mirror of https://github.com/MISP/MISP
chg: [installer] Do not try and initialize mysql if the user table exists
new: [installer] Nuke an instancepull/4248/head
parent
ef64270cf7
commit
f43fe5e77f
|
@ -164,8 +164,7 @@ usage () {
|
||||||
space
|
space
|
||||||
echo -e " -u | Do an unattanded Install, no questions asked" # UNATTENDED
|
echo -e " -u | Do an unattanded Install, no questions asked" # UNATTENDED
|
||||||
echo -e "${HIDDEN} -U | Attempt and upgrade of selected item${NC}" # UPGRADE
|
echo -e "${HIDDEN} -U | Attempt and upgrade of selected item${NC}" # UPGRADE
|
||||||
space
|
echo -e "${HIDDEN} -N | Nuke this MISP Instance${NC}" # NUKE
|
||||||
echo -e "${HIDDEN}Some parameters want to be hidden: ${NC}"
|
|
||||||
echo -e "${HIDDEN} -f | Force test install on current Ubuntu LTS schim, add -B for 18.04 -> 18.10, or -BB 18.10 -> 19.10)${NC}" # FORCE
|
echo -e "${HIDDEN} -f | Force test install on current Ubuntu LTS schim, add -B for 18.04 -> 18.10, or -BB 18.10 -> 19.10)${NC}" # FORCE
|
||||||
echo -e "Options can be combined: ${SCRIPT_NAME} -c -V -D # Will install Core+Viper+Dashboard"
|
echo -e "Options can be combined: ${SCRIPT_NAME} -c -V -D # Will install Core+Viper+Dashboard"
|
||||||
space
|
space
|
||||||
|
@ -200,6 +199,7 @@ setOpt () {
|
||||||
("-A") echo "all"; ALL=1 ;;
|
("-A") echo "all"; ALL=1 ;;
|
||||||
("-C") echo "pre"; PRE=1 ;;
|
("-C") echo "pre"; PRE=1 ;;
|
||||||
("-U") echo "upgrade"; UPGRADE=1 ;;
|
("-U") echo "upgrade"; UPGRADE=1 ;;
|
||||||
|
("-N") echo "nuke"; NUKE=1 ;;
|
||||||
("-u") echo "unattended"; UNATTENDED=1 ;;
|
("-u") echo "unattended"; UNATTENDED=1 ;;
|
||||||
("-f") echo "force"; FORCE=1 ;;
|
("-f") echo "force"; FORCE=1 ;;
|
||||||
(*) echo "$o is not a valid argument"; exit 1 ;;
|
(*) echo "$o is not a valid argument"; exit 1 ;;
|
||||||
|
@ -450,6 +450,9 @@ kaliOnRootR0ckz () {
|
||||||
|
|
||||||
setBaseURL () {
|
setBaseURL () {
|
||||||
debug "Setting Base URL"
|
debug "Setting Base URL"
|
||||||
|
CONN=$(ip -br -o -4 a |grep UP |head -1 |tr -d "UP")
|
||||||
|
IFACE=`echo $CONN |awk {'print $1'}`
|
||||||
|
IP=`echo $CONN |awk {'print $2'}| cut -f1 -d/`
|
||||||
if [[ $(checkManufacturer) != "innotek GmbH" ]]; then
|
if [[ $(checkManufacturer) != "innotek GmbH" ]]; then
|
||||||
debug "We guess that this is a physical machine and cannot possibly guess what the MISP_BASEURL might be."
|
debug "We guess that this is a physical machine and cannot possibly guess what the MISP_BASEURL might be."
