Initial commit
This commit is contained in:
commit
ccd671a4cc
|
@ -0,0 +1,14 @@
|
|||
#!/usr/bin/perl -w
|
||||
|
||||
use esmith::Build::CreateLinks qw(:all);
|
||||
|
||||
# Templates to expand
|
||||
templates2events("/etc/e-smith/sql/init/grrdb", qw(bootstrap-console-save webapps-update));
|
||||
templates2events("/usr/share/grr/include/connect.inc.php", qw(bootstrap-console-save webapps-update));
|
||||
templates2events("/usr/share/grr/include/config_ldap.inc.php", qw(bootstrap-console-save webapps-update));
|
||||
|
||||
# PHP header and footer
|
||||
safe_symlink("/etc/e-smith/templates-default/template-begin-php", "root/etc/e-smith/templates/usr/share/grr/include/connect.inc.php/template-begin");
|
||||
safe_symlink("/etc/e-smith/templates-default/template-end-php", "root/etc/e-smith/templates/usr/share/grr/include/connect.inc.php/template-end");
|
||||
safe_symlink("/etc/e-smith/templates-default/template-begin-php", "root/etc/e-smith/templates/usr/share/grr/include/config_ldap.inc.php/template-begin");
|
||||
safe_symlink("/etc/e-smith/templates-default/template-end-php", "root/etc/e-smith/templates/usr/share/grr/include/config_ldap.inc.php/template-end");
|
|
@ -0,0 +1 @@
|
|||
url
|
|
@ -0,0 +1 @@
|
|||
grrdb
|
|
@ -0,0 +1 @@
|
|||
grruser
|
|
@ -0,0 +1 @@
|
|||
yes
|
|
@ -0,0 +1 @@
|
|||
public
|
|
@ -0,0 +1 @@
|
|||
enabled
|
|
@ -0,0 +1 @@
|
|||
webapp
|
|
@ -0,0 +1,33 @@
|
|||
{
|
||||
my $rec = $DB->get('grr')
|
||||
|| $DB->new_record('grr', {type => 'webapp'});
|
||||
my $pw = $rec->prop('DbPassword');
|
||||
if (not $pw or length($pw) < 57)
|
||||
{
|
||||
use MIME::Base64 qw(encode_base64);
|
||||
|
||||
$pw = "not set due to error";
|
||||
if ( open( RANDOM, "/dev/urandom" ) )
|
||||
{
|
||||
my $buf;
|
||||
# 57 bytes is a full line of Base64 coding, and contains
|
||||
# 456 bits of randomness - given a perfectly random /dev/random
|
||||
if ( read( RANDOM, $buf, 57 ) != 57 )
|
||||
{
|
||||
warn("Short read from /dev/random: $!");
|
||||
}
|
||||
else
|
||||
{
|
||||
$pw = encode_base64($buf);
|
||||
chomp $pw;
|
||||
}
|
||||
close RANDOM;
|
||||
}
|
||||
else
|
||||
{
|
||||
warn "Could not open /dev/urandom: $!";
|
||||
}
|
||||
$rec->set_prop('DbPassword', $pw);
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1 @@
|
|||
PERMS=0750
|
|
@ -0,0 +1,3 @@
|
|||
UID="root"
|
||||
GID="www"
|
||||
PERMS=0640
|
|
@ -0,0 +1,3 @@
|
|||
UID="root"
|
||||
GID="www"
|
||||
PERMS=0640
|
|
@ -0,0 +1,61 @@
|
|||
{
|
||||
my $db = ${'grr'}{'DbName'} || 'grrdb';
|
||||
my $user = ${'grr'}{'DbUser'} || 'grruser';
|
||||
my $pass = ${'grr'}{'DbPassword'} || 'secret';
|
||||
|
||||
my $dbstruct = `rpm -ql grr | grep tables.my.sql`;
|
||||
|
||||
|
||||
$OUT .= <<"END";
|
||||
#! /bin/sh
|
||||
if [ ! -d /var/lib/mysql/$db ]; then
|
||||
/usr/bin/mysql -e 'create database $db'
|
||||
/usr/bin/mysql $db < $dbstruct
|
||||
fi
|
||||
|
||||
/usr/bin/mysql <<EOF
|
||||
USE mysql;
|
||||
|
||||
REPLACE INTO user (
|
||||
host,
|
||||
user,
|
||||
password)
|
||||
VALUES (
|
||||
'localhost',
|
||||
'$user',
|
||||
PASSWORD ('$pass'));
|
||||
|
||||
|
||||
REPLACE INTO db (
|
||||
host,
|
||||
db,
|
||||
user,
|
||||
select_priv, insert_priv, update_priv, delete_priv,
|
||||
create_priv, alter_priv, index_priv, drop_priv, create_tmp_table_priv,
|
||||
grant_priv, lock_tables_priv, references_priv)
|
||||
VALUES (
|
||||
'localhost',
|
||||
'$db',
|
||||
'$user',
|
||||
'Y', 'Y', 'Y', 'Y',
|
||||
'Y', 'Y', 'Y', 'Y', 'Y',
|
||||
'N', 'Y', 'Y');
|
||||
|
||||
FLUSH PRIVILEGES;
|
||||
|
||||
USE $db;
|
||||
|
||||
# Enable LDAP auth
|
||||
INSERT IGNORE into grr_setting (NAME, VALUE) VALUES
|
||||
('ldap_statut', 'utilisateur');
|
||||
|
||||
# mark the admin user as an administrator in GRR
|
||||
INSERT IGNORE INTO grr_utilisateurs (login,statut,etat,source) VALUES
|
||||
('admin','administrateur','actif','ext');
|
||||
|
||||
# Remove the default local admin
|
||||
DELETE FROM grr_utilisateurs where login='administrateur' and source='local';
|
||||
|
||||
EOF
|
||||
END
|
||||
}
|
|
@ -0,0 +1,41 @@
|
|||
{
|
||||
my $access = $grr{'access'} || 'private';
|
||||
my $allow = ($access eq 'public')?'all':"$localAccess $externalSSLAccess";
|
||||
|
||||
my $requiressl = (($grr{'RequireSSL'} || 'yes') eq 'yes') ?
