5. Appendix Code chunck
5.1. Chunck 1
1function jumpto
2{
3label=$1
4cmd=$(sed -n "/$label:/{:a;n;p;ba};" $0 | grep -v ':$')
5eval "$cmd"
6exit
7}
8function reinterfaces
9{
10cd /etc/network/
5.2. Chunck 2
1BUF="# This file describes the network interfaces available on your system\n
2 # and how to activate them. For more information, see interfaces(5).\n
3 \n
4 source /etc/network/interfaces.d/*\n
5 \n
6 # The loopback network interface\n
7 auto lo\n
8 iface lo inet loopback\n
9 \n
10 # The Primary\n
11 allow-hotplug en\n
12 iface en inet dhcp\n";
13rm interfaces
14touch interfaces
15echo -e $BUF > interfaces;
16}
17
18start=${1:-"start"}
19interface_sh=${2:-"interface_sh"}
20step_one=${3:-"step_one"}
21step_two=${4:-"step_two"}
22step_three=${5:-"step_three"}
5.3. Chunck 3
1export LC_ALL=ru_RU.UTF-8
2FILES="steps.txt"
3BUF="";
4TMPS="";
5COUNT=0;
6DEB_VER="";
7NET_EN="";
8NET_WI="";
9STATE="0";
10PORT_SSH="4103"
11NET_ARR=();
5.4. Chunck 4
1if [[ $EUID -ne 0 ]]; then
2 if [[ ${LANG:0:5} -eq 'ru_RU' ]]; then
3 echo "Ошибка скрипта перезапустите скрипт на root" 1>&2
4 else
5 echo "This script must be run as root" 1>&2
6 fi
7 exit 1;
8fi
9
10if [[ ! -f "$FILES" ]]; then
11 touch steps.txt
12fi
5.5. Chunck 5
1select opt in Auto PoluAuto Hands Exit; do
2case $opt in
3Auto)
4 echo -n "Сейчас будет произведена автоматическая настройка ";
5 sleep 3;
6 jumpto start
7;;
8 Polstart)
9 echo -n "В разработке...";
10;;
11Hands)
12 echo -n "В разработке...";
13;;
14Exit)
15exit 1;
16;;
17*)
18echo "Недопустимая опция $REPLY";
19;;
20esac
21done
5.6. Chunck 6
1jumpto $start
2
3start:
5.7. Chunck 7
1: ${HOSTNAME?} ${USER?} ${HOME?} ${MAIL?}
2echo
3echo "Имя машины: $HOSTNAME."
4echo "Ваше имя: $USER."
5echo "Ваш домашний каталог: $HOME."
6echo "Ваш почтовый ящик: $MAIL."
7echo
8echo "Если перед Вами появилось это сообщение,"
9echo "то это значит, что все критические переменные окружения установлены."
10echo
11echo "Сейчас будет установлена postinstall настройка"
12echo
13
14cd /etc/apt/
15cp sources.list sources.tmp
5.8. Chunck 8
1TMPS="0";
2interface_sh:
3
4cd /install/
5if [[ -z $(sed -n -e "s/^\(1_settings_interface_with_wifi\).*/\1/p" steps.txt) ]]; then
5.9. Chunck 9
1cd /etc/network/
5.10. Chunck 10
1if [[ ! -f /etc/network/interfaces ]]; then
2 touch interfaces
3fi
5.11. Chunck 11
1cp interfaces interfaces.back
5.12. Chunck 12
1COUNT=1;
2NET_EN=""
3
4while [[ -n $( ip addr | sed -n -e "s/.*$COUNT\:\s\(.*\)\:\s<.*/\1/p") ]]
5do
6NET_ARR[COUNT]=$( ip addr | sed -n -e "s/.*$COUNT\:\s\(.*\)\:\s<.*/\1/p");
7echo Counter: $COUNT $NET_EN;
8((COUNT++));
9done
10
11COUNT=0;
5.13. Chunck 13
1for COUNT in ${NET_ARR[@]}
2do
3 if [[ -n $(echo $NET_ARR[$COUNT] | sed -n -e 's/en\(.*\).*/\1/p') ]]; then
4 NET_EN=$COUNT;
5 fi
6 if [[ -n $(echo $NET_ARR[$COUNT] | sed -n -e 's/wl\(.*\).*/\1/p') ]]; then
7 NET_WI=$COUNT;
8 fi
9done
10
11COUNT="0";
12
13if [[ -n $NET_EN && -n $NET_WI ]]; then
14 STATE="0";
15elif [[ -n $NET_EN ]]; then
16 STATE="1";
17else
18 echo "Error: not search lan interfaces";
19 sleep 1;
20 exit 2;
21fi;
5.14. Chunck 14
1if [[ -z $( egrep -n '^[a-z] || ^#' interfaces) && $TMPS -eq "0" ]]; then
2reinterfaces
3fi
5.15. Chunck 15
1
5.16. Chunck 16
1TMPS="1";
5.17. Chunck 17
1if [[ $STATE -eq "0" ]]; then
5.18. Chunck 18
1if [[ -z $(sed -n -e "s/\(source \/etc\/network\/interfaces/\\).*/\1/p" interfaces) ]]; then
2 TMPS="1";
3 reinterfaces;
4fi
5
6if [[ -z $(sed -n -e "s/\(auto\slo\).*/\1/p" interfaces) ]]; then
7 TMPS="1";
8 reinterfaces;
9fi
10sed -i -e "s/\(auto\s\).*/\1$NET_WI $NET_EN/g" interfaces
5.19. Chunck 19
1if [[ -z $( sed -n -e "s/\(iface\slo\).*/\1/p" interfaces) ]]; then
2 TMPS="1";
3 reinterfaces;
4fi
5.20. Chunck 20
1sed -i -e "s/iface\slo.*/iface $NET_EN inet dhcp/g" interfaces
5.21. Chunck 21
1if [[ -z $( sed -n -e "s/\(allow-hotplug\s\).*/\1/p" interfaces) ]]; then
2 TMPS="1";
3 reinterfaces;
4fi
5sed -i -e "s/\(allow-hotplug\s\).*/\1$NET_WI/g" interfaces
5.22. Chunck 22
1if [[ -z $( sed -n -e "s/\(iface\s\).*/\1/p" interfaces) ]]; then
2 TMPS="1";
3 reinterfaces;
4fi
5.23. Chunck 23
1sed -i -e "$a s/\(iface\s\).*/\1$NET_WI inet dhcp/g" interfaces
5.24. Chunck 24
1sed '$a wpa-conf \/home\/rootsu\/wpa_supplicant.conf' interfaces >> interfaces;
5.25. Chunck 25
1systemctl restart wpa_supplicant
5.26. Chunck 26
1else
2
3if [[ -z $(sed -n -e "s/\(source \/etc\/network\/interfaces/\\).*/\1/p" interfaces) ]]; then
4 TMPS="1";
5 reinterfaces;
6fi
5.27. Chunck 27
