mirror of https://github.com/MISP/MISP
Merge pull request #5937 from SteveClement/guides
commit
8916ea948f
|
@ -175,18 +175,18 @@ installCore () {
|
|||
# FIXME: Remove libfaup etc once the egg has the library baked-in
|
||||
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
|
||||
cd /tmp
|
||||
[[ ! -d "faup" ]] && $SUDO_CMD git clone git://github.com/stricaud/faup.git faup
|
||||
[[ ! -d "gtcaca" ]] && $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca
|
||||
false; while [[ $? -ne 0 ]]; do [[ ! -d "faup" ]] && ${SUDO_CMD} git clone git://github.com/stricaud/faup.git faup; done
|
||||
false; while [[ $? -ne 0 ]]; do [[ ! -d "gtcaca" ]] && ${SUDO_CMD} git clone git://github.com/stricaud/gtcaca.git gtcaca; done
|
||||
sudo chown -R ${MISP_USER}:${MISP_USER} faup gtcaca
|
||||
cd gtcaca
|
||||
$SUDO_CMD mkdir -p build
|
||||
${SUDO_CMD} mkdir -p build
|
||||
cd build
|
||||
$SUDO_CMD cmake .. && $SUDO_CMD make
|
||||
${SUDO_CMD} cmake .. && ${SUDO_CMD} make
|
||||
sudo make install
|
||||
cd ../../faup
|
||||
$SUDO_CMD mkdir -p build
|
||||
${SUDO_CMD} mkdir -p build
|
||||
cd build
|
||||
$SUDO_CMD cmake .. && $SUDO_CMD make
|
||||
${SUDO_CMD} cmake .. && ${SUDO_CMD} make
|
||||
sudo make install
|
||||
sudo ldconfig
|
||||
|
||||
|
|
|
@ -17,27 +17,33 @@ MISPvars () {
|
|||
# RHEL/CentOS
|
||||
if [[ -f "/etc/redhat-release" ]]; then
|
||||
WWW_USER='apache'
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER} "
|
||||
# Debian flavoured
|
||||
elif [[ -f "/etc/debian_version" ]]; then
|
||||
WWW_USER="www-data"
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER} "
|
||||
# OpenBSD
|
||||
elif [[ "$(uname -s)" == "OpenBSD" ]]; then
|
||||
WWW_USER="www"
|
||||
PATH_TO_MISP="/var/www/htdocs/MISP"
|
||||
SUDO_WWW="doas -u www "
|
||||
SUDO_CMD="doas "
|
||||
# NetBSD
|
||||
elif [[ "$(uname -s)" == "NetBSD" ]]; then
|
||||
WWW_USER="www"
|
||||
PATH_TO_MISP="/usr/pkg/share/httpd/htdocs/MISP"
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER} "
|
||||
else
|
||||
# I am feeling lucky
|
||||
WWW_USER="www-data"
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER} "
|
||||
fi
|
||||
|
||||
if [ -z "$FQDN" ]; then
|
||||
if [ -z "${FQDN}" ]; then
|
||||
FQDN="misp.local"
|
||||
fi
|
||||
|
||||
if [ -z "$MISP_BASEURL" ]; then
|
||||
if [ -z "${MISP_BASEURL}" ]; then
|
||||
MISP_BASEURL='""'
|
||||
fi
|
||||
|
||||
|
@ -52,13 +58,13 @@ MISPvars () {
|
|||
DBPASSWORD_MISP="$(openssl rand -hex 32)"
|
||||
|
||||
# OpenSSL configuration
|
||||
OPENSSL_CN=$FQDN
|
||||
OPENSSL_CN=${FQDN}
|
||||
OPENSSL_C='LU'
|
||||
OPENSSL_ST='State'
|
||||
OPENSSL_L='Location'
|
||||
OPENSSL_O='Organization'
|
||||
OPENSSL_OU='Organizational Unit'
|
||||
OPENSSL_EMAILADDRESS="info@$FQDN"
|
||||
OPENSSL_EMAILADDRESS="info@${FQDN}"
|
||||
|
||||
# GPG configuration
|
||||
GPG_REAL_NAME='Autogenerated Key'
|
||||
|
@ -81,7 +87,7 @@ MISPvars () {
|
|||
max_execution_time=300
|
||||
memory_limit=2048M
|
||||
|
||||
CAKE="$PATH_TO_MISP/app/Console/cake"
|
||||
CAKE="${PATH_TO_MISP}/app/Console/cake"
|
||||
|
||||
# sudo config to run $LUSER commands
|
||||
if [[ "$(groups ${MISP_USER} |grep -o 'staff')" == "staff" ]]; then
|
||||
|
@ -89,8 +95,7 @@ MISPvars () {
|
|||
else
|
||||
SUDO_CMD="sudo -H -u ${MISP_USER}"
|
||||
fi
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER} "
|
||||
|
||||
|
||||
echo "The following DB Passwords were generated..."
|
||||
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
|
||||
echo "User (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"
|
||||
|
|
|
@ -8,9 +8,9 @@ mail2misp () {
|
|||
debug "Installing Mail2${LBLUE}MISP${NC}"
|
||||
cd /usr/local/src/
|
||||
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
|
||||
$SUDO_CMD git clone https://github.com/MISP/mail_to_misp.git
|
||||
[[ ! -d "faup" ]] && $SUDO_CMD git clone git://github.com/stricaud/faup.git faup
|
||||
[[ ! -d "gtcaca" ]] && $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/MISP/mail_to_misp.git; done
|
||||
[[ ! -d "faup" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/faup.git faup; done
|
||||
[[ ! -d "gtcaca" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca; done
|
||||
sudo chown -R ${MISP_USER}:${MISP_USER} faup mail_to_misp gtcaca
|
||||
cd gtcaca
|
||||
$SUDO_CMD mkdir -p build
|
||||
|
|
|
@ -14,7 +14,7 @@ mispDashboard () {
|
|||
sudo yum install wget screen -y
|
||||
sudo mkdir /var/www/misp-dashboard
|
||||
sudo chown $WWW_USER:$WWW_USER /var/www/misp-dashboard
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git /var/www/misp-dashboard
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git /var/www/misp-dashboard; done
|
||||
cd /var/www/misp-dashboard
|
||||
sudo sed -i -E 's/sudo apt/#sudo apt/' install_dependencies.sh
|
||||
sudo sed -i -E 's/virtualenv -p python3 DASHENV/\/usr\/bin\/scl enable rh-python36 \"virtualenv -p python3 DASHENV\"/' install_dependencies.sh
|
||||
|
|
|
@ -16,7 +16,7 @@ mispDashboard () {
|
|||
sudo mkdir misp-dashboard
|
||||
sudo chown $WWW_USER:$WWW_USER misp-dashboard
|
||||
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git; done
|
||||
cd misp-dashboard
|
||||
sudo -H /var/www/misp-dashboard/install_dependencies.sh
|
||||
sudo sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
|
||||
|
|
|
@ -8,7 +8,7 @@ mispmodulesRHEL () {
|
|||
sudo chmod 2777 /usr/local/src
|
||||
sudo chown root:users /usr/local/src
|
||||
cd /usr/local/src/
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-modules.git
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_WWW git clone https://github.com/MISP/misp-modules.git; done
|
||||
cd misp-modules
|
||||
# pip install
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U -I -r REQUIREMENTS
|
||||
|
|
|
@ -8,9 +8,9 @@ mispmodules () {
|
|||
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
|
||||
## TODO: checkUsrLocalSrc in main doc
|
||||
debug "Cloning misp-modules"
|
||||
$SUDO_CMD git clone https://github.com/MISP/misp-modules.git
|
||||
$SUDO_CMD git clone git://github.com/stricaud/gtcaca.git
|
||||
$SUDO_CMD git clone git://github.com/stricaud/faup.git
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/MISP/misp-modules.git; done
|
||||
[[ ! -d "faup" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/faup.git faup; done
|
||||
[[ ! -d "gtcaca" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca; done
|
||||
sudo chown -R ${MISP_USER}:${MISP_USER} faup gtcaca
|
||||
# Install gtcaca
|
||||
cd gtcaca
|
||||
|
|
|
@ -18,8 +18,8 @@ viper () {
|
|||
fi
|
||||
fi
|
||||
echo "Cloning Viper"
|
||||
$SUDO_CMD git clone https://github.com/viper-framework/viper.git
|
||||
$SUDO_CMD git clone https://github.com/viper-framework/viper-web.git
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/viper-framework/viper.git; done
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/viper-framework/viper-web.git; done
|
||||
sudo chown -R $MISP_USER:$MISP_USER viper
|
||||
sudo chown -R $MISP_USER:$MISP_USER viper-web
|
||||
cd viper
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# INSTALLATION INSTRUCTIONS
|
||||
## for OpenBSD 6.5-amd64
|
||||
## for OpenBSD 6.7-amd64
|
||||
|
||||
!!! warning
|
||||
This is not fully working yet. Mostly it is a template for our ongoing documentation efforts :spider:
|
||||
|
@ -86,16 +86,17 @@ doas pkg_add -v mariadb-server
|
|||
#### Install misc dependencies
|
||||
|
||||
!!! notice
|
||||
You need to install python 3.x when asked, option 2.
