2 # Installation script for the OSSEC
3 # Author: Daniel B. Cid <daniel.cid@gmail.com>
4 # Last modification: Aug 30, 2012
6 # Changelog 19/03/2006 - Rafael M. Capovilla <under@underlinux.com.br>
7 # New function AddWhite to allow users to add more Ips in the white_list
8 # Minor *echos* modifications to better look
9 # Bug fix - When email address is blank
10 # Bug fix - delete INSTALLDIR - Default is yes but if the user just press enter the script wasn't deleting it as it should
11 # Changelog 15/07/2006 - Rafael M. Capovilla <under@underlinux.com.br>
12 # New function AddTable to add support for OpenBSD pf rules in firewall-drop active response
14 # Changelog 29 March 2012 - Adding hybrid mode (standalone + agent)
18 ### Looking up for the execution directory
22 ### Looking for echo -n
25 if [ ! "X$hs" = "Xa" ]; then
26 ls "/usr/ucb/echo" > /dev/null 2>&1
28 ECHO="/usr/ucb/echo -n"
35 echo "xxxx" | grep -E "xxx" > /dev/null 2>&1
37 ls "/usr/xpg4/bin/grep" > /dev/null 2>&1
39 PATH=/usr/xpg4/bin:$PATH
46 # Checking for command line arguments
48 if [ "X$i" = "Xdebug" ]; then
50 elif [ "X$i" = "Xbinary-install" ]; then
51 USER_BINARYINSTALL="yes"
52 elif [ "X$i" = "Xhelp" ]; then
54 echo "$0 binary-install"
67 echo "5- ${installing}"
69 echo "DIR=\"${INSTALLDIR}\"" > ${LOCATION}
70 echo "CC=${CC}" >> ${LOCATION}
71 echo "GCC=${CC}" >> ${LOCATION}
72 echo "CLANG=clang" >> ${LOCATION}
74 # Changing Config.OS with the new C flags
75 # Checking if debug is enabled
76 if [ "X${SET_DEBUG}" = "Xdebug" ]; then
77 CEXTRA="${CEXTRA} -DDEBUGAD"
80 echo "CEXTRA=${CEXTRA}" >> ./src/Config.OS
83 echo " - ${runningmake}"
86 # Binary install will use the previous generated code.
87 if [ "X${USER_BINARYINSTALL}" = "X" ]; then
102 # If update, stop ossec
103 if [ "X${update_only}" = "Xyes" ]; then
107 # Making the right installation type
108 if [ "X$INSTYPE" = "Xserver" ]; then
111 elif [ "X$INSTYPE" = "Xagent" ]; then
114 elif [ "X$INSTYPE" = "Xlocal" ]; then
115 ./InstallServer.sh local
121 # Generate the /etc/ossec-init.conf
122 VERSION_FILE="./src/VERSION"
123 VERSION=`cat ${VERSION_FILE}`
124 chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
125 echo "DIRECTORY=\"${INSTALLDIR}\"" > ${OSSEC_INIT}
126 echo "VERSION=\"${VERSION}\"" >> ${OSSEC_INIT}
127 echo "DATE=\"`date`\"" >> ${OSSEC_INIT}
128 echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT}
129 chmod 600 ${OSSEC_INIT}
130 cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
131 chmod 640 ${INSTALLDIR}${OSSEC_INIT}
134 # If update_rules is set, we need to tweak
135 # ossec.conf to read the new signatures.
136 if [ "X${update_rules}" = "Xyes" ]; then
140 # If update, start OSSEC
141 if [ "X${update_only}" = "Xyes" ]; then
145 # Calling the init script to start ossec hids during boot
146 if [ "X${update_only}" = "X" ]; then
164 # Integrity check config
166 $ECHO " 3.2- ${runsyscheck} ($yes/$no) [$yes]: "
167 if [ "X${USER_ENABLE_SYSCHECK}" = "X" ]; then
170 AS=${USER_ENABLE_SYSCHECK}
175 echo " - ${nosyscheck}."
179 echo " - ${yessyscheck}."
183 # Adding to the config file
184 if [ "X$SYSCHECK" = "Xyes" ]; then
185 cat ${SYSCHECK_TEMPLATE} >> $NEWCONFIG
198 # Rootkit detection configuration
200 $ECHO " 3.3- ${runrootcheck} ($yes/$no) [$yes]: "
202 if [ "X${USER_ENABLE_ROOTCHECK}" = "X" ]; then
205 ES=${USER_ENABLE_ROOTCHECK}
211 echo " - ${norootcheck}."
