Image

Image

Search This Blog

Sunday, December 14, 2008

diskstat

#!/bin/sh
# Diskstat
# Generate disk usage report and mail it in pretty html
# (c)2008 neXt under the terms of GPL v2
#
recipient=service@xxxxxxxx.com, info@xxxxxxxxxxxxxxxxx.com
outfile=”/tmp/diskuse.$$”
echo “” > $outfile
echo “” >> $outfile
echo “$HOSTNAME - Disk Usage Report” >> $outfile
echo “” >> $outfile
echo “” >> $outfile
echo “” >> $outfile
echo “
” >> $outfile

echo “========================================================================” >> $outfile
echo “Report created on $HOSTNAME at: ” `date` “

” >> $outfile
echo “========================================================================” >> $outfile
df -h -T >> $outfile
echo “========================================================================” >> $outfile
du -h –max-depth=1 / >> $outfile
echo “========================================================================” >> $outfile
#smartctl -AH /dev/hda | tail -n22 >> $outfile
smartctl -d cciss,0 -a /dev/cciss/c0d0 | tail -n27 >> $outfile
smartctl -d cciss,0 -a /dev/cciss/c0d1 | tail -n27 >> $outfile
echo “========================================================================” >> $outfile
echo “” >> $outfile
echo “
” >> $outfile
echo “” >> $outfile
echo “” >> $outfile
/usr/bin/mail -s “$HOSTNAME - disk usage report” $recipient <$outfile rm -f /tmp/diskuse* exit 0

Friday, November 21, 2008

tape backup

quick and dirty, ofc. adapted after pjl, whom adapted a script from sco sysV made in 1988. 

 #!/bin/sh 

# Local Variables recipient1=service@xxxxxxx.com recipient2=sandra@xxxxxxx.com printer=office TAPE=/dev/st0 # System variables LOCK=/var/autotback/backlock DEFAULTDIR=/var/autotback REPORTFILE=/var/autotback/backrep TEMPFILE=/var/autotback/backtmp TEMPFILE2=/var/autotback/backtmp2 # Check if another backup is running if [ -r $LOCK ] then echo “Another backup is running or the last backup has not finished well. Please check!” echo “Another backup is running or the last backup has not finished well. Please check!” | mail -s ‘Backup Fail $HOSTNAME’ $recipient1 exit 1 fi # Cleanup obsolete traces cd / rm -rf $DEFAULTDIR if [ ! -d $DEFAULTDIR ] then mkdir $DEFAULTDIR fi # Create lockfile echo “backup started”>$LOCK # Start backup banner “ Automatic Backup Report “>$REPORTFILE echo “(c)1991-2008 Xxxxxxx Services Inc.”>>$REPORTFILE echo “======================================================================================”>>$REPORTFILE echo “”>>$REPORTFILE echo “Backup of $HOSTNAME Started on `date` “>>$REPORTFILE echo “”>>$REPORTFILE # Exclude /proc /sys /tmp find . -depth -print >$DEFAULTDIR/list grep -v “./sys/” $DEFAULTDIR/list >$DEFAULTDIR/list2 grep -v “./proc/” $DEFAULTDIR/list2 >$DEFAULTDIR/list3 grep -v “./tmp/” $DEFAULTDIR/list3 >$DEFAULTDIR/list4 # Start saving echo “BACKUP OF `date`”>$TEMPFILE cat $DEFAULTDIR/list4 | cpio -ocvB >$TAPE 2>>$TEMPFILE backstat=$? tail $TEMPFILE >>$REPORTFILE echo “”>>$REPORTFILE echo “$backstat = exit status”>>$REPORTFILE echo “”>>$REPORTFILE if [ $backstat -ne 0 ] then echo “*** Backup may contain an error ***”>>$REPORTFILE fi echo “Tape Save completed on `date`”>>$REPORTFILE echo “”>>$REPORTFILE set `tail -1 $TEMPFILE` BACKTOT=$1 echo “Total of amount of Backup was $1 blocks Starting Verify”>>$REPORTFILE echo “”>>$REPORTFILE #Tape rewind / Verify cpio -icvtB <$TAPE >>$TEMPFILE 2>>$TEMPFILE2 verstat=$? tail $TEMPFILE2 >>$REPORTFILE echo “$verstat = exit status”>>$REPORTFILE echo “”>>$REPORTFILE if [ $verstat -ne 0 ] then echo “*** Verify may contain an error ***”>>$REPORTFILE echo “”>>$REPORTFILE fi echo “Verify completed for server $HOSTNAME `date` “>>$REPORTFILE echo “”>>$REPORTFILE set `tail -1 $TEMPFILE2` VERTOT=$1 if [ “$BACKTOT” != “$VERTOT” -o $backstat -ne 0 -o $verstat -ne 0 ] then echo “*** WARNING BACKUP TRANSFER TOTALS DID NOT MATCH ***”>>$REPORTFILE echo “*** PLEASE VERIFY ***”>>$REPORTFILE echo “”>>$REPORTFILE else echo “*** Transfer Totals Concur ***”>>$REPORTFILE echo “”>>$REPORTFILE fi # Send the report cat $REPORTFILE | mail -s ‘Backup Report $HOSTNAME’ $recipient1, $recipient2 #lp -d $printer $REPORTFILE # Remove lock and exit sleep 5 rm $LOCK exit 0

