mirror of https://github.com/MISP/MISP
Merge branch '2.4' of https://github.com/MISP/MISP into rework_stix
commit
e95dad15d0
|
@ -462,6 +462,15 @@ class AppController extends Controller
|
|||
$this->set('isAclKafka', isset($role['perm_publish_kafka']) ? $role['perm_publish_kafka'] : false);
|
||||
$this->set('isAclDecaying', isset($role['perm_decaying']) ? $role['perm_decaying'] : false);
|
||||
$this->userRole = $role;
|
||||
|
||||
$this->set('loggedInUserName', $this->__convertEmailToName($this->Auth->user('email')));
|
||||
if ($this->request->params['controller'] === 'users' && $this->request->params['action'] === 'dashboard') {
|
||||
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user());
|
||||
} else {
|
||||
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user(), 'fast');
|
||||
}
|
||||
$this->set('notifications', $notifications);
|
||||
|
||||
if (
|
||||
Configure::read('MISP.log_paranoid') ||
|
||||
!empty(Configure::read('Security.monitored'))
|
||||
|
@ -499,9 +508,8 @@ class AppController extends Controller
|
|||
} else {
|
||||
$this->set('me', false);
|
||||
}
|
||||
$this->set('br', '<br />');
|
||||
$this->set('bold', array('<span class="bold">', '</span>'));
|
||||
if ($this->_isSiteAdmin()) {
|
||||
|
||||
if ($this->Auth->user() && $this->_isSiteAdmin()) {
|
||||
if (Configure::read('Session.defaults') == 'database') {
|
||||
$db = ConnectionManager::getDataSource('default');
|
||||
$sqlResult = $db->query('SELECT COUNT(id) AS session_count FROM cake_sessions WHERE expires < ' . time() . ';');
|
||||
|
@ -515,13 +523,6 @@ class AppController extends Controller
|
|||
}
|
||||
}
|
||||
|
||||
$this->set('loggedInUserName', $this->__convertEmailToName($this->Auth->user('email')));
|
||||
if ($this->request->params['controller'] === 'users' && $this->request->params['action'] === 'dashboard') {
|
||||
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user());
|
||||
} else {
|
||||
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user(), 'fast');
|
||||
}
|
||||
$this->set('notifications', $notifications);
|
||||
$this->ACL->checkAccess($this->Auth->user(), Inflector::variable($this->request->params['controller']), $this->action);
|
||||
if ($this->_isRest()) {
|
||||
$this->__rateLimitCheck();
|
||||
|
|
|
@ -695,12 +695,23 @@ class ACLComponent extends Component
|
|||
}
|
||||
}
|
||||
|
||||
// The check works like this:
|
||||
// If the user is a site admin, return true
|
||||
// If the requested action has an OR-d list, iterate through the list. If any of the permissions are set for the user, return true
|
||||
// If the requested action has an AND-ed list, iterate through the list. If any of the permissions for the user are not set, turn the check to false. Otherwise return true.
|
||||
// If the requested action has a permission, check if the user's role has it flagged. If yes, return true
|
||||
// If we fall through all of the checks, return an exception.
|
||||
/**
|
||||
* The check works like this:
|
||||
* - If the user is a site admin, return true
|
||||
* - If the requested action has an OR-d list, iterate through the list. If any of the permissions are set for the user, return true
|
||||
* - If the requested action has an AND-ed list, iterate through the list. If any of the permissions for the user are not set, turn the check to false. Otherwise return true.
|
||||
* - If the requested action has a permission, check if the user's role has it flagged. If yes, return true
|
||||
* - If we fall through all of the checks, return an exception.
|
||||
*
|
||||
* @param array|null $user
|
||||
* @param string $controller
|
||||
* @param string $action
|
||||
* @param bool $soft If true, instead of exception, HTTP error code is retuned as int.
|
||||
* @return bool|int
|
||||
* @throws NotFoundException
|
||||
* @throws MethodNotAllowedException
|
||||
* @throws InternalErrorException
|
||||
*/
|
||||
public function checkAccess($user, $controller, $action, $soft = false)
|
||||
{
|
||||
$controller = lcfirst(Inflector::camelize($controller));
|
||||
|
@ -710,15 +721,12 @@ class ACLComponent extends Component
|
|||
$aclList[$k] = array_change_key_case($v);
|
||||
}
|
||||
$this->__checkLoggedActions($user, $controller, $action);
|
||||
if ($user['Role']['perm_site_admin']) {
|
||||
if ($user && $user['Role']['perm_site_admin']) {
|
||||
return true;
|
||||
}
|
||||
if (!isset($aclList[$controller])) {
|
||||
return $this->__error(404, 'Invalid controller.', $soft);
|
||||
}
|
||||
if ($user['Role']['perm_site_admin']) {
|
||||
return true;
|
||||
}
|
||||
if (isset($aclList[$controller][$action]) && !empty($aclList[$controller][$action])) {
|
||||
if (in_array('*', $aclList[$controller][$action])) {
|
||||
return true;
|
||||
|
|
|
@ -1167,17 +1167,12 @@ class EventsController extends AppController
|
|||
$this->set('emptyEvent', $emptyEvent);
|
||||
|
||||
// remove galaxies tags
|
||||
$this->loadModel('GalaxyCluster');
|
||||
$this->loadModel('Taxonomy');
|
||||
$cluster_names = $this->GalaxyCluster->find('list', array('fields' => array('GalaxyCluster.tag_name'), 'group' => array('GalaxyCluster.tag_name', 'GalaxyCluster.id')));
|
||||
foreach ($event['Object'] as $k => $object) {
|
||||
if (isset($object['Attribute'])) {
|
||||
foreach ($object['Attribute'] as $k2 => $attribute) {
|
||||
foreach ($attribute['AttributeTag'] as $k3 => $attributeTag) {
|
||||
if (in_array($attributeTag['Tag']['name'], $cluster_names)) {
|
||||
unset($event['Object'][$k]['Attribute'][$k2]['AttributeTag'][$k3]);
|
||||
}
|
||||
}
|
||||
$this->Event->Attribute->removeGalaxyClusterTags($event['Object'][$k]['Attribute'][$k2]);
|
||||
|
||||
$tagConflicts = $this->Taxonomy->checkIfTagInconsistencies($attribute['AttributeTag']);
|
||||
foreach ($tagConflicts['global'] as $tagConflict) {
|
||||
$warningTagConflicts[$tagConflict['taxonomy']['Taxonomy']['namespace']] = $tagConflict['taxonomy'];
|
||||
|
@ -1190,11 +1185,8 @@ class EventsController extends AppController
|
|||
}
|
||||
}
|
||||
foreach ($event['Attribute'] as $k => $attribute) {
|
||||
foreach ($attribute['AttributeTag'] as $k2 => $attributeTag) {
|
||||
if (in_array($attributeTag['Tag']['name'], $cluster_names)) {
|
||||
unset($event['Attribute'][$k]['AttributeTag'][$k2]);
|
||||
}
|
||||
}
|
||||
$this->Event->Attribute->removeGalaxyClusterTags($event['Attribute'][$k]);
|
||||
|
||||
$tagConflicts = $this->Taxonomy->checkIfTagInconsistencies($attribute['AttributeTag']);
|
||||
foreach ($tagConflicts['global'] as $tagConflict) {
|
||||
$warningTagConflicts[$tagConflict['taxonomy']['Taxonomy']['namespace']] = $tagConflict['taxonomy'];
|
||||
|
@ -1232,8 +1224,8 @@ class EventsController extends AppController
|
|||
}
|
||||
$this->set('event', $event);
|
||||
$dataForView = array(
|
||||
'Attribute' => array('attrDescriptions', 'typeDefinitions', 'categoryDefinitions', 'distributionDescriptions', 'distributionLevels', 'shortDist'),
|
||||
'Event' => array('fieldDescriptions')
|
||||
'Attribute' => array('attrDescriptions' => 'fieldDescriptions', 'distributionDescriptions' => 'distributionDescriptions', 'distributionLevels' => 'distributionLevels', 'shortDist' => 'shortDist'),
|
||||
'Event' => array('eventDescriptions' => 'fieldDescriptions', 'analysisDescriptions' => 'analysisDescriptions', 'analysisLevels' => 'analysisLevels')
|
||||
);
|
||||
foreach ($dataForView as $m => $variables) {
|
||||
if ($m === 'Event') {
|
||||
|
@ -1241,8 +1233,8 @@ class EventsController extends AppController
|
|||
} elseif ($m === 'Attribute') {
|
||||
$currentModel = $this->Event->Attribute;
|
||||
}
|
||||
foreach ($variables as $variable) {
|
||||
$this->set($variable, $currentModel->{$variable});
|
||||
foreach ($variables as $alias => $variable) {
|
||||
$this->set($alias, $currentModel->{$variable});
|
||||
}
|
||||
}
|
||||
if (Configure::read('Plugin.Enrichment_services_enable')) {
|
||||
|
@ -1507,20 +1499,6 @@ class EventsController extends AppController
|
|||
}
|
||||
$this->params->params['paging'] = array($this->modelClass => $params);
|
||||
$this->set('event', $event);
|
||||
$dataForView = array(
|
||||
'Attribute' => array('attrDescriptions', 'typeDefinitions', 'categoryDefinitions', 'distributionDescriptions', 'distributionLevels'),
|
||||
'Event' => array('fieldDescriptions')
|
||||
);
|
||||
foreach ($dataForView as $m => $variables) {
|
||||
if ($m === 'Event') {
|
||||
$currentModel = $this->Event;
|
||||
} elseif ($m === 'Attribute') {
|
||||
$currentModel = $this->Event->Attribute;
|
||||
}
|
||||
foreach ($variables as $variable) {
|
||||
$this->set($variable, $currentModel->{$variable});
|
||||
}
|
||||
}
|
||||
$extensionParams = array(
|
||||
'conditions' => array(
|
||||
'Event.extends_uuid' => $event['Event']['uuid']
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit 5ccb12354dfc08ca1b3e0a430e8668bf1610b5d3
|
||||
Subproject commit 59e12788fc406ee66180f41e8a2840b841c6051a
|
|
@ -3226,7 +3226,7 @@ class Server extends AppModel
|
|||
foreach ($serverSettings as $branchKey => &$branchValue) {
|
||||
if (isset($branchValue['branch'])) {
|
||||
foreach ($branchValue as $leafKey => &$leafValue) {
|
||||
if ($leafValue['level'] == 3 && !(isset($currentSettings[$branchKey][$leafKey]))) {
|
||||
if ($leafKey !== 'branch' && $leafValue['level'] == 3 && !(isset($currentSettings[$branchKey][$leafKey]))) {
|
||||
continue;
|
||||
}
|
||||
$setting = null;
|
||||
|
|
|
@ -1 +1 @@
|
|||
<span id = "<?php echo $type?>InfoPopover" class="icon-info-sign" data-toggle="popover" data-field="<?php echo $type; ?>"></span>
|
||||
<span id="<?php echo $type?>InfoPopover" class="fas fa-info-circle" data-toggle="popover" data-field="<?php echo $type; ?>"></span>
|
||||
|
|
|
@ -17,12 +17,12 @@
|
|||
}
|
||||
}
|
||||
echo sprintf(
|
||||
'<span id = "%sInfoPopover" class="icon-info-sign" data-toggle="popover" data-trigger="hover" style="margin-left:2px;"></span>',
|
||||
' <span id="%sInfoPopover" class="fas fa-info-circle" data-toggle="popover" data-trigger="hover"></span>',
|
||||
h($field['field'])
|
||||
);
|
||||
?>
|
||||
<script type="text/javascript">
|
||||
$(document).ready(function() {
|
||||
$(function() {
|
||||
$('#<?php echo h($field['field']); ?>InfoPopover').popover({
|
||||
html: true,
|
||||
content: function() {
|
||||
|
|
|
@ -37,7 +37,7 @@
|
|||
$passwordPopover = '<span class=\"blue bold\">' . __('Length') . '</span>: ' . h($length) . '<br />';
|
||||
$passwordPopover .= '<span class=\"blue bold\">' . __('Complexity') . '</span>: ' . h($complexity);