215 echo " - ${yesrootcheck}."
220 # Adding to the config file
221 if [ "X$ROOTCHECK" = "Xyes" ]; then
222 echo "" >> $NEWCONFIG
223 echo " <rootcheck>" >> $NEWCONFIG
224 echo " <rootkit_files>$INSTALLDIR/etc/shared/rootkit_files.txt</rootkit_files>" >> $NEWCONFIG
225 echo " <rootkit_trojans>$INSTALLDIR/etc/shared/rootkit_trojans.txt</rootkit_trojans>" >> $NEWCONFIG
226 echo " <system_audit>$INSTALLDIR/etc/shared/system_audit_rcl.txt</system_audit>" >> $NEWCONFIG
227 echo " <system_audit>$INSTALLDIR/etc/shared/cis_debian_linux_rcl.txt</system_audit>" >> $NEWCONFIG
228 echo " <system_audit>$INSTALLDIR/etc/shared/cis_rhel_linux_rcl.txt</system_audit>" >> $NEWCONFIG
229 echo " <system_audit>$INSTALLDIR/etc/shared/cis_rhel5_linux_rcl.txt</system_audit>" >> $NEWCONFIG
230 echo " </rootcheck>" >> $NEWCONFIG
232 echo "" >> $NEWCONFIG
233 echo " <rootcheck>" >> $NEWCONFIG
234 echo " <disabled>yes</disabled>" >> $NEWCONFIG
235 echo " </rootcheck>" >> $NEWCONFIG
247 if [ "x${USER_CLEANINSTALL}" = "xy" ]; then
248 OPENDIR=`dirname $INSTALLDIR`
249 echo "" >> $NEWCONFIG
250 echo " <localfile>" >> $NEWCONFIG
251 echo " <log_format>ossecalert</log_format>" >> $NEWCONFIG
252 echo " <location>$OPENDIR/logs/alerts/alerts.log</location>" >>$NEWCONFIG
253 echo " </localfile>" >> $NEWCONFIG
254 echo "" >> $NEWCONFIG
260 echo " $NB- ${readlogs}"
262 echo " <!-- Files to monitor (localfiles) -->" >> $NEWCONFIG
263 LOG_FILES=`cat ${SYSLOG_TEMPLATE}`
264 for i in ${LOG_FILES}; do
265 # If log file present, add it
266 ls $i > /dev/null 2>&1
269 echo "" >> $NEWCONFIG
270 echo " <localfile>" >> $NEWCONFIG
271 echo " <log_format>syslog</log_format>" >> $NEWCONFIG
272 echo " <location>$i</location>" >>$NEWCONFIG
273 echo " </localfile>" >> $NEWCONFIG
278 # Getting snort files
279 SNORT_FILES=`cat ${SNORT_TEMPLATE}`
280 for i in ${SNORT_FILES}; do
281 ls $i > /dev/null 2>&1
283 echo "" >> $NEWCONFIG
284 echo " <localfile>" >> $NEWCONFIG
286 head -n 1 $i|grep "\[**\] "|grep -v "Classification:" > /dev/null
288 echo " <log_format>snort-full</log_format>" >> $NEWCONFIG
289 echo " -- $i (snort-full file)"
291 echo " <log_format>snort-fast</log_format>" >> $NEWCONFIG
292 echo " -- $i (snort-fast file)"
294 echo " <location>$i</location>" >>$NEWCONFIG
295 echo " </localfile>" >> $NEWCONFIG
299 # Getting apache logs
300 APACHE_FILES=`cat ${APACHE_TEMPLATE}`
301 for i in ${APACHE_FILES}; do
302 ls $i > /dev/null 2>&1
304 echo "" >> $NEWCONFIG
305 echo " <localfile>" >> $NEWCONFIG
306 echo " <log_format>apache</log_format>" >> $NEWCONFIG
307 echo " <location>$i</location>" >>$NEWCONFIG
308 echo " </localfile>" >> $NEWCONFIG
