2 # Installation script for the OSSEC
3 # Author: Daniel B. Cid <daniel.cid@gmail.com>
4 # Last modification: Aug 30, 2012
6 # Changelog 19/03/2006 - Rafael M. Capovilla <under@underlinux.com.br>
7 # New function AddWhite to allow users to add more Ips in the allow_list
8 # Minor *echos* modifications to better look
9 # Bug fix - When email address is blank
10 # Bug fix - delete INSTALLDIR - Default is yes but if the user just press enter the script wasn't deleting it as it should
11 # Changelog 15/07/2006 - Rafael M. Capovilla <under@underlinux.com.br>
12 # New function AddTable to add support for OpenBSD pf rules in firewall-drop active response
14 # Changelog 29 March 2012 - Adding hybrid mode (standalone + agent)
15 # added fix for use of USER_AGENT_CONFIG_PROFILE in preloaded-vars
19 ### Looking up for the execution directory
23 ### Looking for echo -n
26 if [ ! "X$hs" = "Xa" ]; then
27 if [ -x /usr/ucb/echo ]; then
28 ECHO="/usr/ucb/echo -n"
35 echo "xxxx" | grep -E "xxx" > /dev/null 2>&1
37 if [ -x /usr/xpg4/bin/grep ]; then
38 PATH=/usr/xpg4/bin:$PATH
45 # Checking for command line arguments
47 if [ "X$i" = "Xdebug" ]; then
49 elif [ "X$i" = "Xbinary-install" ]; then
50 USER_BINARYINSTALL="yes"
51 elif [ "X$i" = "Xhelp" ]; then
53 echo "$0 binary-install"
66 echo "5- ${installing}"
68 echo "DIR=\"${INSTALLDIR}\"" > ${LOCATION}
70 # Changing Config.OS with the new C flags
71 # Checking if debug is enabled
72 if [ "X${SET_DEBUG}" = "Xdebug" ]; then
73 CEXTRA="${CEXTRA} -DDEBUGAD"
76 echo "CEXTRA=${CEXTRA}" >> ./src/Config.OS
80 if [ "X$NUNAME" = "XOpenBSD" ]; then
83 if [ "X$NUNAME" = "XFreeBSD" ]; then
86 if [ "X$NUNAME" = "XNetBSD" ]; then
89 if [ "X$NUNAME" = "XDragonflyBSD" ]; then
92 if [ "X%NUNAME" = "XBitrig" ]; then
98 echo " - ${runningmake}"
101 # Binary install will use the previous generated code.
102 if [ "X${USER_BINARYINSTALL}" = "X" ]; then
103 # Add DATABASE=pgsql or DATABASE=mysql to add support for database
105 ${MAKEBIN} PREFIX=${INSTALLDIR} TARGET=${INSTYPE} build
112 # If update, stop ossec
113 if [ "X${update_only}" = "Xyes" ]; then
117 ${MAKEBIN} PREFIX=${INSTALLDIR} TARGET=${INSTYPE} install
122 # Generate the /etc/ossec-init.conf
123 VERSION_FILE="./src/VERSION"
124 VERSION=`cat ${VERSION_FILE}`
125 chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
126 echo "DIRECTORY=\"${INSTALLDIR}\"" > ${OSSEC_INIT}
127 echo "VERSION=\"${VERSION}\"" >> ${OSSEC_INIT}
128 echo "DATE=\"`date`\"" >> ${OSSEC_INIT}
129 echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT}
130 chmod 600 ${OSSEC_INIT}
131 cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
132 chmod 640 ${INSTALLDIR}${OSSEC_INIT}
135 # If update_rules is set, we need to tweak
136 # ossec.conf to read the new signatures.
