MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [doc] Amended CentOS8 install doc. Removed ssdeep, not working anymore.

pull/6187/head
Steve Clement 2020-08-12 09:40:18 +09:00
parent 2cb63493c3
commit cbc4e34f65
No known key found for this signature in database
GPG Key ID: 69A20F509BE4AEE9
2 changed files with 25 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
INSTALL/workerstartsh.te Normal file
View File

@ -0,0 +1,18 @@
module my-startsh 1.0;
require {
type httpd_sys_script_exec_t;
type init_t;
type httpd_sys_rw_content_t;
class file { execute execute_no_trans open read };
}
#============= init_t ==============
#!!!! This avc is allowed in the current policy
allow init_t httpd_sys_rw_content_t:file execute;
allow init_t httpd_sys_rw_content_t:file { open read };
allow init_t httpd_sys_script_exec_t:file execute_no_trans;
#!!!! This avc is allowed in the current policy
allow init_t httpd_sys_script_exec_t:file { execute open read };

18
docs/INSTALL.rhel8.md
View File

@ -134,7 +134,9 @@ yumInstallCoreDeps () {
mariadb-server \
python3-devel python3-pip python3-virtualenv \
python3-policycoreutils \
libxslt-devel zlib-devel ssdeep-devel -y
policycoreutils-python-utils \
libxslt-devel zlib-devel -y
# ssdeep-devel available: dnf install https://extras.getpagespeed.com/release-el8-latest.rpm
sudo alternatives --set python /usr/bin/python3
# Enable and start redis
@ -166,14 +168,7 @@ yumInstallCoreDeps () {
sudo systemctl enable --now php-fpm.service
```
```bash
# <snippet-begin 0_yumInstallHaveged.sh>
# GPG needs lots of entropy, haveged provides entropy
# /!\ Only do this if you're not running rngd to provide randomness and your kernel randomness is not sufficient.
sudo yum install haveged -y
sudo systemctl enable --now haveged.service
# <snippet-end 0_yumInstallHaveged.sh>
```
TODO: Add a CentOS/RHEL rng thing, à la haveged (not in base anymore) or similar.
### 3/ MISP code
## 3.01/ Download MISP code using git in /var/www/ directory
@ -269,7 +264,8 @@ installCoreRHEL () {
echo /var/www/MISP/app/files/scripts/lief/build/api/python |$SUDO_WWW tee /var/www/MISP/venv/lib/python3.6/site-packages/lief.pth
# install magic, pydeep
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git plyara
##$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git plyara
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic plyara
# install PyMISP
cd $PATH_TO_MISP/PyMISP
@ -689,7 +685,7 @@ Make the workers' script executable and reload the systemd units :
```bash
sudo chmod +x /var/www/MISP/app/Console/worker/start.sh
sudo systemctl daemon-reload
sudo checkmodule -M -m -o /tmp/workerstartsh.mod $PATH_TO_MISP/INSTALL/worker/startsh.te
sudo checkmodule -M -m -o /tmp/workerstartsh.mod $PATH_TO_MISP/INSTALL/workerstartsh.te
sudo semodule_package -o /tmp/workerstartsh.pp -m /tmp/workerstartsh.mod
sudo semodule -i /tmp/workerstartsh.pp
```