MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix

pull/6022/head
chrisr3d 2020-05-25 12:00:33 +02:00
parent fb78b721dc 5d7244741f
commit e95dad15d0
30 changed files with 593 additions and 615 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
app/Controller/AppController.php
View File

@ -462,6 +462,15 @@ class AppController extends Controller
$this->set('isAclKafka', isset($role['perm_publish_kafka']) ? $role['perm_publish_kafka'] : false);
$this->set('isAclDecaying', isset($role['perm_decaying']) ? $role['perm_decaying'] : false);
$this->userRole = $role;
$this->set('loggedInUserName', $this->__convertEmailToName($this->Auth->user('email')));
if ($this->request->params['controller'] === 'users' && $this->request->params['action'] === 'dashboard') {
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user());
} else {
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user(), 'fast');
}
$this->set('notifications', $notifications);
if (
Configure::read('MISP.log_paranoid') ||
!empty(Configure::read('Security.monitored'))
@ -499,9 +508,8 @@ class AppController extends Controller
} else {
$this->set('me', false);
}
$this->set('br', '<br />');
$this->set('bold', array('<span class="bold">', '</span>'));
if ($this->_isSiteAdmin()) {
if ($this->Auth->user() && $this->_isSiteAdmin()) {
if (Configure::read('Session.defaults') == 'database') {
$db = ConnectionManager::getDataSource('default');
$sqlResult = $db->query('SELECT COUNT(id) AS session_count FROM cake_sessions WHERE expires < ' . time() . ';');
@ -515,13 +523,6 @@ class AppController extends Controller
}
}
$this->set('loggedInUserName', $this->__convertEmailToName($this->Auth->user('email')));
if ($this->request->params['controller'] === 'users' && $this->request->params['action'] === 'dashboard') {
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user());
} else {
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user(), 'fast');
}
$this->set('notifications', $notifications);
$this->ACL->checkAccess($this->Auth->user(), Inflector::variable($this->request->params['controller']), $this->action);
if ($this->_isRest()) {
$this->__rateLimitCheck();

28
app/Controller/Component/ACLComponent.php
View File

@ -695,12 +695,23 @@ class ACLComponent extends Component
}
}
// The check works like this:
// If the user is a site admin, return true
// If the requested action has an OR-d list, iterate through the list. If any of the permissions are set for the user, return true
// If the requested action has an AND-ed list, iterate through the list. If any of the permissions for the user are not set, turn the check to false. Otherwise return true.
// If the requested action has a permission, check if the user's role has it flagged. If yes, return true
// If we fall through all of the checks, return an exception.
/**
* The check works like this:
* - If the user is a site admin, return true
* - If the requested action has an OR-d list, iterate through the list. If any of the permissions are set for the user, return true
* - If the requested action has an AND-ed list, iterate through the list. If any of the permissions for the user are not set, turn the check to false. Otherwise return true.
* - If the requested action has a permission, check if the user's role has it flagged. If yes, return true
* - If we fall through all of the checks, return an exception.
*
* @param array|null $user
* @param string $controller
* @param string $action
* @param bool $soft If true, instead of exception, HTTP error code is retuned as int.
* @return bool|int
* @throws NotFoundException
* @throws MethodNotAllowedException
* @throws InternalErrorException
*/
public function checkAccess($user, $controller, $action, $soft = false)
{
$controller = lcfirst(Inflector::camelize($controller));
@ -710,15 +721,12 @@ class ACLComponent extends Component
$aclList[$k] = array_change_key_case($v);
}
$this->__checkLoggedActions($user, $controller, $action);
if ($user['Role']['perm_site_admin']) {
if ($user && $user['Role']['perm_site_admin']) {
return true;
}
if (!isset($aclList[$controller])) {
return $this->__error(404, 'Invalid controller.', $soft);
}
if ($user['Role']['perm_site_admin']) {
return true;
}
if (isset($aclList[$controller][$action]) && !empty($aclList[$controller][$action])) {
if (in_array('*', $aclList[$controller][$action])) {
return true;

38
app/Controller/EventsController.php
View File

@ -1167,17 +1167,12 @@ class EventsController extends AppController
$this->set('emptyEvent', $emptyEvent);
// remove galaxies tags
$this->loadModel('GalaxyCluster');
$this->loadModel('Taxonomy');
$cluster_names = $this->GalaxyCluster->find('list', array('fields' => array('GalaxyCluster.tag_name'), 'group' => array('GalaxyCluster.tag_name', 'GalaxyCluster.id')));
foreach ($event['Object'] as $k => $object) {
if (isset($object['Attribute'])) {
foreach ($object['Attribute'] as $k2 => $attribute) {
foreach ($attribute['AttributeTag'] as $k3 => $attributeTag) {
if (in_array($attributeTag['Tag']['name'], $cluster_names)) {
unset($event['Object'][$k]['Attribute'][$k2]['AttributeTag'][$k3]);
}
}
$this->Event->Attribute->removeGalaxyClusterTags($event['Object'][$k]['Attribute'][$k2]);
$tagConflicts = $this->Taxonomy->checkIfTagInconsistencies($attribute['AttributeTag']);
foreach ($tagConflicts['global'] as $tagConflict) {
$warningTagConflicts[$tagConflict['taxonomy']['Taxonomy']['namespace']] = $tagConflict['taxonomy'];
@ -1190,11 +1185,8 @@ class EventsController extends AppController
}
}
foreach ($event['Attribute'] as $k => $attribute) {
foreach ($attribute['AttributeTag'] as $k2 => $attributeTag) {
if (in_array($attributeTag['Tag']['name'], $cluster_names)) {
unset($event['Attribute'][$k]['AttributeTag'][$k2]);
}
}
$this->Event->Attribute->removeGalaxyClusterTags($event['Attribute'][$k]);
$tagConflicts = $this->Taxonomy->checkIfTagInconsistencies($attribute['AttributeTag']);
foreach ($tagConflicts['global'] as $tagConflict) {
$warningTagConflicts[$tagConflict['taxonomy']['Taxonomy']['namespace']] = $tagConflict['taxonomy'];
@ -1232,8 +1224,8 @@ class EventsController extends AppController
}
$this->set('event', $event);
$dataForView = array(
'Attribute' => array('attrDescriptions', 'typeDefinitions', 'categoryDefinitions', 'distributionDescriptions', 'distributionLevels', 'shortDist'),
'Event' => array('fieldDescriptions')
'Attribute' => array('attrDescriptions' => 'fieldDescriptions', 'distributionDescriptions' => 'distributionDescriptions', 'distributionLevels' => 'distributionLevels', 'shortDist' => 'shortDist'),
'Event' => array('eventDescriptions' => 'fieldDescriptions', 'analysisDescriptions' => 'analysisDescriptions', 'analysisLevels' => 'analysisLevels')
);
foreach ($dataForView as $m => $variables) {
if ($m === 'Event') {
@ -1241,8 +1233,8 @@ class EventsController extends AppController
} elseif ($m === 'Attribute') {
$currentModel = $this->Event->Attribute;
}
foreach ($variables as $variable) {
$this->set($variable, $currentModel->{$variable});
foreach ($variables as $alias => $variable) {
$this->set($alias, $currentModel->{$variable});
}
}
if (Configure::read('Plugin.Enrichment_services_enable')) {
@ -1507,20 +1499,6 @@ class EventsController extends AppController
}
$this->params->params['paging'] = array($this->modelClass => $params);
$this->set('event', $event);
$dataForView = array(
'Attribute' => array('attrDescriptions', 'typeDefinitions', 'categoryDefinitions', 'distributionDescriptions', 'distributionLevels'),
'Event' => array('fieldDescriptions')
);
foreach ($dataForView as $m => $variables) {
if ($m === 'Event') {
$currentModel = $this->Event;
} elseif ($m === 'Attribute') {
$currentModel = $this->Event->Attribute;
}
foreach ($variables as $variable) {
$this->set($variable, $currentModel->{$variable});
}
}
$extensionParams = array(
'conditions' => array(
'Event.extends_uuid' => $event['Event']['uuid']

2
app/Lib/cakephp

@ -1 +1 @@
Subproject commit 5ccb12354dfc08ca1b3e0a430e8668bf1610b5d3
Subproject commit 59e12788fc406ee66180f41e8a2840b841c6051a

2
app/Model/Server.php
View File

@ -3226,7 +3226,7 @@ class Server extends AppModel
foreach ($serverSettings as $branchKey => &$branchValue) {
if (isset($branchValue['branch'])) {
foreach ($branchValue as $leafKey => &$leafValue) {
if ($leafValue['level'] == 3 && !(isset($currentSettings[$branchKey][$leafKey]))) {
if ($leafKey !== 'branch' && $leafValue['level'] == 3 && !(isset($currentSettings[$branchKey][$leafKey]))) {
continue;
}
$setting = null;

2
app/View/Elements/formInfo.ctp
View File

@ -1 +1 @@
<span id = "<?php echo $type?>InfoPopover" class="icon-info-sign" data-toggle="popover" data-field="<?php echo $type; ?>"></span>
<span id="<?php echo $type?>InfoPopover" class="fas fa-info-circle" data-toggle="popover" data-field="<?php echo $type; ?>"></span>

4
app/View/Elements/genericElements/Form/formInfo.ctp
View File

@ -17,12 +17,12 @@
}
}
echo sprintf(
'<span id = "%sInfoPopover" class="icon-info-sign" data-toggle="popover" data-trigger="hover" style="margin-left:2px;"></span>',
' <span id="%sInfoPopover" class="fas fa-info-circle" data-toggle="popover" data-trigger="hover"></span>',
h($field['field'])
);
?>
<script type="text/javascript">
$(document).ready(function() {
$(function() {
$('#<?php echo h($field['field']); ?>InfoPopover').popover({
html: true,
content: function() {

2
app/View/Users/admin_add.ctp
View File

@ -37,7 +37,7 @@
$passwordPopover = '<span class=\"blue bold\">' . __('Length') . '</span>: ' . h($length) . '<br />';
$passwordPopover .= '<span class=\"blue bold\">' . __('Complexity') . '</span>: ' . h($complexity);
echo $this->Form->input('password', array(
'label' => __('Password') . ' <span id = "PasswordPopover" class="icon-info-sign" ></span>'
'label' => __('Password') . ' <span id="PasswordPopover" class="fas fa-info-circle"></span>'
));
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
?>

2
app/View/Users/admin_edit.ctp
View File

@ -37,7 +37,7 @@
$passwordPopover = '<span class=\"blue bold\">' . __('Length') .'</span>: ' . h($length) . '<br />';
$passwordPopover .= '<span class=\"blue bold\">' . __('Complexity') .'</span>: ' . h($complexity);
echo $this->Form->input('password', array(
'label' => __('Password') . ' <span id = "PasswordPopover" class="icon-info-sign" ></span>'
'label' => __('Password') . ' <span id="PasswordPopover" class="fas fa-info-circle"></span>'
));
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
?>

2
app/View/Users/change_pw.ctp
View File

@ -6,7 +6,7 @@
$passwordPopover = '<span class=\"blue bold\">Length</span>: ' . h($length) . '<br />';
$passwordPopover .= '<span class=\"blue bold\">Complexity</span>: ' . h($complexity);
echo $this->Form->input('password', array(
'label' => __('Password') . ' <span id = "PasswordPopover" class="icon-info-sign" ></span>', 'autofocus'
'label' => __('Password') . ' <span id="PasswordPopover" class="fas fa-info-circle"></span>', 'autofocus'
));
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
?>

2
app/View/Users/edit.ctp
View File

@ -10,7 +10,7 @@
$passwordPopover = '<span class=\"blue bold\">' . __('Length') .'</span>: ' . h($length) . '<br />';
$passwordPopover .= '<span class=\"blue bold\">' . __('Complexity') .'</span>: ' . h($complexity);
echo $this->Form->input('password', array(
'label' => __('Password') . ' <span id = "PasswordPopover" class="icon-info-sign" ></span>'
'label' => __('Password') . ' <span id="PasswordPopover" class="fas fa-info-circle"></span>'
));
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
?>

2
app/files/misp-galaxy

@ -1 +1 @@
Subproject commit dee9a564606ba92c50f13b53884bceaacf6c4522
Subproject commit 313003ed655c1c3c06734e7ed3dbb514fa1047eb

