#!/bin/sh # /sbin/usermin-setup # This script should be run after the usermin package is installed, # in order to setup the various config files wadir=/usr/libexec/usermin config_dir=/etc/usermin var_dir=/var/log/usermin tempdir=/tmp/.usermin perl=/usr/bin/perl nochown=1 # Find install directory LANG= export LANG srcdir=$wadir ; ver=`cat "$wadir/version"` echo "***********************************************************************" echo "* Welcome to the Usermin setup script, version $ver *" echo "***********************************************************************" echo "Usermin is a web-based interface that allows Unix-like operating" echo "systems and common Unix services to be easily administered." echo "" # Only root can run this id | grep "uid=0(" >/dev/null if [ $? != "0" ]; then uname -a | grep -i CYGWIN >/dev/null if [ $? != "0" ]; then echo "ERROR: The Usermin setup script must be run as root"; echo ""; exit 1; fi fi echo "Usermin is installed in $wadir ..." echo "Usermin config files are in $config_dir ..." killall -2 miniserv.pl 1> /dev/null 2> /dev/null sleep 1 killall -9 miniserv.pl 1> /dev/null 2> /dev/null cd "$wadir" # Work out perl library path PERLLIB=$wadir if [ "$perllib" != "" ]; then PERLLIB="$PERLLIB:$perllib" fi # Validate source directory allmods=`cd "$srcdir"; echo */module.info | sed -e 's/\/module.info//g'` if [ "$allmods" = "" ]; then echo "ERROR: Failed to get module list" echo "" exit 1 fi echo "" # Test perl echo "Testing Perl ..." if [ ! -x $perl ]; then echo "ERROR: Failed to find perl at $perl" echo "" exit 5 fi $perl -e 'print "foobar\n"' 2>/dev/null | grep foobar >/dev/null if [ $? != "0" ]; then echo "ERROR: Failed to run test perl script. Maybe $perl is" echo "not the perl interpreter, or is not installed properly" echo "" exit 6 fi $perl -e 'exit ($] < 5.002 ? 1 : 0)' if [ $? = "1" ]; then echo "ERROR: Detected old perl version. Usermin requires" echo "perl 5.002 or better to run" echo "" exit 7 fi $perl -e 'use Socket; print "foobar\n"' 2>/dev/null | grep foobar >/dev/null if [ $? != "0" ]; then echo "ERROR: Perl Socket module not installed. Maybe Perl has" echo "not been properly installed on your system" echo "" exit 8 fi $perl -e '$c = crypt("xx", "yy"); exit($c ? 0 : 1)' if [ $? != "0" ]; then $perl -e 'use Crypt::UnixCrypt' >/dev/null 2>&1 fi if [ $? != "0" ]; then echo "ERROR: Perl crypt function does not work. Maybe Perl has" echo "not been properly installed on your system" echo "" exit 8 fi echo "Perl seems to be installed ok" echo "" # Create temp files directory $perl "$srcdir/maketemp.pl" if [ "$?" != "0" ]; then echo "ERROR: Failed to create or check temp files directory $tempdir" echo "" exit 2 fi # Ask for operating system type echo "***********************************************************************" autoos=1 $perl "$srcdir/oschooser.pl" "$srcdir/os_list.txt" $tempdir/$$.os $autoos if [ $? != 0 ]; then exit $? fi rm -f $tempdir/$$.os echo "Operating system name: $real_os_type" echo "Operating system version: $real_os_version" echo "" # Ask for web server port, name and password echo "***********************************************************************" echo "Usermin uses its own password protected web server to provide access" echo "to the administration programs. The setup script needs to know :" echo " - What port to run the