Vagrant

Nagios
Vagrant
2022-09-21 17:41:58 +02:00 · 2022-09-21 16:25:13 +02:00 · 2022-09-14 17:29:38 +02:00 · 2022-09-14 15:41:48 +02:00 · 2022-05-20 10:20:14 +02:00 · 2022-05-12 08:36:23 +02:00
37 changed files with 10370 additions and 0 deletions
--- a/Sio1/AP22/installation.sh
+++ b/Sio1/AP22/installation.sh
@ -0,0 +1,32 @@
+glpirel="9.5.7"
+dest=/var/www/html
+ 
+apt update
+ 
+apt install -y mariadb-server
+ 
+apt install -y apache2 php php-mysql php-gd php-ldap php-mbstring php-curl php-xml php-imap php-apcu php-cas
+wget -nc "https://github.com/glpi-project/glpi/releases/download/${glpirel}/glpi-${glpirel}.tgz"
+ 
+tar xvfz glpi-${glpirel}.tgz -C ${dest}
+ 
+cd ${dest}/glpi
+ 
+chown -R www-data:www-data lib config plugins files
+chown www-data:www-data ${dest}/glpi
+ 
+cd ${dest}/glpi/plugins
+ 
+wget -nc https://github.com/fusioninventory/fusioninventory-for-glpi/releases/download/glpi9.5%2B4.0/fusioninventory-9.5+4.0.tar.bz2
+bzip2 -d fusioninventory-9.5+4.0.tar.bz2
+tar xvf fusioninventory-9.5+4.0.tar
+chown -R www-data:www-data  ${dest}/glpi/plugins
+ 
+mkdir ${dest}/ficlients
+cd ${dest}/ficlients
+#wget -nc https://github.com/fusioninventory/fusioninventory-agent/releases/download/2.5.2/fusioninventory-agent_windows-x86_2.5.2.exe
+#wget -nc https://github.com/fusioninventory/fusioninventory-agent/releases/download/2.5.2/fusioninventory-agent_windows-x64_2.5.2.exe
+wget -nc https://github.com/glpi-project/glpi-agent/releases/download/1.2/GLPI-Agent-1.2-x64.msi
+chmod -R 755 ${dest}/ficlients
+ 
+systemctl restart apache2
--- a/Sio1/AP22/installationword.sh
+++ b/Sio1/AP22/installationword.sh
@ -0,0 +1,22 @@
+apt update
+apt install -y mariadb-server
+apt install -y apache2 php php-mysql php-gd php-ldap php-mbstring php-curl php-xml php-imap php-apcu php-cas
+sudo systemctl restart apache2
+sudo nano /etc/apache2/sites-available/wordpress.conf
+sudo a2enmod rewrite
+sudo apache2ctl configtest
+sudo systemctl restart apache2
+cd /tmp
+wget -O https://fr.wordpress.org/latest-fr_FR.tar.gz
+tar xzvf latest-fr_FR.tar.gz
+touch /tmp/wordpress/.htaccess
+cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
+mkdir /tmp/wordpress/wp-content/upgrade
+sudo cp -a /tmp/wordpress/. /var/www/wordpress
+sudo chown -R www-data:www-data /var/www/wordpress
+wget https://api.wordpress.org/secret-key/1.1/salt/
+sudo nano /var/www/wordpress/wp-config.php
+cd /var/www/wordpress/
+cp -r wordpress/ /var/www/html/
+sudo find /var/www/html/wordpress/ -type d -exec chmod 750 {} \;
+sudo find /var/www/html/wordpress/ -type f -exec chmod 640 {} \;
--- a/Sio1/SISR1/20-DNS/Master/db.domaine.lan
+++ b/Sio1/SISR1/20-DNS/Master/db.domaine.lan
@ -0,0 +1,20 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+domaine.lan.	IN	SOA	srv1.domaine.lan. root.srv1.domaine.lan. (
+			 2022020100	; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	srv1.domaine.lan.
+srv1	IN	A	192.168.0.110
+@	IN	NS	srv2.domaine.lan.
+srv2	IN	A	192.168.0.114
+
+;@	IN	AAAA	::1
+poste1  IN      A	192.168.0.111
+poste2  IN      A	192.168.0.112
+www2    IN      CNAME   poste1
--- a/Sio1/SISR1/20-DNS/Master/db.domaine.lan.rev
+++ b/Sio1/SISR1/20-DNS/Master/db.domaine.lan.rev
@ -0,0 +1,14 @@
+$TTL 38400	; 10 hours 40 minutes 
+@		IN SOA	srv1.domaine.lan. root.srv1.domaine.lan. (
+		2022020100 ; serial
+		10800      ; refresh (3 hours)
+		3600       ; retry (1 hour)
+		604800     ; expire (1 week)
+		38400      ; minimum (10 hours 40 minutes)
+	)
+	IN	NS	srv1.domaine.lan.
+	IN	NS	srv2.domaine.lan.
+
+110	IN	PTR	srv1.domaine.lan.
+111	IN	PTR	xp.domaine.lan.
+114	IN	PTR	srv2.domaine.lan.
--- a/Sio1/SISR1/20-DNS/Master/named.conf
+++ b/Sio1/SISR1/20-DNS/Master/named.conf
@ -0,0 +1,11 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
+// structure of BIND configuration files in Debian, *BEFORE* you customize 
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";
--- a/Sio1/SISR1/20-DNS/Master/named.conf.local
+++ b/Sio1/SISR1/20-DNS/Master/named.conf.local
@ -0,0 +1,20 @@
+//
+// Do any local configuration here
+//
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+
+// zone directe
+        zone "domaine.lan" {
+             type master;
+             file "/etc/bind/db.domaine.lan";
+        };
+
+// zone inverse 
+	zone "0.168.192.in-addr.arpa" {
+	     type master;
+             notify no;
+             file "/etc/bind/db.domaine.lan.rev";
+	};
--- a/Sio1/SISR1/20-DNS/Master/resolv.conf
+++ b/Sio1/SISR1/20-DNS/Master/resolv.conf
@ -0,0 +1,3 @@
+domain domaine.lan
+search domaine.lan
+nameserver 127.0.0.1
--- a/Sio1/SISR1/30-FiltrageEtDMZ/fw0.sh
+++ b/Sio1/SISR1/30-FiltrageEtDMZ/fw0.sh
@ -0,0 +1,12 @@
+#!/bin/bash
+
+IFEXT=enp0s3
+IFDMZ=enp0s8
+IFINT=enp0s9
+
+# ici instruction pour activer le routage
+sysctl -w net.ipv4.ip_forward=1
+# ici instructions pour definir les stratégies par defaut (etape 1)
+
+# ici instructions pour remettre a zero les chaines filter et nat (etape 1)
+
--- a/Sio1/SISR1/30-FiltrageEtDMZ/fw1.sh
+++ b/Sio1/SISR1/30-FiltrageEtDMZ/fw1.sh
@ -0,0 +1,21 @@
+#!/bin/bash
+
+IFEXT=enp0s3
+IFDMZ=enp0s8
+IFINT=enp0s9
+
+# ici instruction pour activer le routage
+sysctl -w net.ipv4.ip_forward=1
+
+# ici instructions pour definir les stratégies par defaut (etape 1)
+sudo iptables -P INPUT DROP
+sudo iptables -P OUTPUT DROP
+sudo iptables -P FORWARD DROP
