oneiricscribe 0000600 0001750 0001750 00000016270 11654457754 011461 0 ustar jf jf #!/bin/bash
#Christophe Deze - Rectorat de Nantes
#script d'integration de station ubuntu 10.10 sur un scribe NG
#testé avec Scribe 2.2.2
# correction jftissoires@gmail.com pour Lyon avec oneiric 11.10
#
# version 1.0
# Run as root, of course.
if [ "$UID" -ne "0" ]
then
echo "Il faut etre root pour executer ce script. ==> sudo "
exit
fi
. /etc/lsb-release
if [ "$DISTRIB_RELEASE" != "11.10" ]
then
echo " La version ubuntu n'est pas 11.10 ! forcer avec 'Entrée' ? sinon ctrl_c "
read m
fi
ipscribepardefaut="192.168.220.10"
ipscribe=""
#export http_proxy=""
echo "Donnez l'ip du scribe par défaut : $ipscribepardefaut "
read ipscribe
if [ "$ipscribe" == "" ]
then
echo "ip non renseignée"
ipscribe=$ipscribepardefaut
fi
echo "scribe = "$ipscribe
#rendre debconf silencieux
export DEBIAN_FRONTEND="noninteractive"
export DEBIAN_PRIORITY="critical"
#installation des paquets necessaires
apt-get update
apt-get install -y ldap-auth-client libpam-mount sabayon smbfs
#Fichiers de config
# /etc/ldap.conf
echo "
# /etc/ldap.conf
host $ipscribe
base o=gouv, c=fr
nss_override_attribute_value shadowMax 999
" > /etc/ldap.conf
#copie du home de l'utilisateur local dans opt
#for file in `ls -d /home/*/ | xargs -l basename`; do
# cp -aR /home/$file /opt/
# sed -i "s/home\/$file/opt\/$file/g" /etc/passwd
#done
#auth ldap
echo "[open_ldap]
nss_passwd=passwd: files ldap
nss_group=group: files ldap
nss_shadow=shadow: files ldap
nss_netgroup=netgroup: nis
" > /etc/auth-client-config/profile.d/open_ldap
#application de la conf nsswitch
auth-client-config -t nss -p open_ldap
#modules PAM mkhomdir pour pam-auth-update
echo "Name: Make Home directory
Default: yes
Priority: 128
Session-Type: Additional
Session: optional pam_mkhomedir.so silent
" > /usr/share/pam-configs/mkhomedir
# mise en place de la conf pam.d
pam-auth-update consolekit ldap libpam-mount unix mkhomedir --force
#on remet debconf dans sa conf initiale
export DEBIAN_FRONTEND="dialog"
export DEBIAN_PRIORITY="high"
#montage des partages
professeurs=""
homes=""
netlogon=""
eclairng=""
grep "/media/serveur" /etc/security/pam_mount.conf.xml >/dev/null; if [ $? != 0 ];then sed -i "/<\!-- Volume definitions -->/a\ $eclairng" /etc/security/pam_mount.conf.xml; else echo "eclairng deja present";fi
grep "mountpoint=\"~\"" /etc/security/pam_mount.conf.xml >/dev/null; if [ $? != 0 ];then sed -i "/<\!-- Volume definitions -->/a\ $homes" /etc/security/pam_mount.conf.xml; else echo "homes deja present";fi
grep "/media/netlogon" /etc/security/pam_mount.conf.xml >/dev/null; if [ $? != 0 ];then sed -i "/<\!-- Volume definitions -->/a\ $netlogon" /etc/security/pam_mount.conf.xml; else echo "netlogon deja present";fi
grep "/media/professeurs" /etc/security/pam_mount.conf.xml >/dev/null; if [ $? != 0 ];then sed -i "/<\!-- Volume definitions -->/a\ $professeurs" /etc/security/pam_mount.conf.xml; else echo "professeurs deja present" ;fi
grep "mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o \"noexec,nosetuids,mapchars,cifsacl,serverino,nobrl,iocharset=utf8,user=%(USER),uid=%(USERUID)%(before=\\",\\" OPTIONS)\"" /etc/security/pam_mount.conf.xml >/dev/null; if [ $? != 0 ];then sed -i "/<\!-- pam_mount parameters: Volume-related -->/a\ mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o \"noexec,nosetuids,mapchars,cifsacl,serverino,nobrl,iocharset=utf8,user=%(USER),uid=%(USERUID)%(before=\\",\\" OPTIONS)\"" /etc/security/pam_mount.conf.xml; else echo "mount.cifs deja present";fi