web server on. There must not be another" echo " web server already using this port." echo " - The login name required to access the web server." echo " - The password required to access the web server." echo " - If the webserver should use SSL (if your system supports it)." echo "" printf "Web server port (default 20000): " if [ "$port" = "" ]; then read port if [ "$port" = "" ]; then port=20000 fi fi if [ $port -lt 1 ]; then echo "ERROR: $port is not a valid port number" echo "" exit 11 fi if [ $port -gt 65535 ]; then echo "ERROR: $port is not a valid port number. Port numbers cannot be" echo " greater than 65535" echo "" exit 12 fi $perl -e 'use Socket; socket(FOO, PF_INET, SOCK_STREAM, getprotobyname("tcp")); setsockopt(FOO, SOL_SOCKET, SO_REUSEADDR, pack("l", 1)); bind(FOO, pack_sockaddr_in($ARGV[0], INADDR_ANY)) || exit(1); exit(0);' $port if [ $? != "0" ]; then echo "ERROR: TCP port $port is already in use by another program" echo "" exit 13 fi printf "Login name (default admin): " if [ "$login" = "" ]; then read login if [ "$login" = "" ]; then login="admin" fi fi echo "$login" | grep : >/dev/null if [ "$?" = "0" ]; then echo "ERROR: Username contains a : character" echo "" exit 14 fi echo $login | grep " " >/dev/null if [ "$?" = "0" ]; then echo "ERROR: Username contains a space" echo "" exit 14 fi if [ "$login" = "usermin" ]; then echo "ERROR: Username 'usermin' is reserved for internal use" echo "" exit 14 fi # Ask the user if SSL should be used if [ "$ssl" = "" ]; then ssl=0 $perl -e 'use Net::SSLeay' >/dev/null 2>/dev/null if [ $? = "0" ]; then printf "Use SSL (y/n): " read sslyn if [ "$sslyn" = "y" -o "$sslyn" = "Y" ]; then ssl=1 fi else echo "The Perl SSLeay library is not installed. SSL not available." rm -f core fi fi # Don't use SSL if missing Net::SSLeay if [ "$ssl" = "1" ]; then $perl -e 'use Net::SSLeay' >/dev/null 2>/dev/null if [ $? != "0" ]; then ssl=0 fi fi # Create webserver config file echo $perl > $config_dir/perl-path echo $var_dir > $config_dir/var-path echo "Creating web server config files.." cfile=$config_dir/miniserv.conf echo "port=$port" >> $cfile echo "root=$wadir" >> $cfile echo "mimetypes=$wadir/mime.types" >> $cfile echo "addtype_cgi=internal/cgi" >> $cfile echo "realm=Usermin Server" >> $cfile echo "logfile=$var_dir/miniserv.log" >> $cfile echo "errorlog=$var_dir/miniserv.error" >> $cfile echo "pidfile=$var_dir/miniserv.pid" >> $cfile echo "logtime=168" >> $cfile echo "ppath=$ppath" >> $cfile echo "ssl=$ssl" >> $cfile echo "env_WEBMIN_CONFIG=$config_dir" >> $cfile echo "env_WEBMIN_VAR=$var_dir" >> $cfile echo "logout=$config_dir/logout-flag" >> $cfile if [ "$listen" != "" ]; then echo "listen=$listen" >> $cfile else echo "listen=20000" >> $cfile fi echo "denyfile=\\.pl\$" >> $cfile echo "log=1" >> $cfile echo "blockhost_failures=5" >> $cfile echo "blockhost_time=60" >> $cfile if [ "$allow" != "" ]; then echo "allow=$allow" >> $cfile fi if [ "$session" != "" ]; then echo "session=$session" >> $cfile else echo "session=1" >> $cfile fi echo "unixauth=user" >> $cfile echo "localauth=1" >> $cfile echo "pam=usermin" >> $cfile #echo "denyusers=root" >> $cfile ufile=$config_dir/miniserv.users echo "user:x:0::" > $ufile chmod 644 $ufile echo "userfile=$ufile" >> $cfile kfile=$config_dir/miniserv.pem openssl version >/dev/null 2>&1 if [ "$?" = "0" ]; then # We can