source: flash-java-insecure-perms/trunk/fuentes/flash-java-insecure-perms/usr/bin/flash-java-insecure-perms @ 2700

Last change on this file since 2700 was 2700, checked in by mabarracus, 3 years ago

allow oracle java

  • Property svn:executable set to *
File size: 6.7 KB
Line 
1#!/bin/bash
2#0 = autosize
3HEIGHT=0
4WIDTH=0
5LIST_HEIGHT=0
6
7
8ICED=$(which itweb-settings)
9KEYTOOL=$(which keytool)
10IAM=$(id -u)
11MYNAME=$(id -un)
12
13if [ "${IAM}" = "0" ]; then
14    USERS=$(getent passwd |cut -d: -f4|sort -h|uniq|egrep ^[0-9]{4}|xargs -n1 getent passwd|cut -d: -f1)
15    if [ "x$1" = "xinstall" ]; then
16
17        OLDIFS=$IFS;
18        IFS=$'\n'
19        for x in ${USERS} ; do 
20            #str+=( $(printf '%10.10s' $x) $(printf '%30.30s' " ") $(printf '%10.10s' "on"))
21            str+=( $x  " " off )
22        done
23
24        DIALOG=$(whiptail --separate-output --title "Users selection" --checklist "Select users to modify flash/java settings" $HEIGHT $WIDTH $LIST_HEIGHT ${str[@]} 3>&1 1>&2 2>&3)
25        ret=$?
26
27        IFS=$OLDIFS;
28   
29        if [ $ret != 0 ]; then
30        echo Canceled!
31        fi
32    fi
33else
34    USERS=${MYNAME}
35    DIALOG=${MYNAME}
36fi
37
38CERTPATHS=".config/icedtea-web/security .java/deployment/security"
39DONE=0
40if [ "x$1" = "xinstall" ]; then
41
42for user in ${DIALOG}; do
43    DATE=$(date '+%Y%m%d%H%M%S')
44
45    if [ ! -f "/home/$user/.config/unsec_settings_on" ]; then
46        # JAVA
47        if [ ! -z "${ICED}" ]; then
48            if [ "${IAM}" = "0" ];then
49                sudo su $user bash -c "${ICED} -headless set deployment.security.level ALLOW_UNSIGNED" 
50            else
51                ${ICED} -headless set deployment.security.level ALLOW_UNSIGNED
52            fi
53        fi
54        for cert in $(find /usr/share/flash-java-insecure-perms/ -name '*.cert');do 
55            certname=${cert%%.cert}
56            echo Importing into trusted.certs ${certname}.cert
57            for certpath in ${CERTPATHS}; do 
58                if [ ! -f "/home/$user/${certpath}/trusted.certs" ]; then
59                    mkdir -p /home/$user/${certpath}
60                    ${KEYTOOL} -genkey -alias recursos -keyalg RSA -keystore /home/$user/${certpath}/trusted.certs -keypass changeit -storepass changeit -keysize 2048 -dname "CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown" > /dev/null 2> /dev/null
61                    ${KEYTOOL} -delete -alias recursos -keystore /home/$user/${certpath}/trusted.certs -storepass changeit > /dev/null 2> /dev/null
62                    if [ "${IAM}" = "0" ]; then
63                        chown -R ${user}:${user} /home/$user/${certpath}/
64                    fi
65                fi
66                $KEYTOOL -importcert -trustcacerts -storepass "changeit" -keystore /home/$user/${certpath}/trusted.certs -file ${cert} -alias ${certname} -noprompt > /dev/null 2> /dev/null
67            done
68        done
69        #FLASH
70        if [ ! -d "/home/$user/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys" ]; then
71            mkdir -p /home/$user/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys
72        fi
73        if [ ! -d "/home/$user/.macromedia/Flash_Player/#Security/FlashPlayerTrust" ]; then
74            mkdir -p "/home/$user/.macromedia/Flash_Player/#Security/FlashPlayerTrust"
75        fi
76        if [ -f "/home/$user/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol" ]; then
77            mv /home/$user/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol /home/$user/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings-${DATE}.sol
78        fi
79        if [ -f "/home/$user/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos.cfg" ]; then
80            mv "/home/$user/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos.cfg" "/home/$user/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos-${DATE}.cfg"
81        fi
82        cp /usr/share/flash-java-insecure-perms/settings.sol /home/$user/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys
83        cp /usr/share/flash-java-insecure-perms/recursos.cfg "/home/$user/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos.cfg"
84        chown -R ${user}:${user} /home/$user/.macromedia