#umount /media/netlogon dans /etc/gdm/PreSession/Default (pour creer partage groupes)
grep "if mount | grep -q \"/media/netlogon\" ; then umount /media/netlogon ;fi" /etc/gdm/PreSession/Default >/dev/null; if [ $? == 0 ];then echo "Presession Ok"; else echo "if mount | grep -q \"/media/netlogon\" ; then umount /media/netlogon ;fi" >> /etc/gdm/PreSession/Default;fi
#/etc/profile
echo "
export LC_ALL=fr_FR.utf8
export LANG=fr_FR.utf8
export LANGUAGE=fr_FR.utf8
" >> /etc/profile
#ne pas creer les dossiers par defaut dans home
sed -i "s/enabled=True/enabled=False/g" /etc/xdg/user-dirs.conf
# les profs peuvent sudo
grep "%DomainAdmins ALL=(ALL) ALL" /etc/sudoers > /dev/null; if [ $?!=0 ];then sed -i "/%admin ALL=(ALL) ALL/a\%DomainAdmins ALL=(ALL) ALL" /etc/sudoers; else echo "prof deja dans sudo";fi
#sabayon
grep -q "[[:space:]]\/home\/esu/[[:space:]]" /etc/fstab
[ $? = 1 ] && echo "//$ipscribe/esu /etc/sabayon/profiles cifs defaults,guest 0 2" >> /etc/fstab
#mkdir -p /home/esu
echo "mot de passe admin ?"
mount -t cifs //$ipscribe/esu /etc/sabayon/profiles -o username=admin
if mount | grep -q "/etc/sabayon/profiles"
then
echo '#!/bin/bash
#il faut etre admin pour droits ecriture partage esu
echo "mot de passe admin ?"
sudo mount -t cifs //'$ipscribe'/esu /etc/sabayon/profiles -o username=admin
sudo sabayon
#pas si profilescribe.zip=lien sym
#sudo mv /etc/sabayon/profiles/scribe.zip /etc/sabayon/profiles/scribe.zip
#sudo ln -s /home/esu/profilescribe.zip /etc/sabayon/profiles/profilescribe.zip
sudo umount /etc/sabayon/profiles
' > /etc/sabayon/profiles/maj_profile.sh
chmod +x /etc/sabayon/profiles/maj_profile.sh
fi
umount /etc/sabayon/profiles
echo '
' > /etc/sabayon/users.xml
echo '
' > /tmp/metadata
#pas si existe
if [ -e /etc/sabayon/profiles/scribe.zip ]
then
echo "/etc/sabayon/profiles/scribe.zip present"
else
echo " on cree un profile vierge par defaut"
zip -j /etc/sabayon/profiles/scribe.zip /tmp/metadata
fi
#if [ -h /etc/abayon/profiles/scribe.zip ]
#then
#echo "lien ok"
#else
#ln -s /home/esu/profilescribe.zip /etc/sabayon/-profiles/profilescribe.zip
#fi
#accessoire terminal
#sudo -s
#/home/esu/maj_profiles.sh
#profile scribe
#modifier
#
#et fermer session
#/etc/security/group.conf
grep "*;*;*;Al0000-2400;floppy,audio,cdrom,video,plugdev,scanner" /etc/security/group.conf >/dev/null; if [ $? != 0 ];then echo "*;*;*;Al0000-2400;floppy,audio,cdrom,video,plugdev,scanner" >> /etc/security/group.conf; else echo "group.conf ok";fi
#supression de l'applet fast-user-switch-applet
#gconftool --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type bool --set '/desktop/gnome/lockdown/disable_user_switching' true
gconftool --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type list --list-type=string --set '/apps/panel/default_setup/general/applet_id_list' '[clock,notification_area,show_desktop_button,window_list,workspace_switcher,trashapplet]'
sudo -u gdm gconftool-2 --set --type boolean /apps/gdm/simple-greeter/disable_user_list true
sed -i "s/X-GNOME-Autostart-enabled=true/X-GNOME-Autostart-enabled=false/g" /etc/xdg/autostart/nm-applet.desktop
echo "reboot necessaire"