MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [installer] Update to latest

pull/7336/head
Steve Clement 2021-04-07 14:15:13 +09:00
parent 3c46dc2439
commit 46a3772a60
No known key found for this signature in database
GPG Key ID: 69A20F509BE4AEE9
6 changed files with 240 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

429
INSTALL/INSTALL.sh
View File

@ -1527,137 +1527,138 @@ configMISP () {
}
# Core cake commands to tweak MISP and aleviate some of the configuration pains
# The $RUN_PHP is ONLY set on RHEL/CentOS installs and can thus be ignored
# The ${RUN_PHP} is ONLY set on RHEL/CentOS installs and can thus be ignored
# This file is NOT an excuse to NOT read the settings and familiarize ourselves with them ;)
coreCAKE () {
debug "Running core Cake commands to set sane defaults for ${LBLUE}MISP${NC}"
# IF you have logged in prior to running this, it will fail but the fail is NON-blocking
$SUDO_WWW $RUN_PHP -- $CAKE userInit -q
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} userInit -q
# This makes sure all Database upgrades are done, without logging in.
$SUDO_WWW $RUN_PHP -- $CAKE Admin runUpdates
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin runUpdates
# The default install is Python >=3.6 in a virtualenv, setting accordingly
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python"
# Set default role
# TESTME: The following seem defunct, please test.
# $SUDO_WWW $RUN_PHP -- $CAKE setDefaultRole 3
# ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} setDefaultRole 3
# Tune global time outs
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Session.autoRegenerate" 0
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Session.timeout" 600
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Session.cookieTimeout" 3600
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Session.autoRegenerate" 0
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Session.timeout" 600
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Session.cookieTimeout" 3600
# Change base url, either with this CLI command or in the UI
[[ ! -z ${MISP_BASEURL} ]] && $SUDO_WWW $RUN_PHP -- $CAKE Baseurl $MISP_BASEURL
[[ ! -z ${MISP_BASEURL} ]] && ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Baseurl $MISP_BASEURL
# example: 'baseurl' => 'https://<your.FQDN.here>',
# alternatively, you can leave this field empty if you would like to use relative pathing in MISP
# 'baseurl' => '',
# The base url of the application (in the format https://www.mymispinstance.com) as visible externally/by other MISPs.
# MISP will encode this URL in sharing groups when including itself. If this value is not set, the baseurl is used as a fallback.
[[ ! -z ${MISP_BASEURL} ]] && $SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.external_baseurl" $MISP_BASEURL
[[ ! -z ${MISP_BASEURL} ]] && ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.external_baseurl" ${MISP_BASEURL}
# Enable GnuPG
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.email" "$GPG_EMAIL_ADDRESS"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.homedir" "$PATH_TO_MISP/.gnupg"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.password" "$GPG_PASSPHRASE"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.obscure_subject" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "GnuPG.email" "${GPG_EMAIL_ADDRESS}"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "GnuPG.homedir" "${PATH_TO_MISP}/.gnupg"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "GnuPG.password" "${GPG_PASSPHRASE}"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "GnuPG.obscure_subject" true