137 if [ "X${update_rules}" = "Xyes" ]; then
141 # If update, start OSSEC
142 if [ "X${update_only}" = "Xyes" ]; then
146 # Calling the init script to start ossec hids during boot
147 if [ "X${update_only}" = "X" ]; then
165 # Integrity check config
167 $ECHO " 3.2- ${runsyscheck} ($yes/$no) [$yes]: "
168 if [ "X${USER_ENABLE_SYSCHECK}" = "X" ]; then
171 AS=${USER_ENABLE_SYSCHECK}
176 echo " - ${nosyscheck}."
180 echo " - ${yessyscheck}."
184 # Adding to the config file
185 if [ "X$SYSCHECK" = "Xyes" ]; then
186 cat ${SYSCHECK_TEMPLATE} >> $NEWCONFIG
199 # Rootkit detection configuration
201 $ECHO " 3.3- ${runrootcheck} ($yes/$no) [$yes]: "
203 if [ "X${USER_ENABLE_ROOTCHECK}" = "X" ]; then
206 ES=${USER_ENABLE_ROOTCHECK}
212 echo " - ${norootcheck}."
216 echo " - ${yesrootcheck}."
221 # Adding to the config file
222 if [ "X$ROOTCHECK" = "Xyes" ]; then
223 echo "" >> $NEWCONFIG
224 echo " <rootcheck>" >> $NEWCONFIG
225 echo " <rootkit_files>$INSTALLDIR/etc/shared/rootkit_files.txt</rootkit_files>" >> $NEWCONFIG
226 echo " <rootkit_trojans>$INSTALLDIR/etc/shared/rootkit_trojans.txt</rootkit_trojans>" >> $NEWCONFIG
227 echo " <system_audit>$INSTALLDIR/etc/shared/system_audit_rcl.txt</system_audit>" >> $NEWCONFIG
228 echo " <system_audit>$INSTALLDIR/etc/shared/cis_debian_linux_rcl.txt</system_audit>" >> $NEWCONFIG
229 echo " <system_audit>$INSTALLDIR/etc/shared/cis_rhel_linux_rcl.txt</system_audit>" >> $NEWCONFIG
230 echo " <system_audit>$INSTALLDIR/etc/shared/cis_rhel5_linux_rcl.txt</system_audit>" >> $NEWCONFIG
231 echo " </rootcheck>" >> $NEWCONFIG
232 # Patch for systems that use s-nail instead of GNU Mailutils (such as Arch Linux).
233 if [ -r /usr/bin/mail ] && strings /usr/bin/mail | grep "x-shsh bash" 1> /dev/null; then
234 sed -i 's/mail !bash|/mail !/' ./src/rootcheck/db/rootkit_trojans.txt
237 echo "" >> $NEWCONFIG
238 echo " <rootcheck>" >> $NEWCONFIG
239 echo " <disabled>yes</disabled>" >> $NEWCONFIG
240 echo " </rootcheck>" >> $NEWCONFIG
252 if [ "x${USER_CLEANINSTALL}" = "xy" ]; then
253 OPENDIR=`dirname $INSTALLDIR`
254 echo "" >> $NEWCONFIG
255 echo " <localfile>" >> $NEWCONFIG
256 echo " <log_format>ossecalert</log_format>" >> $NEWCONFIG
257 echo " <location>$OPENDIR/logs/alerts/alerts.log</location>" >>$NEWCONFIG
258 echo " </localfile>" >> $NEWCONFIG
259 echo "" >> $NEWCONFIG
265 echo " $NB- ${readlogs}"
267 echo " <!-- Files to monitor (localfiles) -->" >> $NEWCONFIG
268 LOG_FILES=`cat ${SYSLOG_TEMPLATE}`
269 for i in ${LOG_FILES}; do
270 # If log file present, add it
273 echo "" >> $NEWCONFIG
274 echo " <localfile>" >> $NEWCONFIG
275 echo " <log_format>syslog</log_format>" >> $NEWCONFIG
276 echo " <location>$i</location>" >>$NEWCONFIG
277 echo " </localfile>" >> $NEWCONFIG
282 # Getting snort files
283 SNORT_FILES=`cat ${SNORT_TEMPLATE}`
284 for i in ${SNORT_FILES}; do
286 echo "" >> $NEWCONFIG
287 echo " <localfile>" >> $NEWCONFIG