|
||||
install python 3.x when asked, option 2
|
||||
autoconf wants to be version 2.69, option 16
|
||||
automake wants to be version 1.16, option 7
|
||||
automake wants to be version 1.16, option 10
|
||||
unzip can be whatever
|
||||
|
||||
```bash
|
||||
doas pkg_add -v curl git python redis libmagic autoconf automake libtool unzip
|
||||
```
|
||||
|
||||
!!! notice
|
||||
GnuPG 2.x is best, option 3.
|
||||
GnuPG 2.x is best, option 2
|
||||
|
||||
```bash
|
||||
doas pkg_add -v gnupg
|
||||
|
@ -104,7 +105,7 @@ doas ln -s /usr/local/bin/gpg2 /usr/local/bin/gpg
|
|||
|
||||
#### Install postfix (optional)
|
||||
!!! notice
|
||||
When asked, the standard postfix will be enough for a basic setup, option 9.
|
||||
When asked, the standard postfix 3.5 will be enough for a basic setup, option 1
|
||||
|
||||
```bash
|
||||
doas pkg_add -v postfix
|
||||
|
@ -242,11 +243,11 @@ doas rcctl enable httpd
|
|||
|
||||
#### Install Python virtualenv
|
||||
```bash
|
||||
doas ln -sf /usr/local/bin/pip3.6 /usr/local/bin/pip
|
||||
doas ln -s /usr/local/bin/python3.6 /usr/local/bin/python
|
||||
doas pkg_add -v py-virtualenv
|
||||
doas pkg_add -v py3-virtualenv py3-pip
|
||||
doas ln -sf /usr/local/bin/pip3.7 /usr/local/bin/pip
|
||||
doas ln -s /usr/local/bin/python3.7 /usr/local/bin/python
|
||||
doas mkdir /usr/local/virtualenvs
|
||||
doas virtualenv -ppython3 /usr/local/virtualenvs/MISP
|
||||
doas virtualenv-3 /usr/local/virtualenvs/MISP
|
||||
```
|
||||
|
||||
#### Install ssdeep
|
||||
|
@ -264,33 +265,33 @@ doas pkg_add -v fcgi-cgi fcgi
|
|||
!!! notice
|
||||
php-5.6 is marked as end-of-life starting December 2018, use php 7.0 instead.
|
||||
Option 2.
|
||||
If on OpenBSD 6.3, upgrade to 6.5 to make your life much easier.
|
||||
If on OpenBSD 6.3, upgrade to 6.7 to make your life much easier.
|
||||
|
||||
```
|
||||
doas pkg_add -v php-mysqli php-pcntl php-pdo_mysql php-apache pecl73-redis php-gd
|
||||
doas pkg_add -v php-mysqli php-pcntl php-pdo_mysql php-apache pecl74-redis php-gd
|
||||
```
|
||||
|
||||
#### /etc/php-7.3.ini
|
||||
#### /etc/php-7.4.ini
|
||||
```
|
||||
## TODO: sed foo as .ini exists
|
||||
allow_url_fopen = On
|
||||
```
|
||||
|
||||
```bash
|
||||
cd /etc/php-7.3
|
||||
doas cp ../php-7.3.sample/* .
|
||||
cd /etc/php-7.4
|
||||
doas cp ../php-7.4.sample/* .
|
||||
```
|
||||
|
||||
#### php symlinks
|
||||
```bash
|
||||
doas ln -s /usr/local/bin/php-7.3 /usr/local/bin/php
|
||||
doas ln -s /usr/local/bin/phpize-7.3 /usr/local/bin/phpize
|
||||
doas ln -s /usr/local/bin/php-config-7.3 /usr/local/bin/php-config
|
||||
doas ln -s /usr/local/bin/php-7.4 /usr/local/bin/php
|
||||
doas ln -s /usr/local/bin/phpize-7.4 /usr/local/bin/phpize
|
||||
doas ln -s /usr/local/bin/php-config-7.4 /usr/local/bin/php-config
|
||||
```
|
||||
|
||||
#### Enable php fpm
|
||||
```bash
|
||||
doas rcctl enable php73_fpm
|
||||
doas rcctl enable php74_fpm
|
||||
```
|
||||
|
||||
#### Configure fpm
|
||||
|
@ -320,7 +321,7 @@ pm.min_spare_servers = 1
|
|||
pm.max_spare_servers = 3
|
||||
chroot = /var/www" | doas tee /etc/php-fpm.d/default.conf
|
||||
|
||||
doas /etc/rc.d/php73_fpm start
|
||||
doas /etc/rc.d/php74_fpm start
|
||||
```
|
||||
|
||||
!!! notice
|
||||
|
@ -349,22 +350,22 @@ doas mysql_secure_installation
|
|||
doas mkdir /var/www/htdocs/MISP
|
||||
doas chown www:www /var/www/htdocs/MISP
|
||||
cd /var/www/htdocs/MISP
|
||||
doas -u www git clone https://github.com/MISP/MISP.git /var/www/htdocs/MISP
|
||||
doas -u www git submodule update --init --recursive
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MISP/MISP.git /var/www/htdocs/MISP; done
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git submodule update --progress --init --recursive; done
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
doas -u www git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Make git ignore filesystem permission differences
|
||||
doas -u www git config core.filemode false
|
||||
|
||||
doas pkg_add py-pip py3-pip libxml libxslt py3-jsonschema
|
||||
doas pkg_add py3-pip libxml libxslt py3-jsonschema
|
||||
doas /usr/local/virtualenvs/MISP/bin/pip install -U pip
|
||||
|
||||
cd /var/www/htdocs/MISP/app/files/scripts
|
||||
doas -u www git clone https://github.com/CybOXProject/mixbox.git
|
||||
doas -u www git clone https://github.com/CybOXProject/python-cybox.git
|
||||
doas -u www git clone https://github.com/STIXProject/python-stix.git
|
||||
doas -u www git clone https://github.com/MAECProject/python-maec.git
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git; done
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git; done
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MAECProject/python-maec.git; done
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git; done
|
||||
|
||||
cd /var/www/htdocs/MISP/app/files/scripts/python-cybox
|
||||
doas /usr/local/virtualenvs/MISP/bin/python setup.py install
|
||||
|
@ -399,11 +400,6 @@ doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/kbandla/
|
|||
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
|
||||
cd /var/www/htdocs/MISP/app
|
||||
doas mkdir /var/www/.composer ; doas chown www:www /var/www/.composer
|
||||
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
|
||||
#doas -u www php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#doas -u www php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#doas -u www env HOME=/var/www php composer-setup.php
|
||||
#doas -u www php -r "unlink('composer-setup.php');"
|
||||
doas -u www env HOME=/var/www php composer.phar install
|
||||
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
|
@ -677,7 +673,7 @@ doas $CAKE Admin setSetting "Session.cookie_timeout" 3600
|
|||
|
||||
# Enable GnuPG
|
||||
doas $CAKE Admin setSetting "GnuPG.email" "admin@admin.test"
|
||||
doas $CAKE Admin setSetting "GnuPG.homedir" "$PATH_TO_MISP/.gnupg"
|
||||
doas $CAKE Admin setSetting "GnuPG.homedir" "${PATH_TO_MISP}/.gnupg"
|
||||
doas $CAKE Admin setSetting "GnuPG.password" "Password1234"