1
app/webroot/js/misp.js
View File

@ -1834,7 +1834,6 @@ function popoverConfirm(clicked, message, placement) {
popoverContent += '<button id="popoverConfirmOK" class="btn btn-primary" style="margin-right: 5px;" onclick=submitPopover(this)>Yes</button>';
popoverContent += '<button class="btn btn-inverse" style="float: right;" onclick=cancelPrompt()>Cancel</button>';
popoverContent += '</div>';
placement = placement === undefined ? 'auto' : placement;
openPopover($clicked, popoverContent, undefined, placement);
$("#popoverConfirmOK")
.focus()

12
docs/INSTALL.ubuntu2004.md
View File

@ -175,18 +175,18 @@ installCore () {
# FIXME: Remove libfaup etc once the egg has the library baked-in
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
cd /tmp
[[ ! -d "faup" ]] && $SUDO_CMD git clone git://github.com/stricaud/faup.git faup
[[ ! -d "gtcaca" ]] && $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca
false; while [[ $? -ne 0 ]]; do [[ ! -d "faup" ]] && ${SUDO_CMD} git clone git://github.com/stricaud/faup.git faup; done
false; while [[ $? -ne 0 ]]; do [[ ! -d "gtcaca" ]] && ${SUDO_CMD} git clone git://github.com/stricaud/gtcaca.git gtcaca; done
sudo chown -R ${MISP_USER}:${MISP_USER} faup gtcaca
cd gtcaca
$SUDO_CMD mkdir -p build
${SUDO_CMD} mkdir -p build
cd build
$SUDO_CMD cmake .. && $SUDO_CMD make
${SUDO_CMD} cmake .. && ${SUDO_CMD} make
sudo make install
cd ../../faup
$SUDO_CMD mkdir -p build
${SUDO_CMD} mkdir -p build
cd build
$SUDO_CMD cmake .. && $SUDO_CMD make
${SUDO_CMD} cmake .. && ${SUDO_CMD} make
sudo make install
sudo ldconfig

19
docs/generic/globalVariables.md
View File

@ -17,27 +17,33 @@ MISPvars () {
# RHEL/CentOS
if [[ -f "/etc/redhat-release" ]]; then
WWW_USER='apache'
SUDO_WWW="sudo -H -u ${WWW_USER} "
# Debian flavoured
elif [[ -f "/etc/debian_version" ]]; then
WWW_USER="www-data"
SUDO_WWW="sudo -H -u ${WWW_USER} "
# OpenBSD
elif [[ "$(uname -s)" == "OpenBSD" ]]; then
WWW_USER="www"
PATH_TO_MISP="/var/www/htdocs/MISP"
SUDO_WWW="doas -u www "
SUDO_CMD="doas "
# NetBSD
elif [[ "$(uname -s)" == "NetBSD" ]]; then
WWW_USER="www"
PATH_TO_MISP="/usr/pkg/share/httpd/htdocs/MISP"
SUDO_WWW="sudo -H -u ${WWW_USER} "
else
# I am feeling lucky
WWW_USER="www-data"
SUDO_WWW="sudo -H -u ${WWW_USER} "
fi
if [ -z "$FQDN" ]; then
if [ -z "${FQDN}" ]; then
FQDN="misp.local"
fi
if [ -z "$MISP_BASEURL" ]; then
if [ -z "${MISP_BASEURL}" ]; then
MISP_BASEURL='""'
fi
@ -52,13 +58,13 @@ MISPvars () {
DBPASSWORD_MISP="$(openssl rand -hex 32)"
# OpenSSL configuration
OPENSSL_CN=$FQDN
OPENSSL_CN=${FQDN}
OPENSSL_C='LU'
OPENSSL_ST='State'
OPENSSL_L='Location'
OPENSSL_O='Organization'
OPENSSL_OU='Organizational Unit'
OPENSSL_EMAILADDRESS="info@$FQDN"
OPENSSL_EMAILADDRESS="info@${FQDN}"
# GPG configuration
GPG_REAL_NAME='Autogenerated Key'
@ -81,7 +87,7 @@ MISPvars () {
max_execution_time=300
memory_limit=2048M
CAKE="$PATH_TO_MISP/app/Console/cake"
CAKE="${PATH_TO_MISP}/app/Console/cake"
# sudo config to run $LUSER commands
if [[ "$(groups ${MISP_USER} |grep -o 'staff')" == "staff" ]]; then
@ -89,8 +95,7 @@ MISPvars () {
else
SUDO_CMD="sudo -H -u ${MISP_USER}"
fi
SUDO_WWW="sudo -H -u ${WWW_USER} "
echo "The following DB Passwords were generated..."
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
echo "User (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"

6
docs/generic/mail_to_misp-debian.md
View File

@ -8,9 +8,9 @@ mail2misp () {
debug "Installing Mail2${LBLUE}MISP${NC}"
cd /usr/local/src/
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
$SUDO_CMD git clone https://github.com/MISP/mail_to_misp.git
[[ ! -d "faup" ]] && $SUDO_CMD git clone git://github.com/stricaud/faup.git faup
[[ ! -d "gtcaca" ]] && $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/MISP/mail_to_misp.git; done
[[ ! -d "faup" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/faup.git faup; done
[[ ! -d "gtcaca" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca; done
sudo chown -R ${MISP_USER}:${MISP_USER} faup mail_to_misp gtcaca
cd gtcaca
$SUDO_CMD mkdir -p build

2
docs/generic/misp-dashboard-centos.md
View File

@ -14,7 +14,7 @@ mispDashboard () {
sudo yum install wget screen -y
sudo mkdir /var/www/misp-dashboard
sudo chown $WWW_USER:$WWW_USER /var/www/misp-dashboard
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git /var/www/misp-dashboard
false; while [[ $? -ne 0 ]]; do $SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git /var/www/misp-dashboard; done
cd /var/www/misp-dashboard
sudo sed -i -E 's/sudo apt/#sudo apt/' install_dependencies.sh
sudo sed -i -E 's/virtualenv -p python3 DASHENV/\/usr\/bin\/scl enable rh-python36 \"virtualenv -p python3 DASHENV\"/' install_dependencies.sh

2
docs/generic/misp-dashboard-debian.md
View File

@ -16,7 +16,7 @@ mispDashboard () {
sudo mkdir misp-dashboard
sudo chown $WWW_USER:$WWW_USER misp-dashboard
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git
false; while [[ $? -ne 0 ]]; do $SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git; done
cd misp-dashboard
sudo -H /var/www/misp-dashboard/install_dependencies.sh
sudo sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg

2
docs/generic/misp-modules-centos.md
View File

@ -8,7 +8,7 @@ mispmodulesRHEL () {
sudo chmod 2777 /usr/local/src
sudo chown root:users /usr/local/src
cd /usr/local/src/
$SUDO_WWW git clone https://github.com/MISP/misp-modules.git
false; while [[ $? -ne 0 ]]; do $SUDO_WWW git clone https://github.com/MISP/misp-modules.git; done
cd misp-modules
# pip install
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U -I -r REQUIREMENTS

6
docs/generic/misp-modules-debian.md
View File

@ -8,9 +8,9 @@ mispmodules () {
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
## TODO: checkUsrLocalSrc in main doc
debug "Cloning misp-modules"
$SUDO_CMD git clone https://github.com/MISP/misp-modules.git
$SUDO_CMD git clone git://github.com/stricaud/gtcaca.git
$SUDO_CMD git clone git://github.com/stricaud/faup.git
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/MISP/misp-modules.git; done
[[ ! -d "faup" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/faup.git faup; done
[[ ! -d "gtcaca" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca; done
sudo chown -R ${MISP_USER}:${MISP_USER} faup gtcaca
# Install gtcaca
cd gtcaca

4
docs/generic/viper-debian.md
View File

@ -18,8 +18,8 @@ viper () {
fi
fi
echo "Cloning Viper"
$SUDO_CMD git clone https://github.com/viper-framework/viper.git
$SUDO_CMD git clone https://github.com/viper-framework/viper-web.git
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/viper-framework/viper.git; done
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/viper-framework/viper-web.git; done
sudo chown -R $MISP_USER:$MISP_USER viper
sudo chown -R $MISP_USER:$MISP_USER viper-web
cd viper