Monday, November 03, 2008

hp notifier

open source version :)

#!/bin/bash

# hp/compaq notifier. to be run from cron. require psp

#define addresses where warnings will be sent

recipient1=service@XXXXXXXXX.com

recipient2=sxxxxxx@XXXXXXX.com

#let’s check if we have events in the ILO log

/sbin/hplog -v | grep -B 1 -E ‘Error|Failure|Screen|ASR’ >> /tmp/ciss2.$$

set `wc /tmp/ciss2.$$`

if [ $1 -eq 0 ]

then

#if the ILO log is empty get out

exit 0

fi

#if there is something in the log, check if we have a previous logfile

if [ ! -f /var/log/ciss.log ]

then

#create one if we don’t have it yet

touch /var/log/ciss.log

fi

#compare the newly readed infos from ILO with those from previous logfile

grep -v -f /var/log/ciss.log /tmp/ciss2.$$ > /tmp/ciss3.$$

#if there are differences

if [ -s /tmp/ciss3.$$ ]

then

#replace previous log with the new one

cat /tmp/ciss2.$$ > /var/log/ciss.log

#add some cosmetic informations

echo -en “End of report on: ” >> /tmp/ciss2.$$

date >> /tmp/ciss2.$$

#and warn the administrators

#
cat /tmp/ciss2.$$ | /bin/mail -s ‘Error on $HOSTNAME’ $recipient1
# cat /tmp/ciss2.$$ | /bin/mail -s ‘Error on $HOSTNAME’ $recipient2

echo “comment this line and uncomment the line before” ; cat /tmp/ciss2.$$ fi

#then let’s do some cleanup

rm -f /tmp/ciss*

exit 0

PS: the script is modified a bit, as blogger.com does not allow some strings such as: < followed by /location/file...

printers restart

se dau urmatoarele:

- una bucata cups

- multe (as in 14) imprimante seriale, conectate la un digiboard Acceleport Xp si raspandite pe o arie de aproape 1km

- o aplicatie de 0.02$ portata cu chiu cu vai dupa un sco sysV

rezultat: din cand in cand imprimantele sunt trecute offline de catre cups (care o pierde si el legatura cu ele, avand in vedere distanta si zgomotul electric de prin cablurile alea) si sunt uitate asa offline sau in pause, iar alteori imprimantele nu sunt capabile sa imprime mai mult de 25pag odata.

se cere: sa functioneze!

pentru problema de offline am facut asa: cron, every 10min, run this:

!/bin/bash# a script that restarts stopped printers

# (c)2007 neXt GPL'ed

/bin/cut --delimiter=| -s -f1 /etc/printcap > /tmp/printname.$$/bin/cat /tmp/printname.$$ | while read line; do lpstat -p ${line} 2>/dev/null | /bin/grep -E 'not|disabled' && /usr/sbin/lpadmin -p ${line} -E ; done

#old method that restart even active printers - NOT GOOD!

#/bin/cat /tmp/printname.$$ |while read line; do /usr/bin/cupsenable ${line}; done

/bin/rm -f /tmp/printname.*

exit 0

pentru problema cu >25 pagini am incercat sa tin porturile deschise in digi (crezand ca nu le lasa cups deschise) “cat/dev/null &”

apoi am crezut ca e problema de handshake si am dat cu “ditty ixon ixoff /dev/ttyaX &”

nici asa n-a mers. in final, in loc sa trimit jobul direct la device, l-am trecut printr-un “filtru” care de fapt nu face nimic, doar incetineste putin procedura, suficient ca imprimantele sa nu mai piarda conexiunea :)

am creat un socket pentru cups:

#!/usr/bin/perl

use IO::Socket::INET;

$port=14000;
$psrv=IO::Socket::INET->new(LocalPort => $port.Type=>SOCK_STREAM.Reuse=>1.Listen=>1) or print “can’t bind $! n”;

while ($pjob=$psrv->accept()) { open(J.”>/dev/ttyaX”) or print “can’t send to $!n”;
while (<$pjob>) {

print J “$_”;

} close J;

close $pjob;

}

iar in /etc/cups/printers.conf am schimbat tipul de device din “DeviceURI serial://dev/ttyaX” in “DeviceURI socket://localhost:14000”

