Merge 37b418e0b3 into d3f08205fb

chg: [MISP connector] added bulk org pull
Update INSTALL-rhel.md
2023-12-09 12:22:43 +01:00 · 2023-11-30 11:44:38 +01:00 · 2022-11-21 12:56:37 +02:00
2 changed files with 114 additions and 35 deletions
--- a/INSTALL/INSTALL-rhel.md
+++ b/INSTALL/INSTALL-rhel.md
@ -1,12 +1,14 @@
-# Installing Cerebrate on RedHat Enterprise Linux (RHEL 8)
->This installation instructions assume SELinux is enabled, and in Enforcing mode.
+# Installing Cerebrate on RedHat Enterprise Linux
+>Instructions adapted from https://doc.cerebrate-project.org/install/
+>This installation instructions assume, you have RHEL 8 with SELinux enabled, and in Enforcing mode.
 >and that you want to keep it that way :)
 >You need to be root when running these commands.

 ## Prerequisites
 >Install needed packages:
 ```Shell
-dnf install @httpd mariadb-server git @php unzip sqlite vim wget  php-intl php-ldap php-mysqlnd php-pdo php-zip
+dnf install @httpd mariadb-server git unzip sqlite vim wget \
+            @php:8.0 php-intl php-ldap php-mysqlnd php-pdo php-zip
 ```
 ## Install composer 
 >Instructions taken from https://getcomposer.org/download/
@ -39,9 +41,11 @@ FLUSH PRIVILEGES;
 QUIT;
 ```
 ## Allow ports through the firewall
+> 8001 for local access, (e.g. curl) and 
+> 8443 for remote access with proper certificates (SSL TLS).
 ```Shell
-firewall-cmd --zone=public --add-service=http         --permanent 
 firewall-cmd --zone=public --add-port=8001/tcp        --permanent
+firewall-cmd --zone=public --add-port=8443/tcp        --permanent
 ```
 > reload firewall and show applied firewall rules
 ```Shell
@ -51,11 +55,19 @@ firewall-cmd --zone public --list-all

 ## Main Cerebrate Installation
 >Steps to install Cerebrate on RHEL
+>in order to run some commands you need to (temporarily) allow the apache user 
+>to login using *bash shell*
+```Shell
+usermod -s /bin/bash apache
+# in the end you need to set the login shell to *nologin*
+# usermod -s /sbin/nologin apache;
+```

 ### Clone this repository
 ```Shell
-mkdir /var/www/cerebrate
-git clone https://github.com/cerebrate-project/cerebrate.git /var/www/cerebrate
+mkdir -p /var/www/cerebrate;
+sudo chown apache:apache /var/www/cerebrate;
+sudo -u apache git clone https://github.com/cerebrate-project/cerebrate.git /var/www/cerebrate;
 ```

 ### Run composer
@ -64,25 +76,21 @@ mkdir -p /var/www/.composer
 chown -R apache.apache  /var/www/.composer
 chown -R apache.apache  /var/www/cerebrate
 cd /var/www/cerebrate
-composer install 
+sudo -H -u apache composer install
 ```
->you will see a prompt: \
->`Do you trust "cakephp/plugin-installer" to execurte code and wish to enable it now? (writes "allow-plugins" to composer.json) [y,n,d,?]` \
->*repond with* `y` \
->`Do you trust "dealerdirect/phpcodesniffer-composer-installer" to execute code and wish to enable it now? (writes "allow-plugins" to composer.json) [y,n,d,?]` \
->*repond with* `y`
+

 ### Create your local configuration and set the db credentials
 ```Shell
-cp -a /var/www/cerebrate/config/app_local.example.php /var/www/cerebrate/config/app_local.php
-cp -a /var/www/cerebrate/config/config.example.json /var/www/cerebrate/config/config.json
+cp -a /var/www/cerebrate/config/app_local.example.php /var/www/cerebrate/config/app_local.php;
+cp -a /var/www/cerebrate/config/config.example.json /var/www/cerebrate/config/config.json;
 ```

 ### Modify the Datasource -> default array's in file `app_local.php`
 >Simply modify the `Datasources` section, to reflect your values for: username, password, and database 
 >fields, as configured in the above [#create-a-new-database-user-and-password-for-cerebrate](<#create-a-new-database-user-and-password-for-cerebrate>)
 ```Shell
-vim /var/www/cerebrate/config/app_local.php
+sudo -u apache vim /var/www/cerebrate/config/app_local.php;
 ```
 ```PHP
    'Datasources' => [
@ -96,18 +104,12 @@ vim /var/www/cerebrate/config/app_local.php

