mirror of https://github.com/MISP/MISP
Adding instructions to build a Debian Package
It does not build a Debian package that can be pushed to the distribution yet, but it provides an easy way to have a Debian package for MISP for minimal configuration efforts. It is installed in /usr/share/misp and there are too many things happening in that directory, such as logs, instead of being in /var/log/misp/. However it can be useful to a lot of people, and I will gradually improve it over time. -- STRpull/5617/head
parent
0acaf546e7
commit
894c7d28a3
|
@ -0,0 +1,23 @@
|
|||
MISP Debian Package
|
||||
===================
|
||||
|
||||
The actual MISP Debian package is experimental. It is not something that can be pushed to Debian yet,
|
||||
however it is still a valid Debian package that can be deployed and it makes the installation much
|
||||
easier.
|
||||
|
||||
How to use?
|
||||
-----------
|
||||
|
||||
* Get all the MISP dependencies into this tree, such as galaxies, whitelists, etc.
|
||||
* Rename to root folder to misp-2.4.220/
|
||||
* Run ./build-deb.sh
|
||||
|
||||
Known Weaknesses
|
||||
----------------
|
||||
|
||||
* For now, it only install MISP to use a MySQL backend.
|
||||
* We could not use the outdated CakePHP Debian package (2.x), it is now 4.x, so CakePHP must be pulled into app/Lib/cakephp
|
||||
* MISP is installed in /usr/share/misp/ including where it logs, etc.
|
||||
* No individual package for misp-galaxies, misp-taxonomies etc.
|
||||
* /usr/share/misp is set to www-data, it will be changed in a future version
|
||||
* It installs MISP using Apache only, no SSL etc.
|
|
@ -660,6 +660,11 @@ class Attribute extends AppModel
|
|||
|
||||
public function afterSave($created, $options = array())
|
||||
{
|
||||
//STR
|
||||
$myfile = fopen("/tmp/newfile.txt", "w") or die("Unable to open file!");
|
||||
fwrite($myfile, implode("|",$this->data['Attribute']));
|
||||
fclose($myfile);
|
||||
|
||||
$passedEvent = false;
|
||||
if (isset($options['parentEvent'])) {
|
||||
$passedEvent = $options['parentEvent'];
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
dpkg-buildpackage -b -rfakeroot -us -uc
|
||||
|
|
@ -0,0 +1 @@
|
|||
* We cannot use cakephp package from debian, as it is outdated. CakePHP is provided along with MISP.
|
|
@ -0,0 +1,5 @@
|
|||
misp (2.4.220-1) UNRELEASED; urgency=low
|
||||
|
||||
* First package of MISP
|
||||
|
||||
-- Sebastien Tricaud <sebastien.tricaud@devo.com> Wed, 29 Jan 2020 16:32:33 -0800
|
|
@ -0,0 +1,20 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
. /usr/share/debconf/confmodule
|
||||
|
||||
db_input critical misp/configure_mariadb || true
|
||||
db_go
|
||||
|
||||
db_get misp/configure_mariadb
|
||||
if [ "$RET" = "Yes" ]; then
|
||||
db_input critical misp/mariadb_host || true
|
||||
db_go
|
||||
db_input critical misp/mariadb_rootpwd || true
|
||||
db_go
|
||||
db_input critical misp/mariadb_mispdb || true
|
||||
db_go
|
||||
db_input critical misp/mariadb_mispdbuser || true
|
||||
db_go
|
||||
db_input critical misp/mariadb_setmisppwd || true
|
||||
db_go
|
||||
fi
|
|
@ -0,0 +1,41 @@
|
|||
Source: misp
|
||||
Maintainer: Sebastien Tricaud <sebastien.tricaud@devo.com>
|
||||
Section: Web
|
||||
Priority: optional
|
||||
Standards-Version: 2.4.220
|
||||
Build-Depends: debhelper (>= 11), dh-apache2
|
||||
Homepage: http://misp.software
|
||||
Vcs-Browser: https://github.com/misp/misp
|
||||
Vcs-Git: https://github.com/MISP/MISP.git
|
||||
|
||||
Package: misp
|
||||
Architecture: all
|
||||
Pre-Depends: ${misc:Pre-Depends}
|
||||
Depends: libapache2-mod-php | php-cgi | php,
|
||||
python3,
|
||||
composer,
|
||||
mariadb-client,
|
||||
openssl,
|
||||
zip,
|
||||
unzip,
|
||||
moreutils,
|
||||
php-mysql,
|
||||
php-redis,
|
||||
php-gd,
|
||||
php-gnupg,
|
||||
php-json,
|
||||
php-xml,
|
||||
php-readline,
|
||||
php-mbstring,
|
||||
php7.3-opcache,
|
||||
${misc:Depends}
|
||||
Recommends: ${misc:Recommends}, redis-server, mariadb-server
|
||||
Description: Threat Intelligence Platform
|
||||
The MISP threat sharing platform is a free and open source software helping
|
||||
information sharing of threat intelligence including cyber security indicators.