71
docs/xINSTALL.NetBSD.md
View File

@ -1,5 +1,5 @@
# INSTALLATION INSTRUCTIONS
## for NetBSD 8.1-amd64
## for NetBSD 9.0-amd64
!!! warning
This is not fully working yet. Mostly it is a template for our ongoing documentation efforts :spider:
@ -33,7 +33,9 @@ export AUTOCONF_VERSION=2.69
#### sudo & pkgin (as root)
```bash
su root -c "pkgin install sudo gsed"
su root -c "cd /usr/pkgsrc/pkg tools/pkgin/; make install clean"
su root -c "pkgin update"
su root -c "pkgin -y install sudo gsed"
su root -c 'gsed -i -e "s/# %wheel ALL=(ALL) NOPASSWD: ALL/%wheel ALL=(ALL) NOPASSWD: ALL/" /usr/pkg/etc/sudoers'
```
@ -41,10 +43,11 @@ su root -c 'gsed -i -e "s/# %wheel ALL=(ALL) NOPASSWD: ALL/%wheel ALL=(ALL) NOPA
```bash
cd /usr
env CVS_RSH=ssh sudo cvs -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -P pkgsrc
env CVS_RSH=ssh cvs -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -P pkgsrc
cd pkgsrc/bootstrap
sudo ./bootstrap
sudo /usr/pkg/sbin/pkg_admin -K /var/db/pkg fetch-pkg-vulnerabilities
./bootstrap
cd /usr/pkgsrc/pkg tools/pkgin/; make install clean
/usr/pkg/sbin/pkg_admin fetch-pkg-vulnerabilities
```
```
@ -61,56 +64,56 @@ users crontab(5) entry. For example the entry
#### Install bash
```bash
sudo pkgin install bash
sudo pkgin -y install bash
```
#### mariadb server
```bash
sudo pkgin install mariadb-server
sudo pkgin -y install mysql-server
```
#### Install misc dependencies
```bash
sudo pkgin install curl git python36 py36-pip redis autoconf automake libtool magic
sudo pkgin -y install curl git python37 py37-pip redis autoconf automake libtool magic
```
```bash
sudo pkgin install gnupg2
sudo pkgin -y install gnupg2
```
#### Install postfix (optional)
```bash
sudo pkgin install postfix
sudo pkgin -y install postfix
```
#### vim (optional)
```bash
sudo pkgin install vim
sudo pkgin -y install vim
sudo mv /usr/bin/vi /usr/bin/vi-`date +%d%m%y`
sudo ln -s /usr/pkg/bin/vim /usr/bin/vi
```
#### misp user #REMOVE
```bash
sudo useradd -m -s /usr/local/bin/bash -G wheel,www misp
```
#### apache + php + moz-rootcerts
```bash
sudo pkgin install php ap24-php73 php73-fpm php73-redis3 php73-mysqli php73-pdo_mysql php73-pcntl php73-json php73-iconv php73-gd php73-mbstring php73-pear-Crypt_GPG
sudo pkgin -y install php ap24-php74 php74-fpm php74-redis3 php74-mysqli php74-pdo_mysql php74-pcntl php74-json php74-iconv php74-gd php74-mbstring php74-pear-Crypt_GPG
sudo cp /usr/share/examples/openssl/openssl.cnf /etc/openssl/
sudo mozilla-rootcerts install
sudo cp /usr/pkg/share/examples/rc.d/apache /etc/rc.d/
echo apache=yes |sudo tee /etc/rc.conf.d/apache
```
#### misp user
```bash
sudo useradd -m -s /usr/pkg/bin/bash -G wheel,www misp
```
#### Install X11R7 post-install
```bash
cd /tmp
wget https://ftp.netbsd.org/pub/NetBSD/NetBSD-8.1/amd64/binary/sets/xbase.tgz
wget https://ftp.netbsd.org/pub/NetBSD/NetBSD-9.0/amd64/binary/sets/xbase.tgz
sudo tar -C / -xzphf xbase.tgz
rm xbase.tgz
```
@ -129,16 +132,16 @@ OPENSSL_EMAILADDRESS='info@localhost'
```
```bash
sudo openssl req -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=$OPENSSL_C/ST=$OPENSSL_ST/L=$OPENSSL_L/O=<$OPENSSL_O/OU=$OPENSSL_OU/CN=$OPENSSL_CN/emailAddress=$OPENSSL_EMAILADDRESS" -keyout /etc/openssl/private/server.key -out /usr/pkg/etc/httpd/server.crt
sudo openssl req -sha256 -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=$OPENSSL_C/ST=$OPENSSL_ST/L=$OPENSSL_L/O=<$OPENSSL_O/OU=$OPENSSL_OU/CN=$OPENSSL_CN/emailAddress=$OPENSSL_EMAILADDRESS" -keyout /etc/openssl/private/server.key -out /usr/pkg/etc/httpd/server.crt
```
#### Install Python virtualenv
```bash
sudo ln -sf /usr/pkg/bin/pip3.6 /usr/pkg/bin/pip
sudo ln -s /usr/pkg/bin/python3.6 /usr/pkg/bin/python
sudo ln -s /usr/pkg/bin/python3.6 /usr/pkg/bin/python3
sudo pkgin install py36-virtualenv
sudo ln -s /usr/pkg/bin/virtualenv-3.6 /usr/pkg/bin/virtualenv
sudo ln -sf /usr/pkg/bin/pip3.7 /usr/pkg/bin/pip
sudo ln -s /usr/pkg/bin/python3.7 /usr/pkg/bin/python
sudo ln -s /usr/pkg/bin/python3.7 /usr/pkg/bin/python3
sudo pkgin -y install py37-virtualenv
sudo ln -s /usr/pkg/bin/virtualenv-3.7 /usr/pkg/bin/virtualenv
```
#### Install ssdeep
@ -146,11 +149,11 @@ sudo ln -s /usr/pkg/bin/virtualenv-3.6 /usr/pkg/bin/virtualenv
sudo mkdir -p /usr/local/src
sudo chown misp:users /usr/local/src
cd /usr/local/src
git clone https://github.com/ssdeep-project/ssdeep.git
sudo -u misp git clone https://github.com/ssdeep-project/ssdeep.git
cd ssdeep
./bootstrap
./configure --prefix=/usr
make
sudo -u misp ./bootstrap
sudo -u misp ./configure --prefix=/usr
sudo -u misp make
sudo make install
```
@ -167,10 +170,8 @@ sudo /etc/rc.d/redis start
#### Enable mysqld
```bash
sudo /usr/pkg/bin/mysql_install_db
sudo cp /usr/pkg/share/examples/rc.d/mysqld /etc/rc.d/
echo mysqld=yes |sudo tee /etc/rc.conf.d/mysqld
sudo chown -R mariadb:mariadb /var/mariadb
sudo /etc/rc.d/mysqld start
sudo /usr/pkg/bin/mysql_secure_installation
# TODO: Figure out how to properly bind to localhost
@ -186,15 +187,15 @@ sudo mkdir $PATH_TO_MISP
sudo chown www:www $PATH_TO_MISP
cd $PATH_TO_MISP
sudo -u www git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
sudo -u www git submodule update --init --recursive
sudo -u www git submodule update --progress --init --recursive
# Make git ignore filesystem permission differences for submodules
sudo -u www git submodule foreach --recursive git config core.filemode false
# Make git ignore filesystem permission differences
sudo -u www git config core.filemode false
#sudo pkgin install py-pip py3-pip libxslt py3-jsonschema
sudo pkgin install libxslt
#sudo pkgin -y install py-pip py3-pip libxslt py3-jsonschema
sudo pkgin -y install libxslt
#sudo virtualenv -ppython3 /usr/local/virtualenvs/MISP
sudo -u www virtualenv -ppython3 $PATH_TO_MISP/venv
sudo -u www HOME=/tmp $PATH_TO_MISP/venv/bin/pip install -U pip
@ -462,7 +463,7 @@ sudo -u www bash $PATH_TO_MISP/app/Console/worker/start.sh
#### MISP Modules
```
#/usr/pkgsrc/graphics/opencv2/ (needs X11)
sudo pkgin install jpeg yara
sudo pkgin -y install jpeg yara
cd /usr/local/src/
git clone https://github.com/MISP/misp-modules.git
cd misp-modules
@ -645,7 +646,7 @@ sudo -u www $CAKE Admin setSetting "Session.cookie_timeout" 3600
#### ZeroMQ depends on the Python client for Redis
```bash
sudo pkgin install zeromq
sudo pkgin -y install zeromq
sudo -u www HOME=/tmp $PATH_TO_MISP/venv/bin/pip install pyzmq
```

147
docs/xINSTALL.OpenBSD.md
View File

@ -1,5 +1,5 @@
# INSTALLATION INSTRUCTIONS
## for OpenBSD 6.5-amd64
## for OpenBSD 6.7-amd64
!!! warning
This is not fully working yet. Mostly it is a template for our ongoing documentation efforts :spider:
@ -85,29 +85,19 @@ doas pkg_add -v mariadb-server
#### Install misc dependencies
!!! notice
You need to install python 3.x when asked, option 2.
autoconf wants to be version 2.69, option 16
automake wants to be version 1.16, option 7
```bash
doas pkg_add -v curl git python redis libmagic autoconf automake libtool unzip
doas pkg_add -v curl git python--%3.7 redis libmagic autoconf--%2.69 automake--%1.16 libtool unzip--iconv
```
!!! notice
GnuPG 2.x is best, option 3.
```bash
doas pkg_add -v gnupg
doas pkg_add -v gnupg--%gnupg2
doas ln -s /usr/local/bin/gpg2 /usr/local/bin/gpg
```
#### Install postfix (optional)
!!! notice
When asked, the standard postfix will be enough for a basic setup, option 9.
```bash
doas pkg_add -v postfix
doas pkg_add -v postfix--%stable
doas /usr/local/sbin/postfix-enable
```
@ -146,21 +136,17 @@ doas cp /etc/examples/httpd.conf /etc # adjust by hand, or copy/paste the config
```
```
# $OpenBSD: httpd.conf,v 1.18 2018/03/23 11:36:41 florian Exp $
# $OpenBSD: httpd.conf,v 1.20 2018/06/13 15:08:24 reyk Exp $
#
# Macros
#
ext4_addr="*"
ext6_addr="::"
ext_addr="*"
server "default" {
#listen on $ext4_addr port 80 block return 301 "https://$SERVER_NAME$REQUEST_URI"
listen on $ext4_addr port 80
listen on $ext4_addr tls port 443
#listen on $ext6_addr port 80 block return 301 "https://$SERVER_NAME$REQUEST_URI"
listen on $ext6_addr port 80
listen on $ext6_addr tls port 443
listen on $ext_addr port 80
listen on $ext_addr tls port 443
root "/htdocs/MISP/app/webroot"
@ -242,11 +228,11 @@ doas rcctl enable httpd
#### Install Python virtualenv
```bash
doas ln -sf /usr/local/bin/pip3.6 /usr/local/bin/pip
doas ln -s /usr/local/bin/python3.6 /usr/local/bin/python
doas pkg_add -v py-virtualenv
doas pkg_add -v py3-virtualenv py3-pip
doas ln -sf /usr/local/bin/pip3.7 /usr/local/bin/pip
doas ln -s /usr/local/bin/python3.7 /usr/local/bin/python
doas mkdir /usr/local/virtualenvs
doas virtualenv -ppython3 /usr/local/virtualenvs/MISP
doas virtualenv-3 /usr/local/virtualenvs/MISP
```
#### Install ssdeep
@ -264,44 +250,42 @@ doas pkg_add -v fcgi-cgi fcgi
!!! notice
php-5.6 is marked as end-of-life starting December 2018, use php 7.0 instead.
Option 2.
If on OpenBSD 6.3, upgrade to 6.5 to make your life much easier.
If on OpenBSD 6.3, upgrade to 6.7 to make your life much easier.
```
doas pkg_add -v php-mysqli php-pcntl php-pdo_mysql php-apache pecl73-redis php-gd
doas pkg_add -v php-mysqli--%7.4 php-pcntl--%7.4 php-pdo_mysql--%7.4 php-apache--%7.4 pecl74-redis php-gd--%7.4
```
#### /etc/php-7.3.ini
#### /etc/php-7.4.ini
```
## TODO: sed foo as .ini exists
allow_url_fopen = On
doas sed -i "s/^allow_url_fopen = Off/allow_url_fopen = On/g" /etc/php-7.4.ini
```
```bash
cd /etc/php-7.3
doas cp ../php-7.3.sample/* .
cd /etc/php-7.4
doas cp ../php-7.4.sample/* .
```
#### php symlinks
```bash
doas ln -s /usr/local/bin/php-7.3 /usr/local/bin/php
doas ln -s /usr/local/bin/phpize-7.3 /usr/local/bin/phpize
doas ln -s /usr/local/bin/php-config-7.3 /usr/local/bin/php-config
doas ln -s /usr/local/bin/php-7.4 /usr/local/bin/php
doas ln -s /usr/local/bin/phpize-7.4 /usr/local/bin/phpize
doas ln -s /usr/local/bin/php-config-7.4 /usr/local/bin/php-config
```
#### Enable php fpm
```bash
doas rcctl enable php73_fpm
doas rcctl enable php74_fpm
```
#### Configure fpm
```
doas vi /etc/php-fpm.conf
# pid = /var/www/run/php-fpm.pid
# error_log = /var/www/logs/php-fpm.log
doas sed -i "s/^;pid = run\/php-fpm.pid/pid = \/var\/www\/run\/php-fpm.pid/g" /etc/php-fpm.conf
doas sed -i "s/^;error_log = log\/php-fpm.log/error_log = \/var\/www\/logs\/php-fpm.log/g" /etc/php-fpm.conf
doas mkdir /etc/php-fpm.d
doas vi /etc/php-fpm.d/default.conf
doas mkdir -p /etc/php-fpm.d
echo ";;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
