X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=install.sh;fp=install.sh;h=c807ed9119e03bb9f3d0e3d3d8ba44dca1863c6b;hp=32b027393ec3cb3fd0908bb3c8cc498b815c4069;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b diff --git a/install.sh b/install.sh index 32b0273..c807ed9 100755 --- a/install.sh +++ b/install.sh @@ -4,7 +4,7 @@ # Last modification: Aug 30, 2012 # Changelog 19/03/2006 - Rafael M. Capovilla -# New function AddWhite to allow users to add more Ips in the white_list +# New function AddWhite to allow users to add more Ips in the allow_list # Minor *echos* modifications to better look # Bug fix - When email address is blank # Bug fix - delete INSTALLDIR - Default is yes but if the user just press enter the script wasn't deleting it as it should @@ -12,6 +12,7 @@ # New function AddTable to add support for OpenBSD pf rules in firewall-drop active response # Changelog 29 March 2012 - Adding hybrid mode (standalone + agent) +# added fix for use of USER_AGENT_CONFIG_PROFILE in preloaded-vars @@ -23,8 +24,7 @@ cd `dirname $0` ECHO="echo -n" hs=`echo -n "a"` if [ ! "X$hs" = "Xa" ]; then - ls "/usr/ucb/echo" > /dev/null 2>&1 - if [ $? = 0 ]; then + if [ -x /usr/ucb/echo ]; then ECHO="/usr/ucb/echo -n" else ECHO=echo @@ -34,8 +34,7 @@ fi # For solaris echo "xxxx" | grep -E "xxx" > /dev/null 2>&1 if [ ! $? = 0 ]; then - ls "/usr/xpg4/bin/grep" > /dev/null 2>&1 - if [ $? = 0 ]; then + if [ -x /usr/xpg4/bin/grep ]; then PATH=/usr/xpg4/bin:$PATH fi fi @@ -63,10 +62,10 @@ done ########## Install() { - echo "" - echo "5- ${installing}" + echo "" + echo "5- ${installing}" - echo "DIR=\"${INSTALLDIR}\"" > ${LOCATION} + echo "DIR=\"${INSTALLDIR}\"" > ${LOCATION} # Changing Config.OS with the new C flags # Checking if debug is enabled @@ -76,20 +75,34 @@ Install() echo "CEXTRA=${CEXTRA}" >> ./src/Config.OS + MAKEBIN=make + ## Find make/gmake + if [ "X$NUNAME" = "XOpenBSD" ]; then + MAKEBIN=gmake + fi + if [ "X$NUNAME" = "XFreeBSD" ]; then + MAKEBIN=gmake + fi + if [ "X$NUNAME" = "XNetBSD" ]; then + MAKEBIN=gmake + fi + if [ "X$NUNAME" = "XDragonflyBSD" ]; then + MAKEBIN=gmake + fi + if [ "X%NUNAME" = "XBitrig" ]; then + MAKEBIN=gmake + fi + + # Makefile - echo " - ${runningmake}" + echo " - ${runningmake}" cd ./src # Binary install will use the previous generated code. if [ "X${USER_BINARYINSTALL}" = "X" ]; then - make all - if [ $? != 0 ]; then - cd ../ - catError "0x5-build" - fi - - # Building everything - make build + # Add DATABASE=pgsql or DATABASE=mysql to add support for database + # alert entry + ${MAKEBIN} PREFIX=${INSTALLDIR} TARGET=${INSTYPE} build if [ $? != 0 ]; then cd ../ catError "0x5-build" @@ -101,16 +114,7 @@ Install() UpdateStopOSSEC fi - # Making