|
||||
.
|
||||
A threat intelligence platform for gathering, sharing, storing and correlating
|
||||
Indicators of Compromise of targeted attacks, threat intelligence, financial
|
||||
fraud information, vulnerability information or even counter-terrorism
|
||||
information.
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
misp_2.4.220-1_all.deb Web optional
|
||||
misp_2.4.220-1_amd64.buildinfo Web optional
|
|
@ -0,0 +1,6 @@
|
|||
app usr/share/misp
|
||||
Plugin usr/share/misp
|
||||
tools usr/share/misp
|
||||
cti-python-stix2 usr/share/misp
|
||||
PyMISP usr/share/misp
|
||||
INSTALL/MYSQL.sql usr/share/doc/misp
|
|
@ -0,0 +1 @@
|
|||
site debian/misp.apache2.conf
|
|
@ -0,0 +1,28 @@
|
|||
<VirtualHost *:80>
|
||||
ServerAdmin me@me.local
|
||||
ServerName misp.local
|
||||
DocumentRoot /usr/share/misp/app/webroot
|
||||
<Directory /usr/share/misp/app/webroot>
|
||||
Options -Indexes
|
||||
AllowOverride all
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</Directory>
|
||||
|
||||
LogLevel warn
|
||||
ErrorLog /var/log/apache2/misp.local_error.log
|
||||
CustomLog /var/log/apache2/misp.local_access.log combined
|
||||
|
||||
ServerSignature Off
|
||||
|
||||
Header always set X-Content-Type-Options nosniff
|
||||
Header always set X-Frame-Options SAMEORIGIN
|
||||
Header always unset "X-Powered-By"
|
||||
|
||||
# TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy
|
||||
## Example:
|
||||
# Header always set X-XSS-Protection "1; mode=block"
|
||||
# Header always set Content-Security-Policy "default-src 'none'; style-src 'self' ... script-src/font-src/img-src/connect-src
|
||||
# Header always set Referrer-Policy "strict-origin-when-cross-origin"
|
||||
# Header always set Feature-Policy "geolocation 'self'; midi 'none'; notifications 'self'; push 'self'; sync-xhr 'self'; microphone 'none'; camera 'self'; magnometer 'self'; gyroscope 'self'; speake 'none'; vibrate 'self'; fullscreen 'none'"
|
||||
</VirtualHost>
|
|
@ -0,0 +1,3 @@
|
|||
misc:Recommends=apache2 ( >= 2.4.6-4~ ) | httpd
|
||||
misc:Depends=debconf (>= 0.5) | debconf-2.0
|
||||
misc:Pre-Depends=
|
|
@ -0,0 +1,203 @@
|
|||
--- misp/app/Plugin/CakeResque/Config/config.php 1969-12-31 16:00:00.000000000 -0800
|
||||
+++ misp-2.4.220/app/Plugin/CakeResque/Config/config.php 2020-02-06 15:03:21.645491394 -0800
|
||||
@@ -0,0 +1,200 @@
|
||||
+<?php
|
||||
+/**
|
||||
+ * CakeResque configuration file
|
||||
+ *
|
||||
+ * Default settings for Resque workers and queues.