289 head -n 1 $i|grep "\[**\] "|grep -v "Classification:" > /dev/null
291 echo " <log_format>snort-full</log_format>" >> $NEWCONFIG
292 echo " -- $i (snort-full file)"
294 echo " <log_format>snort-fast</log_format>" >> $NEWCONFIG
295 echo " -- $i (snort-fast file)"
297 echo " <location>$i</location>" >>$NEWCONFIG
298 echo " </localfile>" >> $NEWCONFIG
302 # Getting apache logs
303 APACHE_FILES=`cat ${APACHE_TEMPLATE}`
304 for i in ${APACHE_FILES}; do
306 echo "" >> $NEWCONFIG
307 echo " <localfile>" >> $NEWCONFIG
308 echo " <log_format>apache</log_format>" >> $NEWCONFIG
309 echo " <location>$i</location>" >>$NEWCONFIG
310 echo " </localfile>" >> $NEWCONFIG
312 echo " -- $i (apache log)"
316 # Getting postgresql logs
317 PGSQL_FILES=`cat ${PGSQL_TEMPLATE}`
318 for i in ${PGSQL_FILES}; do
320 echo "" >> $NEWCONFIG
321 echo " <localfile>" >> $NEWCONFIG
322 echo " <log_format>postgresql_log</log_format>" >> $NEWCONFIG
323 echo " <location>$i</location>" >>$NEWCONFIG
324 echo " </localfile>" >> $NEWCONFIG
326 echo " -- $i (postgresql log)"
330 if [ "X$NUNAME" = "XLinux" ]; then
331 echo "" >> $NEWCONFIG
332 echo " <localfile>" >> $NEWCONFIG
333 echo " <log_format>command</log_format>" >> $NEWCONFIG
334 echo " <command>df -P</command>" >> $NEWCONFIG
335 echo " </localfile>" >> $NEWCONFIG
336 echo "" >> $NEWCONFIG
337 echo " <localfile>" >> $NEWCONFIG
338 echo " <log_format>full_command</log_format>" >> $NEWCONFIG
339 echo " <command>netstat -tan |grep LISTEN |egrep -v '(127.0.0.1| ::1)' | sort</command>" >> $NEWCONFIG
340 echo " </localfile>" >> $NEWCONFIG
341 echo "" >> $NEWCONFIG
342 echo " <localfile>" >> $NEWCONFIG
343 echo " <log_format>full_command</log_format>" >> $NEWCONFIG
344 echo " <command>last -n 5</command>" >> $NEWCONFIG
345 echo " </localfile>" >> $NEWCONFIG
355 if [ "X$USER_NO_STOP" = "X" ]; then
370 echo "3- ${configuring} $NAME."
373 if [ "X${USER_AGENT_SERVER_IP}" = "X" -a "X${USER_AGENT_SERVER_NAME}" = "X" ]; then
374 # Looping and asking for server ip or hostname
376 $ECHO " 3.1- ${serveraddr}: "
379 echo $ADDRANSWER | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" > /dev/null 2>&1
383 echo " - ${addingip} $IP"
386 elif [ $? != 0 ]; then
389 echo " - ${addingname} $HNAME"
394 IP=${USER_AGENT_SERVER_IP}
395 HNAME=${USER_AGENT_SERVER_NAME}
398 echo "<ossec_config>" > $NEWCONFIG
399 echo " <client>" >> $NEWCONFIG
400 if [ "X${IP}" != "X" ]; then
401 echo " <server-ip>$IP</server-ip>" >> $NEWCONFIG
402 elif [ "X${HNAME}" != "X" ]; then
403 echo " <server-hostname>$HNAME</server-hostname>" >> $NEWCONFIG
405 if [ "$X{USER_AGENT_CONFIG_PROFILE}" != "X" ]; then
406 PROFILE=${USER_AGENT_CONFIG_PROFILE}
407 echo " <config-profile>$PROFILE</config-profile>" >> $NEWCONFIG
409 echo " </client>" >> $NEWCONFIG
410 echo "" >> $NEWCONFIG
419 $ECHO " 3.4 - ${enable_ar} ($yes/$no) [$yes]: "
421 if [ "X${USER_ENABLE_ACTIVE_RESPONSE}" = "X" ]; then
424 ANY=${USER_ENABLE_ACTIVE_RESPONSE}
430 echo " - ${noactive}."