the right installation type - if [ "X$INSTYPE" = "Xserver" ]; then - ./InstallServer.sh - - elif [ "X$INSTYPE" = "Xagent" ]; then - ./InstallAgent.sh - - elif [ "X$INSTYPE" = "Xlocal" ]; then - ./InstallServer.sh local - fi + ${MAKEBIN} PREFIX=${INSTALLDIR} TARGET=${INSTYPE} install cd ../ @@ -225,6 +229,10 @@ UseRootcheck() echo " $INSTALLDIR/etc/shared/cis_rhel_linux_rcl.txt" >> $NEWCONFIG echo " $INSTALLDIR/etc/shared/cis_rhel5_linux_rcl.txt" >> $NEWCONFIG echo " " >> $NEWCONFIG + # Patch for systems that use s-nail instead of GNU Mailutils (such as Arch Linux). + if [ -r /usr/bin/mail ] && strings /usr/bin/mail | grep "x-shsh bash" 1> /dev/null; then + sed -i 's/mail !bash|/mail !/' ./src/rootcheck/db/rootkit_trojans.txt + fi else echo "" >> $NEWCONFIG echo " " >> $NEWCONFIG @@ -260,14 +268,13 @@ SetupLogs() LOG_FILES=`cat ${SYSLOG_TEMPLATE}` for i in ${LOG_FILES}; do # If log file present, add it - ls $i > /dev/null 2>&1 - if [ $? = 0 ]; then + if [ -f "$i" ]; then echo " -- $i" - echo "" >> $NEWCONFIG - echo " " >> $NEWCONFIG - echo " syslog" >> $NEWCONFIG - echo " $i" >>$NEWCONFIG - echo " " >> $NEWCONFIG + echo "" >> $NEWCONFIG + echo " " >> $NEWCONFIG + echo " syslog" >> $NEWCONFIG + echo " $i" >>$NEWCONFIG + echo " " >> $NEWCONFIG fi done @@ -275,8 +282,7 @@ SetupLogs() # Getting snort files SNORT_FILES=`cat ${SNORT_TEMPLATE}` for i in ${SNORT_FILES}; do - ls $i > /dev/null 2>&1 - if [ $? = 0 ]; then + if [ -f "$i" ]; then echo "" >> $NEWCONFIG echo " " >> $NEWCONFIG @@ -296,8 +302,7 @@ SetupLogs() # Getting apache logs APACHE_FILES=`cat ${APACHE_TEMPLATE}` for i in ${APACHE_FILES}; do - ls $i > /dev/null 2>&1 - if [ $? = 0 ]; then + if [ -f "$i" ]; then echo "" >> $NEWCONFIG echo " " >> $NEWCONFIG echo " apache" >> $NEWCONFIG @@ -311,8 +316,7 @@ SetupLogs() # Getting postgresql logs PGSQL_FILES=`cat ${PGSQL_TEMPLATE}` for i in ${PGSQL_FILES}; do - ls $i > /dev/null 2>&1 - if [ $? = 0 ]; then + if [ -f "$i" ]; then echo "" >> $NEWCONFIG echo " " >> $NEWCONFIG echo " postgresql_log" >> $NEWCONFIG @@ -327,12 +331,12 @@ SetupLogs() echo "" >> $NEWCONFIG echo " " >> $NEWCONFIG echo " command" >> $NEWCONFIG - echo " df -h" >> $NEWCONFIG + echo " df -P" >> $NEWCONFIG echo " " >> $NEWCONFIG echo "" >> $NEWCONFIG echo " " >> $NEWCONFIG echo " full_command" >> $NEWCONFIG - echo " netstat -tan |grep LISTEN |grep -v 127.0.0.1 | sort" >> $NEWCONFIG + echo " netstat -tan |grep LISTEN |egrep -v '(127.0.0.1| ::1)' | sort" >> $NEWCONFIG echo " " >> $NEWCONFIG echo "" >> $NEWCONFIG echo " " >> $NEWCONFIG @@ -398,6 +402,10 @@ ConfigureClient() elif [ "X${HNAME}" != "X" ]; then echo " $HNAME" >> $NEWCONFIG fi + if [ "$X{USER_AGENT_CONFIG_PROFILE}" != "X" ]; then + PROFILE=${USER_AGENT_CONFIG_PROFILE} + echo " $PROFILE" >> $NEWCONFIG + fi echo " " >> $NEWCONFIG echo "" >> $NEWCONFIG @@ -446,45 +454,44 @@ ConfigureClient() ########## ConfigureServer() { - echo "" - echo "3- ${configuring} $NAME." + echo "" + echo "3- ${configuring} $NAME." # Configuring e-mail notification - echo "" - $ECHO " 3.1- ${mailnotify} ($yes/$no) [$yes]: " + echo "" + $ECHO " 3.1- ${mailnotify} ($yes/$no) [$yes]: " if [ "X${USER_ENABLE_EMAIL}" = "X" ]; then - read ANSWER + read ANSWER else ANSWER=${USER_ENABLE_EMAIL} fi - case $ANSWER in - $nomatch) + case $ANSWER in + $nomatch) echo "" - echo " --- ${nomail}." - EMAILNOTIFY="no" - ;; - *) - EMAILNOTIFY="yes" - $ECHO " - ${whatsemail} " + echo " --- ${nomail}." + EMAILNOTIFY="no" + ;; + *) + EMAILNOTIFY="yes" + $ECHO " - ${whatsemail} " if [ "X${USER_EMAIL_ADDRESS}" = "X" ]; then read EMAIL - echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?; + echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.+-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?; # Ugly e-mail validation - while [ "$EMAIL" = "" -o ! ${RVAL} = 0 ] ; do - $ECHO " - ${whatsemail} " - read EMAIL - echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?; - done + while [ "$EMAIL" = "" -o ! ${RVAL} = 0 ] ; do + $ECHO " - ${whatsemail} " + read EMAIL + echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.+-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?; + done else EMAIL=${USER_EMAIL_ADDRESS} fi - ls ${HOST_CMD} > /dev/null 2>&1 - if [ $? = 0 ]; then + if [ -x "$HOST_CMD" ]; then HOSTTMP=`${HOST_CMD} -W 5 -t mx ossec.net 2>/dev/null` if [ $? = 1 ]; then # Trying without the -W @@ -523,34 +530,34 @@ ConfigureServer() fi if [ "X${SMTP}" = "X" ]; then - $ECHO " - ${whatsmtp} " + $ECHO " - ${whatsmtp} " read SMTP fi else SMTP=${USER_EMAIL_SMTP} fi ;; - esac + esac - # Writting global parameters + # Writting global parameters echo "" > $NEWCONFIG - echo " " >> $NEWCONFIG - if [ "$EMAILNOTIFY" = "yes" ]; then - echo " yes" >> $NEWCONFIG - echo " $EMAIL" >> $NEWCONFIG - echo " $SMTP" >> $NEWCONFIG - echo " ossecm@${HOST}" >> $NEWCONFIG - else - echo " no" >> $NEWCONFIG - fi + echo " " >> $NEWCONFIG + if [ "$EMAILNOTIFY" = "yes" ]; then + echo " yes" >> $NEWCONFIG + echo " $EMAIL" >> $NEWCONFIG + echo " $SMTP" >> $NEWCONFIG + echo " ossecm@${HOST}" >> $NEWCONFIG + else + echo " no" >> $NEWCONFIG + fi echo " " >> $NEWCONFIG - echo "" >> $NEWCONFIG + echo "" >> $NEWCONFIG - # Writting rules configuration + # Writting rules configuration cat ${RULES_TEMPLATE} >> $NEWCONFIG - echo "" >> $NEWCONFIG + echo "" >> $NEWCONFIG # Checking if syscheck should run @@ -606,15 +613,16 @@ ConfigureServer() esac echo "" >> $NEWCONFIG echo " " >> $NEWCONFIG - echo " 127.0.0.1" >> $NEWCONFIG - echo " ^localhost.localdomain$">>$NEWCONFIG + echo " 127.0.0.1" >> $NEWCONFIG + echo " ::1" >> $NEWCONFIG + echo " localhost.localdomain">>$NEWCONFIG echo "" - echo " - ${defaultwhitelist}" + echo " - ${defaultallowlist}" for ip in ${NAMESERVERS} ${NAMESERVERS2}; do if [ ! "X${ip}" = "X" ]; then echo " - ${ip}" - echo " ${ip}" >>$NEWCONFIG + echo " ${ip}" >>$NEWCONFIG fi done AddWhite @@ -650,55 +658,55 @@ ConfigureServer() if [ "X$INSTYPE" = "Xserver" ]; then # Configuring remote syslog - echo "" - $ECHO " 3.5- ${syslog} ($yes/$no) [$yes]: " + echo "" + $ECHO " 3.5- ${syslog} ($yes/$no) [$yes]: " if [ "X${USER_ENABLE_SYSLOG}" = "X" ]; then - read ANSWER + read ANSWER else ANSWER=${USER_ENABLE_SYSLOG} fi echo "" case $ANSWER in - $nomatch) - echo " --- ${nosyslog}." - ;; - *) - echo " - ${yessyslog}." - RLOG="yes" - ;; - esac - - # Configuring remote connections + $nomatch) + echo " --- ${nosyslog}." + ;; + *) + echo " - ${yessyslog}." + RLOG="yes" + ;; + esac + + # Configuring remote connections SLOG="yes" - fi + fi - if [ "X$RLOG" = "Xyes" ]; then - echo "" >> $NEWCONFIG - echo " " >> $NEWCONFIG - echo " syslog" >> $NEWCONFIG - echo " " >> $NEWCONFIG - fi + if [ "X$RLOG" = "Xyes" ]; then + echo "" >> $NEWCONFIG + echo " " >> $NEWCONFIG + echo " syslog" >> $NEWCONFIG + echo " " >> $NEWCONFIG + fi - if [ "X$SLOG" = "Xyes" ]; then - echo "" >> $NEWCONFIG - echo " " >> $NEWCONFIG - echo " secure" >> $NEWCONFIG - echo " " >> $NEWCONFIG - fi + if [ "X$SLOG" = "Xyes" ]; then + echo "" >> $NEWCONFIG + echo " " >> $NEWCONFIG + echo " secure" >> $NEWCONFIG + echo " " >> $NEWCONFIG + fi - # Email/log alerts - echo "" >> $NEWCONFIG - echo " " >> $NEWCONFIG + # Email/log alerts + echo "" >> $NEWCONFIG + echo " " >> $NEWCONFIG echo " 1" >> $NEWCONFIG if [ "$EMAILNOTIFY" = "yes" ]; then echo " 7">> $NEWCONFIG - fi - echo " " >> $NEWCONFIG + fi + echo " " >> $NEWCONFIG if [ "X$ACTIVERESPONSE" = "Xyes" ]; then @@ -768,8 +776,7 @@ setEnv() CEXTRA="$CEXTRA -DLOCAL" fi - ls $INSTALLDIR >/dev/null 2>&1 - if [ $? = 0 ]; then + if [ -d "$INSTALLDIR" ]; then if [ "X${USER_DELETE_DIR}" = "X" ]; then echo "" $ECHO " - ${deletedir} ($yes/$no) [$yes]: " @@ -817,48 +824,48 @@ checkDependencies() ########## AddWhite() { - while [ 1 ] - do + while [ 1 ] + do echo "" - $ECHO " - ${addwhite} ($yes/$no)? [$no]: " + $ECHO " - ${addwhite} ($yes/$no)? [$no]: " - # If white list is set, we don't need to ask it here. + # If allow list is set, we don't need to ask it here. if [ "X${USER_WHITE_LIST}" = "X" ]; then - read ANSWER + read ANSWER else ANSWER=$yes fi - if [ "X${ANSWER}" = "X" ] ; then - ANSWER=$no - fi + if [ "X${ANSWER}" = "X" ] ; then + ANSWER=$no + fi - case $ANSWER in - $no) - break; - ;; - *) - $ECHO " - ${ipswhite}" + case $ANSWER in + $no) + break; + ;; + *) + $ECHO " - ${ipswhite}" if [ "X${USER_WHITE_LIST}" = "X" ]; then - read IPS - else + read IPS + else IPS=${USER_WHITE_LIST} fi - for ip in ${IPS}; - do - if [ ! "X${ip}" = "X" ]; then - echo $ip | grep -E "^[0-9./]{5,20}$" > /dev/null 2>&1 + for ip in ${IPS}; + do + if [ ! "X${ip}" = "X" ]; then + echo $ip | grep -Ei "^[0-9a-f.:/]{5,20}$" > /dev/null 2>&1 if [ $? = 0 ]; then - echo " ${ip}" >>$NEWCONFIG + echo " ${ip}" >>$NEWCONFIG fi - fi - done + fi + done - break; - ;; - esac - done + break; + ;; + esac + done } @@ -923,8 +930,7 @@ main() USER_LG="en" fi - ls "${TEMPLATE}/${USER_LG}" > /dev/null 2>&1 - if [ $? = 0 ]; then + if [ -d "${TEMPLATE}/${USER_LG}" ]; then break; fi done; @@ -934,8 +940,7 @@ main() else # If provided language is not valid, default to english - ls "${TEMPLATE}/${USER_LANGUAGE}" > /dev/null 2>&1 - if [ $? = 0 ]; then + if [ -d "${TEMPLATE}/${USER_LANGUAGE}" ]; then LANGUAGE=${USER_LANGUAGE} else LANGUAGE="en" @@ -1083,35 +1088,35 @@ main() case $ANSWER in ${helpm}|${help}) - catMsg "0x102-installhelp" - ;; + catMsg "0x102-installhelp" + ;; ${server}|${serverm}) - echo "" - echo " - ${serverchose}." - INSTYPE="server" - break; - ;; + echo "" + echo " - ${serverchose}." + INSTYPE="server" + break; + ;; ${agent}|${agentm}) - echo "" - echo " - ${clientchose}." - INSTYPE="agent" - break; - ;; + echo "" + echo " - ${clientchose}." + INSTYPE="agent" + break; + ;; ${hybrid}|${hybridm}) - echo "" - echo " - ${serverchose} (hybrid)." - INSTYPE="server" + echo "" + echo " - ${serverchose} (hybrid)." + INSTYPE="server" HYBID="go" - break; - ;; + break; + ;; ${local}|${localm}) - echo "" - echo " - ${localchose}." - INSTYPE="local" - break; + echo "" + echo " - ${localchose}." + INSTYPE="local" + break; ;; esac done @@ -1147,10 +1152,10 @@ main() echo " - ${configurationdone}." echo "" echo " - ${tostart}:" - echo " $INSTALLDIR/bin/ossec-control start" + echo " $INSTALLDIR/bin/ossec-control start" echo "" echo " - ${tostop}:" - echo " $INSTALLDIR/bin/ossec-control stop" + echo " $INSTALLDIR/bin/ossec-control stop" echo "" echo " - ${configat} $INSTALLDIR/etc/ossec.conf" echo "" @@ -1207,7 +1212,7 @@ main() if [ "X$notmodified" = "Xyes" ]; then catMsg "0x105-noboot" - echo " $INSTALLDIR/bin/ossec-control start" + echo " $INSTALLDIR/bin/ossec-control start" echo "" fi } @@ -1246,7 +1251,10 @@ if [ "x$HYBID" = "xgo" ]; then echo "" >> ./etc/preloaded-vars.conf echo 'USER_CLEANINSTALL="y"' >> ./etc/preloaded-vars.conf echo "" >> ./etc/preloaded-vars.conf + + cd src && ${MAKEBIN} clean && cd .. ./install.sh + rm etc/preloaded-vars.conf fi