|
||||||
if [[ "$UNATTENDED" != "1" ]]; then
|
if [[ "$UNATTENDED" != "1" ]]; then
|
||||||
|
@ -457,8 +460,13 @@ setBaseURL () {
|
||||||
echo "Do you want to change it now? (y/n) "
|
echo "Do you want to change it now? (y/n) "
|
||||||
read ANSWER
|
read ANSWER
|
||||||
ANSWER=$(echo $ANSWER |tr [A-Z] [a-z])
|
ANSWER=$(echo $ANSWER |tr [A-Z] [a-z])
|
||||||
if [[ $ANSWER == "y" ]]; then
|
if [[ "$ANSWER" == "y" ]]; then
|
||||||
|
if [[ ! -z $IP ]]; then
|
||||||
|
echo "It seems you have an interface called $IFACE UP with the following IP: $IP - FYI"
|
||||||
|
echo "Thus your Base URL could be: https://$IP"
|
||||||
|
fi
|
||||||
echo "Please enter the Base URL, e.g: 'https://example.org'"
|
echo "Please enter the Base URL, e.g: 'https://example.org'"
|
||||||
|
echo ""
|
||||||
echo -n "Enter Base URL: "
|
echo -n "Enter Base URL: "
|
||||||
read MISP_BASEURL
|
read MISP_BASEURL
|
||||||
else
|
else
|
||||||
|
@ -773,6 +781,16 @@ genRCLOCAL () {
|
||||||
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Nuke the install, meaning remove all MISP data but no packages, this makes testing the installer faster
|
||||||
|
nuke () {
|
||||||
|
echo -e "${RED}YOU ARE ABOUT TO DELETE ALL MISP DATA! Sleeping 10, 9, 8...${NC}"
|
||||||
|
sleep 10
|
||||||
|
sudo rm -rvf /usr/local/src/{misp-modules,viper,mail_to_misp,LIEF,faup}
|
||||||
|
sudo rm -rvf /var/www/MISP
|
||||||
|
sudo mysqladmin drop misp
|
||||||
|
sudo mysql -e "DROP USER misp@localhost"
|
||||||
|
}
|
||||||
|
|
||||||
# Final function to let the user know what happened
|
# Final function to let the user know what happened
|
||||||
theEnd () {
|
theEnd () {
|
||||||
space
|
space
|
||||||
|
@ -925,35 +943,37 @@ installDepsPhp70 () {
|
||||||
}
|
}
|
||||||
|
|
||||||
prepareDB () {
|
prepareDB () {
|
||||||
debug "Setting up database"
|
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
|
||||||
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
|
debug "Setting up database"
|
||||||
pw=$MISP_PASSWORD
|
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
|
||||||
|
pw=$MISP_PASSWORD
|
||||||
|
|
||||||
expect -f - <<-EOF
|
expect -f - <<-EOF
|
||||||
set timeout 10
|
set timeout 10
|
||||||
|
|
||||||
spawn sudo -k mysql_secure_installation
|
spawn sudo -k mysql_secure_installation
|
||||||
expect "*?assword*"
|
expect "*?assword*"
|
||||||
send -- "$pw\r"
|
send -- "$pw\r"
|
||||||
expect "Enter current password for root (enter for none):"
|
expect "Enter current password for root (enter for none):"
|
||||||
send -- "\r"
|
send -- "\r"
|
||||||
expect "Set root password?"
|
expect "Set root password?"
|
||||||
send -- "y\r"
|
send -- "y\r"
|
||||||
expect "New password:"
|
expect "New password:"
|
||||||
send -- "${DBPASSWORD_ADMIN}\r"
|
send -- "${DBPASSWORD_ADMIN}\r"
|
||||||
expect "Re-enter new password:"
|
expect "Re-enter new password:"
|
||||||
send -- "${DBPASSWORD_ADMIN}\r"
|
send -- "${DBPASSWORD_ADMIN}\r"
|
||||||
expect "Remove anonymous users?"
|
expect "Remove anonymous users?"
|
||||||
send -- "y\r"
|
send -- "y\r"
|
||||||
expect "Disallow root login remotely?"
|
expect "Disallow root login remotely?"
|
||||||
send -- "y\r"
|
send -- "y\r"
|
||||||
expect "Remove test database and access to it?"