431 echo "" >> $NEWCONFIG
432 echo " <active-response>" >> $NEWCONFIG
433 echo " <disabled>yes</disabled>" >> $NEWCONFIG
434 echo " </active-response>" >> $NEWCONFIG
435 echo "" >> $NEWCONFIG
443 # Set up the log files
446 echo "</ossec_config>" >> $NEWCONFIG
458 echo "3- ${configuring} $NAME."
461 # Configuring e-mail notification
463 $ECHO " 3.1- ${mailnotify} ($yes/$no) [$yes]: "
465 if [ "X${USER_ENABLE_EMAIL}" = "X" ]; then
468 ANSWER=${USER_ENABLE_EMAIL}
474 echo " --- ${nomail}."
479 $ECHO " - ${whatsemail} "
480 if [ "X${USER_EMAIL_ADDRESS}" = "X" ]; then
483 echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.+-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?;
484 # Ugly e-mail validation
485 while [ "$EMAIL" = "" -o ! ${RVAL} = 0 ] ; do
486 $ECHO " - ${whatsemail} "
488 echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.+-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?;
491 EMAIL=${USER_EMAIL_ADDRESS}
494 if [ -x "$HOST_CMD" ]; then
495 HOSTTMP=`${HOST_CMD} -W 5 -t mx ossec.net 2>/dev/null`
497 # Trying without the -W
498 HOSTTMP=`${HOST_CMD} -t mx ossec.net 2>/dev/null`
500 echo "x$HOSTTMP" | grep "ossec.net mail is handled" > /dev/null 2>&1
502 # Breaking down the user e-mail
503 EMAILHOST=`echo ${EMAIL} | cut -d "@" -f 2`
504 if [ "X${EMAILHOST}" = "Xlocalhost" ]; then
507 HOSTTMP=`${HOST_CMD} -W 5 -t mx ${EMAILHOST}`
508 SMTPHOST=`echo ${HOSTTMP} | cut -d " " -f 7`
513 if [ "X${USER_EMAIL_SMTP}" = "X" ]; then
514 if [ "X${SMTPHOST}" != "X" ]; then
516 echo " - ${yoursmtp}: ${SMTPHOST}"
517 $ECHO " - ${usesmtp} ($yes/$no) [$yes]: "
527 echo " --- ${usingsmtp} ${SMTP}"
532 if [ "X${SMTP}" = "X" ]; then
533 $ECHO " - ${whatsmtp} "
537 SMTP=${USER_EMAIL_SMTP}
543 # Writting global parameters
544 echo "<ossec_config>" > $NEWCONFIG
545 echo " <global>" >> $NEWCONFIG
546 if [ "$EMAILNOTIFY" = "yes" ]; then
547 echo " <email_notification>yes</email_notification>" >> $NEWCONFIG
548 echo " <email_to>$EMAIL</email_to>" >> $NEWCONFIG
549 echo " <smtp_server>$SMTP</smtp_server>" >> $NEWCONFIG
550 echo " <email_from>ossecm@${HOST}</email_from>" >> $NEWCONFIG
552 echo " <email_notification>no</email_notification>" >> $NEWCONFIG
555 echo " </global>" >> $NEWCONFIG
556 echo "" >> $NEWCONFIG
558 # Writting rules configuration
559 cat ${RULES_TEMPLATE} >> $NEWCONFIG
560 echo "" >> $NEWCONFIG
563 # Checking if syscheck should run
566 # Checking if rootcheck should run
572 $ECHO " - ${enable_ar} ($yes/$no) [$yes]: "
574 if [ "X${USER_ENABLE_ACTIVE_RESPONSE}" = "X" ]; then
577 AR=${USER_ENABLE_ACTIVE_RESPONSE}
583 echo " - ${noactive}."
