Script Configuración Automatica LDAP y Demás servicios

Hace no más de un mes escribí un script en bash para configurar automáticamente los clientes que migremos aquí en la Contraloría General del Edo. Sucre, aqui utilizamos varios servicos (apt-proxy, nfs, samba, ldap, etc.) puesto que no queria hacer lo mismo en cada maquina n veces me las arregle con esto!:

#!/bin/bash
# Inicio on paths relativos
# localizacion de los archivos de trabajo
path_nsswitch="/etc/nsswitch.conf"
path_commonaccount="/etc/pam.d/common-account"
path_commonauth="/etc/pam.d/common-auth"
path_commonpassword="/etc/pam.d/common-password"
path_commonsession="/etc/pam.d/common-session"
path_ldap="/etc/ldap.conf"
path_gdm="/etc/pam.d/gdm"
path_login="/etc/pam.d/login"
path_group="/etc/security/group.conf"
path_sources="/etc/apt/sources.list"
path_fstab="/etc/fstab"
path_rc="/etc/rc.local"
path_ldapsecret="/etc/ldap.secret"
path_interfaces="/etc/network/interfaces"
path_resolv="/etc/resolv.conf"

# identificación del usuario actual
usuario=$(whoami)

# verificación (si es root ejecuta codigo, sinó muestra mensaje y sale)
if [ "$usuario" != "root" ]; then
echo "Debes ejecutar este script como root"
exit 0
else
echo "Ejecutando como root"

# configuracion de la intefaz de red
echo "Configurando las interfaces de red"
echo "Introduzca el IP perteneciente a esta estación de trabajo"
read num_ip
echo "auto lo" > $path_interfaces
echo "iface lo inet loopback" >> $path_interfaces
echo "" >> $path_interfaces
echo "auto eth0" >> $path_interfaces
echo "iface eth0 inet static" >> $path_interfaces
echo "    address "$num_ip >> $path_interfaces
echo "    netmask 255.255.255.0" >> $path_interfaces
echo "nameserver 208.67.222.222" > $path_resolv
echo "nameserver 208.67.220.220" >> $path_resolv

echo "Configuración aplicada"

# se le asigna el ip temporal para el enrutado
ifconfig eth0 192.168.1.11

echo "Agregando la ruta de conexión temporal"
route add default gw 192.168.1.2

echo "Aplicando el apt-proxy"

# se escribe la nueva lista de sources con el apt-proxy
echo "deb http://192.168.1.7:9999/ubuntu gutsy main universe restricted multiverse
deb http://192.168.1.7:9999/ubuntu-security gutsy-security universe main multiverse restricted
deb http://192.168.1.7:9999/ubuntu gutsy-updates universe main multiverse restricted
deb http://192.168.1.7:9999/ubuntu gutsy-proposed universe main multiverse restricted
deb http://192.168.1.7:9999/ubuntu gutsy-backports universe main multiverse restricted" > $path_sources

echo "Actualizando lista de paquetes"
aptitude update

echo "Actualizando el Sistema"
aptitude full-upgrade -y

echo "Instalación de Paquetes Necesarios"
aptitude install myspell-es dosemu nfs-common portmap libpam-ldap libnss-ldap mozilla-firefox-locale-es-es smbfs openoffice.org-l10n-es msttcorefonts -y

# modificación de nsswitch.conf
echo "Configurando LDAP"
echo "# /etc/nsswitch.conf" > $path_nsswitch
echo "passwd:      files ldap" >> $path_nsswitch
echo "group:      files ldap" >> $path_nsswitch
echo "shadow:      files ldap" >> $path_nsswitch
echo "" >> $path_nsswitch
echo "hosts:      files dns" >> $path_nsswitch
echo "networks:      files" >> $path_nsswitch
echo "" >> $path_nsswitch
echo "protocols:      db files" >> $path_nsswitch
echo "services:       db files" >> $path_nsswitch
echo "ethers:         db files" >> $path_nsswitch
echo "rpc:            db files" >> $path_nsswitch
echo "" >> $path_nsswitch
echo "netgroup:       nis" >> $path_nsswitch

echo "    * nsswitch....... OK"