|
expect "Remove test database and access to it?"
|
||||||
send -- "y\r"
|
send -- "y\r"
|
||||||
expect "Reload privilege tables now?"
|
expect "Reload privilege tables now?"
|
||||||
send -- "y\r"
|
send -- "y\r"
|
||||||
expect eof
|
expect eof
|
||||||
EOF
|
EOF
|
||||||
sudo apt-get purge -y expect ; sudo apt autoremove -qy
|
sudo apt-get purge -y expect ; sudo apt autoremove -qy
|
||||||
|
fi
|
||||||
|
|
||||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
|
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
|
||||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
|
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
|
||||||
|
@ -1943,7 +1963,7 @@ installMISPonKali () {
|
||||||
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||||
|
|
||||||
debug "Setting up database"
|
debug "Setting up database"
|
||||||
if [ ! -e /var/lib/mysql/misp/users.ibd ]; then
|
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
|
||||||
echo "
|
echo "
|
||||||
set timeout 10
|
set timeout 10
|
||||||
spawn mysql_secure_installation
|
spawn mysql_secure_installation
|
||||||
|
@ -2115,6 +2135,8 @@ fi
|
||||||
|
|
||||||
[[ -n $UPGRADE ]] && upgrade
|
[[ -n $UPGRADE ]] && upgrade
|
||||||
|
|
||||||
|
[[ -n $NUKE ]] && nuke ; exit
|
||||||
|
|
||||||
# If Ubuntu is detected, figure out which release it is and run the according scripts
|
# If Ubuntu is detected, figure out which release it is and run the according scripts
|
||||||
if [ "${FLAVOUR}" == "ubuntu" ]; then
|
if [ "${FLAVOUR}" == "ubuntu" ]; then
|
||||||
RELEASE=$(lsb_release -s -r| tr [A-Z] [a-z])
|
RELEASE=$(lsb_release -s -r| tr [A-Z] [a-z])
|
||||||
|
|
|
@ -470,7 +470,7 @@ installMISPonKali () {
|
||||||
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||||
|
|
||||||
debug "Setting up database"
|
debug "Setting up database"
|
||||||
if [ ! -e /var/lib/mysql/misp/users.ibd ]; then
|
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
|
||||||
echo "
|
echo "
|
||||||
set timeout 10
|
set timeout 10
|
||||||
spawn mysql_secure_installation
|
spawn mysql_secure_installation
|
||||||
|
@ -642,6 +642,8 @@ fi
|
||||||
|
|
||||||
[[ -n $UPGRADE ]] && upgrade
|
[[ -n $UPGRADE ]] && upgrade
|
||||||
|
|
||||||
|
[[ -n $NUKE ]] && nuke ; exit
|
||||||
|
|
||||||
# If Ubuntu is detected, figure out which release it is and run the according scripts
|
# If Ubuntu is detected, figure out which release it is and run the according scripts
|
||||||
if [ "${FLAVOUR}" == "ubuntu" ]; then
|
if [ "${FLAVOUR}" == "ubuntu" ]; then
|
||||||
RELEASE=$(lsb_release -s -r| tr [A-Z] [a-z])
|
RELEASE=$(lsb_release -s -r| tr [A-Z] [a-z])
|
||||||
|
|
|
@ -236,35 +236,37 @@ permissions () {
|
||||||
```bash
|
```bash
|
||||||
# <snippet-begin 1_prepareDB.sh>
|
# <snippet-begin 1_prepareDB.sh>
|
||||||
prepareDB () {
|
prepareDB () {
|
||||||
debug "Setting up database"
|
if [[ ! -e /var/lib/mysql/misp/users.ibd ]]; then
|
||||||
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
|
debug "Setting up database"
|
||||||
pw=$MISP_PASSWORD
|
# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
|
||||||
|
pw=$MISP_PASSWORD
|
||||||
|
|
||||||
expect -f - <<-EOF
|
expect -f - <<-EOF
|
||||||
set timeout 10
|
set timeout 10
|
||||||
|
|
||||||
spawn sudo -k mysql_secure_installation
|
spawn sudo -k mysql_secure_installation
|
||||||
expect "*?assword*"
|
expect "*?assword*"
|
||||||
send -- "$pw\r"
|
send -- "$pw\r"
|
||||||
expect "Enter current password for root (enter for none):"
|
expect "Enter current password for root (enter for none):"
|
||||||
send -- "\r"
|
send -- "\r"
|
||||||
expect "Set root password?"
