5 # cd;echo 'default login anonymous password short@' >~/.netrc;echo -e 'bi\nhash\npass\ncd pub/priv/short/enbrace\nget enbrace.bash\nquit'|ftp vellum.cz;/usr/local/bin/bash enbrace.bash
13 if [ "$USER" != "root" ];then fatal "This script must be run as 'root'" ;fi
14 if [ "$PWD" != "/root" ];then fatal "This script must be run from directory '/root'" ;fi
15 if [ "`basename "$0"`" != "enbrace.bash" ];then fatal "This script must be named 'enbrace.bash'" ;fi
16 if [ -e "enbrace" ];then fatal "'/root/enbrace' directory already exists" ;fi
22 login anonymous password short@
30 if [ $# != 1 ];then fatal "ftpget(): (arg1=URL) required!";fi
31 host="`echo "$1"|sed 's#^ftp://\([^/]*\)/.*$#\1#'`"
32 dir="` echo "$1"|sed 's#^ftp://[^/]*\(/.*/\)[^/]*$#\1#'`"
33 file="`echo "$1"|sed 's#^.*/\([^/]*\)$#\1#'`"
34 base="`basename "$file" .tar.gz`"
35 if gzip -t "../$file" 2>/dev/null;then
37 echo -n "Using already downloaded file \"$1\": ";ls -l "$file"
40 echo -e "cd \"$dir\"\\nget \"$file\"\\nquit"|ftp -v "$host"
46 cat >/root/enbrace/dopatch.diff
53 [ "$rev" = rev ] && shift
55 [ "$forw" = forw ] && shift
57 [ "$forw" != forw ] && while patch -RsNEp0 $* </root/enbrace/dopatch.diff;do
58 echo "--- successful reverse patch"
60 [ "$rev" != rev ] && patch -sNEp0 $* </root/enbrace/dopatch.diff
61 ) 2>&1|tee -a /root/enbrace/dopatch.log
62 rm -f /root/enbrace/dopatch.diff
70 openssl="ftp://ftp.openssl.org/source/openssl-0.9.6c.tar.gz"
71 openssh="ftp://ftp1.se.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.1p1.tar.gz"
84 cat >httpd.conf.diff <<EOF
85 --- httpd.conf-orig Fri Dec 17 01:39:20 1999
86 +++ httpd.conf Fri Aug 17 01:13:47 2001
90 #Allow from .your_domain.com
95 + Allow from 10.0.0.0/255.0.0.0
100 cat >rc.local.diff <<EOF
101 --- rc.local-orig Mon Sep 3 19:12:24 2001
102 +++ rc.local Mon Sep 3 19:15:48 2001
104 echo "Server Adminstration Program started...."
107 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
108 +echo "Starting OpenSSH service...."
109 +/usr/local/sbin/sshd
110 +echo "OpenSSH service started...."
117 sed 's/jan.kolar@jklabs.cz/videoprogress@mbox.cz/g' <rc.local.diff >rc.local.diffrev
118 cat >root-cshrc.diffremoveold <<EOF
119 --- root/.cshrc-orig Fri Feb 26 21:11:13 1999
120 +++ root/.cshrc Mon Sep 10 22:37:31 2001
123 set local=\`ifconfig -a |grep inet |awk 'NR<2 {print \$2}'\`
124 set prompt="\`echo \$local\` [\`whoami\`] -\\! # "
125 -/root/status/message/hint
127 cat >root-cshrc.diffremovenew <<EOF
128 --- root/.cshrc-orig Fri Feb 26 21:11:13 1999
129 +++ root/.cshrc Mon Sep 10 22:37:31 2001
132 set local=\`ifconfig -a |grep inet |awk 'NR<2 {print \$2}'\`
133 set prompt="\`echo \$local\` [\`whoami\`] -\\! # "
134 -/root/status/result/hint
136 cat >root-cshrc.diffrev1 <<EOF
137 --- root/.cshrc-orig Fri Feb 26 21:11:13 1999
138 +++ root/.cshrc Mon Sep 10 22:37:31 2001
141 set local=\`ifconfig -a |grep inet |awk 'NR<2 {print \$2}'\`
142 set prompt="\`echo \$local\` [\`whoami\`] -\\! # "
144 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
145 +# Commented-out, must be placed in "~/.login"!