|
||||
|
||||
# Enable Enrichment set better timeouts
|
||||
|
|
|
@ -129,62 +129,62 @@ sudo service redis start
|
|||
------------
|
||||
```bash
|
||||
# Download MISP using git in the /var/www/ directory.
|
||||
sudo mkdir $PATH_TO_MISP
|
||||
sudo chown apache:apache $PATH_TO_MISP
|
||||
sudo mkdir ${PATH_TO_MISP}
|
||||
sudo chown apache:apache ${PATH_TO_MISP}
|
||||
cd /var/www
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git
|
||||
cd $PATH_TO_MISP
|
||||
##$SUDO_WWW git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
${SUDO_WWW} git clone https://github.com/MISP/MISP.git
|
||||
cd ${PATH_TO_MISP}
|
||||
##${SUDO_WWW} git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
# if the last shortcut doesn't work, specify the latest version manually
|
||||
# example: git checkout tags/v2.4.XY
|
||||
# the message regarding a "detached HEAD state" is expected behaviour
|
||||
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
|
||||
|
||||
# Fetch submodules
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
${SUDO_WWW} git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Create a python3 virtualenv
|
||||
$SUDO_WWW $RUN_PYTHON "virtualenv -p python3 $PATH_TO_MISP/venv"
|
||||
${SUDO_WWW} $RUN_PYTHON "virtualenv -p python3 ${PATH_TO_MISP}/venv"
|
||||
sudo mkdir /var/www/.cache
|
||||
sudo chown apache:apache /var/www/.cache
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U pip setuptools
|
||||
|
||||
# install Mitre's STIX and its dependencies by running the following commands:
|
||||
sudo yum install python-importlib python-lxml python-dateutil python-six -y
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
|
||||
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
|
||||
UMASK=$(umask)
|
||||
umask 0022
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install maec
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U maec
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U maec
|
||||
|
||||
# install zmq
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U zmq
|
||||
|
||||
# install redis
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U redis
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U redis
|
||||
|
||||
# lief needs manual compilation
|
||||
sudo yum install devtoolset-7 cmake3 -y
|
||||
|
||||
sudo yum install http://opensource.wandisco.com/centos/6/git/x86_64/wandisco-git-release-6-1.noarch.rpm
|
||||
sudo yum install git -y
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
cd $PATH_TO_MISP/app/files/scripts/lief
|
||||
$SUDO_WWW mkdir build
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/lief
|
||||
${SUDO_WWW} mkdir build
|
||||
cd build
|
||||
$SUDO_WWW scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
|
||||
${SUDO_WWW} scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
|
||||
-DLIEF_PYTHON_API=on \
|
||||
-DLIEF_DOC=off \
|
||||
-DCMAKE_INSTALL_PREFIX=$LIEF_INSTALL \
|
||||
|
@ -192,30 +192,30 @@ $SUDO_WWW scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
|
|||
-DPYTHON_VERSION=3.6 \
|
||||
-DPYTHON_EXECUTABLE=/var/www/MISP/venv/bin/python \
|
||||
.."'
|
||||
$SUDO_WWW make -j3
|
||||
${SUDO_WWW} make -j3
|
||||
sudo make install
|
||||
cd api/python/lief_pybind11-prefix/src/lief_pybind11
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/python setup.py install
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/python setup.py install
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
|
||||
# install magic, pydeep
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U python-magic
|
||||
## pydeep does not compile ):
|
||||
## git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# install mixbox to accommodate the new STIX dependencies:
|
||||
cd $PATH_TO_MISP/app/files/scripts/
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install STIX2.0 library to support STIX 2.0 export:
|
||||
cd $PATH_TO_MISP/cti-python-stix2
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/cti-python-stix2
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# FIXME: Remove libfaup etc once the egg has the library baked-in
|
||||
# BROKEN: This needs to be tested on RHEL/CentOS
|
||||
|
@ -254,17 +254,17 @@ sudo service rh-php70-php-fpm restart
|
|||
#### CakePHP is now included as a submodule of MISP and has been fetch by a previous step.
|
||||
#### Install CakeResque along with its dependencies if you intend to use the built in background jobs.
|
||||
```bash
|
||||
sudo chown -R apache:apache $PATH_TO_MISP
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}
|
||||
sudo mkdir /var/www/.composer/
|
||||
sudo chown apache:apache /var/www/.composer/
|
||||
cd $PATH_TO_MISP/app
|
||||
cd ${PATH_TO_MISP}/app
|
||||
# Update composer.phar (optional)
|
||||
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#$SUDO_WWW $RUN_PHP "php composer-setup.php"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "unlink('composer-setup.php');"
|
||||
$SUDO_WWW $RUN_PHP "php composer.phar install"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#${SUDO_WWW} $RUN_PHP "php composer-setup.php"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "unlink('composer-setup.php');"
|
||||
${SUDO_WWW} $RUN_PHP "php composer.phar install"
|
||||
|
||||
sudo yum install php-redis -y
|
||||
sudo service rh-php70-php-fpm restart
|
||||
|
@ -284,30 +284,30 @@ do
|
|||
done
|
||||
sudo service rh-php70-php-fpm restart
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
sudo cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
sudo cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
### 5/ Set the permissions
|
||||
----------------------
|
||||
```bash
|
||||
# Make sure the permissions are set correctly using the following commands as root:
|
||||
sudo chown -R apache:apache $PATH_TO_MISP
|
||||
sudo find $PATH_TO_MISP -type d -exec chmod g=rx {} \;
|
||||
sudo chmod -R g+r,o= $PATH_TO_MISP
|
||||
sudo chmod -R 750 $PATH_TO_MISP
|
||||
sudo chmod -R g+xws $PATH_TO_MISP/app/tmp
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chmod -R g+rw $PATH_TO_MISP/venv
|
||||
sudo chmod -R g+rw $PATH_TO_MISP/.git
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/files
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/files/terms
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/Plugin/CakeResque/tmp
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/Config
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/tmp
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/webroot/img/orgs
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/webroot/img/custom
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}
|
||||
sudo find ${PATH_TO_MISP} -type d -exec chmod g=rx {} \;
|
||||
sudo chmod -R g+r,o= ${PATH_TO_MISP}
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}
|
||||
sudo chmod -R g+xws ${PATH_TO_MISP}/app/tmp
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
sudo chmod -R g+rw ${PATH_TO_MISP}/venv
|
||||
sudo chmod -R g+rw ${PATH_TO_MISP}/.git
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/files
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/files/terms
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/Plugin/CakeResque/tmp
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}/app/Config
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}/app/tmp
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}/app/webroot/img/orgs
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}/app/webroot/img/custom
|
||||
```
|
||||
|
||||
### 6/ Create a database and user
|
||||
|
@ -378,7 +378,7 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
|||
|
||||
#### Import the empty MySQL database from MYSQL.sql
|
||||
```bash
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
|
||||
|
@ -394,10 +394,10 @@ $SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSW
|
|||
If it is disabled, you can ignore the **chcon/setsebool/semanage/checkmodule/semodule*** commands.
|
||||
|
||||
```bash
|
||||
# Now configure your apache server with the DocumentRoot $PATH_TO_MISP/app/webroot/
|
||||
# A sample vhost can be found in $PATH_TO_MISP/INSTALL/old/apache.misp.centos6
|
||||
# Now configure your apache server with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
|
||||
# A sample vhost can be found in ${PATH_TO_MISP}/INSTALL/old/apache.misp.centos6
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/old/apache.misp.centos6 /etc/httpd/conf.d/misp.conf
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/old/apache.misp.centos6 /etc/httpd/conf.d/misp.conf
|
||||
|
||||
# Allow httpd to connect to the redis server and php-fpm over tcp/ip
|
||||
sudo setsebool -P httpd_can_network_connect on
|
||||
|
@ -427,20 +427,20 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
|
|||
### 8/ Log rotation
|
||||
---------------
|
||||
```bash
|
||||
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
|
||||
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo chmod 0640 /etc/logrotate.d/misp
|
||||
|
||||
# Now make logrotate work under SELinux as well
|
||||
# Allow logrotate to modify the log files
|
||||
sudo semanage fcontext -a -t httpd_log_t "$PATH_TO_MISP/app/tmp/logs(/.*)?"
|
||||
sudo chcon -R -t httpd_log_t $PATH_TO_MISP/app/tmp/logs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp/logs
|
||||
sudo semanage fcontext -a -t httpd_log_t "${PATH_TO_MISP}/app/tmp/logs(/.*)?"
|
||||
sudo chcon -R -t httpd_log_t ${PATH_TO_MISP}/app/tmp/logs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/tmp/logs
|
||||
|
||||
# Allow logrotate to read /var/www
|
||||
sudo checkmodule -M -m -o /tmp/misplogrotate.mod $PATH_TO_MISP/INSTALL/misplogrotate.te
|
||||
sudo checkmodule -M -m -o /tmp/misplogrotate.mod ${PATH_TO_MISP}/INSTALL/misplogrotate.te
|
||||
sudo semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
|
||||
sudo semodule -i /tmp/misplogrotate.pp
|
||||
```
|
||||
|
@ -448,11 +448,11 @@ sudo semodule -i /tmp/misplogrotate.pp
|
|||
### 9/ MISP configuration
|
||||
---------------------
|
||||
```bash
|
||||
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
echo "<?php
|
||||
class DATABASE_CONFIG {
|
||||
|
@ -469,7 +469,7 @@ class DATABASE_CONFIG {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
|
||||
|
||||
# Configure the fields in the newly created files:
|
||||
# config.php : baseurl (example: 'baseurl' => 'http://misp',) - don't use "localhost" it causes issues when browsing externally
