dépôts
/
lhc
/
ateliers.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
14f26f5
)
Ajout : vm_hosted : rule_boot_configure : molly-guard .
author
Julien Moutinho
<julm+burette@autogeree.net>
Fri, 15 Mar 2013 17:36:31 +0000
(18:36 +0100)
committer
Julien Moutinho
<julm+burette@autogeree.net>
Tue, 19 Mar 2013 09:42:05 +0000
(10:42 +0100)
vm_hosted
patch
|
blob
|
history
diff --git
a/vm_hosted
b/vm_hosted
index
7a1e4a7
..
f1670ba
100755
(executable)
--- a/
vm_hosted
+++ b/
vm_hosted
@@
-287,6
+287,13
@@
rule_boot_configure () {
EOF
sudo update-grub2 # NOTE: prend en compte /boot/grub/device.map
rule initramfs_configure
EOF
sudo update-grub2 # NOTE: prend en compte /boot/grub/device.map
rule initramfs_configure
+ rule apt_get_install molly-guard
+ sudo install -m 644 -o root -g root /dev/stdin /etc/molly-guard/rc <<-EOF
+ ALWAYS_QUERY_HOSTNAME=true
+ # NOTE: une alternative est de dire à sudo de conserver les SSH_*
+ # néamoins demander tout le temps n'est pas trop contraignant
+ # et davantage sécurisant.
+ EOF
}
rule_dovecot_configure () {
rule apt_get_install dovecot-imapd dovecot-managesieved dovecot-sieve
}
rule_dovecot_configure () {
rule apt_get_install dovecot-imapd dovecot-managesieved dovecot-sieve
@@
-494,16
+501,6
@@
rule_locale_configure () {
sudo update-locale
}
rule_login_configure () {
sudo update-locale
}
rule_login_configure () {
- grep -q '^hvc0$' /etc/securetty ||
- sudo install -m 644 -o root -g root /dev/stdin /etc/securetty <<-EOF
- $(cat /etc/securetty)
- hvc0
- EOF
- grep -q '^xvc0$' /etc/securetty ||
- sudo install -m 644 -o root -g root /dev/stdin /etc/securetty <<-EOF
- $(cat /etc/securetty)
- xvc0
- EOF
sudo install -m 644 -o root -g root /dev/stdin /etc/inittab <<-EOF
# /etc/inittab: init(8) configuration.
sudo install -m 644 -o root -g root /dev/stdin /etc/inittab <<-EOF
# /etc/inittab: init(8) configuration.
@@
-589,6
+586,16
@@
rule_login_configure () {
$(cat /etc/pam.d/common-session)
session optional pam_umask.so
EOF
$(cat /etc/pam.d/common-session)
session optional pam_umask.so
EOF
+ grep -q '^hvc0$' /etc/securetty ||
+ sudo install -m 644 -o root -g root /dev/stdin /etc/securetty <<-EOF
+ $(cat /etc/securetty)
+ hvc0
+ EOF
+ grep -q '^xvc0$' /etc/securetty ||
+ sudo install -m 644 -o root -g root /dev/stdin /etc/securetty <<-EOF
+ $(cat /etc/securetty)
+ xvc0
+ EOF
}
rule_mail_configure () {
rule postfix_configure
}
rule_mail_configure () {
rule postfix_configure