|
||||
+ *
|
||||
+ * PHP version 5
|
||||
+ *
|
||||
+ * Licensed under The MIT License
|
||||
+ * Redistributions of files must retain the above copyright notice.
|
||||
+ *
|
||||
+ * @author Wan Qi Chen <kami@kamisama.me>
|
||||
+ * @copyright Copyright 2012, Wan Qi Chen <kami@kamisama.me>
|
||||
+ * @link http://cakeresque.kamisama.me
|
||||
+ * @package CakeResque
|
||||
+ * @subpackage CakeResque.Config
|
||||
+ * @since 3.4.0
|
||||
+ * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||
+ */
|
||||
+
|
||||
+/**
|
||||
+ * Configure the default value for Resque
|
||||
+ *
|
||||
+ * ## Mandatory indexes :
|
||||
+ * Redis
|
||||
+ * Redis server settings
|
||||
+ * Worker
|
||||
+ * Workers default settings
|
||||
+ * Resque
|
||||
+ * Default values used to init the php-resque library path
|
||||
+ *
|
||||
+ * ## Optional indexes :
|
||||
+ * Queues
|
||||
+ * An array of queues to start with Resque::load()
|
||||
+ * Used when you have multiple queues, as you don't need
|
||||
+ * to start each queues individually each time you start Resque
|
||||
+ * Env
|
||||
+ * Additional environment variables to pass to Resque
|
||||
+ * Log
|
||||
+ * Log handler and its arguments, to save the log with Monolog
|
||||
+ *
|
||||
+ *
|
||||
+ * There are many ways to configure the plugin:
|
||||
+ *
|
||||
+ * 1. This file is automagically loaded by the bootstrapping process, when no 'CakeResque'
|
||||
+ * configuration key exists.
|
||||
+ *
|
||||
+ * CakePlugin::load('CakeResque', array('bootstrap' => true));
|
||||
+ *
|
||||
+ * 2. If a 'CakeResque' configuration key already exists, the default configuration will not be loaded,
|
||||
+ * and the 'CakeResque' key is expected to contain all the values present in the default configuration.
|
||||
+ *
|
||||
+ * Configure::load('my_cakeresque_config');
|
||||
+ * CakePlugin::load('CakeResque', array('bootstrap' => true));
|
||||
+ *
|
||||
+ * 3. Another way to configure the plugin is to load it using a custom bootstrap file.
|
||||
+ *
|
||||
+ * CakePlugin::load('CakeResque', array('bootstrap' => 'my_bootstrap'));
|
||||
+ *
|
||||
+ * // APP/Plugin/CakeResque/Config/my_bootstrap.php
|
||||
+ * require_once dirname(__DIR__) . DS . 'Lib' . DS . 'CakeResque.php';
|
||||
+ * $config = array(); // Custom configuration
|
||||
+ * CakeResque::init($config);
|
||||
+ *
|
||||
+ * @see CakeResque::init(), CakeResque::loadConfig().