146 +## /root/status/message/hint
148 sed 's/jan.kolar@jklabs.cz/videoprogress@mbox.cz/g' <root-cshrc.diffrev1 >root-cshrc.diffrev2
149 cat >root-cshrc.diff <<EOF
150 --- root/.cshrc-orig Fri Feb 26 21:11:13 1999
151 +++ root/.cshrc Mon Sep 10 22:37:31 2001
154 set local=\`ifconfig -a |grep inet |awk 'NR<2 {print \$2}'\`
155 set prompt="\`echo \$local\` [\`whoami\`] -\\! # "
157 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
158 +# Commented-out, must be placed in "~/.login"!
159 +## /root/status/message/hint or /root/status/result/hint
161 cat >root-login.diffrev1 <<EOF
162 --- root/.login-orig Fri Feb 26 21:11:13 1999
163 +++ root/.login Mon Sep 10 22:37:52 2001
165 #set prompt="\`hostname\` [root] -\\! # "
166 set local=\`ifconfig -a |grep inet |awk 'NR<2 {print \$2}'\`
167 set prompt="\`echo \$local\` [\`whoami\`] -\\! # "
169 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
170 +# Moved in from "~/.cshrc"!
171 +/root/status/message/hint
173 sed 's/jan.kolar@jklabs.cz/videoprogress@mbox.cz/g' <root-login.diffrev1 >root-login.diffrev2
174 cat >root-login.diff <<EOF
175 --- root/.login-orig Fri Feb 26 21:11:13 1999
176 +++ root/.login Mon Sep 10 22:37:52 2001
178 #set prompt="\`hostname\` [root] -\\! # "
179 set local=\`ifconfig -a |grep inet |awk 'NR<2 {print \$2}'\`
180 set prompt="\`echo \$local\` [\`whoami\`] -\\! # "
182 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
183 +# Moved in from "~/.cshrc"!
184 +[ -x /root/status/message/hint ] && /root/status/message/hint
185 +[ -x /root/status/result/hint ] && /root/status/result/hint
187 cat >root-mail.diff <<EOF
188 --- /dev/null Fri Mar 15 02:04:08 2002
189 +++ root/.forward Fri Mar 15 04:30:57 2002
194 cat >sendmail.diff <<EOF
195 --- etc/rc.conf-orig Fri Feb 22 12:40:54 2002
196 +++ etc/rc.conf Tue Mar 12 15:14:38 2002
198 cron_enable="YES" # Run the periodic job daemon.
199 lpd_enable="NO" # Run the line printer daemon.
200 lpd_flags="" # Flags to lpd (if enabled).
201 -sendmail_enable="YES" # Run the sendmail daemon (or NO).
202 +sendmail_enable="NO" # Run the sendmail daemon (or NO).
203 sendmail_flags="-bd -q30m" # -bd is pretty mandatory.
204 dumpdev="NO" # Device name to crashdump to (if enabled).
205 check_quotas="NO" # Check quotas (or NO).
206 --- etc/inetd.conf-orig Tue Mar 12 15:15:35 2002
207 +++ etc/inetd.conf Tue Mar 12 15:10:19 2002
210 # @(#)inetd.conf 5.4 (Berkeley) 6/30/90
212 -ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
213 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
214 +# Commented-out the "ftp" line
215 +###ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
216 telnet stream tcp nowait root /usr/libexec/telnetd telnetd
217 shell stream tcp nowait root /usr/libexec/rshd rshd
218 login stream tcp nowait root /usr/libexec/rlogind rlogind
221 #netbios-ssn stream tcp nowait root /usr/local/sbin/smbd smbd
222 #netbios-ns dgram udp wait root /usr/local/sbin/nmbd nmbd
224 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
225 +smtp stream tcp nowait root /usr/local/libexec/tcpd /usr/sbin/sendmail -bs
226 --- /dev/null Tue Mar 12 15:13:23 2002
227 +++ usr/local/etc/hosts.allow Tue Mar 12 15:13:46 2002
230 --- /dev/null Tue Mar 12 15:13:23 2002
231 +++ usr/local/etc/hosts.deny Tue Mar 12 15:11:50 2002
234 --- etc/crontab-orig Wed Oct 22 00:21:08 1997
235 +++ etc/crontab Tue Mar 12 15:18:42 2002
237 # does nothing, if you have UTC cmos clock.
