hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-11-16 23:57:54 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
1babea36ca
HardenedBSD/release/sysinstall/installFinal.c
Jordan K. Hubbard 1babea36ca Lots-o-cleanup(tm): 
1. Fix the bogon I introduced that made some root filesystems fail to be
   made with `unable to make filesystem on sd1s1a' or some such error
   message.

2. Latest installment in the never-ending chapter on making FTP do the right
   thing on a cruel internet.

3. Make `express install' a truly express install and split off what it used
   to do into a `novice install' that's even more geared to the novice
   by asking questions in order, rather than forcing them through the menu
   interface.

4. Make anonymous FTP setup truly DTRT.

5. Build lndir directly into sysinstall and make the novice install offer
   to set up the ports tree.  Also make the ports setup truly explanatory
   about what it's doing, and always link the ports destination to /usr/ports
   if necessary so that bsd.port.mk doesn't need to be tweaked.
1995-11-03 12:02:45 +00:00

256 lines
8.9 KiB
C
Raw Blame History

/*
* The new sysinstall program.
*
* This is probably the last program in the `sysinstall' line - the next
* generation being essentially a complete rewrite.
*
* $Id: installFinal.c,v 1.13 1995/10/27 03:59:36 jkh Exp $
*
* Copyright (c) 1995
* Jordan Hubbard & Coranth Gryphon. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer,
* verbatim and that no modifications are made prior to this
* point in the file.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the authors listed above
* for the FreeBSD Project.
* 4. The names of the authors or the FreeBSD project may not be used to
* endorse or promote products derived from this software without specific
* prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE FREEBSD PROJECT ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR THEIR PETS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, LIFE OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
*/
#include "sysinstall.h"
#include <sys/disklabel.h>
#include <sys/errno.h>
#include <sys/ioctl.h>
#include <sys/fcntl.h>
#include <sys/wait.h>
#include <sys/param.h>
#include <sys/stat.h>
#include <unistd.h>
#include <sys/mount.h>
/* This file contains all the final configuration thingies */
static DMenu MenuSamba = {
DMENU_MULTIPLE_TYPE | DMENU_SELECTION_RETURNS,
"Samba Services Menu",
"This allows you to configure various aspects of your Samba server.",
NULL,
NULL,
{ { "Homes", "Make home directories available to users.",
DMENU_SET_VARIABLE, "SAMBA_homes=YES", 0, 0, dmenuVarCheck },
{ "Printers", "Allows for sharing of local printers.",
DMENU_SET_VARIABLE, "SAMBA_printers=YES", 0, 0, dmenuVarCheck},
{ "Export Paths", "Specify local directories to make available.",
DMENU_SET_VARIABLE, "SAMBA_export=YES", 0, 0, dmenuVarCheck },
{ NULL } },
};
/* These probably shouldn't be hard-coded, but making them options might prove to be even more confusing! */
#define FTP_UID 14
#define FTP_NAME "ftp"
#define FTP_GROUP "operator"
#define FTP_COMMENT "Anonymous FTP Admin"
#define SMB_CONF "./smb.conf"
/* Load gated package and maybe even seek to configure or explain it a little */
int
configGated(char *unused)
{
variable_set2("gated", "YES");
return RET_SUCCESS;
}
/* Configure this machine as an anonymous FTP server */
int
configAnonFTP(char *unused)
{
char *tptr;
char tbuf[256];
int i = RET_SUCCESS;
tptr = msgGetInput("/u", "What directory should the anonymous ftp account point to?");
if (tptr && *tptr && (tptr[0] == '/')) {
int len = strlen(tbuf);
strcpy(tbuf, tptr);
if (tbuf[len - 1] == '/')
tbuf[len - 1] = '\0';
if (vsystem("adduser -uid %d -home %s -shell date -dotdir no -batch %s %s \"%s\" ",
FTP_UID, tbuf, FTP_NAME, FTP_GROUP, FTP_COMMENT)) {
dialog_clear();
msgConfirm("Unable to create FTP user! Anonymous FTP setup failed.");
i = RET_FAIL;
}
else {
vsystem("mkdir -p %s; chmod 555 %s; chown root %s", tbuf, tbuf, tbuf);
vsystem("mkdir %s/bin && chmod 555 %s/bin", tbuf, tbuf);
vsystem("cp /bin/ls %s/bin && chmod 111 %s/bin/ls", tbuf, tbuf);
vsystem("mkdir %s/etc && chmod 555 %s/etc", tbuf, tbuf);
