Updated MISP 2.4 INSTALL instructions for CentOS 7

INSTALL/INSTALL.centos7.txt

@@ -22,17 +22,38 @@ Once the system is installed you can perform the following steps as root:
 curl -o epel.rpm http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
 rpm -Uvh epel.rpm
 
+# Since MISP 2.4 PHP 5.5 is a minimal requirement, so we need a newer version than CentOS base provides
+# Software Collections is a way do to this, see https://wiki.centos.org/AdditionalResources/Repositories/SCL
+yum install centos-release-scl
+
 # Because vim is just so practical
 yum install vim
 
 # Install the dependencies:
-yum install gcc git httpd zip php redis mysql-server php-mysql python-devel python-pip libxslt-devel zlib-devel php-devel php-xml php-mbstring
-yum install php-pear php-pecl-geoip
+yum install gcc git httpd zip redis mysql-server python-devel python-pip libxslt-devel zlib-devel
+
+# Install PHP 5.6 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-php56/
+yum install rh-php56 rh-php56-php-fpm rh-php56-php-devel rh-php56-php-mysqlnd rh-php56-php-mbstring
+
+# rh-php56-php only provided mod_php for httpd24-httpd from SCL
+# if we want to use httpd from CentOS base we can use rh-php56-php-fpm instead
+systemctl enable rh-php56-php-fpm.service
+systemctl start  rh-php56-php-fpm.service
+
+# php-fpm is accessed using the fcgi interface
+yum install mod_fcgid
+
+# Start a new shell with rh-php56 enabled
+scl enable rh-php56 bash
 
 pear channel-update pear.php.net
 
 pear install Crypt_GPG    # we need version >1.3.0 
-pear install Net_GeoIP
+
+# GPG needs lots of entropy, haveged provides entropy
+yum install haveged
+systemctl enable haveged.service
+systemctl start  haveged.service
 
 # Enable and start redis
 systemctl enable redis.service
@@ -54,7 +75,7 @@ cd /var/www/MISP/app/files/scripts
 git clone https://github.com/CybOXProject/python-cybox.git
 git clone https://github.com/STIXProject/python-stix.git
 cd /var/www/MISP/app/files/scripts/python-cybox
-git checkout v2.1.0.10
+git checkout v2.1.0.12
 git config core.filemode false
 # If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
 UMASK=$(umask)
@@ -84,10 +105,11 @@ php composer.phar config vendor-dir Vendor
 php composer.phar install
 
 # CakeResque normally uses phpredis to connect to redis, but it has a (buggy) fallback connector through Redisent. It is highly advised to install phpredis
-yum install php-pecl-redis
+pecl install redis
 
 # If you have not yet set a timezone in php.ini
-echo 'date.timezone = "Europe/Amsterdam"' > /etc/php.d/timezone.ini
+echo 'date.timezone = "Europe/Amsterdam"' > /etc/opt/rh/rh-php56/php-fpm.d/timezone.ini
+ln -s ../php-fpm.d/timezone.ini /etc/opt/rh/rh-php56/php.d/99-timezone.ini
 
 # To use the scheduler worker for scheduled tasks, do the following:
 cp -fa /var/www/MISP/INSTALL/setup/config.php /var/www/MISP/app/Plugin/CakeResque/Config/config.php
@@ -138,12 +160,9 @@ mysql -u misp -p misp < INSTALL/MYSQL.sql
 7/ Apache configuration
 -----------------------
 # Now configure your apache server with the DocumentRoot /var/www/MISP/app/webroot/
-# A sample ghost can be found in /var/www/MISP/INSTALL/apache.misp
+# A sample vhost can be found in /var/www/MISP/INSTALL/apache.misp.centos7
 
-cp /var/www/MISP/INSTALL/apache.misp /etc/httpd/conf.d/misp.conf
-
-# Edit the misp.conf file and replace /var/log/apache2 with /var/log/httpd
-vi /etc/httpd/conf.d/misp.conf
+cp /var/www/MISP/INSTALL/apache.misp.centos7 /etc/httpd/conf.d/misp.conf
 
 # Since SELinux is enabled, we need to allow httpd to write to certain directories
 chcon -t httpd_sys_content_rw_t /var/www/MISP/app/files
@@ -154,7 +173,7 @@ chcon -R -t httpd_sys_content_rw_t /var/www/MISP/app/tmp
 chcon -R -t httpd_sys_content_rw_t /var/www/MISP/app/webroot/img/orgs
 chcon -R -t httpd_sys_content_rw_t /var/www/MISP/app/webroot/img/custom
 
-# Allow httpd to connect to the redis server over tcp/ip
+# Allow httpd to connect to the redis server and php-fpm over tcp/ip
 setsebool -P httpd_can_network_connect on
 
 # Enable and start the httpd service 
@@ -184,9 +203,6 @@ cp -a config.default.php config.php
 # bootstrap.php: uncomment the last 3 lines to enable the background workers (see below)
 # CakePlugin::loadAll(array('CakeResque' => array('bootstrap' => true)));
 
-# Setup localhost in database.php:
-# 'host' => 'localhost',
-
 # To enable the background workers, if you have installed the package required for it in 4/, uncomment the following lines:
 # in core.php (if you have just recently updated MISP, just add this line at the end of the file):
 # require_once dirname(__DIR__) . '/Vendor/autoload.php';
@@ -201,26 +217,25 @@ chown apache:apache /var/www/MISP/app/Config/config.php
 chcon -t httpd_sys_content_rw_t /var/www/MISP/app/Config/config.php
 