|
expect "Set root password?"
|
||||||
send -- "y\r"
|
send -- "y\r"
|
||||||
expect "New password:"
|
expect "New password:"
|
||||||
send -- "${DBPASSWORD_ADMIN}\r"
|
send -- "${DBPASSWORD_ADMIN}\r"
|
||||||
expect "Re-enter new password:"
|
expect "Re-enter new password:"
|
||||||
send -- "${DBPASSWORD_ADMIN}\r"
|
send -- "${DBPASSWORD_ADMIN}\r"
|
||||||
expect "Remove anonymous users?"
|
expect "Remove anonymous users?"
|
||||||
send -- "y\r"
|
send -- "y\r"
|
||||||
expect "Disallow root login remotely?"
|
expect "Disallow root login remotely?"
|
||||||
send -- "y\r"
|
send -- "y\r"
|
||||||
expect "Remove test database and access to it?"
|
expect "Remove test database and access to it?"
|
||||||
send -- "y\r"
|
send -- "y\r"
|
||||||
expect "Reload privilege tables now?"
|
expect "Reload privilege tables now?"
|
||||||
send -- "y\r"
|
send -- "y\r"
|
||||||
expect eof
|
expect eof
|
||||||
EOF
|
EOF
|
||||||
sudo apt-get purge -y expect ; sudo apt autoremove -qy
|
sudo apt-get purge -y expect ; sudo apt autoremove -qy
|
||||||
|
fi
|
||||||
|
|
||||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
|
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
|
||||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
|
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
|
||||||
|
|
|
@ -35,8 +35,7 @@ usage () {
|
||||||
space
|
space
|
||||||
echo -e " -u | Do an unattanded Install, no questions asked" # UNATTENDED
|
echo -e " -u | Do an unattanded Install, no questions asked" # UNATTENDED
|
||||||
echo -e "${HIDDEN} -U | Attempt and upgrade of selected item${NC}" # UPGRADE
|
echo -e "${HIDDEN} -U | Attempt and upgrade of selected item${NC}" # UPGRADE
|
||||||
space
|
echo -e "${HIDDEN} -N | Nuke this MISP Instance${NC}" # NUKE
|
||||||
echo -e "${HIDDEN}Some parameters want to be hidden: ${NC}"
|
|
||||||
echo -e "${HIDDEN} -f | Force test install on current Ubuntu LTS schim, add -B for 18.04 -> 18.10, or -BB 18.10 -> 19.10)${NC}" # FORCE
|
echo -e "${HIDDEN} -f | Force test install on current Ubuntu LTS schim, add -B for 18.04 -> 18.10, or -BB 18.10 -> 19.10)${NC}" # FORCE
|
||||||
echo -e "Options can be combined: ${SCRIPT_NAME} -c -V -D # Will install Core+Viper+Dashboard"
|
echo -e "Options can be combined: ${SCRIPT_NAME} -c -V -D # Will install Core+Viper+Dashboard"
|
||||||
space
|
space
|
||||||
|
@ -71,6 +70,7 @@ setOpt () {
|
||||||
("-A") echo "all"; ALL=1 ;;
|
("-A") echo "all"; ALL=1 ;;
|
||||||
("-C") echo "pre"; PRE=1 ;;
|
("-C") echo "pre"; PRE=1 ;;
|
||||||
("-U") echo "upgrade"; UPGRADE=1 ;;
|
("-U") echo "upgrade"; UPGRADE=1 ;;
|
||||||
|
("-N") echo "nuke"; NUKE=1 ;;
|
||||||
