour 2.0-38 - 19/06/2001
# Bug de l'implementation de horde dans /webmail
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-38 \) ]
then
echo "
# Added for Horde
<Directory /home/httpd/html/webmail>
Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all
<IfModule mod_php3.c>
php3_include_path '/usr/share/php:.'
php3_auto_prepend_file /usr/share/php/prepend.php3
php3_magic_quotes_gpc Off
php3_track_vars On
</IfModule>
<IfModule mod_php4.c>
php_value include_path '/usr/share/php:.'
php_value auto_prepend_file /usr/share/php/prepend.php3
php_flag magic_quotes_gpc Off
php_flag track_vars On
</IfModule>
</Directory>
" >> /etc/httpd/conf/httpd.conf
killall -HUP httpd
touch $UPDDIR/2.0-38
logger -t "$LOGTAG" "Update 2.0-38 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-39 - 06/07/2001
# Fix for bug somewhere before...
# The table containing subnets disapeared (hadmin)
# The file /home/hadmin/cgi-bin/base/subnets is empty...
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-39 \) ]
then
/usr/local/sbin/mksubnets
rm -f /home/hadmin/cgi-bin/queue/subnets
touch $UPDDIR/2.0-39
logger -t "$LOGTAG" "Update 2.0-39 effectuee."
fi
###
############################################################################
### Mise a jour 2.0-40 - 26/09/2001
# Secu updates and bug corrections from RedHat:
# - Secu: fetchmail is updated if fetchmail option is activated, removed else
# - Bug corrected in tmpwatch package
# - Secu: Sendmail local exploit bug corrected
# - Secu: Man local exploit corrected (mktemp package also upgraded)
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/2.0-40 \) ]
then
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/tmpwatch-2.8-0.6.x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/sendmail-8.11.6-1.6.x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/mktemp-1.5-2.1.6x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/man-1.5i2-0.6x.5.i386.rpm .
rpm -U tmpwatch-2.8-0.6.x.i386.rpm
rpm -U sendmail-8.11.6-1.6.x.i386.rpm
rpm -U mktemp-1.5-2.1.6x.i386.rpm
rpm -U man-1.5i2-0.6x.5.i386.rpm
RC1=0
. /home/hadmin/setup.data
if [ "$FETCHMAIL" = "1" ]
then
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/fetchmail-5.9.0-0.6.2.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssl-0.9.5a-7.6.x.i386.rpm .
rpm -U fetchmail-5.9.0-0.6.2.i386.rpm
rpm -U openssl-0.9.5a-7.6.x.i386.rpm
rpm -q fetchmail-5.9.0-0.6.2 2>/dev/null >/dev/null
RC1=$?
else
rpm -e fetchmail
fi
# Verifications et fin de l'install
rpm -q tmpwatch-2.8-0.6.x 2>/dev/null >/dev/null
RC2=$?
rpm -q sendmail-8.11.6-1.6.x 2>/dev/null >/dev/null
RC3=$?
rpm -q man-1.5i2-0.6x.5 2>/dev/null >/dev/null
RC4=$?
if [ $RC1 = 0 -a $RC2 = 0 -a $RC3 = 0 -a $RC4 = 0 ]
then
/etc/rc.d/init.d/sendmail restart
touch $UPDDIR/2.0-40
logger -t "$LOGTAG" "UPDATE 2.0-40 effectuee"
else
logger -t "$LOGTAG" "UPDATE 2.0-40 ECHEC."
fi
fi
###
############################################################################
### UPDATE 2.x-41 - 03/10/2001
# - Installation of a new http interface designed for the users (called clientgw)
# This interface has only got for the moment a gateway for changing passwords.
# It runs on port 2000 under the same uid of hadmin. This update installs
# the config files for the new httpd daemon that will be running.
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-41 \) ]
then
# Download and install
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-41.tgz .
cd /
tar zxf /tmp/upd-2.x-41.tgz
RC=$?
# Check and finish
if [ $RC = 0 ]
then
ln -s /usr/lib/apache /etc/hadmin/clientgw/modules
echo "# Client gateway" >> /etc/rc.d/rc.local
echo "export PHPRC="/etc/hadmin";/usr/sbin/httpd -f /etc/hadmin/clientgw/conf/httpd.conf;export -n PHPRC" >> /etc/rc.d/rc.local
echo "/usr/local/sbin/cg-admind&" >> /etc/rc.d/rc.local
export PHPRC="/etc/hadmin";/usr/sbin/httpd -f /etc/hadmin/clientgw/conf/httpd.conf;export -n PHPRC
/usr/local/sbin/cg-admind&
/usr/local/sbin/permslis
touch $UPDDIR/2.x-41
logger -t "$LOGTAG" "Update 2.x-41 done."
else
logger -t "$LOGTAG" "Update 2.x-41 FAILED."
fi
fi
###
############################################################################
### Update 2.0-42 - 10/10/2001
# Restore system
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.0-42 \) ]
then
# Download
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-42.tgz .
tar zxf upd-2.x-42.tgz --directory /
RC=$?
# Creating tmp dir
mkdir -p /home/hadmin/tmp
chown hadmin.hadmin /home/hadmin/tmp
chmod 700 /home/hadmin/tmp
# patching php.ini
patch /etc/hadmin/php.ini << EOF
208c208
< post_max_size = 8M ; Maximum size of POST data that PHP will accept.
---
> post_max_size = 100M ; Maximum size of POST data that PHP will accept.
245c245
< upload_max_filesize = 2M ; Maximum allowed size for uploaded files
---
> upload_max_filesize = 100M ; Maximum allowed size for uploaded files
EOF
killall -HUP httpd
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.0-42
logger -t "$LOGTAG" "Update 2.0-42 Done."
else
logger -t "$LOGTAG" "Update 2.0-42 FAILED."
fi
fi
###
############################################################################
### Update 2.x-43 - 09/11/2001
# Synchro with CVS. Numerous bug fixes and enhancements.
# THIS UPDATE IS A BIG ONE!
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-43 \) ]
then
# Download the update
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-43.tgz .
# Kill connslogd and cg-admind as they will be replaced by the update
killall connslogd 2>/dev/null
killall cg-admind 2>/dev/null
# If this SLIS has a dns_autoconf daemon running, kill it and set a flag
DNS=`ps awux |grep dns_autoconf |grep -v grep |wc -l`
if [ $DNS = 1 ]
then
killall dns_autoconf
fi
# Untar the core update file
tar zxf upd-2.x-43.tgz --directory /
RC=$?
# A missing directory (not important)
# It's only a place to put some slis files like *.sql
mkdir -p /var/lib/slis
# Reset the permissions
bash /usr/local/sbin/permslis
# Restart the previously killed daemons
/usr/local/sbin/connslogd&
/usr/local/sbin/cg-admind&
if [ $DNS = 1 ]
then
/usr/local/sbin/dns_autoconf&
fi
# Continue the update only if untaring was successfull
if [ $RC = 0 ]
then
# Usefull denied_url file in squid conf was removed by error on some 2.1 versions
# This file may be used to add some URL to deny in a hurry. It mustn't be
# empty, so we add some Xs into it.
if [ ! -f /usr/local/squid/etc/denied_url ]
then
echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" > /usr/local/squid/etc/denied_url
fi
# Bug fix for mail header visualization function into hadmin
/usr/sbin/usermod -G mail hadmin
killall -HUP httpd
# Refresh squid config file (2.1 only)
if [ "`cat /etc/version_slis_num`" = "2.1" ]
then
/usr/local/sbin/mksquidconf
fi
# Errors from accesslog2sql are not important, so we redirect
# output to /dev/null
R=$RANDOM
crontab -l > /tmp/cron.$R
ALREADY=`grep "access.log squid >" /tmp/cron.$R`
if [ "$ALREADY" = "" ]
then
sed "s;access.log squid;access.log squid > /dev/null 2>/dev/null;" /tmp/cron.$R > /tmp/cron.new.$R
sed "s;access_log apache;access_log apache > /dev/null 2>/dev/null;" /tmp/cron.new.$R > /tmp/cron.$R
crontab /tmp/cron.$R
fi
# New subnets activation and schedule subsystem
# Init of SQL tables and conversion of old schedules
/usr/local/sbin/old_schedules_2sql 2>/dev/null >/dev/null
# Crontab modifications
R=$RANDOM
crontab -l > /tmp/cron.$R
grep -v routage_net_o /tmp/cron.$R | grep -v Horaires > /tmp/cron.new.$R
grep -v "DO NOT EDIT" /tmp/cron.new.$R | grep -v "installed on " | grep -v "Cron version" > /tmp/cron.$R
echo "# Subnets schedules" >> /tmp/cron.$R
echo "* * * * * /usr/local/sbin/process_subnets.cron" >> /tmp/cron.$R
crontab /tmp/cron.$R
# Init scripts update
grep -v "/usr/local/sbin/process_subnets" /etc/rc.d/rc.local | \
grep -v "cp -u /home/hadmin/cgi-bin/base/subnet" | \
grep -v "RunCache" > /tmp/rc.local.$R
if [ -s /tmp/rc.local.$R ]
then
cp -f /etc/rc.d/rc.local /etc/rc.d/rc.local.2.x-43
mv -f /tmp/rc.local.$R /etc/rc.d/rc.local
fi
chmod 755 /etc/rc.d/rc.local
echo "rm -f /var/lock/process_subnets*" >> /etc/rc.d/rc.local
. /home/hadmin/setup.data
if [ "PROXYON" != "0" ]
then
/sbin/chkconfig --add runcache
/sbin/chkconfig runcache on
fi
# Refresh ip filters (new mkfilters script)
/usr/local/sbin/mkfilters
# Create a new database for a french application (B2i)
export PGPASSWORD=`grep PGSQL_PASS /home/httpd/html/config_pgsql.inc.php|cut -d\" -f2`
export PGUSER=`grep PGSQL_USER /home/httpd/html/config_pgsql.inc.php|cut -d\" -f2`
psql -tqc "create database b2i"
# Change the owner of "slis" database (little bug fix)
export PGPASSWORD=`grep POSTGRESPASS /home/hadmin/html/config_pgsql.inc.php|cut -d\" -f2`
export PGUSER=`grep POSTGRESUSER /home/hadmin/html/config_pgsql.inc.php|cut -d\" -f2`
psql -tqc "update pg_database set datdba = (select usesysid from pg_user where usename = 'slis') where datname = 'slis';" template1
# Send a mail to admin
MAIL_ADMIN=`awk '{if (NR==3) print}' $BASE/params_admin.txt`
if [ "$MAIL_ADMIN" != "" ]
then
echo "
Message envoye automatiquement par votre SLIS.
