projects / ossec-hids.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
new upstream release (3.3.0); modify package compatibility for Stretch
[ossec-hids.git] / src / init / ossec-server.sh
diff --git a/src/init/ossec-server.sh b/src/init/ossec-server.sh
index 56b04ad..5a12515 100755 (executable)
--- a/src/init/ossec-server.sh
+++ b/src/init/ossec-server.sh
@@ -3,7 +3,6 @@
 #                      or stopping ossec-hids
 # Author: Daniel B. Cid <daniel.cid@gmail.com>
 
-
 # Getting where we are installed
 LOCAL=`dirname $0`;
 cd ${LOCAL}
@@ -11,8 +10,7 @@ PWD=`pwd`
 DIR=`dirname $PWD`;
 PLIST=${DIR}/bin/.process_list;
 
-
-###  Do not modify bellow here ###
+###  Do not modify below here ###
 
 # Getting additional processes
 ls -la ${PLIST} > /dev/null 2>&1
@@ -20,26 +18,22 @@ if [ $? = 0 ]; then
 . ${PLIST};
 fi
 
-
 NAME="OSSEC HIDS"
-VERSION="v2.8.3"
-AUTHOR="Trend Micro Inc."
-DAEMONS="ossec-monitord ossec-logcollector ossec-remoted ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}"
+VERSION="v3.3.0"
 
+[ -f /etc/ossec-init.conf ] && . /etc/ossec-init.conf;
+
+DAEMONS="ossec-monitord ossec-logcollector ossec-remoted ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}"
 
 ## Locking for the start/stop
 LOCK="${DIR}/var/start-script-lock"
 LOCK_PID="${LOCK}/pid"
 
-
 # This number should be more than enough (even if it is
 # started multiple times together). It will try for up
 # to 10 attempts (or 10 seconds) to execute.
 MAX_ITERATION="10"
 
-
-
-# Check pid
 checkpid()
 {
     for i in ${DAEMONS}; do
@@ -48,24 +42,21 @@ checkpid()
             if [ ! $? = 0 ]; then
                 echo "Deleting PID file '${DIR}/var/run/${i}-${j}.pid' not used..."
                 rm ${DIR}/var/run/${i}-${j}.pid
-            fi    
-        done    
-    done    
+            fi
+        done
+    done
 }
 
-
-
-# Lock function
 lock()
 {
     i=0;
-    
+
     # Providing a lock.
     while [ 1 ]; do
         mkdir ${LOCK} > /dev/null 2>&1
         MSL=$?
         if [ "${MSL}" = "0" ]; then
-            # Lock aquired (setting the pid)
+            # Lock acquired (setting the pid)
             echo "$$" > ${LOCK_PID}
             return;
         fi
@@ -79,7 +70,7 @@ lock()
         if [ ! $? = 0 ]; then
             # Pid is not present.
             i=`expr $i + 1`;
-        fi    
+        fi
 
         # We tried 10 times to acquire the lock.
         if [ "$i" = "${MAX_ITERATION}" ]; then
@@ -92,25 +83,20 @@ lock()
     done
 }
 
-
-# Unlock function
 unlock()
 {
     rm -rf ${LOCK}
 }
 
-    
-# Help message
 help()
 {
     # Help message
     echo ""
-    echo "Usage: $0 {start|stop|restart|status|enable|disable}";
+    echo "Usage: $0 {start|stop|reload|restart|status|enable|disable}";
     exit 1;
 }
 
-
-# Enables/disables additional daemons
+# Enables additional daemons
 enable()
 {
     if [ "X$2" = "X" ]; then
@@ -119,15 +105,15 @@ enable()
         echo "Usage: $0 enable [database|client-syslog|agentless|debug]"
         exit 1;
     fi
-    
+
     if [ "X$2" = "Xdatabase" ]; then
         echo "DB_DAEMON=ossec-dbd" >> ${PLIST};
     elif [ "X$2" = "Xclient-syslog" ]; then
         echo "CSYSLOG_DAEMON=ossec-csyslogd" >> ${PLIST};
     elif [ "X$2" = "Xagentless" ]; then
-        echo "AGENTLESS_DAEMON=ossec-agentlessd" >> ${PLIST};    
-    elif [ "X$2" = "Xdebug" ]; then 
-        echo "DEBUG_CLI=\"-d\"" >> ${PLIST}; 
+        echo "AGENTLESS_DAEMON=ossec-agentlessd" >> ${PLIST};
+    elif [ "X$2" = "Xdebug" ]; then
+        echo "DEBUG_CLI=\"-d\"" >> ${PLIST};
     else
         echo ""
         echo "Invalid enable option."
@@ -135,14 +121,10 @@ enable()
         echo "Enable options: database, client-syslog, agentless, debug"
         echo "Usage: $0 enable [database|client-syslog|agentless|debug]"
         exit 1;
-    fi         
-
-    
+    fi
 }
 
-
-
-# Enables/disables additional daemons
+# Disables additional daemons
 disable()
 {
     if [ "X$2" = "X" ]; then
@@ -151,15 +133,15 @@ disable()
         echo "Usage: $0 disable [database|client-syslog|agentless|debug]"
         exit 1;
     fi
-    
+
     if [ "X$2" = "Xdatabase" ]; then
         echo "DB_DAEMON=\"\"" >> ${PLIST};
     elif [ "X$2" = "Xclient-syslog" ]; then
         echo "CSYSLOG_DAEMON=\"\"" >> ${PLIST};
     elif [ "X$2" = "Xagentless" ]; then
-        echo "AGENTLESS_DAEMON=\"\"" >> ${PLIST};    
-    elif [ "X$2" = "Xdebug" ]; then 
-        echo "DEBUG_CLI=\"\"" >> ${PLIST}; 
+        echo "AGENTLESS_DAEMON=\"\"" >> ${PLIST};
+    elif [ "X$2" = "Xdebug" ]; then
+        echo "DEBUG_CLI=\"\"" >> ${PLIST};
     else
         echo ""
         echo "Invalid disable option."
@@ -167,18 +149,21 @@ disable()
         echo "Disable options: database, client-syslog, agentless, debug"
         echo "Usage: $0 disable [database|client-syslog|agentless|debug]"
         exit 1;
-    fi         
-
-    
+    fi
 }
 