584 echo "" >> $NEWCONFIG
585 echo " <active-response>" >> $NEWCONFIG
586 echo " <disabled>yes</disabled>" >> $NEWCONFIG
587 echo " </active-response>" >> $NEWCONFIG
588 echo "" >> $NEWCONFIG
593 catMsg "0x108-ar-enabled"
596 $ECHO " - ${firewallar} ($yes/$no) [$yes]: "
598 if [ "X${USER_ENABLE_FIREWALL_RESPONSE}" = "X" ]; then
601 HD2=${USER_ENABLE_FIREWALL_RESPONSE}
607 echo " - ${nofirewall}"
610 echo " - ${yesfirewall}"
614 echo "" >> $NEWCONFIG
615 echo " <global>" >> $NEWCONFIG
616 echo " <allow_list>127.0.0.1</allow_list>" >> $NEWCONFIG
617 echo " <allow_list>::1</allow_list>" >> $NEWCONFIG
618 echo " <allow_list>localhost.localdomain</allow_list>">>$NEWCONFIG
620 echo " - ${defaultallowlist}"
621 for ip in ${NAMESERVERS} ${NAMESERVERS2};
623 if [ ! "X${ip}" = "X" ]; then
625 echo " <allow_list>${ip}</allow_list>" >>$NEWCONFIG
630 # If Openbsd or Freebsd with pf enable, ask about
631 # automatically setting it up.
632 # Commenting it out in case I change my mind about it
634 #if [ "X`sh ./src/init/fw-check.sh`" = "XPF" ]; then
636 # $ECHO " - ${pfenable} ($yes/$no) [$yes]: "
637 # if [ "X${USER_ENABLE_PF}" = "X" ]; then
640 # PFENABLE=${USER_ENABLE_PF}
654 echo " </global>" >> $NEWCONFIG
659 if [ "X$INSTYPE" = "Xserver" ]; then
660 # Configuring remote syslog
662 $ECHO " 3.5- ${syslog} ($yes/$no) [$yes]: "
664 if [ "X${USER_ENABLE_SYSLOG}" = "X" ]; then
667 ANSWER=${USER_ENABLE_SYSLOG}
673 echo " --- ${nosyslog}."
676 echo " - ${yessyslog}."
681 # Configuring remote connections
687 if [ "X$RLOG" = "Xyes" ]; then
688 echo "" >> $NEWCONFIG
689 echo " <remote>" >> $NEWCONFIG
690 echo " <connection>syslog</connection>" >> $NEWCONFIG
691 echo " </remote>" >> $NEWCONFIG
694 if [ "X$SLOG" = "Xyes" ]; then
695 echo "" >> $NEWCONFIG
696 echo " <remote>" >> $NEWCONFIG
697 echo " <connection>secure</connection>" >> $NEWCONFIG
698 echo " </remote>" >> $NEWCONFIG
703 echo "" >> $NEWCONFIG
704 echo " <alerts>" >> $NEWCONFIG
705 echo " <log_alert_level>1</log_alert_level>" >> $NEWCONFIG
706 if [ "$EMAILNOTIFY" = "yes" ]; then
707 echo " <email_alert_level>7</email_alert_level>">> $NEWCONFIG
709 echo " </alerts>" >> $NEWCONFIG
712 if [ "X$ACTIVERESPONSE" = "Xyes" ]; then
713 # Add commands in here
714 echo "" >> $NEWCONFIG
715 cat ${HOST_DENY_TEMPLATE} >> $NEWCONFIG
716 echo "" >> $NEWCONFIG
717 cat ${FIREWALL_DROP_TEMPLATE} >> $NEWCONFIG
718 echo "" >> $NEWCONFIG
719 cat ${DISABLE_ACCOUNT_TEMPLATE} >> $NEWCONFIG
720 echo "" >> $NEWCONFIG
721 cat ${ROUTENULL_TEMPLATE} >> $NEWCONFIG
722 echo "" >> $NEWCONFIG
724 if [ "X$FIREWALLDROP" = "Xyes" ]; then
725 echo "" >> $NEWCONFIG
726 cat ${ACTIVE_RESPONSE_TEMPLATE} >> $NEWCONFIG
727 echo "" >> $NEWCONFIG
731 # Setting up the logs
733 echo "</ossec_config>" >> $NEWCONFIG
745 echo "2- ${settingupenv}."