+
+# ici instructions pour remettre a zero les chaines filter et nat (etape 1)
+sudo iptables -F -t nat
+sudo iptables -F -t filter
+
+# autorise le loopback
+sudo iptables -A INPUT -i lo -j ACCEPT
+sudo iptables -A OUTPUT -o lo -j ACCEPT
--- a/Sio1/SISR1/30-FiltrageEtDMZ/fw2.sh
+++ b/Sio1/SISR1/30-FiltrageEtDMZ/fw2.sh
@ -0,0 +1,28 @@
+#!/bin/bash
+set -e
+set -u
+
+IFEXT=enp0s3
+IFDMZ=enp0s8
+IFINT=enp0s9
+
+# ici instruction pour activer le routage
+sysctl -w net.ipv4.ip_forward=1
+
+# ici instructions pour definir les stratégies par defaut (etape 1)
+sudo iptables -P INPUT DROP
+sudo iptables -P OUTPUT DROP
+sudo iptables -P FORWARD DROP
+
+# ici instructions pour remettre a zero les chaines filter et nat (etape 1)
+sudo iptables -F -t nat
+sudo iptables -F -t filter
+
+# autorise le loopback
+sudo iptables -A INPUT -i lo -j ACCEPT
+sudo iptables -A OUTPUT -o lo -j ACCEPT
+
+# Connection ssh
+
+sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT #entrée
+sudo iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT #sortie
--- a/Sio1/SISR1/30-FiltrageEtDMZ/fw3.sh
+++ b/Sio1/SISR1/30-FiltrageEtDMZ/fw3.sh
@ -0,0 +1,36 @@
+#!/bin/bash
+set -e
+set -u
+
+IFEXT=enp0s3
+IFDMZ=enp0s8
+IFINT=enp0s9
+
+# ici instruction pour activer le routage
+sysctl -w net.ipv4.ip_forward=1
+
+# ici instructions pour definir les stratégies par defaut (etape 1)
+sudo iptables -P INPUT DROP
+sudo iptables -P OUTPUT DROP
+sudo iptables -P FORWARD DROP
+
+# ici instructions pour remettre a zero les chaines filter et nat (etape 1)
+sudo iptables -F -t nat
+sudo iptables -F -t filter
+
+# Loopback
+sudo iptables -A INPUT -i lo -j ACCEPT
+sudo iptables -A OUTPUT -o lo -j ACCEPT
+
+# Connexion ssh serveur
+sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT #entrée
+sudo iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT #sortie
+
+# Requete DNS client
+sudo iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
+sudo iptables -A INPUT -p udp --sport 53 -j ACCEPT
+
+# Acces HTTP client
+sudo iptables -A OUTPUT -p udp --dport 80 -j ACCEPT
+sudo iptables -A INPUT -p udp --sport 80 -j ACCEPT
+
--- a/Sio1/SISR1/30-FiltrageEtDMZ/fw4.sh
+++ b/Sio1/SISR1/30-FiltrageEtDMZ/fw4.sh
@ -0,0 +1,41 @@
+#!/bin/bash
+set -e
+set -u
+
+IFEXT=enp0s3
+IFDMZ=enp0s8
+IFINT=enp0s9
+
+# ici instruction pour activer le routage
+sysctl -w net.ipv4.ip_forward=1
+
+# ici instructions pour definir les stratégies par defaut (etape 1)
+sudo iptables -P INPUT DROP
+sudo iptables -P OUTPUT DROP
+sudo iptables -P FORWARD DROP
+
+# ici instructions pour remettre a zero les chaines filter et nat (etape 1)
+sudo iptables -F -t nat
+sudo iptables -F -t filter
+
+# Loopback
+sudo iptables -A INPUT -i lo -j ACCEPT
+sudo iptables -A OUTPUT -o lo -j ACCEPT
+
+# Connexion ssh serveur
+sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT #entrée
+sudo iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT #sortie
+
+# Requete DNS client
+sudo iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
+sudo iptables -A INPUT -p udp --sport 53 -j ACCEPT
+
+# Acces HTTP client
+sudo iptables -A OUTPUT -p udp --dport 80 -j ACCEPT
+sudo iptables -A INPUT -p udp --sport 80 -j ACCEPT
+
+# NAT sur la carte exterieur (pouvoir curl une machine de l'autre coter)
+sudo iptables -t nat -A POSTROUTING -o "${IFEXT}" -j MASQUERADE -s 10.0.0.0/16
+#sudo iptables -L -t nat # pour controler
+sudo iptables -A FORWARD -j ACCEPT
+
--- a/Sio1/SISR1/30-FiltrageEtDMZ/fw5.sh
+++ b/Sio1/SISR1/30-FiltrageEtDMZ/fw5.sh
@ -0,0 +1,46 @@
+#!/bin/bash
+set -e
+set -u
+
+IFEXT=enp0s3
+IFDMZ=enp0s8
+IFINT=enp0s9
+
+# ici instruction pour activer le routage
+sysctl -w net.ipv4.ip_forward=1
+
+# ici instructions pour definir les stratégies par defaut (etape 1)
+sudo iptables -P INPUT DROP
+sudo iptables -P OUTPUT DROP
+sudo iptables -P FORWARD DROP
+
+# ici instructions pour remettre a zero les chaines filter et nat (etape 1)
+sudo iptables -F -t nat
+sudo iptables -F -t filter
+
+# Loopback
+sudo iptables -A INPUT -i lo -j ACCEPT
+sudo iptables -A OUTPUT -o lo -j ACCEPT
+
+# Connexion ssh serveur
+sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT #entrée
+sudo iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT #sortie
+
+# Requete DNS client
+sudo iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
+sudo iptables -A INPUT -p udp --sport 53 -j ACCEPT
+
+# Acces HTTP client
+sudo iptables -A OUTPUT -p udp --dport 80 -j ACCEPT
+sudo iptables -A INPUT -p udp --sport 80 -j ACCEPT
+
+# NAT sur la carte exterieur (pouvoir curl une machine de l'autre coter)
+sudo iptables -t nat -A POSTROUTING -o "${IFEXT}" -j MASQUERADE -s 10.0.0.0/16
+sudo iptables -t nat -A POSTROUTING -o "${IFEXT}" -j MASQUERADE -s 172.16.0.0/16
+#sudo iptables -L -t nat # pour controler
+sudo iptables -A FORWARD -j ACCEPT
+
+# Acces DNS sortante
+sudo iptables -A FORWARD -p udp --dport 53 -j ACCEPT
+sudo iptables -A FORWARD -p udp --sport 53 -j ACCEPT
+
--- a/Sio1/SISR1/40-BashEtShell/CompteRenduBash
+++ b/Sio1/SISR1/40-BashEtShell/CompteRenduBash
@ -0,0 +1,157 @@
+Script démarré sur 2022-03-29 10:18:18+02:00 [TERM="xterm-256color" TTY="/dev/pts/0" COLUMNS="90" LINES="33"]
+[?2004hroot@TestBashShell:~/test# ls
+[?2004l
+CompteRenduBash  crsamba4  crsamba8	rsamba	    users2.txt.pwd
+crsamba1	 crsamba5  crsambaFini	SioTP	    users.txt