1if [[ -z $(sed -n -e "s/\(auto\slo\).*/\1/p" interfaces) ]]; then
2 TMPS="1";
3 reinterfaces;
4fi
5sed -i -e "s/\(auto\s\).*/\1$NET_EN/g" interfaces
5.28. Chunck 28
1if [[ -z $(sed -n -e "s/\(iface\slo\).*/\1/p" interfaces) ]]; then
2 TMPS="1";
3 reinterfaces;
4fi
5sed -i -e "s/iface\slo.*/iface $NET_EN inet dhcp/g" interfaces
5.29. Chunck 29
1if [[ -z $(sed -n -e "s/\(allow-hotplug\s\).*/\1/p" interfaces) ]]; then
2 TMPS="1";
3 reinterfaces;
4fi
5sed -i -e "s/\(allow-hotplug\s\).*/\1$NET_EN/g" interfaces
5.30. Chunck 30
1if [[ -z $(sed -n -e "s/\(iface\s\).*/\1/p" interfaces) ]]; then
2 TMPS="1";
3 reinterfaces;
4fi
5.31. Chunck 31
1sed -i -e "$a s/\(iface\s\).*/\1$NET_EN inet dhcp/g" interfaces
5.32. Chunck 32
1fi
5.33. Chunck 33
1systemctl restart networking
2
3cd /install/
4echo -e "1_settings_interface_with_wifi" >> steps.txt
5fi
5.34. Chunck 34
1step_one:
2
3cd /install/
4if [[ -z $(sed -n -e "s/^\(1_src_list\).*/\1/p" steps.txt) ]]; then
5
6cd /etc/apt/
7if [[ -z $( lsb_release -d | sed -n -e 's/.*(\([^\)]\+\))/\1/p') ]]; then
5.35. Chunck 35
1 DEB_VER=$(cat /etc/os-release | sed -n -e "s/.*(\([^\)].*\))\"$/\1/p");
2 DEB_VER=$(echo $DEB_VER | sed -n -e "s/\([a-z]*\)$//p")
3else
4 DEB_VER=$( lsb_release -d | sed -n -e 's/.*(\([^\)]\+\))/\1/p')
5fi;
5.36. Chunck 36
1if [[ -n $(egrep -n '^[a-z] && ^#' sources.list) && -n $( sed -n -e "s/^deb http:\/\/ftp//p" sources.list) && -n $( sed -n -e "s/^deb-src http:\/\/ftp//p" sources.list) && -n $( sed -n -e "s/^deb http:\/\/deb//p" sources.list) && -n $( sed -n -e "s/^deb-src http:\/\/deb//p" sources.list) ]]; then
2STATE="1";
3rm sources.list;
5.37. Chunck 37
1BUF="#deb cdrom:[Debian GNU/Linux _*_ - Official amd64 NETINST 20210814-10:07]/ * main\ndeb http://ftp.debian.org/debian/ $DEB_VER main non-free contrib\ndeb-src http://ftp.debian.org/debian/ $DEB_VER main non-free contrib\n
2\ndeb http://security.debian.org/debian-security/ $DEB_VER-security main contrib non-free \ndeb-src http://security.debian.org/debian-security/ $DEB_VER-security main contrib non-free \n
3\n# *-updates, to get updates before a point release is made; \r\n# see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports \ndeb http://deb.debian.org/debian/ $DEB_VER-updates main contrib non-free \ndeb-src http://deb.debian.org/debian/ $DEB_VER-updates main contrib non-free \n
4\n
5 # This system was installed using small removable media \n
6 # (e.g. netinst, live or single CD). The matching \"deb cdrom\" \n
7 # entries were disabled at the end of the installation process. \n
8 # For information about how to configure apt package sources, \n
9 # see the sources.list(5) manual. \n"
10echo -e $BUF > sources.list;
11echo "Info: sources.list is null";
12sleep 1;
5.38. Chunck 38
1else
5.39. Chunck 39
1 sed -i -e "s/$DEB_VER\s.*$/$DEB_VER main contrib non-free/g" sources.list
2 sed -i -e "s/\(\/\s$DEB_VER\-[a-z]*\).*/\1 main contrib non-free/g" sources.list
3fi;
4
5echo -e "y\n" | apt-get update;
6echo -e "y\n" | apt-get full-upgrade;
7if [ $? -ne 0 ]; then
8 echo "Error: full upgrade error!!!"
9 exit 1
10fi
11echo -e "y\ny\ny\ny\n" | apt-get install console-setup;
12cd /install/
13echo -e "1_src_list" >> steps.txt
14
15fi
5.40. Chunck 40
1step_two:
2
3cd /install/
4if [[ -z $(sed -n -e "s/^\(2_install_driver\).*/\1/p" steps.txt) ]]; then
5
6if [[ $(lspci | grep VGA | sed -n -e "s/.*\[\(.*\)\/.*/\1/p") == "AMD" ]]; then
7 echo -e "y\n" | apt-get install libdrm-amdgpu1
8 echo -e "y\n" | apt-get install xserver-xorg-video-amdgpu
9else
10 echo -e "y\n" | apt-get install nvidia-driver firmware-misc-nonfree nvidia-settings
11fi
5.41. Chunck 41
1echo -e "y\n" | apt-get install firmware-linux
2
3if [[ $(lspci | grep Ethernet | sed -n -e "s/.*ller:\s\([a-zA-Z]\+\s\).*/\1/p") == "Realtek" ]]; then
4echo -e "y\n" | apt-get install firmware-realtek
5fi
6echo -e "y\n" | apt-get install firmware-linux-nonfree
7echo -e "y\n" | apt-get install firmware-iwlwifi
8echo -e "y\n" | apt-get install man
5.42. Chunck 42
1echo -e "y\n" | apt-get install acl
2echo -e "y\n" | apt-get install setools policycoreutils selinux-basics selinux-utils selinux-policy-default selinux-policy-mls auditd policycoreutils-python-utils semanage-utils audispd-plugins
3echo -e "y\n" | apt-get install mcstrans
4
5systemctl enable auditd
6systemctl start auditd
5.43. Chunck 43
1touch /.autorelabel
2selinux-activate
3
4if [ $? -ne 0 ]; then
5 echo "Error: install driver failed!!!"
