mirror of https://github.com/MISP/MISP
Merge branch '2.4' into develop
commit
e3799d7104
|
@ -2163,13 +2163,15 @@ installCoreRHEL () {
|
|||
# In case you get "internal compiler error: Killed (program cc1plus)"
|
||||
# You ran out of memory.
|
||||
# Create some swap
|
||||
sudo dd if=/dev/zero of=/var/swap.img bs=1024k count=4000
|
||||
sudo mkswap /var/swap.img
|
||||
sudo swapon /var/swap.img
|
||||
TEMP_DIR=$(mktemp -d)
|
||||
TEMP_SWAP=${TEMP_DIR}/swap.img
|
||||
sudo dd if=/dev/zero of=${TEMP_SWAP} bs=1024k count=4000
|
||||
sudo mkswap ${TEMP_SWAP}
|
||||
sudo swapon ${TEMP_SWAP}
|
||||
# And compile again
|
||||
$SUDO_WWW make -j3 pyLIEF
|
||||
sudo swapoff /var/swap.img
|
||||
sudo rm /var/swap.img
|
||||
${SUDO_WWW} make -j3 pyLIEF
|
||||
sudo swapoff ${TEMP_SWAP}
|
||||
sudo rm -r ${TEMP_DIR}
|
||||
fi
|
||||
|
||||
# The following adds a PYTHONPATH to where the pyLIEF module has been compiled
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
; Generated by RHash v1.3.9 on 2021-02-15 at 12:01.57
|
||||
; Generated by RHash v1.4.0 on 2021-03-17 at 11:58.01
|
||||
; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/
|
||||
;
|
||||
; 137749 12:01.57 2021-02-15 INSTALL.sh
|
||||
INSTALL.sh 5C4651E28DAD85AFCB59E6914D8ACAB6E447BEB7 506B3B399D5B8EC140538054D9E78ABFA11A8AD45CE5E42AC77A72FB71762FDE 400AFBF6ACA765F314F4D044ABC28D3D94E38D6223F642E1BED3F8C7884CAA64BAA10647352E5BF94411DA8A6753D549 3AC6B5A002645E7F29547F1134BE3C744BFD3D1B253473702B9132E7CEC271474333407F7AA375996EAF9A9877E8E73A7D3C655DDC6E9C7A83F5DF37FA418FB6
|
||||
; 137809 11:57.59 2021-03-17 INSTALL.sh
|
||||
INSTALL.sh 5264D3699A8122AD797C52D64DB3BDB59FF98B4E 072391BE950D876396C4C858515D429DCD5ECB1DDA6C52ABD8AC81FB1DA336C0 3BAA227161359FB6449FE7CCDAACF9985362DE128BC09296D6B543646DEA958611786F1B8F816AC11E0C9AAB15149D7E 5A1DF67A94B0F45967EA478EEB610AA33AAD1ABF2D4D27267AB8813C163683C98549071FE05275D5A99BCB08A5A6F703073563E46601E2727DE34ECFE57757D9
|
||||
|
|
|
@ -1 +1 @@
|
|||
5c4651e28dad85afcb59e6914d8acab6e447beb7 INSTALL.sh
|
||||
5264d3699a8122ad797c52d64db3bdb59ff98b4e INSTALL.sh
|
||||
|
|
|
@ -1 +1 @@
|
|||
506b3b399d5b8ec140538054d9e78abfa11a8ad45ce5e42ac77a72fb71762fde INSTALL.sh
|
||||
072391be950d876396c4c858515d429dcd5ecb1dda6c52abd8ac81fb1da336c0 INSTALL.sh
|
||||
|
|
|
@ -1 +1 @@
|
|||
400afbf6aca765f314f4d044abc28d3d94e38d6223f642e1bed3f8c7884caa64baa10647352e5bf94411da8a6753d549 INSTALL.sh
|
||||
3baa227161359fb6449fe7ccdaacf9985362de128bc09296d6b543646dea958611786f1b8f816ac11e0c9aab15149d7e INSTALL.sh
|
||||
|
|
|
@ -1 +1 @@
|
|||
3ac6b5a002645e7f29547f1134be3c744bfd3d1b253473702b9132e7cec271474333407f7aa375996eaf9a9877e8e73a7d3c655ddc6e9c7a83f5df37fa418fb6 INSTALL.sh
|
||||
5a1df67a94b0f45967ea478eeb610aa33aad1abf2d4d27267ab8813c163683c98549071fe05275d5a99bcb08a5a6f703073563e46601e2727de34ecfe57757d9 INSTALL.sh
|
||||
|
|
|
@ -7,10 +7,10 @@ require {
