Merge branch 'master' of github.com:cassiopc/boca

4 files changed, 26 insertions, 1 deletions

diff --git a/tools/etc/icpc/installboca.sh b/tools/etc/icpc/installboca.sh
index 88c266f..d796c04 100755
--- a/tools/etc/icpc/installboca.sh
+++ b/tools/etc/icpc/installboca.sh
@@ -217,6 +217,7 @@ echo "=================================================="
 echo "=================== SERVER SETUP   ==============="
 echo "=================================================="
 ln -s /etc/php5/mods-available/mcrypt.ini /etc/php5/apache2/conf.d/20-mcrypt.ini 2>/dev/null
+ln -s /etc/php5/mods-available/mcrypt.ini /etc/php5/cli/conf.d/20-mcrypt.ini 2>/dev/null
 
 OK=n
 echo "You can run at anytime later the script /etc/icpc/becomeserver.sh to prepare the computer to be the BOCA server"
diff --git a/tools/etc/icpc/setup.sh b/tools/etc/icpc/setup.sh
index 5d8838f..62563e1 100755
--- a/tools/etc/icpc/setup.sh
+++ b/tools/etc/icpc/setup.sh
@@ -4,7 +4,7 @@ if [ ! -x /etc/icpc/bocaserver.sh ]; then
   OK=1
   while [ "$OK" != "0" ]; do
     IP=`zenity --title="Setting up the BOCA server IP number" --text="Enter the IP address of the server (format x.y.w.z)\n\
-If this is supposed to be the server, then leave it empty\nIf there are multiple servers, separate IPs by a semi-colon ;" --width=500 --height=100 --entry`
+If this is supposed to be the server, then leave it empty\nIf there are multiple servers, separate IPs by a semi-colon ;" --entry`
     [ "$IP" == "" ] && IP=LOCAL
     zenity --title="IP confirmation" --text="The chosen IP is $IP\nDo you confirm?" --question
     OK=$?
@@ -94,3 +94,5 @@ fi
 if [ -x /etc/network/if-pre-up.d/boca ]; then
   . /etc/network/if-pre-up.d/boca
 fi
+
+exit 0
diff --git a/tools/etc/network/if-up.d/boca b/tools/etc/network/if-up.d/boca
index 0f31ee0..20ff38f 100644
--- a/tools/etc/network/if-up.d/boca
+++ b/tools/etc/network/if-up.d/boca
@@ -6,9 +6,22 @@ fi
 /sbin/iptables -F INPUT
 /sbin/iptables -A INPUT -i lo -j ACCEPT
 /sbin/iptables -A INPUT -s 143.107.255.15 -j ACCEPT
+
+# just to make things easier, let's allow communication to/from BOCA servers
+/sbin/iptables -A INPUT -s 45.33.30.235 -j ACCEPT
+/sbin/iptables -A INPUT -s 50.116.19.221 -j ACCEPT
+
 if [ "$BOCASERVER" != "" ]; then
   /sbin/iptables -A INPUT -s $BOCASERVER -j ACCEPT
 fi
+if [ "$BOCASERVERS" != "" ]; then
+	for i in `echo $BOCASERVERS | tr ';' ' '`; do
+		/sbin/iptables -A INPUT -s $i -j ACCEPT
+	done
+fi
+/sbin/iptables -A INPUT -m udp -p udp -s 0/0 --sport 67:68 --dport 67:68 -j ACCEPT
+/sbin/iptables -A INPUT -m udp -p udp -s 0/0 --sport 53 --dport 53 -j ACCEPT
+/sbin/iptables -A INPUT -m tcp -p tcp -s 0/0 --sport 53 --dport 53 -j ACCEPT
 /sbin/iptables -A INPUT -j REJECT
 else
 	if [ -x /etc/icpc/bocaserver.iptables ]; then
diff --git a/tools/installv2.sh b/tools/installv2.sh
index e75f2e9..5b756da 100755
--- a/tools/installv2.sh
+++ b/tools/installv2.sh
@@ -181,6 +181,15 @@ if [ "`which gconftool`" != "" ]; then
 	su - icpc -c "gconftool -s -t bool /apps/update-notifier/auto_launch false"
 fi
 
+grep -q icpcadmin /etc/ssh/sshd_config
+if [ "$?" != "0" ]; then
+	echo "DenyUsers icpc icpcadmin" >> /etc/ssh/sshd_config
+	ps auxw |grep sshd|grep -vq grep
+	if [ "$?" == "0" ]; then
+		service ssh reload
+	fi
+fi
+
 pass=`echo -n icpc | makepasswd --clearfrom - --crypt-md5 | cut -d'$' -f2-`
 pass=\$`echo $pass`
 id -u icpc >/dev/null 2>/dev/null