|
||||
echo $this->Form->input('password', array(
|
||||
'label' => __('Password') . ' <span id = "PasswordPopover" class="icon-info-sign" ></span>'
|
||||
'label' => __('Password') . ' <span id="PasswordPopover" class="fas fa-info-circle"></span>'
|
||||
));
|
||||
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
|
||||
?>
|
||||
|
|
|
@ -37,7 +37,7 @@
|
|||
$passwordPopover = '<span class=\"blue bold\">' . __('Length') .'</span>: ' . h($length) . '<br />';
|
||||
$passwordPopover .= '<span class=\"blue bold\">' . __('Complexity') .'</span>: ' . h($complexity);
|
||||
echo $this->Form->input('password', array(
|
||||
'label' => __('Password') . ' <span id = "PasswordPopover" class="icon-info-sign" ></span>'
|
||||
'label' => __('Password') . ' <span id="PasswordPopover" class="fas fa-info-circle"></span>'
|
||||
));
|
||||
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
|
||||
?>
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
$passwordPopover = '<span class=\"blue bold\">Length</span>: ' . h($length) . '<br />';
|
||||
$passwordPopover .= '<span class=\"blue bold\">Complexity</span>: ' . h($complexity);
|
||||
echo $this->Form->input('password', array(
|
||||
'label' => __('Password') . ' <span id = "PasswordPopover" class="icon-info-sign" ></span>', 'autofocus'
|
||||
'label' => __('Password') . ' <span id="PasswordPopover" class="fas fa-info-circle"></span>', 'autofocus'
|
||||
));
|
||||
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
|
||||
?>
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
$passwordPopover = '<span class=\"blue bold\">' . __('Length') .'</span>: ' . h($length) . '<br />';
|
||||
$passwordPopover .= '<span class=\"blue bold\">' . __('Complexity') .'</span>: ' . h($complexity);
|
||||
echo $this->Form->input('password', array(
|
||||
'label' => __('Password') . ' <span id = "PasswordPopover" class="icon-info-sign" ></span>'
|
||||
'label' => __('Password') . ' <span id="PasswordPopover" class="fas fa-info-circle"></span>'
|
||||
));
|
||||
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
|
||||
?>
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit dee9a564606ba92c50f13b53884bceaacf6c4522
|
||||
Subproject commit 313003ed655c1c3c06734e7ed3dbb514fa1047eb
|
|
@ -1834,7 +1834,6 @@ function popoverConfirm(clicked, message, placement) {
|
|||
popoverContent += '<button id="popoverConfirmOK" class="btn btn-primary" style="margin-right: 5px;" onclick=submitPopover(this)>Yes</button>';
|
||||
popoverContent += '<button class="btn btn-inverse" style="float: right;" onclick=cancelPrompt()>Cancel</button>';
|
||||
popoverContent += '</div>';
|
||||
placement = placement === undefined ? 'auto' : placement;
|
||||
openPopover($clicked, popoverContent, undefined, placement);
|
||||
$("#popoverConfirmOK")
|
||||
.focus()
|
||||
|
|
|
@ -175,18 +175,18 @@ installCore () {
|
|||
# FIXME: Remove libfaup etc once the egg has the library baked-in
|
||||
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
|
||||
cd /tmp
|
||||
[[ ! -d "faup" ]] && $SUDO_CMD git clone git://github.com/stricaud/faup.git faup
|
||||
[[ ! -d "gtcaca" ]] && $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca
|
||||
false; while [[ $? -ne 0 ]]; do [[ ! -d "faup" ]] && ${SUDO_CMD} git clone git://github.com/stricaud/faup.git faup; done
|
||||
false; while [[ $? -ne 0 ]]; do [[ ! -d "gtcaca" ]] && ${SUDO_CMD} git clone git://github.com/stricaud/gtcaca.git gtcaca; done
|
||||
sudo chown -R ${MISP_USER}:${MISP_USER} faup gtcaca
|
||||
cd gtcaca
|
||||
$SUDO_CMD mkdir -p build
|
||||
${SUDO_CMD} mkdir -p build
|
||||
cd build
|
||||
$SUDO_CMD cmake .. && $SUDO_CMD make
|
||||
${SUDO_CMD} cmake .. && ${SUDO_CMD} make
|
||||
sudo make install
|
||||
cd ../../faup
|
||||
$SUDO_CMD mkdir -p build
|
||||
${SUDO_CMD} mkdir -p build
|
||||
cd build
|
||||
$SUDO_CMD cmake .. && $SUDO_CMD make
|
||||
${SUDO_CMD} cmake .. && ${SUDO_CMD} make
|
||||
sudo make install
|
||||
sudo ldconfig
|
||||
|
||||
|
|
|
@ -17,27 +17,33 @@ MISPvars () {
|
|||
# RHEL/CentOS
|
||||
if [[ -f "/etc/redhat-release" ]]; then
|
||||
WWW_USER='apache'
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER} "
|
||||
# Debian flavoured
|
||||
elif [[ -f "/etc/debian_version" ]]; then
|
||||
WWW_USER="www-data"
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER} "
|
||||
# OpenBSD
|
||||
elif [[ "$(uname -s)" == "OpenBSD" ]]; then
|
||||
WWW_USER="www"
|
||||
PATH_TO_MISP="/var/www/htdocs/MISP"
|
||||
SUDO_WWW="doas -u www "
|
||||
SUDO_CMD="doas "
|
||||
# NetBSD
|
||||
elif [[ "$(uname -s)" == "NetBSD" ]]; then
|
||||
WWW_USER="www"
|
||||
PATH_TO_MISP="/usr/pkg/share/httpd/htdocs/MISP"
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER} "
|
||||
else
|
||||
# I am feeling lucky
|
||||
WWW_USER="www-data"
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER} "
|
||||
fi
|
||||
|
||||
if [ -z "$FQDN" ]; then
|
||||
if [ -z "${FQDN}" ]; then
|
||||
FQDN="misp.local"
|
||||
fi
|
||||
|
||||
if [ -z "$MISP_BASEURL" ]; then
|
||||
if [ -z "${MISP_BASEURL}" ]; then
|
||||
MISP_BASEURL='""'
|
||||
fi
|
||||
|
||||
|
@ -52,13 +58,13 @@ MISPvars () {
|
|||
DBPASSWORD_MISP="$(openssl rand -hex 32)"
|
||||
|
||||
# OpenSSL configuration
|
||||
OPENSSL_CN=$FQDN
|
||||
OPENSSL_CN=${FQDN}
|
||||
OPENSSL_C='LU'
|
||||
OPENSSL_ST='State'
|
||||
OPENSSL_L='Location'
|
||||
OPENSSL_O='Organization'
|
||||
OPENSSL_OU='Organizational Unit'
|
||||
OPENSSL_EMAILADDRESS="info@$FQDN"
|
||||
OPENSSL_EMAILADDRESS="info@${FQDN}"
|
||||
|
||||
# GPG configuration
|
||||
GPG_REAL_NAME='Autogenerated Key'
|
||||
|
@ -81,7 +87,7 @@ MISPvars () {
|
|||
max_execution_time=300
|
||||
memory_limit=2048M
|
||||
|
||||
CAKE="$PATH_TO_MISP/app/Console/cake"
|
||||
CAKE="${PATH_TO_MISP}/app/Console/cake"
|
||||
|
||||
# sudo config to run $LUSER commands
|
||||
if [[ "$(groups ${MISP_USER} |grep -o 'staff')" == "staff" ]]; then
|
||||
|
@ -89,7 +95,6 @@ MISPvars () {
|
|||
else
|
||||
SUDO_CMD="sudo -H -u ${MISP_USER}"
|
||||
fi
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER} "
|
||||
|
||||
echo "The following DB Passwords were generated..."
|
||||
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
|
||||
|
|
|
@ -8,9 +8,9 @@ mail2misp () {
|
|||
debug "Installing Mail2${LBLUE}MISP${NC}"
|
||||
cd /usr/local/src/
|
||||
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
|
||||
$SUDO_CMD git clone https://github.com/MISP/mail_to_misp.git
|
||||
[[ ! -d "faup" ]] && $SUDO_CMD git clone git://github.com/stricaud/faup.git faup
|
||||
[[ ! -d "gtcaca" ]] && $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/MISP/mail_to_misp.git; done
|
||||
[[ ! -d "faup" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/faup.git faup; done
|
||||
[[ ! -d "gtcaca" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca; done
|
||||
sudo chown -R ${MISP_USER}:${MISP_USER} faup mail_to_misp gtcaca
|
||||
cd gtcaca
|
||||
$SUDO_CMD mkdir -p build
|
||||
|
|
|
@ -14,7 +14,7 @@ mispDashboard () {
|
|||
sudo yum install wget screen -y
|
||||
sudo mkdir /var/www/misp-dashboard
|
||||
sudo chown $WWW_USER:$WWW_USER /var/www/misp-dashboard
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git /var/www/misp-dashboard
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git /var/www/misp-dashboard; done
|
||||
cd /var/www/misp-dashboard
|
||||
sudo sed -i -E 's/sudo apt/#sudo apt/' install_dependencies.sh
|
||||
sudo sed -i -E 's/virtualenv -p python3 DASHENV/\/usr\/bin\/scl enable rh-python36 \"virtualenv -p python3 DASHENV\"/' install_dependencies.sh
|
||||
|
|
|
@ -16,7 +16,7 @@ mispDashboard () {
|
|||
sudo mkdir misp-dashboard
|
||||
sudo chown $WWW_USER:$WWW_USER misp-dashboard
|
||||
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git; done
|
||||
cd misp-dashboard
|
||||
sudo -H /var/www/misp-dashboard/install_dependencies.sh
|
||||
sudo sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
|
||||
|
|
|
@ -8,7 +8,7 @@ mispmodulesRHEL () {
|
|||
sudo chmod 2777 /usr/local/src
|
||||
sudo chown root:users /usr/local/src
|
||||
cd /usr/local/src/
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-modules.git
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_WWW git clone https://github.com/MISP/misp-modules.git; done
|
||||
cd misp-modules
|
||||
# pip install
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U -I -r REQUIREMENTS
|
||||
|
|
|
@ -8,9 +8,9 @@ mispmodules () {
|
|||
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
|
||||
## TODO: checkUsrLocalSrc in main doc
|
||||
debug "Cloning misp-modules"
|
||||
$SUDO_CMD git clone https://github.com/MISP/misp-modules.git
|
||||
$SUDO_CMD git clone git://github.com/stricaud/gtcaca.git
|
||||
$SUDO_CMD git clone git://github.com/stricaud/faup.git
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/MISP/misp-modules.git; done
|
||||
[[ ! -d "faup" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/faup.git faup; done
|
||||
[[ ! -d "gtcaca" ]] && false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone git://github.com/stricaud/gtcaca.git gtcaca; done
|
||||
sudo chown -R ${MISP_USER}:${MISP_USER} faup gtcaca
|
||||
# Install gtcaca
|
||||
cd gtcaca
|
||||
|
|
|
@ -18,8 +18,8 @@ viper () {
|
|||
fi
|
||||
fi
|
||||
echo "Cloning Viper"
|
||||
$SUDO_CMD git clone https://github.com/viper-framework/viper.git
|
||||
$SUDO_CMD git clone https://github.com/viper-framework/viper-web.git
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/viper-framework/viper.git; done
|
||||
false; while [[ $? -ne 0 ]]; do $SUDO_CMD git clone https://github.com/viper-framework/viper-web.git; done
|
||||
sudo chown -R $MISP_USER:$MISP_USER viper
|
||||
sudo chown -R $MISP_USER:$MISP_USER viper-web
|
||||
cd viper
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# INSTALLATION INSTRUCTIONS
|
||||
## for NetBSD 8.1-amd64
|
||||
## for NetBSD 9.0-amd64
|
||||
|
||||
!!! warning
|
||||
This is not fully working yet. Mostly it is a template for our ongoing documentation efforts :spider:
|
||||
|
@ -33,7 +33,9 @@ export AUTOCONF_VERSION=2.69
|
|||
|
||||
#### sudo & pkgin (as root)
|
||||
```bash
|
||||
su root -c "pkgin install sudo gsed"
|
||||
su root -c "cd /usr/pkgsrc/pkg tools/pkgin/; make install clean"
|
||||
su root -c "pkgin update"
|
||||
su root -c "pkgin -y install sudo gsed"
|
||||
su root -c 'gsed -i -e "s/# %wheel ALL=(ALL) NOPASSWD: ALL/%wheel ALL=(ALL) NOPASSWD: ALL/" /usr/pkg/etc/sudoers'
|
||||
```
|
||||
|
||||
|
@ -41,10 +43,11 @@ su root -c 'gsed -i -e "s/# %wheel ALL=(ALL) NOPASSWD: ALL/%wheel ALL=(ALL) NOPA