vsystem("cp /etc/pwd.db /etc/group %s/etc && chmod 444 %s/etc/pwd.db %s/etc/group", tbuf, tbuf, tbuf);
vsystem("mkdir -p %s/pub/incoming", tbuf);
vsystem("chmod 1777 %s/pub/incoming", tbuf);
vsystem("chown -R %s %s/pub", FTP_NAME, tbuf);
}
}
else {
dialog_clear();
msgConfirm("Invalid Directory. Anonymous FTP will not be set up.");
i = RET_FAIL;
}
return i;
}
int
configSamba(char *unused)
{
int i = RET_SUCCESS;
if (!dmenuOpenSimple(&MenuSamba))
i = RET_FAIL;
else {
FILE *fptr;
char tbuf[256], *tptr;
int tval;
fptr = fopen("/tmp/smb.conf","w");
if (fptr) {
strcpy(tbuf,"FreeBSD - Samba %v");
if (variable_get("SAMBA_string")) {
tptr = msgGetInput("FreeBSD - Samba %%v", "What should this server list as its description?\n"
"Note that the \"%%v\" refers to the samba version number.");
if (tptr && *tptr)
strcpy(tbuf, tptr);
}
fprintf(fptr, "[global]\n");
fprintf(fptr, "comment = %s\n", tbuf);
fprintf(fptr, "log file = /var/log/samba.log\n");
fprintf(fptr, "dont descend = /dev,/proc,/root,/stand\n\n");
fprintf(fptr, "printing = bsd\n");
fprintf(fptr, "map archive = no\n");
fprintf(fptr, "status = yes\n");
fprintf(fptr, "public = yes\n");
fprintf(fptr, "read only = no\n");
fprintf(fptr, "preserve case = yes\n");
fprintf(fptr, "strip dot = yes\n");
fprintf(fptr, "security = share\n");
fprintf(fptr, "guest ok = yes\n\n");
if (variable_get("SAMBA_homes")) {
fprintf(fptr, "[homes]\n");
fprintf(fptr, "browseable = no\n");
fprintf(fptr, "comment = User Home Directory\n");
fprintf(fptr, "create mode = 0775\n");
fprintf(fptr, "public = no\n\n");
}
if (variable_get("SAMBA_printers")) {
fprintf(fptr, "[printers]\n");
fprintf(fptr, "path = /var/spool\n");
fprintf(fptr, "comment = Printers\n");
fprintf(fptr, "create mode = 0700\n");
fprintf(fptr, "browseable = no\n");
fprintf(fptr, "printable = yes\n");
fprintf(fptr, "read only = yes\n");
fprintf(fptr, "public = no\n\n");
}
if (variable_get("SAMBA_export")) {
for (tval = 0; ! tval; tval = msgYesNo("Another?")) {
tptr = msgGetInput(NULL,"What directory to export?");
if (tptr && *tptr && (tptr[0] == '/')) {
int len = strlen(tbuf);
strcpy(tbuf, tptr);
if (tbuf[len - 1] == '/')
tbuf[len - 1] = '\0';
if (directoryExists(tbuf)) {
tptr = msgGetInput(pathBaseName(tbuf), "What do you want to call this share?");
if (tptr && *tptr) {
fprintf(fptr, "[%s]\npath = %s\n", tptr, tbuf);
tptr = msgGetInput(NULL, "Enter a short description of this share?");
if (tptr && *tptr)
fprintf(fptr, "comment = %s\n", tptr);
if (msgYesNo("Do you want this share to be read only?"))
fprintf(fptr, "read only = no\n\n");
else
fprintf(fptr, "read only = yes\n\n");
}
else {
dialog_clear();
msgConfirm("Invalid Share Name.");
}
}
else {
dialog_clear();
msgConfirm("Directory does not exist.");
}
} /* end if (tptr) */
} /* end for loop */
} /* end if (SAMBA_export) */
fclose(fptr);
vsystem("mv -f /tmp/smb.conf %s", SMB_CONF);
}
else {
dialog_clear();
msgConfirm("Unable to open temporary smb.conf file.\n"
"Samba will have to be configured by hand.");
}
}
return i;
}
int
configNFSServer(char *unused)
{
/* If we're an NFS server, we need an exports file */
if (!file_readable("/etc/exports")) {
dialog_clear();
msgConfirm("You have chosen to be an NFS server but have not yet configured\n"
"the /etc/exports file. You must configure this information before\n"
"other hosts will be able to mount file systems from your machine.\n"
"Press [ENTER] now to invoke an editor on /etc/exports");
vsystem("echo '#The following examples export /usr to 3 machines named after ducks,' > /etc/exports");
vsystem("echo '#/home and all directories under it to machines named after dead rock stars,' >> /etc/exports");
vsystem("echo '#and, finally, /a to 2 privileged machines allowed to write on it as root.' >> /etc/exports");
vsystem("echo '#/usr huey louie dewie' >> /etc/exports");
vsystem("echo '#/home -alldirs janice jimmy frank' >> /etc/exports");
vsystem("echo '#/a -maproot=0 bill albert' >> /etc/exports");
vsystem("echo '#' >> /etc/exports");
vsystem("echo '# You should replace these lines with your actual exported filesystems.' >> /etc/exports");
vsystem("echo >> /etc/exports");
systemExecute("ee /etc/exports");
}
variable_set2("nfs_server", "YES");
return RET_SUCCESS;
}
Reference in New Issue View Git Blame Copy Permalink