|
|||
type httpd_sys_content_t;
|
||||
type httpd_sys_rw_content_t;
|
||||
class dir { ioctl read getattr lock search open remove_name };
|
||||
class file { unlink write };
|
||||
class file { unlink write rename };
|
||||
}
|
||||
#============= logrotate_t ==============
|
||||
allow logrotate_t httpd_sys_content_t:dir { ioctl read getattr lock search open };
|
||||
allow logrotate_t httpd_sys_rw_content_t:dir { ioctl read getattr lock search open };
|
||||
allow httpd_t httpd_log_t:dir remove_name;
|
||||
allow { httpd_t httpd_sys_script_t } httpd_log_t:file { unlink write };
|
||||
allow { httpd_t httpd_sys_script_t } httpd_log_t:file { unlink write rename };
|
||||
|
|
|
@ -4076,10 +4076,6 @@ class Attribute extends AppModel
|
|||
$attribute['distribution'] = 5;
|
||||
}
|
||||
}
|
||||
if (isset($attribute['Sighting']) && !empty($attribute['Sighting'])) {
|
||||
$this->Sighting = ClassRegistry::init('Sighting');
|
||||
$this->Sighting->captureSightings($attribute['Sighting'], $attribute['id'], $eventId, $user);
|
||||
}
|
||||
$fieldList = $this->editableFields;
|
||||
if (empty($existingAttribute)) {
|
||||
$addableFieldList = array('event_id', 'type', 'uuid');
|
||||
|
@ -4105,6 +4101,10 @@ class Attribute extends AppModel
|
|||
));
|
||||
return $this->validationErrors;
|
||||
} else {
|
||||
if (isset($attribute['Sighting']) && !empty($attribute['Sighting'])) {
|
||||
$this->Sighting = ClassRegistry::init('Sighting');
|
||||
$this->Sighting->captureSightings($attribute['Sighting'], $this->id, $eventId, $user);
|
||||
}
|
||||
if ($user['Role']['perm_tagger']) {
|
||||
/*
|
||||
We should uncomment the line below in the future once we have tag soft-delete
|
||||
|
|
|
@ -818,7 +818,7 @@ class GalaxyCluster extends AppModel
|
|||
{
|
||||
$this->Event = ClassRegistry::init('Event');
|
||||
if (isset($element[$model]['distribution']) && $element[$model]['distribution'] == 4) {
|
||||
$element[$model] = $this->Event->__captureSGForElement($element[$model], $user);
|
||||
$element[$model] = $this->Event->captureSGForElement($element[$model], $user);
|
||||
}
|
||||
// first we want to see how the creator organisation is encoded
|
||||
// The options here are either by passing an organisation object along or simply passing a string along
|
||||
|
|
|
@ -475,7 +475,7 @@ class GalaxyClusterRelation extends AppModel
|
|||
|
||||
$this->Event = ClassRegistry::init('Event');
|
||||
if (isset($relation['GalaxyClusterRelation']['distribution']) && $relation['GalaxyClusterRelation']['distribution'] == 4) {
|
||||
$relation['GalaxyClusterRelation'] = $this->Event->__captureSGForElement($relation['GalaxyClusterRelation'], $user);
|
||||
$relation['GalaxyClusterRelation'] = $this->Event->captureSGForElement($relation['GalaxyClusterRelation'], $user);
|
||||
}
|
||||
|
||||
$saveSuccess = $this->save($relation);
|
||||
|
|
|
