tjh.dev
1diff -Naur ossec-hids-2.6-orig/install.sh ossec-hids-2.6/install.sh
2--- ossec-hids-2.6-orig/install.sh 2011-07-11 15:36:58.000000000 -0400
3+++ ossec-hids-2.6/install.sh 2012-07-09 09:58:57.970692818 -0400
4@@ -119,14 +119,14 @@
5 # Generate the /etc/ossec-init.conf
6 VERSION_FILE="./src/VERSION"
7 VERSION=`cat ${VERSION_FILE}`
8- chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
9- echo "DIRECTORY=\"${INSTALLDIR}\"" > ${OSSEC_INIT}
10- echo "VERSION=\"${VERSION}\"" >> ${OSSEC_INIT}
11- echo "DATE=\"`date`\"" >> ${OSSEC_INIT}
12- echo "TYPE=\"${INSTYPE}\"" >> ${OSSEC_INIT}
13- chmod 600 ${OSSEC_INIT}
14- cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
15- chmod 644 ${INSTALLDIR}${OSSEC_INIT}
16+ echo chmod 700 ${OSSEC_INIT} > /dev/null 2>&1
17+ echo "DIRECTORY=\"${INSTALLDIR}\"" > ${INSTALLDIR}${OSSEC_INIT}
18+ echo "VERSION=\"${VERSION}\"" >> ${INSTALLDIR}${OSSEC_INIT}
19+ echo "DATE=\"`date`\"" >> ${INSTALLDIR}${OSSEC_INIT}
20+ echo "TYPE=\"${INSTYPE}\"" >> ${INSTALLDIR}${OSSEC_INIT}
21+ echo chmod 600 ${OSSEC_INIT}
22+ echo cp -pr ${OSSEC_INIT} ${INSTALLDIR}${OSSEC_INIT}
23+ echo chmod 644 ${INSTALLDIR}${OSSEC_INIT}
24
25
26 # If update_rules is set, we need to tweak
27@@ -926,11 +926,6 @@
28 catError "0x1-location";
29 fi
30
31- # Must be root
32- if [ ! "X$ME" = "Xroot" ]; then
33- catError "0x2-beroot";
34- fi
35-
36 # Checking dependencies
37 checkDependencies
38
39diff -Naur ossec-hids-2.6-orig/src/InstallAgent.sh ossec-hids-2.6/src/InstallAgent.sh
40--- ossec-hids-2.6-orig/src/InstallAgent.sh 2011-07-11 15:36:58.000000000 -0400
41+++ ossec-hids-2.6/src/InstallAgent.sh 2012-07-09 09:56:12.061870552 -0400
42@@ -80,7 +80,7 @@
43 else
44 grep "^${USER}" /etc/passwd > /dev/null 2>&1
45 if [ ! $? = 0 ]; then
46- /usr/sbin/groupadd ${GROUP}
47+ echo /usr/sbin/groupadd ${GROUP}
48
49 # We first check if /sbin/nologin is present. If it is not,
50 # we look for bin/false. If none of them is present, we
51@@ -93,7 +93,7 @@
52 OSMYSHELL="/bin/false"
53 fi
54 fi
55- /usr/sbin/useradd -d ${DIR} -s ${OSMYSHELL} -g ${GROUP} ${USER}
56+ echo /usr/sbin/useradd -d ${DIR} -s ${OSMYSHELL} -g ${GROUP} ${USER}
57 fi
58 fi
59
60@@ -105,31 +105,31 @@
61 done
62
63 # Default for all directories
64-chmod -R 550 ${DIR}
65-chown -R root:${GROUP} ${DIR}
66+echo chmod -R 550 ${DIR}
67+echo chown -R root:${GROUP} ${DIR}
68
69 # To the ossec queue (default for agentd to read)
70-chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
71-chmod -R 770 ${DIR}/queue/ossec
72+echo chown -R ${USER}:${GROUP} ${DIR}/queue/ossec
73+echo chmod -R 770 ${DIR}/queue/ossec
74
75 # For the logging user
76-chown -R ${USER}:${GROUP} ${DIR}/logs
77-chmod -R 750 ${DIR}/logs
78-chmod -R 775 ${DIR}/queue/rids
79-touch ${DIR}/logs/ossec.log
80-chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
81-chmod 664 ${DIR}/logs/ossec.log
82-
83-chown -R ${USER}:${GROUP} ${DIR}/queue/diff
84-chmod -R 750 ${DIR}/queue/diff
85-chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1
86+echo chown -R ${USER}:${GROUP} ${DIR}/logs
87+echo chmod -R 750 ${DIR}/logs
88+echo chmod -R 775 ${DIR}/queue/rids