748 if [ "X${USER_DIR}" = "X" ]; then
750 $ECHO " - ${wheretoinstall} [$INSTALLDIR]: "
752 if [ ! "X$ANSWER" = "X" ]; then
753 echo $ANSWER |grep -E "^/[a-zA-Z0-9./_-]{3,128}$">/dev/null 2>&1
763 INSTALLDIR=${USER_DIR}
767 CEXTRA="$CEXTRA -DDEFAULTDIR=\\\"${INSTALLDIR}\\\""
770 echo " - ${installat} ${INSTALLDIR} ."
773 if [ "X$INSTYPE" = "Xagent" ]; then
774 CEXTRA="$CEXTRA -DCLIENT"
775 elif [ "X$INSTYPE" = "Xlocal" ]; then
776 CEXTRA="$CEXTRA -DLOCAL"
779 if [ -d "$INSTALLDIR" ]; then
780 if [ "X${USER_DELETE_DIR}" = "X" ]; then
782 $ECHO " - ${deletedir} ($yes/$no) [$yes]: "
785 ANSWER=${USER_DELETE_DIR}
791 if [ ! $? = 0 ]; then
803 # checkDependencies()
804 # Thanks to gabriel@macacos.org
810 if [ "X$NUNAME" = "XSunOS" ]; then
811 PATH=$PATH:/usr/ccs/bin:/usr/xpg4/bin:/opt/csw/gcc3/bin:/opt/csw/bin:/usr/sfw/bin
813 elif [ "X$NUNAME" = "XAIX" ]; then
814 PATH=$PATH:/usr/vac/bin
830 $ECHO " - ${addwhite} ($yes/$no)? [$no]: "
832 # If allow list is set, we don't need to ask it here.
833 if [ "X${USER_WHITE_LIST}" = "X" ]; then
839 if [ "X${ANSWER}" = "X" ] ; then
848 $ECHO " - ${ipswhite}"
849 if [ "X${USER_WHITE_LIST}" = "X" ]; then
852 IPS=${USER_WHITE_LIST}
857 if [ ! "X${ip}" = "X" ]; then
858 echo $ip | grep -Ei "^[0-9a-f.:/]{5,20}$" > /dev/null 2>&1
860 echo " <allow_list>${ip}</allow_list>" >>$NEWCONFIG
878 TABLE="ossec_fwtable"
880 # Add table to the first line
882 echo " - ${pfmessage}:"
884 echo " http://www.ossec.net/en/manual.html#active-response-tools"
888 echo " table <${TABLE}> persist #$TABLE "
889 echo " block in quick from <${TABLE}> to any"
890 echo " block out quick from any to <${TABLE}>"
903 . ./src/init/shared.sh
904 . ./src/init/functions.sh
906 # Reading pre-defined file
907 if [ ! `isFile ${PREDEF_FILE}` = "${FALSE}" ]; then
911 # If user language is not set
913 if [ "X${USER_LANGUAGE}" = "X" ]; then
915 # Choosing the language.