Votre SLIS vient d'etre mis a jour.
Le systeme de gestion d'horaires par sous-reseaux a
completement change. Un script a converti vos anciens
horaires dans le nouveau systeme, mais nous vous
invitons a verifier que tout est en ordre dans les
fonctions avancees, "acces par sous-reseaux/horaires".
" | mail -s "Mise a jour SLIS" $MAIL_ADMIN
fi
touch $UPDDIR/2.x-43
logger -t "$LOGTAG" "Update 2.x-43 Done."
else
logger -t "$LOGTAG" "Update 2.x-43 FAILED."
fi
fi
############################################################################
### Update 2.x-43b - 04/12/2001
# Big bug fix!
# /etc/named.acls was not correctly updated by process_subnets.cron resulting
# in some SLIS refusing DNS queries.
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-43b \) ]
then
# Download the update
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-43b.tgz .
# Untaring
tar zxf upd-2.x-43b.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-43b
logger -t "$LOGTAG" "Update 2.x-43b Done."
else
logger -t "$LOGTAG" "Update 2.x-43b FAILED."
fi
fi
###
############################################################################
### Update 2.0-44 - 21/12/2001
# SECURITY PATCHES
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.0-44 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/wu-ftpd-2.6.1-0.6x.21.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/diffutils-2.7-22.6x.i386.rpm .
# rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/ucd-snmp-4.2.1-4.6.x.i386.rpm .
# rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/ucd-snmp-utils-4.2.1-4.6.x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/apache-1.3.22-0.6.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/db3-3.1.17-4.6x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssl-0.9.5a-7.6.x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/rpm-4.0.2-6x.i386.rpm .
# Do the things...
rpm -e samba-client 2>/dev/null
rpm -e rpm -e ghostscript rhs-printfilters ghostscript-fonts 2>/dev/null
rpm -e lpr 2>/dev/null
rpm -U diffutils-2.7-22.6x.i386.rpm
RC1=$?
rpm -U openssl-0.9.5a-7.6.x.i386.rpm db3-3.1.17-4.6x.i386.rpm rpm-4.0.2-6x.i386.rpm
RC1b=$?
# rpm -U ucd-snmp-4.2.1-4.6.x.i386.rpm ucd-snmp-utils-4.2.1-4.6.x.i386.rpm
# RC2=$?
rpm -U wu-ftpd-2.6.1-0.6x.21.i386.rpm
RC3=$?
rpm -U apache-1.3.22-0.6.i386.rpm
RC4=$?
# Check and finish
if [ $RC1 = 0 -a $RC1b = 0 -a $RC3 = 0 -a $RC4 = 0 ]
then
# Httpd restarting
/etc/rc.d/init.d/httpd stop
killall httpd
sleep 5
/etc/rc.d/init.d/httpd start
export PHPRC="/etc/hadmin";/usr/sbin/httpd -f /etc/hadmin/conf/httpd.conf;export -n PHPRC
export PHPRC=/etc/hadmin;/usr/sbin/httpd -f /etc/hadmin/clientgw/conf/httpd.conf;export -n PHPRC
touch $UPDDIR/2.0-44
logger -t "$LOGTAG" "Update 2.0-44 Done."
else
logger -t "$LOGTAG" "Update 2.0-44 FAILED."
fi
fi
###
############################################################################
### Update 2.x-45 - 21/12/2001
# OpenSSH installation
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-45 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssh-3.0.2p1-1.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssh-server-3.0.2p1-1.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssh-clients-3.0.2p1-1.i386.rpm .
# Do the things...
rpm -U openssh-3.0.2p1-1.i386.rpm openssh-clients-3.0.2p1-1.i386.rpm openssh-server-3.0.2p1-1.i386.rpm 2>/dev/null
rpm -q openssh-server >/dev/null
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
/sbin/chkconfig --add sshd
/sbin/chkconfig sshd on
killall sshd 2>/dev/null
killall ssfd 2>/dev/null
sleep 3
killall -9 sshd 2>/dev/null
killall -9 ssfd 2>/dev/null
/etc/rc.d/init.d/sshd start
sleep 3
/etc/rc.d/init.d/sshd restart # I dont know why, but sshd doesn't start the first time
grep -v ssfd /etc/rc.d/rc.local |grep -v sshd > /tmp/rc.local
cp -f /etc/rc.d/rc.local /etc/rc.d/rc.local.upd-2.x-45
mv -f /tmp/rc.local /etc/rc.d/rc.local
chmod 755 /etc/rc.d/rc.local
touch $UPDDIR/2.x-45
logger -t "$LOGTAG" "Update 2.x-45 Done."
else
logger -t "$LOGTAG" "Update 2.x-45 FAILED."
fi
fi
###
############################################################################
### Update 2.x-46 - 20/12/2001
# Enhancements of the php interface
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-46 \) ]
then
# Download the update
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-46.tgz .
# Untaring
tar zxf upd-2.x-46.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-46
logger -t "$LOGTAG" "Update 2.x-46 Done."
else
logger -t "$LOGTAG" "Update 2.x-46 FAILED."
fi
fi
###
############################################################################
### Update 2.x-48 - 22/01/2002
# Bug fixes and enhancements:
# - Bug fix: The sunday, all subnets were deactivated by process_subnets.cron
# - interface bugs with some browsers when deleting users
# - interface bug accepting some special characters in logins
# - permslis bug changing the owner of some files for the webmaster
# - optimization of the process_subnets.cron script (no more kil -HUP named
# every minute)
# Security:
# removed pine, wich contains a security hole
# Obsoletes : 2.x-47
############################################################################
if [ ! \( -e $UPDDIR/2.x-48 \) ]
then
# Download the update
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-48.tgz .
# Untaring
tar zxf upd-2.x-48.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Remove pine
rpm -e pine
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-48
logger -t "$LOGTAG" "Update 2.x-48 Done."
else
logger -t "$LOGTAG" "Update 2.x-48 FAILED."
fi
fi
###
############################################################################
### Update 2.x-49 - 23/01/2002
# Bug fixes for 2.x-48
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-49 \) ]
then
# Download the update
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-49.tgz .
# Untaring
tar zxf upd-2.x-49.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-49
logger -t "$LOGTAG" "Update 2.x-49 Done."
else
logger -t "$LOGTAG" "Update 2.x-49 FAILED."
fi
fi
###
############################################################################
### Update 2.x-50 - 23/01/2002
# Bug fix: IMP not working because of bad permission on config_pgsl.inc.php
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-50 \) ]
then
# Download the update
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-50.tgz .
# Untaring
tar zxf upd-2.x-50.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-50
logger -t "$LOGTAG" "Update 2.x-50 Done."
else
logger -t "$LOGTAG" "Update 2.x-50 FAILED."
fi
fi
###
############################################################################
### Update 2.x-51 - 28/01/2002
# SECURITY PATCHES
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-51 \) ]
then
# Download the files
cd /tmp
# rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/at-3.1.8-22.1.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/rsync-2.4.6-1.6.i386.rpm .
# Do the things...
# rpm -U at-3.1.8-22.1.i386.rpm
# RC1=$?
rpm -U rsync-2.4.6-1.6.i386.rpm
RC2=$?
# Check and finish
if [ $RC2 = 0 ]
then
touch $UPDDIR/2.x-51
logger -t "$LOGTAG" "Update 2.x-51 Done."
else
logger -t "$LOGTAG" "Update 2.x-51 FAILED."
fi
fi
###
############################################################################
### Update 2.x-52 - 05/02/2002
# New function: Restore of a 2.x backup
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-52 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-52.tgz .
