X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Finit%2Fupdate.sh;h=61ff28e4bbbefd8f23162ebbbbe874e42d585e12;hp=a822f3a220e5c34033920d7b1e9658450c73b7d1;hb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;hpb=301048b51990573e58a30dc4a5bb4ec285cad554 diff --git a/src/init/update.sh b/src/init/update.sh index a822f3a..61ff28e 100755 --- a/src/init/update.sh +++ b/src/init/update.sh @@ -17,6 +17,7 @@ isUpdate() if [ $? = 0 ]; then . ${OSSEC_INIT} if [ "X$DIRECTORY" = "X" ]; then + echo "# ($FUNCNAME) ERROR: The variable DIRECTORY wasn't set" 1>&2 echo "${FALSE}" return 1; fi @@ -24,30 +25,31 @@ isUpdate() if [ $? = 0 ]; then echo "${TRUE}" return 0; - fi + fi fi - echo "${FALSE}" - return 1; + return 1; } ########## -# doUpdatecleanup +# doUpdatecleanup ########## doUpdatecleanup() { . ${OSSEC_INIT} if [ "X$DIRECTORY" = "X" ]; then - # Invalid ossec init file. Unable to update + echo "# ($FUNCNAME) ERROR: The variable DIRECTORY wasn't set." 1>&2 echo "${FALSE}" return 1; fi - + # Checking if the directory is valid. - echo $DIRECTORY | grep -E "^/[a-zA-Z0-9/-]{3,128}$" > /dev/null 2>&1 + local _dir_pattern="^/[-a-zA-Z0-9/\.-]{3,128}$" + echo $DIRECTORY | grep -E "$_dir_pattern" > /dev/null 2>&1 if [ ! $? = 0 ]; then + echo "# ($FUNCNAME) ERROR: directory name ($DIRECTORY) doesn't match the pattern $_dir_pattern" 1>&2 echo "${FALSE}" return 1; fi @@ -55,7 +57,7 @@ doUpdatecleanup() ########## -# getPreinstalled +# getPreinstalled ########## getPreinstalled() { @@ -67,15 +69,15 @@ getPreinstalled() echo "agent" return 0; fi - + cat $DIRECTORY/etc/ossec.conf | grep "" > /dev/null 2>&1 if [ $? = 0 ]; then echo "server" return 0; fi - + echo "local" - return 0; + return 0; } @@ -96,8 +98,8 @@ getPreinstalledDir() UpdateStartOSSEC() { . ${OSSEC_INIT} - - $DIRECTORY/bin/ossec-control start + + $DIRECTORY/bin/ossec-control start } @@ -107,8 +109,8 @@ UpdateStartOSSEC() UpdateStopOSSEC() { . ${OSSEC_INIT} - - $DIRECTORY/bin/ossec-control stop + + $DIRECTORY/bin/ossec-control stop # We also need to remove all syscheck queue file (format changed) if [ "X$VERSION" = "X0.9-3" ]; then @@ -118,9 +120,8 @@ UpdateStopOSSEC() rm -f $DIRECTORY/queue/syscheck/.* > /dev/null 2>&1 } - ########## -# UpdateOSSECRules +# UpdateOSSECRules ########## UpdateOSSECRules() { @@ -130,13 +131,27 @@ UpdateOSSECRules() # Backing up the old config cp -pr ${OSSEC_CONF_FILE} "${OSSEC_CONF_FILE}.$$.bak" - - cat ${OSSEC_CONF_FILE}|grep -v "" |grep -v "" |grep -v "" > "${OSSEC_CONF_FILE}.$$.tmp" + # Getting rid of old rules entries + grep -Ev "|||||rules global entry" ${OSSEC_CONF_FILE} > "${OSSEC_CONF_FILE}.$$.tmp" + + # Customer decoder, decoder_dir, rule_dir are carried over during upgrade + grep -E '|' ${OSSEC_CONF_FILE} | grep -v '" >> ${OSSEC_CONF_FILE} - cat ${RULES_TEMPLATE} >> ${OSSEC_CONF_FILE} + grep -v '' ${RULES_TEMPLATE} >> ${OSSEC_CONF_FILE} + cat "${OSSEC_CONF_FILE}.$$.tmp2" >> ${OSSEC_CONF_FILE} + echo "" >> ${OSSEC_CONF_FILE} echo " " >> ${OSSEC_CONF_FILE} -} + rm "${OSSEC_CONF_FILE}.$$.tmp2" +}