45 lines
1.2 KiB
Bash
Executable File
45 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
SSHD_CONF=/etc/ssh/sshd_config
|
|
SSHD_PAM_CONF=/etc/pam.d/sshd
|
|
RUBLON_CONFIG=/etc/rublon.config
|
|
RUBLON_SSH_CONFIG=/etc/ssh/sshd_config.d/01-rublon-ssh.conf
|
|
|
|
if [ ! -f $RUBLON_CONFIG ]
|
|
then
|
|
cp -a /usr/share/rublon/rublon.config.defaults $RUBLON_CONFIG
|
|
chown root:root $RUBLON_CONFIG
|
|
chmod 640 $RUBLON_CONFIG
|
|
fi
|
|
|
|
if [ ! -f $RUBLON_SSH_CONFIG ]
|
|
then
|
|
cp -a /usr/share/rublon/service/01-rublon-ssh.conf.default $RUBLON_SSH_CONFIG
|
|
chown root:root $RUBLON_SSH_CONFIG
|
|
chmod 640 $RUBLON_SSH_CONFIG
|
|
fi
|
|
|
|
if [ -f /etc/os-release ]
|
|
then
|
|
. /etc/os-release
|
|
fi
|
|
|
|
#if [[ $ID == "rhel" || $ID=="alma" || $ID=="rocky" ]]
|
|
#then
|
|
# cd /usr/share/rublon/service
|
|
# checkmodule -M -m -o login_rublon.mod login_rublon.te
|
|
# semodule_package -o login_rublon.pp -m login_rublon.mod
|
|
# semodule -i login_rublon.pp
|
|
#fi
|
|
|
|
grep -qe 'auth required pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aauth required pam_rublon.so' $SSHD_PAM_CONF
|
|
grep -qe 'account required pam_rublon.so' $SSHD_PAM_CONF || sed -i '$aaccount required pam_rublon.so' $SSHD_PAM_CONF
|
|
|
|
if [[ $ID == "rhel" || $ID=="alma" || $ID=="rocky" ]]
|
|
then
|
|
systemctl restart sshd
|
|
else
|
|
deb-systemd-invoke restart ssh.service
|
|
fi
|
|
|