# Do the things...
tar zxf upd-2.x-52.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-52
logger -t "$LOGTAG" "Update 2.x-52 Done."
else
logger -t "$LOGTAG" "Update 2.x-52 FAILED."
fi
fi
###
############################################################################
### Update 2.x-53b - 21/03/2002
# New logrotate script for samba, fixing the too many logfiles bug
# 2.x-53 was deleting /var/log/samba/log.smb.1.*
# 2.x-53b deletes /var/log/samba/log.smb.*.*
# Obsoletes : 2.x-53
############################################################################
if [ ! \( -e $UPDDIR/2.x-53b \) ]
then
/usr/sbin/logrotate /etc/logrotate.conf
echo "
/var/log/samba/log.nmb {
notifempty
missingok
postrotate
/usr/bin/killall -HUP nmbd
endscript
}
/var/log/samba/log.smb {
notifempty
missingok
postrotate
/usr/bin/killall -HUP smbd
endscript
}
" > /etc/logrotate.d/samba
rm -rf /var/log/samba/log.smb.*.*
rm -rf /var/log/samba/log.nmb.*.*
grep -v samba /var/lib/logrotate.status > /tmp/logrotate.status
mv -f /tmp/logrotate.status /var/lib/logrotate.status
/usr/sbin/logrotate /etc/logrotate.conf
touch $UPDDIR/2.x-53b
logger -t "$LOGTAG" "Update 2.x-53b Done."
fi
###
############################################################################
### Update 2.x-54 - 28/02/2002
# Enhancement: added icmp type time-excedeed allowed through the firewall (mkfilters)
# Bug fix: the home of the webmaster was deleted if the user was deleted (valid)
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-54 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-54.tgz .
# Do the things...
tar zxf upd-2.x-54.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-54
logger -t "$LOGTAG" "Update 2.x-54 Done."
else
logger -t "$LOGTAG" "Update 2.x-54 FAILED."
fi
fi
###
############################################################################
### Update 2.x-55 - 08/03/2002
# SECURITY FIX: php uploads bug
# ENHANCEMENT: added client support for mysql and ldap in the php module
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-55 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/php-4.0.6-1slis2x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/php-imap-4.0.6-1slis2x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/php-ldap-4.0.6-1slis2x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/php-pgsql-4.0.6-1slis2x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/mysql-3.20.32a-3.i386.rpm .
# Do the things...
killall httpd
rpm -U php-4.0.6-1slis2x.i386.rpm php-imap-4.0.6-1slis2x.i386.rpm php-ldap-4.0.6-1slis2x.i386.rpm php-pgsql-4.0.6-1slis2x.i386.rpm mysql-3.20.32a-3.i386.rpm
RC1=$?
/etc/rc.d/init.d/httpd start
export PHPRC="/etc/hadmin";/usr/sbin/httpd -f /etc/hadmin/conf/httpd.conf;export -n PHPRC
export PHPRC=/etc/hadmin;/usr/sbin/httpd -f /etc/hadmin/clientgw/conf/httpd.conf;export -n PHPRC
/sbin/chkconfig mysql off
# Check and finish
if [ $RC1 = 0 ]
then
touch $UPDDIR/2.x-55
logger -t "$LOGTAG" "Update 2.x-55 Done."
else
logger -t "$LOGTAG" "Update 2.x-55 FAILED."
fi
fi
###
############################################################################
### Update 2.x-57 - 08/03/2002
# Deletion of /var/lock/process_subnets.cron at boot
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-57 \) ]
then
echo "rm -f /var/lock/process_subnets.cron" > /etc/rc.d/rc3.d/S39Lock_cleaning
chmod 755 /etc/rc.d/rc3.d/S39Lock_cleaning
touch $UPDDIR/2.x-57
logger -t "$LOGTAG" "Update 2.x-57 Done."
fi
###
############################################################################
### Update 2.1-58 - 12/03/2002
# Bug fix: preg_grep syntax has changed since php 4.0.4
# Secu: Added a blocking filter to prevent users from login into ADSL alcatel modems by telnet
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-58 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-58.tgz .
# Do the things...
tar zxf upd-2.x-58.tgz --directory /
RC=$?
/usr/local/sbin/permslis
/usr/local/sbin/mkfilters
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-58
logger -t "$LOGTAG" "Update 2.x-58 Done."
else
logger -t "$LOGTAG" "Update 2.x-58 FAILED."
fi
fi
###
############################################################################
### Update 2.x-59 - 17/03/2002
# SECURITY FIX: openssh (http://www.openbsd.org/advisories/ssh_channelalloc.txt)
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-59 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssl095a-0.9.5a-9.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssl-0.9.6-9.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssh-3.1p1-1.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssh-clients-3.1p1-1.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssh-server-3.1p1-1.i386.rpm .
# Do the things...
rpm -U openssl095a-0.9.5a-9.i386.rpm openssl-0.9.6-9.i386.rpm openssh-3.1p1-1.i386.rpm openssh-clients-3.1p1-1.i386.rpm openssh-server-3.1p1-1.i386.rpm
RC1=$?
/sbin/chkconfig sshd on
# Check and finish
if [ $RC1 = 0 ]
then
touch $UPDDIR/2.x-59
logger -t "$LOGTAG" "Update 2.x-59 Done."
else
logger -t "$LOGTAG" "Update 2.x-59 FAILED."
fi
fi
###
############################################################################
### Update 2.x-60 - 17/03/2002
# SECURITY UPDATES FROM REDHAT:
# atd, telnet and ucd-snmp
# http://www.redhat.com/support/errata/RHSA-2002-015.html
# http://www.redhat.com/support/errata/RHSA-2001-099.html
# http://www.redhat.com/support/errata/RHSA-2001-163.html
# Obsoletes : Some parts of 2.1-44 and 2.x-51
############################################################################
if [ ! \( -e $UPDDIR/2.x-60 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/at-3.1.8-22.2.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/telnet-0.17.6x-18.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/ucd-snmp-4.2.3-1.6.x.3.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/ucd-snmp-utils-4.2.3-1.6.x.3.i386.rpm .
# Do the things...
# telnetd is dangerous and no more usefull now (ssh)
rpm -e telnet-server
# The updates
rpm -F at-3.1.8-22.2.i386.rpm telnet-0.17.6x-18.i386.rpm ucd-snmp-4.2.3-1.6.x.3.i386.rpm ucd-snmp-utils-4.2.3-1.6.x.3.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
touch $UPDDIR/2.x-60
logger -t "$LOGTAG" "Update 2.x-60 Done."
else
logger -t "$LOGTAG" "Update 2.x-60 FAILED."
fi
fi
###
############################################################################
### Update 2.x-61 - 25/03/2002
# Squid update (SECURITY)
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-61 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-61.tgz .
# Do the things...
/etc/rc.d/init.d/runcache stop
sleep 60
killall -9 squid 2>/dev/null
killall -9 squidGuard 2>/dev/null
tar zxf upd-2.x-61.tgz --directory /
RC=$?
/usr/local/sbin/permslis
/etc/rc.d/init.d/runcache start
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-61
logger -t "$LOGTAG" "Update 2.x-61 Done."
else
logger -t "$LOGTAG" "Update 2.x-61 FAILED."
fi
fi
###
############################################################################
### Update 2.x-62 - 25/03/2002
# SECURITY UPDATE FROM REDHAT:
# http://www.redhat.com/support/errata/RHSA-2002-026.html
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-62 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/zlib-1.1.3-25.6.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/rsync-2.4.6-3.6.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/rmt-0.4b19-5.6x.1.i386.rpm .
# Do the things...
rpm -F zlib-1.1.3-25.6.i386.rpm rsync-2.4.6-3.6.i386.rpm rmt-0.4b19-5.6x.1.i386.rpm
RC=$?
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-62
logger -t "$LOGTAG" "Update 2.x-62 Done."
else
logger -t "$LOGTAG" "Update 2.x-62 FAILED."
fi
fi
###
############################################################################
### Update 2.x-63 - 25/03/2002
# Kernel update
# !! THIS UPDATE WILL BE DONE ONLY BY NIGHT AS IT IS A KERNEL UPDATE !!
# !! WHICH WILL REBOOT THE MACHINE !!
# Obsoletes :
############################################################################
declare -i HOUR
declare -i R
HOUR=`date +%k`
R=$RANDOM
# "$R -lt 3277" in the following line means that this update
# will be executed with a probability of 1/10. This is done to
# prevent an overload of the rsync server.
# To be sure that all your SLIS are up to date, remove this part
# of the test in a couple of weeks, commenting this line and
# commenting out the next one.
#if [ ! \( -e $UPDDIR/2.x-63 \) -a $HOUR -lt 6 -a $R -lt 3277 ]
if [ ! \( -e $UPDDIR/2.x-63 \) -a $HOUR -lt 6 ]
then
if [ "`/bin/uname -v|/bin/grep SMP`" = "" ]
then
SMP=""
SMP2=""
else
SMP="-smp"
SMP2="smp"
fi
PROC=`/bin/uname -m`
if [ "$PROC" = "i486" ]
then
PROC="i386"
fi
. /home/hadmin/setup.data
SMP3=""
if [ "$VTUN" = "1" ]
then
SMP="-smp"
SMP2="smp"
SMP3="smp"
fi
RELEASE=`/bin/uname -r |sed s/smp//`
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/kernel`echo $SMP`-2.2.19-6.2.16.`echo $PROC`.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/mount-2.10r-0.6.x.i386.rpm .
/sbin/insmod loop
rpm -e kernel-utils 2>/dev/null
rpm -F mount-2.10r-0.6.x.i386.rpm
rpm -i kernel`echo $SMP`-2.2.19-6.2.16.`echo $PROC`.rpm
cd /lib/modules/2.2.19-6.2.16`echo $SMP2`/net
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/tun.o .
