2 # Installation script for the OSSEC
3 # Author: Daniel B. Cid <daniel.cid@gmail.com>
4 # Last modification: Aug 30, 2012
6 # Changelog 19/03/2006 - Rafael M. Capovilla <under@underlinux.com.br>
7 # New function AddWhite to allow users to add more Ips in the white_list
8 # Minor *echos* modifications to better look
9 # Bug fix - When email address is blank
10 # Bug fix - delete INSTALLDIR - Default is yes but if the user just press enter the script wasn't deleting it as it should
11 # Changelog 15/07/2006 - Rafael M. Capovilla <under@underlinux.com.br>
12 # New function AddTable to add support for OpenBSD pf rules in firewall-drop active response
14 # Changelog 29 March 2012 - Adding hybrid mode (standalone + agent)
18 ### Looking up for the execution directory
22 ### Looking for echo -n
25 if [ ! "X$hs" = "Xa" ]; then
26 ls "/usr/ucb/echo" > /dev/null 2>&1
28 ECHO="/usr/ucb/echo -n"
35 echo "xxxx" | grep -E "xxx" > /dev/null 2>&1
37 ls "/usr/xpg4/bin/grep" > /dev/null 2>&1
39 PATH=/usr/xpg4/bin:$PATH
46 # Checking for command line arguments
48 if [ "X$i" = "Xdebug" ]; then
50 elif [ "X$i" = "Xbinary-install" ]; then
51 USER_BINARYINSTALL="yes"
52 elif [ "X$i" = "Xhelp" ]; then
54 echo "$0 binary-install"
67 echo "5- ${installing}"
69 echo "DIR=\"${INSTALLDIR}\"" > ${LOCATION}
71 # Changing Config.OS with the new C flags
72 # Checking if debug is enabled
73 if [ "X${SET_DEBUG}" = "Xdebug" ]; then
74 CEXTRA="${CEXTRA} -DDEBUGAD"
77 echo "CEXTRA=${CEXTRA}" >> ./src/Config.OS
80 echo " - ${runningmake}"
83 # Binary install will use the previous generated code.
84 if [ "X${USER_BINARYINSTALL}" = "X" ]; then
99 # If update, stop ossec
100 if [ "X${update_only}" = "Xyes" ]; then
104 # Making the right installation type
105 if [ "X$INSTYPE" = "Xserver" ]; then
108 elif [ "X$INSTYPE" = "Xagent" ]; then
111 elif [ "X$INSTYPE" = "Xlocal" ]; then
112 ./InstallServer.sh local
118 # Generate the /etc/ossec-init.conf
119 VERSION_FILE="./src/VERSION"
120 VERSION=`cat ${VERSION_FILE}`
121 chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
122 echo "DIRECTORY=\"${INSTALLDIR}\"" > ${OSSEC_INIT}
123 echo "VERSION=\"${VERSION}\"" >> ${OSSEC_INIT}
124 echo "DATE=\"`date`\"" >> ${OSSEC_INIT}
125 echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT}
126 chmod 600 ${OSSEC_INIT}
127 cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
128 chmod 640 ${INSTALLDIR}${OSSEC_INIT}
131 # If update_rules is set, we need to tweak
132 # ossec.conf to read the new signatures.
133 if [ "X${update_rules}" = "Xyes" ]; then
137 # If update, start OSSEC
138 if [ "X${update_only}" = "Xyes" ]; then
142 # Calling the init script to start ossec hids during boot
143 if [ "X${update_only}" = "X" ]; then
161 # Integrity check config
163 $ECHO " 3.2- ${runsyscheck} ($yes/$no) [$yes]: "
164 if [ "X${USER_ENABLE_SYSCHECK}" = "X" ]; then
167 AS=${USER_ENABLE_SYSCHECK}
172 echo " - ${nosyscheck}."
176 echo " - ${yessyscheck}."
180 # Adding to the config file
181 if [ "X$SYSCHECK" = "Xyes" ]; then
182 cat ${SYSCHECK_TEMPLATE} >> $NEWCONFIG
195 # Rootkit detection configuration
197 $ECHO " 3.3- ${runrootcheck} ($yes/$no) [$yes]: "
199 if [ "X${USER_ENABLE_ROOTCHECK}" = "X" ]; then
202 ES=${USER_ENABLE_ROOTCHECK}
208 echo " - ${norootcheck}."