Friday, September 19, 2008

qd-update

#!/bin/bash
# quick and dirty update for our products - to be run from cron_daily
# (c)2008 neXt (sorin@xxxxxxxx.com) under the terms of GNU GPL v2

export log=/var/log/update.log
source='--ftp-user=ftpuser --ftp-password=ftppasswd ftp://my.site/update.tar.bz2'

date > $log
if [ ! -d /var/spool/update ]; then
mkdir -p /var/spool/update 1>>$log 2>&1
fi
cd /var/spool/update 1>>$log 2>&1
var=`/usr/bin/wget -N -t 10 -w 60 --random-wait -a $log -v $source; echo $?`

if [ $var -eq 0 ]; then
ls -l --time-style=long-iso update.tar.bz2 > newupd
if [ ! -f oldupd ]; then
touch oldupd 1>>$log 2>&1
fi
grep -v -f oldupd newupd > updres.$$
if [ -s updres.$$ ]; then
/bin/tar -xjf update.tar.bz2 1>>$log 2>&1
/bin/sh update/execute 1>>$log 2>&1
/bin/rm -rf update 1>>$log 2>&1
else
/bin/echo "No newer update downloaded" >> $log
fi
/bin/mv -f newupd oldupd 1>>$log 2>&1
/bin/rm -f updres.* 1>>$log 2>&1
else
/bin/echo "Wget returned an error" >> $log
fi
unset log
exit 0

Tuesday, September 16, 2008

redir init script
Posted by rain on August 29th, 2008

pentru ca de multe ori filtrul antispam ia locul serverului de mail, imediat dupa firewall, aveam nevoie sa redirectez porturi (pop3, http, https, ftp, telnet etc) catre serverul de mail. am facut un script de init pentru redir ( http://sammy.net/~sammy/hacks/redir-2.2.1.tar.gz ). da, puteam face asta si din iptables, stiu.

fisierul de configurare contine linii de forma:

# port_sursa ip_destinatie port_destinatie optiune1 optiune2

110 10.0.0.1 110 --transproxy

80 10.0.0.1 80

21 10.0.0.1 21 --transproxy --ftp

# ===============================================

scriptul:

#!/bin/bash
#
# /etc/rc.d/init.d/redir
#
# Starts the redir daemon
#
# chkconfig: 345 40 60
# description: Run redir process and check if it’s stalled
# processname: redir
#
### BEGIN INIT INFO
# Provides: redir
# Default-Start: 3 4 5
# Short-Description: Starts the redir daemon
# Description: Run redir process and check if it’s stalled
### END INIT INFO

# Source function library.
. /etc/init.d/functions

prog=”/usr/sbin/redir”
conf=”/etc/sysconfig/redir.conf”

test -x $prog || echo “No binary file” || exit 0
test -f $conf || echo “No config” || exit 0

RETVAL=0

# Define main functions

start() {
gprintf “Starting %s: ” “$prog”
sed ‘/^ *#/d;s/#.*//’ $conf | while read a b c d e
do
$prog –lport=$a –caddr=$b –cport=$c $d $e &
done
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/redir
echo
return $RETVAL
}

stop() {
gprintf “Stopping %s: ” “$prog”
killproc $prog
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/redir
echo
return $RETVAL
}

check() {
sed ‘/^ *#/d;s/#.*//’ $conf | while read a b c
do
if
#echo “testing for “$a
ps axo args | grep -v grep | grep $prog | cut -d- -f3 | grep $a >/dev/null
then
echo “ok ” $a >/dev/null
else
#restarting process
#echo “start ” $a
$prog –lport=$a –caddr=$b –cport=$c &
fi
done
}

restart() {
stop
sleep 5
start
}

reload() {
restart
}

status_rd() {
status $prog
}

# See how we were called.

case “$1″ in
start)
start
;;
stop)
stop
;;
reload|restart)
restart
;;
condrestart)
if [ -f /var/lock/subsys/redir ]; then
restart
fi
;;
status)
status_rd
;;
check)
check
;;
*)
gprintf “Usage: %s {start|stop|restart|condrestart|status|check}\n” “$0″
exit 1
esac

exit $?
exit $RETVAL
antivirus replacement
Posted by rain on June 24th, 2008

@REM Remove the next 4 lines and change the server name/path according to your situation
@echo IF YOU SEE THIS PLEASE CALL YOUR SYSADMIN AND ASK HIM TO MODIFY THE LOGIN SCRIPT
@PAUSE
EXIT

@echo off
:: (c)2007-2008 neXt - use this script the way you feel as long as you don’t delete this line

