297 lines
13 KiB
Diff
297 lines
13 KiB
Diff
diff --git a/install.sh b/install.sh
|
|
index 387bde1a..cb6dcbf2 100755
|
|
--- a/install.sh
|
|
+++ b/install.sh
|
|
@@ -126,14 +126,14 @@ Install()
|
|
# Generate the /etc/ossec-init.conf
|
|
VERSION_FILE="./src/VERSION"
|
|
VERSION=`cat ${VERSION_FILE}`
|
|
- chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
|
|
- echo "DIRECTORY=\"${INSTALLDIR}\"" > ${OSSEC_INIT}
|
|
- echo "VERSION=\"${VERSION}\"" >> ${OSSEC_INIT}
|
|
- echo "DATE=\"`date`\"" >> ${OSSEC_INIT}
|
|
- echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT}
|
|
- chmod 600 ${OSSEC_INIT}
|
|
- cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
|
|
- chmod 640 ${INSTALLDIR}${OSSEC_INIT}
|
|
+ # chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
|
|
+ # echo "DIRECTORY=\"${INSTALLDIR}\"" > ${OSSEC_INIT}
|
|
+ # echo "VERSION=\"${VERSION}\"" >> ${OSSEC_INIT}
|
|
+ # echo "DATE=\"`date`\"" >> ${OSSEC_INIT}
|
|
+ # echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT}
|
|
+ # chmod 600 ${OSSEC_INIT}
|
|
+ # cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
|
|
+ # chmod 640 ${INSTALLDIR}${OSSEC_INIT}
|
|
|
|
|
|
# If update_rules is set, we need to tweak
|
|
@@ -148,12 +148,12 @@ Install()
|
|
fi
|
|
|
|
# Calling the init script to start ossec hids during boot
|
|
- if [ "X${update_only}" = "X" ]; then
|
|
- runInit
|
|
- if [ $? = 1 ]; then
|
|
- notmodified="yes"
|
|
- fi
|
|
- fi
|
|
+ # if [ "X${update_only}" = "X" ]; then
|
|
+ # runInit
|
|
+ # if [ $? = 1 ]; then
|
|
+ # notmodified="yes"
|
|
+ # fi
|
|
+ # fi
|
|
|
|
}
|
|
|
|
@@ -965,10 +965,10 @@ main()
|
|
catError "0x1-location";
|
|
fi
|
|
|
|
- # Must be root
|
|
- if [ ! "X$ME" = "Xroot" ]; then
|
|
- catError "0x2-beroot";
|
|
- fi
|
|
+ # # Must be root
|
|
+ # if [ ! "X$ME" = "Xroot" ]; then
|
|
+ # catError "0x2-beroot";
|
|
+ # fi
|
|
|
|
# Checking dependencies
|
|
checkDependencies
|
|
diff --git a/src/Makefile b/src/Makefile
|
|
index 7fc04c0b..0eb27a0a 100644
|
|
--- a/src/Makefile
|
|
+++ b/src/Makefile
|
|
@@ -144,7 +144,7 @@ endif
|
|
ifeq (${uname_S},AIX)
|
|
INSTALL_CMD?=./install-shim-aix.ksh -m $(1) -o $(2) -g $(3)
|
|
else
|
|
- INSTALL_CMD?=install -m $(1) -o $(2) -g $(3)
|
|
+ INSTALL_CMD?=install
|
|
endif
|
|
|
|
ifdef DEBUGAD
|
|
@@ -404,10 +404,10 @@ endif
|
|
install: install-${TARGET}
|
|
|
|
install-agent: install-common
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-agentd ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) agent-auth ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-agentd ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) agent-auth ${PREFIX}/bin
|
|
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue/rids
|
|
|
|
install-local: install-server-generic
|
|
|
|
@@ -416,133 +416,126 @@ install-hybrid: install-server-generic
|
|
install-server: install-server-generic
|
|
|
|
install-common: build
|
|
- ./init/adduser.sh ${OSSEC_USER} ${OSSEC_USER_MAIL} ${OSSEC_USER_REM} ${OSSEC_GROUP} ${PREFIX}
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs
|
|
- $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/ossec.log
|
|
-
|
|
- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-logcollector ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-syscheckd ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-execd ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) manage_agents ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ../contrib/util.sh ${PREFIX}/bin/
|
|
- $(call INSTALL_CMD,0550,root,0) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-logcollector ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-syscheckd ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-execd ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) manage_agents ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ../contrib/util.sh ${PREFIX}/bin/
|
|
+ $(call INSTALL_CMD) ${OSSEC_CONTROL_SRC} ${PREFIX}/bin/ossec-control
|
|
|
|
ifeq (${LUA_ENABLE},yes)
|
|
- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua
|
|
- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/native
|
|
- $(call INSTALL_CMD,0550,root,0) -d ${PREFIX}/lua/compiled
|
|
- $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
|
|
- $(call INSTALL_CMD,0550,root,0) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/lua
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/lua/native
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/lua/compiled
|
|
+ $(call INSTALL_CMD) ${EXTERNAL_LUA}src/ossec-lua ${PREFIX}/bin/
|
|