|
||||
"SSLRequireSSL on":"# RequireSSL is disabled";
|
||||
|
||||
my $alias = (($grr{'AliasOnPrimary'} || 'enabled') eq 'enabled') ?
|
||||
'Alias /grr /usr/share/grr' : '';
|
||||
|
||||
if ($grr{'status'} eq 'enabled'){
|
||||
|
||||
$OUT .=<<"END"
|
||||
|
||||
# OpenUpload Configuration
|
||||
$alias
|
||||
|
||||
<Directory /usr/share/grr>
|
||||
AllowOverride None
|
||||
$requiressl
|
||||
AddType application/x-httpd-php .php
|
||||
php_admin_value open_basedir /usr/share/grr:/tmp
|
||||
php_admin_flag file_uploads on
|
||||
php_admin_value memory_limit 64M
|
||||
php_admin_value max_execution_time 300
|
||||
order deny,allow
|
||||
deny from all
|
||||
allow from $allow
|
||||
Satisfy all
|
||||
<FilesMatch "tables.my.sql">
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</FilesMatch>
|
||||
</Directory>
|
||||
|
||||
END
|
||||
}
|
||||
else{
|
||||
$OUT .= "# GRR is disabled\n";
|
||||
}
|
||||
}
|
|
@ -0,0 +1,14 @@
|
|||
{
|
||||
my $sslport = $modSSL{'TCPPort'} || '443';
|
||||
my $alias = $grr{'AliasOnPrimary'} || 'enabled';
|
||||
my $requiressl = $grr{'RequireSSL'} || 'yes';
|
||||
|
||||
if (($port ne $sslport) && ($requiressl ne 'no') && ($alias ne 'disabled')){
|
||||
|
||||
## Redirect Web Address to Secure Address
|
||||
$OUT .= " RewriteEngine on\n";
|
||||
$OUT .= " RewriteRule ^/grr(/.*|\$) https://%{HTTP_HOST}/grr\$1 \[L,R\]\n";
|
||||
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
{
|
||||
|
||||
use esmith::util;
|
||||
my $base = esmith::util::ldapBase($DomainName);
|
||||
my $port = $ldap{'TCPPort'} || '389';
|
||||
|
||||
$OUT .=<<"EOF";
|
||||
|
||||
\$ldap_adresse='localhost';
|
||||
\$ldap_port='$port';
|
||||
\$ldap_login='';
|
||||
\$ldap_pwd='';
|
||||
\$ldap_base='ou=Users,$base';
|
||||
\$ldap_filter='(objectClass=sambaSamAccount)';
|
||||
\$use_tls=FALSE;
|
||||
|
||||
EOF
|
||||
}
|
|
@ -0,0 +1,17 @@
|
|||
{
|
||||
|
||||
my $dbname = $grr{'DbName'} || 'grrdb';
|
||||
my $dbuser = $grr{'DbUser'} || 'grruser';
|
||||
my $dbpass = $grr{'DbPassword'} || 'secret';
|
||||
|
||||
$OUT .=<<"EOF";
|
||||
|
||||
\$dbHost="localhost";
|
||||
\$dbDb="$dbname";
|
||||
\$dbUser="$dbuser";
|
||||
\$dbPass="$dbpass";
|
||||
\$table_prefix="grr";
|
||||
|
||||
EOF
|
||||
|
||||
}
|
|
@ -0,0 +1,52 @@
|
|||
# Authority: vip-ire
|
||||
# Name: Daniel Berteaud
|
||||
|
||||
%define name smeserver-grr
|
||||
%define version 0.1.0
|
||||
%define release 1
|
||||
Summary: sme server integration of grr
|
||||
Name: %{name}
|
||||
Version: %{version}
|
||||
Release: %{release}%{?dist}
|
||||
License: GNU GPL version 2
|
||||
URL: http://grr.mutualibre.org/
|
||||
Group: SMEserver/addon
|
||||
Source: %{name}-%{version}.tar.gz
|
||||
|
||||
BuildArchitectures: noarch
|
||||
BuildRequires: e-smith-devtools
|
||||
BuildRoot: /var/tmp/%{name}-%{version}
|
||||
Requires: e-smith-base
|
||||
Requires: grr
|
||||
Requires: smeserver-webapps-common
|
||||
AutoReqProv: no
|
||||
|
||||
%description
|
||||
smserver integration of GRR
|
||||
|
||||
%changelog
|
||||
* Tue Mar 09 2010 Daniel Berteaud <daniel@firewall-services.com> 0.1.0-1
|
||||
- initial release
|
||||
|
||||
%prep
|
||||
%setup
|
||||
|
||||
%build
|
||||
perl ./createlinks
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
|
||||
rm -f %{name}-%{version}-filelist
|
||||
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
|
||||
> %{name}-%{version}-filelist
|
||||
|
||||
%files -f %{name}-%{version}-filelist
|
||||
%defattr(-,root,root)
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
|
||||
%postun
|
||||
|
Loading…
Reference in New Issue