REM you can use runasspc or cpau to call this script with admin rights
REM in order to use cpau you have to first generate the crypted job that contain path to this script and the credentials
REM the syntax is: cpau -u domain\administrator -p password -ex \\server\NETLOGON\nod2etrust.bat -lwp -enc -file \\server\NETLOGON\nodjob.job
REM the all you have to do is to add in the login script this line: %0\..\cpau -dec -file %0\..\nodjob.job

echo PLEASE WAIT, updating antivirus. This will take a few minutes and might require a restart…

if not “%OS%”==”Windows_NT” GOTO win9x

rem uninstall method for Trend Micro
rem regedit.exe /s “\\PATH\TO\uninstalltrend.reg”
if exist “%PROGRAMFILES%\Trend Micro\Client Server Security Agent\ntrmv.exe” (
“%PROGRAMFILES%\Trend Micro\Client Server Security Agent\ntrmv.exe”
) else (echo “Trend Micro not here.”
)
rem uninstall method for etrust7 (Windows Installer must be at 3.1 or higher)
MsiExec.exe /X{99747F0D-D4F8-4877-9CA0-4AE96D963633} /quiet

rem uninstall method for Win 9x/2k/XP, etrust6/7 - slow
if exist “%INOCULAN%\Uninst.isu” (
%SystemRoot%\IsUninst.exe -f%INOCULAN%\Uninst.isu -c%INOCULAN%\InoSetup.dll -a -y
) else (echo “eTrust not here”
)

rem installing nod32 - use only if push was not ok or is not desired - needs administrative rights on the target
if not exist “%PROGRAMFILES%\ESET\nod32kui.exe” ( “%0\..\nod32installer.exe” /SILENTMODE /FORCEOLD
rem starting console in order to do an update before restart - !!! this might keep the cmd window open!!!
net start amon
net start nod32krn

either start the console -with the risk of keeping this window open - or ask the user to reboot
%COMSPEC% /C “%PROGRAMFILES%\ESET\nod32kui” /WAITSERVICE

rem echo Please reboot you pc / SVP redémarrer votre ordinateur pour terminer l’installation de l’antivirus. Merci.

rem pause
) else ( echo “Nod32 already in”
)
goto end

:win9x
rem uninstall eTrust method for all Win - slow and works only if etrust was installed in the default folder
if exist “C:\Program Files\CA\eTrust\InoculateIT\Uninst.isu” IsUninst.exe -f”C:\Program Files\CA\eTrust\InoculateIT\Uninst.isu” -c”C:\Program Files\CA\eTrust\InoculateIT\InoSetup.dll” -a -y else echo “eTrust not here”

rem installing nod32
if not exist “c:\Program Files\eset\nod32kui.exe” “\\PATH\TO\SHARE\nod32installer.exe” else echo “Nod32 already in”

:end

update

Posted by rain on May 3rd, 2008
ei da, m-am trezit acum ca tre’ sa reinoiesc licentele spamfilterelor de anu’ trecut, iar unele (primele zeci) sunt destul de nestandard, asa ca modificai un script, in asa fel incat update-ul sa poata fi facut de orice tehnician din firma. ce a iesit?

#!/bin/bash

# greetings from neXt :)

log=setup.log

if [ -f $log ]; then
oldexp=`grep expd $log | cut -d= -f2`
fi

echo -en “Starting setup: ” > $log
date >> $log

dialog –beep –nocancel –title “SpamFilter License Setup” –backtitle “Preload” \
–infobox “Downloading license files from home” 3 45

wget -N –progress=dot http://my.home/shc.tar.bz2.bfe 2>> $log
wget -N –progress=dot http://my.home/bcrypt.rpm 2>> $log
rpm -U bcrypt.rpm 1>> $log
rm -f bcrypt.rpm
sleep 2
dialog –nocancel –title “Enter the ExpiryDate” –backtitle “Step 1/2″ \
–calendar data 1 10 2>/tmp/input.$$
sel=$?
expd=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo expd=$oldexp >> $log ; echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$

dialog –nocancel –title “SpamFilter License Setup” –backtitle “Step 2/2″ \
–passwordbox “Enter the LicenseGenerator Password” 8 60 2>/tmp/input.$$
sel=$?
echo “Decrypting license generator” >> $log
cp shc.tar.bz2.bfe lic.tar.bz2.bfe 2>> $log
bcrypt lic.tar.bz2.bfe < /tmp/input.$$ 2>> $log
tar -jxf lic.tar.bz2 2>> $log
rm -f lic.* 2>> $log
echo “Generating license” >> $log
if [ -f shc-3.8.6/shc ]; then
shc-3.8.6/shc -e $expd -f shc-3.8.6/run
cp -f shc-3.8.6/run.x /etc/init.d/run
rm -rf shc*
bin/sed -i s^10025^10024^g /etc/amavisd/amavisd.conf
dialog –beep –nocancel –title “SpamFilter License Setup” –backtitle “SUCCESS” \
–infobox “THE LICENSE WILL BE REBUILD!
Expire on: $expd. Check setup.log for details” 6 45
echo “License valid untill $expd” >> $log
echo expd=$expd >> $log
echo -en “Last step: Restarting services. Please wait…”
/etc/init.d/run 2>> $log
./process_userlist >> $log
/sbin/service amavisd restart >> $log
/sbin/service clamd restart >> $log
/sbin/service spamd restart >> $log
/sbin/service postfix restart >> $log