# FIXME: what if we have not gpg binary but a gpg2 one?
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.binary" "$(which gpg)"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "GnuPG.binary" "$(which gpg)"
# Enable installer org and tune some configurables
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.host_org_id" 1
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.email" "info@admin.test"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disable_emailing" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.contact" "info@admin.test"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disablerestalert" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.showCorrelationsOnIndex" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.default_event_tag_collection" 0
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.host_org_id" 1
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.email" "info@admin.test"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.disable_emailing" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.contact" "info@admin.test"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.disablerestalert" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.showCorrelationsOnIndex" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.default_event_tag_collection" 0
# Provisional Cortex tunes
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_services_enable" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_services_port" 9000
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_timeout" 120
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_authkey" ""
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_peer" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_host" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_ssl_allow_self_signed" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Cortex_services_enable" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Cortex_services_port" 9000
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Cortex_timeout" 120
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Cortex_authkey" ""
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Cortex_ssl_verify_peer" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Cortex_ssl_verify_host" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Cortex_ssl_allow_self_signed" true
# Various plugin sightings settings
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_policy" 0
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_anonymise" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_anonymise_as" 1
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_range" 365
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_sighting_db_enable" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Sightings_policy" 0
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Sightings_anonymise" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Sightings_anonymise_as" 1
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Sightings_range" 365
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Sightings_sighting_db_enable" false
# TODO: Fix the below list
# Set API_Required modules to false
for PLUG in $(echo "Plugin.Enrichment_cuckoo_submit_enabled
Plugin.Enrichment_vmray_submit_enabled
Plugin.Enrichment_circl_passivedns_enabled
Plugin.Enrichment_circl_passivessl_enabled
Plugin.Enrichment_domaintools_enabled
Plugin.Enrichment_eupi_enabled
Plugin.Enrichment_farsight_passivedns_enabled
Plugin.Enrichment_passivetotal_enabled
Plugin.Enrichment_passivetotal_enabled
Plugin.Enrichment_virustotal_enabled
Plugin.Enrichment_whois_enabled
Plugin.Enrichment_shodan_enabled
Plugin.Enrichment_geoip_asn_enabled
Plugin.Enrichment_geoip_city_enabled
Plugin.Enrichment_geoip_country_enabled
Plugin.Enrichment_iprep_enabled
Plugin.Enrichment_otx_enabled
Plugin.Enrichment_vulndb_enabled
Plugin.Enrichment_crowdstrike_falcon_enabled
Plugin.Enrichment_onyphe_enabled
Plugin.Enrichment_xforceexchange_enabled
Plugin.Enrichment_vulners_enabled
Plugin.Enrichment_macaddress_io_enabled
Plugin.Enrichment_intel471_enabled
Plugin.Enrichment_backscatter_io_enabled
Plugin.Enrichment_hibp_enabled
Plugin.Enrichment_greynoise_enabled
Plugin.Enrichment_joesandbox_submit_enabled
Plugin.Enrichment_virustotal_public_enabled
Plugin.Enrichment_apiosintds_enabled
Plugin.Enrichment_urlscan_enabled
Plugin.Enrichment_securitytrails_enabled
Plugin.Enrichment_apivoid_enabled
Plugin.Enrichment_assemblyline_submit_enabled
Plugin.Enrichment_assemblyline_query_enabled
Plugin.Enrichment_ransomcoindb_enabled
Plugin.Enrichment_lastline_query_enabled
Plugin.Enrichment_sophoslabs_intelix_enabled
Plugin.Enrichment_cytomic_orion_enabled
Plugin.Enrichment_censys_enrich_enabled
Plugin.Enrichment_trustar_enrich_enabled
Plugin.Enrichment_recordedfuture_enabled
Plugin.ElasticSearch_logging_enable
Plugin.S3_enable"); do
PLUGS=(Plugin.Enrichment_cuckoo_submit_enabled
Plugin.Enrichment_vmray_submit_enabled
Plugin.Enrichment_circl_passivedns_enabled
Plugin.Enrichment_circl_passivessl_enabled
Plugin.Enrichment_domaintools_enabled
Plugin.Enrichment_eupi_enabled
Plugin.Enrichment_farsight_passivedns_enabled
Plugin.Enrichment_passivetotal_enabled
Plugin.Enrichment_passivetotal_enabled
Plugin.Enrichment_virustotal_enabled
Plugin.Enrichment_whois_enabled
Plugin.Enrichment_shodan_enabled
Plugin.Enrichment_geoip_asn_enabled
Plugin.Enrichment_geoip_city_enabled
Plugin.Enrichment_geoip_country_enabled
Plugin.Enrichment_iprep_enabled
Plugin.Enrichment_otx_enabled
Plugin.Enrichment_vulndb_enabled
Plugin.Enrichment_crowdstrike_falcon_enabled
Plugin.Enrichment_onyphe_enabled
Plugin.Enrichment_xforceexchange_enabled
Plugin.Enrichment_vulners_enabled
Plugin.Enrichment_macaddress_io_enabled
Plugin.Enrichment_intel471_enabled
Plugin.Enrichment_backscatter_io_enabled
Plugin.Enrichment_hibp_enabled
Plugin.Enrichment_greynoise_enabled
Plugin.Enrichment_joesandbox_submit_enabled
Plugin.Enrichment_virustotal_public_enabled
Plugin.Enrichment_apiosintds_enabled
Plugin.Enrichment_urlscan_enabled
Plugin.Enrichment_securitytrails_enabled
Plugin.Enrichment_apivoid_enabled
Plugin.Enrichment_assemblyline_submit_enabled
Plugin.Enrichment_assemblyline_query_enabled
Plugin.Enrichment_ransomcoindb_enabled
Plugin.Enrichment_lastline_query_enabled
Plugin.Enrichment_sophoslabs_intelix_enabled
Plugin.Enrichment_cytomic_orion_enabled
Plugin.Enrichment_censys_enrich_enabled
Plugin.Enrichment_trustar_enrich_enabled
Plugin.Enrichment_recordedfuture_enabled
Plugin.ElasticSearch_logging_enable
Plugin.S3_enable)
for PLUG in "${PLUGS[@]}"; do
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting ${PLUG} false
done
# Plugin CustomAuth tuneable
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.CustomAuth_disable_logout" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.CustomAuth_disable_logout" false
# RPZ Plugin settings
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_policy" "DROP"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_walled_garden" "127.0.0.1"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_serial" "\$date00"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_refresh" "2h"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_retry" "30m"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_expiry" "30d"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_minimum_ttl" "1h"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_ttl" "1w"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_ns" "localhost."