918 for i in `ls ${TEMPLATE}`; do
919 # ignore CVS (should not be there anyways and config)
920 if [ "$i" = "CVS" -o "$i" = "config" ]; then continue; fi
921 cat "${TEMPLATE}/$i/language.txt"
922 if [ ! "$i" = "en" ]; then
926 $ECHO " (${LG}) [en]: "
929 if [ "X${USER_LG}" = "X" ]; then
933 if [ -d "${TEMPLATE}/${USER_LG}" ]; then
942 # If provided language is not valid, default to english
943 if [ -d "${TEMPLATE}/${USER_LANGUAGE}" ]; then
944 LANGUAGE=${USER_LANGUAGE}
949 fi # for USER_LANGUAGE
952 . ./src/init/shared.sh
953 . ./src/init/language.sh
954 . ./src/init/functions.sh
956 . ${TEMPLATE}/${LANGUAGE}/messages.txt
959 # Must be executed as ./install.sh
960 if [ `isFile ${VERSION_FILE}` = "${FALSE}" ]; then
961 catError "0x1-location";
965 if [ ! "X$ME" = "Xroot" ]; then
966 catError "0x2-beroot";
969 # Checking dependencies
976 echo " $NAME $VERSION ${installscript} - http://www.ossec.net"
978 catMsg "0x101-initial"
980 echo " - $system: $UNAME"
982 echo " - $host: $HOST"
985 echo " -- $hitanyorabort --"
987 if [ "X$USER_NO_STOP" = "X" ]; then
991 . ./src/init/update.sh
993 if [ "`isUpdate`" = "${TRUE}" -a "x${USER_CLEANINSTALL}" = "x" ]; then
996 while [ $ct = "1" ]; do
998 $ECHO " - ${wanttoupdate} ($yes/$no): "
999 if [ "X${USER_UPDATE}" = "X" ]; then
1020 # Do some of the update steps.
1021 if [ "X${update_only}" = "Xyes" ]; then
1022 . ./src/init/update.sh
1024 if [ "`doUpdatecleanup`" = "${FALSE}" ]; then
1027 echo "${unabletoupdate}"
1032 USER_INSTALL_TYPE=`getPreinstalled`
1033 USER_DIR=`getPreinstalledDir`
1034 USER_DELETE_DIR="$nomatch"
1039 # We dont need to update the rules on agent installs
1040 if [ "X${USER_INSTALL_TYPE}" = "Xagent" ]; then
1044 while [ $ct = "1" ]; do
1046 $ECHO " - ${updaterules} ($yes/$no): "
1047 if [ "X${USER_UPDATE_RULES}" = "X" ]; then
1072 hybridm=`echo ${hybrid} | cut -b 1`
1073 serverm=`echo ${server} | cut -b 1`
1074 localm=`echo ${local} | cut -b 1`
1075 agentm=`echo ${agent} | cut -b 1`
1076 helpm=`echo ${help} | cut -b 1`
1078 # If user install type is not set, ask for it.
1079 if [ "X${USER_INSTALL_TYPE}" = "X" ]; then
1081 # Loop for the installation options
1085 $ECHO "1- ${whattoinstall} "
1091 catMsg "0x102-installhelp"
1094 ${server}|${serverm})
1096 echo " - ${serverchose}."
1103 echo " - ${clientchose}."
1108 ${hybrid}|${hybridm})
1110 echo " - ${serverchose} (hybrid)."
1117 echo " - ${localchose}."
1125 INSTYPE=${USER_INSTALL_TYPE}
1129 # Setting up the environment
1133 # Configuring the system (based on the installation type)
1134 if [ "X${update_only}" = "X" ]; then
1135 if [ "X$INSTYPE" = "Xserver" ]; then
1137 elif [ "X$INSTYPE" = "Xagent" ]; then
1139 elif [ "X$INSTYPE" = "Xlocal" ]; then
1142 catError "0x4-installtype"
1146 # Installing (calls the respective script
1147 # -- InstallAgent.sh or InstallServer.sh
1152 echo " - ${configurationdone}."