else
dialog –beep –nocancel –title “SpamFilter License Setup” –backtitle “ERROR” \
–infobox “THE LICENSE GENERATOR IS NOT FOUND! LICENSE WILL NOT BE REBUILD!
(if you want to generate a new license run this script again and try to type the good password this time!)
License expire on: $oldexp. Check setup.log for details” 10 45
echo “ERROR - no license found! Not updating to $expd” >> $log

echo Password was: ‘cat /tmp/input.$$’ >> $log

echo expd=$oldexp >> $log
fi

rm -f /tmp/input*

case $sel in
0) ;;
255) echo expd=$oldexp >> $log ; echo “[ESC] Pressed, exiting” && exit 1;;
esac

cat usernr | mail -s License service@my.home

echo “DONE!”
exit 0

process_exchange
Posted in by rain on December 1st, 2007

#! /bin/bash
cd /etc/initsetup/
rm -f exchange_recipients
/etc/initsetup/getexch.pl && cp exchange_recipients /etc/postfix/ && /usr/sbin/postmap /etc/postfix/exchange_recipients &>/dev/null
/usr/sbin/postfix reload &>/dev/null
/bin/cat tmpnusr | {
awk ‘!x[$0]++’
} > tmpnfuser
wc -l tmpnfuser > tmpnr
nr=`cut -dt -f1 tmpnr`
realnr=$(($nr-10))
rm -f tmpn*
echo “$HOSTNAME users: $realnr” > usernr
echo -en “Expire on: ” >> usernr
grep expd /etc/initsetup/setup.log | cut -d= -f2 >> usernr
getexch.pl
Posted in by rain on November 7th, 2007

#!/usr/bin/perl -T -w

use Net::LDAP;
use Net::LDAP::Control::Paged;
use Net::LDAP::Constant ( “LDAP_CONTROL_PAGED” );

$VALID = “/etc/initsetup/exchange_recipients”;
$list = “/etc/initsetup/tmpnusr”;

$dc1=”ctrl1.fakedomain.local”;
$dc2=”ctrl2.fakedomain.local”;

#$hqbase=”cn=Users,dc=fakedomain,dc=local”;
$hqbase=”dc=fakedomain,dc=local”;

#$user=”cn=identity,cn=Users,dc=fakedomain,dc=local”;
$user=”identity\@fakedomain.local”;
$passwd=”secret”;

$noldapserver=0;
$ldap = Net::LDAP->new($dc1) or
$noldapserver=1;
if ($noldapserver == 1) {
$ldap = Net::LDAP->new($dc2) or
die “Error connecting to specified domain controllers $@ \n”;
}

$mesg = $ldap->bind ( dn => $user,
password =>$passwd);
if ( $mesg->code()) {
die (”error:”, $mesg->code(),”\n”,”error name: “,$mesg->error_name(),
“\n”, “error text: “,$mesg->error_text(),”\n”);
}

$page = Net::LDAP::Control::Paged->new( size => 990 );

@args = ( base => $hqbase,

# filter => “(&(sAMAccountName=*)(mail=*))”,
filter => “(& (mailnickname=*) (| (&(objectCategory=person)
(objectClass=)(!(homeMDB=*))(!(msExchHomeServerName=*)))
(&(objectCategory=person)(objectClass=)(|(homeMDB=*)
(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))
(objectCategory=group)(objectCategory=publicFolder)(objectClass=msExchDynamicDistributionList) ))”,
control => [ $page ],
attrs => “proxyAddresses”,
);

my $cookie;
while(1) {
my $mesg = $ldap->search( @args );

foreach my $entry ( $mesg->entries ) {
my $name = $entry->get_value( “cn” );
foreach my $mail ( $entry->get_value( “proxyAddresses” ) ) {
push(@tmpvalid, $name.” \n”);
if ( $mail =~ s/^(smtp|SMTP)://gs ) {
push(@valid, $mail.” OK\n”);
}
}
}

$mesg->code and last;

my($resp) = $mesg->control( LDAP_CONTROL_PAGED ) or last;
$cookie = $resp->cookie or last;