|
|||
|
||||
```bash
|
||||
cd /usr
|
||||
env CVS_RSH=ssh sudo cvs -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -P pkgsrc
|
||||
env CVS_RSH=ssh cvs -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -P pkgsrc
|
||||
cd pkgsrc/bootstrap
|
||||
sudo ./bootstrap
|
||||
sudo /usr/pkg/sbin/pkg_admin -K /var/db/pkg fetch-pkg-vulnerabilities
|
||||
./bootstrap
|
||||
cd /usr/pkgsrc/pkg tools/pkgin/; make install clean
|
||||
/usr/pkg/sbin/pkg_admin fetch-pkg-vulnerabilities
|
||||
```
|
||||
|
||||
```
|
||||
|
@ -61,56 +64,56 @@ users crontab(5) entry. For example the entry
|
|||
|
||||
#### Install bash
|
||||
```bash
|
||||
sudo pkgin install bash
|
||||
sudo pkgin -y install bash
|
||||
```
|
||||
|
||||
#### mariadb server
|
||||
```bash
|
||||
sudo pkgin install mariadb-server
|
||||
sudo pkgin -y install mysql-server
|
||||
```
|
||||
|
||||
#### Install misc dependencies
|
||||
|
||||
```bash
|
||||
sudo pkgin install curl git python36 py36-pip redis autoconf automake libtool magic
|
||||
sudo pkgin -y install curl git python37 py37-pip redis autoconf automake libtool magic
|
||||
```
|
||||
|
||||
```bash
|
||||
sudo pkgin install gnupg2
|
||||
sudo pkgin -y install gnupg2
|
||||
```
|
||||
|
||||
#### Install postfix (optional)
|
||||
|
||||
```bash
|
||||
sudo pkgin install postfix
|
||||
sudo pkgin -y install postfix
|
||||
```
|
||||
|
||||
#### vim (optional)
|
||||
```bash
|
||||
sudo pkgin install vim
|
||||
sudo pkgin -y install vim
|
||||
sudo mv /usr/bin/vi /usr/bin/vi-`date +%d%m%y`
|
||||
sudo ln -s /usr/pkg/bin/vim /usr/bin/vi
|
||||
```
|
||||
|
||||
#### misp user #REMOVE
|
||||
```bash
|
||||
sudo useradd -m -s /usr/local/bin/bash -G wheel,www misp
|
||||
```
|
||||
|
||||
#### apache + php + moz-rootcerts
|
||||
|
||||
```bash
|
||||
sudo pkgin install php ap24-php73 php73-fpm php73-redis3 php73-mysqli php73-pdo_mysql php73-pcntl php73-json php73-iconv php73-gd php73-mbstring php73-pear-Crypt_GPG
|
||||
sudo pkgin -y install php ap24-php74 php74-fpm php74-redis3 php74-mysqli php74-pdo_mysql php74-pcntl php74-json php74-iconv php74-gd php74-mbstring php74-pear-Crypt_GPG
|
||||
sudo cp /usr/share/examples/openssl/openssl.cnf /etc/openssl/
|
||||
sudo mozilla-rootcerts install
|
||||
sudo cp /usr/pkg/share/examples/rc.d/apache /etc/rc.d/
|
||||
echo apache=yes |sudo tee /etc/rc.conf.d/apache
|
||||
```
|
||||
|
||||
#### misp user
|
||||
```bash
|
||||
sudo useradd -m -s /usr/pkg/bin/bash -G wheel,www misp
|
||||
```
|
||||
|
||||
#### Install X11R7 post-install
|
||||
```bash
|
||||
cd /tmp
|
||||
wget https://ftp.netbsd.org/pub/NetBSD/NetBSD-8.1/amd64/binary/sets/xbase.tgz
|
||||
wget https://ftp.netbsd.org/pub/NetBSD/NetBSD-9.0/amd64/binary/sets/xbase.tgz
|
||||
sudo tar -C / -xzphf xbase.tgz
|
||||
rm xbase.tgz
|
||||
```
|
||||
|
@ -129,16 +132,16 @@ OPENSSL_EMAILADDRESS='info@localhost'
|
|||
```
|
||||
|
||||
```bash
|
||||
sudo openssl req -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=$OPENSSL_C/ST=$OPENSSL_ST/L=$OPENSSL_L/O=<$OPENSSL_O/OU=$OPENSSL_OU/CN=$OPENSSL_CN/emailAddress=$OPENSSL_EMAILADDRESS" -keyout /etc/openssl/private/server.key -out /usr/pkg/etc/httpd/server.crt
|
||||
sudo openssl req -sha256 -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=$OPENSSL_C/ST=$OPENSSL_ST/L=$OPENSSL_L/O=<$OPENSSL_O/OU=$OPENSSL_OU/CN=$OPENSSL_CN/emailAddress=$OPENSSL_EMAILADDRESS" -keyout /etc/openssl/private/server.key -out /usr/pkg/etc/httpd/server.crt
|
||||
```
|
||||
|
||||
#### Install Python virtualenv
|
||||
```bash
|
||||
sudo ln -sf /usr/pkg/bin/pip3.6 /usr/pkg/bin/pip
|
||||
sudo ln -s /usr/pkg/bin/python3.6 /usr/pkg/bin/python
|
||||
sudo ln -s /usr/pkg/bin/python3.6 /usr/pkg/bin/python3
|
||||
sudo pkgin install py36-virtualenv
|
||||
sudo ln -s /usr/pkg/bin/virtualenv-3.6 /usr/pkg/bin/virtualenv
|
||||
sudo ln -sf /usr/pkg/bin/pip3.7 /usr/pkg/bin/pip
|
||||
sudo ln -s /usr/pkg/bin/python3.7 /usr/pkg/bin/python
|
||||
sudo ln -s /usr/pkg/bin/python3.7 /usr/pkg/bin/python3
|
||||
sudo pkgin -y install py37-virtualenv
|
||||
sudo ln -s /usr/pkg/bin/virtualenv-3.7 /usr/pkg/bin/virtualenv
|
||||
```
|
||||
|
||||
#### Install ssdeep
|
||||
|
@ -146,11 +149,11 @@ sudo ln -s /usr/pkg/bin/virtualenv-3.6 /usr/pkg/bin/virtualenv
|
|||
sudo mkdir -p /usr/local/src
|
||||
sudo chown misp:users /usr/local/src
|
||||
cd /usr/local/src
|
||||
git clone https://github.com/ssdeep-project/ssdeep.git
|
||||
sudo -u misp git clone https://github.com/ssdeep-project/ssdeep.git
|
||||
cd ssdeep
|
||||
./bootstrap
|
||||
./configure --prefix=/usr
|
||||
make
|
||||
sudo -u misp ./bootstrap
|
||||
sudo -u misp ./configure --prefix=/usr
|
||||
sudo -u misp make
|
||||
sudo make install
|
||||
```
|
||||
|
||||
|
@ -167,10 +170,8 @@ sudo /etc/rc.d/redis start
|
|||
|
||||
#### Enable mysqld
|
||||
```bash
|
||||
sudo /usr/pkg/bin/mysql_install_db
|
||||
sudo cp /usr/pkg/share/examples/rc.d/mysqld /etc/rc.d/
|
||||
echo mysqld=yes |sudo tee /etc/rc.conf.d/mysqld
|
||||
sudo chown -R mariadb:mariadb /var/mariadb
|
||||
sudo /etc/rc.d/mysqld start
|
||||
sudo /usr/pkg/bin/mysql_secure_installation
|
||||
# TODO: Figure out how to properly bind to localhost
|
||||
|
@ -186,15 +187,15 @@ sudo mkdir $PATH_TO_MISP
|
|||
sudo chown www:www $PATH_TO_MISP
|
||||
cd $PATH_TO_MISP
|
||||
sudo -u www git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
||||
sudo -u www git submodule update --init --recursive
|
||||
sudo -u www git submodule update --progress --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
sudo -u www git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Make git ignore filesystem permission differences
|
||||
sudo -u www git config core.filemode false
|
||||
|
||||
#sudo pkgin install py-pip py3-pip libxslt py3-jsonschema
|
||||
sudo pkgin install libxslt
|
||||
#sudo pkgin -y install py-pip py3-pip libxslt py3-jsonschema
|
||||
sudo pkgin -y install libxslt
|
||||
#sudo virtualenv -ppython3 /usr/local/virtualenvs/MISP
|
||||
sudo -u www virtualenv -ppython3 $PATH_TO_MISP/venv
|
||||
sudo -u www HOME=/tmp $PATH_TO_MISP/venv/bin/pip install -U pip
|
||||
|
@ -462,7 +463,7 @@ sudo -u www bash $PATH_TO_MISP/app/Console/worker/start.sh
|
|||
#### MISP Modules
|
||||
```
|
||||
#/usr/pkgsrc/graphics/opencv2/ (needs X11)
|
||||
sudo pkgin install jpeg yara
|
||||
sudo pkgin -y install jpeg yara
|
||||
cd /usr/local/src/
|
||||
git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
|
@ -645,7 +646,7 @@ sudo -u www $CAKE Admin setSetting "Session.cookie_timeout" 3600
|
|||
|
||||
#### ZeroMQ depends on the Python client for Redis
|
||||
```bash
|
||||
sudo pkgin install zeromq
|
||||
sudo pkgin -y install zeromq
|
||||
sudo -u www HOME=/tmp $PATH_TO_MISP/venv/bin/pip install pyzmq
|
||||
```
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# INSTALLATION INSTRUCTIONS
|
||||
## for OpenBSD 6.5-amd64
|
||||
## for OpenBSD 6.7-amd64
|
||||
|
||||
!!! warning
|
||||
This is not fully working yet. Mostly it is a template for our ongoing documentation efforts :spider:
|
||||
|
@ -85,29 +85,19 @@ doas pkg_add -v mariadb-server
|
|||
|
||||
#### Install misc dependencies
|
||||
|
||||
!!! notice
|
||||
You need to install python 3.x when asked, option 2.
|
||||
autoconf wants to be version 2.69, option 16
|
||||
automake wants to be version 1.16, option 7
|
||||
|
||||
```bash
|
||||
doas pkg_add -v curl git python redis libmagic autoconf automake libtool unzip
|
||||
doas pkg_add -v curl git python--%3.7 redis libmagic autoconf--%2.69 automake--%1.16 libtool unzip--iconv
|
||||
```
|
||||
|
||||
!!! notice
|
||||
GnuPG 2.x is best, option 3.
|
||||
|
||||
```bash
|
||||
doas pkg_add -v gnupg
|
||||
doas pkg_add -v gnupg--%gnupg2
|
||||
doas ln -s /usr/local/bin/gpg2 /usr/local/bin/gpg
|
||||
```
|
||||
|
||||
#### Install postfix (optional)
|
||||
!!! notice
|
||||
When asked, the standard postfix will be enough for a basic setup, option 9.
|
||||
|
||||
```bash
|
||||
doas pkg_add -v postfix
|
||||
doas pkg_add -v postfix--%stable
|
||||
doas /usr/local/sbin/postfix-enable
|
||||
```
|
||||
|
||||
|
@ -146,21 +136,17 @@ doas cp /etc/examples/httpd.conf /etc # adjust by hand, or copy/paste the config
|
|||
```
|
||||
|
||||
```
|
||||
# $OpenBSD: httpd.conf,v 1.18 2018/03/23 11:36:41 florian Exp $
|
||||
# $OpenBSD: httpd.conf,v 1.20 2018/06/13 15:08:24 reyk Exp $
|
||||
|
||||
#
|
||||
# Macros
|
||||
#
|
||||
ext4_addr="*"
|
||||
ext6_addr="::"
|
||||
ext_addr="*"
|
||||
|
||||
server "default" {
|
||||
#listen on $ext4_addr port 80 block return 301 "https://$SERVER_NAME$REQUEST_URI"
|
||||
listen on $ext4_addr port 80
|
||||
listen on $ext4_addr tls port 443
|
||||
#listen on $ext6_addr port 80 block return 301 "https://$SERVER_NAME$REQUEST_URI"
|
||||
listen on $ext6_addr port 80
|
||||
listen on $ext6_addr tls port 443
|
||||
listen on $ext_addr port 80
|
||||
listen on $ext_addr tls port 443
|
||||
|
||||
root "/htdocs/MISP/app/webroot"
|
||||
|
||||
|
@ -242,11 +228,11 @@ doas rcctl enable httpd
|
|||
|
||||
#### Install Python virtualenv
|
||||
```bash
|
||||
doas ln -sf /usr/local/bin/pip3.6 /usr/local/bin/pip
|
||||
doas ln -s /usr/local/bin/python3.6 /usr/local/bin/python
|
||||
doas pkg_add -v py-virtualenv
|
||||
doas pkg_add -v py3-virtualenv py3-pip
|
||||
doas ln -sf /usr/local/bin/pip3.7 /usr/local/bin/pip
|
||||
doas ln -s /usr/local/bin/python3.7 /usr/local/bin/python
|
||||
doas mkdir /usr/local/virtualenvs
|
||||
doas virtualenv -ppython3 /usr/local/virtualenvs/MISP
|
||||
doas virtualenv-3 /usr/local/virtualenvs/MISP
|
||||
```
|
||||
|
||||
#### Install ssdeep
|
||||
|
@ -264,44 +250,42 @@ doas pkg_add -v fcgi-cgi fcgi
|
|||
!!! notice
|
||||
php-5.6 is marked as end-of-life starting December 2018, use php 7.0 instead.
|
||||
Option 2.
|
||||
If on OpenBSD 6.3, upgrade to 6.5 to make your life much easier.
|
||||
If on OpenBSD 6.3, upgrade to 6.7 to make your life much easier.
|
||||
|
||||
```
|
||||
doas pkg_add -v php-mysqli php-pcntl php-pdo_mysql php-apache pecl73-redis php-gd
|
||||
doas pkg_add -v php-mysqli--%7.4 php-pcntl--%7.4 php-pdo_mysql--%7.4 php-apache--%7.4 pecl74-redis php-gd--%7.4
|
||||
```
|
||||
|
||||
#### /etc/php-7.3.ini
|
||||
#### /etc/php-7.4.ini
|
||||
```
|
||||
## TODO: sed foo as .ini exists
|
||||
allow_url_fopen = On
|
||||
doas sed -i "s/^allow_url_fopen = Off/allow_url_fopen = On/g" /etc/php-7.4.ini
|
||||
```
|
||||
|
||||
```bash
|
||||
cd /etc/php-7.3
|
||||
doas cp ../php-7.3.sample/* .
|
||||
cd /etc/php-7.4
|
||||
doas cp ../php-7.4.sample/* .
