Slackware/bootstrap
1
0
Fork 0
Code Releases Wiki Activity

Merge branch 'master' of https://afterdark.org.uk/git/Slackware/bootstrap

Browse source
This commit is contained in:
Darren 'Tadgy' Austin 2022-09-03 19:03:41 +01:00
commit 6ac7c58fed
4 changed files with 17 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

8
bootstrap
View file

@ -12,7 +12,7 @@ mkdir -p -m 755 {/opt,/opt/{bin,include,info,lib64,man,man/man{0..8},sbin,share}
# Install the CA bundles, to stop wget moaning.
echo "-> Adding CA certificates..."
cp -R ca-certificates /usr/local/share
update-ca-certificates
LC_ALL=C update-ca-certificates -f
# Install memtest86 into /boot.
# Only install if /boot exists, and this isn't an EFI system.
@ -69,8 +69,8 @@ read -r -p "----> Enter GPG decryption passphrase (appears in clear text): " PAS
# Decrypt the pushover-config.
echo "-> Decrypting /etc/pushover/*.gpg..."
for FILE in /etc/pushover/*.gpg; do
gpg -d --passphrase "$PASS" -o "/etc/pushover/${FILE%.gpg}" "$FILE"
chmod 640 "/etc/pushover/${FILE%.gpg}"
gpg -d --passphrase "$PASS" -o "${FILE%.gpg}" "$FILE"
chmod 640 "${FILE%.gpg}"
done
unset FILE
@ -149,7 +149,7 @@ unset PASS
echo "-> Archiving old logs..."
[[ ! -d /var/log/Archived ]] && mkdir -m 750 /var/log/Archived
[[ ! -d /var/log/Archived/pre-bootstrapping ]] && mkdir -m 750 /var/log/Archived/pre-bootstrapping
mv /var/log/{btmp.*,{cron,debug,maillog,messages,secure,spooler,syslog}{,.*}} /var/log/Archived/pre-bootstrapping/
mv -f /var/log/{btmp.*,{cron,debug,maillog,messages,secure,spooler,syslog}{,.*}} /var/log/Archived/pre-bootstrapping/ 2>/dev/null
# Restart syslogd.
echo "-> Restarting syslogd for new config..."

8
rc.d/rc.firewall
View file

@ -69,7 +69,7 @@ start_firewall() {
# Allow unrestricted access from our IPs.
for ENTRY in "${UNFILTERED_RANGES_V4[@]}"; do
iptables -A INPUT -i "$EX_IF" --s "$ENTRY" -j ACCEPT
iptables -A INPUT -i "$EX_IF" -s "$ENTRY" -j ACCEPT
done
for ENTRY in "${UNFILTERED_RANGES_V6[@]}"; do
ip6tables -A INPUT -i "$EX_IF" -s "$ENTRY" -j ACCEPT
@ -159,7 +159,9 @@ case "$1" in
;;
esac
# Restart fail2ban to re-create the ban chains.
[[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
# Unless the system is booting, restart fail2ban to re-create the ban chains.
[[ "$PREVLEVEL" != "N" ]] && {
[[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
}
exit 0

6
rc.d/rc.firewall-complete
View file

@ -205,7 +205,9 @@ case "$1" in
;;
esac
# Restart fail2ban to re-create the ban chains.
[[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
# Unless the system is booting, restart fail2ban to re-create the ban chains.
[[ "$PREVLEVEL" != "N" ]] && {
[[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
}
exit 0

6
rc.d/rc.firewall-float
View file

@ -187,7 +187,9 @@ case "$1" in
;;
esac
# Restart fail2ban to re-create the ban chains.
[[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
# Unless the system is booting, restart fail2ban to re-create the ban chains.
[[ "$PREVLEVEL" != "N" ]] && {
[[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
}
exit 0