RC=$?
if [ $RC = 0 ]
then
/sbin/mkinitrd /boot/initrd-2.2.19-6.2.16.img 2.2.19-6.2.16 2>/dev/null
/sbin/mkinitrd /boot/initrd-2.2.19-6.2.16smp.img 2.2.19-6.2.16smp 2>/dev/null
sed "s/$RELEASE/2.2.19-6.2.16$SMP3/g" /etc/lilo.conf > /tmp/lilo.conf
if [ -s /tmp/lilo.conf ]
then
mv -f /tmp/lilo.conf /etc/lilo.conf
/sbin/lilo
rm -f /var/lock/slis_upd*
touch $UPDDIR/2.x-63
logger -t "$LOGTAG" "Update 2.x-63 Done."
/sbin/reboot
killall slis_update
killall slis_update.dev
exit
fi
else
logger -t "$LOGTAG" "Update 2.x-63 FAILED."
fi
fi
###
############################################################################
### Update 2.x-64 - 26/03/2002
# SECURITY: Horde IMP
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-64 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-64.tgz .
# Do the things...
tar zxf upd-2.x-64.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-64
logger -t "$LOGTAG" "Update 2.x-64 Done."
else
logger -t "$LOGTAG" "Update 2.x-64 FAILED."
fi
fi
###
############################################################################
### Update 2.x-65 - 27/03/2002
# Bug fix: process_subnets.cron was not testing the connection to the
# pgsql server.
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-65 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-65.tgz .
# Do the things...
tar zxf upd-2.x-65.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-65
logger -t "$LOGTAG" "Update 2.x-65 Done."
else
logger -t "$LOGTAG" "Update 2.x-65 FAILED."
fi
fi
###
############################################################################
### Update 2.x-66 - 03/04/2002
# Performance optimization: changed squid logs rotation script, replaced
# prostat by webalizer, optimized accesslog2sql script, reprogrammed
# crontab.
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-66 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-66.tgz .
# Do the things...
tar zxf upd-2.x-66.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
# Crontab edition
R=$RANDOM
crontab -l |grep -v "access.log squid" | \
grep -v "access_log apache" | \
grep -v "DO NOT EDIT THIS FILE" | \
grep -v "installed on" | \
grep -v "squid_purge" | \
sed "s/Purge squid//" | \
grep -v "Squid rotation/stats calculations" | \
grep -v "Cron version --" > /tmp/cron.$R
echo >> /tmp/cron.$R
echo "# Access logs rotation, sql storing and stats calculation" >> /tmp/cron.$R
echo "30 23 * * * /usr/local/sbin/squid_rotate > /dev/null 2>/dev/null" >> /tmp/cron.$R
echo "30 0 * * * export LANG=C;/usr/local/sbin/accesslog2sql /var/log/httpd/access_log apache > /dev/null 2>/dev/null" >> /tmp/cron.$R
crontab -l > /home/hadmin/updates/cron.2.x-66.bak
crontab /tmp/cron.$R
# Webalizer installation
mkdir /home/hadmin/html/cache_usage
if [ "$LANGUAGE" = "french" ]
then
ln -s /usr/local/sbin/webalizer_french /usr/local/sbin/webalizer
else
ln -s /usr/local/sbin/webalizer_english /usr/local/sbin/webalizer
fi
/usr/local/sbin/webalizer
# Very little bugfix of a previous update
touch /var/log/mysql.log
touch $UPDDIR/2.x-66
logger -t "$LOGTAG" "Update 2.x-66 Done."
else
logger -t "$LOGTAG" "Update 2.x-66 FAILED."
fi
fi
###
############################################################################
### Update 2.x-67 - 10/06/2002
# Bug fix: ADSL was not supported by port redirection function
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-67 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-67.tgz .
# Do the things...
tar zxf upd-2.x-67.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-67
logger -t "$LOGTAG" "Update 2.x-67 Done."
else
logger -t "$LOGTAG" "Update 2.x-67 FAILED."
fi
fi
###
############################################################################
### Update 2.x-68 - 25/06/2002
# SECURITY: apache
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-68 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/apache-1.3.22-5.6.i386.rpm .
# Do the things...
rpm -U apache-1.3.22-5.6.i386.rpm
RC=$?
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-68
# Httpd restarting
/etc/rc.d/init.d/httpd stop
killall httpd
sleep 5
export PHPRC="/etc"
/etc/rc.d/init.d/httpd start
export PHPRC="/etc/hadmin";/usr/sbin/httpd -f /etc/hadmin/conf/httpd.conf;export -n PHPRC
export PHPRC="/etc/hadmin";/usr/sbin/httpd -f /etc/hadmin/clientgw/conf/httpd.conf;export -n PHPRC
logger -t "$LOGTAG" "Update 2.x-68 Done."
else
logger -t "$LOGTAG" "Update 2.x-68 FAILED."
fi
fi
###
############################################################################
### Update 2.x-69 - 25/06/2002
# SECURITY: imap, fetchmail
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-69 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/imap-2001a-1.62.0.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/fetchmail-5.9.0-9.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/tcpdump-3.6.2-11.6.2.0.i386.rpm .
# Do the things...
rpm -U fetchmail-5.9.0-9.i386.rpm imap-2001a-1.62.0.i386.rpm tcpdump-3.6.2-11.6.2.0.i386.rpm
RC=$?
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-69
logger -t "$LOGTAG" "Update 2.x-69 Done."
else
logger -t "$LOGTAG" "Update 2.x-69 FAILED."
fi
fi
###
############################################################################
### Update 2.x-70 - 25/06/2002
# Bug fix: config_pgsl.inc.php must be world readable if we want IMP working
# and webmaster's scripts able to use it, because of safe mode. It's not a
# problem since there's only one webmaster for the moment. Later, we'll have
# to use a doublon of this file.
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-70 \) ]
then
# Download the update
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-70.tgz .
# Untaring
tar zxf upd-2.x-70.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Make a backup of config_pgsl.inc.php
cp /home/httpd/html/config_pgsql.inc.php /home/hadmin/
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-70
logger -t "$LOGTAG" "Update 2.x-70 Done."
else
logger -t "$LOGTAG" "Update 2.x-70 FAILED."
fi
fi
###
############################################################################
### Update 2.x-71 - 09/07/2002
# SECURITY: squid
# We use squid from RPM now, so a few more symlinks are created (I like
# spaghettis!)
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-71 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/squid-2.4.STABLE6-6.6.2.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-71.tgz .
# Do the things...
rpm -e squid 2>/dev/null
rpm -U squid-2.4.STABLE6-6.6.2.i386.rpm
RC1=$?
tar zxf upd-2.x-71.tgz --directory /
RC2=$?
# Check and finish
if [ $RC1 = 0 -a $RC2 = 0 ]
then
touch $UPDDIR/2.x-71
/etc/rc.d/init.d/runcache stop
killall -9 RunCache;killall -9 squid;sleep 3
rm -f /etc/squid/squid.conf
ln -s /usr/local/squid/etc/squid.conf /etc/squid/squid.conf
rm -rf /var/log/squid
ln -s /usr/local/squid/logs /var/log/squid
mv -f /usr/local/squid/bin/squid /usr/local/squid/bin/squid.orig
ln -s /usr/sbin/squid /usr/local/squid/bin/squid
/etc/rc.d/init.d/runcache start
logger -t "$LOGTAG" "Update 2.x-71 Done."
else
logger -t "$LOGTAG" "Update 2.x-71 FAILED."
fi
fi
###
############################################################################
### Update 2.x-72 - 09/07/2002
# Unused packages removal (preventive security)
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-72 \) ]
then
rpm -e inews
rpm -e binutils
rpm -e pnm2ppa
rpm -e utempter
rpm -e dosfstools
rpm -e rdist
rpm -e rsh
touch $UPDDIR/2.x-72
logger -t "$LOGTAG" "Update 2.x-72 Done."
fi
###
############################################################################
### Update 2.x-73 - 06/09/2002
# Bug fix: Creating users may be impossible after a restore from scracth
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-73 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-73.tgz .
# Do the things...
tar zxf upd-2.x-73.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
/usr/local/sbin/fix_tables
touch $UPDDIR/2.x-73
logger -t "$LOGTAG" "Update 2.x-73 Done."
else
logger -t "$LOGTAG" "Update 2.x-73 FAILED."
fi
fi
###
############################################################################
### Update 2.x-74 - 14/10/2002
# SECURITY
# Obsoletes :
############################################################################
declare -i HOUR
declare -i R
HOUR=`date +%k`
R=$RANDOM
# "$R -lt 3277" in the following line means that this update
# will be executed with a probability of 1/10. This is done to
# prevent an overload of the rsync server.
# To be sure that all your SLIS are up to date, remove this part
# of the test in a couple of weeks, commenting this line and
# commenting out the next one.
#if [ ! \( -e $UPDDIR/2.x-74 \) -a $HOUR -lt 6 -a $R -lt 3277 ]
if [ ! \( -e $UPDDIR/2.x-74 \) ]
then
# Clean /tmp as we need some space
/usr/sbin/tmpwatch -f 720 /tmp/
rm -f /tmp/kernel*
# Download the files
cd /tmp
# obsoleted by 2.x-80
# rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/glibc-2.1.3-27.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/fetchmail-5.9.0-18.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/tar-1.13.25-1.6.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/unzip-5.50-1.62.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/libpng-1.0.14-0.6x.3.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/tcpdump-3.6.2-11.6.2.2.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/krb5-libs-1.1.1-29.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/krb5-configs-1.1.1-29.i386.rpm .
