2 # postinst script for bind9-cn
4 # see: dh_installdeb(1)
8 # summary of how this script can be called:
9 # * <postinst> `configure' <most-recently-configured-version>
10 # * <old-postinst> `abort-upgrade' <new version>
11 # * <conflictor's-postinst> `abort-remove' `in-favour' <package>
13 # * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
14 # <failed-install-package> <version> `removing'
15 # <conflicting-package> <version>
16 # for details, see http://www.debian.org/doc/debian-policy/ or
17 # the debian-policy package
21 configure|reconfigure)
31 . /usr/share/carnet-tools/functions.sh
33 # get installation directory
34 if [ -e /etc/ossec-init.conf ]; then
35 . /etc/ossec-init.conf
37 if [ "X${DIRECTORY}" = "X" ]; then
38 DIRECTORY="/var/ossec"
42 if [ ! -d "$DIRECTORY/rules" ]; then
43 echo "CN: There is no "$DIRECTORY/rules" directory, exiting..."
44 echo "CN: Please reinstall ossec-hids package"
48 # find first available sid
49 local_rules="$DIRECTORY/rules/local_rules.xml"
54 /<rule id="[0-9]*".*>/ {
62 if [ -e "$local_rules" ]; then
63 sid=$(awk "$script" "$local_rules")
65 if [ -z "$sid" ]; then
69 # update local rules with our policy
70 if [ -e "$local_rules" ]; then
71 cp "$local_rules" "$local_rules.$$"
73 touch "$local_rules.$$"
76 cp-update --comment '<!--' --comment-end '-->' \
77 ossec-hids-cn "$local_rules.$$" <<EOF
79 <rule id="$(expr "$sid" + 1)" level="0">
82 <description>Events ignored</description>
85 <rule id="$(expr "$sid" + 2)" level="0">
87 <program_name>^sophie|^smartd</program_name>
88 <description>Ignore Sophie/SMARTd</description>
91 <rule id="$(expr "$sid" + 3)" level="0">
93 <description>Events ignored</description>
96 <rule id="$(expr "$sid" + 4)" level="0">
98 <description>Ignore blacklisted mail</description>
101 <rule id="$(expr "$sid" + 5)" level="0">
102 <if_sid>1002</if_sid>
104 <program_name>^named</program_name>
105 <description>Ignore BIND cache warnings</description>
108 <rule id="$(expr "$sid" + 6)" level="0">
109 <if_sid>2933</if_sid>
110 <match>Updated timestamp for job</match>
111 <program_name>^anacron</program_name>
112 <description>Ignore Anacron warnings</description>
116 cp_mv "$local_rules.$$" "$local_rules"
118 # and restart the service
119 service ossec-hids restart || true
121 # dh_installdeb will replace this with shell code automatically
122 # generated by other debhelper scripts.