1154 echo " - ${tostart}:"
1155 echo " $INSTALLDIR/bin/ossec-control start"
1157 echo " - ${tostop}:"
1158 echo " $INSTALLDIR/bin/ossec-control stop"
1160 echo " - ${configat} $INSTALLDIR/etc/ossec.conf"
1164 catMsg "0x103-thanksforusing"
1167 if [ "X${update_only}" = "Xyes" ]; then
1168 # Message for the update
1169 if [ "X`sh ./src/init/fw-check.sh`" = "XPF" -a "X${ACTIVERESPONSE}" = "Xyes" ]; then
1170 if [ "X$USER_NO_STOP" = "X" ]; then
1176 echo " - ${updatecompleted}"
1182 if [ "X$USER_NO_STOP" = "X" ]; then
1187 # PF firewall message
1188 if [ "X`sh ./src/init/fw-check.sh`" = "XPF" -a "X${ACTIVERESPONSE}" = "Xyes" ]; then
1193 if [ "X$INSTYPE" = "Xserver" ]; then
1195 echo " - ${addserveragent}"
1198 echo " $INSTALLDIR/bin/manage_agents"
1201 echo " http://www.ossec.net/en/manual.html#ma"
1204 elif [ "X$INSTYPE" = "Xagent" ]; then
1205 catMsg "0x104-client"
1206 echo " $INSTALLDIR/bin/manage_agents"
1209 echo " http://www.ossec.net/en/manual.html#ma"
1213 if [ "X$notmodified" = "Xyes" ]; then
1214 catMsg "0x105-noboot"
1215 echo " $INSTALLDIR/bin/ossec-control start"
1220 _f_cfg="./install.cfg.sh"
1222 if [ -f $_f_cfg ]; then
1226 ### Calling main function where everything happens
1230 if [ "x$HYBID" = "xgo" ]; then
1231 echo " --------------------------------------------"
1232 echo " Finishing Hybrid setup (agent configuration)"
1233 echo " --------------------------------------------"
1234 echo 'USER_LANGUAGE="en"' > ./etc/preloaded-vars.conf
1235 echo "" >> ./etc/preloaded-vars.conf
1236 echo 'USER_NO_STOP="y"' >> ./etc/preloaded-vars.conf
1237 echo "" >> ./etc/preloaded-vars.conf
1238 echo 'USER_INSTALL_TYPE="agent"' >> ./etc/preloaded-vars.conf
1239 echo "" >> ./etc/preloaded-vars.conf
1240 echo "USER_DIR=\"$INSTALLDIR/ossec-agent\"" >> ./etc/preloaded-vars.conf
1241 echo "" >> ./etc/preloaded-vars.conf
1242 echo 'USER_ENABLE_ROOTCHECK="n"' >> ./etc/preloaded-vars.conf
1243 echo "" >> ./etc/preloaded-vars.conf
1244 echo 'USER_ENABLE_SYSCHECK="n"' >> ./etc/preloaded-vars.conf
1245 echo "" >> ./etc/preloaded-vars.conf
1246 echo 'USER_ENABLE_ACTIVE_RESPONSE="n"' >> ./etc/preloaded-vars.conf
1247 echo "" >> ./etc/preloaded-vars.conf
1248 echo 'USER_UPDATE="n"' >> ./etc/preloaded-vars.conf
1249 echo "" >> ./etc/preloaded-vars.conf
1250 echo 'USER_UPDATE_RULES="n"' >> ./etc/preloaded-vars.conf
1251 echo "" >> ./etc/preloaded-vars.conf
1252 echo 'USER_CLEANINSTALL="y"' >> ./etc/preloaded-vars.conf
1253 echo "" >> ./etc/preloaded-vars.conf
1255 cd src && ${MAKEBIN} clean && cd ..
1257 rm etc/preloaded-vars.conf
projects / ossec-hids.git / blob