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_ns_alt" ""
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_email" "root.localhost"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_policy" "DROP"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_walled_garden" "127.0.0.1"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_serial" "\$date00"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_refresh" "2h"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_retry" "30m"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_expiry" "30d"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_minimum_ttl" "1h"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_ttl" "1w"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_ns" "localhost."
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_ns_alt" ""
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.RPZ_email" "root.localhost"
# Kafka settings
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.Kafka_enable" false
@ -1706,98 +1707,98 @@ coreCAKE () {
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Plugin.ZeroMQ_tag_notifications_enable" false
# Force defaults to make MISP Server Settings less RED
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.language" "eng"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.proposals_block_attributes" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.language" "eng"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.proposals_block_attributes" false
# Redis block
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_host" "127.0.0.1"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_port" 6379
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_database" 13
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_password" ""
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.redis_host" "127.0.0.1"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.redis_port" 6379
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.redis_database" 13
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.redis_password" ""
# Force defaults to make MISP Server Settings less YELLOW
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.ssdeep_correlation_threshold" 40
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.extended_alert_subject" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.default_event_threat_level" 4
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.newUserText" "Dear new MISP user,\\n\\nWe would hereby like to welcome you to the \$org MISP community.\\n\\n Use the credentials below to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nPassword: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.passwordResetText" "Dear MISP user,\\n\\nA password reset has been triggered for your account. Use the below provided temporary password to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nYour temporary password: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.enableEventBlocklisting" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.enableOrgBlocklisting" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.log_client_ip" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.log_auth" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.log_user_ips" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.log_user_ips_authkeys" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disableUserSelfManagement" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disable_user_login_change" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disable_user_password_change" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disable_user_add" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_event_alert" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_event_alert_tag" "no-alerts=\"true\""
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_old_event_alert" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_old_event_alert_age" ""
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_old_event_alert_by_date" ""
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.incoming_tags_disabled_by_default" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.maintenance_message" "Great things are happening! MISP is undergoing maintenance, but will return shortly. You can contact the administration at \$email."
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.footermidleft" "This is an initial install"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.footermidright" "Please configure and harden accordingly"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.welcome_text_top" "Initial Install, please configure"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.ssdeep_correlation_threshold" 40
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.extended_alert_subject" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.default_event_threat_level" 4
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.newUserText" "Dear new MISP user,\\n\\nWe would hereby like to welcome you to the \$org MISP community.\\n\\n Use the credentials below to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nPassword: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.passwordResetText" "Dear MISP user,\\n\\nA password reset has been triggered for your account. Use the below provided temporary password to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nYour temporary password: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.enableEventBlocklisting" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.enableOrgBlocklisting" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.log_client_ip" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.log_auth" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.log_user_ips" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.log_user_ips_authkeys" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.disableUserSelfManagement" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.disable_user_login_change" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.disable_user_password_change" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.disable_user_add" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_event_alert" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_event_alert_tag" "no-alerts=\"true\""
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_old_event_alert" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_old_event_alert_age" ""
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.block_old_event_alert_by_date" ""
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.incoming_tags_disabled_by_default" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.maintenance_message" "Great things are happening! MISP is undergoing maintenance, but will return shortly. You can contact the administration at \$email."