+crsamba2	 crsamba7  present	users2.txt  users.txt.pwd
+[?2004hroot@TestBashShell:~/test# nano users.txt
+[?2004l
+[?2004h[?1049h[22;0;0t[1;33r(B[m[4l[?7h[39;49m[?1h=[?1h=[?25l[39;49m(B[m[H[2J[31;39H(B[0;7m[ Lecture... ](B[m[31;34H(B[0;7m[ Lecture de 4 lignes ](B[m[H(B[0;7m  GNU nano 5.4                             users.txt                                      [1;89H(B[m
+[32d(B[0;7m^G(B[m Aide[32;16H(B[0;7m^O(B[m Écrire[31G(B[0;7m^W(B[m Chercher    (B[0;7m^K(B[m Couper[61G(B[0;7m^T(B[m Exécuter    (B[0;7m^C(B[m Emplacement
+[33d(B[0;7m^X(B[m Quitter     (B[0;7m^R(B[m Lire fich.  (B[0;7m^\(B[m Remplacer   (B[0;7m^U(B[m Coller[61G(B[0;7m^J(B[m Justifier   (B[0;7m^_(B[m Aller ligne
+[2dlucien:Lucien Dubois
+[3dclaudine:Claudine Dupont
+[4drobert:Robert Dupond
+[5dmarcelle:Marcelle Parde
+[2d[?12l[?25h[?25l[31d[J[33d[?12l[?25h[33;1H[?1049l[23;0;0t
+[?1l>[?2004l[?2004hroot@TestBashShell:~/test# nano users.txt[C2.txt
+[?2004l
+[?2004h[?1049h[22;0;0t[1;33r(B[m[4l[?7h[39;49m[?1h=[?1h=[?25l[39;49m(B[m[H[2J[31;39H(B[0;7m[ Lecture... ](B[m[31;34H(B[0;7m[ Lecture de 10 lignes ](B[m[H(B[0;7m  GNU nano 5.4                            users2.txt                                      [1;89H(B[m
+[32d(B[0;7m^G(B[m Aide[32;16H(B[0;7m^O(B[m Écrire[31G(B[0;7m^W(B[m Chercher    (B[0;7m^K(B[m Couper[61G(B[0;7m^T(B[m Exécuter    (B[0;7m^C(B[m Emplacement
+[33d(B[0;7m^X(B[m Quitter     (B[0;7m^R(B[m Lire fich.  (B[0;7m^\(B[m Remplacer   (B[0;7m^U(B[m Coller[61G(B[0;7m^J(B[m Justifier   (B[0;7m^_(B[m Aller ligne
+[5d[36m# Salut
+[6d[39m(B[mlucien:Lucien Dubois
+[7d[36m#-_-_-_-_-_-_-_-_-_-_-_-
+[8d[39m(B[mclaudine:Claudine Dupont
+[9drobert:Robert Dupond
+[10d[36m# ,   j
+[11d[39m(B[mmarcelle:Marcelle Parde
+[2d[?12l[?25h[?25l[31d[J[33d[?12l[?25h[33;1H[?1049l[23;0;0t
+[?1l>[?2004l[?2004hroot@TestBashShell:~/test# ./crsambaFini users.txt
+[?2004l
+./crsambaFini : utilisateur lucien existe deja
+./crsambaFini : utilisateur claudine existe deja
+./crsambaFini : utilisateur robert existe deja
+./crsambaFini : utilisateur marcelle existe deja
+[?2004hroot@TestBashShell:~/test# /.[K[K./rsamba users.txt
+[?2004l
+Utilisateur lucien supprime
+Utilisateur claudine supprime
+Utilisateur robert supprime
+Utilisateur marcelle supprime
+[?2004hroot@TestBashShell:~/test# ./rsamba users.txt[5@crsambaFini[C[C[C[C[C[C[C[C[C[C
+[?2004l
+[?2004hroot@TestBashShell:~/test# getent shadow
+[?2004l
+root:$y$j9T$TIAC5HDqvZSDu2CnCrCXV/$7rE1hZJr4Q4SyNu80hF9dbsNPHZBFjjsh0wxJnbZRI5:18873:0:99999:7:::
+daemon:*:18872:0:99999:7:::
+bin:*:18872:0:99999:7:::
+sys:*:18872:0:99999:7:::
+sync:*:18872:0:99999:7:::
+games:*:18872:0:99999:7:::
+man:*:18872:0:99999:7:::
+lp:*:18872:0:99999:7:::
+mail:*:18872:0:99999:7:::
+news:*:18872:0:99999:7:::
+uucp:*:18872:0:99999:7:::
+proxy:*:18872:0:99999:7:::
+www-data:*:18872:0:99999:7:::
+backup:*:18872:0:99999:7:::
+list:*:18872:0:99999:7:::
+irc:*:18872:0:99999:7:::
+gnats:*:18872:0:99999:7:::
+nobody:*:18872:0:99999:7:::
+_apt:*:18872:0:99999:7:::
+systemd-timesync:*:18872:0:99999:7:::
+systemd-network:*:18872:0:99999:7:::
+systemd-resolve:*:18872:0:99999:7:::
+messagebus:*:18873:0:99999:7:::
+sshd:*:18873:0:99999:7:::
+sio:$y$j9T$fhaQDQy5GkvNeuyxnf/Yg1$IrtSwszDRZ9g75BMk1wgcGfMPKMI6jQOD32pWNkSMV1:18873:0:99999:7:::
+systemd-coredump:!*:18873::::::
+lucien:$y$j9T$ZeC2TVITWi1AFpWvu3ylC0$CpoURwx6PVIzZv0bnRoKWYcnOn/t7whgwMV2PFgV/n7:19080:0:99999:7:::
+claudine:$y$j9T$S.6tFvH9ipa06FfPCDT.w.$AaGIJ8b140oWbKnGoYyIux4VjdYFhTReqWKRlthK7h6:19080:0:99999:7:::
+robert:$y$j9T$MkZBUpoUJbITG09pSIQrd/$rq.YwB083tDKS9Xl6SxOinfcbLenhOHJVFyujPS7gY6:19080:0:99999:7:::
+marcelle:$y$j9T$Uzp89MzZ84TUx6XpEKmrJ0$AHeUnn5UsTmphkHdi3N/n16fcVYZvnvQpyRfnl.AMC4:19080:0:99999:7:::
+[?2004hroot@TestBashShell:~/test# getent shadow./crsambaFini users.txt[5Prsamba[C[C[C[C[C[C[C[C[C[C
+[?2004l
+Utilisateur lucien supprime
+Utilisateur claudine supprime
+Utilisateur robert supprime
+Utilisateur marcelle supprime
+[?2004hroot@TestBashShell:~/test# ./rsamba users.txt[5Pgetent shadow
+[?2004l
+root:$y$j9T$TIAC5HDqvZSDu2CnCrCXV/$7rE1hZJr4Q4SyNu80hF9dbsNPHZBFjjsh0wxJnbZRI5:18873:0:99999:7:::
+daemon:*:18872:0:99999:7:::
+bin:*:18872:0:99999:7:::
+sys:*:18872:0:99999:7:::
+sync:*:18872:0:99999:7:::
+games:*:18872:0:99999:7:::
+man:*:18872:0:99999:7:::
+lp:*:18872:0:99999:7:::
+mail:*:18872:0:99999:7:::
+news:*:18872:0:99999:7:::
+uucp:*:18872:0:99999:7:::
+proxy:*:18872:0:99999:7:::
+www-data:*:18872:0:99999:7:::
+backup:*:18872:0:99999:7:::
+list:*:18872:0:99999:7:::
+irc:*:18872:0:99999:7:::
+gnats:*:18872:0:99999:7:::
+nobody:*:18872:0:99999:7:::
+_apt:*:18872:0:99999:7:::
+systemd-timesync:*:18872:0:99999:7:::
+systemd-network:*:18872:0:99999:7:::
+systemd-resolve:*:18872:0:99999:7:::
+messagebus:*:18873:0:99999:7:::
+sshd:*:18873:0:99999:7:::
+sio:$y$j9T$fhaQDQy5GkvNeuyxnf/Yg1$IrtSwszDRZ9g75BMk1wgcGfMPKMI6jQOD32pWNkSMV1:18873:0:99999:7:::
+systemd-coredump:!*:18873::::::
+[?2004hroot@TestBashShell:~/test# getent shadow./rsamba users.txt[5Pgetent shadow./crsambaFini users.txt[5Prsamba[C[C[C[C[C[C[C[C[C[C[5@crsambaFini[C[C[C[C[C[C[C[C[C[C[C2.txt
+[?2004l
+[?2004hroot@TestBashShell:~/test# ./crsambaFini users2.txt[11Pgetent shadow
+[?2004l
+root:$y$j9T$TIAC5HDqvZSDu2CnCrCXV/$7rE1hZJr4Q4SyNu80hF9dbsNPHZBFjjsh0wxJnbZRI5:18873:0:99999:7:::
+daemon:*:18872:0:99999:7:::