+ $(call INSTALL_CMD) ${EXTERNAL_LUA}src/ossec-luac ${PREFIX}/bin/
|
|
endif
|
|
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/queue
|
|
- $(call INSTALL_CMD,0770,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/alerts
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/ossec
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/syscheck
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/diff
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue/alerts
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue/ossec
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue/syscheck
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue/diff
|
|
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/etc
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/etc
|
|
ifeq (${INSTALL_LOCALTIME},yes)
|
|
- $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/localtime ${PREFIX}/etc
|
|
+ $(call INSTALL_CMD) /etc/localtime ${PREFIX}/etc
|
|
endif
|
|
ifeq (${INSTALL_RESOLVCONF},yes)
|
|
- $(call INSTALL_CMD,0440,root,${OSSEC_GROUP}) /etc/resolv.conf ${PREFIX}/etc
|
|
+ $(call INSTALL_CMD) /etc/resolv.conf ${PREFIX}/etc
|
|
endif
|
|
|
|
- $(call INSTALL_CMD,1550,root,${OSSEC_GROUP}) -d ${PREFIX}/tmp
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/tmp
|
|
|
|
ifneq (,$(wildcard /etc/TIMEZONE))
|
|
- $(call INSTALL_CMD,440,root,${OSSEC_GROUP}) /etc/TIMEZONE ${PREFIX}/etc/
|
|
+ $(call INSTALL_CMD) /etc/TIMEZONE ${PREFIX}/etc/
|
|
endif
|
|
# Solaris Needs some extra files
|
|
ifeq (${uname_S},SunOS)
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/usr/share/lib/zoneinfo/
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/usr/share/lib/zoneinfo/
|
|
cp -r /usr/share/lib/zoneinfo/* ${PREFIX}/usr/share/lib/zoneinfo/
|
|
endif
|
|
- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/internal_options.conf ${PREFIX}/etc/
|
|
+ $(call INSTALL_CMD) -b ../etc/internal_options.conf ${PREFIX}/etc/
|
|
ifeq (,$(wildcard ${PREFIX}/etc/local_internal_options.conf))
|
|
- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
|
|
+ $(call INSTALL_CMD) ../etc/local_internal_options.conf ${PREFIX}/etc/local_internal_options.conf
|
|
endif
|
|
ifeq (,$(wildcard ${PREFIX}/etc/client.keys))
|
|
- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) /dev/null ${PREFIX}/etc/client.keys
|
|
+ $(call INSTALL_CMD) /dev/null ${PREFIX}/etc/client.keys
|
|
endif
|
|
ifeq (,$(wildcard ${PREFIX}/etc/ossec.conf))
|
|
ifneq (,$(wildcard ../etc/ossec.mc))
|
|
- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
|
|
+ $(call INSTALL_CMD) ../etc/ossec.mc ${PREFIX}/etc/ossec.conf
|
|
else
|
|
- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
|
|
+ $(call INSTALL_CMD) ${OSSEC_CONF_SRC} ${PREFIX}/etc/ossec.conf
|
|
endif
|
|
endif
|
|
|
|
- $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/etc/shared
|
|
- $(call INSTALL_CMD,0640,${OSSEC_USER},${OSSEC_GROUP}) rootcheck/db/*.txt ${PREFIX}/etc/shared/
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/etc/shared
|
|
+ $(call INSTALL_CMD) rootcheck/db/*.txt ${PREFIX}/etc/shared/
|
|
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/active-response/bin
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/agentless
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) agentlessd/scripts/* ${PREFIX}/agentless/
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/active-response
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/active-response/bin
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/agentless
|
|
+ $(call INSTALL_CMD) agentlessd/scripts/* ${PREFIX}/agentless/
|
|
|
|
- $(call INSTALL_CMD,0700,root,${OSSEC_GROUP}) -d ${PREFIX}/.ssh
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/.ssh
|
|
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/*.sh ${PREFIX}/active-response/bin/
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
|
|
+ $(call INSTALL_CMD) ../active-response/*.sh ${PREFIX}/active-response/bin/
|
|
+ $(call INSTALL_CMD) ../active-response/firewalls/*.sh ${PREFIX}/active-response/bin/
|
|
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/var
|
|
- $(call INSTALL_CMD,0770,root,${OSSEC_GROUP}) -d ${PREFIX}/var/run
|
|
-
|
|
- ./init/fw-check.sh execute
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/var
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/var/run
|
|
|
|
|
|
|
|
install-server-generic: install-common
|
|
- $(call INSTALL_CMD,0660,${OSSEC_USER},${OSSEC_GROUP}) /dev/null ${PREFIX}/logs/active-responses.log
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/archives
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/alerts