|
||||
```
|
||||
|
||||
#### php symlinks
|
||||
```bash
|
||||
doas ln -s /usr/local/bin/php-7.3 /usr/local/bin/php
|
||||
doas ln -s /usr/local/bin/phpize-7.3 /usr/local/bin/phpize
|
||||
doas ln -s /usr/local/bin/php-config-7.3 /usr/local/bin/php-config
|
||||
doas ln -s /usr/local/bin/php-7.4 /usr/local/bin/php
|
||||
doas ln -s /usr/local/bin/phpize-7.4 /usr/local/bin/phpize
|
||||
doas ln -s /usr/local/bin/php-config-7.4 /usr/local/bin/php-config
|
||||
```
|
||||
|
||||
#### Enable php fpm
|
||||
```bash
|
||||
doas rcctl enable php73_fpm
|
||||
doas rcctl enable php74_fpm
|
||||
```
|
||||
|
||||
#### Configure fpm
|
||||
```
|
||||
doas vi /etc/php-fpm.conf
|
||||
|
||||
# pid = /var/www/run/php-fpm.pid
|
||||
# error_log = /var/www/logs/php-fpm.log
|
||||
doas sed -i "s/^;pid = run\/php-fpm.pid/pid = \/var\/www\/run\/php-fpm.pid/g" /etc/php-fpm.conf
|
||||
doas sed -i "s/^;error_log = log\/php-fpm.log/error_log = \/var\/www\/logs\/php-fpm.log/g" /etc/php-fpm.conf
|
||||
|
||||
doas mkdir /etc/php-fpm.d
|
||||
doas vi /etc/php-fpm.d/default.conf
|
||||
doas mkdir -p /etc/php-fpm.d
|
||||
echo ";;;;;;;;;;;;;;;;;;;;
|
||||
; Pool Definitions ;
|
||||
;;;;;;;;;;;;;;;;;;;;
|
||||
|
@ -320,7 +304,7 @@ pm.min_spare_servers = 1
|
|||
pm.max_spare_servers = 3
|
||||
chroot = /var/www" | doas tee /etc/php-fpm.d/default.conf
|
||||
|
||||
doas /etc/rc.d/php73_fpm start
|
||||
doas /etc/rc.d/php74_fpm start
|
||||
```
|
||||
|
||||
!!! notice
|
||||
|
@ -339,6 +323,7 @@ doas /usr/local/bin/mysql_install_db
|
|||
doas rcctl set mysqld status on
|
||||
doas rcctl set mysqld flags --bind-address=127.0.0.1
|
||||
doas /etc/rc.d/mysqld start
|
||||
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
|
||||
doas mysql_secure_installation
|
||||
```
|
||||
|
||||
|
@ -349,22 +334,22 @@ doas mysql_secure_installation
|
|||
doas mkdir /var/www/htdocs/MISP
|
||||
doas chown www:www /var/www/htdocs/MISP
|
||||
cd /var/www/htdocs/MISP
|
||||
doas -u www git clone https://github.com/MISP/MISP.git /var/www/htdocs/MISP
|
||||
doas -u www git submodule update --init --recursive
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MISP/MISP.git /var/www/htdocs/MISP; done
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git submodule update --progress --init --recursive; done
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
doas -u www git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Make git ignore filesystem permission differences
|
||||
doas -u www git config core.filemode false
|
||||
${SUDO_WWW} git config core.filemode false
|
||||
|
||||
doas pkg_add py-pip py3-pip libxml libxslt py3-jsonschema
|
||||
doas pkg_add -v py3-pip libxml libxslt py3-jsonschema
|
||||
doas /usr/local/virtualenvs/MISP/bin/pip install -U pip
|
||||
|
||||
cd /var/www/htdocs/MISP/app/files/scripts
|
||||
doas -u www git clone https://github.com/CybOXProject/mixbox.git
|
||||
doas -u www git clone https://github.com/CybOXProject/python-cybox.git
|
||||
doas -u www git clone https://github.com/STIXProject/python-stix.git
|
||||
doas -u www git clone https://github.com/MAECProject/python-maec.git
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git; done
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git; done
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MAECProject/python-maec.git; done
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git; done
|
||||
|
||||
cd /var/www/htdocs/MISP/app/files/scripts/python-cybox
|
||||
doas /usr/local/virtualenvs/MISP/bin/python setup.py install
|
||||
|
@ -399,15 +384,10 @@ doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/kbandla/
|
|||
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
|
||||
cd /var/www/htdocs/MISP/app
|
||||
doas mkdir /var/www/.composer ; doas chown www:www /var/www/.composer
|
||||
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
|
||||
#doas -u www php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#doas -u www php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#doas -u www env HOME=/var/www php composer-setup.php
|
||||
#doas -u www php -r "unlink('composer-setup.php');"
|
||||
doas -u www env HOME=/var/www php composer.phar install
|
||||
${SUDO_WWW} env HOME=/var/www php composer.phar install
|
||||
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
doas -u www cp -f /var/www/htdocs/MISP/INSTALL/setup/config.php /var/www/htdocs/MISP/app/Plugin/CakeResque/Config/config.php
|
||||
${SUDO_WWW} cp -f /var/www/htdocs/MISP/INSTALL/setup/config.php /var/www/htdocs/MISP/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
### 4/ Set the permissions
|
||||
|
@ -429,8 +409,11 @@ doas mysql -u root -p
|
|||
```
|
||||
|
||||
```
|
||||
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
|
||||
echo "User (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"
|
||||
|
||||
MariaDB [(none)]> create database misp;
|
||||
MariaDB [(none)]> grant usage on *.* to misp@localhost identified by 'XXXXdbpasswordhereXXXXX';
|
||||
MariaDB [(none)]> grant usage on *.* to misp@localhost identified by '${DBPASSWORD_MISP}';
|
||||
MariaDB [(none)]> grant all privileges on misp.* to misp@localhost;
|
||||
MariaDB [(none)]> flush privileges;
|
||||
MariaDB [(none)]> exit
|
||||
|
@ -438,7 +421,7 @@ MariaDB [(none)]> exit
|
|||
|
||||
```bash
|
||||
# Import the empty MISP database from MYSQL.sql
|
||||
doas -u www sh -c "mysql -u misp -p misp < /var/www/htdocs/MISP/INSTALL/MYSQL.sql"
|
||||
${SUDO_WWW} sh -c "mysql -u misp -p${DBPASSWORD_MISP} misp < /var/www/htdocs/MISP/INSTALL/MYSQL.sql"
|
||||
# enter the password you set previously
|
||||
```
|
||||
|
||||
|
@ -525,7 +508,7 @@ DirectoryIndex index.php
|
|||
```
|
||||
|
||||
```bash
|
||||
doas ln -sf /var/www/conf/modules.sample/php-7.3.conf /var/www/conf/modules/php.conf
|
||||
doas ln -sf /var/www/conf/modules.sample/php-7.4.conf /var/www/conf/modules/php.conf
|
||||
# Restart apache
|
||||
doas /etc/rc.d/apache2 restart
|
||||
```
|
||||
|
@ -539,13 +522,13 @@ doas /etc/rc.d/apache2 restart
|
|||
---------------------
|
||||
```
|
||||
# There are 4 sample configuration files in /var/www/htdocs/MISP/app/Config that need to be copied
|
||||
doas -u www cp /var/www/htdocs/MISP/app/Config/bootstrap.default.php /var/www/htdocs/MISP/app/Config/bootstrap.php
|
||||
doas -u www cp /var/www/htdocs/MISP/app/Config/database.default.php /var/www/htdocs/MISP/app/Config/database.php
|
||||
doas -u www cp /var/www/htdocs/MISP/app/Config/core.default.php /var/www/htdocs/MISP/app/Config/core.php
|
||||
doas -u www cp /var/www/htdocs/MISP/app/Config/config.default.php /var/www/htdocs/MISP/app/Config/config.php
|
||||
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/bootstrap.default.php /var/www/htdocs/MISP/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/database.default.php /var/www/htdocs/MISP/app/Config/database.php
|
||||
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/core.default.php /var/www/htdocs/MISP/app/Config/core.php
|
||||
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/config.default.php /var/www/htdocs/MISP/app/Config/config.php
|
||||
|
||||
# Configure the fields in the newly created files:
|
||||
doas -u www vi /var/www/htdocs/MISP/app/Config/database.php
|
||||
${SUDO_WWW} vi /var/www/htdocs/MISP/app/Config/database.php
|
||||
```
|
||||
```
|
||||
# DATABASE_CONFIG has to be filled
|
||||
|
@ -574,7 +557,7 @@ doas -u www vi /var/www/htdocs/MISP/app/Config/database.php
|
|||
|
||||
```
|
||||
# Change base url in config.php
|
||||
doas -u www vi /var/www/htdocs/MISP/app/Config/config.php
|
||||
${SUDO_WWW} vi /var/www/htdocs/MISP/app/Config/config.php
|
||||
# example: 'baseurl' => 'https://<your.FQDN.here>',
|
||||
# alternatively, you can leave this field empty if you would like to use relative pathing in MISP
|
||||
# 'baseurl' => '',
|
||||
|
@ -601,7 +584,7 @@ echo "%echo Generating a default key
|
|||
# Do a commit here, so that we can later print "done"
|
||||
%commit
|
||||
%echo done" > /tmp/gen-key-script
|
||||
doas -u www mkdir /var/www/htdocs/MISP/.gnupg
|
||||
${SUDO_WWW} mkdir /var/www/htdocs/MISP/.gnupg
|
||||
doas chmod 700 /var/www/htdocs/MISP/.gnupg
|
||||
doas gpg2 --homedir /var/www/htdocs/MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
|
||||
|
@ -613,7 +596,7 @@ doas sh -c "gpg2 --homedir /var/www/htdocs/MISP/.gnupg --export --armor $GPG_EMA
|
|||
doas chmod +x /var/www/htdocs/MISP/app/Console/worker/start.sh
|
||||
doas vi /etc/rc.local
|
||||
# Add the following line before the last line (exit 0). Make sure that you replace www with your apache user:
|
||||
doas -u www bash /var/www/htdocs/MISP/app/Console/worker/start.sh
|
||||
${SUDO_WWW} bash /var/www/htdocs/MISP/app/Console/worker/start.sh
|
||||
```
|
||||
|
||||
{!generic/INSTALL.done.md!}
|
||||
|
@ -623,7 +606,9 @@ doas -u www bash /var/www/htdocs/MISP/app/Console/worker/start.sh
|
|||
#### MISP Modules
|
||||
```
|
||||
doas pkg_add -v jpeg yara
|
||||
mkdir -p /usr/local/src/
|
||||
cd /usr/local/src/
|
||||
doas chown ${MISP_USER} /usr/local/src
|
||||
doas -u misp git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
# pip3 install
|
||||
|
@ -633,8 +618,8 @@ doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/VirusTot
|
|||
doas /usr/local/virtualenvs/MISP/bin/pip install wand
|
||||
##doas gem install pygments.rb
|
||||
##doas gem install asciidoctor-pdf --pre
|
||||
doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &
|
||||
echo "doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &" |doas tee -a /etc/rc.local
|
||||
${SUDO_WWW} /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &
|
||||
echo "${SUDO_WWW} /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &" |doas tee -a /etc/rc.local
|
||||
```
|
||||
|
||||
!!! notice
|
||||
|
@ -652,7 +637,11 @@ echo "doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &"
|
|||
|
||||
```bash
|
||||
doas $CAKE Live $MISP_LIVE
|
||||
AUTH_KEY=$(mysql -u misp -p misp -e "SELECT authkey FROM users;" | tail -1)
|
||||
AUTH_KEY=$(mysql -u misp -p${DBPASSWORD_MISP} misp -e "SELECT authkey FROM users;" | tail -1)
|
||||
$CAKE userInit -q
|
||||
$CAKE Admin runUpdates
|
||||
$CAKE Admin setSetting "MISP.python_bin" "/usr/local/virtualenvs/MISP/bin/python"
|
||||
|
||||
# Update the galaxies…
|
||||
doas $CAKE Admin updateGalaxies
|
||||
|
||||
|
@ -663,12 +652,10 @@ doas $CAKE Admin updateTaxonomies
|
|||
doas $CAKE Admin updateWarningLists
|
||||
|
||||
# Updating the notice lists…
|
||||
## doas $CAKE Admin updateNoticeLists
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/noticelists/update
|
||||
doas $CAKE Admin updateNoticeLists
|
||||
|
||||
# Updating the object templates…
|
||||
##doas $CAKE Admin updateObjectTemplates
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/objectTemplates/update
|
||||
doas $CAKE Admin updateObjectTemplates "1337"
|
||||
|
||||
# Tune global time outs
|
||||
doas $CAKE Admin setSetting "Session.autoRegenerate" 0
|
||||
|
@ -677,7 +664,7 @@ doas $CAKE Admin setSetting "Session.cookie_timeout" 3600
|
|||
|
||||
# Enable GnuPG
|
||||
doas $CAKE Admin setSetting "GnuPG.email" "admin@admin.test"
|
||||
doas $CAKE Admin setSetting "GnuPG.homedir" "$PATH_TO_MISP/.gnupg"
|
||||
doas $CAKE Admin setSetting "GnuPG.homedir" "${PATH_TO_MISP}/.gnupg"
|
||||
doas $CAKE Admin setSetting "GnuPG.password" "Password1234"
|
||||
|
||||
# Enable Enrichment set better timeouts
|
||||
|
@ -852,7 +839,7 @@ doas /usr/local/virtualenvs/MISP/bin/pip install pyzmq
|
|||
cd /var/www
|
||||
doas mkdir misp-dashboard
|
||||
doas chown www:www misp-dashboard
|
||||
doas -u www git clone https://github.com/MISP/misp-dashboard.git
|
||||
${SUDO_WWW} git clone https://github.com/MISP/misp-dashboard.git
|
||||
cd misp-dashboard
|
||||
#/!\ Made on Linux, the next script will fail
|
||||
#doas /var/www/misp-dashboard/install_dependencies.sh
|
||||
|
@ -860,7 +847,7 @@ doas virtualenv -ppython3 /usr/local/virtualenvs/DASHENV
|
|||
doas /usr/local/virtualenvs/DASHENV/bin/pip install -U pip argparse redis zmq geoip2 flask phonenumbers pycountry
|
||||
|
||||
doas sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
|
||||
doas sed -i -e '$i \doas -u www bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
|
||||
doas sed -i -e '$i \${SUDO_WWW} bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
|
||||
#/!\ Add port 8001 as a listener
|
||||
#doas sed -i '/Listen 80/a Listen 0.0.0.0:8001' /etc/apache2/ports.conf
|
||||
doas pkg_add -v ap2-mod_wsgi
|
||||
|
@ -906,7 +893,7 @@ echo "<VirtualHost *:8001>
|
|||
doas ln -s /etc/apache2/sites-available/misp-dashboard.conf /etc/apache2/sites-enabled/misp-dashboard.conf
|
||||
```
|
||||
|
||||
Add this to /etc/httpd2.conf
|
||||
Add this to /etc/httpd.conf
|
||||
```
|
||||
LoadModule wsgi_module /usr/local/lib/apache2/mod_wsgi.so
|
||||
Listen 8001
|
||||
|
|
|
@ -129,62 +129,62 @@ sudo service redis start
|
|||
------------
|
||||
```bash
|
||||
# Download MISP using git in the /var/www/ directory.
|
||||
sudo mkdir $PATH_TO_MISP
|
||||
sudo chown apache:apache $PATH_TO_MISP
|
||||
sudo mkdir ${PATH_TO_MISP}
|
||||
sudo chown apache:apache ${PATH_TO_MISP}
|
||||
cd /var/www
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git
|
||||
cd $PATH_TO_MISP
|
||||
##$SUDO_WWW git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
${SUDO_WWW} git clone https://github.com/MISP/MISP.git
|
||||
cd ${PATH_TO_MISP}
|
||||
##${SUDO_WWW} git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
# if the last shortcut doesn't work, specify the latest version manually
|
||||
# example: git checkout tags/v2.4.XY
|
||||
# the message regarding a "detached HEAD state" is expected behaviour
|
||||
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
|
||||
|
||||
# Fetch submodules
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
${SUDO_WWW} git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Create a python3 virtualenv
|
||||
$SUDO_WWW $RUN_PYTHON "virtualenv -p python3 $PATH_TO_MISP/venv"
|
||||
${SUDO_WWW} $RUN_PYTHON "virtualenv -p python3 ${PATH_TO_MISP}/venv"
|
||||
sudo mkdir /var/www/.cache
|
||||
sudo chown apache:apache /var/www/.cache
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U pip setuptools
|
||||
|
||||
# install Mitre's STIX and its dependencies by running the following commands:
|
||||
sudo yum install python-importlib python-lxml python-dateutil python-six -y
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
|
||||
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
|
||||
UMASK=$(umask)
|
||||
umask 0022
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install maec
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U maec
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U maec
|
||||
|
||||
# install zmq
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U zmq
|
||||
|
||||
# install redis
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U redis
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U redis
|
||||
|
||||
# lief needs manual compilation
|
||||
sudo yum install devtoolset-7 cmake3 -y
|
||||
|
||||
sudo yum install http://opensource.wandisco.com/centos/6/git/x86_64/wandisco-git-release-6-1.noarch.rpm
|
||||
sudo yum install git -y
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
cd $PATH_TO_MISP/app/files/scripts/lief
|
||||
$SUDO_WWW mkdir build
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/lief
|
||||
${SUDO_WWW} mkdir build
|
||||
cd build
|
||||
$SUDO_WWW scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
|
||||
${SUDO_WWW} scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
|
||||
-DLIEF_PYTHON_API=on \
|
||||
-DLIEF_DOC=off \
|
||||
-DCMAKE_INSTALL_PREFIX=$LIEF_INSTALL \
|
||||
|
@ -192,30 +192,30 @@ $SUDO_WWW scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
|
|||
-DPYTHON_VERSION=3.6 \
|
||||
-DPYTHON_EXECUTABLE=/var/www/MISP/venv/bin/python \
|
||||
.."'