6 exit 1
7fi
8
9echo -e "2_install_driver" >> steps.txt
5.44. Chunck 44
1reboot
2fi
5.45. Chunck 45
1if [[ -z $(sed -n -e "s/^\(3_nanorc\).*/\1/p" steps.txt) ]]; then
5.46. Chunck 46
1echo -e "y\n" | apt-get install git
2if [ ? -ne 0 ]; then
3 echo "Error: error install git!!!"
4 exit 1;
5fi
6cd /install
7git clone git://git.savannah.gnu.org/nano.git; cd nano;./autogen.sh;./configure; make install
5.47. Chunck 47
1find /usr/share/nano -name '*.nanorc' -printf "include %p\n" > ~/.nanorc
5.48. Chunck 48
1fi
2echo -e "3_nanorc" >> steps.txt
5.49. Chunck 49
1if [[ -z $(sed -n -e "s/^\(4_copy_sh\).*/\1/p" steps.txt) ]]; then
5.50. Chunck 50
1cd /install/
2cp -Rf /install/home/* /home/
3cp -Rf /install/home/rootsu/.bashrc ~root
4cp -Rf /install/home/rootsu/.profile ~root
5cp -Rf /install/home/rootsu/.cmd_shell.sh ~root
6
7cp -Rf /install/home/rootsu/* ~root
8chmod ug+rwx -Rf ~root
5.51. Chunck 51
1echo -e "4_copy_sh" >> steps.txt
2fi
5.52. Chunck 52
1if [[ -z $(sed -n -e "s/^\(5_install_util_wd\).*/\1/p" steps.txt) ]]; then
5.53. Chunck 53
1echo "y\n" | apt-get install build-essential
2if [ $? -ne 0 ]; then
3 echo "Error: error install gcc-utils!!!"
4 exit 1
5fi
6
7add-apt-repository-get ppa:ubuntu-toolchain-r/test && apt update
5.54. Chunck 54
1echo -e "y\n" | apt-get install python
2echo -e "y\n" | apt-get install python3
3echo -e "y\n" | apt-get install tmux;
4echo -e "y\n" | apt-get install net-tools
5echo -e "y\n" | apt-get install manpages-dev;
6echo -e "y\n" | apt-get install wpa_supplicant;
7echo -e "y\n" | apt-get install mc;
8echo -e "y\n" | apt-get install ncdu;
5.55. Chunck 55
1echo -e "y\n" | apt-get install netdata;
2echo -e "y\n" | apt-get install systat;
3echo -e "y\n" | apt-get install iftop;
4echo -e "y\n" | apt-get install htop;
5echo -e "y\n" | apt-get install sudo;
6echo -e "y\n" | apt-get install iptraf;
7echo -e "y\n" | apt-get install ntp
8systemctl enable ntp;
9systemctl enable start;
10sudo systemctl unmask samba;
11cp /install/etc/sudoers /etc/sudoers
12echo -e "y\n" | apt-get install nmon;
13echo -e "y\n" | apt-get install nmap;
14echo -e "y\n" | apt-get install safe-rm
15echo -e "y\n" | apt-get install aptitude
16echo -e "y\n" | apt-get install btrfs-progs
5.56. Chunck 56
1iptables –F
2echo -e "y\n" | apt-get install cifs-utils
3echo -e "y\n" | apt-get install samba
4echo -e "y\n" | apt-get install smbfs
5echo -e "y\n" | apt-get install whois
6echo -e "y\n" | apt-get install lsof
7echo -e "y\n" | apt-get install mkpasswd
8echo -e "y\n" | apt-get install wget
9echo -e "y\n" | apt-get install tree
10echo -e "y\n" | apt-get install autofs
11echo -e "y\n" | apt-get install gpg
12echo -e "y\n" | apt-get install rsync
13echo -e "y\n" | apt-get install ca-certificates
14echo -e "y\n" | apt-get install shared-mime-info
15echo -e "y\n" | apt-get install wget genisoimage xorriso isolinux hwinfo
16echo -e "y\n" | apt-get install hddtemp lm-sensors
17echo -e "y\n" | apt-get install at
18echo -e "y\n" | apt-get install pip
19echo -e "y\n" | apt-get install xz-utils
20echo -e "y\n" | apt-get install curl
21echo -e "y\n" | apt-get install sphinx
22echo -e "y\n" | apt-get install smartmontools
23echo -e "y\n" | apt-get install python3-sphinx
24echo -e "y\n" | apt-get install nfs-common
25echo -e "y\n" | apt-get install build-essential libssl-dev libffi-dev python3-dev
26echo -e "y\n" | apt-get install python3-venv
27echo -e "y\n" | apt-get install mdadm
28echo -e "y\n" | apt-get install hdparm
29echo -e "y\n" | apt-get install hddtemp lm-sensors psensor
30echo -e "y\n" | apt-get install stress
31systemctl enable mdadm
32update-initramfs -u
33
34python3 -m venv env
5.57. Chunck 57
1pip install --upgrade myst-parser
2pip install sphinx-autodocgen
3pip install Pygments
4pip install sphinx-intl
5pip install lumache
6pip install django
7pip install django-docs
8pip install sphinxnotes-strike
9pip install sphinx_rtd_theme
5.58. Chunck 58
1pip install -U sphinx
2python -m venv .venv
5.59. Chunck 59
1systemctl enable cron
5.60. Chunck 60
1systemctl enable autofs
5.61. Chunck 61
1apt-get install openssh-server -y
2if [ $? -ne 0 ]; then
3 echo "Error: error install setup-utils!!!"