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.footermidleft" "This is an initial install"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.footermidright" "Please configure and harden accordingly"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.welcome_text_top" "Initial Install, please configure"
# TODO: Make sure $FLAVOUR is correct
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.welcome_text_bottom" "Welcome to MISP on $FLAVOUR, change this message in MISP Settings"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.attachments_dir" "$PATH_TO_MISP/app/files"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.download_attachments_on_load" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.event_alert_metadata_only" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.title_text" "MISP"
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.terms_download" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.showorgalternate" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.event_view_filter_fields" "id, uuid, value, comment, type, category, Tag.name"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.welcome_text_bottom" "Welcome to MISP on ${FLAVOUR}, change this message in MISP Settings"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.attachments_dir" "${PATH_TO_MISP}/app/files"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.download_attachments_on_load" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.event_alert_metadata_only" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.title_text" "MISP"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.terms_download" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.showorgalternate" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "MISP.event_view_filter_fields" "id, uuid, value, comment, type, category, Tag.name"
# Force defaults to make MISP Server Settings less GREEN
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "debug" 0
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.auth_enforced" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.log_each_individual_auth_fail" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.rest_client_baseurl" ""
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.advanced_authkeys" false
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.password_policy_length" 12
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.password_policy_complexity" '/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/'
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.self_registration_message" "If you would like to send us a registration request, please fill out the form below. Make sure you fill out as much information as possible in order to ease the task of the administrators."
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "debug" 0
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.auth_enforced" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.log_each_individual_auth_fail" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.rest_client_baseurl" ""
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.advanced_authkeys" false
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.password_policy_length" 12
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.password_policy_complexity" '/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/'
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.self_registration_message" "If you would like to send us a registration request, please fill out the form below. Make sure you fill out as much information as possible in order to ease the task of the administrators."
# Appease the security audit, #hardening
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.disable_browser_cache" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.check_sec_fetch_site_header" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.csp_enforce" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.advanced_authkeys" true
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.do_not_log_authkeys" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.disable_browser_cache" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.check_sec_fetch_site_header" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.csp_enforce" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.advanced_authkeys" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.do_not_log_authkeys" true
# Appease the security audit, #loggin
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.username_in_response_header" true
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin setSetting "Security.username_in_response_header" true
# It is possible to updateMISP too, only here for reference how to to that on the CLI.
## $SUDO_WWW $RUN_PHP -- $CAKE Admin updateMISP
## ${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin updateMISP
# Set MISP Live
$SUDO_WWW $RUN_PHP -- $CAKE Live $MISP_LIVE
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Live ${MISP_LIVE}
}
# This updates Galaxies, ObjectTemplates, Warninglists, Noticelists, Templates
updateGOWNT () {
# AUTH_KEY Place holder in case we need to **curl** somehing in the future
#
$SUDO_WWW $RUN_MYSQL -- mysql -h $DBHOST -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e "SELECT authkey FROM users;" | tail -1 > /tmp/auth.key
${SUDO_WWW} ${RUN_MYSQL} -- mysql -h ${DBHOST} -u ${DBUSER_MISP} -p${DBPASSWORD_MISP} misp -e "SELECT authkey FROM users;" | tail -1 > /tmp/auth.key
AUTH_KEY=$(cat /tmp/auth.key)
rm /tmp/auth.key
debug "Updating Galaxies, ObjectTemplates, Warninglists, Noticelists and Templates"
# Update the galaxies…
# TODO: Fix updateGalaxies
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateGalaxies
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin updateGalaxies