|
||||
|
@ -491,14 +491,14 @@ class DATABASE_CONFIG {
|
|||
# );
|
||||
#}
|
||||
|
||||
# Important! Change the salt key in $PATH_TO_MISP/app/Config/config.php
|
||||
# Important! Change the salt key in ${PATH_TO_MISP}/app/Config/config.php
|
||||
# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
|
||||
# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
|
||||
# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
|
||||
|
||||
# If you want to be able to change configuration parameters from the webinterface:
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/Config/config.php
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config/config.php
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/Config/config.php
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
# Generate a GPG encryption key.
|
||||
cat >/tmp/gen-key-script <<EOF
|
||||
|
@ -516,17 +516,17 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
sudo gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
sudo rm -f /tmp/gen-key-script
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/.gnupg
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}/.gnupg
|
||||
|
||||
# And export the public key to the webroot
|
||||
sudo gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
# Start the workers to enable background jobs
|
||||
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
$SUDO_WWW $RUN_PHP $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
${SUDO_WWW} $RUN_PHP ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
|
||||
if [ ! -e /etc/rc.local ]
|
||||
then
|
||||
|
@ -551,21 +551,21 @@ sudo yum install -y openjpeg-devel
|
|||
sudo chmod 2777 /usr/local/src
|
||||
sudo chown root:users /usr/local/src
|
||||
cd /usr/local/src/
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-modules.git
|
||||
${SUDO_WWW} git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
# pip install
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
|
||||
# The following fails
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
sudo yum install rubygem-rouge rubygem-asciidoctor -y
|
||||
##sudo gem install asciidoctor-pdf --pre
|
||||
|
||||
# install additional dependencies for extended object generation and extraction
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# Start misp-modules
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
sudo sed -i -e '$i \sudo -u apache /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
|
||||
|
|
|
@ -43,7 +43,7 @@ Make sure you are reading the parsed version of this Document. When in doubt [cl
|
|||
# <snippet-begin 0_RHEL_PHP_INI.sh>
|
||||
# RHEL/CentOS Specific
|
||||
WWW_USER="apache"
|
||||
SUDO_WWW="sudo -H -u $WWW_USER"
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER}"
|
||||
|
||||
RUN_PHP='/usr/bin/scl enable rh-php72'
|
||||
PHP_INI=/etc/opt/rh/rh-php72/php.ini
|
||||
|
@ -118,91 +118,91 @@ sudo systemctl enable --now redis.service
|
|||
```bash
|
||||
# Download MISP using git in the /var/www/ directory.
|
||||
PATH_TO_MISP="/var/www/MISP"
|
||||
sudo mkdir -p $(dirname $PATH_TO_MISP)
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ($dirname $PATH_TO_MISP)
|
||||
cd $(dirname $PATH_TO_MISP)
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git
|
||||
cd $PATH_TO_MISP
|
||||
##$SUDO_WWW git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
sudo mkdir -p $(dirname ${PATH_TO_MISP})
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ($dirname ${PATH_TO_MISP})
|
||||
cd $(dirname ${PATH_TO_MISP})
|
||||
${SUDO_WWW} git clone https://github.com/MISP/MISP.git
|
||||
cd ${PATH_TO_MISP}
|
||||
##${SUDO_WWW} git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
# if the last shortcut doesn't work, specify the latest version manually
|
||||
# example: git checkout tags/v2.4.XY
|
||||
# the message regarding a "detached HEAD state" is expected behaviour
|
||||
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
|
||||
|
||||
# Fetch submodules
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
${SUDO_WWW} git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
# Make git ignore filesystem permission differences
|
||||
$SUDO_WWW git config core.filemode false
|
||||
${SUDO_WWW} git config core.filemode false
|
||||
|
||||
# Create a python3 virtualenv
|
||||
sudo pip3 install virtualenv
|
||||
$SUDO_WWW python3 "virtualenv -p python3 $PATH_TO_MISP/venv"
|
||||
${SUDO_WWW} python3 "virtualenv -p python3 ${PATH_TO_MISP}/venv"
|
||||
sudo mkdir /usr/share/httpd/.cache
|
||||
sudo chown ${WWW_USER}:${WWW_USER} /usr/share/httpd/.cache
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U pip setuptools
|
||||
|
||||
# install Mitre's STIX and its dependencies by running the following commands:
|
||||
##sudo yum install python-importlib python-lxml python-dateutil python-six -y
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
$SUDO_WWW git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
|
||||
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
|
||||
${SUDO_WWW} git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
|
||||
UMASK=$(umask)
|
||||
umask 0022
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install maec
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U maec
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U maec
|
||||
|
||||
# install zmq
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U zmq
|
||||
|
||||
# install redis
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U redis
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U redis
|
||||
|
||||
# lief needs manual compilation
|
||||
sudo yum install devtoolset-7 cmake3 -y
|
||||
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
cd $PATH_TO_MISP/app/files/scripts/lief
|
||||
$SUDO_WWW mkdir build
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/lief
|
||||
${SUDO_WWW} mkdir build
|
||||
cd build
|
||||
$SUDO_WWW scl enable devtoolset-7 'bash -c "cmake3 \
|
||||
${SUDO_WWW} scl enable devtoolset-7 'bash -c "cmake3 \
|
||||
-DLIEF_PYTHON_API=on \
|
||||
-DLIEF_DOC=off \
|
||||
-DCMAKE_INSTALL_PREFIX=$LIEF_INSTALL \
|
||||
-DCMAKE_BUILD_TYPE=Release \
|
||||
-DPYTHON_VERSION=3.6 \
|
||||
-DPYTHON_EXECUTABLE=$PATH_TO_MISP/venv/bin/python \
|
||||
-DPYTHON_EXECUTABLE=${PATH_TO_MISP}/venv/bin/python \
|
||||
.."'
|
||||
$SUDO_WWW make -j3
|
||||
${SUDO_WWW} make -j3
|
||||
sudo make install
|
||||
cd api/python/lief_pybind11-prefix/src/lief_pybind11
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/python setup.py install
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/python setup.py install
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
|
||||
# install magic, pydeep
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install STIX2.0 library to support STIX 2.0 export:
|
||||
cd $PATH_TO_MISP/cti-python-stix2
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/cti-python-stix2
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# FIXME: Remove libfaup etc once the egg has the library baked-in
|
||||
# BROKEN: This needs to be tested on RHEL/CentOS
|
||||
|
@ -237,17 +237,17 @@ umask $UMASK
|
|||
#### CakePHP is now included as a submodule of MISP and has been fetch by a previous step.
|
||||
#### Install CakeResque along with its dependencies if you intend to use the built in background jobs.
|
||||
```bash
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
sudo mkdir /usr/share/httpd/.composer
|
||||
sudo chown ${WWW_USER}:${WWW_USER} /usr/share/httpd/.composer
|
||||
cd $PATH_TO_MISP/app
|
||||
cd ${PATH_TO_MISP}/app
|
||||
# Update composer.phar (optional)
|
||||
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#$SUDO_WWW $RUN_PHP "php composer-setup.php"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "unlink('composer-setup.php');"
|
||||
$SUDO_WWW $RUN_PHP "php composer.phar install"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#${SUDO_WWW} $RUN_PHP "php composer-setup.php"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "unlink('composer-setup.php');"
|
||||
${SUDO_WWW} $RUN_PHP "php composer.phar install"
|
||||
|
||||
sudo yum install php-redis -y
|
||||
sudo systemctl restart rh-php72-php-fpm.service
|
||||
|
@ -267,30 +267,30 @@ done
|
|||
sudo systemctl restart rh-php72-php-fpm.service
|
||||
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
sudo cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
sudo cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
### 5/ Set the permissions
|
||||
----------------------
|
||||
```bash
|
||||
# Make sure the permissions are set correctly using the following commands as root:
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP
|
||||
sudo find $PATH_TO_MISP -type d -exec chmod g=rx {} \;
|
||||
sudo chmod -R g+r,o= $PATH_TO_MISP
|
||||
sudo chmod -R 750 $PATH_TO_MISP
|
||||
sudo chmod -R g+xws $PATH_TO_MISP/app/tmp
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chmod -R g+rw $PATH_TO_MISP/venv
|
||||
sudo chmod -R g+rw $PATH_TO_MISP/.git
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/files
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/files/terms
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/Plugin/CakeResque/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/Config
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/webroot/img/orgs
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/webroot/img/custom
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
sudo find ${PATH_TO_MISP} -type d -exec chmod g=rx {} \;
|
||||
sudo chmod -R g+r,o= ${PATH_TO_MISP}
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}
|
||||
sudo chmod -R g+xws ${PATH_TO_MISP}/app/tmp
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
sudo chmod -R g+rw ${PATH_TO_MISP}/venv
|
||||
sudo chmod -R g+rw ${PATH_TO_MISP}/.git
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/files
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/files/terms
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Plugin/CakeResque/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/webroot/img/orgs
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/webroot/img/custom
|
||||
```
|
||||
|
||||
### 6/ Create a database and user
|
||||
|
@ -360,7 +360,7 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
|||
|
||||
#### Import the empty MySQL database from MYSQL.sql
|
||||
```bash
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
|
||||
|
@ -376,10 +376,10 @@ $SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSW
|
|||
If it is disabled, you can ignore the **chcon/setsebool/semanage/checkmodule/semodule*** commands.