212 echo " - ${yesrootcheck}."
217 # Adding to the config file
218 if [ "X$ROOTCHECK" = "Xyes" ]; then
219 echo "" >> $NEWCONFIG
220 echo " <rootcheck>" >> $NEWCONFIG
221 echo " <rootkit_files>$INSTALLDIR/etc/shared/rootkit_files.txt</rootkit_files>" >> $NEWCONFIG
222 echo " <rootkit_trojans>$INSTALLDIR/etc/shared/rootkit_trojans.txt</rootkit_trojans>" >> $NEWCONFIG
223 echo " <system_audit>$INSTALLDIR/etc/shared/system_audit_rcl.txt</system_audit>" >> $NEWCONFIG
224 echo " <system_audit>$INSTALLDIR/etc/shared/cis_debian_linux_rcl.txt</system_audit>" >> $NEWCONFIG
225 echo " <system_audit>$INSTALLDIR/etc/shared/cis_rhel_linux_rcl.txt</system_audit>" >> $NEWCONFIG
226 echo " <system_audit>$INSTALLDIR/etc/shared/cis_rhel5_linux_rcl.txt</system_audit>" >> $NEWCONFIG
227 echo " </rootcheck>" >> $NEWCONFIG
229 echo "" >> $NEWCONFIG
230 echo " <rootcheck>" >> $NEWCONFIG
231 echo " <disabled>yes</disabled>" >> $NEWCONFIG
232 echo " </rootcheck>" >> $NEWCONFIG
244 if [ "x${USER_CLEANINSTALL}" = "xy" ]; then
245 OPENDIR=`dirname $INSTALLDIR`
246 echo "" >> $NEWCONFIG
247 echo " <localfile>" >> $NEWCONFIG
248 echo " <log_format>ossecalert</log_format>" >> $NEWCONFIG
249 echo " <location>$OPENDIR/logs/alerts/alerts.log</location>" >>$NEWCONFIG
250 echo " </localfile>" >> $NEWCONFIG
251 echo "" >> $NEWCONFIG
257 echo " $NB- ${readlogs}"
259 echo " <!-- Files to monitor (localfiles) -->" >> $NEWCONFIG
260 LOG_FILES=`cat ${SYSLOG_TEMPLATE}`
261 for i in ${LOG_FILES}; do
262 # If log file present, add it
263 ls $i > /dev/null 2>&1
266 echo "" >> $NEWCONFIG
267 echo " <localfile>" >> $NEWCONFIG
268 echo " <log_format>syslog</log_format>" >> $NEWCONFIG
269 echo " <location>$i</location>" >>$NEWCONFIG
270 echo " </localfile>" >> $NEWCONFIG
275 # Getting snort files
276 SNORT_FILES=`cat ${SNORT_TEMPLATE}`
277 for i in ${SNORT_FILES}; do
278 ls $i > /dev/null 2>&1
280 echo "" >> $NEWCONFIG
281 echo " <localfile>" >> $NEWCONFIG
283 head -n 1 $i|grep "\[**\] "|grep -v "Classification:" > /dev/null
285 echo " <log_format>snort-full</log_format>" >> $NEWCONFIG
286 echo " -- $i (snort-full file)"
288 echo " <log_format>snort-fast</log_format>" >> $NEWCONFIG
289 echo " -- $i (snort-fast file)"
291 echo " <location>$i</location>" >>$NEWCONFIG
292 echo " </localfile>" >> $NEWCONFIG
296 # Getting apache logs
297 APACHE_FILES=`cat ${APACHE_TEMPLATE}`
298 for i in ${APACHE_FILES}; do
299 ls $i > /dev/null 2>&1
301 echo "" >> $NEWCONFIG
302 echo " <localfile>" >> $NEWCONFIG
303 echo " <log_format>apache</log_format>" >> $NEWCONFIG
304 echo " <location>$i</location>" >>$NEWCONFIG
305 echo " </localfile>" >> $NEWCONFIG