# Updating the taxonomies…
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateTaxonomies
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin updateTaxonomies
# Updating the warning lists…
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateWarningLists
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin updateWarningLists
# Updating the notice lists…
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateNoticeLists
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin updateNoticeLists
# Updating the object templates…
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateObjectTemplates "1337"
${SUDO_WWW} ${RUN_PHP} -- ${CAKE} Admin updateObjectTemplates "1337"
}
# Generate GnuPG key
@ -2077,29 +2078,29 @@ mail2misp () {
debug "Installing Mail2${LBLUE}MISP${NC}"
cd /usr/local/src/
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/MISP/mail_to_misp.git; done
false; while [[ $? -ne 0 ]]; do ${SUDO_CMD} git clone https://github.com/MISP/mail_to_misp.git; done
## TODO: The below fails miserably (obviously) if faup/gtcac dirs exist, let's just make the dangerous assumption (for the sake of the installer, that they exist)
##[[ ! -d "faup" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/stricaud/faup.git faup; done
##[[ ! -d "gtcaca" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/stricaud/gtcaca.git gtcaca; done
##[[ ! -d "faup" ]] && false; while [[ $? -ne 0 ]]; do ${SUDO_CMD} git clone https://github.com/stricaud/faup.git faup; done
##[[ ! -d "gtcaca" ]] && false; while [[ $? -ne 0 ]]; do ${SUDO_CMD} git clone https://github.com/stricaud/gtcaca.git gtcaca; done
sudo chown -R ${MISP_USER}:${MISP_USER} faup mail_to_misp gtcaca
cd gtcaca
$SUDO_CMD mkdir -p build
${SUDO_CMD} mkdir -p build
cd build
$SUDO_CMD cmake .. && $SUDO_CMD make
${SUDO_CMD} cmake .. && ${SUDO_CMD} make
sudo make install
cd ../../faup
$SUDO_CMD mkdir -p build
${SUDO_CMD} mkdir -p build
cd build
$SUDO_CMD cmake .. && $SUDO_CMD make
${SUDO_CMD} cmake .. && ${SUDO_CMD} make
sudo make install
sudo ldconfig
cd ../../mail_to_misp
$SUDO_CMD virtualenv -p python3 venv
$SUDO_CMD ./venv/bin/pip install -r requirements.txt
$SUDO_CMD cp mail_to_misp_config.py-example mail_to_misp_config.py
${SUDO_CMD} virtualenv -p python3 venv
${SUDO_CMD} ./venv/bin/pip install -r requirements.txt
${SUDO_CMD} cp mail_to_misp_config.py-example mail_to_misp_config.py
##$SUDO cp mail_to_misp_config.py-example mail_to_misp_config.py
$SUDO_CMD sed -i "s/^misp_url\ =\ 'YOUR_MISP_URL'/misp_url\ =\ 'https:\/\/localhost'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
$SUDO_CMD sed -i "s/^misp_key\ =\ 'YOUR_KEY_HERE'/misp_key\ =\ '${AUTH_KEY}'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
${SUDO_CMD} sed -i "s/^misp_url\ =\ 'YOUR_MISP_URL'/misp_url\ =\ 'https:\/\/localhost'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
${SUDO_CMD} sed -i "s/^misp_key\ =\ 'YOUR_KEY_HERE'/misp_key\ =\ '${AUTH_KEY}'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
}
ssdeep () {
@ -2189,28 +2190,42 @@ viper () {
}
registerRHEL () {
sudo subscription-manager register --auto-attach # register your system to an account and attach to a current subscription
}
enableReposRHEL7 () {
sudo subscription-manager refresh
sudo subscription-manager repos --enable rhel-7-server-optional-rpms
sudo subscription-manager repos --enable rhel-7-server-extras-rpms
}
enableOptionalRHEL8 () {
sudo subscription-manager refresh
# The following is needed for -devel repos and ONLY for misp-modules, ignore if not needed
sudo subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms
# Software Collections is available for Red Hat Enterprise Linux 7 and previous supported releases. Starting with Red Hat Enterprise Linux 8, the content traditionally consumed via Software Collections is now part of Application Streams. Please see the Application Streams Life Cycle documentation for that release. Source: https://access.redhat.com/support/policy/updates/rhscl
}
enableEPEL () {
sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm -y
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum install yum-utils -y
sudo yum install dnf -y
sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm -y
sudo dnf install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo dnf install yum-utils policycoreutils-python -y
sudo yum-config-manager --enable remi-php74
}
centosEPEL () {
# We need some packages from the Extra Packages for Enterprise Linux repository
sudo yum install epel-release -y
sudo yum install dnf -y
sudo dnf install epel-release -y
# Since MISP 2.4 PHP 5.5 is a minimal requirement, so we need a newer version than CentOS base provides
# Software Collections is a way do to this, see https://wiki.centos.org/AdditionalResources/Repositories/SCL
sudo yum install centos-release-scl -y
sudo yum install yum-utils dnf -y
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo dnf install centos-release-scl -y
sudo dnf install yum-utils -y
sudo dnf install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
sudo yum-config-manager --enable remi-php74
}
@ -2233,7 +2248,7 @@ yumInstallCoreDeps7 () {
# Install the dependencies:
PHP_BASE="/etc/"
PHP_INI="/etc/php.ini"
sudo yum install gcc git zip unzip \
sudo dnf install gcc git zip unzip \
mod_ssl \
redis \
libxslt-devel zlib-devel ssdeep-devel -y
@ -2242,15 +2257,12 @@ yumInstallCoreDeps7 () {
sudo systemctl enable --now redis.service
# Install MariaDB
sudo yum install wget -y
wget https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
chmod +x mariadb_repo_setup
sudo ./mariadb_repo_setup
rm mariadb_repo_setup
sudo yum install MariaDB-server -y
sudo dnf install wget -y
wget https://downloads.mariadb.com/MariaDB/mariadb_repo_setup && chmod +x mariadb_repo_setup && sudo ./mariadb_repo_setup && rm mariadb_repo_setup