|
||||
|
||||
```bash
|
||||
# Now configure your apache server with the DocumentRoot $PATH_TO_MISP/app/webroot/
|
||||
# A sample vhost can be found in $PATH_TO_MISP/INSTALL/apache.misp.centos7
|
||||
# Now configure your apache server with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
|
||||
# A sample vhost can be found in ${PATH_TO_MISP}/INSTALL/apache.misp.centos7
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/apache.misp.centos7.ssl /etc/httpd/conf.d/misp.ssl.conf
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/apache.misp.centos7.ssl /etc/httpd/conf.d/misp.ssl.conf
|
||||
sudo rm /etc/httpd/conf.d/ssl.conf
|
||||
sudo chmod 644 /etc/httpd/conf.d/misp.ssl.conf
|
||||
sudo sed -i '/Listen 80/a Listen 443' /etc/httpd/conf/httpd.conf
|
||||
|
@ -399,27 +399,27 @@ cat /etc/pki/tls/certs/dhparam.pem |sudo tee -a /etc/pki/tls/certs/misp.local.cr
|
|||
sudo systemctl restart httpd.service
|
||||
|
||||
# Since SELinux is enabled, we need to allow httpd to write to certain directories
|
||||
sudo chcon -t bin_t $PATH_TO_MISP/venv/bin/*
|
||||
find $PATH_TO_MISP/venv -type f -name "*.so*" -or -name "*.so.*" | xargs sudo chcon -t lib_t
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/terms
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Plugin/CakeResque/tmp
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Console/cake
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Console/worker/*.sh
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/*.py
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/*/*.py
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/lief/build/api/python/lief.so
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Vendor/pear/crypt_gpg/scripts/crypt-gpg-pinentry
|
||||
sudo chcon -t bin_t ${PATH_TO_MISP}/venv/bin/*
|
||||
find ${PATH_TO_MISP}/venv -type f -name "*.so*" -or -name "*.so.*" | xargs sudo chcon -t lib_t
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files/terms
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Plugin/CakeResque/tmp
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/Console/cake
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/Console/worker/*.sh
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/files/scripts/*.py
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/files/scripts/*/*.py
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/files/scripts/lief/build/api/python/lief.so
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/Vendor/pear/crypt_gpg/scripts/crypt-gpg-pinentry
|
||||
# Only run these if you want to be able to update MISP from the web interface
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/.git
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Lib
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/webroot/img/orgs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/webroot/img/custom
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/scripts/mispzmq
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/.git
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Lib
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Config
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/webroot/img/orgs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/webroot/img/custom
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files/scripts/mispzmq
|
||||
```
|
||||
|
||||
!!! warning
|
||||
|
@ -448,19 +448,19 @@ sudo firewall-cmd --reload
|
|||
### 8/ Log rotation
|
||||
---------------
|
||||
```bash
|
||||
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
|
||||
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo chmod 0640 /etc/logrotate.d/misp
|
||||
|
||||
# Now make logrotate work under SELinux as well
|
||||
# Allow logrotate to modify the log files
|
||||
sudo semanage fcontext -a -t httpd_log_t "$PATH_TO_MISP/app/tmp/logs(/.*)?"
|
||||
sudo chcon -R -t httpd_log_t $PATH_TO_MISP/app/tmp/logs
|
||||
sudo semanage fcontext -a -t httpd_log_t "${PATH_TO_MISP}/app/tmp/logs(/.*)?"
|
||||
sudo chcon -R -t httpd_log_t ${PATH_TO_MISP}/app/tmp/logs
|
||||
|
||||
# Allow logrotate to read /var/www
|
||||
sudo checkmodule -M -m -o /tmp/misplogrotate.mod $PATH_TO_MISP/INSTALL/misplogrotate.te
|
||||
sudo checkmodule -M -m -o /tmp/misplogrotate.mod ${PATH_TO_MISP}/INSTALL/misplogrotate.te
|
||||
sudo semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
|
||||
sudo semodule -i /tmp/misplogrotate.pp
|
||||
```
|
||||
|
@ -468,11 +468,11 @@ sudo semodule -i /tmp/misplogrotate.pp
|
|||
### 9/ MISP configuration
|
||||
---------------------
|
||||
```bash
|
||||
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
echo "<?php
|
||||
class DATABASE_CONFIG {
|
||||
|
@ -489,7 +489,7 @@ class DATABASE_CONFIG {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
|
||||
|
||||
# Configure the fields in the newly created files:
|
||||
# config.php : baseurl (example: 'baseurl' => 'http://misp',) - don't use "localhost" it causes issues when browsing externally
|
||||
|
@ -511,14 +511,14 @@ class DATABASE_CONFIG {
|
|||
# );
|
||||
#}
|
||||
|
||||
# Important! Change the salt key in $PATH_TO_MISP/app/Config/config.php
|
||||
# Important! Change the salt key in ${PATH_TO_MISP}/app/Config/config.php
|
||||
# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
|
||||
# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
|
||||
# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
|
||||
|
||||
# If you want to be able to change configuration parameters from the webinterface:
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/Config/config.php
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config/config.php
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config/config.php
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
# Generate a GPG encryption key.
|
||||
cat >/tmp/gen-key-script <<EOF
|
||||
|
@ -536,17 +536,17 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
sudo gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
sudo rm -f /tmp/gen-key-script
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/.gnupg
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/.gnupg
|
||||
|
||||
# And export the public key to the webroot
|
||||
sudo gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
# Start the workers to enable background jobs
|
||||
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
$SUDO_WWW $RUN_PHP $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
${SUDO_WWW} $RUN_PHP ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
|
||||
if [ ! -e /etc/rc.local ]
|
||||
then
|
||||
|
@ -556,7 +556,7 @@ then
|
|||
fi
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
sudo sed -i -e '$i \su -s /bin/bash apache -c "scl enable rh-php72 $PATH_TO_MISP/app/Console/worker/start.sh" > /tmp/worker_start_rc.local.log\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \su -s /bin/bash apache -c "scl enable rh-php72 ${PATH_TO_MISP}/app/Console/worker/start.sh" > /tmp/worker_start_rc.local.log\n' /etc/rc.local
|
||||
# Make sure it will execute
|
||||
sudo chmod +x /etc/rc.local
|
||||
|
||||
|
@ -571,23 +571,23 @@ sudo yum install openjpeg-devel -y
|
|||
sudo chmod 2777 /usr/local/src
|
||||
sudo chown root:users /usr/local/src
|
||||
cd /usr/local/src/
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-modules.git
|
||||
${SUDO_WWW} git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
# pip install
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
sudo yum install rubygem-rouge rubygem-asciidoctor -y
|
||||
##sudo gem install asciidoctor-pdf --pre
|
||||
|
||||
# install additional dependencies for extended object generation and extraction
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# Start misp-modules
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
sudo sed -i -e '$i \sudo -u apache $PATH_TO_MISP/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sudo -u apache ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