# Do the things...
rpm -U fetchmail-5.9.0-18.i386.rpm \
tar-1.13.25-1.6.i386.rpm unzip-5.50-1.62.i386.rpm \
libpng-1.0.14-0.6x.3.i386.rpm tcpdump-3.6.2-11.6.2.2.i386.rpm \
krb5-libs-1.1.1-29.i386.rpm krb5-configs-1.1.1-29.i386.rpm
RC=$?
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-74
logger -t "$LOGTAG" "Update 2.x-74 Done."
else
logger -t "$LOGTAG" "Update 2.x-74 FAILED."
fi
fi
###
############################################################################
### Update 2.x-75b - 02/04/2003
# SECURITY: openssl
# Obsoletes : 2.x-75
############################################################################
if [ ! \( -e $UPDDIR/2.x-75b \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssl-0.9.6b-32.62.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssl095a-0.9.5a-20.62.i386.rpm .
# Do the things...
rpm -F --nodeps openssl-0.9.6b-32.62.i386.rpm \
openssl095a-0.9.5a-20.62.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
ln -s /lib/libcrypto.so.0.9.6b /lib/libcrypto.so.1 2>/dev/null
/etc/rc.d/init.d/sshd restart
touch $UPDDIR/2.x-75b
logger -t "$LOGTAG" "Update 2.x-75b Done."
else
logger -t "$LOGTAG" "Update 2.x-75b FAILED."
fi
fi
###
############################################################################
### Update 2.x-76 - 08/11/2002
# Bug fixes / Enhancements:
# - Set php max_execution_time to 10 minutes, for hadmin
# - Allow .htaccess file creation into /home/httpd/html for authconfigs
# - Added a rm of /var/lib/logrotate.status if empty into squid_rotate
# - Fixed a little bug into administrator.php (erase of hadmin http users
# that contain "admin") thanks to Rennes
# - Fixed the bug for too long urls into accesslog2sql
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-76 \) ]
then
# Increase the php max execution time for hadmin
cp -f /etc/hadmin/php.ini /etc/hadmin/php.ini.upd-2.x-76
perl -pi -e 's/max_execution_time.*=.*/max_execution_time = 600/' /etc/hadmin/php.ini
# New httpd.conf and squid_rotate
cp -f /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.upd-2.x-76
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-76.tgz .
tar zxf upd-2.x-76.tgz --exclude usr/local/ --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
killall -HUP httpd
touch $UPDDIR/2.x-76
logger -t "$LOGTAG" "Update 2.x-76 Done."
else
logger -t "$LOGTAG" "Update 2.x-76 FAILED."
fi
fi
###
############################################################################
### Update 2.x-77 - 13/11/2002
# SECURITY: bind
# Enhancement: upgrade to bind 9: same config as for SLIS 3.0, with views
# (new mknamedconf)
# WARNING: you have to set the variable "DEFAULT_DNS" at the top of
# this update.
# CAUTION: UPDATE IS NOT DONE IF KERNEL VERSION < 2.2.19 !!
# Obsoletes :
############################################################################
declare -i KREL=`uname -r |cut -f1 -d-|sed s"/\.//g"`
if [ $KREL -lt 2219 ]
then
logger -t "$LOGTAG" "ALERT: Update 2.x-77 SKIPPED BECAUSE KERNEL IS NOT UP TO DATE!"
logger -t "$LOGTAG" "ALERT: update kernel to 2.2.19 or newer, you have big security holes!"
else
if [ ! \( -e $UPDDIR/2.x-77 \) ]
then
DEFAULT_DNS=193.54.149.10 # Only used if actual nameserver config
# could not be guessed.
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-77.tgz .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/bind-9.2.1-0.6x.3.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/bind-utils-9.2.1-0.6x.3.i386.rpm .
# Do the things...
tar zxf upd-2.x-77.tgz --directory /
rpm -F bind-9.2.1-0.6x.3.i386.rpm bind-utils-9.2.1-0.6x.3.i386.rpm
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
# Actual DNS configuration guessing
FORWARDERS=`grep forwarders /etc/named.conf \
|head -1|awk -F'[{;}]' '{print $2 " " $3}'`
NS1=`echo $FORWARDERS|awk '{print $1'} \
|egrep "^[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}"`
NS2=`echo $FORWARDERS|awk '{print $2'} \
|egrep "^[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}"`
# Adding missing variables if needed
# DNS_PRIMARY
if [ "`grep DNS_PRIMARY /home/hadmin/slis.conf.pl`" = "" ]
then
if [ "$NS1" != "" ]
then
echo "DNS_PRIMARY=$NS1" >> /home/hadmin/slis.conf
echo "\$DNS_PRIMARY=\"$NS1\";" >> /home/hadmin/slis.conf.pl
else
echo "DNS_PRIMARY=$DEFAULT_DNS" >> /home/hadmin/slis.conf
echo "\$DNS_PRIMARY=\"$DEFAULT_DNS\";" >> /home/hadmin/slis.conf.pl
fi
fi
# DNS_SECONDARY
if [ "`grep DNS_SECONDARY /home/hadmin/slis.conf.pl`" = "" ]
then
if [ "$NS2" != "" ]
then
echo "DNS_SECONDARY=$NS2" >> /home/hadmin/slis.conf
echo "\$DNS_SECONDARY=\"$NS2\";" >> /home/hadmin/slis.conf.pl
else
if [ "$NS1" != "" ]
then
echo "DNS_SECONDARY=$NS1" >> /home/hadmin/slis.conf
echo "\$DNS_SECONDARY=\"$NS1\";" >> /home/hadmin/slis.conf.pl
else
echo "DNS_SECONDARY=$DEFAULT_DNS" >> /home/hadmin/slis.conf
echo "\$DNS_SECONDARY=\"$DEFAULT_DNS\";" >> /home/hadmin/slis.conf.pl
fi
fi
fi
# GATEWAY
if [ "`grep GATEWAY /home/hadmin/slis.conf.pl`" = "" ]
then
GATEWAY=`grep "ROUTEUR=" /home/hadmin/slis.conf.pl |cut -f2 -d\"`
echo "\$GATEWAY=\"$GATEWAY\";" >> /home/hadmin/slis.conf.pl
fi
# ROUTER_TYPE
if [ "`grep ROUTER_TYPE /home/hadmin/slis.conf.pl`" = "" ]
then
if [ "`ps awux |grep pppoe|grep -v grep`" != "" ]
then
echo "\$ROUTER_TYPE=\"9\";" >> /home/hadmin/slis.conf.pl
fi
fi
# Zones creation
/usr/local/sbin/mknamedzones
# For a SLIS pppoe in auto mode, we need to restart the connection to force
# a DNS reconfiguration
if [ "`ps awux |grep pppoe|grep -v grep`" != "" -a \
"`egrep "DNS_PRIMARY.*auto" /home/hadmin/slis.conf.pl`" != "" ]
then
killall pppoe 2>/dev/null
sleep 30
# Else, we restart normaly
else
cp -f /etc/named.conf /etc/named.conf.upd-2.x-77
/usr/local/sbin/mknamedconf > /etc/named.conf
/etc/rc.d/init.d/named restart
fi
touch $UPDDIR/2.x-77
logger -t "$LOGTAG" "Update 2.x-77 Done."
else
logger -t "$LOGTAG" "Update 2.x-77 FAILED."
fi
sleep 60
fi
fi
###
############################################################################
### Update 2.x-78b - 27/11/2002
# Kernel update
# !! THIS UPDATE WILL BE DONE ONLY BY NIGHT AS IT IS A KERNEL UPDATE !!
# !! WHICH WILL REBOOT THE MACHINE !!
# Obsoletes : 2.x-63, 2.x-78
############################################################################
declare -i HOUR
declare -i R
HOUR=`date +%k`
R=$RANDOM
# "$R -lt 3277" in the following line means that this update
# will be executed with a probability of 1/10. This is done to
# prevent an overload of the rsync server.
# To be sure that all your SLIS are up to date, remove this part
# of the test in a couple of weeks, commenting this line and
# commenting out the next one.
#if [ ! \( -e $UPDDIR/2.x-78b \) -a $HOUR -lt 6 -a $R -lt 3277 ]
if [ ! \( -e $UPDDIR/2.x-78b \) -a $HOUR -lt 6 ]
then
if [ "`/bin/uname -v|/bin/grep SMP`" = "" ]
then
SMP=""
SMP2=""
else
SMP="-smp"
SMP2="smp"
fi
PROC=`/bin/uname -m`
if [ "$PROC" = "i486" ]
then
PROC="i386"
fi
. /home/hadmin/setup.data
SMP3=""
if [ "$VTUN" = "1" ]
then
SMP="-smp"
SMP2="smp"
SMP3="smp"
fi
RELEASE=`/bin/uname -r |sed s/smp//`
cd /tmp
rm -f kernel-*
rm -f glibc-*
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/kernel`echo $SMP`-2.2.22-6.2.3.`echo $PROC`.rpm .
RC=$?