sudo dnf install MariaDB-server -y
# Install PHP 7.4 from Remi's repo, see https://rpms.remirepo.net/enterprise/7/php74/x86_64/repoview/
sudo yum install php php-fpm php-devel \
sudo dnf install php php-fpm php-devel \
php-mysqlnd \
php-mbstring \
php-xml \
@ -2266,7 +2278,7 @@ yumInstallCoreDeps7 () {
[[ ! -e "/usr/bin/php" ]] && sudo ln -s /usr/bin/php74 /usr/bin/php
# Python 3.6 is now available in RHEL 7.7 base
sudo yum install python3 python3-devel -y
sudo dnf install python3 python3-devel python3-virtualenv -y
sudo systemctl enable --now php-fpm.service
}
@ -2307,6 +2319,8 @@ yumInstallCoreDeps8 () {
# cake has php baked in, thus we link to it if necessary.
[[ ! -e "/usr/bin/php" ]] && sudo ln -s /usr/bin/php74 /usr/bin/php
sudo systemctl enable --now php-fpm.service
}
installEntropyRHEL () {
@ -2323,11 +2337,6 @@ installCoreRHEL7 () {
cd $(dirname $PATH_TO_MISP)
$SUDO_WWW git clone https://github.com/MISP/MISP.git
cd $PATH_TO_MISP
##$SUDO_WWW git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
# if the last shortcut doesn't work, specify the latest version manually
# example: git checkout tags/v2.4.XY
# the message regarding a "detached HEAD state" is expected behaviour
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
# Fetch submodules
$SUDO_WWW git submodule update --init --recursive
@ -2337,7 +2346,8 @@ installCoreRHEL7 () {
$SUDO_WWW git config core.filemode false
# Create a python3 virtualenv
sudo pip3 install virtualenv
[[ -e $(which virtualenv-3 2>/dev/null) ]] && $SUDO_WWW virtualenv-3 -p python3 $PATH_TO_MISP/venv
[[ -e $(which virtualenv 2>/dev/null) ]] && $SUDO_WWW virtualenv -p python3 $PATH_TO_MISP/venv
$SUDO_WWW python3 -m venv $PATH_TO_MISP/venv
sudo mkdir /usr/share/httpd/.cache
sudo chown $WWW_USER:$WWW_USER /usr/share/httpd/.cache
@ -2346,7 +2356,6 @@ installCoreRHEL7 () {
cd $PATH_TO_MISP/app/files/scripts
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
##$SUDO_WWW git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
@ -2388,7 +2397,7 @@ installCoreRHEL7 () {
# FIXME: Remove libfaup etc once the egg has the library baked-in
# BROKEN: This needs to be tested on RHEL/CentOS
sudo yum install libcaca-devel cmake3 -y
sudo dnf install libcaca-devel cmake3 -y
cd /tmp
[[ ! -d "faup" ]] && $SUDO_CMD git clone https://github.com/stricaud/faup.git faup
[[ ! -d "gtcaca" ]] && $SUDO_CMD git clone https://github.com/stricaud/gtcaca.git gtcaca
@ -2727,6 +2736,29 @@ firewall_RHEL () {
sudo firewall-cmd --reload
}
# Main function to fix permissions to something sane
permissions_RHEL7 () {
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP
## ? chown -R root:$WWW_USER $PATH_TO_MISP
sudo find $PATH_TO_MISP -type d -exec chmod g=rx {} \;
sudo chmod -R g+r,o= $PATH_TO_MISP
## **Note :** For updates through the web interface to work, apache must own the $PATH_TO_MISP folder and its subfolders as shown above, which can lead to security issues. If you do not require updates through the web interface to work, you can use the following more restrictive permissions :
sudo chmod -R 750 $PATH_TO_MISP
sudo chmod -R g+xws $PATH_TO_MISP/app/tmp
sudo chmod -R g+ws $PATH_TO_MISP/app/files
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
sudo chmod -R g+rw $PATH_TO_MISP/venv
sudo chmod -R g+rw $PATH_TO_MISP/.git
sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP/app/files
sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP/app/files/terms
sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP/app/files/scripts/tmp
sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP/app/Plugin/CakeResque/tmp
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/app/Config
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/app/tmp
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/app/webroot/img/orgs
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/app/webroot/img/custom
}
# Main function to fix permissions to something sane
permissions_RHEL8 () {
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP
@ -2879,10 +2911,10 @@ configWorkersRHEL () {
mispmodulesRHEL () {
# some misp-modules dependencies for RHEL<8
[[ "${DIST_VER}" =~ ^[7].* ]] && sudo yum install openjpeg-devel gcc-c++ poppler-cpp-devel pkgconfig python3-devel redhat-rpm-config -y
[[ "${DIST_VER}" =~ ^[7].* ]] && sudo dnf install openjpeg-devel gcc-c++ poppler-cpp-devel pkgconfig python3-devel redhat-rpm-config -y
# some misp-modules dependencies for RHEL8
([[ "${DISTRI}" == "fedora33" ]] || [[ "${DIST_VER}" =~ ^[8].* ]]) && sudo yum install openjpeg2-devel gcc-c++ poppler-cpp-devel pkgconfig python3-devel redhat-rpm-config -y
([[ "${DISTRI}" == "fedora33" ]] || [[ "${DIST_VER}" =~ ^[8].* ]]) && sudo dnf install openjpeg2-devel gcc-c++ poppler-cpp-devel pkgconfig python3-devel redhat-rpm-config -y
sudo chmod 2777 /usr/local/src
sudo chown root:users /usr/local/src
@ -2894,9 +2926,9 @@ mispmodulesRHEL () {
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U .
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install pyfaup censys
# some misp-modules dependencies for RHEL<8
([[ "${DISTRI}" == "fedora33" ]] || [[ "${DIST_VER}" =~ ^[7].* ]]) && sudo yum install rubygem-rouge rubygem-asciidoctor zbar-devel opencv-devel -y
([[ "${DISTRI}" == "fedora33" ]] || [[ "${DIST_VER}" =~ ^[7].* ]]) && sudo dnf install rubygem-rouge rubygem-asciidoctor zbar-devel opencv-devel -y
# some misp-modules dependencies for RHEL8
[[ "${DIST_VER}" =~ ^[8].* ]] && sudo dnf install https://packages.endpoint.com/rhel/8/main/x86_64/endpoint-repo-8-1.ep8.noarch.rpm -y && sudo yum install zbar-devel opencv-devel -y
[[ "${DIST_VER}" =~ ^[8].* ]] && sudo dnf install https://packages.endpoint.com/rhel/8/main/x86_64/endpoint-repo-8-1.ep8.noarch.rpm -y && sudo dnf install zbar-devel opencv-devel -y
echo "[Unit]
Description=MISP modules
@ -3003,6 +3035,7 @@ generateInstaller () {
perl -pe 's/^## 6_viper.sh ##/`cat 6_viper.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 6_ssdeep.sh ##/`cat 6_ssdeep.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_RHEL_register.sh ##/`cat 0_RHEL_register.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_RHEL7_SCL.sh ##/`cat 0_RHEL7_SCL.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_RHEL8_SCL.sh ##/`cat 0_RHEL8_SCL.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_CentOS_EPEL.sh ##/`cat 0_CentOS_EPEL.sh`/ge' -i INSTALL.tpl.sh
@ -3014,7 +3047,8 @@ generateInstaller () {
