108 lines
4.3 KiB
Ruby
108 lines
4.3 KiB
Ruby
# -*- mode: ruby -*-
|
|
# vi: set ft=ruby :
|
|
|
|
# All Vagrant configuration is done below. The "2" in Vagrant.configure
|
|
# configures the configuration version (we support older styles for
|
|
# backwards compatibility). Please don't change it unless you know what
|
|
# you're doing.
|
|
Vagrant.configure("2") do |config|
|
|
config.vm.provider "virtualbox"
|
|
|
|
# The most common configuration options are documented and commented below.
|
|
# For a complete reference, please see the online documentation at
|
|
# https://docs.vagrantup.com.
|
|
|
|
# Every Vagrant development environment requires a box. You can search for
|
|
# boxes at https://vagrantcloud.com/search.
|
|
config.vm.box = "centos/6"
|
|
#config.vm.box = "centos/7"
|
|
|
|
# Disable automatic box update checking. If you disable this, then
|
|
# boxes will only be checked for updates when the user runs
|
|
# `vagrant box outdated`. This is not recommended.
|
|
# config.vm.box_check_update = false
|
|
|
|
# Create a forwarded port mapping which allows access to a specific port
|
|
# within the machine from a port on the host machine. In the example below,
|
|
# accessing "localhost:8080" will access port 80 on the guest machine.
|
|
# NOTE: This will enable public access to the opened port
|
|
# config.vm.network "forwarded_port", guest: 80, host: 8080
|
|
|
|
# Create a forwarded port mapping which allows access to a specific port
|
|
# within the machine from a port on the host machine and only allow access
|
|
# via 127.0.0.1 to disable public access
|
|
# config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
|
|
|
|
# Create a private network, which allows host-only access to the machine
|
|
# using a specific IP.
|
|
# config.vm.network "private_network", ip: "192.168.33.10"
|
|
|
|
# Create a public network, which generally matched to bridged network.
|
|
# Bridged networks make the machine appear as another physical device on
|
|
# your network.
|
|
config.vm.network "public_network"
|
|
|
|
config.vagrant.plugins = "vagrant-vbguest"
|
|
|
|
# Share an additional folder to the guest VM. The first argument is
|
|
# the path on the host to the actual folder. The second argument is
|
|
# the path on the guest to mount the folder. And the optional third
|
|
# argument is a set of non-required options.
|
|
config.vm.synced_folder "../..", "/home/vagrant/Rublon-Linux"
|
|
|
|
# Provider-specific configuration so you can fine-tune various
|
|
# backing providers for Vagrant. These expose provider-specific options.
|
|
# Example for VirtualBox:
|
|
#
|
|
config.vm.provider "virtualbox" do |vb|
|
|
# Display the VirtualBox GUI when booting the machine
|
|
vb.gui = true
|
|
#
|
|
# Customize the amount of memory on the VM:
|
|
# vb.memory = "1024"
|
|
end
|
|
#
|
|
# View the documentation for the provider you are using for more
|
|
# information on available options.
|
|
|
|
# Enable provisioning with a shell script. Additional provisioners such as
|
|
# Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
|
|
# documentation for more information about their specific syntax and use.
|
|
config.vm.provision "shell", inline: <<-SHELL
|
|
yum update
|
|
|
|
yum install -y curl-devel
|
|
yum install -y openssl-devel
|
|
yum install -y pam-devel
|
|
yum install -y policycoreutils-python
|
|
yum install -y https://centos6.iuscommunity.org/ius-release.rpm
|
|
yum install -y python36u
|
|
yum install -y python36u-devel
|
|
yum install -y python36u-pip
|
|
yum install -y epel-release
|
|
pip3.6 install "python-socketio[client]"
|
|
yum install -y policycoreutils-devel
|
|
yum install -y nano
|
|
|
|
sed -i 's/UsePAM .*/UsePAM yes/' /etc/ssh/sshd_config
|
|
sed -i 's/ChallengeResponseAuthentication .*/ChallengeResponseAuthentication yes/' /etc/ssh/sshd_config
|
|
|
|
cd /home/vagrant/Rublon-Linux/SSH/PAM/
|
|
make
|
|
make selinux
|
|
make install
|
|
|
|
useradd -s /bin/bash -m kwa
|
|
echo "kwa:kwa"|chpasswd
|
|
|
|
grep -q -e '#auth include password-auth' /etc/pam.d/sshd || sed -i -e 's/auth include password-auth/#auth include password-auth/g' /etc/pam.d/sshd
|
|
grep -q -e 'auth requisite pam_unix.so' /etc/pam.d/sshd || sed -i '\$aauth requisite pam_unix.so' /etc/pam.d/sshd
|
|
grep -q -e 'auth required pam_rublon.so' /etc/pam.d/sshd || sed -i '\$aauth required pam_rublon.so' /etc/pam.d/sshd
|
|
grep -q -e 'account required pam_rublon.so' /etc/pam.d/sshd || sed -i '\$aaccount required pam_rublon.so' /etc/pam.d/sshd
|
|
|
|
service sshd restart
|
|
|
|
#vagrant ssh -p -- -l psz
|
|
SHELL
|
|
end
|