2 # ossec-control This shell script takes care of starting
3 # or stopping ossec-hids
4 # Author: Daniel B. Cid <daniel.cid@gmail.com>
6 # Getting where we are installed
11 PLIST=${DIR}/bin/.process_list;
13 ### Do not modify below here ###
15 # Getting additional processes
16 ls -la ${PLIST} > /dev/null 2>&1
23 DAEMONS="ossec-monitord ossec-logcollector ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}"
25 ## Locking for the start/stop
26 LOCK="${DIR}/var/start-script-lock"
27 LOCK_PID="${LOCK}/pid"
29 # This number should be more than enough (even if it is
30 # started multiple times together). It will try for up
31 # to 10 attempts (or 10 seconds) to execute.
35 for i in ${DAEMONS}; do
36 for j in `cat ${DIR}/var/run/${i}*.pid 2>/dev/null`; do
37 ps -p $j |grep ossec >/dev/null 2>&1
39 echo "Deleting PID file '${DIR}/var/run/${i}-${j}.pid' not used..."
40 rm ${DIR}/var/run/${i}-${j}.pid
51 mkdir ${LOCK} > /dev/null 2>&1
53 if [ "${MSL}" = "0" ]; then
54 # Lock acquired (setting the pid)
55 echo "$$" > ${LOCK_PID}
59 # Waiting 1 second before trying again
63 # If PID is not present, speed things a bit.
64 kill -0 `cat ${LOCK_PID}` >/dev/null 2>&1
70 # We tried 10 times to acquire the lock.
71 if [ "$i" = "${MAX_ITERATION}" ]; then
72 # Unlocking and executing
74 mkdir ${LOCK} > /dev/null 2>&1
75 echo "$$" > ${LOCK_PID}
90 echo "Usage: $0 {start|stop|restart|status|enable|disable}";
94 # Enables additional daemons
97 if [ "X$2" = "X" ]; then
99 echo "Enable options: database, client-syslog, agentless, debug"
100 echo "Usage: $0 enable [database|client-syslog|agentless|debug]"
104 if [ "X$2" = "Xdatabase" ]; then
105 echo "DB_DAEMON=ossec-dbd" >> ${PLIST};
106 elif [ "X$2" = "Xclient-syslog" ]; then
107 echo "CSYSLOG_DAEMON=ossec-csyslogd" >> ${PLIST};
108 elif [ "X$2" = "Xagentless" ]; then
109 echo "AGENTLESS_DAEMON=ossec-agentlessd" >> ${PLIST};
110 elif [ "X$2" = "Xdebug" ]; then
111 echo "DEBUG_CLI=\"-d\"" >> ${PLIST};
114 echo "Invalid enable option."
116 echo "Enable options: database, client-syslog, agentless, debug"
117 echo "Usage: $0 enable [database|client-syslog|agentless|debug]"
122 # Disables additional daemons
125 if [ "X$2" = "X" ]; then
127 echo "Disable options: database, client-syslog, agentless, debug"
128 echo "Usage: $0 disable [database|client-syslog|agentless,debug]"
132 if [ "X$2" = "Xdatabase" ]; then
133 echo "DB_DAEMON=\"\"" >> ${PLIST};
134 elif [ "X$2" = "Xclient-syslog" ]; then
135 echo "CSYSLOG_DAEMON=\"\"" >> ${PLIST};
136 elif [ "X$2" = "Xagentless" ]; then
137 echo "AGENTLESS_DAEMON=\"\"" >> ${PLIST};
138 elif [ "X$2" = "Xdebug" ]; then
139 echo "DEBUG_CLI=\"\"" >> ${PLIST};
142 echo "Invalid disable option."
144 echo "Disable options: database, client-syslog, agentless, debug"
145 echo "Usage: $0 disable [database|client-syslog|agentless|debug]"
153 for i in ${DAEMONS}; do
157 echo "${i} not running..."
159 echo "${i} is running..."
167 # We first loop to check the config
168 for i in ${SDAEMONS}; do
169 ${DIR}/bin/${i} -t ${DEBUG_CLI};
171 echo "${i}: Configuration error. Exiting"
180 SDAEMONS="${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON} ossec-maild ossec-execd ossec-analysisd ossec-logcollector ossec-syscheckd ossec-monitord"
182 echo "Starting $NAME $VERSION..."
183 echo | ${DIR}/bin/ossec-logtest > /dev/null 2>&1;
184 if [ ! $? = 0 ]; then
185 echo "ossec-analysisd: Configuration error. Exiting."
192 # We actually start them now.
193 for i in ${SDAEMONS}; do
196 ${DIR}/bin/${i} ${DEBUG_CLI};
198 echo "${i} did not start correctly.";
202 echo "Started ${i}..."
204 echo "${i} already running..."
208 # After we start we give 2 seconds for the daemons
209 # to internally create their PID files.
213 ls -la "${DIR}/ossec-agent/" >/dev/null 2>&1
216 echo "Starting sub agent directory (for hybrid mode)"
217 ${DIR}/ossec-agent/bin/ossec-control start
228 if [ "X${pfile}" = "X" ]; then
232 ls ${DIR}/var/run/${pfile}*.pid > /dev/null 2>&1
234 for j in `cat ${DIR}/var/run/${pfile}*.pid 2>/dev/null`; do
235 ps -p $j |grep ossec >/dev/null 2>&1
236 if [ ! $? = 0 ]; then
237 echo "${pfile}: Process $j not used by ossec, removing .."
238 rm -f ${DIR}/var/run/${pfile}-$j.pid
242 kill -0 $j > /dev/null 2>&1
256 for i in ${DAEMONS}; do
259 echo "Killing ${i} .. ";
260 kill `cat ${DIR}/var/run/${i}*.pid`;
262 echo "${i} not running ..";
264 rm -f ${DIR}/var/run/${i}*.pid
269 ls -la "${DIR}/ossec-agent/" >/dev/null 2>&1
272 echo "Stopping sub agent directory (for hybrid mode)"
273 ${DIR}/ossec-agent/bin/ossec-control stop
275 echo "$NAME $VERSION Stopped"