+bin:*:18872:0:99999:7:::
+sys:*:18872:0:99999:7:::
+sync:*:18872:0:99999:7:::
+games:*:18872:0:99999:7:::
+man:*:18872:0:99999:7:::
+lp:*:18872:0:99999:7:::
+mail:*:18872:0:99999:7:::
+news:*:18872:0:99999:7:::
+uucp:*:18872:0:99999:7:::
+proxy:*:18872:0:99999:7:::
+www-data:*:18872:0:99999:7:::
+backup:*:18872:0:99999:7:::
+list:*:18872:0:99999:7:::
+irc:*:18872:0:99999:7:::
+gnats:*:18872:0:99999:7:::
+nobody:*:18872:0:99999:7:::
+_apt:*:18872:0:99999:7:::
+systemd-timesync:*:18872:0:99999:7:::
+systemd-network:*:18872:0:99999:7:::
+systemd-resolve:*:18872:0:99999:7:::
+messagebus:*:18873:0:99999:7:::
+sshd:*:18873:0:99999:7:::
+sio:$y$j9T$fhaQDQy5GkvNeuyxnf/Yg1$IrtSwszDRZ9g75BMk1wgcGfMPKMI6jQOD32pWNkSMV1:18873:0:99999:7:::
+systemd-coredump:!*:18873::::::
+lucien:$y$j9T$/w5UzDIy4Ya9jSySl6mPn.$I59QPyDLLGXu0USyvHgqgoJlF/rcjcAYOWxVO703Hq5:19080:0:99999:7:::
+claudine:$y$j9T$UyQDXKp5P6mbHgKqJeYC41$LqUl1NewksM4aOZgnFMPPhMpd/hFKfPa9ByhnMHgfND:19080:0:99999:7:::
+robert:$y$j9T$Vwc34rv0bYLl56bB1iplP0$Cu4dYpt9MUugy8M.0kYlwa5skwR8qnDbPqpIzYVjra7:19080:0:99999:7:::
+marcelle:$y$j9T$hEIMX3JYqvmkpUKHs9Z4O.$wFWYxPGAK2GNDLw9NYffNeWG2s4bPMFvkFgSzf4xLo2:19080:0:99999:7:::
+[?2004hroot@TestBashShell:~/test# getent shadow./crsambaFini users2.txt[11Pgetent shadow./rsamba users.txt2.txt
+[?2004l
+Utilisateur lucien supprime
+Utilisateur claudine supprime
+Utilisateur robert supprime
+Utilisateur marcelle supprime
+[?2004hroot@TestBashShell:~/test# ./rsamba users2.txt[6Pgetent shadow
+[?2004l
+root:$y$j9T$TIAC5HDqvZSDu2CnCrCXV/$7rE1hZJr4Q4SyNu80hF9dbsNPHZBFjjsh0wxJnbZRI5:18873:0:99999:7:::
+daemon:*:18872:0:99999:7:::
+bin:*:18872:0:99999:7:::
+sys:*:18872:0:99999:7:::
+sync:*:18872:0:99999:7:::
+games:*:18872:0:99999:7:::
--- a/Sio1/SISR1/40-BashEtShell/SioTP
+++ b/Sio1/SISR1/40-BashEtShell/SioTP
--- a/Sio1/SISR1/40-BashEtShell/crsamba1
+++ b/Sio1/SISR1/40-BashEtShell/crsamba1
@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -e
+set -u
+
+fich=users.txt
+while read ligne
+do
+	echo "${ligne}"
+done < $fich
--- a/Sio1/SISR1/40-BashEtShell/crsamba2
+++ b/Sio1/SISR1/40-BashEtShell/crsamba2
@ -0,0 +1,21 @@
+#!/bin/bash
+
+#set -e
+#set -u
+
+fich=$1
+
+if [[ $# -ne 1 ]] ; then
+	echo "usage : $0 <fichier>"
+	exit 1
+fi
+
+if [[ ! -r "${fich}" ]] ; then
+	echo "$0 : erreur ouverture ${fich}"
+	exit 2
+fi
+
+while read ligne
+do
+	echo "${ligne}"
+done < $fich
--- a/Sio1/SISR1/40-BashEtShell/crsamba4
+++ b/Sio1/SISR1/40-BashEtShell/crsamba4
@ -0,0 +1,22 @@
+#!/bin/bash
+
+#set -e
+#set -u
+
+if [[ $# -ne 1 ]] ; then
+	echo "usage : $0 <fichier>"
+	exit 1
+fi
+
+if [[ ! -r "$1" ]] ; then
+	echo "$0 : erreur ouverture ${fich}"
+	exit 2
+fi
+
+
+
+fich=$1
+while read ligne
+do
+	echo "${ligne}"|cut -d: -f1
+done < $fich
--- a/Sio1/SISR1/40-BashEtShell/crsamba5
+++ b/Sio1/SISR1/40-BashEtShell/crsamba5
@ -0,0 +1,30 @@
+#!/bin/bash
+
+#set -e
+#set -u
+
+if [[ $# -ne 1 ]] ; then
+	echo "usage : $0 <fichier>"
+	exit 1
+fi
+
+if [[ ! -r "$1" ]] ; then
+	echo "$0 : erreur ouverture ${fich}"
+	exit 2
+fi
+
+fich=$1
+while read ligne
+do
+	login=$(echo "${ligne}"|cut -d: -f1)
+	nom=$(echo "${ligne}"|cut -d: -f2)
+	#echo "${login} ${nom}"
+	getent passwd "${login}" >> /dev/null
+	if [[ $? -ne 0 ]] ; then
+		sudo useradd --create-home --home-dir /home/"${login}" --shell /bin/bash --comment "${nom}" "${login}"
+	else
+		echo "$0 : utilisateur ${login} existe deja"
+	fi
+
+done < $fich
+
--- a/Sio1/SISR1/40-BashEtShell/crsamba7
+++ b/Sio1/SISR1/40-BashEtShell/crsamba7
@ -0,0 +1,33 @@
+#!/bin/bash
+
+#set -e
+#set -u
+
+if [[ $# -ne 1 ]] ; then
+	echo "usage : $0 <fichier>"
+	exit 1
+fi
+
+if [[ ! -r "$1" ]] ; then
+	echo "$0 : erreur ouverture ${fich}"
+	exit 2
+fi
+
+fich=$1
+while read ligne
+do
+	login=$(echo "${ligne}"|cut -d: -f1)
+	nom=$(echo "${ligne}"|cut -d: -f2)
+	#echo "${login} ${nom}"
+	getent passwd "${login}" >> /dev/null
+	if [[ $? -ne 0 ]] ; then
+		sudo useradd --create-home --home-dir /home/"${login}" --shell /bin/bash --comment "${nom}" "${login}"
+		mdp=$(pwgen 6 1)
+		#echo "${mdp}"
+		echo "${login}:${mdp}"|chpasswd
+		echo "${login}:${mdp}" >> "${fich}.pwd"
+	else
+		echo "$0 : utilisateur ${login} existe deja"
+	fi
+done < $fich
+
--- a/Sio1/SISR1/40-BashEtShell/crsamba8
+++ b/Sio1/SISR1/40-BashEtShell/crsamba8
@ -0,0 +1,35 @@
+#!/bin/bash
+
+#set -e
+#set -u
+
+if [[ $# -ne 1 ]] ; then
+	echo "usage : $0 <fichier>"
+	exit 1
+fi
+
+if [[ ! -r "$1" ]] ; then
+	echo "$0 : erreur ouverture ${fich}"
+	exit 2
+fi
+
+fich=$1
+while read ligne
+do
+	echo "$ligne" | grep "^#" >> /dev/null && continue
+	[[ -z "$ligne" ]] && continue
+	login=$(echo "${ligne}"|cut -d: -f1)
+	nom=$(echo "${ligne}"|cut -d: -f2)
+	#echo "${login} ${nom}"
+	getent passwd "${login}" >> /dev/null
+	if [[ $? -ne 0 ]] ; then
+		sudo useradd --create-home --home-dir /home/"${login}" --shell /bin/bash --comment "${nom}" "${login}"
+		mdp=$(pwgen 6 1)
+		#echo "${mdp}"
+		echo "${login}:${mdp}"|chpasswd
+		echo "${login}:${mdp}" >> "${fich}.pwd"
+	else
+		echo "$0 : utilisateur ${login} existe deja"
+	fi
+done < $fich
+
--- a/Sio1/SISR1/40-BashEtShell/crsambaFini
+++ b/Sio1/SISR1/40-BashEtShell/crsambaFini
@ -0,0 +1,34 @@
+#!/bin/bash
+
+#set -e
+#set -u
+
+if [[ $# -ne 1 ]] ; then
+	echo "usage : $0 <fichier>" #nombre de paramètre != 1 on sort du programme.