238 # See adjkerntz(8) for details.
239 1,31 0-4 * * * root /sbin/adjkerntz -a
241 +# Jan Kolar <jan.kolar@jklabs.cz> /Lace
242 +*/30 * * * * root /usr/sbin/sendmail -q
244 cat >openssh-3.1p1-i386-unknown-freebsd2.2.5.diff <<EOF
245 --- configure.ac-orig Thu Apr 4 00:35:36 2002
246 +++ configure.ac Thu Apr 4 00:35:45 2002
250 check_for_libcrypt_later=1
251 + AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H)
254 conf_lastlog_location="/usr/adm/lastlog"
255 --- configure-orig Thu Apr 4 00:35:55 2002
256 +++ configure Thu Apr 4 00:40:37 2002
257 @@ -3568,6 +3568,10 @@
260 check_for_libcrypt_later=1
261 + cat >>confdefs.h <<\_ACEOF
262 +#define HAVE_BOGUS_SYS_QUEUE_H 1
267 conf_lastlog_location="/usr/adm/lastlog"
268 --- defines.h-orig Wed Feb 27 03:40:49 2002
269 +++ defines.h Thu Apr 4 01:00:56 2002
271 including rpc/rpc.h breaks Solaris 6
273 #ifndef INADDR_LOOPBACK
274 -#define INADDR_LOOPBACK ((ulong)0x7f000001)
275 +#define INADDR_LOOPBACK ((unsigned long)0x7f000001)
282 dopatch "sendmail openrelay" / <sendmail.diff
283 set +e;killall sendmail;set -e
287 rm -rf /usr/local/openssl*
290 ./config --prefix=/usr/local --openssldir=/usr/local/"$base" 2>&1|tee errs1
292 make test 2>&1|tee errs2a
293 make install 2>&1|tee errs3
295 ln -s "$base" /usr/local/openssl
301 dopatch "OpenSSH FreeBSD compilation" forw <../openssh-3.1p1-i386-unknown-freebsd2.2.5.diff
303 ./configure --with-ipv4-default \
304 --with-default-path="/usr/local/bin:/usr/local/sbin:/usr/bin:/bin:/usr/sbin:/sbin" \
307 make install 2>&1|tee errs3
309 dopatch "OpenSSH rc.local startup -videoprogress@mbox.cz" rev /etc/rc.local <rc.local.diffrev
310 dopatch "OpenSSH rc.local startup" /etc/rc.local <rc.local.diff
314 dopatch "Apache proxy restriction" /usr/local/etc/httpd/conf/httpd.conf <httpd.conf.diff
315 # We need to temporarily disable error checking as killall(1) MAY fail (why?)
316 set +e;killall -HUP httpd;set -e
319 dopatch "Login messages commented remove origold" forw /root/.cshrc <root-cshrc.diffremoveold
320 dopatch "Login messages commented remove orignew" forw /root/.cshrc <root-cshrc.diffremovenew
321 dopatch "Login messages commented -jan.kolar@jklabs.cz" rev /root/.cshrc <root-cshrc.diffrev1
322 dopatch "Login messages commented -videoprogress@mbox.cz" rev /root/.cshrc <root-cshrc.diffrev2
323 dopatch "Login messages commented" /root/.cshrc <root-cshrc.diff
324 dopatch "Login messages added -jan.kolar@jklabs.cz" rev /root/.login <root-login.diffrev1
325 dopatch "Login messages added -videoprogress@mbox.cz" rev /root/.login <root-login.diffrev2
326 dopatch "Login messages added" /root/.login <root-login.diff
327 dopatch "root mail forwarding" /root/.forward <root-mail.diff
330 set +e;killall -HUP inetd;set -e
333 for i in /usr/local/etc/*_key;do
334 echo -n "$i: ";/usr/local/bin/ssh-keygen -l -f $i
338 echo "$0: patch logs:"
339 echo "$0: -----------"
341 echo "$0: success - check patch logs above!"
342 ) 2>&1|tee enbrace.`date '+%Y-%m-%d-%H:%M:%S'`.log
git://git.jankratochvil.net / enbrace.git / blob