-
-
-# Status function
 status()
 {
     RETVAL=0
     for i in ${DAEMONS}; do
+        ## If ossec-maild is disabled, don't try to start it.
+        if [ X"$i" = "Xossec-maild" ]; then
+            grep "<email_notification>no<" ${DIR}/etc/ossec.conf >/dev/null 2>&1
+            if [ $? = 0 ]; then
+                continue
+            fi
+        fi
+
         pstatus ${i};
         if [ $? = 0 ]; then
             echo "${i} not running..."
@@ -192,14 +177,14 @@ status()
 
 testconfig()
 {
-    # We first loop to check the config. 
+    # We first loop to check the config.
     for i in ${SDAEMONS}; do
         ${DIR}/bin/${i} -t ${DEBUG_CLI};
         if [ $? != 0 ]; then
             echo "${i}: Configuration error. Exiting"
             unlock;
             exit 1;
-        fi    
+        fi
     done
 }
 
@@ -207,34 +192,41 @@ testconfig()
 start()
 {
     SDAEMONS="${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON} ossec-maild ossec-execd ossec-analysisd ossec-logcollector ossec-remoted ossec-syscheckd ossec-monitord"
-    
-    echo "Starting $NAME $VERSION (by $AUTHOR)..."
+
+    echo "Starting $NAME $VERSION..."
     echo | ${DIR}/bin/ossec-logtest > /dev/null 2>&1;
     if [ ! $? = 0 ]; then
         echo "OSSEC analysisd: Testing rules failed. Configuration error. Exiting."
         exit 1;
-    fi    
+    fi
     lock;
     checkpid;
 
-    
     # We actually start them now.
     for i in ${SDAEMONS}; do
+
+        ## If ossec-maild is disabled, don't try to start it.
+        if [ X"$i" = "Xossec-maild" ]; then
+             grep "<email_notification>no<" ${DIR}/etc/ossec.conf >/dev/null 2>&1
+             if [ $? = 0 ]; then
+                 continue
+             fi
+        fi
+
         pstatus ${i};
         if [ $? = 0 ]; then
             ${DIR}/bin/${i} ${DEBUG_CLI};
             if [ $? != 0 ]; then
-               echo "${i} did not start correctly.";
+                echo "${i} did not start correctly.";
                 unlock;
                 exit 1;
-            fi 
+            fi
 
-            echo "Started ${i}..."            
+            echo "Started ${i}..."
         else
-            echo "${i} already running..."                
-        fi    
-    
-    done    
+            echo "${i} already running..."
+        fi
+    done
 
     # After we start we give 2 seconds for the daemons
     # to internally create their PID files.
@@ -243,16 +235,15 @@ start()
     echo "Completed."
 }
 
-# Process status
 pstatus()
 {
     pfile=$1;
-    
+
     # pfile must be set
     if [ "X${pfile}" = "X" ]; then
         return 0;
     fi
-        
+
     ls ${DIR}/var/run/${pfile}*.pid > /dev/null 2>&1
     if [ $? = 0 ]; then
         for j in `cat ${DIR}/var/run/${pfile}*.pid 2>/dev/null`; do
@@ -262,19 +253,17 @@ pstatus()
                 rm -f ${DIR}/var/run/${pfile}-$j.pid
                 continue;
             fi
-                
+
             kill -0 $j > /dev/null 2>&1
             if [ $? = 0 ]; then
                 return 1;
-            fi    
-        done    
+            fi
+        done
     fi
-    
-    return 0;    
-}
 
+    return 0;
+}
 
-# Stop all
 stopa()
 {
     lock;
@@ -283,54 +272,52 @@ stopa()
         pstatus ${i};
         if [ $? = 1 ]; then
             echo "Killing ${i} .. ";
-            
+
             kill `cat ${DIR}/var/run/${i}*.pid`;
         else
-            echo "${i} not running .."; 
+            echo "${i} not running ..";
         fi
-        
         rm -f ${DIR}/var/run/${i}*.pid
-        
-     done    
-    
+    done
+
     unlock;
     echo "$NAME $VERSION Stopped"
 }
 
-
 ### MAIN HERE ###
 
 case "$1" in
-  start)
+start)
     testconfig
-       start
-       ;;
-  stop) 
-       stopa
-       ;;
-  restart)
+    start
+    ;;
+stop)
+    stopa
+    ;;
+restart)
     testconfig
-       stopa
-        sleep 1;
-       start
-       ;;
-  reload)
-        DAEMONS="ossec-monitord ossec-logcollector ossec-remoted ossec-syscheckd ossec-analysisd ossec-maild ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}"
-       stopa
-       start
-        ;;
-  status)
+    stopa
+    sleep 1;
+    start
+    ;;
+reload)
+    DAEMONS="ossec-monitord ossec-logcollector ossec-remoted ossec-syscheckd ossec-analysisd ossec-maild ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}"
+    stopa
+    start
+    ;;
+status)
     status
-       ;;
-  help)  
+    ;;
+help)
     help
     ;;
-  enable)
+enable)
     enable $1 $2;
-    ;;  
-  disable)
+    ;;
+disable)
     disable $1 $2;
-    ;;  
-  *)
+    ;;
+*)
     help
 esac
+
ossec-hids