307 echo " -- $i (apache log)"
311 # Getting postgresql logs
312 PGSQL_FILES=`cat ${PGSQL_TEMPLATE}`
313 for i in ${PGSQL_FILES}; do
314 ls $i > /dev/null 2>&1
316 echo "" >> $NEWCONFIG
317 echo " <localfile>" >> $NEWCONFIG
318 echo " <log_format>postgresql_log</log_format>" >> $NEWCONFIG
319 echo " <location>$i</location>" >>$NEWCONFIG
320 echo " </localfile>" >> $NEWCONFIG
322 echo " -- $i (postgresql log)"
326 if [ "X$NUNAME" = "XLinux" ]; then
327 echo "" >> $NEWCONFIG
328 echo " <localfile>" >> $NEWCONFIG
329 echo " <log_format>command</log_format>" >> $NEWCONFIG
330 echo " <command>df -h</command>" >> $NEWCONFIG
331 echo " </localfile>" >> $NEWCONFIG
332 echo "" >> $NEWCONFIG
333 echo " <localfile>" >> $NEWCONFIG
334 echo " <log_format>full_command</log_format>" >> $NEWCONFIG
335 echo " <command>netstat -tan |grep LISTEN |grep -v 127.0.0.1 | sort</command>" >> $NEWCONFIG
336 echo " </localfile>" >> $NEWCONFIG
337 echo "" >> $NEWCONFIG
338 echo " <localfile>" >> $NEWCONFIG
339 echo " <log_format>full_command</log_format>" >> $NEWCONFIG
340 echo " <command>last -n 5</command>" >> $NEWCONFIG
341 echo " </localfile>" >> $NEWCONFIG
351 if [ "X$USER_NO_STOP" = "X" ]; then
366 echo "3- ${configuring} $NAME."
369 if [ "X${USER_AGENT_SERVER_IP}" = "X" -a "X${USER_AGENT_SERVER_NAME}" = "X" ]; then
370 # Looping and asking for server ip or hostname
372 $ECHO " 3.1- ${serveraddr}: "
375 echo $ADDRANSWER | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" > /dev/null 2>&1
379 echo " - ${addingip} $IP"
382 elif [ $? != 0 ]; then
385 echo " - ${addingname} $HNAME"
390 IP=${USER_AGENT_SERVER_IP}
391 HNAME=${USER_AGENT_SERVER_NAME}
394 echo "<ossec_config>" > $NEWCONFIG
395 echo " <client>" >> $NEWCONFIG
396 if [ "X${IP}" != "X" ]; then
397 echo " <server-ip>$IP</server-ip>" >> $NEWCONFIG
398 elif [ "X${HNAME}" != "X" ]; then
399 echo " <server-hostname>$HNAME</server-hostname>" >> $NEWCONFIG
401 echo " </client>" >> $NEWCONFIG
402 echo "" >> $NEWCONFIG
411 $ECHO " 3.4 - ${enable_ar} ($yes/$no) [$yes]: "
413 if [ "X${USER_ENABLE_ACTIVE_RESPONSE}" = "X" ]; then
416 ANY=${USER_ENABLE_ACTIVE_RESPONSE}
422 echo " - ${noactive}."
423 echo "" >> $NEWCONFIG
424 echo " <active-response>" >> $NEWCONFIG
425 echo " <disabled>yes</disabled>" >> $NEWCONFIG
426 echo " </active-response>" >> $NEWCONFIG
427 echo "" >> $NEWCONFIG
435 # Set up the log files
438 echo "</ossec_config>" >> $NEWCONFIG
450 echo "3- ${configuring} $NAME."
453 # Configuring e-mail notification
455 $ECHO " 3.1- ${mailnotify} ($yes/$no) [$yes]: "
457 if [ "X${USER_ENABLE_EMAIL}" = "X" ]; then
460 ANSWER=${USER_ENABLE_EMAIL}
466 echo " --- ${nomail}."