4 exit 1
5fi
5.62. Chunck 62
1update-locale LC_TIME=ru_RU.UTF-8;
2update-locale LC_ALL=ru_RU.UTF-8;
3update-locale LANG=ru_RU.UTF-8;
4sed -n -e "s/\(=\).*/\1\"$ru_RU.UTF-8\"/p" /etc/default/locale
5update-locale;
6
7cp -Rf /install/etc/* /etc
8if [ $? -ne 0 ]; then
9 echo "Error: copy install to etc"
10 exit 1
11fi
12cd /install/
13echo -e "5_install_util_wd" >> steps.txt
5.63. Chunck 63
1fi
5.64. Chunck 64
1step_three:
5.65. Chunck 65
1step_four:
2cd /install/
3if [[ -z $(sed -n -e "s/^\(7_driver_opt\).*/\1/p" steps.txt) ]]; then
5.66. Chunck 66
1
5.67. Chunck 67
1
5.68. Chunck 68
1
5.69. Chunck 69
1
5.70. Chunck 70
1
5.71. Chunck 71
1cd /install/
2touch fdisk.txt
3fdisk -l | sed -n -e "s/.*\(\/dev\/s[a-z]*[0-9]\).*/\1/p" > fdisk.txt
4
5filename='fdisk.txt'
6n=1
7while read line; do
5.72. Chunck 72
1shd=$(echo $line | sed 's/\//\\\//g')
2S1=$(blkid | sed -n -e "s/$shd:\s\(.*\).*/\1/p" | sed -n -e "s/.*UUID=\(.*\)\sB.*/\1/p" | sed 's/\"/\\"/g')
3TMPS=$(echo $line | sed -n -e "s/^\/dev\/\([a-z]*[0-9]\).*/\1/p")
4chown admin_share:technics -Rf "/mnt/$TMPS"
5chmod ugo+rwx -Rf "/mnt/$TMPS"
6semanage fcontext -a -t public_content_rw_t "/mnt/$TMPS(/.*)?";
7
8setfacl -m u:admin_share:rwx,u:admin:rwx,u:pub_share:rwx,g:admins:rw,g:technics:rw -R "/mnt/$TMPS";
5.73. Chunck 73
1chcon -Rv -t public_content_rw_t "/mnt/$TMPS";
5.74. Chunck 74
1chmod go+rwx -R "/mnt/$TMPS";
2if [[ -n $S1 ]]; then
3 sed -i -e "$ a UUID\=$S1 \/mnt\/$TMPS ext4 defaults 0 2" /etc/fstab
4fi
5.75. Chunck 75
1done < $filename
2sudo mount -a
5.76. Chunck 76
1echo -e "7_driver_opt" >> steps.txt
2fi
5.77. Chunck 77
1cd /install/
5.78. Chunck 78
1
5.79. Chunck 79
1
5.80. Chunck 80
1if [[ -z $(sed -n -e "s/^\(9_user_settings\).*/\1/p" steps.txt) ]]; then
2
3STEP_TWO_AFTER:
5.81. Chunck 81
1 groupadd -g 1000 admins
2 groupadd -g 2000 exp_users
3 groupadd -g 3000 pro_users
4 groupadd -g 4000 moderators
5 groupadd -g 5000 technics
6 groupadd -g 6000 ps_users
7 groupadd -g 7000 others
8 useradd -u 1100 -g admins -c "admin" -s /bin/bash -p $(echo "********" | mkpasswd -s -H MD5) -m admin
9
10 useradd -u 1200 -g admins -c "admin" -s /bin/bash -p $(echo "********" | mkpasswd -s -H MD5) -m admin_tech
11usermod -aG sudo,technics,root admin
12usermod -aG sudo,technics,root admin_tech
13
14cp /install/home/rootsu/.bashrc /home/admin/
15cp /install/home/rootsu/.profile /home/admin/
16cp /install/home/rootsu/.cmd_shell.sh /home/admin/
17
18 useradd -u 2100 -g exp_users -s /bin/bash -c "far_exp" -p $(echo "********" | mkpasswd -s -H MD5) -m far_exp
19 useradd -u 3100 -g pro_users -s /bin/bash -c "far_pro" -p $(echo "********" | mkpasswd -s -H MD5) -m far_pro
20 useradd -u 4100 -g moderators -s /bin/bash -c "far_moderator" -p $(echo "********" | mkpasswd -s -H MD5) -m far_mod
21 useradd -u 5100 -g technics -d /opt/SAMBA_SHARE/ -s /bin/false -c "technical admin_share" -p $(echo "********" | mkpasswd -s -H MD5) admin_share
22 useradd -u 5200 -g technics -d /opt/SAMBA_SHARE/ -s /bin/false -c "technical pub_share" -p $(echo "********" | mkpasswd -s -H MD5) pub_share
23 useradd -u 6100 -g ps_users -s /bin/bash -c "far_user" -p $(echo "********" | mkpasswd -s -H MD5) -m far_user
5.82. Chunck 82
1useradd -g ps_users -c "tom" -s /bin/bash -p $(echo "********" | mkpasswd -s -H MD5) -m tom
5.83. Chunck 83
1echo -e "********\n********" | smbpasswd -a admin_share
2echo -e "********\n********" | smbpasswd -a pub_share
3smbpasswd -e admin_share
4smbpasswd -e pub_share
5.84. Chunck 84
1mkdir /opt/SAMBA_SHARE
2mkdir /mnt/SMB
3mkdir /mnt/SMB/SOFT_2TBSEAGREEN
4mkdir /mnt/SMB/SOFT_3TBSEASYAN
5mkdir /media/admin
6chown admin:admins /media/admin
7chown -R :technics /opt/ /opt/SAMBA_SHARE /mnt/SMB
8chown -R admin_share:technics /opt/ /opt/SAMBA_SHARE /mnt/SMB
9chmod ug+rw /opt/ /opt/SAMBA_SHARE /mnt/SMB
10setfacl -m u:pub_share:rwx,u:admin_share:rwx -R "/mnt/SMB";
5.85. Chunck 85
1
5.86. Chunck 86
1cd /etc/ssh/
2
3cp sshd_config sshd_config.tmp
5.87. Chunck 87
1 sed -i -e "s/#Port\s.*$\|Port\s.*$/Port $PORT_SSH/g" sshd_config
5.88. Chunck 88
1 sed -i -e "s/#HostKey/HostKey/g" sshd_config
5.89. Chunck 89
1 sed -i -e "s/#PubkeyAuthentication\s.*$\|PubkeyAuthentication\s.*$/PubkeyAuthentication yes/g" sshd_config
5.90. Chunck 90
1 sed -i -e "s/#SysLogFacility\s.*$\|SysLogFacility\s.*$/SysLogFacility AUTHPRIV/g" sshd_config