+	exit 1
+fi
+
+if [[ ! -r "$1" ]] ; then
+	echo "$0 : erreur ouverture ${fich}" # erreur ouverture du fichier on sort du programme.
+	exit 2
+fi
+
+fich=$1
+while read ligne #lecture par ligne du fichier
+do
+	echo "$ligne" | grep "^#" >> /dev/null && continue #ignore les ligne commentes dans le fichier
+	[[ -z "$ligne" ]] && continue #ignore les lignes vides
+	login=$(echo "${ligne}"|cut -d: -f1) #recuperation login
+	nom=$(echo "${ligne}"|cut -d: -f2) #recuperation nom long
+	#echo "${login} ${nom}"
+	getent passwd "${login}" >> /dev/null
+	if [[ $? -ne 0 ]] ; then # si utilisateur inexistant on peut creer
+		sudo useradd --create-home --home-dir /home/"${login}" --shell /bin/bash --comment "${nom}" "${login}" # creation utilisateur
+		mdp=$(pwgen 6 1) # creation mot de passe
+		#echo "${mdp}"
+		echo "${login}:${mdp}"|chpasswd #affectation mot de passe utilisateur
+		echo "${login}:${mdp}" >> "${fich}.pwd" #stocke mot de passe dans fichier
+	else
+		echo "$0 : utilisateur ${login} existe deja"
+	fi
+done < $fich
--- a/Sio1/SISR1/40-BashEtShell/present
+++ b/Sio1/SISR1/40-BashEtShell/present
@ -0,0 +1,12 @@
+#!/bin/bash
+#set -e
+set -u
+
+qui=$1
+who |grep "^${qui}" >> /dev/null
+if [[ $? -eq 0 ]] ; then
+	echo "${qui} est connecte"
+else
+	echo "${qui} n'est pas connecte"
+fi
+exit 0
--- a/Sio1/SISR1/40-BashEtShell/rsamba
+++ b/Sio1/SISR1/40-BashEtShell/rsamba
@ -0,0 +1,27 @@
+#!/bin/bash
+
+#set -e
+set -u
+
+if [[ $# -ne 1 ]] ; then
+	echo "usage : $0 <fichier>"
+	exit 1
+fi
+
+if [[ ! -r "$1" ]] ; then
+	echo "$0 : erreur ouverture ${fich}"
+	exit 2
+fi
+
+fich=$1
+
+while read -r ligne
+do
+	login=$(echo "${ligne}"|cut -d: -f1)
+	getent passwd "${login}" > /dev/null
+	if [[ $? -eq 0 ]] ; then
+		sudo userdel --remove "${login}"
+		echo "Utilisateur ${login} supprime"
+	fi
+
+done < "${fich}"
--- a/Sio1/SISR1/40-BashEtShell/users.txt
+++ b/Sio1/SISR1/40-BashEtShell/users.txt
@ -0,0 +1,4 @@
+lucien:Lucien Dubois
+claudine:Claudine Dupont
+robert:Robert Dupond
+marcelle:Marcelle Parde
--- a/Sio1/SISR1/40-BashEtShell/users.txt.pwd
+++ b/Sio1/SISR1/40-BashEtShell/users.txt.pwd
@ -0,0 +1,8 @@
+lucien:naid0O
+claudine:ooC8oh
+robert:Ax0aiy
+marcelle:iv7Oot
+lucien:Mie8sh
+claudine:loHe1t
+robert:Phoo5i
+marcelle:WuaL5i
--- a/Sio1/SISR1/40-BashEtShell/users2.txt
+++ b/Sio1/SISR1/40-BashEtShell/users2.txt
@ -0,0 +1,10 @@
+
+
+
+# Salut
+lucien:Lucien Dubois
+#-_-_-_-_-_-_-_-_-_-_-_-
+claudine:Claudine Dupont
+robert:Robert Dupond
+# ,   j
+marcelle:Marcelle Parde
--- a/Sio1/SISR1/40-BashEtShell/users2.txt.pwd
+++ b/Sio1/SISR1/40-BashEtShell/users2.txt.pwd
@ -0,0 +1,16 @@
+lucien:oi6ooG
+claudine:Aru6Vi
+robert:ooGa5c
+marcelle:lau7Eu
+lucien:ca2liJ
+claudine:Quoo6o
+robert:LooKi9
+marcelle:Iegh3b
+lucien:Wah4fu
+claudine:Yae3th
+robert:phi1Is
+marcelle:Bip8Sh
+lucien:ja1EeS
+claudine:za1voG
+robert:UMieM3
+marcelle:Emix6X
--- a/Sio1/SISR1/lynis.log
+++ b/Sio1/SISR1/lynis.log
--- a/Sio2/CYBER/10-Nagios/cgi.cfg
+++ b/Sio2/CYBER/10-Nagios/cgi.cfg
@ -0,0 +1,422 @@
+#################################################################
+#
+# CGI.CFG - Sample CGI Configuration File for Nagios 4.4.6
+#
+#
+#################################################################
+
+
+# MAIN CONFIGURATION FILE
+# This tells the CGIs where to find your main configuration file.
+# The CGIs will read the main and host config files for any other
+# data they might need.
+
+main_config_file=/etc/nagios4/nagios.cfg
+
+
+
+# PHYSICAL HTML PATH
+# This is the path where the HTML files for Nagios reside.  This
+# value is used to locate the logo images needed by the statusmap
+# and statuswrl CGIs.
+
+physical_html_path=/usr/share/nagios4/htdocs
+
+
+
+# URL HTML PATH
+# This is the path portion of the URL that corresponds to the
+# physical location of the Nagios HTML files (as defined above).
+# This value is used by the CGIs to locate the online documentation
+# and graphics.  If you access the Nagios pages with an URL like
+# http://www.myhost.com/nagios, this value should be '/nagios'
+# (without the quotes).
+
+url_html_path=/nagios4
+
+
+
+# CONTEXT-SENSITIVE HELP
+# This option determines whether or not a context-sensitive
+# help icon will be displayed for most of the CGIs.
+# Values: 0 = disables context-sensitive help
+#         1 = enables context-sensitive help
+
+show_context_help=0
+
+
+
+# PENDING STATES OPTION
+# This option determines what states should be displayed in the web
+# interface for hosts/services that have not yet been checked.
+# Values: 0 = leave hosts/services that have not been check yet in their original state
+#         1 = mark hosts/services that have not been checked yet as PENDING
+
+use_pending_states=1
+
+
+
+# AUTHENTICATION USAGE
+# This option controls whether or not the CGIs will use any
+# authentication when displaying host and service information, as
+# well as committing commands to Nagios for processing.
+#
+# Read the HTML documentation to learn how the authorization works!
+#
+# NOTE: It is a really *bad* idea to disable authorization, unless
+# you plan on removing the command CGI (cmd.cgi)!  Failure to do
+# so will leave you wide open to kiddies messing with Nagios and
+# possibly hitting you with a denial of service attack by filling up
+# your drive by continuously writing to your command file!
+#
+# Setting this value to 0 will cause the CGIs to *not* use
+# authentication (bad idea), while any other value will make them
+# use the authentication functions (the default).
+
+use_authentication=0
+
+
+
+# x509 CERT AUTHENTICATION
+# When enabled, this option allows you to use x509 cert (SSL)
+# authentication in the CGIs.  This is an advanced option and should
+# not be enabled unless you know what you're doing.
+
+use_ssl_authentication=0
+
+
+
+# DEFAULT USER
+# Setting this variable will define a default user name that can
+# access pages without authentication.  This allows people within a
+# secure domain (i.e., behind a firewall) to see the current status
+# without authenticating.  You may want to use this to avoid basic
+# authentication if you are not using a secure server since basic
+# authentication transmits passwords in the clear.