310 echo " -- $i (apache log)"
314 # Getting postgresql logs
315 PGSQL_FILES=`cat ${PGSQL_TEMPLATE}`
316 for i in ${PGSQL_FILES}; do
317 ls $i > /dev/null 2>&1
319 echo "" >> $NEWCONFIG
320 echo " <localfile>" >> $NEWCONFIG
321 echo " <log_format>postgresql_log</log_format>" >> $NEWCONFIG
322 echo " <location>$i</location>" >>$NEWCONFIG
323 echo " </localfile>" >> $NEWCONFIG
325 echo " -- $i (postgresql log)"
329 if [ "X$NUNAME" = "XLinux" ]; then
330 echo "" >> $NEWCONFIG
331 echo " <localfile>" >> $NEWCONFIG
332 echo " <log_format>command</log_format>" >> $NEWCONFIG
333 echo " <command>df -h</command>" >> $NEWCONFIG
334 echo " </localfile>" >> $NEWCONFIG
335 echo "" >> $NEWCONFIG
336 echo " <localfile>" >> $NEWCONFIG
337 echo " <log_format>full_command</log_format>" >> $NEWCONFIG
338 echo " <command>netstat -tan |grep LISTEN |grep -v 127.0.0.1 | sort</command>" >> $NEWCONFIG
339 echo " </localfile>" >> $NEWCONFIG
340 echo "" >> $NEWCONFIG
341 echo " <localfile>" >> $NEWCONFIG
342 echo " <log_format>full_command</log_format>" >> $NEWCONFIG
343 echo " <command>last -n 5</command>" >> $NEWCONFIG
344 echo " </localfile>" >> $NEWCONFIG
354 if [ "X$USER_NO_STOP" = "X" ]; then
369 echo "3- ${configuring} $NAME."
372 if [[ "X${USER_AGENT_SERVER_IP}" = "X" && "X${USER_AGENT_SERVER_NAME}" = "X" ]]; then
373 # Looping and asking for server ip or hostname
375 $ECHO " 3.1- ${serveraddr}: "
378 echo $ADDRANSWER | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" > /dev/null 2>&1
382 echo " - ${addingip} $IP"
385 elif [ $? != 0 ]; then
388 echo " - ${addingname} $HNAME"
393 IP=${USER_AGENT_SERVER_IP}
394 HNAME=${USER_AGENT_SERVER_NAME}
397 echo "<ossec_config>" > $NEWCONFIG
398 echo " <client>" >> $NEWCONFIG
399 if [ "X${IP}" != "X" ]; then
400 echo " <server-ip>$IP</server-ip>" >> $NEWCONFIG
401 elif [ "X${HNAME}" != "X" ]; then
402 echo " <server-hostname>$HNAME</server-hostname>" >> $NEWCONFIG
404 echo " </client>" >> $NEWCONFIG
405 echo "" >> $NEWCONFIG
414 $ECHO " 3.4 - ${enable_ar} ($yes/$no) [$yes]: "
416 if [ "X${USER_ENABLE_ACTIVE_RESPONSE}" = "X" ]; then
419 ANY=${USER_ENABLE_ACTIVE_RESPONSE}
425 echo " - ${noactive}."
426 echo "" >> $NEWCONFIG
427 echo " <active-response>" >> $NEWCONFIG
428 echo " <disabled>yes</disabled>" >> $NEWCONFIG
429 echo " </active-response>" >> $NEWCONFIG
430 echo "" >> $NEWCONFIG
438 # Set up the log files
441 echo "</ossec_config>" >> $NEWCONFIG
453 echo "3- ${configuring} $NAME."
456 # Configuring e-mail notification
458 $ECHO " 3.1- ${mailnotify} ($yes/$no) [$yes]: "
460 if [ "X${USER_ENABLE_EMAIL}" = "X" ]; then
463 ANSWER=${USER_ENABLE_EMAIL}
469 echo " --- ${nomail}."
