5 # cd;echo 'default login anonymous password short@' >~/.netrc;echo -e 'bi\nhash\ncd pub/priv/short/enbrace\nget enbrace.bash\nquit'|ftp vellum.cz;/usr/local/bin/bash enbrace.bash
13 if [ "$USER" != "root" ];then fatal "This script must be run as 'root'" ;fi
14 if [ "$PWD" != "/root" ];then fatal "This script must be run from directory '/root'" ;fi
15 if [ "$0" != "enbrace.bash" ];then fatal "This script must be named 'enbrace.bash'" ;fi
16 if [ -e "enbrace" ];then fatal "'/root/enbrace' directory already exists" ;fi
22 login anonymous password short@
29 if [ $# != 1 ];then fatal "ftpget(): (arg1=URL) required!";fi
30 host="`echo "$1"|sed 's#^ftp://\([^/]*\)/.*$#\1#'`"
31 dir="` echo "$1"|sed 's#^ftp://[^/]*\(/.*/\)[^/]*$#\1#'`"
32 file="`echo "$1"|sed 's#^.*/\([^/]*\)$#\1#'`"
33 base="`basename "$file" .tar.gz`"
34 if gzip -t "../$file" 2>/dev/null;then
36 echo -n "Using already downloaded file \"$1\": ";ls -l "$file"
39 echo -e "cd \"$dir\"\\nget \"$file\"\\nquit"|ftp "$host"
48 openssl="ftp://ftp.openssl.org/source/openssl-0.9.6b.tar.gz"
49 openssh="ftp://ftp1.se.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.0p1.tar.gz"
62 cat >httpd.conf.diff <<EOF
63 --- httpd.conf-orig Fri Dec 17 01:39:20 1999
64 +++ httpd.conf Fri Aug 17 01:13:47 2001
68 #Allow from .your_domain.com
73 + Allow from 10.0.0.0/255.0.0.0
78 cat >rc.local.diff <<EOF
79 --- rc.local-orig Mon Sep 3 19:12:24 2001
80 +++ rc.local Mon Sep 3 19:15:48 2001
82 echo "Server Adminstration Program started...."
85 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
86 +echo "Starting OpenSSH service...."
88 +echo "OpenSSH service started...."
95 cat >root-cshrc.diff <<EOF
96 --- root/.cshrc-orig Fri Feb 26 21:11:13 1999
97 +++ root/.cshrc Mon Sep 10 22:37:31 2001
100 set local=\`ifconfig -a |grep inet |awk 'NR<2 {print \$2}'\`
101 set prompt="\`echo \$local\` [\`whoami\`] -\\! # "
102 -/root/status/message/hint
104 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
105 +# Commented-out, must be placed in "~/.login"!
106 +## /root/status/message/hint
108 cat >root-login.diff <<EOF
109 --- root/.login-orig Fri Feb 26 21:11:13 1999
110 +++ root/.login Mon Sep 10 22:37:52 2001
112 #set prompt="\`hostname\` [root] -\\! # "
113 set local=\`ifconfig -a |grep inet |awk 'NR<2 {print \$2}'\`
114 set prompt="\`echo \$local\` [\`whoami\`] -\\! # "
116 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
117 +# Moved in from "~/.cshrc"!
118 +/root/status/message/hint
120 cat >root-mail.diff <<EOF
121 --- /dev/null Fri Mar 15 02:04:08 2002
122 +++ root/.forward Fri Mar 15 04:30:57 2002
127 cat >sendmail.diff <<EOF
128 --- etc/rc.conf-orig Fri Feb 22 12:40:54 2002
129 +++ etc/rc.conf Tue Mar 12 15:14:38 2002
131 cron_enable="YES" # Run the periodic job daemon.
132 lpd_enable="NO" # Run the line printer daemon.
133 lpd_flags="" # Flags to lpd (if enabled).
134 -sendmail_enable="YES" # Run the sendmail daemon (or NO).
135 +sendmail_enable="NO" # Run the sendmail daemon (or NO).
136 sendmail_flags="-bd -q30m" # -bd is pretty mandatory.
137 dumpdev="NO" # Device name to crashdump to (if enabled).
138 check_quotas="NO" # Check quotas (or NO).
139 --- etc/inetd.conf-orig Tue Mar 12 15:15:35 2002
140 +++ etc/inetd.conf Tue Mar 12 15:10:19 2002
143 #netbios-ssn stream tcp nowait root /usr/local/sbin/smbd smbd
144 #netbios-ns dgram udp wait root /usr/local/sbin/nmbd nmbd
146 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
147 +smtp stream tcp nowait root /usr/local/libexec/tcpd /usr/sbin/sendmail -bs
148 --- /dev/null Tue Mar 12 15:13:23 2002
149 +++ usr/local/etc/hosts.allow Tue Mar 12 15:13:46 2002
152 --- /dev/null Tue Mar 12 15:13:23 2002
153 +++ usr/local/etc/hosts.deny Tue Mar 12 15:11:50 2002
156 --- etc/crontab-orig Wed Oct 22 00:21:08 1997
157 +++ etc/crontab Tue Mar 12 15:18:42 2002
159 # does nothing, if you have UTC cmos clock.
160 # See adjkerntz(8) for details.
161 1,31 0-4 * * * root /sbin/adjkerntz -a
163 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
164 +*/30 * * * * root /usr/sbin/sendmail -q
169 patch -sEp0 </root/enbrace/sendmail.diff
171 set +e;killall sendmail;set -e
175 rm -rf /usr/local/openssl*
178 ./config --prefix=/usr/local --openssldir=/usr/local/"$base" 2>&1|tee errs1
180 make test 2>&1|tee errs2a
181 make install 2>&1|tee errs3
183 ln -s "$base" /usr/local/openssl
190 ./configure --with-ipv4-default \
191 --with-default-path="/usr/local/bin:/usr/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin" \
194 make install 2>&1|tee errs3
196 patch /etc/rc.local <rc.local.diff
200 patch /usr/local/etc/httpd/conf/httpd.conf <httpd.conf.diff
201 # We need to temporarily disable error checking as killall(1) MAY fail (why?)
202 set +e;killall -HUP httpd;set -e
205 patch /root/.cshrc <root-cshrc.diff
206 patch /root/.login <root-login.diff
207 patch /root/.forward <root-mail.diff
210 set +e;killall -HUP inetd;set -e
213 for i in /usr/local/etc/*_key;do
214 echo -n "$i: ";/usr/local/bin/ssh-keygen -l -f $i
219 ) 2>&1|tee enbrace.`date '+%Y-%m-%H-%H:%M:%S'`.log