|
||||
```
|
||||
|
||||
{!generic/misp-dashboard-centos.md!}
|
||||
|
|
|
@ -28,11 +28,11 @@ PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
|
|||
|
||||
{!generic/ethX.md!}
|
||||
|
||||
#### Add $MISP_USER to staff and $WWW_USER
|
||||
#### Add $MISP_USER to staff and ${WWW_USER}
|
||||
|
||||
```bash
|
||||
sudo adduser $MISP_USER staff
|
||||
sudo adduser $MISP_USER $WWW_USER
|
||||
sudo adduser $MISP_USER ${WWW_USER}
|
||||
```
|
||||
|
||||
#### Make sure your system is up2date and curl installed
|
||||
|
@ -122,45 +122,45 @@ sudo systemctl restart apache2
|
|||
------------
|
||||
```bash
|
||||
# Download MISP using git in the /var/www/ directory.
|
||||
sudo mkdir $PATH_TO_MISP
|
||||
sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP
|
||||
cd $PATH_TO_MISP
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
sudo mkdir ${PATH_TO_MISP}
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
cd ${PATH_TO_MISP}
|
||||
${SUDO_WWW} git clone https://github.com/MISP/MISP.git ${PATH_TO_MISP}
|
||||
${SUDO_WWW} git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Make git ignore filesystem permission differences
|
||||
$SUDO_WWW git config core.filemode false
|
||||
${SUDO_WWW} git config core.filemode false
|
||||
|
||||
# Create a python3 virtualenv
|
||||
$SUDO_WWW virtualenv -p python3 ${PATH_TO_MISP}/venv
|
||||
${SUDO_WWW} virtualenv -p python3 ${PATH_TO_MISP}/venv
|
||||
|
||||
# make pip happy
|
||||
sudo mkdir /var/www/.cache/
|
||||
sudo chown $WWW_USER:$WWW_USER /var/www/.cache
|
||||
sudo chown ${WWW_USER}:${WWW_USER} /var/www/.cache
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
$SUDO_WWW git clone https://github.com/MAECProject/python-maec.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
|
||||
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
|
||||
${SUDO_WWW} git clone https://github.com/MAECProject/python-maec.git
|
||||
# install mixbox to accommodate the new STIX dependencies:
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-maec
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-maec
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
# install STIX2.0 library to support STIX 2.0 export:
|
||||
cd ${PATH_TO_MISP}/cti-python-stix2
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
# FIXME: Remove libfaup etc once the egg has the library baked-in
|
||||
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
|
||||
cd /tmp
|
||||
|
@ -180,19 +180,19 @@ sudo make install
|
|||
sudo ldconfig
|
||||
|
||||
# install pydeep
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# install lief
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
|
||||
# install zmq needed by mispzmq
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install zmq redis
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq redis
|
||||
|
||||
# install python-magic
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install python-magic
|
||||
|
||||
# install plyara
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
```
|
||||
|
||||
### 4/ CakePHP
|
||||
|
@ -206,24 +206,24 @@ $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
|||
|
||||
```bash
|
||||
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
|
||||
cd $PATH_TO_MISP/app
|
||||
cd ${PATH_TO_MISP}/app
|
||||
# Make composer cache happy
|
||||
sudo mkdir /var/www/.composer ; sudo chown $WWW_USER:$WWW_USER /var/www/.composer
|
||||
sudo mkdir /var/www/.composer ; sudo chown ${WWW_USER}:${WWW_USER} /var/www/.composer
|
||||
# Update composer.phar
|
||||
#$SUDO_WWW php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#$SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === 'baf1608c33254d00611ac1705c1d9958c817a1a33bce370c0595974b342601bd80b92a3f46067da89e3b06bff421f182') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#$SUDO_WWW php composer-setup.php
|
||||
#$SUDO_WWW php -r "unlink('composer-setup.php');"
|
||||
$SUDO_WWW php composer.phar install
|
||||
#${SUDO_WWW} php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#${SUDO_WWW} php -r "if (hash_file('SHA384', 'composer-setup.php') === 'baf1608c33254d00611ac1705c1d9958c817a1a33bce370c0595974b342601bd80b92a3f46067da89e3b06bff421f182') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#${SUDO_WWW} php composer-setup.php
|
||||
#${SUDO_WWW} php -r "unlink('composer-setup.php');"
|
||||
${SUDO_WWW} php composer.phar install
|
||||
# The following is potentially not needed, but just here in case of Keyboard/Chair failures
|
||||
$SUDO_WWW php composer.phar update
|
||||
${SUDO_WWW} php composer.phar update
|
||||
|
||||
# Enable CakeResque with php-redis
|
||||
sudo phpenmod redis
|
||||
sudo phpenmod gnupg
|
||||
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
$SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
|
||||
|
@ -232,11 +232,11 @@ $SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin
|
|||
|
||||
```bash
|
||||
# Check if the permissions are set correctly using the following commands:
|
||||
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP
|
||||
sudo chmod -R 750 $PATH_TO_MISP
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/tmp
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
```
|
||||
|
||||
|
||||
|
@ -265,16 +265,16 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
|||
|
||||
#### Import the empty MISP database from MYSQL.sql
|
||||
```bash
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
### 7/ Apache configuration
|
||||
-----------------------
|
||||
```bash
|
||||
# Now configure your Apache webserver with the DocumentRoot $PATH_TO_MISP/app/webroot/
|
||||
# Now configure your Apache webserver with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
|
||||
|
||||
# If the apache version is 2.4:
|
||||
sudo cp $PATH_TO_MISP/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
|
||||
|
||||
# Be aware that the configuration files for apache 2.4 and up have changed.
|
||||
# The configuration file has to have the .conf extension in the sites-available directory
|
||||
|
@ -305,8 +305,8 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
|
|||
<VirtualHost _default_:443>
|
||||
ServerAdmin admin@<your.FQDN.here>
|
||||
ServerName <your.FQDN.here>
|
||||
DocumentRoot $PATH_TO_MISP/app/webroot
|
||||
<Directory $PATH_TO_MISP/app/webroot>
|
||||
DocumentRoot ${PATH_TO_MISP}/app/webroot
|
||||
<Directory ${PATH_TO_MISP}/app/webroot>
|
||||
Options -Indexes
|
||||
AllowOverride all
|
||||
Require all granted
|
||||
|
@ -349,21 +349,21 @@ sudo systemctl restart apache2
|
|||
### 8/ Log rotation
|
||||
---------------
|
||||
```bash
|
||||
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
|
||||
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo chmod 0640 /etc/logrotate.d/misp
|
||||
```
|
||||
|
||||
### 9/ MISP configuration
|
||||
---------------------
|
||||
```bash
|
||||
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
|
||||
echo "<?php
|
||||
|
@ -381,11 +381,11 @@ class DATABASE_CONFIG {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
|
||||
|
||||
# and make sure the file permissions are still OK
|
||||
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/app/Config
|
||||
sudo chmod -R 750 $PATH_TO_MISP/app/Config
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}/app/Config
|
||||
|
||||
# Generate a GPG encryption key.
|
||||
|
||||
|
@ -404,14 +404,14 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
$SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
${SUDO_WWW} gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
|
||||
|
||||
# And export the public key to the webroot
|
||||
$SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
${SUDO_WWW} sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
# To make the background workers start on boot
|
||||
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
|
||||
echo "[Unit]
|
||||
Description=MISP background workers
|
||||
|
@ -419,9 +419,9 @@ After=mariadb.service redis-server.service
|
|||
|
||||
[Service]
|
||||
Type=forking
|
||||
User=$WWW_USER
|
||||
Group=$WWW_USER
|
||||
ExecStart=$PATH_TO_MISP/app/Console/worker/start.sh
|
||||
User=${WWW_USER}
|
||||
Group=${WWW_USER}
|
||||
ExecStart=${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
|
||||
|
@ -440,7 +440,7 @@ fi
|
|||
{!generic/MISP_CAKE_init.md!}
|
||||
|
||||
```bash
|
||||
# Add the following lines before the last line (exit 0). Make sure that you replace $WWW_USER with your apache user:
|
||||
# Add the following lines before the last line (exit 0). Make sure that you replace ${WWW_USER} with your apache user:
|
||||
sudo sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||
|
@ -476,7 +476,7 @@ echo "User (misp) DB Password: $DBPASSWORD_MISP"
|
|||
#### MISP has a new pub/sub feature, using ZeroMQ. To enable it, simply run the following commands
|
||||
|
||||
```bash
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install pyzmq
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install pyzmq
|
||||
```
|
||||
|
||||
#### MISP has a feature for publishing events to Kafka. To enable it, simply run the following commands
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
Maintained and tested by @SteveClement on 20190702
|
||||
|
||||
!!! warning
|
||||
This install document is compiles a custom Python 3.7 meaning some things might be unexpected.
|
||||
This install document compiles a custom Python 3.7 meaning some things might be unexpected.