474 $ECHO " - ${whatsemail} "
475 if [ "X${USER_EMAIL_ADDRESS}" = "X" ]; then
478 echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?;
479 # Ugly e-mail validation
480 while [ "$EMAIL" = "" -o ! ${RVAL} = 0 ] ; do
481 $ECHO " - ${whatsemail} "
483 echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?;
486 EMAIL=${USER_EMAIL_ADDRESS}
489 ls ${HOST_CMD} > /dev/null 2>&1
491 HOSTTMP=`${HOST_CMD} -W 5 -t mx ossec.net 2>/dev/null`
493 # Trying without the -W
494 HOSTTMP=`${HOST_CMD} -t mx ossec.net 2>/dev/null`
496 echo "x$HOSTTMP" | grep "ossec.net mail is handled" > /dev/null 2>&1
498 # Breaking down the user e-mail
499 EMAILHOST=`echo ${EMAIL} | cut -d "@" -f 2`
500 if [ "X${EMAILHOST}" = "Xlocalhost" ]; then
503 HOSTTMP=`${HOST_CMD} -W 5 -t mx ${EMAILHOST}`
504 SMTPHOST=`echo ${HOSTTMP} | cut -d " " -f 7`
509 if [ "X${USER_EMAIL_SMTP}" = "X" ]; then
510 if [ "X${SMTPHOST}" != "X" ]; then
512 echo " - ${yoursmtp}: ${SMTPHOST}"
513 $ECHO " - ${usesmtp} ($yes/$no) [$yes]: "
523 echo " --- ${usingsmtp} ${SMTP}"
528 if [ "X${SMTP}" = "X" ]; then
529 $ECHO " - ${whatsmtp} "
533 SMTP=${USER_EMAIL_SMTP}
539 # Writting global parameters
540 echo "<ossec_config>" > $NEWCONFIG
541 echo " <global>" >> $NEWCONFIG
542 if [ "$EMAILNOTIFY" = "yes" ]; then
543 echo " <email_notification>yes</email_notification>" >> $NEWCONFIG
544 echo " <email_to>$EMAIL</email_to>" >> $NEWCONFIG
545 echo " <smtp_server>$SMTP</smtp_server>" >> $NEWCONFIG
546 echo " <email_from>ossecm@${HOST}</email_from>" >> $NEWCONFIG
548 echo " <email_notification>no</email_notification>" >> $NEWCONFIG
551 echo " </global>" >> $NEWCONFIG
552 echo "" >> $NEWCONFIG
554 # Writting rules configuration
555 cat ${RULES_TEMPLATE} >> $NEWCONFIG
556 echo "" >> $NEWCONFIG
559 # Checking if syscheck should run
562 # Checking if rootcheck should run
568 $ECHO " - ${enable_ar} ($yes/$no) [$yes]: "
570 if [ "X${USER_ENABLE_ACTIVE_RESPONSE}" = "X" ]; then
573 AR=${USER_ENABLE_ACTIVE_RESPONSE}
579 echo " - ${noactive}."
580 echo "" >> $NEWCONFIG
581 echo " <active-response>" >> $NEWCONFIG
582 echo " <disabled>yes</disabled>" >> $NEWCONFIG
583 echo " </active-response>" >> $NEWCONFIG
584 echo "" >> $NEWCONFIG
589 catMsg "0x108-ar-enabled"
592 $ECHO " - ${firewallar} ($yes/$no) [$yes]: "
594 if [ "X${USER_ENABLE_FIREWALL_RESPONSE}" = "X" ]; then
597 HD2=${USER_ENABLE_FIREWALL_RESPONSE}
603 echo " - ${nofirewall}"
606 echo " - ${yesfirewall}"
610 echo "" >> $NEWCONFIG
611 echo " <global>" >> $NEWCONFIG
612 echo " <white_list>127.0.0.1</white_list>" >> $NEWCONFIG
613 echo " <white_list>^localhost.localdomain$</white_list>">>$NEWCONFIG
615 echo " - ${defaultwhitelist}"
616 for ip in ${NAMESERVERS} ${NAMESERVERS2};
618 if [ ! "X${ip}" = "X" ]; then
620 echo " <white_list>${ip}</white_list>" >>$NEWCONFIG
625 # If Openbsd or Freebsd with pf enable, ask about
626 # automatically setting it up.
627 # Commenting it out in case I change my mind about it
629 #if [ "X`sh ./src/init/fw-check.sh`" = "XPF" ]; then
631 # $ECHO " - ${pfenable} ($yes/$no) [$yes]: "
632 # if [ "X${USER_ENABLE_PF}" = "X" ]; then
635 # PFENABLE=${USER_ENABLE_PF}
649 echo " </global>" >> $NEWCONFIG
654 if [ "X$INSTYPE" = "Xserver" ]; then
655 # Configuring remote syslog
657 $ECHO " 3.5- ${syslog} ($yes/$no) [$yes]: "
659 if [ "X${USER_ENABLE_SYSLOG}" = "X" ]; then
662 ANSWER=${USER_ENABLE_SYSLOG}
668 echo " --- ${nosyslog}."
671 echo " - ${yessyslog}."