+#
+# Important:  Do not define a default username unless you are
+# running a secure web server and are sure that everyone who has
+# access to the CGIs has been authenticated in some manner!  If you
+# define this variable, anyone who has not authenticated to the web
+# server will inherit all rights you assign to this user!
+
+#default_user_name=guest
+
+
+
+# SYSTEM/PROCESS INFORMATION ACCESS
+# This option is a comma-delimited list of all usernames that
+# have access to viewing the Nagios process information as
+# provided by the Extended Information CGI (extinfo.cgi).  By
+# default, *no one* has access to this unless you choose to
+# not use authorization.  You may use an asterisk (*) to
+# authorize any user who has authenticated to the web server.
+
+authorized_for_system_information=nagiosadmin
+
+
+
+# CONFIGURATION INFORMATION ACCESS
+# This option is a comma-delimited list of all usernames that
+# can view ALL configuration information (hosts, commands, etc).
+# By default, users can only view configuration information
+# for the hosts and services they are contacts for. You may use
+# an asterisk (*) to authorize any user who has authenticated
+# to the web server.
+
+authorized_for_configuration_information=nagiosadmin
+
+
+
+# SYSTEM/PROCESS COMMAND ACCESS
+# This option is a comma-delimited list of all usernames that
+# can issue shutdown and restart commands to Nagios via the
+# command CGI (cmd.cgi).  Users in this list can also change
+# the program mode to active or standby. By default, *no one*
+# has access to this unless you choose to not use authorization.
+# You may use an asterisk (*) to authorize any user who has
+# authenticated to the web server.
+
+authorized_for_system_commands=nagiosadmin
+
+
+
+# GLOBAL HOST/SERVICE VIEW ACCESS
+# These two options are comma-delimited lists of all usernames that
+# can view information for all hosts and services that are being
+# monitored.  By default, users can only view information
+# for hosts or services that they are contacts for (unless you
+# you choose to not use authorization). You may use an asterisk (*)
+# to authorize any user who has authenticated to the web server.
+
+authorized_for_all_services=nagiosadmin
+authorized_for_all_hosts=nagiosadmin
+
+
+
+# GLOBAL HOST/SERVICE COMMAND ACCESS
+# These two options are comma-delimited lists of all usernames that
+# can issue host or service related commands via the command
+# CGI (cmd.cgi) for all hosts and services that are being monitored.
+# By default, users can only issue commands for hosts or services
+# that they are contacts for (unless you you choose to not use
+# authorization).  You may use an asterisk (*) to authorize any
+# user who has authenticated to the web server.
+
+authorized_for_all_service_commands=nagiosadmin
+authorized_for_all_host_commands=nagiosadmin
+
+
+
+# READ-ONLY USERS
+# A comma-delimited list of usernames that have read-only rights in
+# the CGIs.  This will block any service or host commands normally shown
+# on the extinfo CGI pages.  It will also block comments from being shown
+# to read-only users.
+
+#authorized_for_read_only=user1,user2
+
+
+
+# STATUSMAP BACKGROUND IMAGE
+# This option allows you to specify an image to be used as a
+# background in the statusmap CGI.  It is assumed that the image
+# resides in the HTML images path (i.e. /usr/local/nagios/share/images).
+# This path is automatically determined by appending "/images"
+# to the path specified by the 'physical_html_path' directive.
+# Note:  The image file may be in GIF, PNG, JPEG, or GD2 format.
+# However, I recommend that you convert your image to GD2 format
+# (uncompressed) but ONLY IF YOU WILL USE THE LEGACY MAP EXCLUSIVELY,
+# as this will cause less CPU load when the CGI generates the image.
+
+#statusmap_background_image=smbackground.gd2
+
+
+
+# STATUSMAP TRANSPARENCY INDEX COLOR
+# These options set the r,g,b values of the background color used the statusmap CGI,
+# so normal browsers that can't show real png transparency set the desired color as
+# a background color instead (to make it look pretty).
+# Defaults to white: (R,G,B) = (255,255,255).
+
+#color_transparency_index_r=255
+#color_transparency_index_g=255
+#color_transparency_index_b=255
+
+
+
+# DEFAULT STATUSMAP LAYOUT METHOD
+# This option allows you to specify the default layout method
+# the statusmap CGI should use for drawing hosts.  If you do
+# not use this option, the default for the legacy map is to use
+# user-defined coordinates and the default for the new map is "6"
+# (Circular Balloon).
+# Valid options for the legacy map are as follows:
+#	0 = User-defined coordinates
+#	1 = Depth layers
+#	2 = Collapsed tree
+#	3 = Balanced tree
+#	4 = Circular
+#	5 = Circular (Marked Up)
+# Valid options for the new map are as follows:
+#	0 = User-defined coordinates
+#	1 = Depth Layers (Horizontal)
+#	2 = Collapsed tree (Horizontal)
+#	3 = Balanced tree (Horizontal)
+#	4 = DON'T USE
+#	5 = Circular Markup
+#	6 = Circular Balloon
+#	7 = Balanced tree (Vertical)
+#	8 = Collapsed tree (Vertical)
+#	9 = Depth Layers (Vertical)
+#	10 = Force Map
+
+#default_statusmap_layout=6
+
+
+
+# DEFAULT STATUSWRL LAYOUT METHOD
+# This option allows you to specify the default layout method
+# the statuswrl (VRML) CGI should use for drawing hosts.  If you
+# do not use this option, the default is to use user-defined
+# coordinates.  Valid options are as follows:
+#	0 = User-defined coordinates
+#       2 = Collapsed tree
+#       3 = Balanced tree
+#       4 = Circular
+
+default_statuswrl_layout=4
+
+
+
+# STATUSWRL INCLUDE
+# This option allows you to include your own objects in the
+# generated VRML world.  It is assumed that the file
+# resides in the HTML path (i.e. /usr/local/nagios/share).
+
+#statuswrl_include=myworld.wrl
+
+
+
+# PING SYNTAX
+# This option determines what syntax should be used when
+# attempting to ping a host from the WAP interface (using
+# the statuswml CGI.  You must include the full path to
+# the ping binary, along with all required options.  The
+# $HOSTADDRESS$ macro is substituted with the address of
+# the host before the command is executed.
+# Please note that the syntax for the ping binary is
+# notorious for being different on virtually ever *NIX
+# OS and distribution, so you may have to tweak this to
+# work on your system.
+
+ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$
+
+
+
+# REFRESH RATE
+# This option allows you to specify the refresh rate in seconds
+# of various CGIs (status, statusmap, extinfo, and outages).
+
+refresh_rate=90
+
+
+
+# PAGE TOUR
+# Enable page tour for helpful tips and tricks on various pages
+
+#enable_page_tour=1
+
+
+
+# DEFAULT PAGE LIMIT
+# This option allows you to specify the default number of results
+# displayed on the status.cgi.  This number can be adjusted from
+# within the UI after the initial page load. Setting this to 0
+# will show all results.
+
+result_limit=100
+
+
+
+# ESCAPE HTML TAGS
+# This option determines whether HTML tags in host and service
+# status output is escaped in the web interface.  If enabled,
+# your plugin output will not be able to contain clickable links.
+
+escape_html_tags=1
+
+
+
+# SOUND OPTIONS
+# These options allow you to specify an optional audio file
+# that should be played in your browser window when there are
+# problems on the network.  The audio files are used only in
+# the status CGI.  Only the sound for the most critical problem
+# will be played.  Order of importance (higher to lower) is as
+# follows: unreachable hosts, down hosts, critical services,
+# warning services, and unknown services. If there are no
+# visible problems, the sound file optionally specified by
+# 'normal_sound' variable will be played.
+#
+#
+# <varname>=<sound_file>
+#
+# Note: All audio files must be placed in the /media subdirectory
+# under the HTML path (i.e. /usr/local/nagios/share/media/).