perl -pe 's/^## 1_mispCoreInstall_RHEL8.sh ##/`cat 1_mispCoreInstall_RHEL8.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 0_EPEL_REMI.sh ##/`cat 0_EPEL_REMI.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 1_installCake_RHEL.sh ##/`cat 1_installCake_RHEL.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 2_permissions_RHEL.sh ##/`cat 2_permissions_RHEL.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 2_permissions_RHEL7.sh ##/`cat 2_permissions_RHEL7.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 2_permissions_RHEL8.sh ##/`cat 2_permissions_RHEL8.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 1_prepareDB_RHEL.sh ##/`cat 1_prepareDB_RHEL.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 1_apacheConfig_RHEL7.sh ##/`cat 1_apacheConfig_RHEL7.sh`/ge' -i INSTALL.tpl.sh
perl -pe 's/^## 1_apacheConfig_RHEL8.sh ##/`cat 1_apacheConfig_RHEL8.sh`/ge' -i INSTALL.tpl.sh
@ -3502,6 +3536,8 @@ installMISPRHEL () {
installCoreRHEL7
debug "Install Cake PHP"
installCake_RHEL
debug "Setting File permissions"
permissions_RHEL7
debug "Preparing Database"
prepareDB_RHEL
apacheConfig_RHEL7
@ -3521,6 +3557,7 @@ installMISPRHEL () {
if [[ "${DIST_VER}" =~ ^[8].* ]]; then
enableEPEL_REMI_8
enableOptionalRHEL8
yumInstallCoreDeps8
installCoreRHEL8
installCake_RHEL
@ -3538,6 +3575,8 @@ installMISPRHEL () {
installCoreRHEL7
debug "Install Cake PHP"
installCake_RHEL
debug "Setting File permissions"
permissions_RHEL7
debug "Preparing Database"
prepareDB_RHEL
debug "Configuring Apache"
@ -3548,8 +3587,6 @@ installMISPRHEL () {
sudo yum install haveged -y
sudo systemctl enable --now haveged.service
debug "Setting File permissions"
permissions_RHEL7
debug "Setting up firewall"
firewall_RHEL

6
INSTALL/INSTALL.sh.sfv
View File

@ -1,5 +1,5 @@
; Generated by RHash v1.3.9 on 2021-04-07 at 10:42.26
; Generated by RHash v1.3.9 on 2021-04-07 at 14:14.40
; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/
;
; 159470 10:42.26 2021-04-07 INSTALL.sh
INSTALL.sh BB70440CC2A7A5D90EFC21395E104F5F1DEAF9FD E5547823A48A961B004C53F22EAF1B6FEEEE756E2223E0088093185801B5B13F 4D7C6D8676180439EA91CB1DBCB9F2923BBF384E7EE112671348BD9A45537F71AD9A5E8DAC797F7018B1D32EB977E13D 06B76BCC8D13E60E63F32B5422284ADD8EC9F2FFFED7B492817070A4F8C86F0519C1BD4403824A3B21BA5028EA275D811590C0CF98A0F48961B653F6332C600C
; 161860 14:14.40 2021-04-07 INSTALL.sh
INSTALL.sh 799BE3C88392FFCD09F5BDD49BAB5FB83C0B8A5E 759BB387FE1C11FB8D95326342C7E71B9EEF1549EEA18977E497E5D1B7B6B528 D5EBD0EE0E7E2A4AE6F68063D9A2C581EEF340816C383E00534143AE8787F24F5CF3EF20029DFA8F05D6E4A4B8BF2DE8 3C20996CB15AFC65A8B2A743AF5244FDAC1D1652E338A20B91AF4F76B0B885F4E4C17096838F26BCC3A09E3BEF24F0C2D5B4DB5C19B692573EB1AA0013907689

2
INSTALL/INSTALL.sh.sha1
View File

@ -1 +1 @@
bb70440cc2a7a5d90efc21395e104f5f1deaf9fd INSTALL.sh
799be3c88392ffcd09f5bdd49bab5fb83c0b8a5e INSTALL.sh

2
INSTALL/INSTALL.sh.sha256
View File

@ -1 +1 @@
e5547823a48a961b004c53f22eaf1b6feeee756e2223e0088093185801b5b13f INSTALL.sh
759bb387fe1c11fb8d95326342c7e71b9eef1549eea18977e497e5d1b7b6b528 INSTALL.sh

2
INSTALL/INSTALL.sh.sha384
View File

@ -1 +1 @@
4d7c6d8676180439ea91cb1dbcb9f2923bbf384e7ee112671348bd9a45537f71ad9a5e8dac797f7018b1d32eb977e13d INSTALL.sh
d5ebd0ee0e7e2a4ae6f68063d9a2c581eef340816c383e00534143ae8787f24f5cf3ef20029dfa8f05d6e4a4b8bf2de8 INSTALL.sh

2
INSTALL/INSTALL.sh.sha512
View File

@ -1 +1 @@
06b76bcc8d13e60e63f32b5422284add8ec9f2fffed7b492817070a4f8c86f0519c1bd4403824a3b21ba5028ea275d811590c0cf98a0f48961b653f6332c600c INSTALL.sh
3c20996cb15afc65a8b2a743af5244fdac1d1652e338a20b91af4f76b0b885f4e4c17096838f26bcc3a09e3bef24f0c2d5b4db5c19b692573eb1aa0013907689 INSTALL.sh