676 # Configuring remote connections
682 if [ "X$RLOG" = "Xyes" ]; then
683 echo "" >> $NEWCONFIG
684 echo " <remote>" >> $NEWCONFIG
685 echo " <connection>syslog</connection>" >> $NEWCONFIG
686 echo " </remote>" >> $NEWCONFIG
689 if [ "X$SLOG" = "Xyes" ]; then
690 echo "" >> $NEWCONFIG
691 echo " <remote>" >> $NEWCONFIG
692 echo " <connection>secure</connection>" >> $NEWCONFIG
693 echo " </remote>" >> $NEWCONFIG
698 echo "" >> $NEWCONFIG
699 echo " <alerts>" >> $NEWCONFIG
700 echo " <log_alert_level>1</log_alert_level>" >> $NEWCONFIG
701 if [ "$EMAILNOTIFY" = "yes" ]; then
702 echo " <email_alert_level>7</email_alert_level>">> $NEWCONFIG
704 echo " </alerts>" >> $NEWCONFIG
707 if [ "X$ACTIVERESPONSE" = "Xyes" ]; then
708 # Add commands in here
709 echo "" >> $NEWCONFIG
710 cat ${HOST_DENY_TEMPLATE} >> $NEWCONFIG
711 echo "" >> $NEWCONFIG
712 cat ${FIREWALL_DROP_TEMPLATE} >> $NEWCONFIG
713 echo "" >> $NEWCONFIG
714 cat ${DISABLE_ACCOUNT_TEMPLATE} >> $NEWCONFIG
715 echo "" >> $NEWCONFIG
716 cat ${ROUTENULL_TEMPLATE} >> $NEWCONFIG
717 echo "" >> $NEWCONFIG
719 if [ "X$FIREWALLDROP" = "Xyes" ]; then
720 echo "" >> $NEWCONFIG
721 cat ${ACTIVE_RESPONSE_TEMPLATE} >> $NEWCONFIG
722 echo "" >> $NEWCONFIG
726 # Setting up the logs
728 echo "</ossec_config>" >> $NEWCONFIG
740 echo "2- ${settingupenv}."
743 if [ "X${USER_DIR}" = "X" ]; then
745 $ECHO " - ${wheretoinstall} [$INSTALLDIR]: "
747 if [ ! "X$ANSWER" = "X" ]; then
748 echo $ANSWER |grep -E "^/[a-zA-Z0-9./_-]{3,128}$">/dev/null 2>&1
758 INSTALLDIR=${USER_DIR}
762 CEXTRA="$CEXTRA -DDEFAULTDIR=\\\"${INSTALLDIR}\\\""
765 echo " - ${installat} ${INSTALLDIR} ."
768 if [ "X$INSTYPE" = "Xagent" ]; then
769 CEXTRA="$CEXTRA -DCLIENT"
770 elif [ "X$INSTYPE" = "Xlocal" ]; then
771 CEXTRA="$CEXTRA -DLOCAL"
774 ls $INSTALLDIR >/dev/null 2>&1
776 if [ "X${USER_DELETE_DIR}" = "X" ]; then
778 $ECHO " - ${deletedir} ($yes/$no) [$yes]: "
781 ANSWER=${USER_DELETE_DIR}
787 if [ ! $? = 0 ]; then
799 # checkDependencies()
800 # Thanks to gabriel@macacos.org
806 if [ "X$NUNAME" = "XSunOS" ]; then
807 PATH=$PATH:/usr/ccs/bin:/usr/xpg4/bin:/opt/csw/gcc3/bin:/opt/csw/bin:/usr/sfw/bin
809 elif [ "X$NUNAME" = "XAIX" ]; then
810 PATH=$PATH:/usr/vac/bin
814 ls "`which gcc`" > /dev/null 2>&1
815 if [ ! $? = 0 ]; then
816 ls "`which cc`" > /dev/null 2>&1
817 if [ ! $? = 0 ]; then
818 if [ "X${USER_BINARYINSTALL}" = "X" ]; then
819 catError "0x3-dependencies"
839 $ECHO " - ${addwhite} ($yes/$no)? [$no]: "
841 # If white list is set, we don't need to ask it here.