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/logs/firewall
|
|
-
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-agentlessd ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-analysisd ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-monitord ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-reportd ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-maild ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-remoted ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-logtest ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-csyslogd ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-authd ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-dbd ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-makelists ${PREFIX}/bin
|
|
- $(call INSTALL_CMD,0550,root,0) verify-agent-conf ${PREFIX}/bin/
|
|
- $(call INSTALL_CMD,0550,root,0) clear_stats ${PREFIX}/bin/
|
|
- $(call INSTALL_CMD,0550,root,0) list_agents ${PREFIX}/bin/
|
|
- $(call INSTALL_CMD,0550,root,0) ossec-regex ${PREFIX}/bin/
|
|
- $(call INSTALL_CMD,0550,root,0) syscheck_update ${PREFIX}/bin/
|
|
- $(call INSTALL_CMD,0550,root,0) agent_control ${PREFIX}/bin/
|
|
- $(call INSTALL_CMD,0550,root,0) syscheck_control ${PREFIX}/bin/
|
|
- $(call INSTALL_CMD,0550,root,0) rootcheck_control ${PREFIX}/bin/
|
|
-
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/stats
|
|
- $(call INSTALL_CMD,0550,root,${OSSEC_GROUP}) -d ${PREFIX}/rules
|
|
+ $(call INSTALL_CMD) /dev/null ${PREFIX}/logs/active-responses.log
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/logs/archives
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/logs/alerts
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/logs/firewall
|
|
+
|
|
+ $(call INSTALL_CMD) ossec-agentlessd ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-analysisd ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-monitord ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-reportd ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-maild ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-remoted ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-logtest ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-csyslogd ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-authd ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-dbd ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) ossec-makelists ${PREFIX}/bin
|
|
+ $(call INSTALL_CMD) verify-agent-conf ${PREFIX}/bin/
|
|
+ $(call INSTALL_CMD) clear_stats ${PREFIX}/bin/
|
|
+ $(call INSTALL_CMD) list_agents ${PREFIX}/bin/
|
|
+ $(call INSTALL_CMD) ossec-regex ${PREFIX}/bin/
|
|
+ $(call INSTALL_CMD) syscheck_update ${PREFIX}/bin/
|
|
+ $(call INSTALL_CMD) agent_control ${PREFIX}/bin/
|
|
+ $(call INSTALL_CMD) syscheck_control ${PREFIX}/bin/
|
|
+ $(call INSTALL_CMD) rootcheck_control ${PREFIX}/bin/
|
|
+
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/stats
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/rules
|
|
ifneq (,$(wildcard ${PREFIX}/rules/local_rules.xml))
|
|
cp ${PREFIX}/rules/local_rules.xml ${PREFIX}/rules/local_rules.xml.installbackup
|
|
- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
|
|
- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
|
|
+ $(call INSTALL_CMD) -b ../etc/rules/*.xml ${PREFIX}/rules
|
|
+ $(call INSTALL_CMD) ${PREFIX}/rules/local_rules.xml.installbackup ${PREFIX}/rules/local_rules.xml
|
|
rm ${PREFIX}/rules/local_rules.xml.installbackup
|
|
else
|
|
- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) -b ../etc/rules/*.xml ${PREFIX}/rules
|
|
+ $(call INSTALL_CMD) -b ../etc/rules/*.xml ${PREFIX}/rules
|
|
endif
|
|
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/fts
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue/fts
|
|
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/rootcheck
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue/rootcheck
|
|
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/agent-info
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER},${OSSEC_GROUP}) -d ${PREFIX}/queue/agentless
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue/agent-info
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue/agentless
|
|
|
|
- $(call INSTALL_CMD,0750,${OSSEC_USER_REM},${OSSEC_GROUP}) -d ${PREFIX}/queue/rids
|
|
+ $(call INSTALL_CMD) -d ${PREFIX}/queue/rids
|
|
|
|
- $(call INSTALL_CMD,0640,root,${OSSEC_GROUP}) ../etc/decoder.xml ${PREFIX}/etc/
|
|
+ $(call INSTALL_CMD) ../etc/decoder.xml ${PREFIX}/etc/
|
|
|
|
rm -f ${PREFIX}/etc/shared/merged.mg
|
|
|