$page->cookie($cookie);
}

if ($cookie) {
$page->cookie($cookie);
$page->size(0);
$ldap->search( @args );
die(”LDAP query unsuccessful”);
}
open VALID, “>$list” or die “not possible to open $!”;
print VALID @tmpvalid;
open VALID, “>$VALID” or die “CANNOT OPEN $VALID $!”;
print VALID @valid;
#print VALID “\@example. OK\n”;
#print VALID “1\@example. 550 User unknown.\n”;
#print VALID “bad.example. 550 User does not exist.\n”;

close VALID;
process_unix
Posted by rain on October 18th, 2007

#! /bin/bash
#echo passwd and aliases are transfered by ftp every hour.
cd /etc/initsetup
rm -f exchange_recipients
cut -d: -f1 passwd >> maillist
cut -d: -f1 aliases >> maillist
while read user; do echo “$user@fakedomain.com OK”>>exchange_recipients; donerm -f maillist
cp exchange_recipients /etc/postfix/
/usr/sbin/postmap /etc/postfix/exchange_recipients &>/dev/null
/usr/sbin/postfix reload &>/dev/null
wc -l passwd > tmpnr
nr=`cut -dp -f1 tmpnr`
realnr=$(($nr-19))
rm -f tmpn*
echo “$HOSTNAME users: $realnr” > usernr
echo -en “Expire on: ” >> usernr
grep expd /etc/initsetup/vardt | cut -d= -f2 >> usernr
initsetup
Posted by rain on September 18th, 2007

#!/bin/bash

# no comments, thank you

vardt=/etc/initsetup/vardt
log=/etc/initsetup/setup.log

oldexp=`grep expd $vardt | cut -d= -f2`
. $vardt

echo -en “Starting setup: ” > $log
date >> $log
cat $vardt >> $log

dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 1/10″ \
–inputbox “Enter your domain name” 8 60 $fakedom 2>/tmp/input.$$
sel=$?
dom=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo dom=$dom >> $log

dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 2/10″ \
–inputbox “Enter your IP address” 8 60 $fakeip 2>/tmp/input.$$
sel=$?
ipif=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipif=$ipif >> $log

dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 3/10″ \
–inputbox “Enter the MailServer IP address” 8 60 $fakemail 2>/tmp/input.$$
sel=$?
ipmail=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipmail=$ipmail >> $log

dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 4/10″ \
–inputbox “Enter the Gateway IP address” 8 60 $fakegw 2>/tmp/input.$$
sel=$?
ipgw=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipgw=$ipgw >> $log

dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 5/10″ \
–inputbox “Enter the DNS IP address” 8 60 $fakedns 2>/tmp/input.$$
sel=$?
ipdns=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipdns=$ipdns >> $log

dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 6/10″ \
–inputbox “Enter the Range of IP address” 8 60 $fakenet 2>/tmp/input.$$
sel=$?
ipnet=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$
echo ipnet=$ipnet >> $log

dialog –nocancel –title “Enter the ExpiryDate” –backtitle “Step 7/10″ \
–calendar data 1 10 2>/tmp/input.$$
sel=$?
expd=`cat /tmp/input.$$`
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$

dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 8/10″ \
–passwordbox “Enter the LicenseGenerator Password” 8 60 2>/tmp/input.$$
sel=$?
echo “Decrypting license generator” >> $log
cp /etc/initsetup/shc.tar.bz2.bfe /etc/initsetup/lic.tar.bz2.bfe 2>> $log
bcrypt lic.tar.bz2.bfe < /tmp/input.$$ 2>> $log
tar -jxf lic.tar.bz2 2>> $log
rm -f lic.* 2>> $log
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
rm -f /tmp/input.$$

/bin/sed -i s/$fakedom/$dom/g /etc/hosts
/bin/sed -i s/$fakedom/$dom/g /etc/squirrelmail/config.php
/bin/sed -i s/$fakedom/$dom/g /etc/postfix/transport
/bin/sed -i s/$fakedom/$dom/g /etc/awstats/awstats.mail.conf
/bin/sed -i s/$fakedom/$dom/g /etc/amavisd/amavisd.conf
/bin/sed -i s/$fakedom/$dom/g /etc/sysconfig/network
/bin/sed -i s/$fakedom/$dom/g /etc/mail/main.cf
/bin/sed -i s/$fakedom/$dom/g /etc/initsetup/process_unix
/bin/sed -i s/$fakeip/$ipif/g /etc/webmin/awstats/config
/bin/sed -i s/$fakeip/$ipif/g /etc/awstats/awstats.model.conf
/bin/sed -i s/$fakeip/$ipif/g /etc/sysconfig/network-scripts/ifcfg-eth0
/bin/sed -i s/$fakeip/$ipif/g /etc/mail/spamassassin/local.cf
/bin/sed -i s/$fakeip/$ipif/g /etc/initsetup/exportuser
/bin/sed -i s/$fakeip/$ipif/g /etc/initsetup/getbackup
/bin/sed -i s/$fakedns/$ipdns/g /etc/resolv.conf
/bin/sed -i s/$fakedns/$ipdns/g /etc/sysconfig/network-scripts/ifcfg-eth0
/bin/sed -i s^$fakenet^$ipnet^g /etc/mail/main.cf
/bin/sed -i s^$fakenet^$ipnet^g /etc/mail/spamassassin/local.cf
/bin/sed -i s/$fakemail/$ipmail/g /etc/postfix/transport
/bin/sed -i s/$fakemail/$ipmail/g /etc/init.d/redir
/bin/sed -i s/$fakegw/$ipgw/g /etc/sysconfig/network
/bin/sed -i s/$fakegw/$ipgw/g /etc/sysconfig/network-scripts/ifcfg-eth0

