X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=debian%2Fossec-hids%2Fvar%2Fossec%2Fbin%2Fossec-server.sh;fp=debian%2Fossec-hids%2Fvar%2Fossec%2Fbin%2Fossec-server.sh;h=0000000000000000000000000000000000000000;hb=946517cefb8751a43a89bda4220221f065f4e5d1;hp=5a12515b31dba341b0dbb603662ed52b527b3f63;hpb=3f728675941dc69d4e544d3a880a56240a6e394a;p=ossec-hids.git diff --git a/debian/ossec-hids/var/ossec/bin/ossec-server.sh b/debian/ossec-hids/var/ossec/bin/ossec-server.sh deleted file mode 100755 index 5a12515..0000000 --- a/debian/ossec-hids/var/ossec/bin/ossec-server.sh +++ /dev/null @@ -1,323 +0,0 @@ -#!/bin/sh -# ossec-control This shell script takes care of starting -# or stopping ossec-hids -# Author: Daniel B. Cid - -# Getting where we are installed -LOCAL=`dirname $0`; -cd ${LOCAL} -PWD=`pwd` -DIR=`dirname $PWD`; -PLIST=${DIR}/bin/.process_list; - -### Do not modify below here ### - -# Getting additional processes -ls -la ${PLIST} > /dev/null 2>&1 -if [ $? = 0 ]; then -. ${PLIST}; -fi - -NAME="OSSEC HIDS" -VERSION="v3.3.0" - -[ -f /etc/ossec-init.conf ] && . /etc/ossec-init.conf; - -DAEMONS="ossec-monitord ossec-logcollector ossec-remoted ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}" - -## Locking for the start/stop -LOCK="${DIR}/var/start-script-lock" -LOCK_PID="${LOCK}/pid" - -# This number should be more than enough (even if it is -# started multiple times together). It will try for up -# to 10 attempts (or 10 seconds) to execute. -MAX_ITERATION="10" - -checkpid() -{ - for i in ${DAEMONS}; do - for j in `cat ${DIR}/var/run/${i}*.pid 2>/dev/null`; do - ps -p $j |grep ossec >/dev/null 2>&1 - if [ ! $? = 0 ]; then - echo "Deleting PID file '${DIR}/var/run/${i}-${j}.pid' not used..." - rm ${DIR}/var/run/${i}-${j}.pid - fi - done - done -} - -lock() -{ - i=0; - - # Providing a lock. - while [ 1 ]; do - mkdir ${LOCK} > /dev/null 2>&1 - MSL=$? - if [ "${MSL}" = "0" ]; then - # Lock acquired (setting the pid) - echo "$$" > ${LOCK_PID} - return; - fi - - # Waiting 1 second before trying again - sleep 1; - i=`expr $i + 1`; - - # If PID is not present, speed things a bit. - kill -0 `cat ${LOCK_PID}` >/dev/null 2>&1 - if [ ! $? = 0 ]; then - # Pid is not present. - i=`expr $i + 1`; - fi - - # We tried 10 times to acquire the lock. - if [ "$i" = "${MAX_ITERATION}" ]; then - # Unlocking and executing - unlock; - mkdir ${LOCK} > /dev/null 2>&1 - echo "$$" > ${LOCK_PID} - return; - fi - done -} - -unlock() -{ - rm -rf ${LOCK} -} - -help() -{ - # Help message - echo "" - echo "Usage: $0 {start|stop|reload|restart|status|enable|disable}"; - exit 1; -} - -# Enables additional daemons -enable() -{ - if [ "X$2" = "X" ]; then - echo "" - echo "Enable options: database, client-syslog, agentless, debug" - echo "Usage: $0 enable [database|client-syslog|agentless|debug]" - exit 1; - fi - - if [ "X$2" = "Xdatabase" ]; then - echo "DB_DAEMON=ossec-dbd" >> ${PLIST}; - elif [ "X$2" = "Xclient-syslog" ]; then - echo "CSYSLOG_DAEMON=ossec-csyslogd" >> ${PLIST}; - elif [ "X$2" = "Xagentless" ]; then - echo "AGENTLESS_DAEMON=ossec-agentlessd" >> ${PLIST}; - elif [ "X$2" = "Xdebug" ]; then - echo "DEBUG_CLI=\"-d\"" >> ${PLIST}; - else - echo "" - echo "Invalid enable option." - echo "" - echo "Enable options: database, client-syslog, agentless, debug" - echo "Usage: $0 enable [database|client-syslog|agentless|debug]" - exit 1; - fi -} - -# Disables additional daemons -disable() -{ - if [ "X$2" = "X" ]; then - echo "" - echo "Disable options: database, client-syslog, agentless, debug" - echo "Usage: $0 disable [database|client-syslog|agentless|debug]" - exit 1; - fi - - if [ "X$2" = "Xdatabase" ]; then - echo "DB_DAEMON=\"\"" >> ${PLIST}; - elif [ "X$2" = "Xclient-syslog" ]; then - echo "CSYSLOG_DAEMON=\"\"" >> ${PLIST}; - elif [ "X$2" = "Xagentless" ]; then - echo "AGENTLESS_DAEMON=\"\"" >> ${PLIST}; - elif [ "X$2" = "Xdebug" ]; then - echo "DEBUG_CLI=\"\"" >> ${PLIST}; - else - echo "" - echo "Invalid disable option." - echo "" - echo "Disable options: database, client-syslog, agentless, debug" - echo "Usage: $0 disable [database|client-syslog|agentless|debug]" - exit 1; - fi -} - -status() -{ - RETVAL=0 - for i in ${DAEMONS}; do - ## If ossec-maild is disabled, don't try to start it. - if [ X"$i" = "Xossec-maild" ]; then - grep "no<" ${DIR}/etc/ossec.conf >/dev/null 2>&1 - if [ $? = 0 ]; then - continue - fi - fi - - pstatus ${i}; - if [ $? = 0 ]; then - echo "${i} not running..." - RETVAL=1 - else - echo "${i} is running..." - fi - done - exit $RETVAL -} - -testconfig() -{ - # We first loop to check the config. - for i in ${SDAEMONS}; do - ${DIR}/bin/${i} -t ${DEBUG_CLI}; - if [ $? != 0 ]; then - echo "${i}: Configuration error. Exiting" - unlock; - exit 1; - fi - done -} - -# Start function -start() -{ - SDAEMONS="${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON} ossec-maild ossec-execd ossec-analysisd ossec-logcollector ossec-remoted ossec-syscheckd ossec-monitord" - - echo "Starting $NAME $VERSION..." - echo | ${DIR}/bin/ossec-logtest > /dev/null 2>&1; - if [ ! $? = 0 ]; then - echo "OSSEC analysisd: Testing rules failed. Configuration error. Exiting." - exit 1; - fi - lock; - checkpid; - - # We actually start them now. - for i in ${SDAEMONS}; do - - ## If ossec-maild is disabled, don't try to start it. - if [ X"$i" = "Xossec-maild" ]; then - grep "no<" ${DIR}/etc/ossec.conf >/dev/null 2>&1 - if [ $? = 0 ]; then - continue - fi - fi - - pstatus ${i}; - if [ $? = 0 ]; then - ${DIR}/bin/${i} ${DEBUG_CLI}; - if [ $? != 0 ]; then - echo "${i} did not start correctly."; - unlock; - exit 1; - fi - - echo "Started ${i}..." - else - echo "${i} already running..." - fi - done - - # After we start we give 2 seconds for the daemons - # to internally create their PID files. - sleep 2; - unlock; - echo "Completed." -} - -pstatus() -{ - pfile=$1; - - # pfile must be set - if [ "X${pfile}" = "X" ]; then - return 0; - fi - - ls ${DIR}/var/run/${pfile}*.pid > /dev/null 2>&1 - if [ $? = 0 ]; then - for j in `cat ${DIR}/var/run/${pfile}*.pid 2>/dev/null`; do - ps -p $j |grep ossec >/dev/null 2>&1 - if [ ! $? = 0 ]; then - echo "${pfile}: Process $j not used by ossec, removing .." - rm -f ${DIR}/var/run/${pfile}-$j.pid - continue; - fi - - kill -0 $j > /dev/null 2>&1 - if [ $? = 0 ]; then - return 1; - fi - done - fi - - return 0; -} - -stopa() -{ - lock; - checkpid; - for i in ${DAEMONS}; do - pstatus ${i}; - if [ $? = 1 ]; then - echo "Killing ${i} .. "; - - kill `cat ${DIR}/var/run/${i}*.pid`; - else - echo "${i} not running .."; - fi - rm -f ${DIR}/var/run/${i}*.pid - done - - unlock; - echo "$NAME $VERSION Stopped" -} - -### MAIN HERE ### - -case "$1" in -start) - testconfig - start - ;; -stop) - stopa - ;; -restart) - testconfig - stopa - sleep 1; - start - ;; -reload) - DAEMONS="ossec-monitord ossec-logcollector ossec-remoted ossec-syscheckd ossec-analysisd ossec-maild ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}" - stopa - start - ;; -status) - status - ;; -help) - help - ;; -enable) - enable $1 $2; - ;; -disable) - disable $1 $2; - ;; -*) - help -esac -