mirror of https://github.com/MISP/MISP
Merge pull request #6187 from SteveClement/guides
commit
252cc8e527
|
@ -0,0 +1,18 @@
|
|||
module my-startsh 1.0;
|
||||
|
||||
require {
|
||||
type httpd_sys_script_exec_t;
|
||||
type init_t;
|
||||
type httpd_sys_rw_content_t;
|
||||
class file { execute execute_no_trans open read };
|
||||
}
|
||||
|
||||
#============= init_t ==============
|
||||
|
||||
#!!!! This avc is allowed in the current policy
|
||||
allow init_t httpd_sys_rw_content_t:file execute;
|
||||
allow init_t httpd_sys_rw_content_t:file { open read };
|
||||
allow init_t httpd_sys_script_exec_t:file execute_no_trans;
|
||||
|
||||
#!!!! This avc is allowed in the current policy
|
||||
allow init_t httpd_sys_script_exec_t:file { execute open read };
|
|
@ -169,6 +169,7 @@ yumInstallCoreDeps () {
|
|||
rh-php72-php-xml \
|
||||
rh-php72-php-bcmath \
|
||||
rh-php72-php-opcache \
|
||||
rh-php72-php-zip \
|
||||
rh-php72-php-gd -y
|
||||
|
||||
# Python 3.6 is now available in RHEL 7.7 base
|
||||
|
|
|
@ -134,7 +134,9 @@ yumInstallCoreDeps () {
|
|||
mariadb-server \
|
||||
python3-devel python3-pip python3-virtualenv \
|
||||
python3-policycoreutils \
|
||||
libxslt-devel zlib-devel ssdeep-devel -y
|
||||
policycoreutils-python-utils \
|
||||
libxslt-devel zlib-devel -y
|
||||
# ssdeep-devel available: dnf install https://extras.getpagespeed.com/release-el8-latest.rpm
|
||||
sudo alternatives --set python /usr/bin/python3
|
||||
|
||||
# Enable and start redis
|
||||
|
@ -148,6 +150,7 @@ yumInstallCoreDeps () {
|
|||
php-bcmath \
|
||||
php-opcache \
|
||||
php-json \
|
||||
php-zip \
|
||||
php-gd -y
|
||||
}
|
||||
# <snippet-end 0_yumInstallCoreDeps.sh>
|
||||
|
@ -165,14 +168,7 @@ yumInstallCoreDeps () {
|
|||
sudo systemctl enable --now php-fpm.service
|
||||
```
|
||||
|
||||
```bash
|
||||
# <snippet-begin 0_yumInstallHaveged.sh>
|
||||
# GPG needs lots of entropy, haveged provides entropy
|
||||
# /!\ Only do this if you're not running rngd to provide randomness and your kernel randomness is not sufficient.
|
||||
sudo yum install haveged -y
|
||||
sudo systemctl enable --now haveged.service
|
||||
# <snippet-end 0_yumInstallHaveged.sh>
|
||||
```
|
||||
TODO: Add a CentOS/RHEL rng thing, à la haveged (not in base anymore) or similar.
|
||||
|
||||
### 3/ MISP code
|
||||
## 3.01/ Download MISP code using git in /var/www/ directory
|
||||
|
@ -268,7 +264,8 @@ installCoreRHEL () {
|
|||
echo /var/www/MISP/app/files/scripts/lief/build/api/python |$SUDO_WWW tee /var/www/MISP/venv/lib/python3.6/site-packages/lief.pth
|
||||
|
||||
# install magic, pydeep
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git plyara
|
||||
##$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git plyara
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic plyara
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
|
@ -688,7 +685,7 @@ Make the workers' script executable and reload the systemd units :
|
|||
```bash
|
||||
sudo chmod +x /var/www/MISP/app/Console/worker/start.sh
|
||||
sudo systemctl daemon-reload
|
||||
sudo checkmodule -M -m -o /tmp/workerstartsh.mod $PATH_TO_MISP/INSTALL/worker/startsh.te
|
||||
sudo checkmodule -M -m -o /tmp/workerstartsh.mod $PATH_TO_MISP/INSTALL/workerstartsh.te
|
||||
sudo semodule_package -o /tmp/workerstartsh.pp -m /tmp/workerstartsh.mod
|
||||
sudo semodule -i /tmp/workerstartsh.pp
|
||||
```
|
||||
|
|
|
@ -114,7 +114,7 @@ installDepsPhp72 () {
|
|||
libapache2-mod-php \
|
||||
php php-cli \
|
||||
php-dev \
|
||||
php-json php-xml php-mysql php7.2-opcache php-readline php-mbstring \
|
||||
php-json php-xml php-mysql php7.2-opcache php-readline php-mbstring php-zip \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
|
||||
|
|
|
@ -114,7 +114,7 @@ installDepsPhp74 () {
|
|||
libapache2-mod-php \
|
||||
php php-cli \
|
||||
php-dev \
|
||||
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
|
||||
php-json php-xml php-mysql php-opcache php-readline php-mbstring php-zip \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
|
||||
|
|
|
@ -648,7 +648,7 @@ installDepsPhp70 () {
|
|||
libapache2-mod-php \
|
||||
php php-cli \
|
||||
php-dev \
|
||||
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
|
||||
php-json php-xml php-mysql php-opcache php-readline php-mbstring php-zip \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
|
||||
|
|
|
@ -253,7 +253,7 @@ doas pkg_add -v fcgi-cgi fcgi
|
|||
If on OpenBSD 6.3, upgrade to 6.7 to make your life much easier.