5.91. Chunck 91
1 sed -i -e "s/#LogLevel\s.*$\|LogLevel\s.*$/#LogLevel INFO/g" sshd_config
5.92. Chunck 92
1 sed -i -e "s/#LoginGraceTime\s.*$\|LoginGraceTime\s.*$/LoginGraceTime 2m/g" sshd_config
5.93. Chunck 93
1 sed -i -e "s/#PermitRootLogin\s.*$\|PermitRootLogin\s.*$/PermitRootLogin yes/g" sshd_config
5.94. Chunck 94
1 sed -i -e "s/#StrictModes\s.*$\|StrictModes\s.*$/StrictModes no/g" sshd_config
5.95. Chunck 95
1 sed -i -e "s/#MaxAuthTries\s.*$\|MaxAuthTries\s.*$/MaxAuthTries 3/g" sshd_config
5.96. Chunck 96
1 sed -i -e "s/#MaxSessions\s.*$\|MaxSessions\s.*$/MaxSessions 3/g" sshd_config
5.97. Chunck 97
1 sed -i -e "s/#AuthorizedKeysFile\s.*$\|AuthorizedKeysFile\s.*$/AuthorizedKeysFile \/home\/rootsu\/.ssh\/authorized_keys \/home\/%u\/.ssh\/authorized_keys/g" sshd_config
5.98. Chunck 98
1 sed -i -e "s/#PasswordAuthentication\s.*$\|PasswordAuthentication\s.*$/PasswordAuthentication no/g" sshd_config
5.99. Chunck 99
1 sed -i -e "s/#PermitEmptyPasswords\s.*$\|PermitEmptyPasswords\s.*$/PermitEmptyPasswords no/g" sshd_config
5.100. Chunck 100
1 sed -i -e "s/ChallengeResponseAuthentication.*$\|#ChallengeResponseAuthentication.*$/ChallengeResponseAuthentication yes/g" sshd_config
5.101. Chunck 101
1 sed -i -e "s/#UsePAM\s.*$\|UsePAM\s.*$/UsePAM yes/g" sshd_config
5.102. Chunck 102
1 sed -i -e "s/#AllowTcpForwarding\s.*$\|AllowTcpForwarding\s.*$/AllowTcpForwarding yes/g" sshd_config
5.103. Chunck 103
1 sed -i -e "s/#X11Forwarding\s.*$\|X11Forwarding\s.*$/X11Forwarding yes/g" sshd_config
5.104. Chunck 104
1 sed -i -e "s/#X11DisplayOffset\s.*$\|X11DisplayOffset\s.*$/X11DisplayOffset 10/g" sshd_config
5.105. Chunck 105
1 sed -i -e "s/#PrintMotd\s.*$\|PrintMotd\s.*$/PrintMotd yes/g" sshd_config
5.106. Chunck 106
1 sed -i -e "s/Subsystem\s/#Subsystem\s/g" sshd_config
5.107. Chunck 107
1systemctl restart ssh
5.108. Chunck 108
1sudo bash ~/.cmd_shell.sh --mode "ssh_keygen" --uadd "tom" --gadd "ps_users" --pwd "debian"
2bash ~/.cmd_shell.sh --mode "ssh_keygen" --uadd "admin" --gadd "admins" --pwd "debian"
5.109. Chunck 109
1mount -v -t cifs //192.168.1.1/SOFT_2TBSEAGREEN//mnt/SMB/SOFT_2TBSEAGREEN -o credentials=/home/rootsu/.smbusers,defcontext="system_u:object_r:samba_share_t:s0";
2mount -v -t cifs //192.168.1.1/SOFT_3TBSEASYAN//mnt/SMB/SOFT_3TBSEASYAN -o credentials=/home/rootsu/.smbusers,defcontext="system_u:object_r:samba_share_t:s0";
3
4cp -Rf /install/etc/autofs /etc/
5cp -Rf /install/etc/autofs.conf /etc/
6cp -Rf /install/etc/samba /etc/
7cp -Rf /install/lib/ /lib/
8chmod 644 -Rf /etc/autofs/
9
10systemctl restart autofs
11systemctl restart smbd
5.110. Chunck 110
1echo -e "y" | apt-get install ntfs-3g;
5.111. Chunck 111
1echo -e "y" | sudo apt install vsftpd
2
3cd /etc/
4sudo cp /etc/vsftpd.conf/etc/vsftpd.conf_default
5.112. Chunck 112
1sed -i -e "s/listen=.*$/listen=YES/g" vsftpd.conf
5.113. Chunck 113
1sed -i -e "s/listen_ipv6=.*$/listen_ipv6=NO/g" vsftpd.conf
5.114. Chunck 114
1sed -i -e "s/#anonymous_enable=.*$\|anonymous_enable=.*$/anonymous_enable=NO/g" vsftpd.conf
5.115. Chunck 115
1sed -i -e "s/#anon_upload_enable=.*$\|anon_upload_enable=.*$/anon_upload_enable=NO/g" vsftpd.conf
5.116. Chunck 116
1sed -i -e "s/anon_mkdir_write_enable=.*$\|#anon_mkdir_write_enable=.*$/anon_mkdir_write_enable=NO/g" vsftpd.conf
5.117. Chunck 117
1sed -i -e "s/#write_enable=.*$\|write_enable=.*$/write_enable=YES/g" vsftpd.conf
5.118. Chunck 118
1sed -i -e "s/#local_umask=.*$\|local_umask=.*$/local_umask=022/g" vsftpd.conf
5.119. Chunck 119
1sed -i -e "s/connect_from_port_20=.*$/connect_from_port_20=NO/g" vsftpd.conf
5.120. Chunck 120
1sed -i -e "s/#ascii_upload_enable=.*$\|ascii_upload_enable=.*$/ascii_upload_enable=YES/g" vsftpd.conf
5.121. Chunck 121
1sed -i -e "s/#ascii_upload_enable=.*$\|ascii_upload_enable=.*$/ascii_upload_enable=YES/g" vsftpd.conf
5.122. Chunck 122
1sed -i -e "s/#ascii_download_enable=.*$\|ascii_download_enable=.*$/ascii_download_enable=YES/g" vsftpd.conf
5.123. Chunck 123
1sed -i -e "s/#ftpd_banner=.*$\|ftpd_banner=.*$/ftpd_banner=Welcome to $HOSTNAME!!!/g" vsftpd.conf
5.124. Chunck 124
1sed -i -e "0,/#chroot_local_user=.*$\|chroot_local_user=.*$/ s//chroot_local_user=YES/g" vsftpd.conf
5.125. Chunck 125
1sed -i -e "s/#ls_recurse_enable=.*$\|ls_recurse_enable=.*$/ls_recurse_enable=YES/g" vsftpd.conf
5.126. Chunck 126