85        touch /home/$user/.config/unsec_settings_on
86        #FIREFOX
87        if [ ! -d "/home/$user/.mozilla" ]; then 
88            mkdir -p /home/$user/.mozilla
89            if [ "${IAM}" = "0" ]; then
90                chown -R ${user}:${user} /home/$user/.mozilla
91                sudo su $user bash -c "firefox" &
92            else
93                firefox &
94            fi
95            sleep 2
96        fi
97        pkill -u $user --signal 9 firefox
98        for pref in $(find /home/$user/.mozilla -name 'prefs.js'); do
99            sed -i -r 's%.*plugin\.state\.java.*%%' $pref
100            sed -i -r 's%.*plugin\.state\.flash.*%%' $pref
101            sed -i -r 's%.*plugins\.click_to_play.*%%' $pref
102            sed -i -r 's%.*plugins\.hide_infobar_for_outdated_plugin.*%%' $pref
103            # USE ECHO WHEN THERE ISN'T SOME SETTING INTO FILE
104            echo 'user_pref("plugin.state.java",2);' >> $pref
105            echo 'user_pref("plugin.state.flash",2);' >> $pref
106            echo 'user_pref("plugins.click_to_play",false);' >> $pref
107            echo 'user_pref("plugins.hide_infobar_for_outdated_plugin",true);' >> $pref
108        done
109    else
110            echo Already configured!
111    fi
112done
113
114DONE=1
115fi
116
117if [ "x$1" = "xdeinstall" ]; then
118
119    for user in ${USERS}; do
120        if [ -f "/home/$user/.config/unsec_settings_on" ]; then
121            echo Deconfiguring $user!
122            #FLASH
123            file1=$(find /home/$user/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys -maxdepth 1 -name '*.sol'|grep 'settings-'|sort -h|uniq|head -1)
124            if [ ! -z "$file1" ]; then
125                mv $file1 /home/$user/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol
126            fi
127            if [ -f "/home/$user/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos.cfg" ]; then 
128                rm -f "/home/$user/.macromedia/Flash_Player/#Security/FlashPlayerTrust/recursos.cfg"
129            fi
130            #JAVA
131            if [ ! -z "${ICED}" ]; then
132                if [ "${IAM}" = "0" ];then
133                    sudo su $user bash -c "${ICED} -headless reset deployment.security.level" 
134                else
135                    ${ICED} -headless reset deployment.security.level
136                fi
137            fi
138            for cert in $(find /usr/share/flash-java-insecure-perms/ -name '*.cert');do 
139                certname=${cert%%.cert}
140                echo Deleting ${certname}.cert from trusted.certs
141                for certpath in ${CERTPATHS}; do 
142                    if [ -f "/home/$user/${certpath}/trusted.certs" ]; then
143                        $KEYTOOL -delete -storepass "changeit" -keystore /home/$user/${certpath}/trusted.certs -alias ${certname} > /dev/null 2> /dev/null
144                    fi
145                done
146            done
147            rm /home/$user/.config/unsec_settings_on
148            pkill -u $user --signal 9 firefox
149            for pref in $(find /home/$user/.mozilla -name 'prefs.js'); do
150                sed -i -r 's%.*plugin\.state\.java.*%user_pref("plugin.state.java",1);%' $pref
151                sed -i -r 's%.*plugin\.state\.flash.*%user_pref("plugin.state.flash",1);%' $pref
152                sed -i -r 's%.*plugins\.click_to_play.*%user_pref("plugins.click_to_play",true);%' $pref
153                sed -i -r 's%.*plugins\.hide_infobar_for_outdated_plugin.*%user_pref("plugins.hide_infobar_for_outdated_plugin",false);%' $pref
154
155                #echo 'user_pref("plugin.state.java",1)' >> $pref
156                #echo 'user_pref("plugin.state.flash",1)' >> $pref
157                #echo 'user_pref("plugins.click_to_play",true)' >> $pref
158                #echo 'user_pref("plugins.hide_infobar_for_outdated_plugin",false)' >> $pref
159            done
160        fi
161    done
162DONE=1
163fi
164
165if [ ${DONE} -eq 0 ]; then
166    echo "$(basename $0) help"
167    echo "$(basename $0) [ install | deinstall ]"
168    echo "Changes permission to allow some educational resources with java/flash"
169fi
Note: See TracBrowser for help on using the repository browser.