diff --git a/ublinux/rc.desktop/deonly/gnome-network-proxy-system b/ublinux/rc.desktop/deonly/gnome-network-proxy-system new file mode 100755 index 0000000..ac2b5fa --- /dev/null +++ b/ublinux/rc.desktop/deonly/gnome-network-proxy-system @@ -0,0 +1,79 @@ +#!/usr/bin/env bash + +ENABLED=yes +[[ ${ENABLED} == yes ]] || exit 0 + +unset ROOTFS; [[ -d /usr/lib/ublinux ]] || ROOTFS=. +SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0 +SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0 + +SYSCONF="${ROOTFS}/${SYSCONF}" +SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null +SOURCE=${SYSCONF}/network; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null + +## Установка системных прокси для HTTP,HTTPS,FTP,SOCKS,RSYNC и адреса исключений EXCLUDE +## Для применения требуется перелогиниться +## PROXY_SYSTEM[%PROTOCOL%]=%SERVER% + +exec_proxy_gnome(){ + if [[ ${PROXY_SYSTEM[0],,} == @(n|no|none|disable) ]]; then + gsettings set org.gnome.system.proxy mode 'none' + gsettings set org.gnome.system.proxy.http enabled false + elif [[ -n ${PROXY_SYSTEM[@]} ]]; then + gsettings set org.gnome.system.proxy mode 'manual' + if [[ -n ${PROXY_SYSTEM[all]} ]]; then + gsettings set org.gnome.system.proxy use-same-proxy true + PROXY_SYSTEM[http]="${PROXY_SYSTEM[all]}" + fi + if [[ ${PROXY_SYSTEM[http],,} == @(n|no|none|disable) ]]; then + gsettings set org.gnome.system.proxy.http enabled false + elif [[ -n ${PROXY_SYSTEM[http]} ]]; then + gsettings set org.gnome.system.proxy.http enabled true + if [[ ${PROXY_HOST} ~= '@' ]]; then + PROXY_USER_PASS="${PROXY_SYSTEM[${PROTOCOL}]##*/}" # Вырезаем протокол http:// + PROXY_USER_PASS="${PROXY_USER_PASS%%@*}" # Вырезаем имя пользователя и пароль + PROXY_USER_PASS="${PROXY_USER_PASS%%:*}" # Вырезаем имя пользователя + PROXY_PASSWORD="${PROXY_USER_PASS#*:}" # Вырезаем пароль + [[ ${PROXY_USER_PASS} == ${PROXY_PASSWORD} ]] && unset PROXY_PASSWORD + gsettings set org.gnome.system.proxy.http use-authentication true + gsettings set org.gnome.system.proxy.http authentication-user "'${PROXY_USER}'" + gsettings set org.gnome.system.proxy.http authentication-password "'${PROXY_PASSWORD}'" + else + gsettings set org.gnome.system.proxy.http use-authentication false + fi + fi + if [[ ${PROXY_SYSTEM[exclude],,} == @(n|no|none|disable) ]]; then + gsettings set org.gnome.system.proxy ignore-hosts "['localhost', '127.0.0.0/8', '10.0.0.0/8', '192.168.0.0/16', '172.16.0.0/12', '*.local', '*.local.com', '*.local.ru']" + elif [[ -n ${PROXY_SYSTEM[exclude]} ]]; then + gsettings set org.gnome.system.proxy ignore-hosts "['${PROXY_SYSTEM[exclude]//,/\', \'}']" + fi + if [[ ${PROXY_SYSTEM[auto],,} == @(n|no|none|disable) ]]; then + gsettings set org.gnome.system.proxy autoconfig-url "''" + elif [[ -n ${PROXY_SYSTEM[auto]} ]]; then + gsettings set org.gnome.system.proxy mode 'auto' + gsettings set org.gnome.system.proxy autoconfig-url "'${PROXY_SYSTEM[auto]}'" + fi + + + for PROTOCOL in http https ftp socks; do + if [[ ${PROXY_SYSTEM[${PROTOCOL}],,} == @(n|no|none|disable) ]]; then + gsettings set org.gnome.system.proxy.${PROTOCOL} host "''" + gsettings set org.gnome.system.proxy.