1sed -i -e "s/#chroot_list_file=.*$\|chroot_list_file=.*$/chroot_list_file=\/home\/rootsu\/vsftpd.chroot_list/g" vsftpd.conf
5.127. Chunck 127
1sed -i -e "s/#utf8_filesystem=.*$\|utf8_filesystem=.*$/utf8_filesystem=YES/g" vsftpd.conf
5.128. Chunck 128
1sed -i -e "s/pam_service_name=.*$/#pam_service_name=vsftpd/g" vsftpd.conf
5.129. Chunck 129
1sed -i -e "s/rsa_cert_file=.*$\|#rsa_cert_file=.*$/rsa_cert_file=\/etc\/ssl\/certs\/vsftpd.crt/g" vsftpd.conf
5.130. Chunck 130
1sed -i -e "s/rsa_private_key_file=.*$\|#rsa_private_key_file=.*$/rsa_private_key_file=\/etc\/ssl\/private\/vsftpd.key/g" vsftpd.conf
5.131. Chunck 131
1sed -i -e "s/ssl_enable=.*$\|#ssl_enable=.*$/ssl_enable=YES/g" vsftpd.conf
5.132. Chunck 132
1sed -i -e "$ a force_dot_files=YES" vsftpd.conf
5.133. Chunck 133
1sed -i -e "$ a allow_anon_ssl=NO" vsftpd.conf
5.134. Chunck 134
1sed -i -e "$ a force_local_data_ssl=NO" vsftpd.conf
5.135. Chunck 135
1sed -i -e "$ a force_local_logins_ssl=YES" vsftpd.conf
5.136. Chunck 136
1sed -i -e "$ a ssl_sslv3=YES" vsftpd.conf
5.137. Chunck 137
1sed -i -e "$ a require_ssl_reuse=YES" vsftpd.conf
5.138. Chunck 138
1sed -i -e "$ a ssl_ciphers=HIGH" vsftpd.conf
5.139. Chunck 139
1sed -i -e "$ a cmds_allowed=ABOR,CWD,RMW,DELE,LIST,MDTM,MKD,NLST,PASS,PASV,PORT,PWD,QUIT,RETR,RMD,RNFR,RNTO,SITE,SIZE,STOR,TYPE,USER,CDUP,HELP,MODE,NOOP,STAT,STOU,STRU" vsftpd.conf
5.140. Chunck 140
1sed -i -e "$ a userlist_enable=YES" vsftpd.conf
5.141. Chunck 141
1sed -i -e "$ a userlist_deny=NO" vsftpd.conf
5.142. Chunck 142
1sed -i -e "$ a userlist_enable=YES" vsftpd.conf
5.143. Chunck 143
1sed -i -e "$ a userlist_file=/home/rootsu/vsftpd-virtual_user/vsftpd_user" vsftpd.conf
5.144. Chunck 144
1sed -i -e "$ a user_config_dir=/home/rootsu/vsftpd-virtual_user/" vsftpd.conf
5.145. Chunck 145
1sed -i -e "$ a chown_uploads=YES" vsftpd.conf
5.146. Chunck 146
1sed -i -e "$ a chown_username=nobody" vsftpd.conf
5.147. Chunck 147
1sed -i -e "$ a tcp_wrappers=YES" vsftpd.conf
5.148. Chunck 148
1sed -i -e "$ a max_per_ip=10" vsftpd.conf
5.149. Chunck 149
1sed -i -e "$ a userlist_enable=YES" vsftpd.conf
5.150. Chunck 150
1sed -i -e "$ a local_enable=YES" vsftpd.conf
5.151. Chunck 151
1sed -i -e "$ a virtual_use_local_privs=YES" vsftpd.conf
5.152. Chunck 152
1sed -i -e "$ a listen_port=21" vsftpd.conf
5.153. Chunck 153
1cd /etc/pam.d/
2sed -i -e "s/auth required pam_shells.so.*$\|#auth required pam_shells.so.*$/#auth required pam_shells.so/g" vsftpd
5.154. Chunck 154
1echo -e "RU\nRussia\nSaratov\n$HOSTNAME Ltd.\nWSB-IOT-Embedded\nadmin\nfar1803@ya.ru\n" | openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/ssl/private/vsftpd.key -out /etc/ssl/certs/vsftpd.crt
2
3chmod 770 /home/rootsu/vsftpd-virtual_user
4chmod 770 /home/rootsu/vsftpd.chroot_list
5chmod 750 -R /home/rootsu
5.155. Chunck 155
1iptables -F
2sudo systemctl restart vsftpd
3sudo systemctl enable vsftpd
4iptables –F
5.156. Chunck 156
1cp -Rf /home/admin/.ssh/ /media/admin/ssh
2
3cp -Rf /home/tom/.ssh/ /media/admin/ssh2
4chown -Rf admin:admins /media/admin/ /home/admin/
5
6echo -e "9_user_settings" >> steps.txt
7fi
5.157. Chunck 157
1
5.158. Chunck 158
1if [[ -z $(sed -n -e "s/^\(10_SELinux_settings\).*/\1/p" steps.txt) ]]; then
2
3semanage fcontext -a -s system_u "/home/rootsu(/.*)?";
4semanage fcontext -a -t user_home_dir_t "/home/rootsu(/.*)?";
5chcon -Rv -u system_u -t user_home_dir_t "/home/rootsu/";
6
7semanage fcontext -a -t ftpd_etc_t "/home/rootsu/vsftpd-virtual_user";
8chcon -Rv -t ftpd_etc_t "/home/rootsu/vsftpd-virtual_user";
9semanage fcontext -a -t ftpd_etc_t "/home/rootsu/vsftpd.chroot_list(/.*)?";
10chcon -Rv -t ftpd_etc_t "/home/rootsu/vsftpd.chroot_list";
11semanage fcontext -a -t samba_etc_t "/home/rootsu/smbuser.conf";
12chcon -Rv -t samba_etc_t "/home/rootsu/smbuser.conf";
13semanage fcontext -a -t samba_etc_t "/home/rootsu/.smbusers";
14chcon -Rv -t samba_etc_t "/home/rootsu/.smbusers";
15semanage fcontext -a -u system_u "/home(/.*)?";
16chcon -Rv -u system_u "/home/";
5.159. Chunck 159
1chcon -Rv -t public_content_rw_t "/media/admin";
2semanage fcontext -a -t public_content_rw_t "/media/admin(/.*)?";
3
4setfacl -m u:admin:rwx,u:admin_share:rwx -R "/media/admin";
5setfacl -m g:admins:rw -R "/media/admin";
6chmod go-rwx -R "/media/admin";
7
8semanage fcontext -a -t public_content_rw_t "/opt(/.*)?"