/sbin/insmod loop
rpm --rebuilddb
rpm -e kernel-utils 2>/dev/null
if [ -e $UPDDIR/2.x-78 ]
then
rpm -U kernel`echo $SMP`-2.2.22-6.2.3.`echo $PROC`.rpm
else
# Keep the old kernel in case of a problem
rpm -i kernel`echo $SMP`-2.2.22-6.2.3.`echo $PROC`.rpm
fi
cd /lib/modules/2.2.22-6.2.3`echo $SMP2`/net
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/tun.o.2.2.22-6.2.3 ./tun.o
if [ $RC = 0 ]
then
/sbin/mkinitrd /boot/initrd-2.2.22-6.2.3.img 2.2.22-6.2.3 2>/dev/null
/sbin/mkinitrd /boot/initrd-2.2.22-6.2.3smp.img 2.2.22-6.2.3smp 2>/dev/null
sed "s/$RELEASE/2.2.22-6.2.3/g" /etc/lilo.conf > /tmp/lilo.conf
if [ -s /tmp/lilo.conf ]
then
mv -f /tmp/lilo.conf /etc/lilo.conf
/sbin/lilo; LILORC=$?
rm -f /var/lock/slis_upd*
touch $UPDDIR/2.x-78b
logger -t "$LOGTAG" "Update 2.x-78b Done."
if [ $LILORC = 0 ]
then
/sbin/reboot
else
logger -t "$LOGTAG" "Update 2.x-78b: ERROR INTO LILO CONFIG"
echo "$HOSTNAME problem with lilo" | mail -s "ERREUR MAJ 2.x-78b" $SLISMASTER
fi
killall slis_update
killall slis_update.dev
exit
fi
else
logger -t "$LOGTAG" "Update 2.x-78b FAILED."
fi
fi
###
############################################################################
### Update 2.x-79 - 22/11/2002
# SECURITY: krb5 and ypserv
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-79 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/krb5-libs-1.1.1-30.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/krb5-configs-1.1.1-30.i386.rpm .
# Do the things...
rpm -e ypserv 2>/dev/null
rpm -F krb5-libs-1.1.1-30.i386.rpm krb5-configs-1.1.1-30.i386.rpm
RC=$?
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-79
logger -t "$LOGTAG" "Update 2.x-79 Done."
else
logger -t "$LOGTAG" "Update 2.x-79 FAILED."
fi
fi
###
############################################################################
### Update 2.x_3.x-02 - 21/11/2002
# Bug fix: (clientgw) changing a password with more than 8 chars caused an
# error and the user losing the password.
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x_3.x-02 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x_3.x-02.tgz .
# Do the things...
tar zxf upd-2.x_3.x-02.tgz --exclude usr/local/ --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x_3.x-02
logger -t "$LOGTAG" "Update 2.x_3.x-02 Done."
else
logger -t "$LOGTAG" "Update 2.x_3.x-02 FAILED."
fi
fi
###
############################################################################
### Update 2.x-80 - 28/11/2002
# SECURITY: https://rhn.redhat.com/errata/RHSA-2002-197.html
# Obsoletes : A part of 2.x-74
############################################################################
declare -i HOUR
declare -i R
HOUR=`date +%k`
R=$RANDOM
# "$R -lt 3277" in the following line means that this update
# will be executed with a probability of 1/10. This is done to
# prevent an overload of the rsync server.
# To be sure that all your SLIS are up to date, remove this part
# of the test in a couple of weeks, commenting this line and
# commenting out the next one.
if [ ! \( -e $UPDDIR/2.x-80 \) -a $HOUR -lt 6 -a $R -lt 3277 ]
#if [ ! \( -e $UPDDIR/2.x-80 \) ]
then
# Clean /tmp as we need some space
/usr/sbin/tmpwatch -f 720 /tmp/
rm -f /tmp/kernel*
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/glibc-2.1.3-28.i386.rpm .
# Do the things...
rpm -F glibc-2.1.3-28.i386.rpm
RC=$?
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-80
logger -t "$LOGTAG" "Update 2.x-80 Done."
else
logger -t "$LOGTAG" "Update 2.x-80 FAILED."
fi
fi
###
############################################################################
### Update 2.x-81 - 06/12/2002
# Bug fix: Passwd changing does not work when supplied password is >8 chars
# Obsoletes : 2.x_3.x-02: it was not good for 2.x version, only 3.x working.
############################################################################
if [ ! \( -e $UPDDIR/2.x-81 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-81.tgz .
# Do the things...
tar zxf upd-2.x-81.tgz --directory /
RC=$?
/usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-81
logger -t "$LOGTAG" "Update 2.x-81 Done."
else
logger -t "$LOGTAG" "Update 2.x-81 FAILED."
fi
fi
###
############################################################################
### Update 2.x-82 - 06/12/2002
# Security: Secure sshd configuration, thanks to Pierre Barabagelata (Nice)
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-82 \) ]
then
perl -pi -e 's/#ChallengeResponseAuthentication yes/ChallengeResponseAuthentication no/' /etc/ssh/sshd_config
perl -pi -e 's/#PAMAuthenticationViaKbdInt yes/PAMAuthenticationViaKbdInt no/' /etc/ssh/sshd_config
/etc/rc.d/init.d/sshd restart
touch $UPDDIR/2.x-82
logger -t "$LOGTAG" "Update 2.x-82 Done."
fi
###
############################################################################
### Update 2.x-83 - 11/12/2002
# Security: https://rhn.redhat.com/errata/RHSA-2002-229.html
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/3.x-83 -o -e $UPDDIR/2.x-83 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/wget-1.8.2-4.6x.i386.rpm .
# Do the things...
rpm -F wget-1.8.2-4.6x.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
touch $UPDDIR/2.x-83
logger -t "$LOGTAG" "Update 2.x-83 Done."
else
logger -t "$LOGTAG" "Update 2.x-83 FAILED."
fi
fi
###
############################################################################
### Update 2.x-84 - 17/12/2002
# Security: Apache update: https://rhn.redhat.com/errata/RHSA-2002-222.html
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-84 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/apache-1.3.27-1.6.2.i386.rpm .
# Do the things...
if [ -e /home/httpd/html/index.html ]
then
INDEX_EXISTS=1
else
INDEX_EXISTS=0
fi
rpm -F apache-1.3.27-1.6.2.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
# This is to prevent the apache test page from appearing instead of
# an already index.php or index.htm present page:
if [ $INDEX_EXISTS = 0 ]
then
mv -f /home/httpd/html/index.html /home/httpd/html/index.html.rpm 2>/dev/null
fi
/etc/rc.d/init.d/httpd stop > /dev/null
killall httpd 2> /dev/null
sleep 5
killall -9 httpd 2> /dev/null
sleep 2
/etc/rc.d/init.d/httpd start > /dev/null
export PHPRC="/etc/hadmin";/usr/sbin/httpd -f /etc/hadmin/conf/httpd.conf;export -n PHPRC
export PHPRC=/etc/hadmin;/usr/sbin/httpd -f /etc/hadmin/clientgw/conf/httpd.conf;export -n PHPRC
touch $UPDDIR/2.x-84
logger -t "$LOGTAG" "Update 2.x-84 Done."
else
logger -t "$LOGTAG" "Update 2.x-84 FAILED."
fi
fi
###
############################################################################
### Update 2.x-85 - 18/12/2002
# Security: https://rhn.redhat.com/errata/RHSA-2002-293.html
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-85 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/fetchmail-5.9.0-21.6.2.i386.rpm .
# Do the things...
rpm -F fetchmail-5.9.0-21.6.2.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
touch $UPDDIR/2.x-85
logger -t "$LOGTAG" "Update 2.x-85 Done."
else
logger -t "$LOGTAG" "Update 2.x-85 FAILED."
fi
fi
###
############################################################################
### Update 2.x-86 - 19/12/2002
# Bug fix: Safe mode restriction did not allowed inclusion of config_pgsql.inc.php
# from custom php scripts and webmail working at the same time because of
# permissions on this file.
# Obsoletes:
############################################################################
if [ ! \( -e $UPDDIR/2.x-86 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-86.tgz .
# Do the things...
tar zxf upd-2.x-86.tgz --directory /
RC=$?
cp -f /home/httpd/html/config_pgsql.inc.php /usr/share/php/
perl -pi -e "s,\.\./\.\./config_pgsql\.inc\.php,config_pgsql.inc.php," /home/httpd/html/horde/imp/config/defaults.php3
bash /usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-86
logger -t "$LOGTAG" "Update 2.x-86 Done."
else
logger -t "$LOGTAG" "Update 2.x-86 FAILED."
fi
fi
###
############################################################################
### Update 2.x-89 - 07/02/2003
# Bug fix: logrotate not up to date, so apache log files are not rotated
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-89 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/logrotate-3.5.2-0.6.i386.rpm .
# Do the things...
rpm -F logrotate-3.5.2-0.6.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
touch $UPDDIR/2.x-89
logger -t "$LOGTAG" "Update 2.x-89 Done."
else
logger -t "$LOGTAG" "Update 2.x-89 FAILED."
fi
fi
###
############################################################################
### Update 2.x-90 - 11/02/2003
# SECURITY:
# https://rhn.redhat.com/errata/RHSA-2003-006.html
# https://rhn.redhat.com/errata/RHSA-2002-297.html
# https://rhn.redhat.com/errata/RHSA-2003-020.html
# https://rhn.redhat.com/errata/RHSA-2003-040.html
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-90 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/vim-common-6.1-18.6x.3.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/vim-minimal-6.1-18.6x.3.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/krb5-libs-1.1.1-32.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/krb5-configs-1.1.1-32.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openldap-1.2.13-2.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openldap-servers-1.2.13-2.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/libpng-1.0.14-0.6x.4.i386.rpm .