${PROTOCOL} port 0 + elif [[ -n ${PROXY_SYSTEM[${PROTOCOL}]} ]]; then + PROXY_HOST="${PROXY_SYSTEM[${PROTOCOL}]##*/}" # Вырезаем протокол http:// + PROXY_HOST_IP_PORT="${PROXY_HOST##*@}" # Вырезаем имя или IP с портом, 192.168.1.1:443 + PROXY_HOST="${PROXY_HOST_IP_PORT%:*}" # Только имя или IP + PROXY_PORT="${PROXY_HOST_IP_PORT#*:}" # Только порт + [[ ${PROXY_PORT} == ${PROXY_HOST_IP_PORT} ]] && PROXY_PORT=8080 # Если порт не задан + gsettings set org.gnome.system.proxy.${PROTOCOL} host "'${PROXY_HOST}'" + gsettings set org.gnome.system.proxy.${PROTOCOL} port ${PROXY_PORT} + fi + done + fi +} + +################ +##### MAIN ##### +################ + + exec_proxy_gnome $@ diff --git a/ublinux/rc.desktop/deonly/i3_notification-daemon b/ublinux/rc.desktop/deonly/i3-notification-daemon similarity index 100% rename from ublinux/rc.desktop/deonly/i3_notification-daemon rename to ublinux/rc.desktop/deonly/i3-notification-daemon diff --git a/ublinux/rc.desktop/deonly/xfce4-xfconf b/ublinux/rc.desktop/deonly/xfce4-xfconf index 09d5a79..fab9c9a 100755 --- a/ublinux/rc.desktop/deonly/xfce4-xfconf +++ b/ublinux/rc.desktop/deonly/xfce4-xfconf @@ -21,6 +21,9 @@ SOURCE=${SYSCONF}/kiosk; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null xfconf-query --channel "${CHANNEL}" --property "${PROPERTY}" --reset --recursive else xfconf-query --channel "${CHANNEL}" --property "${PROPERTY}" --create --type "${TYPE}" --set "${SET}" + # Дописать для массивов, где --type и --set несколько, пример + # xfconf-query --channel "xfce4-panel" --property "/panels/panel-2/plugin-ids" --create --type "int" --type "int" --set "12" --set "14" + # Добавить условие, если --channel "xfce4-panel", то `xfce4-panel -r` fi fi done diff --git a/ublinux/rc.desktop/gnome/gnome-network-proxy-system b/ublinux/rc.desktop/gnome/gnome-network-proxy-system new file mode 120000 index 0000000..ef12672 --- /dev/null +++ b/ublinux/rc.desktop/gnome/gnome-network-proxy-system @@ -0,0 +1 @@ +../deonly/gnome-network-proxy-system \ No newline at end of file diff --git a/ublinux/rc.desktop/i3/i3-notification-daemon b/ublinux/rc.desktop/i3/i3-notification-daemon new file mode 120000 index 0000000..d74324f --- /dev/null +++ b/ublinux/rc.desktop/i3/i3-notification-daemon @@ -0,0 +1 @@ +../deonly/i3-notification-daemon \ No newline at end of file diff --git a/ublinux/rc.desktop/i3/i3_notification-daemon b/ublinux/rc.desktop/i3/i3_notification-daemon deleted file mode 120000 index 719e5be..0000000 --- a/ublinux/rc.desktop/i3/i3_notification-daemon +++ /dev/null @@ -1 +0,0 @@ -../deonly/i3_notification-daemon \ No newline at end of file diff --git a/ublinux/rc.desktop/i3term/i3-notification-daemon b/ublinux/rc.desktop/i3term/i3-notification-daemon new file mode 120000 index 0000000..d74324f --- /dev/null +++ b/ublinux/rc.desktop/i3term/i3-notification-daemon @@ -0,0 +1 @@ +../deonly/i3-notification-daemon \ No newline at end of file diff --git a/ublinux/rc.desktop/i3term/i3_notification-daemon b/ublinux/rc.desktop/i3term/i3_notification-daemon deleted file mode 120000 index 719e5be..0000000 --- a/ublinux/rc.desktop/i3term/i3_notification-daemon +++ /dev/null @@ -1 +0,0 @@ -../deonly/i3_notification-daemon \ No newline at end of file diff --git a/ublinux/rc.post.d/10-brand-backgrounds b/ublinux/rc.post.d/10-brand-backgrounds index 185ded2..5103220 100755 --- a/ublinux/rc.post.d/10-brand-backgrounds +++ b/ublinux/rc.post.d/10-brand-backgrounds @@ -61,6 +61,7 @@ SOURCE=${SYSCONF}/video; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null bg_education=bg_edu.png # Фон для Education bg_expert=bg_exp.png # Фон для Expert bg_server=bg_srv.png # Фон для Server + bg_liveoffice=bg_lo.png # Фон для LiveOfice shadow_img=shadow.png # Затенение hex_img=hex.png # Сетка из шестигранников transparent=transparent.png # Изображение прозрачный пиксель @@ -361,7 +362,7 @@ insert_background_icon(){ geometry_sibsutis_wp=+470+166 ;; ublinux_liveoffice) - background=${source_img_dir}/$bg_desktop_enterprise + background=${source_img_dir}/$bg_liveoffice logo_img=${logo_liveoffice} geometry_logo_wp=+260-130 unset logo_light diff --git a/ublinux/rc.preinit.d/30-network b/ublinux/rc.preinit.d/30-network index f7ecbc4..8b78eb1 100755 --- a/ublinux/rc.preinit.d/30-network +++ b/ublinux/rc.preinit.d/30-network @@ -54,26 +54,6 @@ SOURCE=${SYSCONF}/network; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null # sed -i s/192.168.1.0/${NETWORKIP}0/g etc/ublinux/iptables #fi - ## Указать системные прокси - if [[ -n ${HTTP_PROXY} ]]; then - echo "setenv http_proxy $HTTP_PROXY" > etc/profile.d/proxy.csh - echo "setenv https_proxy $HTTPS_PROXY" >> etc/profile.d/proxy.csh - echo "http_proxy=$HTTP_PROXY" > etc/profile.d/proxy.sh - echo "https_proxy=$HTTPS_PROXY" >> etc/profile.d/proxy.sh - echo "export http_proxy https_proxy" >> etc/profile.d/proxy.sh - fi - if [[ -n ${FTP_PROXY} ]]; then - echo "setenv ftp_proxy $FTP_PROXY" >> etc/profile.d/proxy.csh - echo "ftp_proxy=$FTP_PROXY" >> etc/profile.d/proxy.sh - echo "export ftp_proxy" >> etc/profile.d/proxy.sh - fi - if [[ -n ${NO_PROXY} ]]; then - echo "setenv no_proxy $NO_PROXY" >> etc/profile.d/proxy.csh - echo "no_proxy=$NO_PROXY" >> etc/profile.d/proxy.sh - echo "export no_proxy" >> etc/profile.d/proxy.sh - fi - [[ -n ${HTTP_PROXY} || -n ${FTP_PROXY} || -n ${NO_PROXY} ]] && chmod 755 etc/profile.d/proxy.sh etc/profile.d/proxy.csh - ## Режим полного WiFi радио молчания if [ "$(cmdline_parameter flightmode)" ] ;then for a in etc/ublinux/network-scripts/ifcfg-w* ;do diff --git a/ublinux/rc.preinit.d/31-network-proxy-system b/ublinux/rc.preinit.d/31-network-proxy-system new file mode 100755 index 0000000..7299da5 --- /dev/null +++ b/ublinux/rc.preinit.d/31-network-proxy-system @@ -0,0 +1,57 @@ +#!/bin/bash +# +# Initial script for Live operating system +# This script are launching before starting init from linux-live script. +# Current dir allways must be set to root (/) +# All system path must be relative, except initrd dirs + +ENABLED=yes +[ "$ENABLED" != "yes" ] && exit 0 +DEBUGMODE=no + +PATH=.:/:/usr/bin:/usr/local/bin:/usr/local/sbin + +unset ROOTFS; [[ -d /usr/lib/ublinux ]] || ROOTFS=. +SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0 +SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0 +debug_mode "$0" "$@" + +SYSCONF="${ROOTFS}/${SYSCONF}" +SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null +SOURCE=${SYSCONF}/network; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null + +## Установка системных прокси для HTTP,HTTPS,FTP,SOCKS,RSYNC и адреса исключений EXCLUDE +## Для применения требуется перелогиниться +## PROXY_SYSTEM[%PROTOCOL%]=%SERVER% + +## Проверить текущий IP: curl icanhazip.com | curl https://httpbin.org/ip + +exec_proxy_system(){ + FILE_SH_PROXY=${ROOTFS}/etc/profile.d/proxy_ubconfig.sh + FILE_CSH_PROXY=${ROOTFS}/etc/profile.d/proxy_ubconfig.csh + if [[ ${PROXY_SYSTEM[0],,} == @(n|no|none|disable) ]]; then + rm -f ${FILE_SH_PROXY} 2>/dev/null + rm -f ${FILE_CSH_PROXY} 2>/dev/null + elif [[ -n ${PROXY_SYSTEM[@]} ]]; then + true > ${FILE_SH_PROXY} + true > ${FILE_CSH_PROXY} + chmod 755 ${FILE_SH_PROXY} ${FILE_CSH_PROXY} + for PROTOCOL in http https ftp socks rsync all exclude; do + if [[ ${PROXY_SYSTEM[${PROTOCOL}],,} == @(n|no|none|disable) ]]; then + [[ ${PROTOCOL,,} == "exclude" ]] && PROTOCOL_PREFIX="no" || PROTOCOL_PREFIX="${PROTOCOL,,}" + sed "/^${PROTOCOL_PREFIX}_proxy=/d; /^export ${PROTOCOL_PREFIX}_proxy/d" -i ${FILE_SH_PROXY} + sed "/^setenv ${PROTOCOL_PREFIX}_proxy/d" -i ${FILE_CSH_PROXY} + elif [[ -n ${PROXY_SYSTEM[${PROTOCOL}]} ]]; then + [[ ${PROTOCOL,,} == "exclude" ]] && PROTOCOL_PREFIX="no" || PROTOCOL_PREFIX="${PROTOCOL,,}" + echo -e "${PROTOCOL_PREFIX}_proxy=${PROXY_SYSTEM[${PROTOCOL}]}\nexport ${PROTOCOL_PREFIX}_proxy" >> ${FILE_SH_PROXY} + echo "setenv ${PROTOCOL_PREFIX}_proxy ${PROXY_SYSTEM[${PROTOCOL}]}" >> ${FILE_CSH_PROXY} + fi + done + fi +} + +################ +##### MAIN ##### +################ + + exec_proxy_system $@ diff --git a/ublinux/rc.preinit.d/31-iptables b/ublinux/rc.preinit.d/32-iptables similarity index 100% rename from ublinux/rc.preinit.d/31-iptables rename to ublinux/rc.preinit.d/32-iptables diff --git a/ublinux/rc.preinit.d/31-ufw b/ublinux/rc.preinit.d/33-ufw similarity index 100% rename from ublinux/rc.preinit.d/31-ufw rename to ublinux/rc.preinit.d/33-ufw diff --git a/ublinux/rc.preinit.d/57-access-denied-vtx11 b/ublinux/rc.preinit.d/57-access-denied-vtx11 index 3052bc1..ba990c9 100755 --- a/ublinux/rc.preinit.d/57-access-denied-vtx11 +++ b/ublinux/rc.preinit.d/57-access-denied-vtx11 @@ -22,9 +22,9 @@ SOURCE=${SYSCONF}/security; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null exec_access_denied_vtx11(){ ## Отключить виртуальные терминалы и запретить переключение на них из X11 - FILE_XORGDONTVTSWITCH_CONF="${ROOTFS}/etc/X11/xorg.conf.d/ublinux-disable-vt.conf" - FILE_SYSTEMDLOGIND_CONF="${ROOTFS}/etc/systemd/logind.conf.d/ublinux-disable-vt.conf" - FILE_LIGHTDM_CONF="${ROOTFS}/etc/lightdm/lightdm.conf.d/ublinux-disable-vt.conf" + FILE_XORGDONTVTSWITCH_CONF="${ROOTFS}/etc/X11/xorg.conf.d/disable-vt-ubconfig.conf" + FILE_SYSTEMDLOGIND_CONF="${ROOTFS}/etc/systemd/logind.conf.d/disable-vt-ubconfig.conf" + FILE_LIGHTDM_CONF="${ROOTFS}/etc/lightdm/lightdm.conf.d/disable-vt-ubconfig.conf" if [[ ${ACCESS_DENIED_VTX11,,} == @(y|yes|enable) ]]; then mkdir -p ${FILE_XORGDONTVTSWITCH_CONF%/*} cat <<-EOF | sed 's/^\s*\t*//' > "${FILE_XORGDONTVTSWITCH_CONF}" diff --git a/ublinux/rc.xorg/20-de-hidpi b/ublinux/rc.xorg/20-video-xorg-dpi similarity index 89% rename from ublinux/rc.xorg/20-de-hidpi rename to ublinux/rc.xorg/20-video-xorg-dpi index 86e7da9..23ff60d 100755 --- a/ublinux/rc.xorg/20-de-hidpi +++ b/ublinux/rc.xorg/20-video-xorg-dpi @@ -1,10 +1,14 @@ #!