9chcon -Rv -t public_content_rw_t "/opt/";
10chmod o-rwx -R "/opt/SAMBA_SHARE/";
11setfacl -m g:technics:rwx -R "/opt/SAMBA_SHARE/";
12setfacl -m u:pub_share:rwx,u:admin_share:rwx -R "/opt/SAMBA_SHARE/";
13
14setsebool -P ssh_sysadm_login on
5.160. Chunck 160
1setsebool -P httpd_use_cifs on
2setsebool -P allow_ftpd_use_nfs 1
3setsebool -P allow_ftpd_use_cifs 1
4setsebool -P ftpd_connect_db 1
5
6setsebool -P ftp_home_dir on
7setsebool -P allow_ftpd_full_access on
8setsebool -P ftpd_use_passive_mode on
9
10semanage port -a -t ssh_port_t -p tcp 4103
11semanage port -a -t smbd_port_t -p tcp 445
12semanage port -a -t ftp_port_t -p tcp 21
13
14cd ~
15semodule -i mountlocv1v2.pp
16
17COUNT=1;
18ip addr | sed -n -e "s/.*1\:\s\(.*\)\:\s<.*/\1/p"
19while [[ -n $( ip addr | sed -n -e "s/.*$COUNT\:\s\(.*\)\:\s<.*/\1/p") ]]
20do
21semanage interface -a -t netif_t -r s0-s0:c0.c1023 $( ip addr | sed -n -e "s/.*$COUNT\:\s\(.*\)\:\s<.*/\1/p")
22((COUNT++));
23done
5.161. Chunck 161
1semanage permissive -a boot_t
5.162. Chunck 162
1setsebool -P cron_can_relabel 1
2setsebool -P fcron_crond 1
3setsebool -P cron_userdomain_transition 1
4setsebool -P cron_manage_all_user_content 1
5setsebool -P cron_read_all_user_content 1
6setsebool -P cron_read_generic_user_content 1
5.163. Chunck 163
1setsebool -P allow_mount_anyfile 1
2setsebool -P webadm_manage_user_files 1
3setsebool -P webadm_read_user_files 1
5.164. Chunck 164
1setsebool -P samba_export_all_ro 1
2setsebool -P samba_export_all_rw 1
3setsebool -P dhcpc_manage_samba 1
4setsebool -P samba_create_home_dirs 1
5setsebool -P samba_enable_home_dirs 1
6setsebool -P samba_share_fusefs 1
7setsebool -P samba_share_nfs 1
8setsebool -P use_samba_home_dirs 1
5.165. Chunck 165
1setsebool -P virt_use_samba 1
2setsebool -P virt_use_nfs 1
3setsebool -P samba_portmapper 1
4setsebool -P systemd_tmpfiles_manage_all 1
5setsebool -P cron_manage_generic_user_content 1
5.166. Chunck 166
1setsebool -P use_nfs_home_dirs 1
2
3setsebool -P sudo_all_tcp_connect_http_port 1
4setsebool -P git_cgi_enable_homedirs 1
5setsebool -P git_cgi_use_cifs 1
6setsebool -P git_cgi_use_nfs 1
7setsebool -P git_session_bind_all_unreserved_ports 1
8setsebool -P git_session_send_syslog_msg 1
9setsebool -P git_session_users 1
10setsebool -P git_system_enable_homedirs 1
11setsebool -P git_system_use_cifs 1
12setsebool -P git_system_use_nfs 1
13
14systemctl enable mcstrans
15systemctl start mcstrans
16systemctl reenable fstrim.timer
17systemctl reenable fstrim.timer
18systemctl start fstrim.service
19systemctl start fstrim.timer
5.167. Chunck 167
1cd /etc/selinux
5.168. Chunck 168
1sed -i -e "s/SELINUX=permissive\|SELINUX=default/SELINUX=enforcing/g" config
5.169. Chunck 169
1sed -i -e "s/%sudo.*$/%sudo ALL=(root) ROLE=sysadm_r NOPASSWD:ALL/g" /etc/sudoers
2sed -i -e "s/%admins.*$/%admins ALL=(root) NOPASSWD:ALL/g" /etc/sudoers
3sed -i -e "s/admin.*$/admin ALL=(root) NOPASSWD:ALL/g" /etc/sudoers
4
5sed -i -e '1 a session required pam_selinux.so close' /etc/pam.d/sshd
6sed -i -e '$a session required pam_selinux.so multiple open' /etc/pam.d/sshd >> /etc/pam.d/sshd
7sed -i -e '$a session required pam_access.so' /etc/pam.d/sshd >> /etc/pam.d/sshd
8
9sed -i -e '$a -a exit,always -S open -F auid>=0' /etc/audit/audit.rules
10
11chmod o-x "/etc/systemd/system.conf";
5.170. Chunck 170
1chmod o-rwx -R "/boot/";
5.171. Chunck 171
1chmod o-rwx -R "/srv/";
2chmod o-rwx -R "/mnt/";
5.172. Chunck 172
1semanage fcontext -a -t tmp_t "/tmp(/.*)?"
2chcon -t tmp_t -R "/tmp"
3chmod o-rwx -R "/tmp/";
4chmod o-rwx "/media/";
5.173. Chunck 173
1semanage fcontext -a -t system_cron_spool_t "/var/spool/cron(/.*)?"