|
||||
+ */
|
||||
+$config['CakeResque'] = array(
|
||||
+ 'Redis' => array(
|
||||
+ 'host' => 'localhost', // Redis server hostname
|
||||
+ 'port' => 6379, // Redis server port
|
||||
+ 'database' => 0, // Redis database number
|
||||
+ 'namespace' => 'resque', // Redis keys namespace
|
||||
+ 'password' => null // Redis password
|
||||
+ ),
|
||||
+
|
||||
+ 'Worker' => array(
|
||||
+ 'queue' => 'default', // Name of the default queue
|
||||
+ 'interval' => 5, // Number of second between each poll
|
||||
+ 'workers' => 1, // Number of workers to create
|
||||
+ // 'user' => 'www-data' // User running the worker process
|
||||
+
|
||||
+ // Path to the log file
|
||||
+ // Can be an
|
||||
+ // - absolute path,
|
||||
+ // - an relative path, that will be relative to
|
||||
+ // app/tmp/logs folder
|
||||
+ // - a simple filename, file will be created inside app/tmp/logs
|
||||
+ 'log' => TMP . 'logs' . DS . 'resque-worker-error.log',
|
||||
+
|
||||
+ // Log Verbose mode
|
||||
+ // true to log more debugging informations
|
||||
+ // Can also be enabled per worker, by starting with --verbose
|
||||
+ 'verbose' => false
|
||||
+ ),
|
||||
+ 'Job' => array(
|
||||
+ // Whether to track job status
|
||||
+ // Enabling this will allow you to track a job status by its ID
|
||||
+ // Job status are purged after 24 hours
|
||||
+ //
|
||||
+ // You can also define per-job tracking by passing true/false when calling
|
||||
+ // CakeResque::enqueue(), CakeResque::enqueueAt() or CakeResque::enqueueIn()
|
||||
+ 'track' => false
|
||||
+ ),
|
||||
+ /*
|
||||
+ 'Queues' => array(
|
||||
+ array(
|
||||
+ 'queue' => 'default', // Use default values from above for missing interval and count indexes
|
||||
+ 'user' => 'www-data' // If PHP is running as a different user on you webserver
|
||||
+ ),
|
||||
+ array(
|
||||
+ 'queue' => 'my-second-queue',
|
||||
+ 'interval' => 10
|
||||
+ )
|
||||
+ )
|
||||
+ */
|
||||
+ 'Resque' => array(
|
||||
+ // Path to the directory containing the worker PID files
|
||||
+ 'tmpdir' => App::pluginPath('CakeResque') . 'tmp' . DS
|
||||
+ ),
|
||||
+
|
||||
+ // Other usefull environment variable you wish to set
|
||||
+ // Passing a key only will search for its value in the $_SERVER scope
|
||||
+ // eg : array('SERVER_NAME'); => will search for the value in $_SERVER['SERVER_NAME']
|
||||
+ // Passing a key and a value will set the env variable to this value
|
||||
+ // eg : array('ARCH' => 'x64')
|
||||
+ 'Env' => array(),
|
||||
+
|
||||
+ // Log Handler
|
||||
+ // If saving the logs in a plain text file doesn't suit you
|
||||
+ // you can send them to Mysql, or MongoDB, etc ...
|
||||
+ // In that case, you'll need a handler to manage your logs
|
||||
+ // All logs outputted by resque will go to the handler.
|
||||
+ // The classic log file (above) will still be used, for logging
|
||||
+ // stuff likes php error, or other STDOUT outputted by your job classses
|
||||
+ //
|
||||
+ // php-resque-ex uses Monolog to manage all the logging stuff
|
||||
+ // If you uses the original php-resque library, these settings
|
||||
+ // will be ignored
|
||||
+ //
|
||||
+ // handler
|
||||
+ // Name of the Handler (the handler classname, without the 'Handler' part)
|
||||
+ // target
|
||||
+ // Arguments taken by the handler constructor. If the handler required
|
||||
+ // multiple arguments, separate them with a comma
|
||||
+ //
|
||||
+ // As of now, the following handler are supported:
|
||||
+ //
|
||||
+ // [HANDLER] [TARGET]
|
||||
+ // Cube Cube server address (e.g: udp://127.0.0.1:1180)
|
||||
+ // RotatingFile Path to the log file (e.g: /path/to/resque.log)
|
||||
+ // Syslog Facility name
|
||||
+ // Socket Address (e.g: udp://127.0.0.1:23)
|
||||
+ // MongoDB MongoDB server address (e.g: mongodb://localhost:27017)
|
||||
+ 'Log' => array(
|
||||
+ 'handler' => 'RotatingFile',
|
||||
+ 'target' => TMP . 'logs' . DS . 'resque.log'
|
||||
+ ),
|
||||
+
|
||||
+ // Scheduler Worker
|
||||
+ // It's the worker handling all the scheduled jobs
|
||||
+ // Only one scheduler worker is permitted to run at one time
|
||||
+ // It can be paused, resumed and stopped like any other workers
|
||||
+ // It can be started only with the `startscheduler` command,
|
||||
+ // or with `load` if Scheduler Worker is enabled.