|
||||
$SUDO_WWW make -j3
|
||||
${SUDO_WWW} make -j3
|
||||
sudo make install
|
||||
cd api/python/lief_pybind11-prefix/src/lief_pybind11
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/python setup.py install
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/python setup.py install
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
|
||||
# install magic, pydeep
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U python-magic
|
||||
## pydeep does not compile ):
|
||||
## git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# install mixbox to accommodate the new STIX dependencies:
|
||||
cd $PATH_TO_MISP/app/files/scripts/
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install STIX2.0 library to support STIX 2.0 export:
|
||||
cd $PATH_TO_MISP/cti-python-stix2
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/cti-python-stix2
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# FIXME: Remove libfaup etc once the egg has the library baked-in
|
||||
# BROKEN: This needs to be tested on RHEL/CentOS
|
||||
|
@ -254,17 +254,17 @@ sudo service rh-php70-php-fpm restart
|
|||
#### CakePHP is now included as a submodule of MISP and has been fetch by a previous step.
|
||||
#### Install CakeResque along with its dependencies if you intend to use the built in background jobs.
|
||||
```bash
|
||||
sudo chown -R apache:apache $PATH_TO_MISP
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}
|
||||
sudo mkdir /var/www/.composer/
|
||||
sudo chown apache:apache /var/www/.composer/
|
||||
cd $PATH_TO_MISP/app
|
||||
cd ${PATH_TO_MISP}/app
|
||||
# Update composer.phar (optional)
|
||||
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#$SUDO_WWW $RUN_PHP "php composer-setup.php"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "unlink('composer-setup.php');"
|
||||
$SUDO_WWW $RUN_PHP "php composer.phar install"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#${SUDO_WWW} $RUN_PHP "php composer-setup.php"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "unlink('composer-setup.php');"
|
||||
${SUDO_WWW} $RUN_PHP "php composer.phar install"
|
||||
|
||||
sudo yum install php-redis -y
|
||||
sudo service rh-php70-php-fpm restart
|
||||
|
@ -284,30 +284,30 @@ do
|
|||
done
|
||||
sudo service rh-php70-php-fpm restart
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
sudo cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
sudo cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
### 5/ Set the permissions
|
||||
----------------------
|
||||
```bash
|
||||
# Make sure the permissions are set correctly using the following commands as root:
|
||||
sudo chown -R apache:apache $PATH_TO_MISP
|
||||
sudo find $PATH_TO_MISP -type d -exec chmod g=rx {} \;
|
||||
sudo chmod -R g+r,o= $PATH_TO_MISP
|
||||
sudo chmod -R 750 $PATH_TO_MISP
|
||||
sudo chmod -R g+xws $PATH_TO_MISP/app/tmp
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chmod -R g+rw $PATH_TO_MISP/venv
|
||||
sudo chmod -R g+rw $PATH_TO_MISP/.git
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/files
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/files/terms
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/Plugin/CakeResque/tmp
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/Config
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/tmp
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/webroot/img/orgs
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/app/webroot/img/custom
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}
|
||||
sudo find ${PATH_TO_MISP} -type d -exec chmod g=rx {} \;
|
||||
sudo chmod -R g+r,o= ${PATH_TO_MISP}
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}
|
||||
sudo chmod -R g+xws ${PATH_TO_MISP}/app/tmp
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
sudo chmod -R g+rw ${PATH_TO_MISP}/venv
|
||||
sudo chmod -R g+rw ${PATH_TO_MISP}/.git
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/files
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/files/terms
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/Plugin/CakeResque/tmp
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}/app/Config
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}/app/tmp
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}/app/webroot/img/orgs
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}/app/webroot/img/custom
|
||||
```
|
||||
|
||||
### 6/ Create a database and user
|
||||
|
@ -378,7 +378,7 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
|||
|
||||
#### Import the empty MySQL database from MYSQL.sql
|
||||
```bash
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
|
||||
|
@ -394,10 +394,10 @@ $SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSW
|
|||
If it is disabled, you can ignore the **chcon/setsebool/semanage/checkmodule/semodule*** commands.
|
||||
|
||||
```bash
|
||||
# Now configure your apache server with the DocumentRoot $PATH_TO_MISP/app/webroot/
|
||||
# A sample vhost can be found in $PATH_TO_MISP/INSTALL/old/apache.misp.centos6
|
||||
# Now configure your apache server with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
|
||||
# A sample vhost can be found in ${PATH_TO_MISP}/INSTALL/old/apache.misp.centos6
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/old/apache.misp.centos6 /etc/httpd/conf.d/misp.conf
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/old/apache.misp.centos6 /etc/httpd/conf.d/misp.conf
|
||||
|
||||
# Allow httpd to connect to the redis server and php-fpm over tcp/ip
|
||||
sudo setsebool -P httpd_can_network_connect on
|
||||
|
@ -427,20 +427,20 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
|
|||
### 8/ Log rotation
|
||||
---------------
|
||||
```bash
|
||||
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
|
||||
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo chmod 0640 /etc/logrotate.d/misp
|
||||
|
||||
# Now make logrotate work under SELinux as well
|
||||
# Allow logrotate to modify the log files
|
||||
sudo semanage fcontext -a -t httpd_log_t "$PATH_TO_MISP/app/tmp/logs(/.*)?"
|
||||
sudo chcon -R -t httpd_log_t $PATH_TO_MISP/app/tmp/logs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp/logs
|
||||
sudo semanage fcontext -a -t httpd_log_t "${PATH_TO_MISP}/app/tmp/logs(/.*)?"
|
||||
sudo chcon -R -t httpd_log_t ${PATH_TO_MISP}/app/tmp/logs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/tmp/logs
|
||||
|
||||
# Allow logrotate to read /var/www
|
||||
sudo checkmodule -M -m -o /tmp/misplogrotate.mod $PATH_TO_MISP/INSTALL/misplogrotate.te
|
||||
sudo checkmodule -M -m -o /tmp/misplogrotate.mod ${PATH_TO_MISP}/INSTALL/misplogrotate.te
|
||||
sudo semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
|
||||
sudo semodule -i /tmp/misplogrotate.pp
|
||||
```
|
||||
|
@ -448,11 +448,11 @@ sudo semodule -i /tmp/misplogrotate.pp
|
|||
### 9/ MISP configuration
|
||||
---------------------
|
||||
```bash
|
||||
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
echo "<?php
|
||||
class DATABASE_CONFIG {
|
||||
|
@ -469,7 +469,7 @@ class DATABASE_CONFIG {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
|
||||
|
||||
# Configure the fields in the newly created files:
|
||||
# config.php : baseurl (example: 'baseurl' => 'http://misp',) - don't use "localhost" it causes issues when browsing externally
|
||||
|
@ -491,14 +491,14 @@ class DATABASE_CONFIG {
|
|||
# );
|
||||
#}
|
||||
|
||||
# Important! Change the salt key in $PATH_TO_MISP/app/Config/config.php
|
||||
# Important! Change the salt key in ${PATH_TO_MISP}/app/Config/config.php
|
||||
# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
|
||||
# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
|
||||
# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
|
||||
|
||||
# If you want to be able to change configuration parameters from the webinterface:
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/Config/config.php
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config/config.php
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/Config/config.php
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
# Generate a GPG encryption key.
|
||||
cat >/tmp/gen-key-script <<EOF
|
||||
|
@ -516,17 +516,17 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
sudo gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
sudo rm -f /tmp/gen-key-script
|
||||
sudo chown -R apache:apache $PATH_TO_MISP/.gnupg
|
||||
sudo chown -R apache:apache ${PATH_TO_MISP}/.gnupg
|
||||
|
||||
# And export the public key to the webroot
|
||||
sudo gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sudo chown apache:apache $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
sudo chown apache:apache ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
# Start the workers to enable background jobs
|
||||
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
$SUDO_WWW $RUN_PHP $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
${SUDO_WWW} $RUN_PHP ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
|
||||
if [ ! -e /etc/rc.local ]
|
||||
then
|
||||
|
@ -551,21 +551,21 @@ sudo yum install -y openjpeg-devel
|
|||
sudo chmod 2777 /usr/local/src
|
||||
sudo chown root:users /usr/local/src
|
||||
cd /usr/local/src/
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-modules.git
|
||||
${SUDO_WWW} git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
# pip install
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
|
||||
# The following fails
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
sudo yum install rubygem-rouge rubygem-asciidoctor -y
|
||||
##sudo gem install asciidoctor-pdf --pre
|
||||
|
||||
# install additional dependencies for extended object generation and extraction
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# Start misp-modules
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
sudo sed -i -e '$i \sudo -u apache /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
|
||||
|
|
|
@ -43,7 +43,7 @@ Make sure you are reading the parsed version of this Document. When in doubt [cl
|
|||
# <snippet-begin 0_RHEL_PHP_INI.sh>
|
||||
# RHEL/CentOS Specific
|
||||
WWW_USER="apache"
|
||||
SUDO_WWW="sudo -H -u $WWW_USER"
|
||||
SUDO_WWW="sudo -H -u ${WWW_USER}"
|
||||
|
||||
RUN_PHP='/usr/bin/scl enable rh-php72'
|
||||
PHP_INI=/etc/opt/rh/rh-php72/php.ini
|
||||
|
@ -118,91 +118,91 @@ sudo systemctl enable --now redis.service
|
|||
```bash
|
||||
# Download MISP using git in the /var/www/ directory.
|
||||
PATH_TO_MISP="/var/www/MISP"
|
||||
sudo mkdir -p $(dirname $PATH_TO_MISP)
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ($dirname $PATH_TO_MISP)
|
||||
cd $(dirname $PATH_TO_MISP)
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git
|
||||
cd $PATH_TO_MISP
|
||||
##$SUDO_WWW git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
sudo mkdir -p $(dirname ${PATH_TO_MISP})
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ($dirname ${PATH_TO_MISP})
|
||||
cd $(dirname ${PATH_TO_MISP})
|
||||
${SUDO_WWW} git clone https://github.com/MISP/MISP.git
|
||||
cd ${PATH_TO_MISP}
|
||||
##${SUDO_WWW} git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
# if the last shortcut doesn't work, specify the latest version manually
|
||||
# example: git checkout tags/v2.4.XY
|
||||
# the message regarding a "detached HEAD state" is expected behaviour
|
||||
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
|
||||
|
||||
# Fetch submodules
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
${SUDO_WWW} git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
# Make git ignore filesystem permission differences
|
||||
$SUDO_WWW git config core.filemode false
|
||||
${SUDO_WWW} git config core.filemode false
|
||||
|
||||
# Create a python3 virtualenv
|
||||
sudo pip3 install virtualenv
|
||||
$SUDO_WWW python3 "virtualenv -p python3 $PATH_TO_MISP/venv"
|
||||
${SUDO_WWW} python3 "virtualenv -p python3 ${PATH_TO_MISP}/venv"
|
||||
sudo mkdir /usr/share/httpd/.cache
|
||||
sudo chown ${WWW_USER}:${WWW_USER} /usr/share/httpd/.cache
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U pip setuptools
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U pip setuptools
|
||||
|
||||
# install Mitre's STIX and its dependencies by running the following commands:
|
||||
##sudo yum install python-importlib python-lxml python-dateutil python-six -y
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
$SUDO_WWW git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
|
||||
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
|
||||
${SUDO_WWW} git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
|
||||
UMASK=$(umask)
|
||||
umask 0022
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install maec
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U maec
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U maec
|
||||
|
||||
# install zmq
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U zmq
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U zmq
|
||||
|
||||
# install redis
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U redis
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U redis
|
||||
|
||||
# lief needs manual compilation
|
||||
sudo yum install devtoolset-7 cmake3 -y
|
||||
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
cd $PATH_TO_MISP/app/files/scripts/lief
|
||||
$SUDO_WWW mkdir build
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/lief
|
||||
${SUDO_WWW} mkdir build
|
||||
cd build
|
||||
$SUDO_WWW scl enable devtoolset-7 'bash -c "cmake3 \
|
||||
${SUDO_WWW} scl enable devtoolset-7 'bash -c "cmake3 \
|
||||
-DLIEF_PYTHON_API=on \
|
||||
-DLIEF_DOC=off \
|
||||
-DCMAKE_INSTALL_PREFIX=$LIEF_INSTALL \
|
||||
-DCMAKE_BUILD_TYPE=Release \
|
||||
-DPYTHON_VERSION=3.6 \
|
||||
-DPYTHON_EXECUTABLE=$PATH_TO_MISP/venv/bin/python \
|
||||
-DPYTHON_EXECUTABLE=${PATH_TO_MISP}/venv/bin/python \
|
||||
.."'
