+++ /dev/null
-#!/bin/sh
-# postinst script for ossec-hids
-# Santiago Bassett <santiago.bassett@gmail.com>
-# 03/25/2014
-
-set -e
-
-case "$1" in
- configure)
-
- DIR="/var/ossec/"
- USER="ossec"
- GROUP="ossec"
- OSSEC_HIDS_TMP_DIR="/tmp/ossec-hids"
-
- OSMYSHELL="/sbin/nologin"
- if [ ! -f ${OSMYSHELL} ]; then
- if [ -f "/bin/false" ]; then
- OSMYSHELL="/bin/false"
- fi
- fi
-
- if ! getent group | grep -q "^ossec"
- then
- addgroup --system ossec
- fi
- if ! getent passwd | grep -q "^ossec"
- then
- adduser --system --home ${DIR} --shell ${OSMYSHELL} --ingroup ${GROUP} ${USER} > /dev/null 2>&1
- fi
-
- # Default for all directories
- chmod -R 550 ${DIR}
- chown -R root:${GROUP} ${DIR}
-
- # To the ossec queue (default for agentd to read)
- chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
- chmod -R 770 ${DIR}/queue/ossec
-
- # For the logging user
- chown -R ${USER}:${GROUP} ${DIR}/logs
- chmod -R 750 ${DIR}/logs
- chmod -R 775 ${DIR}/queue/rids
- touch ${DIR}/logs/ossec.log
- chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
- chmod 664 ${DIR}/logs/ossec.log
-
- chown -R ${USER}:${GROUP} ${DIR}/queue/diff
- chmod -R 750 ${DIR}/queue/diff
- chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 || true
-
- # For the etc dir
- chmod 550 ${DIR}/etc
- chown -R root:${GROUP} ${DIR}/etc
- if [ -f /etc/localtime ]; then
- cp -pL /etc/localtime ${DIR}/etc/;
- chmod 555 ${DIR}/etc/localtime
- chown root:${GROUP} ${DIR}/etc/localtime
- fi
-
- if [ -f /etc/TIMEZONE ]; then
- cp -p /etc/TIMEZONE ${DIR}/etc/;
- chmod 555 ${DIR}/etc/TIMEZONE
- fi
-
- # More files
- chown root:${GROUP} ${DIR}/etc/internal_options.conf
- chown root:${GROUP} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 || true
- chown root:${GROUP} ${DIR}/etc/client.keys >/dev/null 2>&1 || true
- chown root:${GROUP} ${DIR}/agentless/*
- chown ${USER}:${GROUP} ${DIR}/.ssh
- chown root:${GROUP} ${DIR}/etc/shared/*
-
- chmod 550 ${DIR}/etc
- chmod 440 ${DIR}/etc/internal_options.conf
- chmod 660 ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 || true
- chmod 440 ${DIR}/etc/client.keys >/dev/null 2>&1 || true
- chmod 550 ${DIR}/agentless/*
- chmod 700 ${DIR}/.ssh
- chmod 770 ${DIR}/etc/shared
- chmod 660 ${DIR}/etc/shared/*
-
- # For the /var/run
- chmod 770 ${DIR}/var/run
- chown root:${GROUP} ${DIR}/var/run
-
- # For util.sh
- chown root:${GROUP} ${DIR}/bin/util.sh
- chmod +x ${DIR}/bin/util.sh
-
- # For binaries and active response
- chmod 755 ${DIR}/active-response/bin/*
- chown root:${GROUP} ${DIR}/active-response/bin/*
- chown root:${GROUP} ${DIR}/bin/*
- chmod 550 ${DIR}/bin/*
-
- # For ossec.conf
- chown root:${GROUP} ${DIR}/etc/ossec.conf
- chmod 660 ${DIR}/etc/ossec.conf
-
- # Debconf
- . /usr/share/debconf/confmodule
- db_input high ossec-hids-agent/server-ip || true
- db_go
-
- db_get ossec-hids-agent/server-ip
- SERVER_IP=$RET
-
- sed -i "s/<server-ip>[^<]\+<\/server-ip>/<server-ip>${SERVER_IP}<\/server-ip>/" ${DIR}/etc/ossec.conf
- db_stop
-
- # ossec-init.conf
- if [ -e ${DIR}/etc/ossec-init.conf ] && [ -d /etc/ ]; then
- if [ -e /etc/ossec-init.conf ]; then
- rm -f /etc/ossec-init.conf
- fi
- ln -s ${DIR}/etc/ossec-init.conf /etc/ossec-init.conf
- fi
-
- # init.d/ossec file
- if [ -x ${DIR}/etc/init.d/ossec ] && [ -d /etc/init.d/ ]; then
- if [ -e /etc/init.d/ossec ]; then
- rm -f /etc/init.d/ossec
- fi
- ln -s ${DIR}/etc/init.d/ossec /etc/init.d/ossec
- fi
-
- # Service
- if [ -x /etc/init.d/ossec ]; then
- update-rc.d -f ossec defaults
- fi
-
- # Delete tmp directory
- if [ -d ${OSSEC_HIDS_TMP_DIR} ]; then
- rm -r ${OSSEC_HIDS_TMP_DIR}
- fi
-
- ;;
-
-
- abort-upgrade|abort-remove|abort-deconfigure)
-
- ;;
-
-
- *)
- echo "postinst called with unknown argument \`$1'" >22
- exit 1
- ;;
-
-esac
-
-exit 0