|
||||
+ //
|
||||
+ // Scheduled jobs requires the php-resque-ex-scheduler library,
|
||||
+ // that should be installed with automatically via the
|
||||
+ // `composer update` or `composer install` command
|
||||
+ //
|
||||
+ // The Scheduler Worker have its own default settings
|
||||
+ //
|
||||
+ // @since 2.3.0
|
||||
+ //
|
||||
+ 'Scheduler' => array(
|
||||
+ // Enable or disable delayed job
|
||||
+ 'enabled' => true,
|
||||
+
|
||||
+ // Path to the log file
|
||||
+ 'log' => TMP . 'logs' . DS . 'resque-scheduler-error.log',
|
||||
+
|
||||
+ // Optional
|
||||
+ // Will not default to settings defined in the global scope above
|
||||
+ 'Env' => array(),
|
||||
+
|
||||
+ // Optional
|
||||
+ // Will default to settings defined in the global scope above
|
||||
+ // Only available setting is `interval`
|
||||
+ // The worker will always poll a fixed special queue, and only one worker can run at one time
|
||||
+ 'Worker' => array(
|
||||
+ 'interval' => 3
|
||||
+ ),
|
||||
+
|
||||
+ // Optional
|
||||
+ // Will default to settings defined in the global scope above
|
||||
+ 'Log' => array(
|
||||
+ 'handler' => 'RotatingFile',
|
||||
+ 'target' => TMP . 'logs' . DS . 'resque-scheduler.log'
|
||||
+ )
|
||||
+ )
|
||||
+);
|
|
@ -0,0 +1 @@
|
|||
Add-CakeResque-Config.patch
|
|
@ -0,0 +1,74 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
. /usr/share/debconf/confmodule
|
||||
|
||||
if [ "$1" = "configure" ] ; then
|
||||
cp /usr/share/misp/app/Config/bootstrap.default.php /usr/share/misp/app/Config/bootstrap.php
|
||||
cp /usr/share/misp/app/Config/config.default.php /usr/share/misp/app/Config/config.php
|
||||
cp /usr/share/misp/app/Config/core.default.php /usr/share/misp/app/Config/core.php
|
||||
cp /usr/share/misp/app/Config/database.default.php /usr/share/misp/app/Config/database.php
|
||||
|
||||
chown -R www-data:www-data /usr/share/misp/app/tmp
|
||||
chmod -R g+ws /usr/share/misp/app/tmp
|
||||
chown -R www-data:www-data /usr/share/misp/app/files
|
||||
chmod -R g+ws /usr/share/misp/app/files
|
||||
chown -R www-data:www-data /usr/share/misp/app/Config
|
||||
chmod -R 750 /usr/share/misp/app/Config
|
||||
|
||||
if [ ! -d "/var/www/.composer/" ]
|
||||
then
|
||||
mkdir /var/www/.composer
|
||||
fi
|
||||
|
||||
chown www-data:www-data /var/www/.composer
|
||||
chown -R www-data:www-data /usr/share/misp/
|
||||
|
||||
cd /usr/share/misp/app
|
||||
sudo -u www-data composer dump-autoload
|
||||
|
||||
phpenmod redis
|
||||
phpenmod gnupg
|
||||
|
||||
a2dissite 000-default || true
|
||||
a2ensite misp.apache2 || true
|
||||
a2enmod rewrite
|
||||
a2enmod headers
|
||||
|
||||
db_get misp/mariadb_host
|
||||
HOST=$RET
|
||||
db_get misp/mariadb_rootpwd
|
||||
ROOTPWD=$RET
|
||||
db_get misp/mariadb_mispdb
|
||||
MISPDB=$RET
|
||||
db_get misp/mariadb_mispdbuser
|
||||
MISPDBUSER=$RET
|
||||
db_get misp/mariadb_setmisppwd
|
||||
MISPDBUSERPWD=$RET
|
||||
db_stop
|
||||
|
||||
mysql -h$HOST -uroot -p$ROOTPWD -e "CREATE USER IF NOT EXISTS '$MISPDBUSER'@'localhost' IDENTIFIED BY '$MISPDBUSERPWD';"
|
||||
mysql -h$HOST -uroot -p$ROOTPWD -e "GRANT ALL PRIVILEGES ON misp.* TO '$MISPDBUSER'@'localhost';"
|
||||
mysql -h$HOST -uroot -p$ROOTPWD -e "FLUSH PRIVILEGES;"
|
||||
mysql -h$HOST -uroot -p$ROOTPWD -e "CREATE DATABASE $MISPDB;"
|
||||
echo "Creating MISP Database..."