+
+#host_unreachable_sound=hostdown.wav
+#host_down_sound=hostdown.wav
+#service_critical_sound=critical.wav
+#service_warning_sound=warning.wav
+#service_unknown_sound=warning.wav
+#normal_sound=noproblem.wav
+
+
+
+# URL TARGET FRAMES
+# These options determine the target frames in which notes and
+# action URLs will open.
+
+action_url_target=_blank
+notes_url_target=_blank
+
+
+
+# LOCK AUTHOR NAMES OPTION
+# This option determines whether users can change the author name
+# when submitting comments, scheduling downtime.  If disabled, the
+# author names will be locked into their contact name, as defined in Nagios.
+# Values: 0 = allow editing author names
+#         1 = lock author names (disallow editing)
+
+lock_author_names=1
+
+
+
+# SPLUNK INTEGRATION OPTIONS
+# These options allow you to enable integration with Splunk
+# in the web interface.  If enabled, you'll be presented with
+# "Splunk It" links in various places in the CGIs (log file,
+# alert history, host/service detail, etc).  Useful if you're
+# trying to research why a particular problem occurred.
+# For more information on Splunk, visit http://www.splunk.com/
+
+# This option determines whether the Splunk integration is enabled
+# Values: 0 = disable Splunk integration
+#         1 = enable Splunk integration
+
+#enable_splunk_integration=1
+
+# This option should be the URL used to access your instance of Splunk
+#splunk_url=http://127.0.0.1:8000/
+
+
+
+# NAVIGATION BAR SEARCH OPTIONS
+# The following options allow to configure the navbar search. Default
+# is to search for hostnames. With enabled navbar_search_for_addresses,
+# the navbar search queries IP addresses as well. It's also possible
+# to enable search for aliases by setting navbar_search_for_aliases=1.
+
+navbar_search_for_addresses=1
+navbar_search_for_aliases=1
+
+
+
+# DEFAULTS FOR CHECKBOXES FOR ACKNOWLEDGEMENTS
+# Enabling ack_no_sticky will default the "Sticky Acknowledgement" to
+# be unchecked.
+# Enabling ack_no_send will default the "Send Notification" to
+# be unchecked.
+
+#ack_no_sticky=0
+#ack_no_send=0
+
+
+
+# SHOW ONLY HARD STATES IS TACTICAL OVERVIEW
+# This option controls whether only HARD states are counted on the
+# Tactical Overview, or if both HARD and SOFT states are counted.
+# Set to 1 to show only HARD states. Defaults to 0 (HARD+SOFT).
+
+#tac_cgi_hard_only=0
+
+
+
+# COMMAND COMMENTS
+# These options control whether or not comments are required, optional,
+# or not allowed for specific commands. The format for each line is:
+#    cmd-name=req,def-comment
+#
+#    cmd-name     is "CMT_" plus a command such as ADD_HOST_COMMENT
+#    req          0 = not allowed, 1 = optional, 2 = required
+#    def-comment  optional default comment that will be put in the input field
+#
+# The following examples override the default comment requirements in
+# some way.
+
+#CMT_ADD_HOST_COMMENT=1
+#CMT_ACKNOWLEDGE_HOST_PROBLEM=2,"Problem is being looked into"
+#CMT_SCHEDULE_SVC_CHECK=1
+#CMT_SCHEDULE_HOST_DOWNTIME=0
--- a/Sio2/CYBER/10-Nagios/gwsio5.cfg
+++ b/Sio2/CYBER/10-Nagios/gwsio5.cfg
@ -0,0 +1,32 @@
+###############################################################################
+# LOCALHOST.CFG - SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE
+#
+#
+# NOTE: This config file is intended to serve as an *extremely* simple
+#       example of how you can create configuration entries to monitor
+#       the local (Linux) machine.
+#
+###############################################################################
+
+
+
+###############################################################################
+#
+# HOST DEFINITION
+#
+###############################################################################
+
+# Define a host for the local machine
+
+define host {
+
+    use                     linux-server            ; Name of host template to use
+                                                    ; This host definition will inherit all variables that are defined
+                                                    ; in (or inherited by) the linux-server host template definition.
+    host_name               gwsio5
+    alias                   gwsio5
+    address                 192.168.0.1
+#    hostgroup_name          linux-servers
+}
+
+
--- a/Sio2/CYBER/10-Nagios/localhost.cfg
+++ b/Sio2/CYBER/10-Nagios/localhost.cfg
@ -0,0 +1,161 @@
+###############################################################################
+# LOCALHOST.CFG - SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE
+#
+#
+# NOTE: This config file is intended to serve as an *extremely* simple
+#       example of how you can create configuration entries to monitor
+#       the local (Linux) machine.
+#
+###############################################################################
+
+
+
+###############################################################################
+#
+# HOST DEFINITION
+#
+###############################################################################
+
+# Define a host for the local machine
+
+define host {
+
+    use                     linux-server            ; Name of host template to use
+                                                    ; This host definition will inherit all variables that are defined
+                                                    ; in (or inherited by) the linux-server host template definition.
+    host_name               localhost
+    alias                   localhost
+    address                 127.0.0.1
+}
+
+
+
+###############################################################################
+#
+# HOST GROUP DEFINITION
+#
+###############################################################################
+
+# Define an optional hostgroup for Linux machines
+
+define hostgroup {
+
+    hostgroup_name          linux-servers           ; The name of the hostgroup
+    alias                   Linux Servers           ; Long name of the group
+    members                 localhost, srv, gwsio5               ; Comma separated list of hosts that belong to this group
+}
+
+
+
+###############################################################################
+#
+# SERVICE DEFINITIONS
+#
+###############################################################################
+
+# Define a service to "ping" the local machine
+
+define service {
+
+    use                     local-service           ; Name of service template to use
+    host_name               localhost
+    service_description     PING
+    check_command           check_ping!100.0,20%!500.0,60%
+}
+
+
+
+# Define a service to check the disk space of the root partition
+# on the local machine.  Warning if < 20% free, critical if
+# < 10% free space on partition.
+
+define service {
+
+    use                     local-service           ; Name of service template to use
+    host_name               localhost
+    service_description     Root Partition
+    check_command           check_local_disk!20%!10%!/
+}
+
+
+
+# Define a service to check the number of currently logged in
+# users on the local machine.  Warning if > 20 users, critical
+# if > 50 users.
+
+define service {
+
+    use                     local-service           ; Name of service template to use
+    host_name               localhost
+    service_description     Current Users
+    check_command           check_local_users!20!50
+}
+
+
+
+# Define a service to check the number of currently running procs
+# on the local machine.  Warning if > 250 processes, critical if
+# > 400 processes.
+
+define service {
+
+    use                     local-service           ; Name of service template to use
+    host_name               localhost
+    service_description     Total Processes
+    check_command           check_local_procs!250!400!RSZDT
+}
+
+
+
+# Define a service to check the load on the local machine.
+
+define service {
+
+    use                     local-service           ; Name of service template to use
+    host_name               localhost
+    service_description     Current Load
+    check_command           check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
+}
+
+
+
+# Define a service to check the swap usage the local machine.
+# Critical if less than 10% of swap is free, warning if less than 20% is free
+
+define service {
+
+    use                     local-service           ; Name of service template to use
+    host_name               localhost
+    service_description     Swap Usage
+    check_command           check_local_swap!20%!10%
+}
+
+
+
+# Define a service to check SSH on the local machine.
+# Disable notifications for this service by default, as not all users may have SSH enabled.
+
+define service {
+
+    use                     local-service           ; Name of service template to use
+#    host_name               localhost
+    hostgroup_name	    linux-servers	
+    service_description     SSH
+    check_command           check_ssh
+    notifications_enabled   0
+}
+
+
+
+# Define a service to check HTTP on the local machine.
+# Disable notifications for this service by default, as not all users may have HTTP enabled.