@ -320,7 +304,7 @@ pm.min_spare_servers = 1
pm.max_spare_servers = 3
chroot = /var/www" | doas tee /etc/php-fpm.d/default.conf
doas /etc/rc.d/php73_fpm start
doas /etc/rc.d/php74_fpm start
```
!!! notice
@ -339,6 +323,7 @@ doas /usr/local/bin/mysql_install_db
doas rcctl set mysqld status on
doas rcctl set mysqld flags --bind-address=127.0.0.1
doas /etc/rc.d/mysqld start
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
doas mysql_secure_installation
```
@ -349,22 +334,22 @@ doas mysql_secure_installation
doas mkdir /var/www/htdocs/MISP
doas chown www:www /var/www/htdocs/MISP
cd /var/www/htdocs/MISP
doas -u www git clone https://github.com/MISP/MISP.git /var/www/htdocs/MISP
doas -u www git submodule update --init --recursive
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MISP/MISP.git /var/www/htdocs/MISP; done
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git submodule update --progress --init --recursive; done
# Make git ignore filesystem permission differences for submodules
doas -u www git submodule foreach --recursive git config core.filemode false
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
# Make git ignore filesystem permission differences
doas -u www git config core.filemode false
${SUDO_WWW} git config core.filemode false
doas pkg_add py-pip py3-pip libxml libxslt py3-jsonschema
doas pkg_add -v py3-pip libxml libxslt py3-jsonschema
doas /usr/local/virtualenvs/MISP/bin/pip install -U pip
cd /var/www/htdocs/MISP/app/files/scripts
doas -u www git clone https://github.com/CybOXProject/mixbox.git
doas -u www git clone https://github.com/CybOXProject/python-cybox.git
doas -u www git clone https://github.com/STIXProject/python-stix.git
doas -u www git clone https://github.com/MAECProject/python-maec.git
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git; done
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git; done
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MAECProject/python-maec.git; done
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git; done
cd /var/www/htdocs/MISP/app/files/scripts/python-cybox
doas /usr/local/virtualenvs/MISP/bin/python setup.py install
@ -399,15 +384,10 @@ doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/kbandla/
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
cd /var/www/htdocs/MISP/app
doas mkdir /var/www/.composer ; doas chown www:www /var/www/.composer
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
#doas -u www php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
#doas -u www php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#doas -u www env HOME=/var/www php composer-setup.php
#doas -u www php -r "unlink('composer-setup.php');"
doas -u www env HOME=/var/www php composer.phar install
${SUDO_WWW} env HOME=/var/www php composer.phar install
# To use the scheduler worker for scheduled tasks, do the following:
doas -u www cp -f /var/www/htdocs/MISP/INSTALL/setup/config.php /var/www/htdocs/MISP/app/Plugin/CakeResque/Config/config.php
${SUDO_WWW} cp -f /var/www/htdocs/MISP/INSTALL/setup/config.php /var/www/htdocs/MISP/app/Plugin/CakeResque/Config/config.php
```
### 4/ Set the permissions
@ -429,8 +409,11 @@ doas mysql -u root -p
```
```
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
echo "User (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"
MariaDB [(none)]> create database misp;
MariaDB [(none)]> grant usage on *.* to misp@localhost identified by 'XXXXdbpasswordhereXXXXX';
MariaDB [(none)]> grant usage on *.* to misp@localhost identified by '${DBPASSWORD_MISP}';
MariaDB [(none)]> grant all privileges on misp.* to misp@localhost;
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit
@ -438,7 +421,7 @@ MariaDB [(none)]> exit
```bash
# Import the empty MISP database from MYSQL.sql
doas -u www sh -c "mysql -u misp -p misp < /var/www/htdocs/MISP/INSTALL/MYSQL.sql"
${SUDO_WWW} sh -c "mysql -u misp -p${DBPASSWORD_MISP} misp < /var/www/htdocs/MISP/INSTALL/MYSQL.sql"
# enter the password you set previously
```
@ -525,7 +508,7 @@ DirectoryIndex index.php
```
```bash
doas ln -sf /var/www/conf/modules.sample/php-7.3.conf /var/www/conf/modules/php.conf
doas ln -sf /var/www/conf/modules.sample/php-7.4.conf /var/www/conf/modules/php.conf
# Restart apache
doas /etc/rc.d/apache2 restart
```
@ -539,13 +522,13 @@ doas /etc/rc.d/apache2 restart
---------------------
```
# There are 4 sample configuration files in /var/www/htdocs/MISP/app/Config that need to be copied
doas -u www cp /var/www/htdocs/MISP/app/Config/bootstrap.default.php /var/www/htdocs/MISP/app/Config/bootstrap.php
doas -u www cp /var/www/htdocs/MISP/app/Config/database.default.php /var/www/htdocs/MISP/app/Config/database.php
doas -u www cp /var/www/htdocs/MISP/app/Config/core.default.php /var/www/htdocs/MISP/app/Config/core.php
doas -u www cp /var/www/htdocs/MISP/app/Config/config.default.php /var/www/htdocs/MISP/app/Config/config.php
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/bootstrap.default.php /var/www/htdocs/MISP/app/Config/bootstrap.php
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/database.default.php /var/www/htdocs/MISP/app/Config/database.php
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/core.default.php /var/www/htdocs/MISP/app/Config/core.php
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/config.default.php /var/www/htdocs/MISP/app/Config/config.php
# Configure the fields in the newly created files:
doas -u www vi /var/www/htdocs/MISP/app/Config/database.php
${SUDO_WWW} vi /var/www/htdocs/MISP/app/Config/database.php
```
```
# DATABASE_CONFIG has to be filled
@ -574,7 +557,7 @@ doas -u www vi /var/www/htdocs/MISP/app/Config/database.php
```
# Change base url in config.php
doas -u www vi /var/www/htdocs/MISP/app/Config/config.php
${SUDO_WWW} vi /var/www/htdocs/MISP/app/Config/config.php
# example: 'baseurl' => 'https://<your.FQDN.here>',
# alternatively, you can leave this field empty if you would like to use relative pathing in MISP
# 'baseurl' => '',
@ -601,7 +584,7 @@ echo "%echo Generating a default key
# Do a commit here, so that we can later print "done"
%commit
%echo done" > /tmp/gen-key-script
doas -u www mkdir /var/www/htdocs/MISP/.gnupg
${SUDO_WWW} mkdir /var/www/htdocs/MISP/.gnupg
doas chmod 700 /var/www/htdocs/MISP/.gnupg
doas gpg2 --homedir /var/www/htdocs/MISP/.gnupg --batch --gen-key /tmp/gen-key-script
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
@ -613,7 +596,7 @@ doas sh -c "gpg2 --homedir /var/www/htdocs/MISP/.gnupg --export --armor $GPG_EMA
doas chmod +x /var/www/htdocs/MISP/app/Console/worker/start.sh
doas vi /etc/rc.local
# Add the following line before the last line (exit 0). Make sure that you replace www with your apache user:
doas -u www bash /var/www/htdocs/MISP/app/Console/worker/start.sh
${SUDO_WWW} bash /var/www/htdocs/MISP/app/Console/worker/start.sh
```
{!generic/INSTALL.done.md!}
@ -623,7 +606,9 @@ doas -u www bash /var/www/htdocs/MISP/app/Console/worker/start.sh
#### MISP Modules
```
doas pkg_add -v jpeg yara
mkdir -p /usr/local/src/
cd /usr/local/src/
doas chown ${MISP_USER} /usr/local/src
doas -u misp git clone https://github.com/MISP/misp-modules.git
cd misp-modules
# pip3 install
@ -633,8 +618,8 @@ doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/VirusTot
doas /usr/local/virtualenvs/MISP/bin/pip install wand
##doas gem install pygments.rb
##doas gem install asciidoctor-pdf --pre
doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &
echo "doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &" |doas tee -a /etc/rc.local
${SUDO_WWW} /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &
echo "${SUDO_WWW} /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &" |doas tee -a /etc/rc.local
```
!!! notice
@ -652,7 +637,11 @@ echo "doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &"
```bash
doas $CAKE Live $MISP_LIVE
AUTH_KEY=$(mysql -u misp -p misp -e "SELECT authkey FROM users;" | tail -1)
AUTH_KEY=$(mysql -u misp -p${DBPASSWORD_MISP} misp -e "SELECT authkey FROM users;" | tail -1)
$CAKE userInit -q
$CAKE Admin runUpdates
$CAKE Admin setSetting "MISP.python_bin" "/usr/local/virtualenvs/MISP/bin/python"
# Update the galaxies…
doas $CAKE Admin updateGalaxies
@ -663,12 +652,10 @@ doas $CAKE Admin updateTaxonomies
doas $CAKE Admin updateWarningLists
# Updating the notice lists…
## doas $CAKE Admin updateNoticeLists
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/noticelists/update
doas $CAKE Admin updateNoticeLists
# Updating the object templates…
##doas $CAKE Admin updateObjectTemplates
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/objectTemplates/update
doas $CAKE Admin updateObjectTemplates "1337"
# Tune global time outs
doas $CAKE Admin setSetting "Session.autoRegenerate" 0
@ -677,7 +664,7 @@ doas $CAKE Admin setSetting "Session.cookie_timeout" 3600
# Enable GnuPG
doas $CAKE Admin setSetting "GnuPG.email" "admin@admin.test"
doas $CAKE Admin setSetting "GnuPG.homedir" "$PATH_TO_MISP/.gnupg"
doas $CAKE Admin setSetting "GnuPG.homedir" "${PATH_TO_MISP}/.gnupg"
doas $CAKE Admin setSetting "GnuPG.password" "Password1234"
# Enable Enrichment set better timeouts
@ -852,7 +839,7 @@ doas /usr/local/virtualenvs/MISP/bin/pip install pyzmq
cd /var/www
doas mkdir misp-dashboard
doas chown www:www misp-dashboard
doas -u www git clone https://github.com/MISP/misp-dashboard.git
${SUDO_WWW} git clone https://github.com/MISP/misp-dashboard.git
cd misp-dashboard
#/!\ Made on Linux, the next script will fail
#doas /var/www/misp-dashboard/install_dependencies.sh
@ -860,7 +847,7 @@ doas virtualenv -ppython3 /usr/local/virtualenvs/DASHENV
doas /usr/local/virtualenvs/DASHENV/bin/pip install -U pip argparse redis zmq geoip2 flask phonenumbers pycountry
doas sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
doas sed -i -e '$i \doas -u www bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
doas sed -i -e '$i \${SUDO_WWW} bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
#/!\ Add port 8001 as a listener
#doas sed -i '/Listen 80/a Listen 0.0.0.0:8001' /etc/apache2/ports.conf
doas pkg_add -v ap2-mod_wsgi
@ -906,7 +893,7 @@ echo "<VirtualHost *:8001>
doas ln -s /etc/apache2/sites-available/misp-dashboard.conf /etc/apache2/sites-enabled/misp-dashboard.conf
```
Add this to /etc/httpd2.conf
Add this to /etc/httpd.conf
```
LoadModule wsgi_module /usr/local/lib/apache2/mod_wsgi.so
Listen 8001

