source: flash-java-insecure-perms/trunk/fuentes/flash-java-insecure-perms/usr/bin/flash-java-insecure-perms @ 2692

Last change on this file since 2692 was 2692, checked in by mabarracus, 3 years ago

Add new conditions

  • Property svn:executable set to *
File size: 6.1 KB
Line 
1#!/bin/bash
2#0 = autosize
3HEIGHT=0
4WIDTH=0
5LIST_HEIGHT=0
6
7
8ICED=$(which itweb-settings)
9KEYTOOL=$(which keytool)
10IAM=$(id -u)
11MYNAME=$(id -un)
12
13if [ "${IAM}" = "0" ]; then
14    USERS=$(getent passwd |cut -d: -f4|sort -h|uniq|egrep ^[0-9]{4}|xargs -n1 getent passwd|cut -d: -f1)
15    if [ "x$1" = "xinstall" ]; then
16
17        OLDIFS=$IFS;
18        IFS=$'\n'
19        for x in ${USERS} ; do 
20            #str+=( $(printf '%10.10s' $x) $(printf '%30.30s' " ") $(printf '%10.10s' "on"))
21            str+=( $x  " " off )
22        done
23
24        DIALOG=$(whiptail --separate-output --title "Users selection" --checklist "Select users to modify flash/java settings" $HEIGHT $WIDTH $LIST_HEIGHT ${str[@]} 3>&1 1>&2 2>&3)
25        ret=$?
26
27        IFS=$OLDIFS;
28   
29        if [ $ret != 0 ]; then
30        echo Canceled!
31        fi
32    fi
33else
34    USERS=${MYNAME}
35    DIALOG=${MYNAME}
36fi
37
38DONE=0
39if [ "x$1" = "xinstall" ]; then
40
41for x in ${DIALOG}; do
42    DATE=$(date '+%Y%m%d%H%M%S')
43
44    if [ ! -f "/home/$x/.config/unsec_settings_on" ]; then
45        # JAVA
46        if [ ! -z "${ICED}" ]; then
47            if [ "${IAM}" = "0" ];then
48                sudo su $x bash -c "${ICED} -headless set deployment.security.level ALLOW_UNSIGNED" 
49            else
50                ${ICED} -headless set deployment.security.level ALLOW_UNSIGNED
51            fi
52        fi
53        for cert in $(find /usr/share/flash-java-insecure-perms/ -name '*.cert');do 
54            certname=${cert%%.cert}
55            echo Importing into trusted.certs ${certname}.cert
56            if [ ! -f "/home/$x/.config/icedtea-web/security/trusted.certs" ]; then
57                mkdir -p /home/$x/.config/icedtea-web/security/
58                ${KEYTOOL} -genkey -alias recursos -keyalg RSA -keystore /home/$x/.config/icedtea-web/security/trusted.certs -keypass changeit -storepass changeit -keysize 2048 -dname "CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown"
59                ${KEYTOOL} -delete -alias recursos -keystore /home/$x/.config/icedtea-web/security/trusted.certs -storepass changeit
60                if [ "${IAM}" = "0" ]; then
61                    chown -R ${x}:${x} /home/$x/.config/icedtea-web/security/
62                fi
63            fi
64            $KEYTOOL -importcert -trustcacerts -storepass "changeit" -keystore /home/$x/.config/icedtea-web/security/trusted.certs -file ${cert} -alias ${certname} -noprompt
65        done
66        #FLASH
67        if [ ! -d "/home/$x/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys" ]; then
68            mkdir -p /home/$x/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys
69        fi
70        if [ ! -d "/home/$x/.macromedia/Flash_Player/#Security/FlashPlayerTrust" ]; then
71            mkdir -p "/home/$x/.macromedia/Flash_Player/#Security/FlashPlayerTrust"
72        fi
73        if [ -f "/home/$x/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol" ]; then
74            mv /home/$x/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol /home/$x/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings-${DATE}.sol
75        fi
76        if [ -f "/home/$x/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos.cfg" ]; then
77            mv "/home/$x/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos.cfg" "/home/$x/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos-${DATE}.cfg"
78        fi
79        cp /usr/share/flash-java-insecure-perms/settings.sol /home/$x/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys
80        cp /usr/share/flash-java-insecure-perms/recursos.cfg "/home/$x/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos.cfg"
81        chown -R ${x}:${x} /home/$x/.macromedia
82        touch /home/$x/.config/unsec_settings_on
83        #FIREFOX
84        pkill -u $x --signal 9 firefox
85        for pref in $(find /home/$x/.mozilla -name 'prefs.js'); do
86            sed -i -r 's%.*plugin\.state\.java.*%%' $pref
87            sed -i -r 's%.*plugin\.state\.flash.*%%' $pref
88            sed -i -r 's%.*plugins\.click_to_play.*%%' $pref
89            sed -i -r 's%.*plugins\.hide_infobar_for_outdated_plugin.*%%' $pref
90            # USE ECHO WHEN THERE ISN'T SOME SETTING INTO FILE
91            echo 'user_pref("plugin.state.java",2);' >> $pref
92            echo 'user_pref("plugin.state.flash",2);' >> $pref
93            echo 'user_pref("plugins.click_to_play",false);' >> $pref
94            echo 'user_pref("plugins.hide_infobar_for_outdated_plugin",true);' >> $pref
95        done
96    else
97            echo Already configured!
98    fi
99done
100
101DONE=1
102fi
103
104if [ "x$1" = "xdeinstall" ]; then
105
106    for x in ${USERS}; do
107        if [ -f "/home/$x/.config/unsec_settings_on" ]; then
108            echo Deconfiguring $x!
109            #FLASH
110            file1=$(find /home/$x/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys -maxdepth 1 -name '*.sol'|grep 'settings-'|sort -h|uniq|head -1)
111            if [ ! -z "$file1" ]; then
112                mv $file1 /home/$x/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol
113            fi
114            if [ -f "/home/$x/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos.cfg" ]; then 
115                rm -f "/home/$x/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos.cfg"
116            fi
117            #JAVA
118            if [ ! -z "${ICED}" ]; then
119                if [ "${IAM}" = "0" ];then
120                    sudo su $x bash -c "${ICED} -headless reset deployment.security.level" 
121                else
122                    ${ICED} -headless reset deployment.security.level
123                fi
124            fi
125            for cert in $(find /usr/share/flash-java-insecure-perms/ -name '*.cert');do 
126                certname=${cert%%.cert}
127                echo Deleting ${certname}.cert from trusted.certs
128                $KEYTOOL -delete -storepass "changeit" -keystore /home/$x/.config/icedtea-web/security/trusted.certs -alias ${certname}
129            done
130            rm /home/$x/.config/unsec_settings_on
131            pkill -u $x --signal 9 firefox
132            for pref in $(find /home/$x/.mozilla -name 'prefs.js'); do
133                sed -i -r 's%.*plugin\.state\.java.*%user_pref("plugin.state.java",1);%' $pref
134                sed -i -r 's%.*plugin\.state\.flash.*%user_pref("plugin.state.flash",1);%' $pref
135                sed -i -r 's%.*plugins\.click_to_play.*%user_pref("plugins.click_to_play",true);%' $pref
136                sed -i -r 's%.*plugins\.hide_infobar_for_outdated_plugin.*%user_pref("plugins.hide_infobar_for_outdated_plugin",false);%' $pref
137
138                #echo 'user_pref("plugin.state.java",1)' >> $pref
139                #echo 'user_pref("plugin.state.flash",1)' >> $pref
140                #echo 'user_pref("plugins.click_to_play",true)' >> $pref
141                #echo 'user_pref("plugins.hide_infobar_for_outdated_plugin",false)' >> $pref
142            done
143        fi
144    done
145DONE=1
146fi
147
148if [ ${DONE} -eq 0 ]; then
149    echo "$(basename $0) help"
150    echo "$(basename $0) [ install | deinstall ]"
151    echo "Changes permission to allow some educational resources with java/flash"
152fi
Note: See TracBrowser for help on using the repository browser.