MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [installer] Do not try and initialize mysql if the user table exists 

new: [installer] Nuke an instance
pull/4248/head
Steve Clement 2019-02-28 13:36:52 +05:30
parent ef64270cf7
commit f43fe5e77f
4 changed files with 104 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
INSTALL/INSTALL.debian.sh
View File

@ -164,8 +164,7 @@ usage () {
space
echo -e " -u | Do an unattanded Install, no questions asked" # UNATTENDED
echo -e "${HIDDEN} -U | Attempt and upgrade of selected item${NC}" # UPGRADE
space
echo -e "${HIDDEN}Some parameters want to be hidden: ${NC}"
echo -e "${HIDDEN} -N | Nuke this MISP Instance${NC}" # NUKE
echo -e "${HIDDEN} -f | Force test install on current Ubuntu LTS schim, add -B for 18.04 -> 18.10, or -BB 18.10 -> 19.10)${NC}" # FORCE
echo -e "Options can be combined: ${SCRIPT_NAME} -c -V -D # Will install Core+Viper+Dashboard"
space
@ -200,6 +199,7 @@ setOpt () {
("-A") echo "all"; ALL=1 ;;
("-C") echo "pre"; PRE=1 ;;
("-U") echo "upgrade"; UPGRADE=1 ;;
("-N") echo "nuke"; NUKE=1 ;;
("-u") echo "unattended"; UNATTENDED=1 ;;
("-f") echo "force"; FORCE=1 ;;
(*) echo "$o is not a valid argument"; exit 1 ;;
@ -450,6 +450,9 @@ kaliOnRootR0ckz () {
setBaseURL () {
debug "Setting Base URL"
CONN=$(ip -br -o -4 a |grep UP |head -1 |tr -d "UP")
IFACE=`echo $CONN |awk {'print $1'}`
IP=`echo $CONN |awk {'print $2'}| cut -f1 -d/`
if [[ $(checkManufacturer) != "innotek GmbH" ]]; then
debug "We guess that this is a physical machine and cannot possibly guess what the MISP_BASEURL might be."
if [[ "$UNATTENDED" != "1" ]]; then
@ -457,8 +460,13 @@ setBaseURL () {
echo "Do you want to change it now? (y/n) "
read ANSWER
ANSWER=$(echo $ANSWER |tr [A-Z] [a-z])
if [[ $ANSWER == "y" ]]; then
if [[ "$ANSWER" == "y" ]]; then
if [[ ! -z $IP ]]; then
echo "It seems you have an interface called $IFACE UP with the following IP: $IP - FYI"
echo "Thus your Base URL could be: https://$IP"
fi
echo "Please enter the Base URL, e.g: 'https://example.org'"
echo ""
echo -n "Enter Base URL: "
read MISP_BASEURL
else
@ -773,6 +781,16 @@ genRCLOCAL () {
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
}
# Nuke the install, meaning remove all MISP data but no packages, this makes testing the installer faster
nuke () {
echo -e "${RED}YOU ARE ABOUT TO DELETE ALL MISP DATA! Sleeping 10, 9, 8...${NC}"
sleep 10
sudo rm -rvf /usr/local/src/{misp-modules,viper,mail_to_misp,LIEF,faup}
sudo rm -rvf /var/www/MISP
sudo mysqladmin drop misp
sudo mysql -e "DROP USER misp@localhost"
}
# Final function to let the user know what happened
theEnd () {
space
@ -925,35 +943,37 @@ installDepsPhp70 () {
}
prepareDB () {
debug "Setting up database"
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
pw=$MISP_PASSWORD
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
debug "Setting up database"
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
pw=$MISP_PASSWORD
expect -f - <<-EOF
set timeout 10
expect -f - <<-EOF
set timeout 10
spawn sudo -k mysql_secure_installation
expect "*?assword*"
send -- "$pw\r"
expect "Enter current password for root (enter for none):"
send -- "\r"
expect "Set root password?"
send -- "y\r"
expect "New password:"
send -- "${DBPASSWORD_ADMIN}\r"
expect "Re-enter new password:"
send -- "${DBPASSWORD_ADMIN}\r"
expect "Remove anonymous users?"
send -- "y\r"
expect "Disallow root login remotely?"
send -- "y\r"
expect "Remove test database and access to it?"
send -- "y\r"
expect "Reload privilege tables now?"
send -- "y\r"
expect eof
spawn sudo -k mysql_secure_installation
expect "*?assword*"
send -- "$pw\r"
expect "Enter current password for root (enter for none):"
send -- "\r"
expect "Set root password?"
send -- "y\r"
expect "New password:"
send -- "${DBPASSWORD_ADMIN}\r"
expect "Re-enter new password:"
send -- "${DBPASSWORD_ADMIN}\r"
expect "Remove anonymous users?"
send -- "y\r"
expect "Disallow root login remotely?"
send -- "y\r"
expect "Remove test database and access to it?"
send -- "y\r"
expect "Reload privilege tables now?"
send -- "y\r"
expect eof
EOF
sudo apt-get purge -y expect ; sudo apt autoremove -qy
sudo apt-get purge -y expect ; sudo apt autoremove -qy
fi
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
@ -1943,7 +1963,7 @@ installMISPonKali () {
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
debug "Setting up database"
if [ ! -e /var/lib/mysql/misp/users.ibd ]; then
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
echo "
set timeout 10
spawn mysql_secure_installation
@ -2115,6 +2135,8 @@ fi
[[ -n $UPGRADE ]] && upgrade
[[ -n $NUKE ]] && nuke ; exit
# If Ubuntu is detected, figure out which release it is and run the according scripts
if [ "${FLAVOUR}" == "ubuntu" ]; then
RELEASE=$(lsb_release -s -r| tr [A-Z] [a-z])