471 $ECHO " - ${whatsemail} "
472 if [ "X${USER_EMAIL_ADDRESS}" = "X" ]; then
475 echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?;
476 # Ugly e-mail validation
477 while [ "$EMAIL" = "" -o ! ${RVAL} = 0 ] ; do
478 $ECHO " - ${whatsemail} "
480 echo "${EMAIL}" | grep -E "^[a-zA-Z0-9_.-]{1,36}@[a-zA-Z0-9_.-]{1,54}$" > /dev/null 2>&1 ;RVAL=$?;
483 EMAIL=${USER_EMAIL_ADDRESS}
486 ls ${HOST_CMD} > /dev/null 2>&1
488 HOSTTMP=`${HOST_CMD} -W 5 -t mx ossec.net 2>/dev/null`
490 # Trying without the -W
491 HOSTTMP=`${HOST_CMD} -t mx ossec.net 2>/dev/null`
493 echo "x$HOSTTMP" | grep "ossec.net mail is handled" > /dev/null 2>&1
495 # Breaking down the user e-mail
496 EMAILHOST=`echo ${EMAIL} | cut -d "@" -f 2`
497 if [ "X${EMAILHOST}" = "Xlocalhost" ]; then
500 HOSTTMP=`${HOST_CMD} -W 5 -t mx ${EMAILHOST}`
501 SMTPHOST=`echo ${HOSTTMP} | cut -d " " -f 7`
506 if [ "X${USER_EMAIL_SMTP}" = "X" ]; then
507 if [ "X${SMTPHOST}" != "X" ]; then
509 echo " - ${yoursmtp}: ${SMTPHOST}"
510 $ECHO " - ${usesmtp} ($yes/$no) [$yes]: "
520 echo " --- ${usingsmtp} ${SMTP}"
525 if [ "X${SMTP}" = "X" ]; then
526 $ECHO " - ${whatsmtp} "
530 SMTP=${USER_EMAIL_SMTP}
536 # Writting global parameters
537 echo "<ossec_config>" > $NEWCONFIG
538 echo " <global>" >> $NEWCONFIG
539 if [ "$EMAILNOTIFY" = "yes" ]; then
540 echo " <email_notification>yes</email_notification>" >> $NEWCONFIG
541 echo " <email_to>$EMAIL</email_to>" >> $NEWCONFIG
542 echo " <smtp_server>$SMTP</smtp_server>" >> $NEWCONFIG
543 echo " <email_from>ossecm@${HOST}</email_from>" >> $NEWCONFIG
545 echo " <email_notification>no</email_notification>" >> $NEWCONFIG
548 echo " </global>" >> $NEWCONFIG
549 echo "" >> $NEWCONFIG
551 # Writting rules configuration
552 cat ${RULES_TEMPLATE} >> $NEWCONFIG
553 echo "" >> $NEWCONFIG
556 # Checking if syscheck should run
559 # Checking if rootcheck should run
565 $ECHO " - ${enable_ar} ($yes/$no) [$yes]: "
567 if [ "X${USER_ENABLE_ACTIVE_RESPONSE}" = "X" ]; then
570 AR=${USER_ENABLE_ACTIVE_RESPONSE}
576 echo " - ${noactive}."
577 echo "" >> $NEWCONFIG
578 echo " <active-response>" >> $NEWCONFIG
579 echo " <disabled>yes</disabled>" >> $NEWCONFIG
580 echo " </active-response>" >> $NEWCONFIG
581 echo "" >> $NEWCONFIG
586 catMsg "0x108-ar-enabled"
589 $ECHO " - ${firewallar} ($yes/$no) [$yes]: "
591 if [ "X${USER_ENABLE_FIREWALL_RESPONSE}" = "X" ]; then
594 HD2=${USER_ENABLE_FIREWALL_RESPONSE}
600 echo " - ${nofirewall}"
603 echo " - ${yesfirewall}"
607 echo "" >> $NEWCONFIG
608 echo " <global>" >> $NEWCONFIG
609 echo " <white_list>127.0.0.1</white_list>" >> $NEWCONFIG
610 echo " <white_list>^localhost.localdomain$</white_list>">>$NEWCONFIG
612 echo " - ${defaultwhitelist}"
613 for ip in ${NAMESERVERS} ${NAMESERVERS2};
615 if [ ! "X${ip}" = "X" ]; then
617 echo " <white_list>${ip}</white_list>" >>$NEWCONFIG
622 # If Openbsd or Freebsd with pf enable, ask about
623 # automatically setting it up.
624 # Commenting it out in case I change my mind about it
626 #if [ "X`sh ./src/init/fw-check.sh`" = "XPF" ]; then
628 # $ECHO " - ${pfenable} ($yes/$no) [$yes]: "
629 # if [ "X${USER_ENABLE_PF}" = "X" ]; then
632 # PFENABLE=${USER_ENABLE_PF}
646 echo " </global>" >> $NEWCONFIG
651 if [ "X$INSTYPE" = "Xserver" ]; then
652 # Configuring remote syslog
654 $ECHO " 3.5- ${syslog} ($yes/$no) [$yes]: "
656 if [ "X${USER_ENABLE_SYSLOG}" = "X" ]; then
659 ANSWER=${USER_ENABLE_SYSLOG}
665 echo " --- ${nosyslog}."