2chcon -t system_cron_spool_t -Rv /var/spool/cron/
3
4chmod o-r -R "/home/";
5chmod o-x -R "/home/rootsu" "/home/admin/";
5.174. Chunck 174
1echo "deb https:\\\download.webmin.com\download\repository sarge contrib" >> /etc/apt/sources.list
5.175. Chunck 175
1cd ~
5.176. Chunck 176
1semodule -i loaderlocalv1.pp
2semodule -i loaderlocalv2.pp
3semodule -i loaderlocalv3.pp
4semodule -i loaderlocalv4.pp
5semodule -i sudotev1.pp
6semodule -i sudotev2.pp
7semodule -i sudotev3.pp
8semodule -i sudotev4.pp
9semodule -i sudotev5.pp
10semodule -i sudotevb1.pp
11semodule -i sudotevb2.pp
12semodule -i sudotev70522v21.pp
13semodule -i sudotevcrondv1.pp
14semodule -i sphinxtev1.pp
15semodule -i nodegcc_app1.pp
16semanage permissive -a boot_t
17semanage permissive -a crond_t
18semanage permissive -a crontab_t
19semanage permissive -a system_crontab_t
20semanage module -d permissive_boot_t
5.177. Chunck 177
1semanage user -m -R "system_r sysadm_r staff_r" -r "s0-s0:c0.c1023" sysadm_u
5.178. Chunck 178
1semanage login -a -s sysadm_u -r "s0-s0:c0.c1023" admin
2semanage login -a -s sysadm_u -r "s0-s0:c0.c1023" admin_tech
3semanage login -a -s sysadm_u -r "s0-s0:c0.c1023" %admins
5.179. Chunck 179
1semanage login -a -s unconfined_u -r "s0-s0:c0.c1023" %sudo
2semanage login -a -s user_u tom
5.180. Chunck 180
1
5.181. Chunck 181
1update-initramfs -k all -u
2update-grub
3
4echo -e "y\n" | apt-get install apt-transport-https
5echo -e "y\n" | apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python unzip
6cd /root
7wget https://download.webmin.com/jcameron-key.asc
8cat jcameron-key.asc | gpg --dearmor >/usr/share/keyrings/jcameron-key.gpg
9cd /install/
10wget http://prdownloads.sourceforge.net/webadmin/webmin_1.991_all.deb
11dpkg --install webmin_1.991_all.deb
12mkdir /var/webmin/.webmin
13chmod 755 /var/webmin/.webmin
14semanage fcontext -a -t tmp_t "/var/webmin/.webmin";
15chcon -Rv -t tmp_t "/var/webmin/.webmin";
5.182. Chunck 182
1semanage port -a -t http_port_t -p tcp 10000
2semanage port -a -t http_port_t -p tcp 20000
3
4systemctl enable webmin
5cp -Rf /install/etc/webmin/etc/
6systemctl start webmin
5.183. Chunck 183
1echo -e "y\n" | sudo apt-get install transmission
2echo -e "y\n" | sudo apt-get install transmission-cli transmission-common transmission-daemon
5.184. Chunck 184
1sudo systemctl enable transmission-daemon.service
5.185. Chunck 185
1mkdir -m 777 /opt/SAMBA_SHARE/bittorrent_download_store
2mkdir -m 777 /opt/SAMBA_SHARE/bittorrent_upload
3mkdir -m 777 /opt/SAMBA_SHARE/bittorrent_watch
4chown debian-transmission:debian-transmission /opt/SAMBA_SHARE/bittorrent_download_store
5chown debian-transmission:debian-transmission /opt/SAMBA_SHARE/bittorrent_upload
6chown debian-transmission:debian-transmission /opt/SAMBA_SHARE/bittorrent_watch
7chown debian-transmission:debian-transmission /opt/SAMBA_SHARE/torrents
8setfacl -m u:admin_share:rwx,u:admin:rwx,u:pub_share:rwx,g:admins:rw,g:technics:rw -R "/opt/";
5.186. Chunck 186
1sudo usermod -aG debian-transmission admins
2sudo usermod -aG debian-transmission admin_share
5.187. Chunck 187
1cp -R /etc/transmission-daemon/ /opt/.transmission_config
2chown admin_share:technics -R /opt/.transmission_config
5.188. Chunck 188
1chmod -R 775 /opt/.transmission_config
5.189. Chunck 189
1sed -i -e "s/CONFIG_DIR=.*$/CONFIG_DIR=\"\/opt\/.transmission_config\/settings.json\"/g" /etc/default/transmission-daemon
2semanage port -a -t http_port_t -p tcp 9091
5.190. Chunck 190
1sudo service transmission-daemon stop
2sed -i -e "s/\"rpc-whitelist\"\:.*$/\"rpc-whitelist\"\: \"127.0.0.1,192.168.*.*\",/g" /var/lib/transmission-daemon/info/settings.json
5.191. Chunck 191
1sed -i -e "s/\"rpc-username\"\:.*$/\"rpc-username\"\: \"pub_share\",/g" /var/lib/transmission-daemon/info/settings.json
5.192. Chunck 192
1sed -i -e "s/\"rpc-password\"\:.*$/\"rpc-password\"\: \"********\",/g" /var/lib/transmission-daemon/info/settings.json
5.193. Chunck 193
1sed -i -e "s/\"download-dir\"\:.*$/\"download-dir\"\: \"\/opt\/SAMBA_SHARE\/torrents\",/g" /var/lib/transmission-daemon/info/settings.json
2sed -i -e "s/\"incomplete-dir\"\:.*$/\"incomplete-dir\"\: \"\/opt\/SAMBA_SHARE\/bittorrent_download_store\",/g" /var/lib/transmission-daemon/info/settings.json
3sed -i -e "s/\"watch-dir\"\:.*$/\"watch-dir\"\: \"\/opt\/SAMBA_SHARE\/bittorrent_watch\",/g" /var/lib/transmission-daemon/info/settings.json
5.194. Chunck 194
1service transmission-daemon start
5.195. Chunck 195
1mdadm --detail --scan | sudo tee -a /etc/mdadm/mdadm.conf
2update-initramfs -u
5.196. Chunck 196
1
5.197. Chunck 197
1echo -e "\y\n" | apt-get install libpcap-dev
2echo -e "\y\n" | apt-get install sendmail
3cd ~
5.198. Chunck 198
1wget http://fcron.free.fr/archives/fcron-3.2.1.src.tar.gz
2tar -xvf fcron-3.2.1.src.tar.gz
3cd fcron-3.2.1
4./configure
5make install
6cd ..
7rm -Rf fcron-3.2.1
8cp -Rf /install/spool/ /usr/local/var/spool/
9cp -Rf /install/usr/local/ /usr/local/
10
11systemctl enable fcron
12systemctl start fcron
5.199. Chunck 199
1echo -e "y\n" | apt-get autoremove
5.200. Chunck 200
1setenforce 1
2echo -e "10_SELinux_settings" >> steps.txt
3fi
4echo "Press ESC key to quit"
5.201. Chunck 201
1while read -r -n1 key
2do
5.202. Chunck 202
1if [[ $key == $'\e' ]];
2then
3break;
4fi
5done;
5.203. Chunck 203
1exit 0;