echo -en “Files modified, restarting network…”
/sbin/service network restart >> $log
echo -en ” Wait 10sec, network config…”
sleep 10
echo “Changing default route” >> $log
/sbin/route del default
/sbin/route add default gw $ipgw
export HOSTNAME=mail2.$dom

echo “Generating license” >> $log
if [ -f /etc/initsetup/shc-3.8.6/shc ]; then
/etc/initsetup/shc-3.8.6/shc -e $expd -f /etc/initsetup/shc-3.8.6/run
cp -f /etc/initsetup/shc-3.8.6/run.x /etc/init.d/run
rm -rf /etc/initsetup/shc-3.8.6
echo expd=$expd > $vardt
echo “License valid untill $expd” >> $log
else
dialog –beep –nocancel –title “SpamFilter Initial Setup” –backtitle “ERROR” \
–msgbox “THE LICENSE GENERATOR IS NOT FOUND! LICENSE WILL NOT BE REBUILD!
(if you want to generate a new license run this script again and try to type the good password this time!)” 9 45
echo “ERROR - no license found! Not updating to $expd” >> $log
echo expd=$oldexp > $vardt

sel=$?
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
fi
function isunix() {
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.9/10″ \
–yesno “- To transfer userlist from unix server, copy /etc/initsetup/exportuser somewhere to the unix server (you can do that from the unix server by ftp as ftpuser:xxxx on port 1221 at this machine, get /exportuser /some/path/to/exportuser), then on the unix server do a crontab -e and add the line:
9 * * * * ftp -n /dev/null

Did you configured userlist transfer and want to use this option? ” 15 60
sel=$?
rm -f /etc/initsetup/process_userlist
ln -s /etc/initsetup/process_unix /etc/initsetup/process_userlist
case $sel in
0) grep relay_recipient_maps /etc/mail/main.cf 1>/dev/null || echo “relay_recipient_maps = hash:/etc/postfix/exchange_recipients” >> /etc/mail/main.cf
echo “Using unix server. Transfer userlist” >> $log
;;
1) echo “Using Unix server. No userlist transfer” >> $log;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac
}
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9/10″ –yes-label Exchange \
–yesno “Is your mail server a Microsoft Exchange machine or NOT (something else… Unix/Linux/Win9x, or not using userlist at all)?” 10 40
sel=$?
case $sel in
0) dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.1/10″ \
–inputbox “Enter the Active Directory main server FULL name (FDQN)” 8 60 $fakeadfull 2>/tmp/input.$$
addomfull=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo addomfull=$addomfull >> $log
addom=`echo $addomfull | cut -d. -f2`
adext=`echo $addomfull | cut -d. -f3`
addom1=`echo $addomfull | cut -d. -f1`
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.2/10″ \
–inputbox “Enter the AD secondary server name (ONLY name)” 8 60 $fakead2 2>/tmp/input.$$
addom2=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo addom2=$addom2 >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.3/10″ \
–inputbox “Enter a valid user id for the Active Directory domain
Please do not use ‘user’ as valid user id!” 8 60 $fakeid 2>/tmp/input.$$
adid=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo adid=$adid >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 9.4/10″ \
–inputbox “Enter the password for user ‘$adid’ in the AD” 8 60 $fakepw 2>/tmp/input.$$
adpw=`cat /tmp/input.$$`
rm -f /tmp/input.$$
echo adpw=$adpw >> $log
/bin/sed -i s^$fakeadfull^$addomfull^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakead1^$addom1^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakead2^$addom2^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakeaddom^$addom^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakeadext^$adext^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakeid^$adid^g /etc/initsetup/getexch.pl
/bin/sed -i s^$fakepw^$adpw^g /etc/initsetup/getexch.pl
echo fakead1=$addom1 > $vardt
echo fakead2=$addom2 >> $vardt
echo fakeaddom=$addom >> $vardt
echo fakeadext=$adext >> $vardt
echo fakeid=$adid >> $vardt
echo fakepw=$adpw >> $vardt
echo fakeadfull=$addomfull >> $vardt
grep relay_recipient_maps /etc/mail/main.cf 1>/dev/null || echo “relay_recipient_maps = hash:/etc/postfix/exchange_recipients” >> /etc/mail/main.cf
rm -f /etc/initsetup/process_userlist
ln -s /etc/initsetup/process_exchange /etc/initsetup/process_userlist
echo -en “Updated AD getuser script… ”
echo “Using AD userlist transfer” >> $log
;;
1) isunix
echo “Keeping fake AD infos for a future possible change of mail server…” >> $log
echo fakead1=$fakead1 >> $vardt
echo fakead2=$fakead2 >> $vardt
echo fakeaddom=$fakeaddom >> $vardt
echo fakeadext=$fakeadext >> $vardt
echo fakeid=$fakeid >> $vardt
echo fakepw=$fakepw >> $vardt
echo fakeadfull=$fakeadfull >> $vardt
;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac

echo “Keeping fake IP/Name infos for a future possible change of mail server…” >> $log
echo fakedom=$dom >> $vardt
echo fakeip=$ipif >> $vardt
echo fakemail=$ipmail >> $vardt
echo fakegw=$ipgw >> $vardt
echo fakedns=$ipdns >> $vardt
echo fakenet=$ipnet >> $vardt
echo >> $vardt

echo -en “Last step: Restarting services…”
/etc/init.d/run
/etc/initsetup/process_userlist >> $log
/sbin/service amavisd restart >> $log
/sbin/service clamd restart >> $log
/sbin/service spamd restart >> $log
/sbin/service postfix restart >> $log
dialog –nocancel –title “SpamFilter Initial Setup” –backtitle “Step 10/10″ \
–msgbox “The system config and variables are backed-up daily in /etc/initsetup/backup.tgz. In order to save the backup on the unix machine just use the /etc/initsetup/getbackup ftp commands file.
Copy the file to the unix server (you can do that by ftp: as ftpuser:xxxx at this box on port 1221, get /tmp/getbackup /some/path/to/getbackup) and add the following line to cron:
50 21 * * * ftp -n /dev/null

If the server is Exchange, use the same getbackup script, started daily at 21:50 from getbackup.cmd via Task Scheduler.

THIS IS THE END OF SETUP (see logs in setup.log)” 20 60
sel=$?
case $sel in
0) ;;
255) echo “[ESC] Pressed, exiting” && exit 1;;
esac

echo “Welcome to SpamFilter” > /etc/motd

echo “DONE!”
despre fine-tuning in linux (part one)
Posted by rain on January 24th, 2007

Intr-o discutie azi, Cop mi-a zis sa public si eu din scripturile pe care le folosesc in mod uzual. Hmm sa incepem cu scriptul de swap. Ideea mi-a venit dupa ce am folosit o vreme ntfs-3g - driverul nativ de linux care suporta scriere pe partitii ntfs (winblows nt/2k/xp). Ce-ar fi, mi-am zis eu, daca as folosi partitia de winblows pentru swap? Apoi am realizat ca oricum acolo exista fisieru’ de swap al winblowsului, de ce nu l-as folosi? Ce a rezultat? pai…
#!/bin/sh
echo "Checking for existent Swapfiles."
for i in $(grep -Eo "hd[a-h][1-9]" /proc/partitions); do
echo -n "$i "
DEV=`echo "$i" | tr -d "0123456789"`
if [ "0`cat /sys/block/$DEV/removable`" -eq 0 ]; then
echo -n "not removable "
FS=$(blkid -s TYPE /dev/$i | cut -d = -f 2 | tr -d ' \"')
echo -n "$FS "
if [ "$FS" == "ntfs" ]; then
if [ -f /mnt/$i/pagefile.sys ]; then
echo -n "Mounting Swap"
mkswap /mnt/$i/pagefile.sys > /dev/null 2>&1
swapon /mnt/$i/pagefile.sys > /dev/null 2>&1
fi
fi
fi

Codul nu e absolut portabil, cauta doar device-uri ide si presupune ca partitiile sunt ntfs, mountate in /mnt/device_name, ceea ce nu e intotdeauna adevarat . ma rog, nu e greu de modificat…
Apoi am modificat putin rc.sysinit (folosesc un sistem redhat-alike), ca sa imi execute scriptul de mai sus (pe care l-am numit /usr/sbin/winswp) si anume:
# Now turn on swap in case we swap to files.
action "Enabling swap space: " swapon -a -e | /usr/sbin/winswp
La reboot trebuie avut grija sa fac swapoff INAINTE de a incerca umount la partita pe care am facut swap, altfel o sa ma trezesc cu o carca de erori. Cel mai simplu e ca pe undeva prin /etc/init.d/halt sa am grija sa arunc un “swapoff -a” inainte de orice umount.

Urmatorul post va fi despre un tool simplu pe care il folosesc de multa vreme: ifled - un soft micut care face sa lumineze unul din ledurile tastaturii in ritmul transferului prin placa de retea :)

Blog Archive