/usr/bin/env bash ENABLED=yes -[[ ${ENABLED} != yes ]] && exit 0 +[[ ${ENABLED} == yes ]] || exit 0 -SOURCE=/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0 -SOURCE=${SYSCONF}/config; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null +unset ROOTFS; [[ -d /usr/lib/ublinux ]] || ROOTFS=. +SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0 +SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0 + +SYSCONF="${ROOTFS}/${SYSCONF}" +SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null SOURCE=${SYSCONF}/video; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null xfce4_hidpi(){ diff --git a/ublinux/scripts/printers_setup_capt.sh b/ublinux/scripts/printers_setup_capt.sh index cd492ce..552636a 100755 --- a/ublinux/scripts/printers_setup_capt.sh +++ b/ublinux/scripts/printers_setup_capt.sh @@ -95,8 +95,8 @@ remove_printer(){ echo "$(date '+%m.%d.%Y %T') : $0 : remove_printer : ${ACTION} : ${DEVNAME} : ${PRINTER_DEV_LP_CAPT} : ${PRINTER_NAME}" cupsdisable -E "${PRINTER_NAME}" 2>/dev/null cupsreject -E "${PRINTER_NAME}" 2>/dev/null -# ccpdadmin -x "${PRINTER_NAME}" -# lpadmin -x "${PRINTER_NAME}" 2>/dev/null + ccpdadmin -x "${PRINTER_NAME}" 2>/dev/null + lpadmin -x "${PRINTER_NAME}" 2>/dev/null systemctl disable --now ccpd.service 2>/dev/null pkill -9 -x ccpd pkill -9 -x captmoncnabc diff --git a/ublinux/templates/ublinux-data.ini b/ublinux/templates/ublinux-data.ini index 127bd0c..6b9dc06 100644 --- a/ublinux/templates/ublinux-data.ini +++ b/ublinux/templates/ublinux-data.ini @@ -378,12 +378,32 @@ NTPSERVERS=dhcp NSSWITCHAVAHI=yes NSSWITCHWINBIND=yes -## Установка системных прокси -## https://user:password@proxy:port/ -#HTTP_PROXY=https://127.0.0.1:8118 -#HTTPS_PROXY=https://127.0.0.1:8118 -#FTP_PROXY=ftp://127.0.0.1:8118 -#NO_PROXY="localhost,127.0.0.1,192.168.1.0/16" +## Установка системных прокси для HTTP,HTTPS,FTP,SOCKS,RSYNC и адреса исключений EXCLUDE +## Для применения требуется перелогиниться +## PROXY_SYSTEM[%PROTOCOL%]=%SERVER% +## %PROTOCOL%=%null%|http|https|ftp|socks|rsync|all|auto|exclude +## %null% # Глобально, используется только с %SERVER%=no|n|disable +## http # Прокси для протокола HTTP +## https # Прокси для протокола HTTPS +## ftp # Прокси для протокола FTP +## socks # Прокси для протокола SOCKS +## rsync # Прокси для протокола RSYNC +## all # Прокси для всех протоколов, не везде применим +## auto # Только для Gnome, адрес сервера автоматической настройки прокси-сервера (PAC), https://wiki.gentoo.org/wiki/ProxyAutoConfig +## exclude # Адреса, имена dns, сети исключений, доступ к которым осуществляется напрямую, например: localhost,127.0.0.1,::1,192.168.1.1,192.168.2.0/24 +## # Внимание, подстановочные символы (звёздочка) и CIDR нотации не поддерживаются! +## %SERVER%=no|n|none|disable|%ADDRESS% +## %ADDRESS% # Прокси сервер, https://user:password@proxy_server:port , https://proxy_server:port +## # Если Ваш пароль содержит спец. символы, Вы должны заменить их на ASCII коды. Например символ собаки @, должен быть заменен на «%40» +## # Если указан %PROTOCOL%=auto, то указывается путь до файла конфигурации http://my.proxy.org/foo.pac +## no|n|none|disable # Отключить ранее настроенный системный прокси +## PROXY_SYSTEM=disable +## PROXY_SYSTEM[https]=https://user:password@192.168.1.1:443 +## PROXY_SYSTEM[http]=http://127.0.0.1:8118 +## PROXY_SYSTEM[https]=https://127.0.0.1:8118 +## PROXY_SYSTEM[ftp]=ftp://127.0.0.1:8118 +## PROXY_SYSTEM[socks]=socks://127.0.0.1:9050 +## PROXY_SYSTEM[exclude]=localhost,127.0.0.1,::1,192.168.1.1,192.168.2.0/24 ## Для совместного доступа к интернету, можно включить режим шлюза ## Также необходим при связывании нескольких сетей (wlan0 eth0 eth1 ...)