182
docs/xINSTALL.centos6.md
View File

@ -129,62 +129,62 @@ sudo service redis start
------------
```bash
# Download MISP using git in the /var/www/ directory.
sudo mkdir $PATH_TO_MISP
sudo chown apache:apache $PATH_TO_MISP
sudo mkdir ${PATH_TO_MISP}
sudo chown apache:apache ${PATH_TO_MISP}
cd /var/www
$SUDO_WWW git clone https://github.com/MISP/MISP.git
cd $PATH_TO_MISP
##$SUDO_WWW git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
${SUDO_WWW} git clone https://github.com/MISP/MISP.git
cd ${PATH_TO_MISP}
##${SUDO_WWW} git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
# if the last shortcut doesn't work, specify the latest version manually
# example: git checkout tags/v2.4.XY
# the message regarding a "detached HEAD state" is expected behaviour
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
# Fetch submodules
$SUDO_WWW git submodule update --init --recursive
${SUDO_WWW} git submodule update --init --recursive
# Make git ignore filesystem permission differences for submodules
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
# Create a python3 virtualenv
$SUDO_WWW $RUN_PYTHON "virtualenv -p python3 $PATH_TO_MISP/venv"
${SUDO_WWW} $RUN_PYTHON "virtualenv -p python3 ${PATH_TO_MISP}/venv"
sudo mkdir /var/www/.cache
sudo chown apache:apache /var/www/.cache
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U pip setuptools
# install Mitre's STIX and its dependencies by running the following commands:
sudo yum install python-importlib python-lxml python-dateutil python-six -y
cd $PATH_TO_MISP/app/files/scripts
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
cd $PATH_TO_MISP/app/files/scripts/python-cybox
cd ${PATH_TO_MISP}/app/files/scripts
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
UMASK=$(umask)
umask 0022
cd $PATH_TO_MISP/app/files/scripts/python-stix
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# install maec
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U maec
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U maec
# install zmq
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U zmq
# install redis
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U redis
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U redis
# lief needs manual compilation
sudo yum install devtoolset-7 cmake3 -y
sudo yum install http://opensource.wandisco.com/centos/6/git/x86_64/wandisco-git-release-6-1.noarch.rpm
sudo yum install git -y
cd $PATH_TO_MISP/app/files/scripts
$SUDO_WWW git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
cd ${PATH_TO_MISP}/app/files/scripts
${SUDO_WWW} git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
# TODO: Fix static path with PATH_TO_MISP
cd $PATH_TO_MISP/app/files/scripts/lief
$SUDO_WWW mkdir build
cd ${PATH_TO_MISP}/app/files/scripts/lief
${SUDO_WWW} mkdir build
cd build
$SUDO_WWW scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
${SUDO_WWW} scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
-DLIEF_PYTHON_API=on \
-DLIEF_DOC=off \
-DCMAKE_INSTALL_PREFIX=$LIEF_INSTALL \
@ -192,30 +192,30 @@ $SUDO_WWW scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
-DPYTHON_VERSION=3.6 \
-DPYTHON_EXECUTABLE=/var/www/MISP/venv/bin/python \
.."'
$SUDO_WWW make -j3
${SUDO_WWW} make -j3
sudo make install
cd api/python/lief_pybind11-prefix/src/lief_pybind11
$SUDO_WWW $PATH_TO_MISP/venv/bin/python setup.py install
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/python setup.py install
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
# install magic, pydeep
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U python-magic
## pydeep does not compile ):
## git+https://github.com/kbandla/pydeep.git
# install mixbox to accommodate the new STIX dependencies:
cd $PATH_TO_MISP/app/files/scripts/
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
cd $PATH_TO_MISP/app/files/scripts/mixbox
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# install STIX2.0 library to support STIX 2.0 export:
cd $PATH_TO_MISP/cti-python-stix2
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/cti-python-stix2
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# install PyMISP
cd $PATH_TO_MISP/PyMISP
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/PyMISP
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# FIXME: Remove libfaup etc once the egg has the library baked-in
# BROKEN: This needs to be tested on RHEL/CentOS
@ -254,17 +254,17 @@ sudo service rh-php70-php-fpm restart
#### CakePHP is now included as a submodule of MISP and has been fetch by a previous step.
#### Install CakeResque along with its dependencies if you intend to use the built in background jobs.
```bash
sudo chown -R apache:apache $PATH_TO_MISP
sudo chown -R apache:apache ${PATH_TO_MISP}
sudo mkdir /var/www/.composer/
sudo chown apache:apache /var/www/.composer/
cd $PATH_TO_MISP/app
cd ${PATH_TO_MISP}/app
# Update composer.phar (optional)
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
#$SUDO_WWW $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#$SUDO_WWW $RUN_PHP "php composer-setup.php"
#$SUDO_WWW $RUN_PHP -- php -r "unlink('composer-setup.php');"
$SUDO_WWW $RUN_PHP "php composer.phar install"
#${SUDO_WWW} $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
#${SUDO_WWW} $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#${SUDO_WWW} $RUN_PHP "php composer-setup.php"
#${SUDO_WWW} $RUN_PHP -- php -r "unlink('composer-setup.php');"
${SUDO_WWW} $RUN_PHP "php composer.phar install"
sudo yum install php-redis -y
sudo service rh-php70-php-fpm restart
@ -284,30 +284,30 @@ do
done
sudo service rh-php70-php-fpm restart
# To use the scheduler worker for scheduled tasks, do the following:
sudo cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
sudo cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
```
### 5/ Set the permissions
----------------------
```bash
# Make sure the permissions are set correctly using the following commands as root:
sudo chown -R apache:apache $PATH_TO_MISP
sudo find $PATH_TO_MISP -type d -exec chmod g=rx {} \;
sudo chmod -R g+r,o= $PATH_TO_MISP
sudo chmod -R 750 $PATH_TO_MISP
sudo chmod -R g+xws $PATH_TO_MISP/app/tmp
sudo chmod -R g+ws $PATH_TO_MISP/app/files
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
sudo chmod -R g+rw $PATH_TO_MISP/venv
sudo chmod -R g+rw $PATH_TO_MISP/.git
sudo chown apache:apache $PATH_TO_MISP/app/files
sudo chown apache:apache $PATH_TO_MISP/app/files/terms
sudo chown apache:apache $PATH_TO_MISP/app/files/scripts/tmp
sudo chown apache:apache $PATH_TO_MISP/app/Plugin/CakeResque/tmp
sudo chown -R apache:apache $PATH_TO_MISP/app/Config
sudo chown -R apache:apache $PATH_TO_MISP/app/tmp
sudo chown -R apache:apache $PATH_TO_MISP/app/webroot/img/orgs
sudo chown -R apache:apache $PATH_TO_MISP/app/webroot/img/custom
sudo chown -R apache:apache ${PATH_TO_MISP}
sudo find ${PATH_TO_MISP} -type d -exec chmod g=rx {} \;
sudo chmod -R g+r,o= ${PATH_TO_MISP}
sudo chmod -R 750 ${PATH_TO_MISP}
sudo chmod -R g+xws ${PATH_TO_MISP}/app/tmp
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
sudo chmod -R g+rw ${PATH_TO_MISP}/venv
sudo chmod -R g+rw ${PATH_TO_MISP}/.git
sudo chown apache:apache ${PATH_TO_MISP}/app/files
sudo chown apache:apache ${PATH_TO_MISP}/app/files/terms
sudo chown apache:apache ${PATH_TO_MISP}/app/files/scripts/tmp
sudo chown apache:apache ${PATH_TO_MISP}/app/Plugin/CakeResque/tmp
sudo chown -R apache:apache ${PATH_TO_MISP}/app/Config
sudo chown -R apache:apache ${PATH_TO_MISP}/app/tmp
sudo chown -R apache:apache ${PATH_TO_MISP}/app/webroot/img/orgs
sudo chown -R apache:apache ${PATH_TO_MISP}/app/webroot/img/custom
```
### 6/ Create a database and user
@ -378,7 +378,7 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
#### Import the empty MySQL database from MYSQL.sql
```bash
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
```
@ -394,10 +394,10 @@ $SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSW
If it is disabled, you can ignore the **chcon/setsebool/semanage/checkmodule/semodule*** commands.
```bash
# Now configure your apache server with the DocumentRoot $PATH_TO_MISP/app/webroot/
# A sample vhost can be found in $PATH_TO_MISP/INSTALL/old/apache.misp.centos6
# Now configure your apache server with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
# A sample vhost can be found in ${PATH_TO_MISP}/INSTALL/old/apache.misp.centos6
sudo cp $PATH_TO_MISP/INSTALL/old/apache.misp.centos6 /etc/httpd/conf.d/misp.conf
sudo cp ${PATH_TO_MISP}/INSTALL/old/apache.misp.centos6 /etc/httpd/conf.d/misp.conf
# Allow httpd to connect to the redis server and php-fpm over tcp/ip
sudo setsebool -P httpd_can_network_connect on
@ -427,20 +427,20 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
### 8/ Log rotation
---------------
```bash
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
# To rotate these logs install the supplied logrotate script:
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
sudo chmod 0640 /etc/logrotate.d/misp
# Now make logrotate work under SELinux as well
# Allow logrotate to modify the log files
sudo semanage fcontext -a -t httpd_log_t "$PATH_TO_MISP/app/tmp/logs(/.*)?"
sudo chcon -R -t httpd_log_t $PATH_TO_MISP/app/tmp/logs
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp/logs
sudo semanage fcontext -a -t httpd_log_t "${PATH_TO_MISP}/app/tmp/logs(/.*)?"
sudo chcon -R -t httpd_log_t ${PATH_TO_MISP}/app/tmp/logs
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/tmp/logs
# Allow logrotate to read /var/www
sudo checkmodule -M -m -o /tmp/misplogrotate.mod $PATH_TO_MISP/INSTALL/misplogrotate.te
sudo checkmodule -M -m -o /tmp/misplogrotate.mod ${PATH_TO_MISP}/INSTALL/misplogrotate.te
sudo semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
sudo semodule -i /tmp/misplogrotate.pp
```
@ -448,11 +448,11 @@ sudo semodule -i /tmp/misplogrotate.pp
### 9/ MISP configuration
---------------------
```bash
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
echo "<?php
class DATABASE_CONFIG {
@ -469,7 +469,7 @@ class DATABASE_CONFIG {
'prefix' => '',
'encoding' => 'utf8',
);
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
# Configure the fields in the newly created files:
# config.php : baseurl (example: 'baseurl' => 'http://misp',) - don't use "localhost" it causes issues when browsing externally
@ -491,14 +491,14 @@ class DATABASE_CONFIG {
# );
#}
# Important! Change the salt key in $PATH_TO_MISP/app/Config/config.php
# Important! Change the salt key in ${PATH_TO_MISP}/app/Config/config.php
# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
# If you want to be able to change configuration parameters from the webinterface:
sudo chown apache:apache $PATH_TO_MISP/app/Config/config.php
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config/config.php
sudo chown apache:apache ${PATH_TO_MISP}/app/Config/config.php
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Config/config.php
# Generate a GPG encryption key.
cat >/tmp/gen-key-script <<EOF
@ -516,17 +516,17 @@ cat >/tmp/gen-key-script <<EOF
%echo done
EOF
sudo gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
sudo rm -f /tmp/gen-key-script
sudo chown -R apache:apache $PATH_TO_MISP/.gnupg
sudo chown -R apache:apache ${PATH_TO_MISP}/.gnupg
# And export the public key to the webroot
sudo gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee $PATH_TO_MISP/app/webroot/gpg.asc
sudo chown apache:apache $PATH_TO_MISP/app/webroot/gpg.asc
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee ${PATH_TO_MISP}/app/webroot/gpg.asc
sudo chown apache:apache ${PATH_TO_MISP}/app/webroot/gpg.asc
# Start the workers to enable background jobs
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
$SUDO_WWW $RUN_PHP $PATH_TO_MISP/app/Console/worker/start.sh
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
${SUDO_WWW} $RUN_PHP ${PATH_TO_MISP}/app/Console/worker/start.sh
if [ ! -e /etc/rc.local ]
then
@ -551,21 +551,21 @@ sudo yum install -y openjpeg-devel
sudo chmod 2777 /usr/local/src
sudo chown root:users /usr/local/src
cd /usr/local/src/
$SUDO_WWW git clone https://github.com/MISP/misp-modules.git
${SUDO_WWW} git clone https://github.com/MISP/misp-modules.git
cd misp-modules
# pip install
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
# The following fails
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
sudo yum install rubygem-rouge rubygem-asciidoctor -y
##sudo gem install asciidoctor-pdf --pre
# install additional dependencies for extended object generation and extraction
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
# Start misp-modules
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
# TODO: Fix static path with PATH_TO_MISP
sudo sed -i -e '$i \sudo -u apache /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local

228
docs/xINSTALL.centos7.md
View File

@ -43,7 +43,7 @@ Make sure you are reading the parsed version of this Document. When in doubt [cl
# <snippet-begin 0_RHEL_PHP_INI.sh>
# RHEL/CentOS Specific
WWW_USER="apache"
SUDO_WWW="sudo -H -u $WWW_USER"
SUDO_WWW="sudo -H -u ${WWW_USER}"
RUN_PHP='/usr/bin/scl enable rh-php72'
PHP_INI=/etc/opt/rh/rh-php72/php.ini
@ -118,91 +118,91 @@ sudo systemctl enable --now redis.service
```bash
# Download MISP using git in the /var/www/ directory.
PATH_TO_MISP="/var/www/MISP"
sudo mkdir -p $(dirname $PATH_TO_MISP)
sudo chown ${WWW_USER}:${WWW_USER} ($dirname $PATH_TO_MISP)
cd $(dirname $PATH_TO_MISP)
$SUDO_WWW git clone https://github.com/MISP/MISP.git
cd $PATH_TO_MISP
##$SUDO_WWW git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
sudo mkdir -p $(dirname ${PATH_TO_MISP})
sudo chown ${WWW_USER}:${WWW_USER} ($dirname ${PATH_TO_MISP})
cd $(dirname ${PATH_TO_MISP})
${SUDO_WWW} git clone https://github.com/MISP/MISP.git
cd ${PATH_TO_MISP}
##${SUDO_WWW} git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
# if the last shortcut doesn't work, specify the latest version manually
# example: git checkout tags/v2.4.XY
# the message regarding a "detached HEAD state" is expected behaviour
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
# Fetch submodules
$SUDO_WWW git submodule update --init --recursive
${SUDO_WWW} git submodule update --init --recursive
# Make git ignore filesystem permission differences for submodules
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
# Make git ignore filesystem permission differences
$SUDO_WWW git config core.filemode false
${SUDO_WWW} git config core.filemode false
# Create a python3 virtualenv
sudo pip3 install virtualenv
$SUDO_WWW python3 "virtualenv -p python3 $PATH_TO_MISP/venv"