|
||||
$SUDO_WWW make -j3
|
||||
${SUDO_WWW} make -j3
|
||||
sudo make install
|
||||
cd api/python/lief_pybind11-prefix/src/lief_pybind11
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/python setup.py install
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/python setup.py install
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
|
||||
# install magic, pydeep
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U python-magic git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install STIX2.0 library to support STIX 2.0 export:
|
||||
cd $PATH_TO_MISP/cti-python-stix2
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/cti-python-stix2
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# FIXME: Remove libfaup etc once the egg has the library baked-in
|
||||
# BROKEN: This needs to be tested on RHEL/CentOS
|
||||
|
@ -237,17 +237,17 @@ umask $UMASK
|
|||
#### CakePHP is now included as a submodule of MISP and has been fetch by a previous step.
|
||||
#### Install CakeResque along with its dependencies if you intend to use the built in background jobs.
|
||||
```bash
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
sudo mkdir /usr/share/httpd/.composer
|
||||
sudo chown ${WWW_USER}:${WWW_USER} /usr/share/httpd/.composer
|
||||
cd $PATH_TO_MISP/app
|
||||
cd ${PATH_TO_MISP}/app
|
||||
# Update composer.phar (optional)
|
||||
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#$SUDO_WWW $RUN_PHP "php composer-setup.php"
|
||||
#$SUDO_WWW $RUN_PHP -- php -r "unlink('composer-setup.php');"
|
||||
$SUDO_WWW $RUN_PHP "php composer.phar install"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#${SUDO_WWW} $RUN_PHP "php composer-setup.php"
|
||||
#${SUDO_WWW} $RUN_PHP -- php -r "unlink('composer-setup.php');"
|
||||
${SUDO_WWW} $RUN_PHP "php composer.phar install"
|
||||
|
||||
sudo yum install php-redis -y
|
||||
sudo systemctl restart rh-php72-php-fpm.service
|
||||
|
@ -267,30 +267,30 @@ done
|
|||
sudo systemctl restart rh-php72-php-fpm.service
|
||||
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
sudo cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
sudo cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
### 5/ Set the permissions
|
||||
----------------------
|
||||
```bash
|
||||
# Make sure the permissions are set correctly using the following commands as root:
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP
|
||||
sudo find $PATH_TO_MISP -type d -exec chmod g=rx {} \;
|
||||
sudo chmod -R g+r,o= $PATH_TO_MISP
|
||||
sudo chmod -R 750 $PATH_TO_MISP
|
||||
sudo chmod -R g+xws $PATH_TO_MISP/app/tmp
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chmod -R g+rw $PATH_TO_MISP/venv
|
||||
sudo chmod -R g+rw $PATH_TO_MISP/.git
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/files
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/files/terms
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/Plugin/CakeResque/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/Config
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/webroot/img/orgs
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/webroot/img/custom
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
sudo find ${PATH_TO_MISP} -type d -exec chmod g=rx {} \;
|
||||
sudo chmod -R g+r,o= ${PATH_TO_MISP}
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}
|
||||
sudo chmod -R g+xws ${PATH_TO_MISP}/app/tmp
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
sudo chmod -R g+rw ${PATH_TO_MISP}/venv
|
||||
sudo chmod -R g+rw ${PATH_TO_MISP}/.git
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/files
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/files/terms
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Plugin/CakeResque/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/webroot/img/orgs
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/webroot/img/custom
|
||||
```
|
||||
|
||||
### 6/ Create a database and user
|
||||
|
@ -360,7 +360,7 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
|||
|
||||
#### Import the empty MySQL database from MYSQL.sql
|
||||
```bash
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
|
||||
|
@ -376,10 +376,10 @@ $SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSW
|
|||
If it is disabled, you can ignore the **chcon/setsebool/semanage/checkmodule/semodule*** commands.
|
||||
|
||||
```bash
|
||||
# Now configure your apache server with the DocumentRoot $PATH_TO_MISP/app/webroot/
|
||||
# A sample vhost can be found in $PATH_TO_MISP/INSTALL/apache.misp.centos7
|
||||
# Now configure your apache server with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
|
||||
# A sample vhost can be found in ${PATH_TO_MISP}/INSTALL/apache.misp.centos7
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/apache.misp.centos7.ssl /etc/httpd/conf.d/misp.ssl.conf
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/apache.misp.centos7.ssl /etc/httpd/conf.d/misp.ssl.conf
|
||||
sudo rm /etc/httpd/conf.d/ssl.conf
|
||||
sudo chmod 644 /etc/httpd/conf.d/misp.ssl.conf
|
||||
sudo sed -i '/Listen 80/a Listen 443' /etc/httpd/conf/httpd.conf
|
||||
|
@ -399,27 +399,27 @@ cat /etc/pki/tls/certs/dhparam.pem |sudo tee -a /etc/pki/tls/certs/misp.local.cr
|
|||
sudo systemctl restart httpd.service
|
||||
|
||||
# Since SELinux is enabled, we need to allow httpd to write to certain directories
|
||||
sudo chcon -t bin_t $PATH_TO_MISP/venv/bin/*
|
||||
find $PATH_TO_MISP/venv -type f -name "*.so*" -or -name "*.so.*" | xargs sudo chcon -t lib_t
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/terms
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Plugin/CakeResque/tmp
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Console/cake
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Console/worker/*.sh
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/*.py
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/*/*.py
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/files/scripts/lief/build/api/python/lief.so
|
||||
sudo chcon -t httpd_sys_script_exec_t $PATH_TO_MISP/app/Vendor/pear/crypt_gpg/scripts/crypt-gpg-pinentry
|
||||
sudo chcon -t bin_t ${PATH_TO_MISP}/venv/bin/*
|
||||
find ${PATH_TO_MISP}/venv -type f -name "*.so*" -or -name "*.so.*" | xargs sudo chcon -t lib_t
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files/terms
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Plugin/CakeResque/tmp
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/Console/cake
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/Console/worker/*.sh
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/files/scripts/*.py
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/files/scripts/*/*.py
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/files/scripts/lief/build/api/python/lief.so
|
||||
sudo chcon -t httpd_sys_script_exec_t ${PATH_TO_MISP}/app/Vendor/pear/crypt_gpg/scripts/crypt-gpg-pinentry
|
||||
# Only run these if you want to be able to update MISP from the web interface
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/.git
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Lib
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/webroot/img/orgs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/webroot/img/custom
|
||||
sudo chcon -R -t httpd_sys_rw_content_t $PATH_TO_MISP/app/files/scripts/mispzmq
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/.git
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Lib
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Config
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/tmp
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/webroot/img/orgs
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/webroot/img/custom
|
||||
sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/files/scripts/mispzmq
|
||||
```
|
||||
|
||||
!!! warning
|
||||
|
@ -448,19 +448,19 @@ sudo firewall-cmd --reload
|
|||
### 8/ Log rotation
|
||||
---------------
|
||||
```bash
|
||||
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
|
||||
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo chmod 0640 /etc/logrotate.d/misp
|
||||
|
||||
# Now make logrotate work under SELinux as well
|
||||
# Allow logrotate to modify the log files
|
||||
sudo semanage fcontext -a -t httpd_log_t "$PATH_TO_MISP/app/tmp/logs(/.*)?"
|
||||
sudo chcon -R -t httpd_log_t $PATH_TO_MISP/app/tmp/logs
|
||||
sudo semanage fcontext -a -t httpd_log_t "${PATH_TO_MISP}/app/tmp/logs(/.*)?"
|
||||
sudo chcon -R -t httpd_log_t ${PATH_TO_MISP}/app/tmp/logs
|
||||
|
||||
# Allow logrotate to read /var/www
|
||||
sudo checkmodule -M -m -o /tmp/misplogrotate.mod $PATH_TO_MISP/INSTALL/misplogrotate.te
|
||||
sudo checkmodule -M -m -o /tmp/misplogrotate.mod ${PATH_TO_MISP}/INSTALL/misplogrotate.te
|
||||
sudo semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
|
||||
sudo semodule -i /tmp/misplogrotate.pp
|
||||
```
|
||||
|
@ -468,11 +468,11 @@ sudo semodule -i /tmp/misplogrotate.pp
|
|||
### 9/ MISP configuration
|
||||
---------------------
|
||||
```bash
|
||||
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
echo "<?php
|
||||
class DATABASE_CONFIG {
|
||||
|
@ -489,7 +489,7 @@ class DATABASE_CONFIG {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
|
||||
|
||||
# Configure the fields in the newly created files:
|
||||
# config.php : baseurl (example: 'baseurl' => 'http://misp',) - don't use "localhost" it causes issues when browsing externally
|
||||
|
@ -511,14 +511,14 @@ class DATABASE_CONFIG {
|
|||
# );
|
||||
#}
|
||||
|
||||
# Important! Change the salt key in $PATH_TO_MISP/app/Config/config.php
|
||||
# Important! Change the salt key in ${PATH_TO_MISP}/app/Config/config.php
|
||||
# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
|
||||
# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
|
||||
# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
|
||||
|
||||
# If you want to be able to change configuration parameters from the webinterface:
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/Config/config.php
|
||||
sudo chcon -t httpd_sys_rw_content_t $PATH_TO_MISP/app/Config/config.php
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config/config.php
|
||||
sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
# Generate a GPG encryption key.
|
||||
cat >/tmp/gen-key-script <<EOF
|
||||
|
@ -536,17 +536,17 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
sudo gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
sudo rm -f /tmp/gen-key-script
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/.gnupg
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/.gnupg
|
||||
|
||||
# And export the public key to the webroot
|
||||
sudo gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sudo chown ${WWW_USER}:${WWW_USER} $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sudo gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS |sudo tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
# Start the workers to enable background jobs
|
||||
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
$SUDO_WWW $RUN_PHP $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
${SUDO_WWW} $RUN_PHP ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
|
||||
if [ ! -e /etc/rc.local ]
|
||||
then
|
||||
|
@ -556,7 +556,7 @@ then
|
|||
fi
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
sudo sed -i -e '$i \su -s /bin/bash apache -c "scl enable rh-php72 $PATH_TO_MISP/app/Console/worker/start.sh" > /tmp/worker_start_rc.local.log\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \su -s /bin/bash apache -c "scl enable rh-php72 ${PATH_TO_MISP}/app/Console/worker/start.sh" > /tmp/worker_start_rc.local.log\n' /etc/rc.local
|
||||
# Make sure it will execute
|
||||
sudo chmod +x /etc/rc.local
|
||||
|
||||
|
@ -571,23 +571,23 @@ sudo yum install openjpeg-devel -y
|
|||
sudo chmod 2777 /usr/local/src
|
||||
sudo chown root:users /usr/local/src
|
||||
cd /usr/local/src/
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-modules.git
|
||||
${SUDO_WWW} git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
# pip install
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
sudo yum install rubygem-rouge rubygem-asciidoctor -y
|
||||
##sudo gem install asciidoctor-pdf --pre
|
||||
|
||||
# install additional dependencies for extended object generation and extraction
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# Start misp-modules
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
|
||||
|
||||
# TODO: Fix static path with PATH_TO_MISP
|
||||
sudo sed -i -e '$i \sudo -u apache $PATH_TO_MISP/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sudo -u apache ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
|
||||
```
|
||||
|
||||
{!generic/misp-dashboard-centos.md!}
|
||||
|
|
|
@ -28,11 +28,11 @@ PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
|
|||
|
||||
{!generic/ethX.md!}
|
||||
|
||||
#### Add $MISP_USER to staff and $WWW_USER
|
||||
#### Add $MISP_USER to staff and ${WWW_USER}
|
||||
|
||||
```bash
|
||||
sudo adduser $MISP_USER staff
|
||||
sudo adduser $MISP_USER $WWW_USER
|
||||
sudo adduser $MISP_USER ${WWW_USER}
|
||||
```
|
||||
|
||||
#### Make sure your system is up2date and curl installed
|
||||
|
@ -122,45 +122,45 @@ sudo systemctl restart apache2
|
|||
------------
|
||||
```bash
|
||||
# Download MISP using git in the /var/www/ directory.
|
||||
sudo mkdir $PATH_TO_MISP
|
||||
sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP
|
||||
cd $PATH_TO_MISP
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
sudo mkdir ${PATH_TO_MISP}
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
cd ${PATH_TO_MISP}
|
||||
${SUDO_WWW} git clone https://github.com/MISP/MISP.git ${PATH_TO_MISP}
|
||||
${SUDO_WWW} git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Make git ignore filesystem permission differences
|
||||
$SUDO_WWW git config core.filemode false
|
||||
${SUDO_WWW} git config core.filemode false
|
||||
|
||||
# Create a python3 virtualenv
|
||||
$SUDO_WWW virtualenv -p python3 ${PATH_TO_MISP}/venv
|
||||
${SUDO_WWW} virtualenv -p python3 ${PATH_TO_MISP}/venv
|
||||
|
||||
# make pip happy
|
||||
sudo mkdir /var/www/.cache/
|
||||
sudo chown $WWW_USER:$WWW_USER /var/www/.cache
|
||||
sudo chown ${WWW_USER}:${WWW_USER} /var/www/.cache
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
$SUDO_WWW git clone https://github.com/MAECProject/python-maec.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
|
||||
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
|
||||
${SUDO_WWW} git clone https://github.com/MAECProject/python-maec.git
|
||||
# install mixbox to accommodate the new STIX dependencies:
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-maec
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-maec
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
# install STIX2.0 library to support STIX 2.0 export:
|
||||
cd ${PATH_TO_MISP}/cti-python-stix2
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
# FIXME: Remove libfaup etc once the egg has the library baked-in
|
||||
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
|
||||
cd /tmp
|
||||
|
@ -180,19 +180,19 @@ sudo make install
|
|||
sudo ldconfig
|
||||
|
||||
# install pydeep
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# install lief
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
|
||||
# install zmq needed by mispzmq
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install zmq redis
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq redis
|
||||
|
||||
# install python-magic
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install python-magic
|
||||
|
||||
# install plyara
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
```
|
||||
|
||||
### 4/ CakePHP
|
||||
|
@ -206,24 +206,24 @@ $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
|||
|
||||
```bash
|
||||
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
|
||||
cd $PATH_TO_MISP/app
|
||||
cd ${PATH_TO_MISP}/app
|
||||
# Make composer cache happy
|
||||
sudo mkdir /var/www/.composer ; sudo chown $WWW_USER:$WWW_USER /var/www/.composer
|
||||
sudo mkdir /var/www/.composer ; sudo chown ${WWW_USER}:${WWW_USER} /var/www/.composer
|
||||
# Update composer.phar
|
||||
#$SUDO_WWW php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#$SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === 'baf1608c33254d00611ac1705c1d9958c817a1a33bce370c0595974b342601bd80b92a3f46067da89e3b06bff421f182') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#$SUDO_WWW php composer-setup.php
|
||||
#$SUDO_WWW php -r "unlink('composer-setup.php');"
|
||||
$SUDO_WWW php composer.phar install
|
||||
#${SUDO_WWW} php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
#${SUDO_WWW} php -r "if (hash_file('SHA384', 'composer-setup.php') === 'baf1608c33254d00611ac1705c1d9958c817a1a33bce370c0595974b342601bd80b92a3f46067da89e3b06bff421f182') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
#${SUDO_WWW} php composer-setup.php
|
||||
#${SUDO_WWW} php -r "unlink('composer-setup.php');"