|
||||
|
||||
```
|
||||
doas pkg_add -v php-mysqli--%7.4 php-pcntl--%7.4 php-pdo_mysql--%7.4 php-apache--%7.4 pecl74-redis php-gd--%7.4
|
||||
doas pkg_add -v php-mysqli--%7.4 php-pcntl--%7.4 php-pdo_mysql--%7.4 php-apache--%7.4 pecl74-redis php-gd--%7.4 php-zip--%7.4
|
||||
```
|
||||
|
||||
#### /etc/php-7.4.ini
|
||||
|
|
|
@ -97,7 +97,7 @@ sudo yum install gcc git zip \
|
|||
libxslt-devel zlib-devel ssdeep-devel -y
|
||||
|
||||
# Install PHP 7.0 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-php70/
|
||||
sudo yum install rh-php70 rh-php70-php-fpm rh-php70-php-devel rh-php70-php-mysqlnd rh-php70-php-mbstring rh-php70-php-xml rh-php70-php-bcmath rh-php70-php-gd
|
||||
sudo yum install rh-php70 rh-php70-php-fpm rh-php70-php-devel rh-php70-php-mysqlnd rh-php70-php-mbstring rh-php70-php-xml rh-php70-php-bcmath rh-php70-php-gd rh-php70-php-zip
|
||||
|
||||
# Install Python 3.6 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-python36/
|
||||
sudo yum install rh-python36 -y
|
||||
|
|
|
@ -93,7 +93,7 @@ sudo yum install gcc git zip \
|
|||
libxslt-devel zlib-devel ssdeep-devel -y
|
||||
|
||||
# Install PHP 7.2 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-php72/
|
||||
sudo yum install rh-php72 rh-php72-php-fpm rh-php72-php-devel rh-php72-php-mysqlnd rh-php72-php-mbstring rh-php72-php-xml rh-php72-php-bcmath rh-php72-php-opcache rh-php72-php-gd -y
|
||||
sudo yum install rh-php72 rh-php72-php-fpm rh-php72-php-devel rh-php72-php-mysqlnd rh-php72-php-mbstring rh-php72-php-xml rh-php72-php-bcmath rh-php72-php-opcache rh-php72-php-gd rh-php72-php-zip -y
|
||||
|
||||
# Python 3.6 in now available in CentOS 7.7 base
|
||||
sudo yum install python3 python3-devel -y
|
||||
|
|
|
@ -66,7 +66,7 @@ python3-setuptools python3-dev python3-pip python3-redis python3-zmq virtualenv
|
|||
mariadb-client \
|
||||
mariadb-server \
|
||||
apache2 apache2-doc apache2-utils \
|
||||
libapache2-mod-php7.3 php7.3 php7.3-cli php7.3-mbstring php7.3-dev php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php-redis php-gnupg php-gd \
|
||||
libapache2-mod-php7.3 php7.3 php7.3-cli php7.3-mbstring php7.3-dev php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php-redis php-gnupg php-gd php-zip \
|
||||
libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor \
|
||||
jq ntp ntpdate jupyter-notebook imagemagick tesseract-ocr \
|
||||
libxml2-dev libxslt1-dev zlib1g-dev -y
|
||||
|
|
|
@ -91,7 +91,7 @@ jq ntp ntpdate imagemagick tesseract-ocr \
|
|||
libxml2-dev libxslt1-dev zlib1g-dev \
|
||||
net-tools -qqy
|
||||
|
||||
sudo apt install libapache2-mod-php php php-cli php-mbstring php-dev php-json php-xml php-mysql php7.0-opcache php-readline php-redis php-gnupg php-gd -qqy
|
||||
sudo apt install libapache2-mod-php php php-cli php-mbstring php-dev php-json php-xml php-mysql php7.0-opcache php-readline php-redis php-gnupg php-gd php-zip -qqy
|
||||
|
||||
sudo apt install \
|
||||
mariadb-client \
|
||||
|
|
|
@ -141,7 +141,7 @@ Also make sure the variable ${VIRT_USER} is set to the user you created when you
|
|||
|
||||
#### Install PHP and dependencies
|
||||
```bash
|
||||
sudo apt-get install libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php-opcache php-readline php-redis php-xml php-mbstring php-gd -y
|
||||
sudo apt-get install libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php-opcache php-readline php-redis php-xml php-mbstring php-gd php-zip -y
|
||||
```
|
||||
|
||||
# Apply all changes
|
||||
|
|
Loading…
Reference in New Issue