# Do the things...
rpm -F vim-common-6.1-18.6x.3.i386.rpm vim-minimal-6.1-18.6x.3.i386.rpm \
krb5-libs-1.1.1-32.i386.rpm krb5-configs-1.1.1-32.i386.rpm \
openldap-1.2.13-2.i386.rpm openldap-servers-1.2.13-2.i386.rpm \
libpng-1.0.14-0.6x.4.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
touch $UPDDIR/2.x-90
logger -t "$LOGTAG" "Update 2.x-90 Done."
else
logger -t "$LOGTAG" "Update 2.x-90 FAILED."
fi
fi
###
############################################################################
### Update 2.x-91 - 21/02/2003
# SECURITY:
# https://rhn.redhat.com/errata/RHSA-2003-029.html
# https://rhn.redhat.com/errata/RHSA-2003-015.html
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-91 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/lynx-2.8.3-2.1.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/fileutils-4.0-21.1.i386.rpm .
# Do the things...
rpm -F lynx-2.8.3-2.1.i386.rpm fileutils-4.0-21.1.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
touch $UPDDIR/2.x-91
logger -t "$LOGTAG" "Update 2.x-91 Done."
else
logger -t "$LOGTAG" "Update 2.x-91 FAILED."
fi
fi
###
############################################################################
### Update 2.x-92 - 19/03/2003
# SECURITY: sendmail, file
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-92 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/sendmail-8.11.6-1.62.2.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/file-3.39-8.6x.i386.rpm .
# Do the things...
rpm -F sendmail-8.11.6-1.62.2.i386.rpm file-3.39-8.6x.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
/etc/rc.d/init.d/sendmail restart
touch $UPDDIR/2.x-92
logger -t "$LOGTAG" "Update 2.x-92 Done."
else
logger -t "$LOGTAG" "Update 2.x-92 FAILED."
fi
fi
###
############################################################################
### Update 2.x-93 - 19/03/2003
# SECURITY: openssl
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-93 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssl-0.9.6b-30.62.i386.rpm .
# Do the things...
rpm -F --nodeps openssl-0.9.6b-30.62.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
touch $UPDDIR/2.x-93
logger -t "$LOGTAG" "Update 2.x-93 Done."
else
logger -t "$LOGTAG" "Update 2.x-93 FAILED."
fi
fi
###
############################################################################
### Update 2.x-80b - 20/03/2003
# SECURITY: https://rhn.redhat.com/errata/RHSA-2003-089.html
# Obsoletes : 2.x-80, a part of 2.x-74
############################################################################
declare -i HOUR
declare -i R
HOUR=`date +%k`
R=$RANDOM
# "$R -lt 3277" in the following line means that this update
# will be executed with a probability of 1/10. This is done to
# prevent an overload of the rsync server.
# To be sure that all your SLIS are up to date, remove this part
# of the test in a couple of weeks, commenting this line and
# commenting out the next one.
if [ ! \( -e $UPDDIR/2.x-80b \) -a $HOUR -lt 6 -a $R -lt 3277 ]
#if [ ! \( -e $UPDDIR/2.x-80b \) ]
then
# Clean /tmp as we need some space
/usr/sbin/tmpwatch -f 720 /tmp/
rm -f /tmp/kernel*
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/glibc-2.1.3-29.i386.rpm .
# Do the things...
rpm -F glibc-2.1.3-29.i386.rpm
RC=$?
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-80b
logger -t "$LOGTAG" "Update 2.x-80b Done."
else
logger -t "$LOGTAG" "Update 2.x-80b FAILED."
fi
fi
###
############################################################################
### Update 2.x-94 - 01/04/2003
# SECURITY: sendmail, krb, samba
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-94 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/sendmail-8.11.6-1.62.3.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/krb5-libs-1.1.1-40.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/krb5-configs-1.1.1-40.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/samba-2.0.10-1.62.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/samba-common-2.0.10-1.62.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/samba-client-2.0.10-1.62.i386.rpm .
# Do the things...
rpm -F sendmail-8.11.6-1.62.3.i386.rpm krb5-libs-1.1.1-40.i386.rpm \
krb5-configs-1.1.1-40.i386.rpm samba-client-2.0.10-1.62.i386.rpm \
samba-2.0.10-1.62.i386.rpm samba-common-2.0.10-1.62.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
/etc/rc.d/init.d/sendmail restart
mv -f /etc/logrotate.d/samba.rpmsave /etc/logrotate.d/samba
touch $UPDDIR/2.x-94
logger -t "$LOGTAG" "Update 2.x-94 Done."
else
logger -t "$LOGTAG" "Update 2.x-94 FAILED."
fi
fi
###
############################################################################
### Update 2.x-95 - 08/04/2003
# SECURITY: samba
# Obsoletes :
############################################################################
#if [ ! \( -e $UPDDIR/2.x-95 \) ]
#then
# Download the files
# cd /tmp
# rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/samba-2.2.7-3.6.2.i386.rpm .
# rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/samba-common-2.2.7-3.6.2.i386.rpm .
# rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/samba-client-2.2.7-3.6.2.i386.rpm .
# Do the things...
# cp /etc/smb.conf /etc/smb.conf.2.x-95
# rpm -F --nodeps samba-common-2.2.7-3.6.2.i386.rpm samba-2.2.7-3.6.2.i386.rpm samba-client-2.2.7-3.6.2.i386.rpm
# mv -f /etc/smb.conf.2.x-95 /etc/smb.conf
# RC1=$?
# Check and finish
# if [ $RC1 = 0 ]
# then
# mv /etc/samba/smb.conf /etc/samba/smb.conf.rpm
# ln -s /etc/smb.conf /etc/samba/smb.conf
# mv -f /etc/logrotate.d/samba /etc/logrotate.d/samba.old
# mv -f /etc/logrotate.d/samba.rpmnew /etc/logrotate.d/samba
# /etc/rc.d/init.d/smb restart
# touch $UPDDIR/2.x-95
# logger -t "$LOGTAG" "Update 2.x-95 Done."
# else
# logger -t "$LOGTAG" "Update 2.x-95 FAILED."
# fi
#fi
###
############################################################################
### Update 2.x-96 - 11/04/2003
# SECURITY: samba does not start at boot since 2.x-95
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-96 \) ]
then
. /home/hadmin/slis.conf
if [ "$SAMBA" = "1" -o "$CYBERECOLE" = "1" -o "CYBERSCHOOL" = 1 ]
then
/sbin/chkconfig --add smb
/sbin/chkconfig smb on
fi
touch $UPDDIR/2.x-96
logger -t "$LOGTAG" "Update 2.x-96 Done."
fi
###
############################################################################
### Update 2.x-97 - 14/04/2003
# SECURITY: some smb.conf disapeared!
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-97 \) ]
then
cp -f /etc/smb.conf /etc/smb.conf.2.x-97
mv -f /etc/samba/smb.conf /etc/samba/smb.conf.orig
ln -s /etc/smb.conf /etc/samba/smb.conf
/usr/local/sbin/valid
touch $UPDDIR/2.x-97
logger -t "$LOGTAG" "UPDATE 2.x-97 Done."
fi
###
############################################################################
### Update 2.x-98 - 15/04/2003
# Bug fix: when deleting and creating again a group, the home into
# cyberschool directory had not the good perms.
# Obsoletes:
############################################################################
if [ ! \( -e $UPDDIR/2.x-98 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-98.tgz .
# Do the things...
tar zxf upd-2.x-98.tgz --directory /
RC=$?
# Check and finish
if [ $RC = 0 ]
then
/usr/local/sbin/valid
touch $UPDDIR/2.x-98
logger -t "$LOGTAG" "Update 2.x-98 Done."
else
logger -t "$LOGTAG" "Update 2.x-98 FAILED."
fi
fi
###
############################################################################
### Update 2.x-95c - 15/04/2003
# SECURITY: samba
# This is the RH 6.2 update SRPM patched from
# http://fi.samba.org/samba/ftp/WHATSNEW-2.2.8a.txt
# Obsoletes : 2.x-95 (was bugged) and 2.x-95b (samba 2.2.8a was instable on
# redhat 6.2)
############################################################################
if [ ! \( -e $UPDDIR/2.x-95c \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/samba-2.0.10-2.62.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/samba-common-2.0.10-2.62.i386.rpm .
# Do the things...
cp /etc/smb.conf /etc/smb.conf.2.x-95c
rpm --oldpackage -U samba-2.0.10-2.62.i386.rpm samba-common-2.0.10-2.62.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
RUNNING=`ps awux |grep smb |grep -v grep`
if [ "$RUNNING" != "" ]
then
/etc/rc.d/init.d/smb stop
sleep 5
/etc/rc.d/init.d/smb start
fi
/usr/local/sbin/valid
touch $UPDDIR/2.x-95c
logger -t "$LOGTAG" "Update 2.x-95c Done."
else
logger -t "$LOGTAG" "Update 2.x-95c FAILED."
fi
fi
###
############################################################################
### Update 2.x-99 - 16/04/2003
# SECURITY: postgresql
# Obsoletes : 2.x-87 (never published)
############################################################################
if [ ! \( -e $UPDDIR/2.x-99 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/postgresql-server-7.0.3-9.2.62.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/postgresql-7.0.3-9.2.62.i386.rpm .