|
||||
${SUDO_WWW} php composer.phar install
|
||||
# The following is potentially not needed, but just here in case of Keyboard/Chair failures
|
||||
$SUDO_WWW php composer.phar update
|
||||
${SUDO_WWW} php composer.phar update
|
||||
|
||||
# Enable CakeResque with php-redis
|
||||
sudo phpenmod redis
|
||||
sudo phpenmod gnupg
|
||||
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
$SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
|
||||
|
@ -232,11 +232,11 @@ $SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin
|
|||
|
||||
```bash
|
||||
# Check if the permissions are set correctly using the following commands:
|
||||
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP
|
||||
sudo chmod -R 750 $PATH_TO_MISP
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/tmp
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
```
|
||||
|
||||
|
||||
|
@ -265,16 +265,16 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
|||
|
||||
#### Import the empty MISP database from MYSQL.sql
|
||||
```bash
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
### 7/ Apache configuration
|
||||
-----------------------
|
||||
```bash
|
||||
# Now configure your Apache webserver with the DocumentRoot $PATH_TO_MISP/app/webroot/
|
||||
# Now configure your Apache webserver with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
|
||||
|
||||
# If the apache version is 2.4:
|
||||
sudo cp $PATH_TO_MISP/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
|
||||
|
||||
# Be aware that the configuration files for apache 2.4 and up have changed.
|
||||
# The configuration file has to have the .conf extension in the sites-available directory
|
||||
|
@ -305,8 +305,8 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
|
|||
<VirtualHost _default_:443>
|
||||
ServerAdmin admin@<your.FQDN.here>
|
||||
ServerName <your.FQDN.here>
|
||||
DocumentRoot $PATH_TO_MISP/app/webroot
|
||||
<Directory $PATH_TO_MISP/app/webroot>
|
||||
DocumentRoot ${PATH_TO_MISP}/app/webroot
|
||||
<Directory ${PATH_TO_MISP}/app/webroot>
|
||||
Options -Indexes
|
||||
AllowOverride all
|
||||
Require all granted
|
||||
|
@ -349,21 +349,21 @@ sudo systemctl restart apache2
|
|||
### 8/ Log rotation
|
||||
---------------
|
||||
```bash
|
||||
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
|
||||
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo chmod 0640 /etc/logrotate.d/misp
|
||||
```
|
||||
|
||||
### 9/ MISP configuration
|
||||
---------------------
|
||||
```bash
|
||||
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
|
||||
echo "<?php
|
||||
|
@ -381,11 +381,11 @@ class DATABASE_CONFIG {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
|
||||
|
||||
# and make sure the file permissions are still OK
|
||||
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/app/Config
|
||||
sudo chmod -R 750 $PATH_TO_MISP/app/Config
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}/app/Config
|
||||
|
||||
# Generate a GPG encryption key.
|
||||
|
||||
|
@ -404,14 +404,14 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
$SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
${SUDO_WWW} gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
|
||||
|
||||
# And export the public key to the webroot
|
||||
$SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
${SUDO_WWW} sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
# To make the background workers start on boot
|
||||
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
|
||||
echo "[Unit]
|
||||
Description=MISP background workers
|
||||
|
@ -419,9 +419,9 @@ After=mariadb.service redis-server.service
|
|||
|
||||
[Service]
|
||||
Type=forking
|
||||
User=$WWW_USER
|
||||
Group=$WWW_USER
|
||||
ExecStart=$PATH_TO_MISP/app/Console/worker/start.sh
|
||||
User=${WWW_USER}
|
||||
Group=${WWW_USER}
|
||||
ExecStart=${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
|
||||
|
@ -440,7 +440,7 @@ fi
|
|||
{!generic/MISP_CAKE_init.md!}
|
||||
|
||||
```bash
|
||||
# Add the following lines before the last line (exit 0). Make sure that you replace $WWW_USER with your apache user:
|
||||
# Add the following lines before the last line (exit 0). Make sure that you replace ${WWW_USER} with your apache user:
|
||||
sudo sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||
|
@ -476,7 +476,7 @@ echo "User (misp) DB Password: $DBPASSWORD_MISP"
|
|||
#### MISP has a new pub/sub feature, using ZeroMQ. To enable it, simply run the following commands
|
||||
|
||||
```bash
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install pyzmq
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install pyzmq
|
||||
```
|
||||
|
||||
#### MISP has a feature for publishing events to Kafka. To enable it, simply run the following commands
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
Maintained and tested by @SteveClement on 20190702
|
||||
|
||||
!!! warning
|
||||
This install document is compiles a custom Python 3.7 meaning some things might be unexpected.
|
||||
This install document compiles a custom Python 3.7 meaning some things might be unexpected.
|
||||
Debian stretch has Python 3.5 but we need at least python 3.6
|
||||
|
||||
|
||||
|
@ -32,7 +32,7 @@ PHP_ETC_BASE=/etc/php/7.0
|
|||
PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
|
||||
|
||||
sudo adduser $MISP_USER staff
|
||||
sudo adduser $MISP_USER $WWW_USER
|
||||
sudo adduser $MISP_USER ${WWW_USER}
|
||||
```
|
||||
|
||||
{!generic/sudo_etckeeper.md!}
|
||||
|
@ -151,45 +151,45 @@ sudo systemctl restart apache2
|
|||
------------
|
||||
```bash
|
||||
# Download MISP using git in the /var/www/ directory.
|
||||
sudo mkdir $PATH_TO_MISP
|
||||
sudo chown $WWW_USER:$WWW_USER $PATH_TO_MISP
|
||||
cd $PATH_TO_MISP
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
sudo mkdir ${PATH_TO_MISP}
|
||||
sudo chown ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
cd ${PATH_TO_MISP}
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MISP/MISP.git ${PATH_TO_MISP}; done
|
||||
${SUDO_WWW} git submodule update --progress --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Make git ignore filesystem permission differences
|
||||
$SUDO_WWW git config core.filemode false
|
||||
${SUDO_WWW} git config core.filemode false
|
||||
|
||||
# Create a python3 virtualenv
|
||||
$SUDO_WWW virtualenv -p ~/opt/python3/bin/python3.7 ${PATH_TO_MISP}/venv
|
||||
${SUDO_WWW} virtualenv -p ~/opt/python3/bin/python3.7 ${PATH_TO_MISP}/venv
|
||||
|
||||
# make pip happy
|
||||
sudo mkdir /var/www/.cache/
|
||||
sudo chown $WWW_USER:$WWW_USER /var/www/.cache
|
||||
sudo chown ${WWW_USER}:${WWW_USER} /var/www/.cache
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
$SUDO_WWW git clone https://github.com/MAECProject/python-maec.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
|
||||
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
|
||||
${SUDO_WWW} git clone https://github.com/MAECProject/python-maec.git
|
||||
# install mixbox to accommodate the new STIX dependencies:
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-maec
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-maec
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
# install STIX2.0 library to support STIX 2.0 export:
|
||||
cd ${PATH_TO_MISP}/cti-python-stix2
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
# FIXME: Remove libfaup etc once the egg has the library baked-in
|
||||
sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
|
||||
cd /tmp
|
||||
|
@ -209,19 +209,19 @@ sudo make install
|
|||
sudo ldconfig
|
||||
|
||||
# install pydeep
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
|
||||
# install lief
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
|
||||
|
||||
# install zmq needed by mispzmq
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install zmq redis
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq redis
|
||||
|
||||
# install python-magic
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install python-magic
|
||||
|
||||
# install plyara
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
```
|
||||
|
||||
### 4/ CakePHP
|
||||
|
@ -230,23 +230,23 @@ $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
|||
|
||||
```bash
|
||||
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
|
||||
cd $PATH_TO_MISP/app
|
||||
cd ${PATH_TO_MISP}/app
|
||||
# Make composer cache happy
|
||||
sudo mkdir /var/www/.composer ; sudo chown $WWW_USER:$WWW_USER /var/www/.composer
|
||||
sudo mkdir /var/www/.composer ; sudo chown ${WWW_USER}:${WWW_USER} /var/www/.composer
|
||||
# Update composer.phar
|
||||
#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
|
||||
# $SUDO_WWW php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
# $SUDO_WWW php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
# $SUDO_WWW php composer-setup.php
|
||||
# $SUDO_WWW php -r "unlink('composer-setup.php');"
|
||||
$SUDO_WWW php composer.phar install
|
||||
# ${SUDO_WWW} php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
|
||||
# ${SUDO_WWW} php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
|
||||
# ${SUDO_WWW} php composer-setup.php
|
||||
# ${SUDO_WWW} php -r "unlink('composer-setup.php');"
|
||||
${SUDO_WWW} php composer.phar install
|
||||
|
||||
# Enable CakeResque with php-redis
|
||||
sudo phpenmod redis
|
||||
sudo phpenmod gnupg
|
||||
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
$SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
|
||||
|
@ -255,11 +255,11 @@ $SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin
|
|||
|
||||
```bash
|
||||
# Check if the permissions are set correctly using the following commands:
|
||||
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP
|
||||
sudo chmod -R 750 $PATH_TO_MISP
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/tmp
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
```
|
||||
|
||||
|
||||
|
@ -288,16 +288,16 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
|||
|
||||
#### Import the empty MISP database from MYSQL.sql
|
||||
```bash
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
### 7/ Apache configuration
|
||||
-----------------------
|
||||
```bash
|
||||
# Now configure your Apache webserver with the DocumentRoot $PATH_TO_MISP/app/webroot/
|
||||
# Now configure your Apache webserver with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
|
||||
|
||||
# If the apache version is 2.4:
|
||||
sudo cp $PATH_TO_MISP/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
|
||||
|
||||
# Be aware that the configuration files for apache 2.4 and up have changed.
|
||||
# The configuration file has to have the .conf extension in the sites-available directory
|
||||
|
@ -328,8 +328,8 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
|
|||
<VirtualHost _default_:443>
|
||||
ServerAdmin admin@<your.FQDN.here>
|
||||
ServerName <your.FQDN.here>
|
||||
DocumentRoot $PATH_TO_MISP/app/webroot
|
||||
<Directory $PATH_TO_MISP/app/webroot>
|
||||
DocumentRoot ${PATH_TO_MISP}/app/webroot
|
||||
<Directory ${PATH_TO_MISP}/app/webroot>
|
||||
Options -Indexes
|
||||
AllowOverride all
|
||||
Require all granted
|
||||
|
@ -372,21 +372,21 @@ sudo systemctl restart apache2
|
|||
### 8/ Log rotation
|
||||
---------------
|
||||
```bash
|
||||
# MISP saves the stdout and stderr of its workers in $PATH_TO_MISP/app/tmp/logs
|
||||
# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
|
||||
# To rotate these logs install the supplied logrotate script:
|
||||
|
||||
sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
sudo chmod 0640 /etc/logrotate.d/misp
|
||||
```
|
||||
|
||||
### 9/ MISP configuration
|
||||
---------------------
|
||||
```bash
|
||||
# There are 4 sample configuration files in $PATH_TO_MISP/app/Config that need to be copied
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/database.default.php $PATH_TO_MISP/app/Config/database.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
|
||||
echo "<?php
|
||||
|
@ -404,11 +404,11 @@ class DATABASE_CONFIG {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