842 if [ "X${USER_WHITE_LIST}" = "X" ]; then
848 if [ "X${ANSWER}" = "X" ] ; then
857 $ECHO " - ${ipswhite}"
858 if [ "X${USER_WHITE_LIST}" = "X" ]; then
861 IPS=${USER_WHITE_LIST}
866 if [ ! "X${ip}" = "X" ]; then
867 echo $ip | grep -E "^[0-9./]{5,20}$" > /dev/null 2>&1
869 echo " <white_list>${ip}</white_list>" >>$NEWCONFIG
887 TABLE="ossec_fwtable"
889 # Add table to the first line
891 echo " - ${pfmessage}:"
893 echo " http://www.ossec.net/en/manual.html#active-response-tools"
897 echo " table <${TABLE}> persist #$TABLE "
898 echo " block in quick from <${TABLE}> to any"
899 echo " block out quick from any to <${TABLE}>"
912 . ./src/init/shared.sh
913 . ./src/init/functions.sh
915 # Reading pre-defined file
916 if [ ! `isFile ${PREDEF_FILE}` = "${FALSE}" ]; then
920 # If user language is not set
922 if [ "X${USER_LANGUAGE}" = "X" ]; then
924 # Choosing the language.
927 for i in `ls ${TEMPLATE}`; do
928 # ignore CVS (should not be there anyways and config)
929 if [ "$i" = "CVS" -o "$i" = "config" ]; then continue; fi
930 cat "${TEMPLATE}/$i/language.txt"
931 if [ ! "$i" = "en" ]; then
935 $ECHO " (${LG}) [en]: "
938 if [ "X${USER_LG}" = "X" ]; then
942 ls "${TEMPLATE}/${USER_LG}" > /dev/null 2>&1
952 # If provided language is not valid, default to english
953 ls "${TEMPLATE}/${USER_LANGUAGE}" > /dev/null 2>&1
955 LANGUAGE=${USER_LANGUAGE}
960 fi # for USER_LANGUAGE
963 . ./src/init/shared.sh
964 . ./src/init/language.sh
965 . ./src/init/functions.sh
967 . ${TEMPLATE}/${LANGUAGE}/messages.txt
970 # Must be executed as ./install.sh
971 if [ `isFile ${VERSION_FILE}` = "${FALSE}" ]; then
972 catError "0x1-location";
976 if [ ! "X$ME" = "Xroot" ]; then
977 catError "0x2-beroot";
980 # Checking dependencies
987 echo " $NAME $VERSION ${installscript} - http://www.ossec.net"
989 catMsg "0x101-initial"
991 echo " - $system: $UNAME"
993 echo " - $host: $HOST"
996 echo " -- $hitanyorabort --"
998 if [ "X$USER_NO_STOP" = "X" ]; then
1002 . ./src/init/update.sh
1003 # Is this an update?
1004 if [ "`isUpdate`" = "${TRUE}" -a "x${USER_CLEANINSTALL}" = "x" ]; then
1007 while [ $ct = "1" ]; do
1009 $ECHO " - ${wanttoupdate} ($yes/$no): "
1010 if [ "X${USER_UPDATE}" = "X" ]; then
1031 # Do some of the update steps.
1032 if [ "X${update_only}" = "Xyes" ]; then
1033 . ./src/init/update.sh
1035 if [ "`doUpdatecleanup`" = "${FALSE}" ]; then
1038 echo "${unabletoupdate}"
1043 USER_INSTALL_TYPE=`getPreinstalled`
1044 USER_DIR=`getPreinstalledDir`
1045 USER_DELETE_DIR="$nomatch"
1050 # We dont need to update the rules on agent installs
1051 if [ "X${USER_INSTALL_TYPE}" = "Xagent" ]; then
1055 while [ $ct = "1" ]; do
1057 $ECHO " - ${updaterules} ($yes/$no): "
1058 if [ "X${USER_UPDATE_RULES}" = "X" ]; then
1083 hybridm=`echo ${hybrid} | cut -b 1`
1084 serverm=`echo ${server} | cut -b 1`
1085 localm=`echo ${local} | cut -b 1`
1086 agentm=`echo ${agent} | cut -b 1`
1087 helpm=`echo ${help} | cut -b 1`
1089 # If user install type is not set, ask for it.
1090 if [ "X${USER_INSTALL_TYPE}" = "X" ]; then
1092 # Loop for the installation options
1096 $ECHO "1- ${whattoinstall} "
1102 catMsg "0x102-installhelp"
1105 ${server}|${serverm})
1107 echo " - ${serverchose}."
1114 echo " - ${clientchose}."