668 echo " - ${yessyslog}."
673 # Configuring remote connections
679 if [ "X$RLOG" = "Xyes" ]; then
680 echo "" >> $NEWCONFIG
681 echo " <remote>" >> $NEWCONFIG
682 echo " <connection>syslog</connection>" >> $NEWCONFIG
683 echo " </remote>" >> $NEWCONFIG
686 if [ "X$SLOG" = "Xyes" ]; then
687 echo "" >> $NEWCONFIG
688 echo " <remote>" >> $NEWCONFIG
689 echo " <connection>secure</connection>" >> $NEWCONFIG
690 echo " </remote>" >> $NEWCONFIG
695 echo "" >> $NEWCONFIG
696 echo " <alerts>" >> $NEWCONFIG
697 echo " <log_alert_level>1</log_alert_level>" >> $NEWCONFIG
698 if [ "$EMAILNOTIFY" = "yes" ]; then
699 echo " <email_alert_level>7</email_alert_level>">> $NEWCONFIG
701 echo " </alerts>" >> $NEWCONFIG
704 if [ "X$ACTIVERESPONSE" = "Xyes" ]; then
705 # Add commands in here
706 echo "" >> $NEWCONFIG
707 cat ${HOST_DENY_TEMPLATE} >> $NEWCONFIG
708 echo "" >> $NEWCONFIG
709 cat ${FIREWALL_DROP_TEMPLATE} >> $NEWCONFIG
710 echo "" >> $NEWCONFIG
711 cat ${DISABLE_ACCOUNT_TEMPLATE} >> $NEWCONFIG
712 echo "" >> $NEWCONFIG
713 cat ${ROUTENULL_TEMPLATE} >> $NEWCONFIG
714 echo "" >> $NEWCONFIG
716 if [ "X$FIREWALLDROP" = "Xyes" ]; then
717 echo "" >> $NEWCONFIG
718 cat ${ACTIVE_RESPONSE_TEMPLATE} >> $NEWCONFIG
719 echo "" >> $NEWCONFIG
723 # Setting up the logs
725 echo "</ossec_config>" >> $NEWCONFIG
737 echo "2- ${settingupenv}."
740 if [ "X${USER_DIR}" = "X" ]; then
742 $ECHO " - ${wheretoinstall} [$INSTALLDIR]: "
744 if [ ! "X$ANSWER" = "X" ]; then
745 echo $ANSWER |grep -E "^/[a-zA-Z0-9./_-]{3,128}$">/dev/null 2>&1
755 INSTALLDIR=${USER_DIR}
759 CEXTRA="$CEXTRA -DDEFAULTDIR=\\\"${INSTALLDIR}\\\""
762 echo " - ${installat} ${INSTALLDIR} ."
765 if [ "X$INSTYPE" = "Xagent" ]; then
766 CEXTRA="$CEXTRA -DCLIENT"
767 elif [ "X$INSTYPE" = "Xlocal" ]; then
768 CEXTRA="$CEXTRA -DLOCAL"
771 ls $INSTALLDIR >/dev/null 2>&1
773 if [ "X${USER_DELETE_DIR}" = "X" ]; then
775 $ECHO " - ${deletedir} ($yes/$no) [$yes]: "
778 ANSWER=${USER_DELETE_DIR}
784 if [ ! $? = 0 ]; then
796 # checkDependencies()
797 # Thanks to gabriel@macacos.org
803 if [ "X$NUNAME" = "XSunOS" ]; then
804 PATH=$PATH:/usr/ccs/bin:/usr/xpg4/bin:/opt/csw/gcc3/bin:/opt/csw/bin:/usr/sfw/bin
806 elif [ "X$NUNAME" = "XAIX" ]; then
807 PATH=$PATH:/usr/vac/bin
823 $ECHO " - ${addwhite} ($yes/$no)? [$no]: "
825 # If white list is set, we don't need to ask it here.