@ -387,6 +387,9 @@ class Taxonomy extends AppModel
|
|||
App::uses('ColourPaletteTool', 'Tools');
|
||||
$paletteTool = new ColourPaletteTool();
|
||||
$taxonomy = $this->__getTaxonomy($id, array('full' => true));
|
||||
if (empty($taxonomy)) {
|
||||
return false;
|
||||
}
|
||||
$tags = $this->Tag->getTagsForNamespace($taxonomy['Taxonomy']['namespace']);
|
||||
$colours = $paletteTool->generatePaletteFromString($taxonomy['Taxonomy']['namespace'], count($taxonomy['entries']));
|
||||
foreach ($taxonomy['entries'] as $k => $entry) {
|
||||
|
|
|
@ -127,7 +127,7 @@ class ApacheShibbAuthenticate extends BaseAuthenticate
|
|||
$user = $this->updateUserRole($roleChanged, $user, $roleId, $userModel);
|
||||
}
|
||||
$user = $this->updateUserOrg($org, $user, $userModel);
|
||||
CakeLog::info("User `$mispUsername` logged in.");
|
||||
$userModel->extralog($user, 'login');
|
||||
return $user;
|
||||
}
|
||||
|
||||
|
@ -145,8 +145,9 @@ class ApacheShibbAuthenticate extends BaseAuthenticate
|
|||
// save user
|
||||
$userModel->save($userData);
|
||||
CakeLog::info("User `$mispUsername` saved in database.");
|
||||
CakeLog::info("User `$mispUsername` logged in.");
|
||||
return $this->_findUser($mispUsername);
|
||||
$user = $this->_findUser($mispUsername);
|
||||
$userModel->extralog($user, 'login');
|
||||
return $user;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
</dd>
|
||||
<dt><?php echo __('Attributes'); ?></dt>
|
||||
<dd><?php echo h($stats['attribute_count']);
|
||||
if ($stats['event_count_month']) echo ' <span style="color:green">(+' . h($stats['attribute_count_month']) . ')</span> ';
|
||||
if ($stats['attribute_count_month']) echo ' <span style="color:green">(+' . h($stats['attribute_count_month']) . ')</span> ';
|
||||
else echo ' <span style="color:red">(0)</span> ';?>
|
||||
</dd>
|
||||
<dt><?php echo __('Attributes / event'); ?></dt>
|
||||
|
|
|
@ -718,7 +718,7 @@
|
|||
"numeric_precision": null,
|
||||
"collation_name": "utf8mb4_unicode_ci",
|
||||
"column_type": "text",
|
||||
"column_default": "NULL",
|
||||
"column_default": null,
|
||||
"extra": ""
|
||||
}
|
||||
],
|
||||
|
|
|
@ -27,6 +27,11 @@ Make sure you are reading the parsed version of this Document. When in doubt [cl
|
|||
The core MISP team cannot verify if this guide is working or not. Please help us in keeping it up to date and accurate.
|
||||
Thus we also have difficulties in supporting RHEL issues but will do a best effort on a similar yet slightly different setup.
|
||||
|
||||
!!! notice
|
||||
This document also serves as a source for the [INSTALL-misp.sh](https://github.com/MISP/MISP/blob/2.4/INSTALL/INSTALL.sh) script.
|
||||
Which explains why you will see the use of shell *functions* in various steps.
|
||||
Henceforth the document will also follow a more logical flow. In the sense that all the dependencies are installed first then config files are generated, etc...
