projects / ossec-hids.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
- #10324: instalacija
[ossec-hids.git] / debian / postinst
1 #!/bin/sh
2
3 set -e
4
5 case "$1" in
6     configure)
7         # continue below
8     ;;
9
10     abort-upgrade|abort-remove|abort-deconfigure)
11         exit 0
12     ;;
13
14     *)
15         echo "postinst called with unknown argument \`$1'" >&2
16         exit 0
17     ;;
18 esac
19
20 # users and group names
21 OSSEC_USER="ossec"
22 OSSEC_USER_MAIL="ossecm"
23 OSSEC_USER_EXEC="ossece"
24 OSSEC_USER_REM="ossecr"
25 OSSEC_GROUP="ossec"
26
27 # get installation directory
28 . /etc/ossec-init.conf
29 if [ "X${DIRECTORY}" = "X" ]; then
30     DIRECTORY="/var/ossec"
31 fi
32
33 # create users
34 if ! getent passwd $OSSEC_USER >/dev/null; then
35     adduser --quiet --system --no-create-home --home $DIRECTORY --shell /bin/false $OSSEC_USER
36 fi
37 if ! getent passwd $OSSEC_USER_MAIL >/dev/null; then
38     adduser --quiet --system --no-create-home --home $DIRECTORY --shell /bin/false $OSSEC_USER_MAIL
39 fi
40 if ! getent passwd $OSSEC_USER_EXEC >/dev/null; then
41     adduser --quiet --system --no-create-home --home $DIRECTORY --shell /bin/false $OSSEC_USER_EXEC
42 fi
43 if ! getent passwd $OSSEC_USER_REM >/dev/null; then
44     adduser --quiet --system --no-create-home --home $DIRECTORY --shell /bin/false $OSSEC_USER_REM
45 fi
46
47 # create group
48 if ! getent group $OSSEC_GROUP >/dev/null; then
49     addgroup --system $OSSEC_GROUP
50 fi
51
52 # fix ownership
53 chown -R root:$OSSEC_GROUP $DIRECTORY
54 chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/queue/alerts
55 chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/queue/ossec
56 chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/queue/fts
57 chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/queue/syscheck
58 chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/queue/rootcheck
59 chown -R $OSSEC_USER_REM:$OSSEC_GROUP $DIRECTORY/queue/agent-info
60 chown -R $OSSEC_USER_REM:$OSSEC_GROUP $DIRECTORY/queue/rids
61 chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/stats
62 chown -R $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/logs
63 touch $DIRECTORY/logs/ossec.log
64 chown $OSSEC_USER:$OSSEC_GROUP $DIRECTORY/logs/ossec.log
65 chown -R root:$OSSEC_GROUP $DIRECTORY/rules
66 chown root:$OSSEC_GROUP $DIRECTORY/var/run
67 chown root:$OSSEC_GROUP $DIRECTORY/etc/decoder.xml
68 chown root:$OSSEC_GROUP $DIRECTORY/etc/internal_options.conf
69 chown root:$OSSEC_GROUP $DIRECTORY/etc/shared/*
70 chown root:$OSSEC_GROUP $DIRECTORY/etc/ossec.conf
71
72 # fix perms
73 chmod -R 550 $DIRECTORY
74 chmod -R 770 $DIRECTORY/queue/alerts
75 chmod -R 770 $DIRECTORY/queue/ossec
76 chmod -R 750 $DIRECTORY/queue/fts
77 chmod -R 750 $DIRECTORY/queue/syscheck
78 chmod -R 750 $DIRECTORY/queue/rootcheck
79 chmod -R 750 $DIRECTORY/queue/diff
80 chmod -R 755 $DIRECTORY/queue/agent-info
81 chmod -R 755 $DIRECTORY/queue/rids
82 chmod -R 755 $DIRECTORY/queue/agentless
83 chmod -R 750 $DIRECTORY/stats
84 chmod -R 750 $DIRECTORY/logs
85 chmod -R 550 $DIRECTORY/rules
86 chmod 770 $DIRECTORY/var/run
87 chmod 550 $DIRECTORY/etc
88 chmod 770 $DIRECTORY/etc/shared
89 chmod 700 $DIRECTORY/.ssh
90
91 # copy timezone and localtime
92 if [ -e /etc/timezone ]; then
93     cmp -s /etc/timezone $DIRECTORY/etc/timezone || \
94         cp -a /etc/timezone $DIRECTORY/etc/timezone
95 fi
96 if [ -e /etc/localtime ]; then
97     cmp -s /etc/localtime $DIRECTORY/etc/localtime || \
98         cp -a /etc/localtime $DIRECTORY/etc/localtime
99 fi
100
101 # update system v init links
102 update-rc.d ossec-hids defaults >/dev/null
103
104 # and start the service
105 if [ -x /usr/sbin/invoke-rc.d ]; then
106     invoke-rc.d ossec-hids restart
107 else
108     /etc/init.d/ossec-hids restart
109 fi
110
111 # dh_installdeb will replace this with shell code automatically
112 # generated by other debhelper scripts.
113
114 #DEBHELPER#
115
116 exit 0
ossec-hids