826 if [ "X${USER_WHITE_LIST}" = "X" ]; then
832 if [ "X${ANSWER}" = "X" ] ; then
841 $ECHO " - ${ipswhite}"
842 if [ "X${USER_WHITE_LIST}" = "X" ]; then
845 IPS=${USER_WHITE_LIST}
850 if [ ! "X${ip}" = "X" ]; then
851 echo $ip | grep -E "^[0-9./]{5,20}$" > /dev/null 2>&1
853 echo " <white_list>${ip}</white_list>" >>$NEWCONFIG
871 TABLE="ossec_fwtable"
873 # Add table to the first line
875 echo " - ${pfmessage}:"
877 echo " http://www.ossec.net/en/manual.html#active-response-tools"
881 echo " table <${TABLE}> persist #$TABLE "
882 echo " block in quick from <${TABLE}> to any"
883 echo " block out quick from any to <${TABLE}>"
896 . ./src/init/shared.sh
897 . ./src/init/functions.sh
899 # Reading pre-defined file
900 if [ ! `isFile ${PREDEF_FILE}` = "${FALSE}" ]; then
904 # If user language is not set
906 if [ "X${USER_LANGUAGE}" = "X" ]; then
908 # Choosing the language.
911 for i in `ls ${TEMPLATE}`; do
912 # ignore CVS (should not be there anyways and config)
913 if [ "$i" = "CVS" -o "$i" = "config" ]; then continue; fi
914 cat "${TEMPLATE}/$i/language.txt"
915 if [ ! "$i" = "en" ]; then
919 $ECHO " (${LG}) [en]: "
922 if [ "X${USER_LG}" = "X" ]; then
926 ls "${TEMPLATE}/${USER_LG}" > /dev/null 2>&1
936 # If provided language is not valid, default to english
937 ls "${TEMPLATE}/${USER_LANGUAGE}" > /dev/null 2>&1
939 LANGUAGE=${USER_LANGUAGE}
944 fi # for USER_LANGUAGE
947 . ./src/init/shared.sh
948 . ./src/init/language.sh
949 . ./src/init/functions.sh
951 . ${TEMPLATE}/${LANGUAGE}/messages.txt
954 # Must be executed as ./install.sh
955 if [ `isFile ${VERSION_FILE}` = "${FALSE}" ]; then
956 catError "0x1-location";
960 if [ ! "X$ME" = "Xroot" ]; then
961 catError "0x2-beroot";
964 # Checking dependencies
971 echo " $NAME $VERSION ${installscript} - http://www.ossec.net"
973 catMsg "0x101-initial"
975 echo " - $system: $UNAME"
977 echo " - $host: $HOST"
980 echo " -- $hitanyorabort --"
982 if [ "X$USER_NO_STOP" = "X" ]; then
986 . ./src/init/update.sh
988 if [ "`isUpdate`" = "${TRUE}" -a "x${USER_CLEANINSTALL}" = "x" ]; then
991 while [ $ct = "1" ]; do
993 $ECHO " - ${wanttoupdate} ($yes/$no): "
994 if [ "X${USER_UPDATE}" = "X" ]; then
1015 # Do some of the update steps.
1016 if [ "X${update_only}" = "Xyes" ]; then
1017 . ./src/init/update.sh
1019 if [ "`doUpdatecleanup`" = "${FALSE}" ]; then
1022 echo "${unabletoupdate}"
1027 USER_INSTALL_TYPE=`getPreinstalled`
1028 USER_DIR=`getPreinstalledDir`
1029 USER_DELETE_DIR="$nomatch"
1034 # We dont need to update the rules on agent installs
1035 if [ "X${USER_INSTALL_TYPE}" = "Xagent" ]; then
1039 while [ $ct = "1" ]; do
1041 $ECHO " - ${updaterules} ($yes/$no): "
1042 if [ "X${USER_UPDATE_RULES}" = "X" ]; then
1067 hybridm=`echo ${hybrid} | cut -b 1`
1068 serverm=`echo ${server} | cut -b 1`
1069 localm=`echo ${local} | cut -b 1`
1070 agentm=`echo ${agent} | cut -b 1`
1071 helpm=`echo ${help} | cut -b 1`
1073 # If user install type is not set, ask for it.
1074 if [ "X${USER_INSTALL_TYPE}" = "X" ]; then
1076 # Loop for the installation options
1080 $ECHO "1- ${whattoinstall} "
1086 catMsg "0x102-installhelp"
1089 ${server}|${serverm})
1091 echo " - ${serverchose}."
1098 echo " - ${clientchose}."
1103 ${hybrid}|${hybridm})
1105 echo " - ${serverchose} (hybrid)."