|
||||
|
||||
!!! notice
|
||||
Maintenance for CentOS 7 will end on: June 30th, 2024 [Source[0]](https://wiki.centos.org/About/Product) [Source[1]](https://linuxlifecycle.com/)
|
||||
CentOS 7-1908 [NetInstallURL](http://mirror.centos.org/centos/7/os/x86_64/)
|
||||
|
@ -108,6 +113,7 @@ sudo yum install deltarpm -y
|
|||
```bash
|
||||
# Because (neo)vim is just so practical
|
||||
sudo yum install neovim -y
|
||||
# For RHEL, it's vim
|
||||
```
|
||||
|
||||
## 1.5.c/ Install ntpdate (optional)
|
||||
|
@ -126,11 +132,15 @@ yumUpdate () {
|
|||
# <snippet-end 0_yum-update.sh>
|
||||
```
|
||||
|
||||
## 1.6/ **[RHEL]** Install the EPEL repo
|
||||
## 1.6/ **[RHEL]** Install the EPEL and remi repo
|
||||
```bash
|
||||
# <snippet-begin 0_RHEL_EPEL.sh>
|
||||
enableEPEL () {
|
||||
sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm -y
|
||||
sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
|
||||
sudo yum install yum-utils
|
||||
sudo subscription-manager repos --enable=rhel-7-server-optional-rpms
|
||||
sudo yum-config-manager --enable remi-php72
|
||||
}
|
||||
# <snippet-end 0_RHEL_EPEL.sh>
|
||||
```
|
||||
|
@ -148,40 +158,45 @@ enableEPEL () {
|
|||
# <snippet-begin 0_yumInstallCoreDeps.sh>
|
||||
yumInstallCoreDeps () {
|
||||
# Install the dependencies:
|
||||
sudo yum install gcc git zip rh-git218 \
|
||||
httpd24 \
|
||||
sudo yum install gcc git zip \
|
||||
mod_ssl \
|
||||
rh-redis32 \
|
||||
rh-mariadb102 \
|
||||
redis \
|
||||
libxslt-devel zlib-devel ssdeep-devel -y
|
||||
|
||||
# Enable and start redis
|
||||
sudo systemctl enable --now rh-redis32-redis.service
|
||||
sudo systemctl enable --now redis.service
|
||||
|
||||
# Install MariaDB
|
||||
sudo yum install wget
|
||||
wget https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
|
||||
chmod +x mariadb_repo_setup
|
||||
sudo ./mariadb_repo_setup
|
||||
sudo yum install MariaDB-server
|
||||
|
||||
WWW_USER="apache"
|
||||
SUDO_WWW="sudo -H -u $WWW_USER"
|
||||
RUN_PHP="/usr/bin/scl enable rh-php72"
|
||||
PHP_INI="/etc/opt/rh/rh-php72/php.ini"
|
||||
# Install PHP 7.2 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-php72/
|
||||
sudo yum install rh-php72 rh-php72-php-fpm rh-php72-php-devel \
|
||||
rh-php72-php-mysqlnd \
|
||||
rh-php72-php-mbstring \
|
||||
rh-php72-php-xml \
|
||||
rh-php72-php-bcmath \
|
||||
rh-php72-php-opcache \
|
||||
rh-php72-php-zip \
|
||||
rh-php72-php-gd -y
|
||||
RUN_PHP="/usr/bin/scl enable php72"
|
||||
PHP_INI="/etc/opt/remi/php72/php.ini"
|
||||
# Install PHP 7.2 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-php72/ Obsolete?
|
||||
sudo yum install php72 php72-php-fpm php72-php-devel \
|
||||
php72-php-mysqlnd \
|
||||
php72-php-mbstring \
|
||||
php72-php-xml \
|
||||
php72-php-bcmath \
|
||||
php72-php-opcache \
|
||||
php72-php-zip \
|
||||
php72-php-gd -y
|
||||
|
||||
# Python 3.6 is now available in RHEL 7.7 base
|
||||
sudo yum install python3 python3-devel -y
|
||||
|
||||
sudo systemctl enable --now rh-php72-php-fpm.service
|
||||
sudo systemctl enable --now php72-php-fpm.service
|
||||
}
|
||||
# <snippet-end 0_yumInstallCoreDeps.sh>
|
||||
```
|
||||
|
||||
!!! notice
|
||||
$RUN_PHP makes php available for you if using rh-php72. e.g: sudo $RUN_PHP "pear list | grep Crypt_GPG"
|
||||
$RUN_PHP makes php available for you if using php72. e.g: sudo $RUN_PHP "pear list | grep Crypt_GPG"
