debian/ossec-hids/usr/share/doc/ossec-hids/contrib/debian-packages/ossec-hids-agent/debian/postinst

   1 #!/bin/sh
   2 # postinst script for ossec-hids
   3 # Santiago Bassett <santiago.bassett@gmail.com>
   4 # 03/25/2014
   5
   6 set -e
   7
   8 case "$1" in
   9     configure)
  10
  11         DIR="/var/ossec/"
  12         USER="ossec"
  13         GROUP="ossec"
  14         OSSEC_HIDS_TMP_DIR="/tmp/ossec-hids"
  15
  16         OSMYSHELL="/sbin/nologin"
  17         if [ ! -f ${OSMYSHELL} ]; then
  18             if [ -f "/bin/false" ]; then
  19                 OSMYSHELL="/bin/false"
  20             fi
  21         fi
  22
  23         if ! getent group | grep -q "^ossec"
  24         then
  25             addgroup --system ossec
  26         fi
  27         if ! getent passwd | grep -q "^ossec"
  28         then
  29             adduser --system --home ${DIR} --shell ${OSMYSHELL} --ingroup ${GROUP} ${USER} > /dev/null 2>&1
  30         fi
  31
  32         # Default for all directories
  33         chmod -R 550 ${DIR}
  34         chown -R root:${GROUP} ${DIR}
  35
  36         # To the ossec queue (default for agentd to read)
  37         chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
  38         chmod -R 770 ${DIR}/queue/ossec
  39
  40         # For the logging user
  41         chown -R ${USER}:${GROUP} ${DIR}/logs
  42         chmod -R 750 ${DIR}/logs
  43         chmod -R 775 ${DIR}/queue/rids
  44         touch ${DIR}/logs/ossec.log
  45         chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
  46         chmod 664 ${DIR}/logs/ossec.log
  47
  48         chown -R ${USER}:${GROUP} ${DIR}/queue/diff
  49         chmod -R 750 ${DIR}/queue/diff
  50         chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 || true
  51
  52         # For the etc dir
  53         chmod 550 ${DIR}/etc
  54         chown -R root:${GROUP} ${DIR}/etc
  55         if [ -f /etc/localtime ]; then
  56             cp -pL /etc/localtime ${DIR}/etc/;
  57             chmod 555 ${DIR}/etc/localtime
  58             chown root:${GROUP} ${DIR}/etc/localtime
  59         fi
  60
  61         if [ -f /etc/TIMEZONE ]; then
  62             cp -p /etc/TIMEZONE ${DIR}/etc/;
  63             chmod 555 ${DIR}/etc/TIMEZONE
  64         fi
  65
  66         # More files
  67         chown root:${GROUP} ${DIR}/etc/internal_options.conf
  68         chown root:${GROUP} ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 || true
  69         chown root:${GROUP} ${DIR}/etc/client.keys >/dev/null 2>&1 || true
  70         chown root:${GROUP} ${DIR}/agentless/*
  71         chown ${USER}:${GROUP} ${DIR}/.ssh
  72         chown root:${GROUP} ${DIR}/etc/shared/*
  73
  74         chmod 550 ${DIR}/etc
  75         chmod 440 ${DIR}/etc/internal_options.conf
  76         chmod 660 ${DIR}/etc/local_internal_options.conf >/dev/null 2>&1 || true
  77         chmod 440 ${DIR}/etc/client.keys >/dev/null 2>&1 || true
  78         chmod 550 ${DIR}/agentless/*
  79         chmod 700 ${DIR}/.ssh
  80         chmod 770 ${DIR}/etc/shared
  81         chmod 660 ${DIR}/etc/shared/*
  82
  83         # For the /var/run
  84         chmod 770 ${DIR}/var/run
  85         chown root:${GROUP} ${DIR}/var/run
  86
  87         # For util.sh
  88         chown root:${GROUP} ${DIR}/bin/util.sh
  89         chmod +x ${DIR}/bin/util.sh
  90
  91         # For binaries and active response
  92         chmod 755 ${DIR}/active-response/bin/*
  93         chown root:${GROUP} ${DIR}/active-response/bin/*
  94         chown root:${GROUP} ${DIR}/bin/*
  95         chmod 550 ${DIR}/bin/*
  96
  97         # For ossec.conf
  98         chown root:${GROUP} ${DIR}/etc/ossec.conf
  99         chmod 660 ${DIR}/etc/ossec.conf
 100
 101         # Debconf
 102         . /usr/share/debconf/confmodule
 103         db_input high ossec-hids-agent/server-ip || true
 104         db_go
 105
 106         db_get ossec-hids-agent/server-ip
 107         SERVER_IP=$RET
 108
 109         sed -i "s/<server-ip>[^<]\+<\/server-ip>/<server-ip>${SERVER_IP}<\/server-ip>/" ${DIR}/etc/ossec.conf
 110         db_stop
 111
 112         # ossec-init.conf
 113         if [ -e ${DIR}/etc/ossec-init.conf ] && [ -d /etc/ ]; then
 114             if [ -e /etc/ossec-init.conf ]; then
 115                 rm -f /etc/ossec-init.conf
 116             fi
 117             ln -s ${DIR}/etc/ossec-init.conf /etc/ossec-init.conf
 118         fi
 119
 120         # init.d/ossec file
 121         if [ -x ${DIR}/etc/init.d/ossec ] && [ -d /etc/init.d/ ]; then
 122             if [ -e /etc/init.d/ossec ]; then
 123                 rm -f /etc/init.d/ossec
 124             fi
 125             ln -s ${DIR}/etc/init.d/ossec /etc/init.d/ossec
 126         fi
 127
 128         # Service
 129         if [ -x /etc/init.d/ossec ]; then
 130             update-rc.d -f ossec defaults
 131         fi
 132
 133         # Delete tmp directory
 134         if [ -d ${OSSEC_HIDS_TMP_DIR} ]; then
 135             rm -r ${OSSEC_HIDS_TMP_DIR}
 136         fi
 137
 138     ;;
 139
 140
 141     abort-upgrade|abort-remove|abort-deconfigure)
 142
 143     ;;
 144
 145
 146     *)
 147         echo "postinst called with unknown argument \`$1'" >22
 148         exit 1
 149     ;;
 150
 151 esac
 152
 153 exit 0