|
||||
Debian stretch has Python 3.5 but we need at least python 3.6
|
||||
|
||||
|
||||
|
@ -32,7 +32,7 @@ PHP_ETC_BASE=/etc/php/7.0
|
|||
PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
|
||||
|
||||
sudo adduser $MISP_USER staff
|
||||
sudo adduser $MISP_USER $WWW_USER
|
||||
sudo adduser $MISP_USER ${WWW_USER}
|
||||
```
|
||||
|
||||
{!generic/sudo_etckeeper.md!}
|
||||
|
@ -151,45 +151,45 @@ sudo systemctl restart apache2
|
|||
------------
|
||||
```bash
|
||||
# Download MISP using git in the /var/www/ directory.
|
||||
sudo mkdir $PATH_TO_MISP
|
||||
sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP
|
||||
cd $PATH_TO_MISP
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
sudo mkdir ${PATH_TO_MISP}
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
cd ${PATH_TO_MISP}
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MISP/MISP.git ${PATH_TO_MISP}; done
|
||||
${SUDO_WWW} git submodule update --progress --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Make git ignore filesystem permission differences
|
||||
$SUDO_WWW git config core.filemode false
|
||||
${SUDO_WWW} git config core.filemode false
|
||||
|
||||
# Create a python3 virtualenv
|
||||
$SUDO_WWW virtualenv -p ~/opt/python3/bin/python3.7 ${PATH_TO_MISP}/venv
|
||||
${SUDO_WWW} virtualenv -p ~/opt/python3/bin/python3.7 ${PATH_TO_MISP}/venv
|
||||
|
||||
# make pip happy
|
||||
sudo mkdir /var/www/.cache/
|
||||
sudo chown $WWW_USER:$WWW_USER /var/www/.cache
|
||||
sudo chown ${WWW_USER}:${WWW_USER} /var/www/.cache
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
$SUDO_WWW git clone https://github.com/MAECProject/python-maec.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
|
||||
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
|
||||
${SUDO_WWW} git clone https://github.com/MAECProject/python-maec.git
|
||||
# install mixbox to accommodate the new STIX dependencies:
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-maec
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-maec
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
# install STIX2.0 library to support STIX 2.0 export:
|
||||
cd ${PATH_TO_MISP}/cti-python-stix2
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
# FIXME: Remove libfaup etc once the egg has the library baked-in
|
||||
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
|
||||
cd /tmp
|
||||
|
@ -209,19 +209,19 @@ sudo make install
|
|||
sudo ldconfig
|
||||
|
||||
# install pydeep
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# install lief
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
|
||||
# install zmq needed by mispzmq
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install zmq redis
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq redis
|
||||
|
||||
# install python-magic
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install python-magic
|
||||
|
||||
# install plyara
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
```
|
||||
|
||||
### 4/ CakePHP
|
||||
|
@ -230,23 +230,23 @@ $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
|||
|
||||
```bash
|
||||
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
|
||||
cd $PATH_TO_MISP/app
|
||||
cd ${PATH_TO_MISP}/app
|
||||
# Make composer cache happy
|
||||
sudo mkdir /var/www/.composer ; sudo chown $WWW_USER:$WWW_USER /var/www/.composer
|
||||
sudo mkdir /var/www/.composer ; sudo chown ${WWW_USER}:${WWW_USER} /var/www/.composer
|
||||
# Update composer.phar
|
||||
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
|
||||
# $SUDO_WWW php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
# $SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
# $SUDO_WWW php composer-setup.php
|
||||
# $SUDO_WWW php -r "unlink('composer-setup.php');"
|
||||
$SUDO_WWW php composer.phar install
|
||||
# ${SUDO_WWW} php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
# ${SUDO_WWW} php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
# ${SUDO_WWW} php composer-setup.php
|
||||
# ${SUDO_WWW} php -r "unlink('composer-setup.php');"
|
||||
${SUDO_WWW} php composer.phar install
|
||||
|
||||
# Enable CakeResque with php-redis
|
||||
sudo phpenmod redis
|
||||
sudo phpenmod gnupg
|
||||
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
$SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
|
||||
|
@ -255,11 +255,11 @@ $SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin
|
|||
|
||||
```bash
|
||||
# Check if the permissions are set correctly using the following commands:
|
||||
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP
|
||||
sudo chmod -R 750 $PATH_TO_MISP
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/tmp
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
```
|
||||
|
||||
|
||||
|
@ -288,16 +288,16 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
|||
|
||||
#### Import the empty MISP database from MYSQL.sql
|
||||
```bash
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
### 7/ Apache configuration
|
||||
-----------------------
|
||||
```bash
|
||||
# Now configure your Apache webserver with the DocumentRoot $PATH_TO_MISP/app/webroot/
|
||||
# Now configure your Apache webserver with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
|
||||
|
||||
# If the apache version is 2.4:
|
||||
sudo cp $PATH_TO_MISP/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
|
||||
|
||||
# Be aware that the configuration files for apache 2.4 and up have changed.
|
||||
# The configuration file has to have the .conf extension in the sites-available directory
|
||||
|
@ -328,8 +328,8 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
|
|||
<VirtualHost _default_:443>
|
||||
ServerAdmin admin@<your.FQDN.here>
|
||||
ServerName <your.FQDN.here>
|
||||
DocumentRoot $PATH_TO_MISP/app/webroot
|
||||
<Directory $PATH_TO_MISP/app/webroot>
|
||||
DocumentRoot ${PATH_TO_MISP}/app/webroot
|
||||
<Directory ${PATH_TO_MISP}/app/webroot>
|
||||
Options -Indexes
|
||||
AllowOverride all
|
||||
Require all granted
|
||||
|
@ -372,21 +372,21 @@ sudo systemctl restart apache2
|
|||
### 8/ Log rotation
|
||||
---------------
|
||||
```bash
|
||||
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
|
||||
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo chmod 0640 /etc/logrotate.d/misp
|
||||
```
|
||||
|
||||
### 9/ MISP configuration
|
||||
---------------------
|
||||
```bash
|
||||
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
|
||||
echo "<?php
|
||||
|
@ -404,11 +404,11 @@ class DATABASE_CONFIG {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
|
||||
|
||||
# and make sure the file permissions are still OK
|
||||
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/app/Config
|
||||
sudo chmod -R 750 $PATH_TO_MISP/app/Config
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}/app/Config
|
||||
|
||||
# Generate a GPG encryption key.
|
||||
|
||||
|
@ -427,14 +427,14 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
$SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
${SUDO_WWW} gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
|
||||
|
||||
# And export the public key to the webroot
|
||||
$SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
${SUDO_WWW} sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
# To make the background workers start on boot
|
||||
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
|
||||
echo "[Unit]
|
||||
Description=MISP background workers
|
||||
|
@ -442,9 +442,9 @@ After=mariadb.service redis-server.service
|
|||
|
||||
[Service]
|
||||
Type=forking
|
||||
User=$WWW_USER
|
||||
Group=$WWW_USER
|
||||
ExecStart=$PATH_TO_MISP/app/Console/worker/start.sh
|
||||
User=${WWW_USER}
|
||||
Group=${WWW_USER}
|
||||
ExecStart=${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
|
||||
|
@ -463,7 +463,7 @@ fi
|
|||
{!generic/MISP_CAKE_init.md!}
|
||||
|
||||
```bash
|
||||
# Add the following lines before the last line (exit 0). Make sure that you replace $WWW_USER with your apache user:
|
||||
# Add the following lines before the last line (exit 0). Make sure that you replace ${WWW_USER} with your apache user:
|
||||
sudo sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||
|
@ -499,7 +499,7 @@ echo "User (misp) DB Password: $DBPASSWORD_MISP"
|
|||
#### MISP has a new pub/sub feature, using ZeroMQ. To enable it, simply run the following commands
|
||||
|
||||
```bash
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install pyzmq
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install pyzmq
|
||||
```
|
||||
|
||||
#### MISP has a feature for publishing events to Kafka. To enable it, simply run the following commands
|
||||
|
|
|
@ -84,7 +84,7 @@ function installMISPonTsurugi() {
|
|||
PATH_TO_MISP='/var/www/MISP'
|
||||
MISP_BASEURL='https://misp.local'
|
||||
MISP_LIVE='1'
|
||||
CAKE="$PATH_TO_MISP/app/Console/cake"
|
||||
CAKE="${PATH_TO_MISP}/app/Console/cake"
|
||||
|
||||
# Database configuration
|
||||
DBHOST='localhost'
|
||||
|
@ -184,12 +184,12 @@ function installMISPonTsurugi() {
|
|||
#update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
|
||||
#update-alternatives --install /usr/bin/python python /usr/bin/python3.5 2
|
||||
|
||||
mkdir $PATH_TO_MISP
|
||||
chown www-data:www-data $PATH_TO_MISP
|
||||
cd $PATH_TO_MISP
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
||||
mkdir ${PATH_TO_MISP}
|
||||
chown www-data:www-data ${PATH_TO_MISP}
|
||||
cd ${PATH_TO_MISP}
|
||||
${SUDO_WWW} git clone https://github.com/MISP/MISP.git ${PATH_TO_MISP}
|
||||
|
||||
$SUDO_WWW git config core.filemode false
|
||||
${SUDO_WWW} git config core.filemode false
|
||||
|
||||