${SUDO_WWW} python3 "virtualenv -p python3 ${PATH_TO_MISP}/venv"
sudo mkdir /usr/share/httpd/.cache
sudo chown ${WWW_USER}:${WWW_USER} /usr/share/httpd/.cache
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U pip setuptools
# install Mitre's STIX and its dependencies by running the following commands:
##sudo yum install python-importlib python-lxml python-dateutil python-six -y
cd $PATH_TO_MISP/app/files/scripts
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
$SUDO_WWW git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
cd ${PATH_TO_MISP}/app/files/scripts
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
${SUDO_WWW} git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
cd $PATH_TO_MISP/app/files/scripts/python-cybox
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
UMASK=$(umask)
umask 0022
cd $PATH_TO_MISP/app/files/scripts/python-stix
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# install maec
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U maec
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U maec
# install zmq
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U zmq
# install redis
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U redis
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U redis
# lief needs manual compilation
sudo yum install devtoolset-7 cmake3 -y
# TODO: Fix static path with PATH_TO_MISP
cd $PATH_TO_MISP/app/files/scripts/lief
$SUDO_WWW mkdir build
cd ${PATH_TO_MISP}/app/files/scripts/lief
${SUDO_WWW} mkdir build
cd build
$SUDO_WWW scl enable devtoolset-7 'bash -c "cmake3 \
${SUDO_WWW} scl enable devtoolset-7 'bash -c "cmake3 \
-DLIEF_PYTHON_API=on \
-DLIEF_DOC=off \
-DCMAKE_INSTALL_PREFIX=$LIEF_INSTALL \
-DCMAKE_BUILD_TYPE=Release \
-DPYTHON_VERSION=3.6 \
-DPYTHON_EXECUTABLE=$PATH_TO_MISP/venv/bin/python \
-DPYTHON_EXECUTABLE=${PATH_TO_MISP}/venv/bin/python \
.."'
$SUDO_WWW make -j3
${SUDO_WWW} make -j3
sudo make install
cd api/python/lief_pybind11-prefix/src/lief_pybind11
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/python setup.py install
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/python setup.py install
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
# install magic, pydeep
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git
cd $PATH_TO_MISP/app/files/scripts/mixbox
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# install STIX2.0 library to support STIX 2.0 export:
cd $PATH_TO_MISP/cti-python-stix2
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/cti-python-stix2
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# install PyMISP
cd $PATH_TO_MISP/PyMISP
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/PyMISP
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# FIXME: Remove libfaup etc once the egg has the library baked-in
# BROKEN: This needs to be tested on RHEL/CentOS
@ -237,17 +237,17 @@ umask $UMASK
#### CakePHP is now included as a submodule of MISP and has been fetch by a previous step.
#### Install CakeResque along with its dependencies if you intend to use the built in background jobs.
```bash
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
sudo mkdir /usr/share/httpd/.composer
sudo chown ${WWW_USER}:${WWW_USER} /usr/share/httpd/.composer
cd $PATH_TO_MISP/app
cd ${PATH_TO_MISP}/app
# Update composer.phar (optional)
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
#$SUDO_WWW $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#$SUDO_WWW $RUN_PHP "php composer-setup.php"
#$SUDO_WWW $RUN_PHP -- php -r "unlink('composer-setup.php');"
$SUDO_WWW $RUN_PHP "php composer.phar install"
#${SUDO_WWW} $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
#${SUDO_WWW} $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#${SUDO_WWW} $RUN_PHP "php composer-setup.php"
#${SUDO_WWW} $RUN_PHP -- php -r "unlink('composer-setup.php');"
${SUDO_WWW} $RUN_PHP "php composer.phar install"
sudo yum install php-redis -y
sudo systemctl restart rh-php72-php-fpm.service
@ -267,30 +267,30 @@ done
sudo systemctl restart rh-php72-php-fpm.service
# To use the scheduler worker for scheduled tasks, do the following:
sudo cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
sudo cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
```
### 5/ Set the permissions
----------------------
```bash
# Make sure the permissions are set correctly using the following commands as root:
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP
sudo find $PATH_TO_MISP -type d -exec chmod g=rx {} \;
sudo chmod -R g+r,o= $PATH_TO_MISP
sudo chmod -R 750 $PATH_TO_MISP
sudo chmod -R g+xws $PATH_TO_MISP/app/tmp
sudo chmod -R g+ws $PATH_TO_MISP/app/files
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
sudo chmod -R g+rw $PATH_TO_MISP/venv
sudo chmod -R g+rw $PATH_TO_MISP/.git
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/files
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/files/terms
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/files/scripts/tmp
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/Plugin/CakeResque/tmp
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/Config
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/tmp
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/webroot/img/orgs
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/webroot/img/custom
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
sudo find ${PATH_TO_MISP} -type d -exec chmod g=rx {} \;
sudo chmod -R g+r,o= ${PATH_TO_MISP}
sudo chmod -R 750 ${PATH_TO_MISP}
sudo chmod -R g+xws ${PATH_TO_MISP}/app/tmp
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
sudo chmod -R g+rw ${PATH_TO_MISP}/venv
sudo chmod -R g+rw ${PATH_TO_MISP}/.git
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/files
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/files/terms
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/files/scripts/tmp
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Plugin/CakeResque/tmp
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/tmp
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/webroot/img/orgs
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/webroot/img/custom
```
### 6/ Create a database and user
@ -360,7 +360,7 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
#### Import the empty MySQL database from MYSQL.sql
```bash
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
```
@ -376,10 +376,10 @@ $SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSW
If it is disabled, you can ignore the **chcon/setsebool/semanage/checkmodule/semodule*** commands.
```bash
# Now configure your apache server with the DocumentRoot $PATH_TO_MISP/app/webroot/
# A sample vhost can be found in $PATH_TO_MISP/INSTALL/apache.misp.centos7
# Now configure your apache server with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
# A sample vhost can be found in ${PATH_TO_MISP}/INSTALL/apache.misp.centos7
sudo cp $PATH_TO_MISP/INSTALL/apache.misp.centos7.ssl /etc/httpd/conf.d/misp.ssl.conf
sudo cp ${PATH_TO_MISP}/INSTALL/apache.misp.centos7.ssl /etc/httpd/conf.d/misp.ssl.conf
sudo rm /etc/httpd/conf.d/ssl.conf
sudo chmod 644 /etc/httpd/conf.d/misp.ssl.conf
sudo sed -i '/Listen 80/a Listen 443' /etc/httpd/conf/httpd.conf
@ -399,27 +399,27 @@ cat /etc/pki/tls/certs/dhparam.pem |sudo tee -a /etc/pki/tls/certs/misp.local.cr
sudo systemctl restart httpd.service
# Since SELinux is enabled, we need to allow httpd to write to certain directories
sudo chcon -t bin_t $PATH_TO_MISP/venv/bin/*
find $PATH_TO_MISP/venv -type f -name "*.so*" -or -name "*.so.*" | xargs sudo chcon -t lib_t
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/terms
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/scripts/tmp
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Plugin/CakeResque/tmp
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Console/cake
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Console/worker/*.sh
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/*.py
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/*/*.py
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/lief/build/api/python/lief.so
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Vendor/pear/crypt_gpg/scripts/crypt-gpg-pinentry
sudo chcon -t bin_t ${PATH_TO_MISP}/venv/bin/*
find ${PATH_TO_MISP}/venv -type f -name "*.so*" -or -name "*.so.*" | xargs sudo chcon -t lib_t
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files/terms
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files/scripts/tmp
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Plugin/CakeResque/tmp
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/Console/cake
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/Console/worker/*.sh
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/files/scripts/*.py
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/files/scripts/*/*.py
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/files/scripts/lief/build/api/python/lief.so
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/Vendor/pear/crypt_gpg/scripts/crypt-gpg-pinentry
# Only run these if you want to be able to update MISP from the web interface
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/.git
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Lib
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/webroot/img/orgs
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/webroot/img/custom
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/scripts/mispzmq
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/.git
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/tmp
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Lib
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Config
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/tmp
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/webroot/img/orgs
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/webroot/img/custom
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files/scripts/mispzmq
```
!!! warning
@ -448,19 +448,19 @@ sudo firewall-cmd --reload
### 8/ Log rotation
---------------
```bash
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
# To rotate these logs install the supplied logrotate script:
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
sudo chmod 0640 /etc/logrotate.d/misp
# Now make logrotate work under SELinux as well
# Allow logrotate to modify the log files
sudo semanage fcontext -a -t httpd_log_t "$PATH_TO_MISP/app/tmp/logs(/.*)?"
sudo chcon -R -t httpd_log_t $PATH_TO_MISP/app/tmp/logs
sudo semanage fcontext -a -t httpd_log_t "${PATH_TO_MISP}/app/tmp/logs(/.*)?"
sudo chcon -R -t httpd_log_t ${PATH_TO_MISP}/app/tmp/logs
# Allow logrotate to read /var/www
sudo checkmodule -M -m -o /tmp/misplogrotate.mod $PATH_TO_MISP/INSTALL/misplogrotate.te
sudo checkmodule -M -m -o /tmp/misplogrotate.mod ${PATH_TO_MISP}/INSTALL/misplogrotate.te
sudo semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
sudo semodule -i /tmp/misplogrotate.pp
```
@ -468,11 +468,11 @@ sudo semodule -i /tmp/misplogrotate.pp
### 9/ MISP configuration
---------------------
```bash
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
echo "<?php
class DATABASE_CONFIG {
@ -489,7 +489,7 @@ class DATABASE_CONFIG {
'prefix' => '',
'encoding' => 'utf8',
);
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
# Configure the fields in the newly created files:
# config.php : baseurl (example: 'baseurl' => 'http://misp',) - don't use "localhost" it causes issues when browsing externally
@ -511,14 +511,14 @@ class DATABASE_CONFIG {
# );
#}
# Important! Change the salt key in $PATH_TO_MISP/app/Config/config.php
# Important! Change the salt key in ${PATH_TO_MISP}/app/Config/config.php
# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
# If you want to be able to change configuration parameters from the webinterface:
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/Config/config.php
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config/config.php
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config/config.php
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Config/config.php
# Generate a GPG encryption key.
cat >/tmp/gen-key-script <<EOF
@ -536,17 +536,17 @@ cat >/tmp/gen-key-script <<EOF
%echo done
EOF
sudo gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
sudo rm -f /tmp/gen-key-script
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/.gnupg
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/.gnupg
# And export the public key to the webroot
sudo gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee $PATH_TO_MISP/app/webroot/gpg.asc
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/webroot/gpg.asc
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee ${PATH_TO_MISP}/app/webroot/gpg.asc
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/webroot/gpg.asc
# Start the workers to enable background jobs
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
$SUDO_WWW $RUN_PHP $PATH_TO_MISP/app/Console/worker/start.sh
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
${SUDO_WWW} $RUN_PHP ${PATH_TO_MISP}/app/Console/worker/start.sh
if [ ! -e /etc/rc.local ]
then
@ -556,7 +556,7 @@ then
fi
# TODO: Fix static path with PATH_TO_MISP
sudo sed -i -e '$i \su -s /bin/bash apache -c "scl enable rh-php72 $PATH_TO_MISP/app/Console/worker/start.sh" > /tmp/worker_start_rc.local.log\n' /etc/rc.local
sudo sed -i -e '$i \su -s /bin/bash apache -c "scl enable rh-php72 ${PATH_TO_MISP}/app/Console/worker/start.sh" > /tmp/worker_start_rc.local.log\n' /etc/rc.local
# Make sure it will execute
sudo chmod +x /etc/rc.local
@ -571,23 +571,23 @@ sudo yum install openjpeg-devel -y
sudo chmod 2777 /usr/local/src
sudo chown root:users /usr/local/src
cd /usr/local/src/
$SUDO_WWW git clone https://github.com/MISP/misp-modules.git
${SUDO_WWW} git clone https://github.com/MISP/misp-modules.git
cd misp-modules
# pip install
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
sudo yum install rubygem-rouge rubygem-asciidoctor -y
##sudo gem install asciidoctor-pdf --pre
# install additional dependencies for extended object generation and extraction
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
# Start misp-modules
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
# TODO: Fix static path with PATH_TO_MISP
sudo sed -i -e '$i \sudo -u apache $PATH_TO_MISP/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
sudo sed -i -e '$i \sudo -u apache ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
```
{!generic/misp-dashboard-centos.md!}