("-u") echo "unattended"; UNATTENDED=1 ;;
|
("-u") echo "unattended"; UNATTENDED=1 ;;
|
||||||
("-f") echo "force"; FORCE=1 ;;
|
("-f") echo "force"; FORCE=1 ;;
|
||||||
(*) echo "$o is not a valid argument"; exit 1 ;;
|
(*) echo "$o is not a valid argument"; exit 1 ;;
|
||||||
|
@ -321,6 +321,9 @@ kaliOnRootR0ckz () {
|
||||||
|
|
||||||
setBaseURL () {
|
setBaseURL () {
|
||||||
debug "Setting Base URL"
|
debug "Setting Base URL"
|
||||||
|
CONN=$(ip -br -o -4 a |grep UP |head -1 |tr -d "UP")
|
||||||
|
IFACE=`echo $CONN |awk {'print $1'}`
|
||||||
|
IP=`echo $CONN |awk {'print $2'}| cut -f1 -d/`
|
||||||
if [[ $(checkManufacturer) != "innotek GmbH" ]]; then
|
if [[ $(checkManufacturer) != "innotek GmbH" ]]; then
|
||||||
debug "We guess that this is a physical machine and cannot possibly guess what the MISP_BASEURL might be."
|
debug "We guess that this is a physical machine and cannot possibly guess what the MISP_BASEURL might be."
|
||||||
if [[ "$UNATTENDED" != "1" ]]; then
|
if [[ "$UNATTENDED" != "1" ]]; then
|
||||||
|
@ -328,8 +331,13 @@ setBaseURL () {
|
||||||
echo "Do you want to change it now? (y/n) "
|
echo "Do you want to change it now? (y/n) "
|
||||||
read ANSWER
|
read ANSWER
|
||||||
ANSWER=$(echo $ANSWER |tr [A-Z] [a-z])
|
ANSWER=$(echo $ANSWER |tr [A-Z] [a-z])
|
||||||
if [[ $ANSWER == "y" ]]; then
|
if [[ "$ANSWER" == "y" ]]; then
|
||||||
|
if [[ ! -z $IP ]]; then
|
||||||
|
echo "It seems you have an interface called $IFACE UP with the following IP: $IP - FYI"
|
||||||
|
echo "Thus your Base URL could be: https://$IP"
|
||||||
|
fi
|
||||||
echo "Please enter the Base URL, e.g: 'https://example.org'"
|
echo "Please enter the Base URL, e.g: 'https://example.org'"
|
||||||
|
echo ""
|
||||||
echo -n "Enter Base URL: "
|
echo -n "Enter Base URL: "
|
||||||
read MISP_BASEURL
|
read MISP_BASEURL
|
||||||
else
|
else
|
||||||
|
@ -648,6 +656,16 @@ genRCLOCAL () {
|
||||||
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Nuke the install, meaning remove all MISP data but no packages, this makes testing the installer faster
|
||||||
|
nuke () {
|
||||||
|
echo -e "${RED}YOU ARE ABOUT TO DELETE ALL MISP DATA! Sleeping 10, 9, 8...${NC}"
|
||||||
|
sleep 10
|
||||||
|
sudo rm -rvf /usr/local/src/{misp-modules,viper,mail_to_misp,LIEF,faup}
|
||||||
|
sudo rm -rvf /var/www/MISP
|
||||||
|
sudo mysqladmin drop misp
|
||||||
|
sudo mysql -e "DROP USER misp@localhost"
|
||||||
|
}
|
||||||
|
|
||||||
# Final function to let the user know what happened
|
# Final function to let the user know what happened
|
||||||
theEnd () {
|
theEnd () {
|
||||||
space
|
space
|
||||||
|
|
Loading…
Reference in New Issue