+
+define service {
+
+    use                     local-service           ; Name of service template to use
+    host_name               localhost
+    hostgroup_name          linux-servers
+    service_description     HTTP
+    check_command           check_http
+    notifications_enabled   0
+}
--- a/Sio2/CYBER/10-Nagios/nagios.cfg
+++ b/Sio2/CYBER/10-Nagios/nagios.cfg
--- a/Sio2/CYBER/10-Nagios/nagios4-cgi.conf
+++ b/Sio2/CYBER/10-Nagios/nagios4-cgi.conf
@ -0,0 +1,28 @@
+ScriptAlias /cgi-bin/nagios4 /usr/lib/cgi-bin/nagios4
+ScriptAlias /nagios4/cgi-bin /usr/lib/cgi-bin/nagios4
+
+Alias /nagios4/stylesheets /etc/nagios4/stylesheets
+
+Alias /nagios4 /usr/share/nagios4/htdocs
+
+<DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4|/etc/nagios4/stylesheets)>
+    Options FollowSymLinks
+    DirectoryIndex index.php index.html
+    AllowOverride AuthConfig
+	AuthDigestDomain "nagios4"
+	AuthDigestProvider file
+	AuthUserFile	"/etc/nagios4/htdigest.users"
+	AuthGroupFile	"/etc/group"
+	AuthName	"Restricted Nagios4 Access"
+	AuthType	Digest
+	Require	valid-user
+</DirectoryMatch>
+
+<Directory /usr/share/nagios4/htdocs>
+    Options	+ExecCGI	
+</Directory>
+
+<Directory /usr/lib/cgi-bin/nagios4>
+    Options	+ExecCGI	
+    AddHandler cgi-script .cgi
+</Directory>
--- a/Sio2/CYBER/10-Nagios/srv.cfg
+++ b/Sio2/CYBER/10-Nagios/srv.cfg
@ -0,0 +1,31 @@
+###############################################################################
+# LOCALHOST.CFG - SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE
+#
+#
+# NOTE: This config file is intended to serve as an *extremely* simple
+#       example of how you can create configuration entries to monitor
+#       the local (Linux) machine.
+#
+###############################################################################
+
+
+
+###############################################################################
+#
+# HOST DEFINITION
+#
+###############################################################################
+
+# Define a host for the local machine
+
+define host {
+
+    use                     linux-server            ; Name of host template to use
+                                                    ; This host definition will inherit all variables that are defined
+                                                    ; in (or inherited by) the linux-server host template definition.
+    host_name               srv
+    alias                   srv
+    address                 192.168.0.25
+}
+
+
--- a/Sio2/SISR/10-haproxy/haproxy.cfg
+++ b/Sio2/SISR/10-haproxy/haproxy.cfg
@ -0,0 +1,46 @@
+global
+	log /dev/log	local0
+	log /dev/log	local1 notice
+	chroot /var/lib/haproxy
+	stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
+	stats timeout 30s
+	user haproxy
+	group haproxy
+	daemon
+
+	# Default SSL material locations
+	ca-base /etc/ssl/certs
+	crt-base /etc/ssl/private
+
+	# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
+        ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+        ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
+        ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
+
+defaults
+	log	global
+	mode	http
+	option	httplog
+	option	dontlognull
+        timeout connect 5000
+        timeout client  50000
+        timeout server  50000
+	errorfile 400 /etc/haproxy/errors/400.http
+	errorfile 403 /etc/haproxy/errors/403.http
+	errorfile 408 /etc/haproxy/errors/408.http
+	errorfile 500 /etc/haproxy/errors/500.http
+	errorfile 502 /etc/haproxy/errors/502.http
+	errorfile 503 /etc/haproxy/errors/503.http
+	errorfile 504 /etc/haproxy/errors/504.http
+
+frontend rserve_frontend
+    bind 192.168.0.44:80
+#    mode tcp
+#    option tcplog
+#    timeout client  1m
+    default_backend rserve_backend
+
+backend rserve_backend
+    server rserve1 172.16.1.1:80 check
+    server rserve2 172.16.1.2:80 check
+
--- a/Sio2/Vagrantfile
+++ b/Sio2/Vagrantfile
@ -0,0 +1,70 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure("2") do |config|
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://vagrantcloud.com/search.
+  config.vm.box = "debian/bullseye64"
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine. In the example below,
+  # accessing "localhost:8080" will access port 80 on the guest machine.
+  # NOTE: This will enable public access to the opened port
+  # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine and only allow access
+  # via 127.0.0.1 to disable public access
+  # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
+
+  # Create a private network, which allows host-only access to the machine
+  # using a specific IP.
+  # config.vm.network "private_network", ip: "192.168.33.10"
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+   config.vm.network "public_network"
+
+  # Share an additional folder to the guest VM. The first argument is
+  # the path on the host to the actual folder. The second argument is
+  # the path on the guest to mount the folder. And the optional third
+  # argument is a set of non-required options.
+  # config.vm.synced_folder "../data", "/vagrant_data"
+
+  # Provider-specific configuration so you can fine-tune various
+  # backing providers for Vagrant. These expose provider-specific options.
+  # Example for VirtualBox:
+  #
+  # config.vm.provider "virtualbox" do |vb|
+  #   # Display the VirtualBox GUI when booting the machine
+  #   vb.gui = true
+  #
+  #   # Customize the amount of memory on the VM:
+  #   vb.memory = "1024"
+  # end
+  #
+  # View the documentation for the provider you are using for more
+  # information on available options.
+
+  # Enable provisioning with a shell script. Additional provisioners such as
+  # Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
+  # documentation for more information about their specific syntax and use.
+   config.vm.provision "shell", inline: <<-SHELL
+     apt-get update
+     apt-get install -y apache2 vsftpd snmpd
+   SHELL
+end
Author	SHA1	Message	Date
Louis Depres	2ae53a73ca	Vagrant	2022-09-21 17:41:58 +02:00
root	0f66776b09	Nagios	2022-09-21 16:25:13 +02:00
root	9081a57724	Vagrant	2022-09-14 17:29:38 +02:00
Louis Déprés	fb96e78a4b	Haproxy	2022-09-14 15:41:48 +02:00
Louis Depres	012407dd2e	Scipt Install	2022-05-20 10:20:14 +02:00
Louis Depres	7bdf92ee3f	Push Installation WordPress	2022-05-12 08:36:23 +02:00
“Louis	cf5a0c494f	Merge branch 'master' of https://gitea.lyc-lecastel.fr/louis.depres/SioTP	2022-04-07 11:01:51 +02:00
“Louis	12f3bb7c25	Lynis	2022-04-07 11:01:33 +02:00
Louis Déprés	38f30aa9ee	Compte Rendu Bash	2022-03-29 10:22:23 +02:00
Louis Déprés	a312a6a773	Fichier commenté	2022-03-25 10:57:02 +01:00
Louis Déprés	a5451875f9	Fin TP Shell	2022-03-25 10:39:57 +01:00
Louis Déprés	4222c35a27	TP Shell Suite	2022-03-25 09:46:38 +01:00
Louis Déprés	b7be885670	Tp Shell Suite	2022-03-25 09:34:36 +01:00
louis.depres	59057cbb21	Supprimer 'Sio1/SISR1/40-ShellEtBash/crsamba5'	2022-03-25 09:33:11 +01:00
Louis Déprés	66ba6ac484	TP Shell	2022-03-22 11:36:11 +01:00
louis.depres	c11548b778	Mise à jour de 'Sio1/SISR1/30-FiltrageEtDMZ/fw5.sh'	2022-03-18 09:00:06 +01:00
Louis Depres	b76adc7830	Second Commit	2022-03-18 08:58:43 +01:00
Louis Depres	b5db0b93ef	Second Commit	2022-03-18 08:55:33 +01:00
louis.depres	2ee8d4fa6b	Supprimer 'Sio1/SISR1/30-FiltrageEtDMZ/fw5.sh'	2022-03-18 08:53:39 +01:00
Louis Depres	703f169a05	Premiere partie Filtrage	2022-03-15 11:04:29 +01:00
Louis Depres	e4df98a2cd	Slave	2022-03-03 11:37:26 +01:00
Louis Depres	078b3a300c	Second Commit : Serveur Maitre	2022-03-03 11:25:06 +01:00