138
docs/xINSTALL.debian10.md
View File

@ -28,11 +28,11 @@ PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
{!generic/ethX.md!}
#### Add $MISP_USER to staff and $WWW_USER
#### Add $MISP_USER to staff and ${WWW_USER}
```bash
sudo adduser $MISP_USER staff
sudo adduser $MISP_USER $WWW_USER
sudo adduser $MISP_USER ${WWW_USER}
```
#### Make sure your system is up2date and curl installed
@ -122,45 +122,45 @@ sudo systemctl restart apache2
------------
```bash
# Download MISP using git in the /var/www/ directory.
sudo mkdir $PATH_TO_MISP
sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP
cd $PATH_TO_MISP
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
$SUDO_WWW git submodule update --init --recursive
sudo mkdir ${PATH_TO_MISP}
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
cd ${PATH_TO_MISP}
${SUDO_WWW} git clone https://github.com/MISP/MISP.git ${PATH_TO_MISP}
${SUDO_WWW} git submodule update --init --recursive
# Make git ignore filesystem permission differences for submodules
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
# Make git ignore filesystem permission differences
$SUDO_WWW git config core.filemode false
${SUDO_WWW} git config core.filemode false
# Create a python3 virtualenv
$SUDO_WWW virtualenv -p python3 ${PATH_TO_MISP}/venv
${SUDO_WWW} virtualenv -p python3 ${PATH_TO_MISP}/venv
# make pip happy
sudo mkdir /var/www/.cache/
sudo chown $WWW_USER:$WWW_USER /var/www/.cache
sudo chown ${WWW_USER}:${WWW_USER} /var/www/.cache
cd $PATH_TO_MISP/app/files/scripts
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
$SUDO_WWW git clone https://github.com/MAECProject/python-maec.git
cd ${PATH_TO_MISP}/app/files/scripts
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
${SUDO_WWW} git clone https://github.com/MAECProject/python-maec.git
# install mixbox to accommodate the new STIX dependencies:
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
cd $PATH_TO_MISP/app/files/scripts/mixbox
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/python-cybox
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/python-stix
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/python-maec
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-maec
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# install STIX2.0 library to support STIX 2.0 export:
cd ${PATH_TO_MISP}/cti-python-stix2
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# install PyMISP
cd $PATH_TO_MISP/PyMISP
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
cd ${PATH_TO_MISP}/PyMISP
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# FIXME: Remove libfaup etc once the egg has the library baked-in
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
cd /tmp
@ -180,19 +180,19 @@ sudo make install
sudo ldconfig
# install pydeep
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
# install lief
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
# install zmq needed by mispzmq
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install zmq redis
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq redis
# install python-magic
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install python-magic
# install plyara
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install plyara
```
### 4/ CakePHP
@ -206,24 +206,24 @@ $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
```bash
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
cd $PATH_TO_MISP/app
cd ${PATH_TO_MISP}/app
# Make composer cache happy
sudo mkdir /var/www/.composer ; sudo chown $WWW_USER:$WWW_USER /var/www/.composer
sudo mkdir /var/www/.composer ; sudo chown ${WWW_USER}:${WWW_USER} /var/www/.composer
# Update composer.phar
#$SUDO_WWW php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
#$SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === 'baf1608c33254d00611ac1705c1d9958c817a1a33bce370c0595974b342601bd80b92a3f46067da89e3b06bff421f182') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#$SUDO_WWW php composer-setup.php
#$SUDO_WWW php -r "unlink('composer-setup.php');"
$SUDO_WWW php composer.phar install
#${SUDO_WWW} php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
#${SUDO_WWW} php -r "if (hash_file('SHA384', 'composer-setup.php') === 'baf1608c33254d00611ac1705c1d9958c817a1a33bce370c0595974b342601bd80b92a3f46067da89e3b06bff421f182') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
#${SUDO_WWW} php composer-setup.php
#${SUDO_WWW} php -r "unlink('composer-setup.php');"
${SUDO_WWW} php composer.phar install
# The following is potentially not needed, but just here in case of Keyboard/Chair failures
$SUDO_WWW php composer.phar update
${SUDO_WWW} php composer.phar update
# Enable CakeResque with php-redis
sudo phpenmod redis
sudo phpenmod gnupg
# To use the scheduler worker for scheduled tasks, do the following:
$SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
```
@ -232,11 +232,11 @@ $SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin
```bash
# Check if the permissions are set correctly using the following commands:
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP
sudo chmod -R 750 $PATH_TO_MISP
sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
sudo chmod -R g+ws $PATH_TO_MISP/app/files
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
sudo chmod -R 750 ${PATH_TO_MISP}
sudo chmod -R g+ws ${PATH_TO_MISP}/app/tmp
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
```
@ -265,16 +265,16 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
#### Import the empty MISP database from MYSQL.sql
```bash
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
```
### 7/ Apache configuration
-----------------------
```bash
# Now configure your Apache webserver with the DocumentRoot $PATH_TO_MISP/app/webroot/
# Now configure your Apache webserver with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
# If the apache version is 2.4:
sudo cp $PATH_TO_MISP/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
sudo cp ${PATH_TO_MISP}/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
# Be aware that the configuration files for apache 2.4 and up have changed.
# The configuration file has to have the .conf extension in the sites-available directory
@ -305,8 +305,8 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
<VirtualHost _default_:443>
ServerAdmin admin@<your.FQDN.here>
ServerName <your.FQDN.here>
DocumentRoot $PATH_TO_MISP/app/webroot
<Directory $PATH_TO_MISP/app/webroot>
DocumentRoot ${PATH_TO_MISP}/app/webroot
<Directory ${PATH_TO_MISP}/app/webroot>
Options -Indexes
AllowOverride all
Require all granted
@ -349,21 +349,21 @@ sudo systemctl restart apache2
### 8/ Log rotation
---------------
```bash
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
# To rotate these logs install the supplied logrotate script:
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
sudo chmod 0640 /etc/logrotate.d/misp
```
### 9/ MISP configuration
---------------------
```bash
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
echo "<?php
@ -381,11 +381,11 @@ class DATABASE_CONFIG {
'prefix' => '',
'encoding' => 'utf8',
);
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
# and make sure the file permissions are still OK
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/app/Config
sudo chmod -R 750 $PATH_TO_MISP/app/Config
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config
sudo chmod -R 750 ${PATH_TO_MISP}/app/Config
# Generate a GPG encryption key.
@ -404,14 +404,14 @@ cat >/tmp/gen-key-script <<EOF
%echo done
EOF
$SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
${SUDO_WWW} gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
# And export the public key to the webroot
$SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
${SUDO_WWW} sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/webroot/gpg.asc
# To make the background workers start on boot
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
echo "[Unit]
Description=MISP background workers
@ -419,9 +419,9 @@ After=mariadb.service redis-server.service
[Service]
Type=forking
User=$WWW_USER
Group=$WWW_USER
ExecStart=$PATH_TO_MISP/app/Console/worker/start.sh
User=${WWW_USER}
Group=${WWW_USER}
ExecStart=${PATH_TO_MISP}/app/Console/worker/start.sh
Restart=always
RestartSec=10
@ -440,7 +440,7 @@ fi
{!generic/MISP_CAKE_init.md!}
```bash
# Add the following lines before the last line (exit 0). Make sure that you replace $WWW_USER with your apache user:
# Add the following lines before the last line (exit 0). Make sure that you replace ${WWW_USER} with your apache user:
sudo sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
@ -476,7 +476,7 @@ echo "User (misp) DB Password: $DBPASSWORD_MISP"
#### MISP has a new pub/sub feature, using ZeroMQ. To enable it, simply run the following commands
```bash
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install pyzmq
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install pyzmq
```
#### MISP has a feature for publishing events to Kafka. To enable it, simply run the following commands

136
docs/xINSTALL.debian9.md
View File

@ -12,7 +12,7 @@
Maintained and tested by @SteveClement on 20190702
!!! warning
This install document is compiles a custom Python 3.7 meaning some things might be unexpected.
This install document compiles a custom Python 3.7 meaning some things might be unexpected.
Debian stretch has Python 3.5 but we need at least python 3.6
@ -32,7 +32,7 @@ PHP_ETC_BASE=/etc/php/7.0
PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
sudo adduser $MISP_USER staff
sudo adduser $MISP_USER $WWW_USER
sudo adduser $MISP_USER ${WWW_USER}
```
{!generic/sudo_etckeeper.md!}
@ -151,45 +151,45 @@ sudo systemctl restart apache2
------------
```bash
# Download MISP using git in the /var/www/ directory.
sudo mkdir $PATH_TO_MISP
sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP
cd $PATH_TO_MISP
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
$SUDO_WWW git submodule update --init --recursive
sudo mkdir ${PATH_TO_MISP}
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
cd ${PATH_TO_MISP}
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MISP/MISP.git ${PATH_TO_MISP}; done
${SUDO_WWW} git submodule update --progress --init --recursive
# Make git ignore filesystem permission differences for submodules
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
# Make git ignore filesystem permission differences
$SUDO_WWW git config core.filemode false
${SUDO_WWW} git config core.filemode false
# Create a python3 virtualenv
$SUDO_WWW virtualenv -p ~/opt/python3/bin/python3.7 ${PATH_TO_MISP}/venv
${SUDO_WWW} virtualenv -p ~/opt/python3/bin/python3.7 ${PATH_TO_MISP}/venv
# make pip happy
sudo mkdir /var/www/.cache/
sudo chown $WWW_USER:$WWW_USER /var/www/.cache
sudo chown ${WWW_USER}:${WWW_USER} /var/www/.cache
cd $PATH_TO_MISP/app/files/scripts
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
$SUDO_WWW git clone https://github.com/MAECProject/python-maec.git
cd ${PATH_TO_MISP}/app/files/scripts
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
${SUDO_WWW} git clone https://github.com/MAECProject/python-maec.git
# install mixbox to accommodate the new STIX dependencies:
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
cd $PATH_TO_MISP/app/files/scripts/mixbox
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/python-cybox
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/python-stix
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/python-maec
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-maec
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# install STIX2.0 library to support STIX 2.0 export:
cd ${PATH_TO_MISP}/cti-python-stix2
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# install PyMISP
cd $PATH_TO_MISP/PyMISP
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
cd ${PATH_TO_MISP}/PyMISP
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
# FIXME: Remove libfaup etc once the egg has the library baked-in
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
cd /tmp
@ -209,19 +209,19 @@ sudo make install
sudo ldconfig
# install pydeep
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
# install lief
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
# install zmq needed by mispzmq
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install zmq redis
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq redis
# install python-magic
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install python-magic
# install plyara
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install plyara
```
### 4/ CakePHP
@ -230,23 +230,23 @@ $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
```bash
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
cd $PATH_TO_MISP/app
cd ${PATH_TO_MISP}/app
# Make composer cache happy
sudo mkdir /var/www/.composer ; sudo chown $WWW_USER:$WWW_USER /var/www/.composer
sudo mkdir /var/www/.composer ; sudo chown ${WWW_USER}:${WWW_USER} /var/www/.composer
# Update composer.phar
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
# $SUDO_WWW php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
# $SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
# $SUDO_WWW php composer-setup.php
# $SUDO_WWW php -r "unlink('composer-setup.php');"
$SUDO_WWW php composer.phar install
# ${SUDO_WWW} php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
# ${SUDO_WWW} php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
# ${SUDO_WWW} php composer-setup.php
# ${SUDO_WWW} php -r "unlink('composer-setup.php');"
${SUDO_WWW} php composer.phar install
# Enable CakeResque with php-redis
sudo phpenmod redis
sudo phpenmod gnupg
# To use the scheduler worker for scheduled tasks, do the following:
$SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
```
@ -255,11 +255,11 @@ $SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin
```bash
# Check if the permissions are set correctly using the following commands:
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP
sudo chmod -R 750 $PATH_TO_MISP
sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
sudo chmod -R g+ws $PATH_TO_MISP/app/files
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
sudo chmod -R 750 ${PATH_TO_MISP}