# modificando el common-account
echo "# /etc/pam.d/common-account" > $path_commonaccount
echo "account sufficient      pam_ldap.so" >> $path_commonaccount
echo "account required        pam_unix.so" >> $path_commonaccount
echo "    * common-account....... OK"

# modificando el common-auth
echo "# /etc/pam.d/common-auth" > $path_commonauth
echo "auth    sufficient      pam_ldap.so" >> $path_commonauth
echo "auth    required        pam_unix.so nullok_secure use_first_pass" >> $path_commonauth
echo "    * common-auth....... OK"

# modificando el common-password
echo "# /etc/pam.d/common-password" > $path_commonpassword
echo "password        sufficient      pam_ldap.so" >> $path_commonpassword
echo "password        required        pam_unix.so nullok obscure" >> $path_commonpassword
echo "    * common-password....... OK"

# modificando el common-session
echo "# /etc/pam.d/common-session" > $path_commonsession
echo "session required        pam_unix.so" >> $path_commonsession
echo "session required        pam_mkhomedir.so skel=/etc/skel/" >> $path_commonsession
echo "session optional        pam_ldap.so" >> $path_commonsession
echo "session optional        pam_foreground.so" >> $path_commonsession
echo "    * common-session....... OK"

# modificando el ldap.conf
echo "# /etc/ldap.conf" > $path_ldap
echo "host 192.168.1.1" >> $path_ldap
echo "base dc=cgeslnx" >> $path_ldap
echo "ldap_version 3" >> $path_ldap
echo "rootbinddn cn=admin,dc=cgeslnx" >> $path_ldap
echo "pam_password md5" >> $path_ldap
echo "bind_policy soft" >> $path_ldap
echo "    * ldap....... OK"

# modificando el ldap.secret
echo "pass_para_conectar" > $path_ldapsecret
chmod 600 /etc/ldap.secret
echo "    * ldap.secret....... OK"

echo "# /etc/pam.d/gdm"> $path_gdm
echo "#%PAM-1.0
auth    optional        pam_group.so
auth    requisite       pam_nologin.so
auth    required        pam_env.so readenv=1
auth    required        pam_env.so readenv=1 envfile=/etc/default/locale
@include common-auth
auth    optional        pam_gnome_keyring.so
@include common-account
session required        pam_limits.so
@include common-session
session optional        pam_gnome_keyring.so  auto_start
@include common-password" >> $path_gdm
echo "    * gdm....... OK"

echo "# /etc/pam.d/login" > $path_login
echo "auth    optional        pam_group.so
auth       requisite  pam_securetty.so
auth       requisite  pam_nologin.so
session       required   pam_env.so readenv=1
session       required   pam_env.so readenv=1 envfile=/etc/default/locale
@include common-auth
auth       optional   pam_group.so
session    required   pam_limits.so
session    optional   pam_lastlog.so
session    optional   pam_motd.so
session    optional   pam_mail.so standard
@include common-account
@include common-session
@include common-password" >> $path_login
echo "    * login....... OK"

echo "# /etc/security/group.conf " > $path_group
echo "login;*;*;Al0000-2400;users,cdrom,floppy,plugdev,audio,dip" >> $path_group
echo "gdm;*;*;Al0000-2400;users,cdrom,floppy,plugdev,audio,dip,video" >> $path_group
echo "    * group....... OK"

# Instalacion del punto de montaje de CIFS
echo "Configuración de los puntos de montajes"
echo "------------Montaje Samba-------------"
echo "Introduzca el nombre del shared: "
read nom_shared
mkdir /media/$nom_shared
echo "//192.168.1.3/"$nom_shared"/"$nom_shared"       /media/"$nom_shared"   cifs username=Administrador,password=pass_para_montar,rw,file_mode=0777,dir_mode=0777,iocharset=utf8 0       0" >> $path_fstab
chmod 600 /etc/fstab
echo "Montaje CIFS....... OK"
echo "CONFIGURACION REALIZADA CON EXITO!!!!"
echo "Recuerde ejecutar el script de instalación de sistemas"
exit 0
fi
Anuncios