4
INSTALL/INSTALL.debian.tpl.sh
View File

@ -470,7 +470,7 @@ installMISPonKali () {
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
debug "Setting up database"
if [ ! -e /var/lib/mysql/misp/users.ibd ]; then
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
echo "
set timeout 10
spawn mysql_secure_installation
@ -642,6 +642,8 @@ fi
[[ -n $UPGRADE ]] && upgrade
[[ -n $NUKE ]] && nuke ; exit
# If Ubuntu is detected, figure out which release it is and run the according scripts
if [ "${FLAVOUR}" == "ubuntu" ]; then
RELEASE=$(lsb_release -s -r| tr [A-Z] [a-z])

54
docs/INSTALL.ubuntu1804.md
View File

@ -236,35 +236,37 @@ permissions () {
```bash
# <snippet-begin 1_prepareDB.sh>
prepareDB () {
debug "Setting up database"
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
pw=$MISP_PASSWORD
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
debug "Setting up database"
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
pw=$MISP_PASSWORD
expect -f - <<-EOF
set timeout 10
expect -f - <<-EOF
set timeout 10
spawn sudo -k mysql_secure_installation
expect "*?assword*"
send -- "$pw\r"
expect "Enter current password for root (enter for none):"
send -- "\r"
expect "Set root password?"
send -- "y\r"
expect "New password:"
send -- "${DBPASSWORD_ADMIN}\r"
expect "Re-enter new password:"
send -- "${DBPASSWORD_ADMIN}\r"
expect "Remove anonymous users?"
send -- "y\r"
expect "Disallow root login remotely?"
send -- "y\r"
expect "Remove test database and access to it?"
send -- "y\r"
expect "Reload privilege tables now?"
send -- "y\r"
expect eof
spawn sudo -k mysql_secure_installation
expect "*?assword*"
send -- "$pw\r"
expect "Enter current password for root (enter for none):"
send -- "\r"
expect "Set root password?"
send -- "y\r"
expect "New password:"
send -- "${DBPASSWORD_ADMIN}\r"
expect "Re-enter new password:"
send -- "${DBPASSWORD_ADMIN}\r"
expect "Remove anonymous users?"
send -- "y\r"
expect "Disallow root login remotely?"
send -- "y\r"
expect "Remove test database and access to it?"
send -- "y\r"
expect "Reload privilege tables now?"
send -- "y\r"
expect eof
EOF
sudo apt-get purge -y expect ; sudo apt autoremove -qy
sudo apt-get purge -y expect ; sudo apt autoremove -qy
fi
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"

24
docs/generic/supportFunctions.md
View File

@ -35,8 +35,7 @@ usage () {
space
echo -e " -u | Do an unattanded Install, no questions asked" # UNATTENDED
echo -e "${HIDDEN} -U | Attempt and upgrade of selected item${NC}" # UPGRADE
space
echo -e "${HIDDEN}Some parameters want to be hidden: ${NC}"
echo -e "${HIDDEN} -N | Nuke this MISP Instance${NC}" # NUKE
echo -e "${HIDDEN} -f | Force test install on current Ubuntu LTS schim, add -B for 18.04 -> 18.10, or -BB 18.10 -> 19.10)${NC}" # FORCE
echo -e "Options can be combined: ${SCRIPT_NAME} -c -V -D # Will install Core+Viper+Dashboard"
space
@ -71,6 +70,7 @@ setOpt () {
("-A") echo "all"; ALL=1 ;;
("-C") echo "pre"; PRE=1 ;;
("-U") echo "upgrade"; UPGRADE=1 ;;
("-N") echo "nuke"; NUKE=1 ;;
("-u") echo "unattended"; UNATTENDED=1 ;;
("-f") echo "force"; FORCE=1 ;;
(*) echo "$o is not a valid argument"; exit 1 ;;
@ -321,6 +321,9 @@ kaliOnRootR0ckz () {
setBaseURL () {
debug "Setting Base URL"
CONN=$(ip -br -o -4 a |grep UP |head -1 |tr -d "UP")
IFACE=`echo $CONN |awk {'print $1'}`
IP=`echo $CONN |awk {'print $2'}| cut -f1 -d/`
if [[ $(checkManufacturer) != "innotek GmbH" ]]; then
debug "We guess that this is a physical machine and cannot possibly guess what the MISP_BASEURL might be."
if [[ "$UNATTENDED" != "1" ]]; then
@ -328,8 +331,13 @@ setBaseURL () {
echo "Do you want to change it now? (y/n) "
read ANSWER
ANSWER=$(echo $ANSWER |tr [A-Z] [a-z])
if [[ $ANSWER == "y" ]]; then
if [[ "$ANSWER" == "y" ]]; then
if [[ ! -z $IP ]]; then
echo "It seems you have an interface called $IFACE UP with the following IP: $IP - FYI"
echo "Thus your Base URL could be: https://$IP"
fi
echo "Please enter the Base URL, e.g: 'https://example.org'"
echo ""
echo -n "Enter Base URL: "
read MISP_BASEURL
else
@ -648,6 +656,16 @@ genRCLOCAL () {
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
}
# Nuke the install, meaning remove all MISP data but no packages, this makes testing the installer faster
nuke () {
echo -e "${RED}YOU ARE ABOUT TO DELETE ALL MISP DATA! Sleeping 10, 9, 8...${NC}"
sleep 10
sudo rm -rvf /usr/local/src/{misp-modules,viper,mail_to_misp,LIEF,faup}
sudo rm -rvf /var/www/MISP
sudo mysqladmin drop misp
sudo mysql -e "DROP USER misp@localhost"
}
# Final function to let the user know what happened
theEnd () {
space