sudo chmod -R g+ws ${PATH_TO_MISP}/app/tmp
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
```
@ -288,16 +288,16 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
#### Import the empty MISP database from MYSQL.sql
```bash
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
```
### 7/ Apache configuration
-----------------------
```bash
# Now configure your Apache webserver with the DocumentRoot $PATH_TO_MISP/app/webroot/
# Now configure your Apache webserver with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
# If the apache version is 2.4:
sudo cp $PATH_TO_MISP/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
sudo cp ${PATH_TO_MISP}/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
# Be aware that the configuration files for apache 2.4 and up have changed.
# The configuration file has to have the .conf extension in the sites-available directory
@ -328,8 +328,8 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
<VirtualHost _default_:443>
ServerAdmin admin@<your.FQDN.here>
ServerName <your.FQDN.here>
DocumentRoot $PATH_TO_MISP/app/webroot
<Directory $PATH_TO_MISP/app/webroot>
DocumentRoot ${PATH_TO_MISP}/app/webroot
<Directory ${PATH_TO_MISP}/app/webroot>
Options -Indexes
AllowOverride all
Require all granted
@ -372,21 +372,21 @@ sudo systemctl restart apache2
### 8/ Log rotation
---------------
```bash
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
# To rotate these logs install the supplied logrotate script:
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
sudo chmod 0640 /etc/logrotate.d/misp
```
### 9/ MISP configuration
---------------------
```bash
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
echo "<?php
@ -404,11 +404,11 @@ class DATABASE_CONFIG {
'prefix' => '',
'encoding' => 'utf8',
);
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
# and make sure the file permissions are still OK
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/app/Config
sudo chmod -R 750 $PATH_TO_MISP/app/Config
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config
sudo chmod -R 750 ${PATH_TO_MISP}/app/Config
# Generate a GPG encryption key.
@ -427,14 +427,14 @@ cat >/tmp/gen-key-script <<EOF
%echo done
EOF
$SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
${SUDO_WWW} gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
# And export the public key to the webroot
$SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
${SUDO_WWW} sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/webroot/gpg.asc
# To make the background workers start on boot
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
echo "[Unit]
Description=MISP background workers
@ -442,9 +442,9 @@ After=mariadb.service redis-server.service
[Service]
Type=forking
User=$WWW_USER
Group=$WWW_USER
ExecStart=$PATH_TO_MISP/app/Console/worker/start.sh
User=${WWW_USER}
Group=${WWW_USER}
ExecStart=${PATH_TO_MISP}/app/Console/worker/start.sh
Restart=always
RestartSec=10
@ -463,7 +463,7 @@ fi
{!generic/MISP_CAKE_init.md!}
```bash
# Add the following lines before the last line (exit 0). Make sure that you replace $WWW_USER with your apache user:
# Add the following lines before the last line (exit 0). Make sure that you replace ${WWW_USER} with your apache user:
sudo sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
@ -499,7 +499,7 @@ echo "User (misp) DB Password: $DBPASSWORD_MISP"
#### MISP has a new pub/sub feature, using ZeroMQ. To enable it, simply run the following commands
```bash
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install pyzmq
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install pyzmq
```
#### MISP has a feature for publishing events to Kafka. To enable it, simply run the following commands

116
docs/xINSTALL.tsurugi.md
View File

@ -84,7 +84,7 @@ function installMISPonTsurugi() {
PATH_TO_MISP='/var/www/MISP'
MISP_BASEURL='https://misp.local'
MISP_LIVE='1'
CAKE="$PATH_TO_MISP/app/Console/cake"
CAKE="${PATH_TO_MISP}/app/Console/cake"
# Database configuration
DBHOST='localhost'
@ -184,12 +184,12 @@ function installMISPonTsurugi() {
#update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
#update-alternatives --install /usr/bin/python python /usr/bin/python3.5 2
mkdir $PATH_TO_MISP
chown www-data:www-data $PATH_TO_MISP
cd $PATH_TO_MISP
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
mkdir ${PATH_TO_MISP}
chown www-data:www-data ${PATH_TO_MISP}
cd ${PATH_TO_MISP}
${SUDO_WWW} git clone https://github.com/MISP/MISP.git ${PATH_TO_MISP}
$SUDO_WWW git config core.filemode false
${SUDO_WWW} git config core.filemode false
cp -p /etc/lsb-release /etc/lsb-release.tmp
sudo sed -i 's/TSURUGI/Ubuntu/g' /etc/lsb-release
@ -198,45 +198,45 @@ function installMISPonTsurugi() {
sudo apt-get update
sudo apt-get install python3.6 python3.6-dev -y
mv /etc/lsb-release.tmp /etc/lsb-release
$SUDO_WWW virtualenv -p python3.6 $PATH_TO_MISP/venv
${SUDO_WWW} virtualenv -p python3.6 ${PATH_TO_MISP}/venv
cd $PATH_TO_MISP/app/files/scripts
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
cd ${PATH_TO_MISP}/app/files/scripts
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
mkdir /var/www/.cache
chown www-data:www-data /var/www/.cache
cd $PATH_TO_MISP/app/files/scripts/python-stix
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/python-cybox
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/mixbox
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP
$SUDO_WWW git submodule update --init --recursive
cd ${PATH_TO_MISP}
${SUDO_WWW} git submodule update --init --recursive
# Make git ignore filesystem permission differences for submodules
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
# install PyMISP
cd $PATH_TO_MISP/PyMISP
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
cd ${PATH_TO_MISP}/PyMISP
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app
cd ${PATH_TO_MISP}/app
mkdir /var/www/.composer ; chown www-data:www-data /var/www/.composer
$SUDO_WWW php composer.phar install
${SUDO_WWW} php composer.phar install
$SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
chown -R www-data:www-data $PATH_TO_MISP
chmod -R 750 $PATH_TO_MISP
chmod -R g+ws $PATH_TO_MISP/app/tmp
chmod -R g+ws $PATH_TO_MISP/app/files
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
chown -R www-data:www-data ${PATH_TO_MISP}
chmod -R 750 ${PATH_TO_MISP}
chmod -R g+ws ${PATH_TO_MISP}/app/tmp
chmod -R g+ws ${PATH_TO_MISP}/app/files
chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
if [ ! -e /var/lib/mysql/misp/users.ibd ]; then
echo "
@ -269,7 +269,7 @@ function installMISPonTsurugi() {
update-rc.d apache2 enable
update-rc.d redis-server enable
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
echo "<?php
class DATABASE_CONFIG {
@ -286,7 +286,7 @@ function installMISPonTsurugi() {
'prefix' => '',
'encoding' => 'utf8',
);
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
else
echo "There might be a database already existing here: /var/lib/mysql/misp/users.ibd"
echo "Skipping any creations…"
@ -307,9 +307,9 @@ function installMISPonTsurugi() {
cd /var/www
mkdir misp-dashboard
chown www-data:www-data misp-dashboard
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git
${SUDO_WWW} git clone https://github.com/MISP/misp-dashboard.git
cd misp-dashboard
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install zmq redis
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq redis
/var/www/misp-dashboard/install_dependencies.sh
sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
@ -319,7 +319,7 @@ function installMISPonTsurugi() {
sed -i -e '$i \ echo "Updating ${d}"\n' /etc/rc.local
sed -i -e '$i \ cd $d && sudo git pull &\n' /etc/rc.local
sed -i -e '$i \done\n' /etc/rc.local
$SUDO_WWW bash /var/www/misp-dashboard/start_all.sh
${SUDO_WWW} bash /var/www/misp-dashboard/start_all.sh
apt install libapache2-mod-wsgi-py3 -y
@ -338,9 +338,9 @@ function installMISPonTsurugi() {
<VirtualHost _default_:443>
ServerAdmin admin@localhost.lu
ServerName misp.local
DocumentRoot $PATH_TO_MISP/app/webroot
DocumentRoot ${PATH_TO_MISP}/app/webroot
<Directory $PATH_TO_MISP/app/webroot>
<Directory ${PATH_TO_MISP}/app/webroot>
Options -Indexes
AllowOverride all
Require all granted
@ -413,15 +413,15 @@ function installMISPonTsurugi() {
systemctl restart apache2
cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
chmod 0640 /etc/logrotate.d/misp
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
chown -R www-data:www-data $PATH_TO_MISP/app/Config
chmod -R 750 $PATH_TO_MISP/app/Config
chown -R www-data:www-data ${PATH_TO_MISP}/app/Config
chmod -R 750 ${PATH_TO_MISP}/app/Config
$CAKE Live $MISP_LIVE
$CAKE Baseurl $MISP_BASEURL
@ -438,11 +438,11 @@ function installMISPonTsurugi() {
%commit
%echo done" > /tmp/gen-key-script
$SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
${SUDO_WWW} gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
$SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
${SUDO_WWW} sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/webroot/gpg.asc
chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
$CAKE userInit -q
$CAKE Admin updateDatabase
@ -542,7 +542,7 @@ function installMISPonTsurugi() {
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh\n' /etc/rc.local
sed -i -e '$i \sudo -u www-data /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s > /tmp/misp-modules_rc.local.log 2> /dev/null &\n' /etc/rc.local
$SUDO_WWW bash $PATH_TO_MISP/app/Console/worker/start.sh
${SUDO_WWW} bash ${PATH_TO_MISP}/app/Console/worker/start.sh
cd /usr/local/src/
git clone https://github.com/MISP/misp-modules.git
cd misp-modules
@ -550,14 +550,14 @@ function installMISPonTsurugi() {
chown www-data .
apt install libpq5 libjpeg-dev tesseract-ocr libpoppler-cpp-dev imagemagick libopencv-dev zbar-tools libzbar0 libzbar-dev libfuzzy-dev -y
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I .
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install maec python-magic wand lief yara-python plyara
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install stix2
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I .
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install maec python-magic wand lief yara-python plyara
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install stix2
gem install pygments.rb
gem install asciidoctor-pdf --pre
$SUDO_WWW $PATH_TO_MISP/venv/bin/misp-modules -l 127.0.0.1 -s &
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s &
$CAKE Admin setSetting "Plugin.Enrichment_services_enable" true
$CAKE Admin setSetting "Plugin.Enrichment_hover_enable" true
$CAKE Admin setSetting "Plugin.Enrichment_timeout" 300
@ -603,11 +603,11 @@ function installMISPonTsurugi() {
sleep 6
done
chown -R www-data:www-data $PATH_TO_MISP
chmod -R 750 $PATH_TO_MISP
chmod -R g+ws $PATH_TO_MISP/app/tmp
chmod -R g+ws $PATH_TO_MISP/app/files
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
chown -R www-data:www-data ${PATH_TO_MISP}
chmod -R 750 ${PATH_TO_MISP}
chmod -R g+ws ${PATH_TO_MISP}/app/tmp
chmod -R g+ws ${PATH_TO_MISP}/app/files
chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
cd /usr/local/src/

20
docs/xINSTALL.ubuntu1804.with.webmin.md
View File

@ -173,25 +173,25 @@ git submodule foreach --recursive git config core.filemode false
# Create a python3 virtualenv
virtualenv -p python3 ${PATH_TO_MISP}/venv
cd $PATH_TO_MISP/app/files/scripts
cd ${PATH_TO_MISP}/app/files/scripts
git clone https://github.com/CybOXProject/python-cybox.git
git clone https://github.com/STIXProject/python-stix.git
git clone https://github.com/MAECProject/python-maec.git
cd $PATH_TO_MISP/app/files/scripts/python-cybox
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/python-stix
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
${PATH_TO_MISP}/venv/bin/pip install .
cd $PATH_TO_MISP/app/files/scripts/python-maec
cd ${PATH_TO_MISP}/app/files/scripts/python-maec
${PATH_TO_MISP}/venv/bin/pip install .
# install mixbox to accommodate the new STIX dependencies:
cd $PATH_TO_MISP/app/files/scripts/
cd ${PATH_TO_MISP}/app/files/scripts/
git clone https://github.com/CybOXProject/mixbox.git
cd $PATH_TO_MISP/app/files/scripts/mixbox
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
${PATH_TO_MISP}/venv/bin/pip install .
# install PyMISP
cd $PATH_TO_MISP/PyMISP
cd ${PATH_TO_MISP}/PyMISP
${PATH_TO_MISP}/venv/bin/pip install .
```
@ -243,7 +243,7 @@ flush privileges;
exit
# Import the empty MISP database from MYSQL.sql
sudo -u ${VIRT_USER} cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
sudo -u ${VIRT_USER} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
```
@ -344,11 +344,11 @@ cat >/tmp/gen-key-script <<EOF
%echo done
EOF
gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
# And export the public key to the webroot
sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | tee $PATH_TO_MISP/app/webroot/gpg.asc
sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | tee ${PATH_TO_MISP}/app/webroot/gpg.asc
# If you get no satisfaction with your entropy install this:
sudo apt-get install haveged pv

9
mkdocs.yml
View File

@ -38,8 +38,7 @@ theme:
markdown_extensions:
- markdown_include.include:
base_path: docs
# mkdcomments is buggy atm, see: https://github.com/ryneeverett/python-markdown-comments/issues/3
#- mkdcomments
- mkdcomments
- markdown.extensions.admonition
- markdown.extensions.codehilite:
guess_lang: false
@ -75,12 +74,10 @@ nav:
- 'RHEL8/CentOS8': 'INSTALL.rhel8.md'
- xInstall Guides:
- 'Warning': 'xINSTALL.md'
- 'Centos 6': 'xINSTALL.centos6.md'
- 'Debian 10': 'xINSTALL.debian10.md'
- 'Debian 9': 'xINSTALL.debian9.md'
- 'Ubuntu 18.04 \w webmin': 'xINSTALL.ubuntu1804.with.webmin.md'
- 'Tsurugi Linux': 'xINSTALL.tsurugi.md'
- 'OpenBSD 6.6': 'xINSTALL.OpenBSD.md'
- 'OpenBSD 6.7': 'xINSTALL.OpenBSD.md'
- Config Guides:
- 'Elastic Search Logging': 'CONFIG.elasticsearch-logging.md'
- 'Amazon S3 attachments': 'CONFIG.s3-attachments.md'
@ -90,6 +87,8 @@ nav:
- Old guides:
- '2.3 to 2.4 upgrade': 'archive/old-2_3to2_4-UPGRADE.md'
- 'Ubuntu 16.04': 'archive/INSTALL.ubuntu1604.md'
- 'Debian 9': 'xINSTALL.debian9.md'
- 'Centos 6': 'xINSTALL.centos6.md'
- 'FreeBSD': 'archive/xINSTALL.FreeBSD.md'
- About:
- 'MISP Release Notes': 'Changelog.md'