|
||||
gunzip < /usr/share/doc/misp/MYSQL.sql.gz | mysql -h$HOST -u$MISPDBUSER -p$MISPDBUSERPWD $MISPDB
|
||||
|
||||
# /usr/share/misp/app/Config/database.php
|
||||
echo "Updating salt..."
|
||||
sed -i -E "s/'salt'\s=>\s'(\S+)'/'salt' => '`openssl rand -base64 32|tr "/" "-"`'/" /usr/share/misp/app/Config/config.php
|
||||
|
||||
echo "Configuring Database..."
|
||||
sed -i -E "s/'host'\s=>\s'localhost'/'host' => '$HOST'/" /usr/share/misp/app/Config/database.php
|
||||
sed -i -E "s/'login'\s=>\s'db login'/'login' => '$MISPDBUSER'/" /usr/share/misp/app/Config/database.php
|
||||
sed -i -E "s/'password'\s=>\s'db password'/'password' => '$MISPDBUSERPWD'/" /usr/share/misp/app/Config/database.php
|
||||
sed -i -E "s/'database'\s=>\s'misp'/'database' => '$MISPDB'/" /usr/share/misp/app/Config/database.php
|
||||
|
||||
cd /usr/share/misp/app
|
||||
composer require resque/php-resque
|
||||
# No composer.json in current directory, do you want to use the one at /usr/share/misp/app? [Y,n]? Y
|
||||
echo "{\"major\":2, \"minor\":4, \"hotfix\":220}" > /usr/share/misp/VERSION.json
|
||||
fi
|
|
@ -0,0 +1,6 @@
|
|||
#!/usr/bin/make -f
|
||||
%:
|
||||
dh $@ --with apache2
|
||||
|
||||
override_dh_auto_install:
|
||||
dh_auto_build
|
|
@ -0,0 +1 @@
|
|||
3.0 (quilt)
|
|
@ -0,0 +1,35 @@
|
|||
Template: misp/information
|
||||
Type: note
|
||||
Description: MISP has been installed on your system.
|
||||
However it will not work unless you configure the following file:
|
||||
.
|
||||
/usr/share/misp/app/Config/database.php
|
||||
|
||||
Template: misp/configure_mariadb
|
||||
Type: select
|
||||
Choices: Yes, No
|
||||
Description: Would you like to configure MariaDB for MISP?
|
||||
|
||||
Template: misp/mariadb_host
|
||||
Type: string
|
||||
Default: 127.0.0.1
|
||||
Description: MariaDB Host
|
||||
|
||||
Template: misp/mariadb_rootpwd
|
||||
Type: password
|
||||
Description: MariaDB root user password
|
||||
|
||||
Template: misp/mariadb_mispdb
|
||||
Type: string
|
||||
Default: misp
|
||||
Description: MISP Database name
|
||||
|
||||
Template: misp/mariadb_mispdbuser
|
||||
Type: string
|
||||
Default: misp
|
||||
Description: MISP Database user
|
||||
|
||||
Template: misp/mariadb_setmisppwd
|
||||
Type: password
|
||||
Description: Set your MariaDB MISP user password
|
||||
|
Loading…
Reference in New Issue