1119 ${hybrid}|${hybridm})
1121 echo " - ${localchose} (hybrid)."
1128 echo " - ${localchose}."
1136 INSTYPE=${USER_INSTALL_TYPE}
1140 # Setting up the environment
1144 # Configuring the system (based on the installation type)
1145 if [ "X${update_only}" = "X" ]; then
1146 if [ "X$INSTYPE" = "Xserver" ]; then
1148 elif [ "X$INSTYPE" = "Xagent" ]; then
1150 elif [ "X$INSTYPE" = "Xlocal" ]; then
1153 catError "0x4-installtype"
1157 # Installing (calls the respective script
1158 # -- InstallAgent.sh or InstallServer.sh
1163 echo " - ${configurationdone}."
1165 echo " - ${tostart}:"
1166 echo " $INSTALLDIR/bin/ossec-control start"
1168 echo " - ${tostop}:"
1169 echo " $INSTALLDIR/bin/ossec-control stop"
1171 echo " - ${configat} $INSTALLDIR/etc/ossec.conf"
1175 catMsg "0x103-thanksforusing"
1178 if [ "X${update_only}" = "Xyes" ]; then
1179 # Message for the update
1180 if [ "X`sh ./src/init/fw-check.sh`" = "XPF" -a "X${ACTIVERESPONSE}" = "Xyes" ]; then
1181 if [ "X$USER_NO_STOP" = "X" ]; then
1187 echo " - ${updatecompleted}"
1193 if [ "X$USER_NO_STOP" = "X" ]; then
1198 # PF firewall message
1199 if [ "X`sh ./src/init/fw-check.sh`" = "XPF" -a "X${ACTIVERESPONSE}" = "Xyes" ]; then
1204 if [ "X$INSTYPE" = "Xserver" ]; then
1206 echo " - ${addserveragent}"
1209 echo " $INSTALLDIR/bin/manage_agents"
1212 echo " http://www.ossec.net/en/manual.html#ma"
1215 elif [ "X$INSTYPE" = "Xagent" ]; then
1216 catMsg "0x104-client"
1217 echo " $INSTALLDIR/bin/manage_agents"
1220 echo " http://www.ossec.net/en/manual.html#ma"
1224 if [ "X$notmodified" = "Xyes" ]; then
1225 catMsg "0x105-noboot"
1226 echo " $INSTALLDIR/bin/ossec-control start"
1231 _f_cfg="./install.cfg.sh"
1233 if [ -f $_f_cfg ]; then
1237 ### Calling main function where everything happens
1241 if [ "x$HYBID" = "xgo" ]; then
1242 echo " --------------------------------------------"
1243 echo " Finishing Hybrid setup (agent configuration)"
1244 echo " --------------------------------------------"
1245 echo 'USER_LANGUAGE="en"' > ./etc/preloaded-vars.conf
1246 echo "" >> ./etc/preloaded-vars.conf
1247 echo 'USER_NO_STOP="y"' >> ./etc/preloaded-vars.conf
1248 echo "" >> ./etc/preloaded-vars.conf
1249 echo 'USER_INSTALL_TYPE="agent"' >> ./etc/preloaded-vars.conf
1250 echo "" >> ./etc/preloaded-vars.conf
1251 echo "USER_DIR=\"$INSTALLDIR/ossec-agent\"" >> ./etc/preloaded-vars.conf
1252 echo "" >> ./etc/preloaded-vars.conf
1253 echo 'USER_ENABLE_ROOTCHECK="n"' >> ./etc/preloaded-vars.conf
1254 echo "" >> ./etc/preloaded-vars.conf
1255 echo 'USER_ENABLE_SYSCHECK="n"' >> ./etc/preloaded-vars.conf
1256 echo "" >> ./etc/preloaded-vars.conf
1257 echo 'USER_ENABLE_ACTIVE_RESPONSE="n"' >> ./etc/preloaded-vars.conf
1258 echo "" >> ./etc/preloaded-vars.conf
1259 echo 'USER_UPDATE="n"' >> ./etc/preloaded-vars.conf
1260 echo "" >> ./etc/preloaded-vars.conf
1261 echo 'USER_UPDATE_RULES="n"' >> ./etc/preloaded-vars.conf
1262 echo "" >> ./etc/preloaded-vars.conf
1263 echo 'USER_CLEANINSTALL="y"' >> ./etc/preloaded-vars.conf
1264 echo "" >> ./etc/preloaded-vars.conf