|
||||
|
||||
```bash
|
||||
# <snippet-begin 0_yumInstallHaveged.sh>
|
||||
|
@ -280,13 +295,15 @@ installCoreRHEL () {
|
|||
# In case you get "internal compiler error: Killed (program cc1plus)"
|
||||
# You ran out of memory.
|
||||
# Create some swap
|
||||
sudo dd if=/dev/zero of=/var/swap.img bs=1024k count=4000
|
||||
sudo mkswap /var/swap.img
|
||||
sudo swapon /var/swap.img
|
||||
TEMP_DIR=$(mktemp -d)
|
||||
TEMP_SWAP=${TEMP_DIR}/swap.img
|
||||
sudo dd if=/dev/zero of=${TEMP_SWAP} bs=1024k count=4000
|
||||
sudo mkswap ${TEMP_SWAP}
|
||||
sudo swapon ${TEMP_SWAP}
|
||||
# And compile again
|
||||
$SUDO_WWW make -j3 pyLIEF
|
||||
sudo swapoff /var/swap.img
|
||||
sudo rm /var/swap.img
|
||||
${SUDO_WWW} make -j3 pyLIEF
|
||||
sudo swapoff ${TEMP_SWAP}
|
||||
sudo rm -r ${TEMP_DIR}
|
||||
fi
|
||||
|
||||
# The following adds a PYTHONPATH to where the pyLIEF module has been compiled
|
||||
|
@ -320,10 +337,11 @@ installCoreRHEL () {
|
|||
|
||||
# Enable dependencies detection in the diagnostics page
|
||||
# This allows MISP to detect GnuPG, the Python modules' versions and to read the PHP settings.
|
||||
# OBSOLETE?
|
||||
# The LD_LIBRARY_PATH setting is needed for rh-git218 to work
|
||||
echo "env[PATH] = /opt/rh/rh-git218/root/usr/bin:/opt/rh/rh-redis32/root/usr/bin:/opt/rh/rh-php72/root/usr/bin:/usr/local/bin:/usr/bin:/bin" |sudo tee -a /etc/opt/rh/rh-php72/php-fpm.d/www.conf
|
||||
sudo sed -i.org -e 's/^;\(clear_env = no\)/\1/' /etc/opt/rh/rh-php72/php-fpm.d/www.conf
|
||||
sudo systemctl restart rh-php72-php-fpm.service
|
||||
echo "env[PATH] = /opt/rh/rh-git218/root/usr/bin:/opt/rh/rh-php72/root/usr/bin:/usr/local/bin:/usr/bin:/bin" |sudo tee -a /etc/opt/rh/rh-php72/php-fpm.d/www.conf
|
||||
sudo sed -i.org -e 's/^;\(clear_env = no\)/\1/' /etc/opt/remi/php72/php-fpm.d/www.conf
|
||||
sudo systemctl restart php72-php-fpm.service
|
||||
umask $UMASK
|
||||
}
|
||||
# <snippet-end 1_mispCoreInstall_RHEL.sh>
|
||||
|
|
|
@ -255,13 +255,15 @@ installCoreRHEL () {
|
|||
# In case you get "internal compiler error: Killed (program cc1plus)"
|
||||
# You ran out of memory.
|
||||
# Create some swap
|
||||
sudo dd if=/dev/zero of=/var/swap.img bs=1024k count=4000
|
||||
sudo mkswap /var/swap.img
|
||||
sudo swapon /var/swap.img
|
||||
TEMP_DIR=$(mktemp -d)
|
||||
TEMP_SWAP=${TEMP_DIR}/swap.img
|
||||
sudo dd if=/dev/zero of=${TEMP_SWAP} bs=1024k count=4000
|
||||
sudo mkswap ${TEMP_SWAP}
|
||||
sudo swapon ${TEMP_SWAP}
|
||||
# And compile again
|
||||
$SUDO_WWW make -j3 pyLIEF
|
||||
sudo swapoff /var/swap.img
|
||||
sudo rm /var/swap.img
|
||||
${SUDO_WWW} make -j3 pyLIEF
|
||||
sudo swapoff ${TEMP_SWAP}
|
||||
sudo rm -r ${TEMP_DIR}
|
||||
fi
|
||||
|
||||
# The following adds a PYTHONPATH to where the pyLIEF module has been compiled
|
||||
|
|
|
@ -20,7 +20,7 @@ bash /tmp/INSTALL.sh -c
|
|||
### 0/ MISP Ubuntu 18.04-server install - status
|
||||
-------------------------
|
||||
!!! notice
|
||||
Installer tested working by [@SteveClement](https://twitter.com/SteveClement) on 20200501 (works with **Ubuntu 18.10/19.04** too)
|
||||
Installer tested working by [@SteveClement](https://twitter.com/SteveClement) on 20210324 (works with **Ubuntu 18.10/19.04** too)
|
||||
|
||||
!!! notice
|
||||
This document also serves as a source for the [INSTALL-misp.sh](https://github.com/MISP/MISP/blob/2.4/INSTALL/INSTALL.sh) script.
|
||||
|
|
Loading…
Reference in New Issue