mirror of https://github.com/MISP/MISP
chg: [doc] Better handling of sudoers
parent
2ecb633a5c
commit
331136ae34
|
@ -207,6 +207,7 @@ installSupported () {
|
|||
|
||||
# Check if sudo is installed and etckeeper - functionLocation('generic/sudo_etckeeper.md')
|
||||
[[ -n $CORE ]] || [[ -n $ALL ]] && checkSudoKeeper 2> /dev/null > /dev/null
|
||||
[[ ! -z ${MISP_USER} ]] && [[ ! -f /etc/sudoers.d/misp ]] && echo "%${MISP_USER} ALL=(ALL:ALL) NOPASSWD:ALL" |sudo tee /etc/sudoers.d/misp
|
||||
progress 4
|
||||
|
||||
# Set locale if not set - functionLocation('generic/supportFunctions.md')
|
||||
|
|
|
@ -18,7 +18,7 @@ curl -fsSL https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh |
|
|||
### 0/ MISP Ubuntu 18.04-server install - status
|
||||
-------------------------
|
||||
!!! notice
|
||||
Installer tested working by [@SteveClement](https://twitter.com/SteveClement) on 20190420 (works with **Ubuntu 18.10/19.04** too)
|
||||
Installer tested working by [@SteveClement](https://twitter.com/SteveClement) on 20190513 (works with **Ubuntu 18.10/19.04** too)
|
||||
|
||||
!!! notice
|
||||
This document also serves as a source for the [INSTALL-misp.sh](https://github.com/MISP/MISP/blob/2.4/INSTALL/INSTALL.sh) script.
|
||||
|
@ -89,7 +89,6 @@ installCoreDeps () {
|
|||
# install Mitre's STIX and its dependencies by running the following commands:
|
||||
sudo apt-get install python3-dev python3-pip libxml2-dev libxslt1-dev zlib1g-dev python-setuptools -qy
|
||||
|
||||
sudo apt-get install python3-pip -qy
|
||||
sudo apt install expect -qy
|
||||
}
|
||||
# <snippet-end 0_installCoreDeps.sh>
|
||||
|
@ -272,12 +271,13 @@ EOF
|
|||
sudo apt-get purge -y expect ; sudo apt autoremove -qy
|
||||
fi
|
||||
|
||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
|
||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
|
||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant all privileges on $DBNAME.* to '$DBUSER_MISP'@'localhost';"
|
||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "CREATE DATABASE ${DBNAME};"
|
||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "CREATE USER ${DBUSER_MISP} IDENTIFIED BY '${DBPASSWORD_MISP}';"
|
||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "GRANT USAGE ON *.* to ${DBNAME}@localhost;"
|
||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "GRANT ALL PRIVILEGES on ${DBNAME}.* to '${DBUSER_MISP}'@'localhost';"
|
||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "FLUSH PRIVILEGES;"
|
||||
# Import the empty MISP database from MYSQL.sql
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
$SUDO_WWW cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u ${DBUSER_MISP} -p${DBPASSWORD_MISP} ${DBNAME}
|
||||
}
|
||||
# <snippet-end 1_prepareDB.sh>
|
||||
```
|
||||
|
|
|
@ -11,9 +11,9 @@ checkSudoKeeper () {
|
|||
su -c "apt install etckeeper -y"
|
||||
echo "Please enter your root password below to install sudo"
|
||||
su -c "apt install sudo -y"
|
||||
echo "Please enter your root password below to add $MISP_USER to sudo group"
|
||||
su -c "adduser $MISP_USER sudo"
|
||||
echo "We added $MISP_USER to group sudo and now we need to log out and in again."
|
||||
echo "Please enter your root password below to add ${MISP_USER} to sudo group"
|
||||
su -c "adduser ${MISP_USER} sudo"
|
||||
echo "We added ${MISP_USER} to group sudo and now we need to log out and in again."
|
||||
exit
|
||||
else
|
||||
sudo apt update
|
||||
|
@ -44,8 +44,10 @@ checkUsrLocalSrc () {
|
|||
echo "/usr/local/src does not exist, creating."
|
||||
mkdir -p /usr/local/src
|
||||
sudo chmod 2775 /usr/local/src
|
||||
# FIXME: This might fail on distros with no staff user
|
||||
sudo chown root:staff /usr/local/src
|
||||
# TODO: Better handling /usr/local/src permissions
|
||||
if [[ "$(cat /etc/group |grep staff > /dev/null 2>&1)" == "0" ]]; then
|
||||
sudo chown root:staff /usr/local/src
|
||||
fi
|
||||
fi
|
||||
}
|
||||
# <snippet-end add-user.sh>
|
||||
|
|
Loading…
Reference in New Issue