89+echo touch ${DIR}/logs/ossec.log
90+echo chown ${USER}:${GROUP} ${DIR}/logs/ossec.log
91+echo chmod 664 ${DIR}/logs/ossec.log
92+
93+echo chown -R ${USER}:${GROUP} ${DIR}/queue/diff
94+echo chmod -R 750 ${DIR}/queue/diff
95+echo chmod 740 ${DIR}/queue/diff/* "> /dev/null 2>&1"
96
97
98
99
100 # For the etc dir
101-chmod 550 ${DIR}/etc
102-chown -R root:${GROUP} ${DIR}/etc
103+echo chmod 550 ${DIR}/etc
104+echo chown -R root:${GROUP} ${DIR}/etc
105
106 ls /etc/localtime > /dev/null 2>&1
107 if [ $? = 0 ]; then
108@@ -167,25 +167,25 @@
109 cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1
110 cp -pr agentlessd/scripts/* ${DIR}/agentless/
111
112-chown root:${GROUP} ${DIR}/etc/internal_options.conf
113-chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1
114-chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1
115-chown root:${GROUP} ${DIR}/agentless/*
116-chown ${USER}:${GROUP} ${DIR}/.ssh
117-chown -R root:${GROUP} ${DIR}/etc/shared
118-
119-chmod 550 ${DIR}/etc
120-chmod 440 ${DIR}/etc/internal_options.conf
121-chmod 440 ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1
122-chmod 440 ${DIR}/etc/client.keys > /dev/null 2>&1
123-chmod -R 770 ${DIR}/etc/shared # ossec must be able to write to it
124-chmod 550 ${DIR}/agentless/*
125-chmod 700 ${DIR}/.ssh
126+echo chown root:${GROUP} ${DIR}/etc/internal_options.conf
127+echo chown root:${GROUP} ${DIR}/etc/local_internal_options.conf "> /dev/null 2>&1"
128+echo chown root:${GROUP} ${DIR}/etc/client.keys "> /dev/null 2>&1"
129+echo chown root:${GROUP} ${DIR}/agentless/*
130+echo chown ${USER}:${GROUP} ${DIR}/.ssh
131+echo chown -R root:${GROUP} ${DIR}/etc/shared
132+
133+echo chmod 550 ${DIR}/etc
134+echo chmod 440 ${DIR}/etc/internal_options.conf
135+echo chmod 440 ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1
136+echo chmod 440 ${DIR}/etc/client.keys > /dev/null 2>&1
137+echo chmod -R 770 ${DIR}/etc/shared # ossec must be able to write to it
138+echo chmod 550 ${DIR}/agentless/*
139+echo chmod 700 ${DIR}/.ssh
140
141
142 # For the /var/run
143-chmod 770 ${DIR}/var/run
144-chown root:${GROUP} ${DIR}/var/run
145+echo chmod 770 ${DIR}/var/run
146+echo chown root:${GROUP} ${DIR}/var/run
147
148
149 # Moving the binary files
150@@ -201,11 +201,11 @@
151 sh ./init/fw-check.sh execute > /dev/null
152 cp -pr ../active-response/*.sh ${DIR}/active-response/bin/
153 cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/
154-chmod 755 ${DIR}/active-response/bin/*
155-chown root:${GROUP} ${DIR}/active-response/bin/*
156+echo chmod 755 ${DIR}/active-response/bin/*
157+echo chown root:${GROUP} ${DIR}/active-response/bin/*
158
159-chown root:${GROUP} ${DIR}/bin/*
160-chmod 550 ${DIR}/bin/*
161+echo chown root:${GROUP} ${DIR}/bin/*
162+echo chmod 550 ${DIR}/bin/*
163
164
165 # Moving the config file
166@@ -221,8 +221,8 @@
167 else
168 cp -pr ../etc/ossec-agent.conf ${DIR}/etc/ossec.conf
169 fi
170-chown root:${GROUP} ${DIR}/etc/ossec.conf
171-chmod 440 ${DIR}/etc/ossec.conf
172+echo chown root:${GROUP} ${DIR}/etc/ossec.conf
173+echo chmod 440 ${DIR}/etc/ossec.conf
174
175
176