cp -p /etc/lsb-release /etc/lsb-release.tmp
|
||||
sudo sed -i 's/TSURUGI/Ubuntu/g' /etc/lsb-release
|
||||
|
@ -198,45 +198,45 @@ function installMISPonTsurugi() {
|
|||
sudo apt-get update
|
||||
sudo apt-get install python3.6 python3.6-dev -y
|
||||
mv /etc/lsb-release.tmp /etc/lsb-release
|
||||
$SUDO_WWW virtualenv -p python3.6 $PATH_TO_MISP/venv
|
||||
${SUDO_WWW} virtualenv -p python3.6 ${PATH_TO_MISP}/venv
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
|
||||
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
|
||||
|
||||
mkdir /var/www/.cache
|
||||
chown www-data:www-data /var/www/.cache
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
cd $PATH_TO_MISP
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
cd ${PATH_TO_MISP}
|
||||
${SUDO_WWW} git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
cd $PATH_TO_MISP/app
|
||||
cd ${PATH_TO_MISP}/app
|
||||
mkdir /var/www/.composer ; chown www-data:www-data /var/www/.composer
|
||||
$SUDO_WWW php composer.phar install
|
||||
${SUDO_WWW} php composer.phar install
|
||||
|
||||
$SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
|
||||
|
||||
chown -R www-data:www-data $PATH_TO_MISP
|
||||
chmod -R 750 $PATH_TO_MISP
|
||||
chmod -R g+ws $PATH_TO_MISP/app/tmp
|
||||
chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
chown -R www-data:www-data ${PATH_TO_MISP}
|
||||
chmod -R 750 ${PATH_TO_MISP}
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/tmp
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
|
||||
if [ ! -e /var/lib/mysql/misp/users.ibd ]; then
|
||||
echo "
|
||||
|
@ -269,7 +269,7 @@ function installMISPonTsurugi() {
|
|||
update-rc.d apache2 enable
|
||||
update-rc.d redis-server enable
|
||||
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
|
||||
echo "<?php
|
||||
class DATABASE_CONFIG {
|
||||
|
@ -286,7 +286,7 @@ function installMISPonTsurugi() {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
|
||||
else
|
||||
echo "There might be a database already existing here: /var/lib/mysql/misp/users.ibd"
|
||||
echo "Skipping any creations…"
|
||||
|
@ -307,9 +307,9 @@ function installMISPonTsurugi() {
|
|||
cd /var/www
|
||||
mkdir misp-dashboard
|
||||
chown www-data:www-data misp-dashboard
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git
|
||||
${SUDO_WWW} git clone https://github.com/MISP/misp-dashboard.git
|
||||
cd misp-dashboard
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install zmq redis
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq redis
|
||||
/var/www/misp-dashboard/install_dependencies.sh
|
||||
sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
|
||||
sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
|
||||
|
@ -319,7 +319,7 @@ function installMISPonTsurugi() {
|
|||
sed -i -e '$i \ echo "Updating ${d}"\n' /etc/rc.local
|
||||
sed -i -e '$i \ cd $d && sudo git pull &\n' /etc/rc.local
|
||||
sed -i -e '$i \done\n' /etc/rc.local
|
||||
$SUDO_WWW bash /var/www/misp-dashboard/start_all.sh
|
||||
${SUDO_WWW} bash /var/www/misp-dashboard/start_all.sh
|
||||
|
||||
apt install libapache2-mod-wsgi-py3 -y
|
||||
|
||||
|
@ -338,9 +338,9 @@ function installMISPonTsurugi() {
|
|||
<VirtualHost _default_:443>
|
||||
ServerAdmin admin@localhost.lu
|
||||
ServerName misp.local
|
||||
DocumentRoot $PATH_TO_MISP/app/webroot
|
||||
DocumentRoot ${PATH_TO_MISP}/app/webroot
|
||||
|
||||
<Directory $PATH_TO_MISP/app/webroot>
|
||||
<Directory ${PATH_TO_MISP}/app/webroot>
|
||||
Options -Indexes
|
||||
AllowOverride all
|
||||
Require all granted
|
||||
|
@ -413,15 +413,15 @@ function installMISPonTsurugi() {
|
|||
|
||||
systemctl restart apache2
|
||||
|
||||
cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
chmod 0640 /etc/logrotate.d/misp
|
||||
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
chown -R www-data:www-data $PATH_TO_MISP/app/Config
|
||||
chmod -R 750 $PATH_TO_MISP/app/Config
|
||||
chown -R www-data:www-data ${PATH_TO_MISP}/app/Config
|
||||
chmod -R 750 ${PATH_TO_MISP}/app/Config
|
||||
$CAKE Live $MISP_LIVE
|
||||
$CAKE Baseurl $MISP_BASEURL
|
||||
|
||||
|
@ -438,11 +438,11 @@ function installMISPonTsurugi() {
|
|||
%commit
|
||||
%echo done" > /tmp/gen-key-script
|
||||
|
||||
$SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
${SUDO_WWW} gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
|
||||
$SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
${SUDO_WWW} sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
|
||||
$CAKE userInit -q
|
||||
$CAKE Admin updateDatabase
|
||||
|
@ -542,7 +542,7 @@ function installMISPonTsurugi() {
|
|||
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||
sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh\n' /etc/rc.local
|
||||
sed -i -e '$i \sudo -u www-data /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s > /tmp/misp-modules_rc.local.log 2> /dev/null &\n' /etc/rc.local
|
||||
$SUDO_WWW bash $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
${SUDO_WWW} bash ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
cd /usr/local/src/
|
||||
git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
|
@ -550,14 +550,14 @@ function installMISPonTsurugi() {
|
|||
chown www-data .
|
||||
apt install libpq5 libjpeg-dev tesseract-ocr libpoppler-cpp-dev imagemagick libopencv-dev zbar-tools libzbar0 libzbar-dev libfuzzy-dev -y
|
||||
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I .
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install maec python-magic wand lief yara-python plyara
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install stix2
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I .
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install maec python-magic wand lief yara-python plyara
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install stix2
|
||||
gem install pygments.rb
|
||||
gem install asciidoctor-pdf --pre
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/misp-modules -l 127.0.0.1 -s &
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s &
|
||||
$CAKE Admin setSetting "Plugin.Enrichment_services_enable" true
|
||||
$CAKE Admin setSetting "Plugin.Enrichment_hover_enable" true
|
||||
$CAKE Admin setSetting "Plugin.Enrichment_timeout" 300
|
||||
|
@ -603,11 +603,11 @@ function installMISPonTsurugi() {
|
|||
sleep 6
|
||||
done
|
||||
|
||||
chown -R www-data:www-data $PATH_TO_MISP
|
||||
chmod -R 750 $PATH_TO_MISP
|
||||
chmod -R g+ws $PATH_TO_MISP/app/tmp
|
||||
chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
chown -R www-data:www-data ${PATH_TO_MISP}
|
||||
chmod -R 750 ${PATH_TO_MISP}
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/tmp
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
|
||||
cd /usr/local/src/
|
||||
|
||||
|
|
|
@ -173,25 +173,25 @@ git submodule foreach --recursive git config core.filemode false
|
|||
# Create a python3 virtualenv
|
||||
virtualenv -p python3 ${PATH_TO_MISP}/venv
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
git clone https://github.com/CybOXProject/python-cybox.git
|
||||
git clone https://github.com/STIXProject/python-stix.git
|
||||
git clone https://github.com/MAECProject/python-maec.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-maec
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-maec
|
||||
${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install mixbox to accommodate the new STIX dependencies:
|
||||
cd $PATH_TO_MISP/app/files/scripts/
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/
|
||||
git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${PATH_TO_MISP}/venv/bin/pip install .
|
||||
```
|
||||
|
||||
|
@ -243,7 +243,7 @@ flush privileges;
|
|||
exit
|
||||
|
||||
# Import the empty MISP database from MYSQL.sql
|
||||
sudo -u ${VIRT_USER} cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
sudo -u ${VIRT_USER} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
|
||||
|
@ -344,11 +344,11 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
|
||||
|
||||
# And export the public key to the webroot
|
||||
sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
# If you get no satisfaction with your entropy install this:
|
||||
sudo apt-get install haveged pv
|
||||
|
|
|
@ -38,8 +38,7 @@ theme:
|
|||
markdown_extensions:
|
||||
- markdown_include.include:
|
||||
base_path: docs
|
||||
# mkdcomments is buggy atm, see: https://github.com/ryneeverett/python-markdown-comments/issues/3
|
||||
#- mkdcomments
|
||||
- mkdcomments
|
||||
- markdown.extensions.admonition
|
||||
- markdown.extensions.codehilite:
|
||||
guess_lang: false
|
||||
|
@ -75,12 +74,10 @@ nav:
|
|||
- 'RHEL8/CentOS8': 'INSTALL.rhel8.md'
|
||||
- xInstall Guides:
|
||||
- 'Warning': 'xINSTALL.md'
|
||||
- 'Centos 6': 'xINSTALL.centos6.md'
|
||||
- 'Debian 10': 'xINSTALL.debian10.md'
|
||||
- 'Debian 9': 'xINSTALL.debian9.md'
|
||||
- 'Ubuntu 18.04 \w webmin': 'xINSTALL.ubuntu1804.with.webmin.md'
|
||||
- 'Tsurugi Linux': 'xINSTALL.tsurugi.md'
|
||||
- 'OpenBSD 6.6': 'xINSTALL.OpenBSD.md'
|
||||
- 'OpenBSD 6.7': 'xINSTALL.OpenBSD.md'
|
||||
- Config Guides:
|
||||
- 'Elastic Search Logging': 'CONFIG.elasticsearch-logging.md'
|
||||
- 'Amazon S3 attachments': 'CONFIG.s3-attachments.md'
|
||||
|
@ -90,6 +87,8 @@ nav:
|
|||
- Old guides:
|
||||
- '2.3 to 2.4 upgrade': 'archive/old-2_3to2_4-UPGRADE.md'
|
||||
- 'Ubuntu 16.04': 'archive/INSTALL.ubuntu1604.md'
|
||||
- 'Debian 9': 'xINSTALL.debian9.md'
|
||||
- 'Centos 6': 'xINSTALL.centos6.md'
|
||||
- 'FreeBSD': 'archive/xINSTALL.FreeBSD.md'
|
||||
- About:
|
||||
- 'MISP Release Notes': 'Changelog.md'
|
||||
|
|
Loading…
Reference in New Issue