|
||||
|
||||
# and make sure the file permissions are still OK
|
||||
sudo chown -R $WWW_USER:$WWW_USER $PATH_TO_MISP/app/Config
|
||||
sudo chmod -R 750 $PATH_TO_MISP/app/Config
|
||||
sudo chown -R ${WWW_USER}:${WWW_USER} ${PATH_TO_MISP}/app/Config
|
||||
sudo chmod -R 750 ${PATH_TO_MISP}/app/Config
|
||||
|
||||
# Generate a GPG encryption key.
|
||||
|
||||
|
@ -427,14 +427,14 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
$SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
${SUDO_WWW} gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
|
||||
|
||||
# And export the public key to the webroot
|
||||
$SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
${SUDO_WWW} sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
# To make the background workers start on boot
|
||||
sudo chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
sudo chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
|
||||
echo "[Unit]
|
||||
Description=MISP background workers
|
||||
|
@ -442,9 +442,9 @@ After=mariadb.service redis-server.service
|
|||
|
||||
[Service]
|
||||
Type=forking
|
||||
User=$WWW_USER
|
||||
Group=$WWW_USER
|
||||
ExecStart=$PATH_TO_MISP/app/Console/worker/start.sh
|
||||
User=${WWW_USER}
|
||||
Group=${WWW_USER}
|
||||
ExecStart=${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
|
||||
|
@ -463,7 +463,7 @@ fi
|
|||
{!generic/MISP_CAKE_init.md!}
|
||||
|
||||
```bash
|
||||
# Add the following lines before the last line (exit 0). Make sure that you replace $WWW_USER with your apache user:
|
||||
# Add the following lines before the last line (exit 0). Make sure that you replace ${WWW_USER} with your apache user:
|
||||
sudo sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||
|
@ -499,7 +499,7 @@ echo "User (misp) DB Password: $DBPASSWORD_MISP"
|
|||
#### MISP has a new pub/sub feature, using ZeroMQ. To enable it, simply run the following commands
|
||||
|
||||
```bash
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install pyzmq
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install pyzmq
|
||||
```
|
||||
|
||||
#### MISP has a feature for publishing events to Kafka. To enable it, simply run the following commands
|
||||
|
|
|
@ -84,7 +84,7 @@ function installMISPonTsurugi() {
|
|||
PATH_TO_MISP='/var/www/MISP'
|
||||
MISP_BASEURL='https://misp.local'
|
||||
MISP_LIVE='1'
|
||||
CAKE="$PATH_TO_MISP/app/Console/cake"
|
||||
CAKE="${PATH_TO_MISP}/app/Console/cake"
|
||||
|
||||
# Database configuration
|
||||
DBHOST='localhost'
|
||||
|
@ -184,12 +184,12 @@ function installMISPonTsurugi() {
|
|||
#update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
|
||||
#update-alternatives --install /usr/bin/python python /usr/bin/python3.5 2
|
||||
|
||||
mkdir $PATH_TO_MISP
|
||||
chown www-data:www-data $PATH_TO_MISP
|
||||
cd $PATH_TO_MISP
|
||||
$SUDO_WWW git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
||||
mkdir ${PATH_TO_MISP}
|
||||
chown www-data:www-data ${PATH_TO_MISP}
|
||||
cd ${PATH_TO_MISP}
|
||||
${SUDO_WWW} git clone https://github.com/MISP/MISP.git ${PATH_TO_MISP}
|
||||
|
||||
$SUDO_WWW git config core.filemode false
|
||||
${SUDO_WWW} git config core.filemode false
|
||||
|
||||
cp -p /etc/lsb-release /etc/lsb-release.tmp
|
||||
sudo sed -i 's/TSURUGI/Ubuntu/g' /etc/lsb-release
|
||||
|
@ -198,45 +198,45 @@ function installMISPonTsurugi() {
|
|||
sudo apt-get update
|
||||
sudo apt-get install python3.6 python3.6-dev -y
|
||||
mv /etc/lsb-release.tmp /etc/lsb-release
|
||||
$SUDO_WWW virtualenv -p python3.6 $PATH_TO_MISP/venv
|
||||
${SUDO_WWW} virtualenv -p python3.6 ${PATH_TO_MISP}/venv
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
|
||||
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
|
||||
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
|
||||
${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
|
||||
${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
|
||||
|
||||
mkdir /var/www/.cache
|
||||
chown www-data:www-data /var/www/.cache
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
cd $PATH_TO_MISP
|
||||
$SUDO_WWW git submodule update --init --recursive
|
||||
cd ${PATH_TO_MISP}
|
||||
${SUDO_WWW} git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
cd $PATH_TO_MISP/app
|
||||
cd ${PATH_TO_MISP}/app
|
||||
mkdir /var/www/.composer ; chown www-data:www-data /var/www/.composer
|
||||
$SUDO_WWW php composer.phar install
|
||||
${SUDO_WWW} php composer.phar install
|
||||
|
||||
$SUDO_WWW cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||
${SUDO_WWW} cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
|
||||
|
||||
chown -R www-data:www-data $PATH_TO_MISP
|
||||
chmod -R 750 $PATH_TO_MISP
|
||||
chmod -R g+ws $PATH_TO_MISP/app/tmp
|
||||
chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
chown -R www-data:www-data ${PATH_TO_MISP}
|
||||
chmod -R 750 ${PATH_TO_MISP}
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/tmp
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
|
||||
if [ ! -e /var/lib/mysql/misp/users.ibd ]; then
|
||||
echo "
|
||||
|
@ -269,7 +269,7 @@ function installMISPonTsurugi() {
|
|||
update-rc.d apache2 enable
|
||||
update-rc.d redis-server enable
|
||||
|
||||
$SUDO_WWW cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
|
||||
echo "<?php
|
||||
class DATABASE_CONFIG {
|
||||
|
@ -286,7 +286,7 @@ function installMISPonTsurugi() {
|
|||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}" | $SUDO_WWW tee $PATH_TO_MISP/app/Config/database.php
|
||||
}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
|
||||
else
|
||||
echo "There might be a database already existing here: /var/lib/mysql/misp/users.ibd"
|
||||
echo "Skipping any creations…"
|
||||
|
@ -307,9 +307,9 @@ function installMISPonTsurugi() {
|
|||
cd /var/www
|
||||
mkdir misp-dashboard
|
||||
chown www-data:www-data misp-dashboard
|
||||
$SUDO_WWW git clone https://github.com/MISP/misp-dashboard.git
|
||||
${SUDO_WWW} git clone https://github.com/MISP/misp-dashboard.git
|
||||
cd misp-dashboard
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install zmq redis
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install zmq redis
|
||||
/var/www/misp-dashboard/install_dependencies.sh
|
||||
sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
|
||||
sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
|
||||
|
@ -319,7 +319,7 @@ function installMISPonTsurugi() {
|
|||
sed -i -e '$i \ echo "Updating ${d}"\n' /etc/rc.local
|
||||
sed -i -e '$i \ cd $d && sudo git pull &\n' /etc/rc.local
|
||||
sed -i -e '$i \done\n' /etc/rc.local
|
||||
$SUDO_WWW bash /var/www/misp-dashboard/start_all.sh
|
||||
${SUDO_WWW} bash /var/www/misp-dashboard/start_all.sh
|
||||
|
||||
apt install libapache2-mod-wsgi-py3 -y
|
||||
|
||||
|
@ -338,9 +338,9 @@ function installMISPonTsurugi() {
|
|||
<VirtualHost _default_:443>
|
||||
ServerAdmin admin@localhost.lu
|
||||
ServerName misp.local
|
||||
DocumentRoot $PATH_TO_MISP/app/webroot
|
||||
DocumentRoot ${PATH_TO_MISP}/app/webroot
|
||||
|
||||
<Directory $PATH_TO_MISP/app/webroot>
|
||||
<Directory ${PATH_TO_MISP}/app/webroot>
|
||||
Options -Indexes
|
||||
AllowOverride all
|
||||
Require all granted
|
||||
|
@ -413,15 +413,15 @@ function installMISPonTsurugi() {
|
|||
|
||||
systemctl restart apache2
|
||||
|
||||
cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||
chmod 0640 /etc/logrotate.d/misp
|
||||
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php $PATH_TO_MISP/app/Config/bootstrap.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/core.default.php $PATH_TO_MISP/app/Config/core.php
|
||||
$SUDO_WWW cp -a $PATH_TO_MISP/app/Config/config.default.php $PATH_TO_MISP/app/Config/config.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
|
||||
${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
|
||||
|
||||
chown -R www-data:www-data $PATH_TO_MISP/app/Config
|
||||
chmod -R 750 $PATH_TO_MISP/app/Config
|
||||
chown -R www-data:www-data ${PATH_TO_MISP}/app/Config
|
||||
chmod -R 750 ${PATH_TO_MISP}/app/Config
|
||||
$CAKE Live $MISP_LIVE
|
||||
$CAKE Baseurl $MISP_BASEURL
|
||||
|
||||
|
@ -438,11 +438,11 @@ function installMISPonTsurugi() {
|
|||
%commit
|
||||
%echo done" > /tmp/gen-key-script
|
||||
|
||||
$SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
${SUDO_WWW} gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
|
||||
$SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
${SUDO_WWW} sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
chmod +x $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
chmod +x ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
|
||||
$CAKE userInit -q
|
||||
$CAKE Admin updateDatabase
|
||||
|
@ -542,7 +542,7 @@ function installMISPonTsurugi() {
|
|||
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||
sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh\n' /etc/rc.local
|
||||
sed -i -e '$i \sudo -u www-data /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s > /tmp/misp-modules_rc.local.log 2> /dev/null &\n' /etc/rc.local
|
||||
$SUDO_WWW bash $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
${SUDO_WWW} bash ${PATH_TO_MISP}/app/Console/worker/start.sh
|
||||
cd /usr/local/src/
|
||||
git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
|
@ -550,14 +550,14 @@ function installMISPonTsurugi() {
|
|||
chown www-data .
|
||||
apt install libpq5 libjpeg-dev tesseract-ocr libpoppler-cpp-dev imagemagick libopencv-dev zbar-tools libzbar0 libzbar-dev libfuzzy-dev -y
|
||||
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I -r REQUIREMENTS
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -I .
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install maec python-magic wand lief yara-python plyara
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install stix2
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I .
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install maec python-magic wand lief yara-python plyara
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install stix2
|
||||
gem install pygments.rb
|
||||
gem install asciidoctor-pdf --pre
|
||||
$SUDO_WWW $PATH_TO_MISP/venv/bin/misp-modules -l 127.0.0.1 -s &
|
||||
${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s &
|
||||
$CAKE Admin setSetting "Plugin.Enrichment_services_enable" true
|
||||
$CAKE Admin setSetting "Plugin.Enrichment_hover_enable" true
|
||||
$CAKE Admin setSetting "Plugin.Enrichment_timeout" 300
|
||||
|
@ -603,11 +603,11 @@ function installMISPonTsurugi() {
|
|||
sleep 6
|
||||
done
|
||||
|
||||
chown -R www-data:www-data $PATH_TO_MISP
|
||||
chmod -R 750 $PATH_TO_MISP
|
||||
chmod -R g+ws $PATH_TO_MISP/app/tmp
|
||||
chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
chown -R www-data:www-data ${PATH_TO_MISP}
|
||||
chmod -R 750 ${PATH_TO_MISP}
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/tmp
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/files
|
||||
chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
|
||||
|
||||
cd /usr/local/src/
|
||||
|
||||
|
|
|
@ -173,25 +173,25 @@ git submodule foreach --recursive git config core.filemode false
|
|||
# Create a python3 virtualenv
|
||||
virtualenv -p python3 ${PATH_TO_MISP}/venv
|
||||
|
||||
cd $PATH_TO_MISP/app/files/scripts
|
||||
cd ${PATH_TO_MISP}/app/files/scripts
|
||||
git clone https://github.com/CybOXProject/python-cybox.git
|
||||
git clone https://github.com/STIXProject/python-stix.git
|
||||
git clone https://github.com/MAECProject/python-maec.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
|
||||
${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-stix
|
||||
${PATH_TO_MISP}/venv/bin/pip install .
|
||||
cd $PATH_TO_MISP/app/files/scripts/python-maec
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/python-maec
|
||||
${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install mixbox to accommodate the new STIX dependencies:
|
||||
cd $PATH_TO_MISP/app/files/scripts/
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/
|
||||
git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||
cd ${PATH_TO_MISP}/app/files/scripts/mixbox
|
||||
${PATH_TO_MISP}/venv/bin/pip install .
|
||||
|
||||
# install PyMISP
|
||||
cd $PATH_TO_MISP/PyMISP
|
||||
cd ${PATH_TO_MISP}/PyMISP
|
||||
${PATH_TO_MISP}/venv/bin/pip install .
|
||||
```
|
||||
|
||||
|
@ -243,7 +243,7 @@ flush privileges;
|
|||
exit
|
||||
|
||||
# Import the empty MISP database from MYSQL.sql
|
||||
sudo -u ${VIRT_USER} cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
sudo -u ${VIRT_USER} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
|
||||
```
|
||||
|
||||
|
||||
|
@ -344,11 +344,11 @@ cat >/tmp/gen-key-script <<EOF
|
|||
%echo done
|
||||
EOF
|
||||
|
||||
gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
gpg --homedir ${PATH_TO_MISP}/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
|
||||
|
||||
# And export the public key to the webroot
|
||||
sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | tee $PATH_TO_MISP/app/webroot/gpg.asc
|
||||
sh -c "gpg --homedir ${PATH_TO_MISP}/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | tee ${PATH_TO_MISP}/app/webroot/gpg.asc
|
||||
|
||||
# If you get no satisfaction with your entropy install this:
|
||||
sudo apt-get install haveged pv
|
||||
|
|
|
@ -38,8 +38,7 @@ theme:
|
|||
markdown_extensions:
|
||||
- markdown_include.include:
|
||||
base_path: docs
|
||||
# mkdcomments is buggy atm, see: https://github.com/ryneeverett/python-markdown-comments/issues/3
|
||||
#- mkdcomments
|
||||
- mkdcomments
|
||||
- markdown.extensions.admonition
|
||||
- markdown.extensions.codehilite:
|
||||
guess_lang: false
|
||||
|
@ -75,12 +74,10 @@ nav:
|
|||
- 'RHEL8/CentOS8': 'INSTALL.rhel8.md'
|
||||
- xInstall Guides:
|
||||
- 'Warning': 'xINSTALL.md'
|
||||
- 'Centos 6': 'xINSTALL.centos6.md'
|
||||
- 'Debian 10': 'xINSTALL.debian10.md'
|
||||
- 'Debian 9': 'xINSTALL.debian9.md'
|
||||
- 'Ubuntu 18.04 \w webmin': 'xINSTALL.ubuntu1804.with.webmin.md'
|
||||
- 'Tsurugi Linux': 'xINSTALL.tsurugi.md'
|
||||
- 'OpenBSD 6.6': 'xINSTALL.OpenBSD.md'
|
||||
- 'OpenBSD 6.7': 'xINSTALL.OpenBSD.md'
|
||||
- Config Guides:
|
||||
- 'Elastic Search Logging': 'CONFIG.elasticsearch-logging.md'
|
||||
- 'Amazon S3 attachments': 'CONFIG.s3-attachments.md'
|
||||
|
@ -90,6 +87,8 @@ nav:
|
|||
- Old guides:
|
||||
- '2.3 to 2.4 upgrade': 'archive/old-2_3to2_4-UPGRADE.md'
|
||||
- 'Ubuntu 16.04': 'archive/INSTALL.ubuntu1604.md'
|
||||
- 'Debian 9': 'xINSTALL.debian9.md'
|
||||
- 'Centos 6': 'xINSTALL.centos6.md'
|
||||
- 'FreeBSD': 'archive/xINSTALL.FreeBSD.md'
|
||||
- About:
|
||||
- 'MISP Release Notes': 'Changelog.md'
|
||||
|
|
Loading…
Reference in New Issue