1112 echo " - ${localchose}."
1120 INSTYPE=${USER_INSTALL_TYPE}
1124 # Setting up the environment
1128 # Configuring the system (based on the installation type)
1129 if [ "X${update_only}" = "X" ]; then
1130 if [ "X$INSTYPE" = "Xserver" ]; then
1132 elif [ "X$INSTYPE" = "Xagent" ]; then
1134 elif [ "X$INSTYPE" = "Xlocal" ]; then
1137 catError "0x4-installtype"
1141 # Installing (calls the respective script
1142 # -- InstallAgent.sh or InstallServer.sh
1147 echo " - ${configurationdone}."
1149 echo " - ${tostart}:"
1150 echo " $INSTALLDIR/bin/ossec-control start"
1152 echo " - ${tostop}:"
1153 echo " $INSTALLDIR/bin/ossec-control stop"
1155 echo " - ${configat} $INSTALLDIR/etc/ossec.conf"
1159 catMsg "0x103-thanksforusing"
1162 if [ "X${update_only}" = "Xyes" ]; then
1163 # Message for the update
1164 if [ "X`sh ./src/init/fw-check.sh`" = "XPF" -a "X${ACTIVERESPONSE}" = "Xyes" ]; then
1165 if [ "X$USER_NO_STOP" = "X" ]; then
1171 echo " - ${updatecompleted}"
1177 if [ "X$USER_NO_STOP" = "X" ]; then
1182 # PF firewall message
1183 if [ "X`sh ./src/init/fw-check.sh`" = "XPF" -a "X${ACTIVERESPONSE}" = "Xyes" ]; then
1188 if [ "X$INSTYPE" = "Xserver" ]; then
1190 echo " - ${addserveragent}"
1193 echo " $INSTALLDIR/bin/manage_agents"
1196 echo " http://www.ossec.net/en/manual.html#ma"
1199 elif [ "X$INSTYPE" = "Xagent" ]; then
1200 catMsg "0x104-client"
1201 echo " $INSTALLDIR/bin/manage_agents"
1204 echo " http://www.ossec.net/en/manual.html#ma"
1208 if [ "X$notmodified" = "Xyes" ]; then
1209 catMsg "0x105-noboot"
1210 echo " $INSTALLDIR/bin/ossec-control start"
1215 _f_cfg="./install.cfg.sh"
1217 if [ -f $_f_cfg ]; then
1221 ### Calling main function where everything happens
1225 if [ "x$HYBID" = "xgo" ]; then
1226 echo " --------------------------------------------"
1227 echo " Finishing Hybrid setup (agent configuration)"
1228 echo " --------------------------------------------"
1229 echo 'USER_LANGUAGE="en"' > ./etc/preloaded-vars.conf
1230 echo "" >> ./etc/preloaded-vars.conf
1231 echo 'USER_NO_STOP="y"' >> ./etc/preloaded-vars.conf
1232 echo "" >> ./etc/preloaded-vars.conf
1233 echo 'USER_INSTALL_TYPE="agent"' >> ./etc/preloaded-vars.conf
1234 echo "" >> ./etc/preloaded-vars.conf
1235 echo "USER_DIR=\"$INSTALLDIR/ossec-agent\"" >> ./etc/preloaded-vars.conf
1236 echo "" >> ./etc/preloaded-vars.conf
1237 echo 'USER_ENABLE_ROOTCHECK="n"' >> ./etc/preloaded-vars.conf
1238 echo "" >> ./etc/preloaded-vars.conf
1239 echo 'USER_ENABLE_SYSCHECK="n"' >> ./etc/preloaded-vars.conf
1240 echo "" >> ./etc/preloaded-vars.conf
1241 echo 'USER_ENABLE_ACTIVE_RESPONSE="n"' >> ./etc/preloaded-vars.conf
1242 echo "" >> ./etc/preloaded-vars.conf
1243 echo 'USER_UPDATE="n"' >> ./etc/preloaded-vars.conf
1244 echo "" >> ./etc/preloaded-vars.conf
1245 echo 'USER_UPDATE_RULES="n"' >> ./etc/preloaded-vars.conf
1246 echo "" >> ./etc/preloaded-vars.conf
1247 echo 'USER_CLEANINSTALL="y"' >> ./etc/preloaded-vars.conf
1248 echo "" >> ./etc/preloaded-vars.conf