 # Generate a GPG encryption key.
-mkdir /var/www/MISP/.gnupg
-chmod 700 /var/www/MISP/.gnupg
 # If the following command gives an error message, try it as root from the console
-# can't connect to `/var/www/MISP/.gnupg/S.gpg-agent': No such file or directory
-gpg --homedir /var/www/MISP/.gnupg --gen-key
+gpg --gen-key
+mv ~/.gnupg /var/www/MISP/
 chown -R apache:apache /var/www/MISP/.gnupg
 
 # The email address should match the one set in the config.php configuration file
-# Make sure that you use the same settings in the MISP Server Settings tool (Described on line 226)
+# Make sure that you use the same settings in the MISP Server Settings tool (Described on line 242)
 
 # And export the public key to the webroot
 sudo -u apache gpg --homedir /var/www/MISP/.gnupg --export --armor YOUR-EMAIL > /var/www/MISP/app/webroot/gpg.asc
 
 # Start the workers to enable background jobs
-su -s /bin/bash apache -c 'bash /var/www/MISP/app/Console/worker/start.sh'
+chmod +x /var/www/MISP/app/Console/worker/start.sh
+su -s /bin/bash apache -c 'scl enable rh-php56 /var/www/MISP/app/Console/worker/start.sh'
 
 # To make the background workers start on boot
 vi /etc/rc.local
 # Add the following line at the end
-su -s /bin/bash apache -c 'bash /var/www/MISP/app/Console/worker/start.sh'
+su -s /bin/bash apache -c 'scl enable rh-php56 /var/www/MISP/app/Console/worker/start.sh'
 
 # Now log in using the webinterface:
 # The default user/pass = admin@admin.test/admin 

INSTALL/INSTALL.ubuntu1404.txt

@@ -29,7 +29,6 @@ apt-get install vim
 # Install the dependencies:
 apt-get install gcc zip php-pear git redis-server make python-dev python-pip libxml2-dev libxslt1-dev zlib1g-dev php5-dev libapache2-mod-php5 curl
 pear install Crypt_GPG    # we need version >1.3.0 
-pear install Net_GeoIP
 
 3/ MISP code
 ------------
@@ -47,7 +46,7 @@ cd /var/www/MISP/app/files/scripts
 git clone https://github.com/CybOXProject/python-cybox.git
 git clone https://github.com/STIXProject/python-stix.git
 cd /var/www/MISP/app/files/scripts/python-cybox
-git checkout v2.1.0.10
+git checkout v2.1.0.12
 python setup.py install
 cd /var/www/MISP/app/files/scripts/python-stix
 git checkout v1.1.1.4
@@ -110,9 +109,9 @@ mysql -u misp -p misp < INSTALL/MYSQL.sql
 7/ Apache configuration
 -----------------------
 # Now configure your apache server with the DocumentRoot /var/www/MISP/app/webroot/
-# A sample ghost can be found in /var/www/MISP/INSTALL/apache.misp
+# A sample vhost can be found in /var/www/MISP/INSTALL/apache.misp.ubuntu
 
-cp /var/www/MISP/INSTALL/apache.misp /etc/apache2/sites-available/misp.conf
+cp /var/www/MISP/INSTALL/apache.misp.ubuntu /etc/apache2/sites-available/misp.conf
 
 # Be aware that the configuration files for apache 2.4 and up have changed. 
 # The configuration file has to have the .conf extension in the sites-available directory

INSTALL/apache.misp

@@ -1,16 +0,0 @@
-<VirtualHost *:80>
-        ServerAdmin me@me.local
-        ServerName misp.local
-        DocumentRoot /var/www/MISP/app/webroot
-        <Directory /var/www/MISP/app/webroot>
-                Options -Indexes
-                AllowOverride all
-                Order allow,deny
-                allow from all
-        </Directory>
-
-        LogLevel warn
-        ErrorLog /var/log/apache2/misp.local_error.log
-        CustomLog /var/log/apache2/misp.local_access.log combined
-        ServerSignature Off
-</VirtualHost>

INSTALL/apache.misp.centos7

@@ -0,0 +1,23 @@
+<VirtualHost *:80>
+	ServerAdmin me@me.local
+	ServerName misp.local
+	DocumentRoot /var/www/MISP/app/webroot
+	<Directory /var/www/MISP/app/webroot>
+		Options -Indexes
+		AllowOverride all
+		Order allow,deny
+		allow from all
+	</Directory>
+
+	<IfModule !mod_php5.c>
+		DirectoryIndex /index.php index.php
+		<FilesMatch \.php$>
+			SetHandler "proxy:fcgi://127.0.0.1:9000"
+		</FilesMatch>
+	</IfModule>
+
+	LogLevel warn
+	ErrorLog /var/log/httpd/misp.local_error.log
+	CustomLog /var/log/httpd/misp.local_access.log combined
+	ServerSignature Off
+</VirtualHost>

INSTALL/apache.misp.ubuntu

@@ -0,0 +1,16 @@
+<VirtualHost *:80>
+	ServerAdmin me@me.local
+	ServerName misp.local
+	DocumentRoot /var/www/MISP/app/webroot
+	<Directory /var/www/MISP/app/webroot>
+		Options -Indexes
+		AllowOverride all
+		Order allow,deny
+		allow from all
+	</Directory>
+
+	LogLevel warn
+	ErrorLog /var/log/apache2/misp.local_error.log
+	CustomLog /var/log/apache2/misp.local_access.log combined
+	ServerSignature Off
+</VirtualHost>