generate a new SSL key for this host host=`hostname` openssl req -newkey rsa:512 -x509 -nodes -out $tempdir/cert -keyout $tempdir/key -days 1825 >/dev/null 2>&1 <$kfile fi rm -f $tempdir/cert $tempdir/key fi if [ ! -r $kfile ]; then # Fall back to the built-in key cp "$wadir/miniserv.pem" $kfile fi chmod 600 $kfile echo "keyfile=$config_dir/miniserv.pem" >> $cfile chmod 644 $cfile echo "..done" echo "" echo "Creating access control file.." defmods=`cat "$wadir/defaultmodules" 2>/dev/null` if [ "$defmods" = "" ]; then defmods="$allmods" fi afile=$config_dir/usermin.acl rm -f $afile echo "user: $defmods" >> $afile chmod 644 $afile echo "..done" echo "" echo "Copying config files.." newmods=`$perl "$wadir/copyconfig.pl" "$os_type/$real_os_type" "$os_version/$real_os_version" "$wadir" $config_dir "" $allmods` echo $newmods # Store the OS and version echo "os_type=$os_type" >> $config_dir/config echo "os_version=$os_version" >> $config_dir/config echo "real_os_type=$real_os_type" >> $config_dir/config echo "real_os_version=$real_os_version" >> $config_dir/config if [ -r /etc/system.cnf ]; then # Found a caldera system config file .. get the language source /etc/system.cnf if [ "$CONF_LST_LANG" = "us" ]; then CONF_LST_LANG=en elif [ "$CONF_LST_LANG" = "uk" ]; then CONF_LST_LANG=en fi grep "lang=$CONF_LST_LANG," "$wadir/lang_list.txt" >/dev/null 2>&1 if [ "$?" = 0 ]; then echo "lang=$CONF_LST_LANG" >> $config_dir/config fi fi # Set additional usermin-specific options echo "userconfig=.usermin" >> $config_dir/config echo "overlang=ulang" >> $config_dir/config echo "nofeedbackcc=2" >> $config_dir/config echo "nofeedbackconf=1" >> $config_dir/config echo $ver > $config_dir/version echo "..done" echo "" # Set passwd_ fields in miniserv.conf from global config for field in passwd_file passwd_uindex passwd_pindex passwd_cindex passwd_mindex; do grep $field= $config_dir/miniserv.conf >/dev/null if [ "$?" != "0" ]; then grep $field= $config_dir/config >> $config_dir/miniserv.conf fi done grep passwd_mode= $config_dir/miniserv.conf >/dev/null if [ "$?" != "0" ]; then echo passwd_mode=2 >> $config_dir/miniserv.conf fi # Set usermin-specific SID cookie name grep sidname= $config_dir/miniserv.conf >/dev/null if [ "$?" != "0" ]; then echo sidname=usid >> $config_dir/miniserv.conf fi # Set a special theme if none was set before if [ "$theme" = "" ]; then theme=`cat "$wadir/defaulttheme" 2>/dev/null` fi oldthemeline=`grep "^theme=" $config_dir/config` oldtheme=`echo $oldthemeline | sed -e 's/theme=//g'` if [ "$theme" != "" ] && [ "$oldthemeline" = "" ] && [ -d "$wadir/$theme" ]; then echo "theme=$theme" >> $config_dir/config echo "preroot=$theme" >> $config_dir/miniserv.conf fi # Set the product field in the global config grep product= $config_dir/config >/dev/null if [ "$?" != "0" ]; then echo product=usermin >> $config_dir/config fi # If password delays are not specifically disabled, enable them grep passdelay= $config_dir/miniserv.conf >/dev/null if [ "$?" != "0" ]; then echo passdelay=1 >> $config_dir/miniserv.conf fi rm -f $config_dir/install-dir echo "" echo "To use the usermin program, point your web browser to:" echo "http://localhost:${port} and login as user $login." echo "" echo "You can re-run this /sbin/usermin-setup script as 'root'" echo "at any time in order to change your Usermin configuration." echo ""