# Do the things...
/etc/rc.d/init.d/postgresql stop
sleep 10
rpm -F --nodeps postgresql-server-7.0.3-9.2.62.i386.rpm postgresql-7.0.3-9.2.62.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
killall postmaster
sleep 1
killall -9 postmaster
sleep 1
rm -f /var/lib/pgsql/data/postmaster.pid
/etc/rc.d/init.d/postgresql start
touch $UPDDIR/2.x-99
logger -t "$LOGTAG" "Update 2.x-99 Done."
else
logger -t "$LOGTAG" "Update 2.x-99 FAILED."
fi
fi
###
############################################################################
### Update 2.x-100 - 10/07/2003
# Smarter slis_update script. It tests the connection to the rsync
# host before starting the updates.
# Warning! This update needs TESTFILES.* to be in place, not only upd-2.x-100.tgz!
# Obsolletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-100 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-100.tgz .
# Do the things....
tar zxf upd-2.x-100.tgz
RC=$?
# Check and finish
if [ $RC = 0 ]
then
echo "mv -f /tmp/slis_update_3_1_slisv2.bash /usr/local/sbin/slis_update" | at now + 20 minutes
touch $UPDDIR/2.x-100
logger -t "$LOGTAG" "Update 2.x-100 Done."
else
logger -t "$LOGTAG" "Update 2.x-100 FAILED."
fi
fi
###
############################################################################
### Update 2.x-101 - 08/09/2003
# SECURITY: ftpd
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-101 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/wu-ftpd-2.6.2-11.73-62.1.i386.rpm .
# Do the things...
ln -s /lib/libssl.so.0.9.6b /lib/libssl.so.1
rpm -F --nodeps wu-ftpd-2.6.2-11.73-62.1.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
/etc/init.d/inet restart
touch $UPDDIR/2.x-101
logger -t "$LOGTAG" "Update 2.x-101 Done."
else
logger -t "$LOGTAG" "Update 2.x-101 FAILED."
fi
fi
###
############################################################################
### Update 2.x-102 - 08/09/2003
# SECURITY: Disabling swat, telnet (unusefull) and auth
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-102 \) ]
then
/bin/cp -f /etc/inetd.conf /etc/inetd.conf.2.x-102
/usr/bin/perl -pi -e "s/^swat/#swat/" /etc/inetd.conf
/usr/bin/perl -pi -e "s/^telnet/#telnet/" /etc/inetd.conf
/etc/rc.d/init.d/inet restart
/etc/rc.d/init.d/identd stop
/sbin/chkconfig identd off
touch $UPDDIR/2.x-102
logger -t "$LOGTAG" "Update 2.x-102 Done."
fi
###
############################################################################
### Update 2.x-104 - 18/09/2003
# SECURITY: openssh
# Obsoletes : 2.x-103
############################################################################
if [ ! \( -e $UPDDIR/2.x-104 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssh-3.1p1-13slis2x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssh-server-3.1p1-13slis2x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/openssh-clients-3.1p1-13slis2x.i386.rpm .
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/sendmail-8.11.6-27.62.i386.rpm .
# Do the things...
rpm -F --nodeps openssh-3.1p1-13slis2x.i386.rpm \
openssh-server-3.1p1-13slis2x.i386.rpm \
openssh-clients-3.1p1-13slis2x.i386.rpm \
sendmail-8.11.6-27.62.i386.rpm
RC1=$?
# Check and finish
if [ $RC1 = 0 ]
then
/etc/rc.d/init.d/sshd restart
/etc/rc.d/init.d/sendmail stop
sleep 5
killall -9 sendmail 2> /dev/null
sleep 1
/etc/rc.d/init.d/sendmail start
touch $UPDDIR/2.x-104
logger -t "$LOGTAG" "Update 2.x-104 Done."
else
logger -t "$LOGTAG" "Update 2.x-104 FAILED."
fi
fi
###
############################################################################
### Update 2.x-105 - 30/04/2004
# SECURITY: firewall is not started at boot since update CP-2
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-105 \) ]
then
NEEDED=`grep mkfilters /etc/rc.d/rc.local`
if [ "$NEEDED" = "" ]
then
perl -pi -e "s;Activation du routage avec translation.*;Router and Firewall activation\n /usr/local/sbin/mkfilters;" /etc/rc.d/rc.local
/usr/local/sbin/mkfilters
fi
touch $UPDDIR/2.x-105
logger -t "$LOGTAG" "Update 2.x-105 Done."
fi
############################################################################
# Update 2.x-106 - 06/05/2004
# SECURITY: Fixes a vulnerability of the web server configuration: one could
# do a privilege escalation by using SSI and a mistake in the permission of
# the httpd.conf file. Thanx to Jean Diraison, from Versailles!
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-106 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-106.tgz .
# Do the things ...
tar xfz upd-2.x-106.tgz --exclude usr/local/ --directory /
RC=$?
bash /usr/local/sbin/permslis
perl -pi -e "s/AddHandler server-parsed/#AddHandler server-parsed/" /etc/httpd/conf/httpd.conf
killall -HUP httpd
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-106
logger -t "$LOGTAG" "Update 2.x-106 Done."
else
logger -t "$LOGTAG" "Update 2.x-106 FAILED."
fi
fi
###
############################################################################
# Update 2.x-107 - 11/05/2004
# BUG FIX: 2.x-106 side effect: administrator could not change passwd anymore
# SECURITY: The admin could pass arbitrary commands to root by using well
# constructed urls sent to the services.php script. (Thanx to Jean Diraison)
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-107 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-107.tgz .
# Do the things ...
tar xfz upd-2.x-107.tgz --exclude usr/local/ --directory /
RC=$?
bash /usr/local/sbin/permslis
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-107
logger -t "$LOGTAG" "Update 2.x-107 Done."
else
logger -t "$LOGTAG" "Update 2.x-107 FAILED."
fi
fi
###
############################################################################
# Update 2.x-108 - 23/06/2004
# Bug fix: precompiled adult database was not loaded by squidguard
# (new mksquidguardconf script)
# Obsoletes :
############################################################################
if [ ! \( -e $UPDDIR/2.x-108 \) ]
then
# Download the files
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/upd-2.x-108.tgz .
# Do the things ...
tar xfz upd-2.x-108.tgz --exclude usr/local/ --directory /
RC=$?
bash /usr/local/sbin/permslis
/usr/local/sbin/mksquidguardconf
killall -HUP squid
# Check and finish
if [ $RC = 0 ]
then
touch $UPDDIR/2.x-108
logger -t "$LOGTAG" "Update 2.x-108 Done."
else
logger -t "$LOGTAG" "Update 2.x-108 FAILED."
fi
fi
###
############################################################################
### Mise a jour PQ - 05/04/2000
# Nouveau script /usr/local/sbin/process_queue
# Rend obsolete : 004-0 a 004-7 et PQ-1 PQ-2 PQ-3 PQ-4 PQ-5 PQ-6 PQ-7 ...
# Si un nouveau process_queue est rΘalisΘ, juste remplacer le numero de
# version et le fichier.
# ATTENTION: Laisser cette UPD en fin de fichier, avant les UPD KERNEL.
############################################################################
VERSION=15
DELAI=5 # Delai en minutes. C'est le temps estime que prendra l'execution de
# la fin de ce script plus une marge (install d'un nouveau slis)...
if [ ! \( -e $UPDDIR/PQ-$VERSION \) ]
then
PAS_UPD_KERNEL=1 # Empeche de faire une update du noyau
# Telechargement du nouveau fichier
cd /tmp
rsync rsync://$RSYNC_HOST/$RSYNC_MODULE/process_queue-2.x .
mv -f process_queue-2.x process_queue
# Si slis_update est lance par process_queue, il faut faire attention
# a ne pas le remplacer tout de suite:
PS=`ps auwx | grep process_queue|grep -v grep`
if [ "$PS" != "" ]
then
echo "mv -f /tmp/process_queue /usr/local/sbin/ ; chmod 700 /usr/local/sbin/process_queue" | at now + $DELAI minutes
else
mv -f /tmp/process_queue /usr/local/sbin/ ; chmod 700 /usr/local/sbin/process_queue
fi
touch $UPDDIR/PQ-$VERSION
logger -t "$LOGTAG" "UPDATE PQ-$VERSION effectuee."
fi
###
############################################################################
### Mise a jour NOTIFY - 29/04/99
# Notify
# Rend obsolete :
############################################################################
if [ ! \( -e $UPDDIR/NOTIFY \) ]
then
echo "$HOSTNAME installe et MAJ" | mail -s "Nouveau SLIS 2.0" $SLISMASTER
sleep 2
/usr/lib/sendmail -q
killall crond
sleep 1
crond
touch $UPDDIR/NOTIFY
logger -t "$LOGTAG" "NOTIFY envoye."
fi
###
##############################
logger -t "$LOGTAG" "Script Version 2.0 Termine."
/bin/rm -rf /var/lock/slis_upd