 ### Run the database schema migrations
 ```Shell
-usermod -s /bin/bash apache
+chown -R apache.apache  /var/www/.composer;
+chown -R apache.apache  /var/www/cerebrate;

-chown -R apache.apache  /var/www/.composer
-chown -R apache.apache  /var/www/cerebrate
-
-su apache <<'EOFi'
-/var/www/cerebrate/bin/cake migrations migrate
-/var/www/cerebrate/bin/cake migrations migrate -p tags
-/var/www/cerebrate/bin/cake migrations migrate -p ADmad/SocialAuth
-EOFi
-
-usermod -s /sbin/nologin apache
+sudo -u apache /var/www/cerebrate/bin/cake migrations migrate;
+sudo -u apache /var/www/cerebrate/bin/cake migrations migrate -p tags;
+sudo -u apache /var/www/cerebrate/bin/cake migrations migrate -p ADmad/SocialAuth;
 ```


@ -118,13 +120,14 @@ rm /var/www/cerebrate/tmp/cache/persistent/*
 ```

 ### copy the Apache httpd template to the default apache configuration folder
-> in our case we used apache to serve this website, NGINX could also be used.
+> in our case we use apache to serve this website.
 ```Shell
 cp -v /var/www/cerebrate/INSTALL/cerebrate_apache_dev.conf /etc/httpd/conf.d/.
 mkdir /var/log/apache2
 chown apache.root -R /var/log/apache2
 restorecon -Rv /etc/httpd/conf.d/*
 restorecon -Rv /var/log/*
+### Relabeled /var/log/apache2 from unconfined_u:object_r:var_log_t:s0 to unconfined_u:object_r:httpd_log_t:s0
 ```
 ### Make changes to the apache httpd site configuration file
 >Edit the file `/etc/httpd/conf.d/cerebrate_apache_dev.conf` change the two references of port 8000 to 8001
@ -149,6 +152,8 @@ chown apache.apache /var/www/cerebrate
 ```
 systemctl enable httpd
 systemctl restart httpd
+# do not forget to set nologin for user apache
+usermod -s /sbin/nologin apache;
 ```

 ## Point your browser to: http://localhost:8001
@ -158,3 +163,52 @@ systemctl restart httpd
 Username: admin
 Password: Password1234
 ```
+
+
+
+## Optional: Enable HTTPS secure connection to the site
+> if you also want to enable SSL TLS certificates, you need to do the following
+
+### copy the certificates in place
+vi   /etc/pki/tls/certs/cerebrate-chain.pem
+vi   /etc/pki/tls/private/cerebrate-key.pem
+chmod 600 /etc/pki/tls/private/cerebrate-key.pem
+
+### edit the configuration file to include the SSL Section.
+vim /etc/httpd/conf.d/cerebrate_apache_dev.conf
+```Shell
+Listen 8443 https
+
+<VirtualHost <your IP address:8443>
+        ErrorLog /var/log/apache2/cerebrate_ssl_error_log
+        TransferLog /var/log/apache2/cerebrate_ssl_access_log
+        LogLevel warn
+        SSLEngine on
+        SSLHonorCipherOrder on
+        SSLCipherSuite PROFILE=SYSTEM
+        SSLProxyCipherSuite PROFILE=SYSTEM
+        SSLCertificateFile    /etc/pki/tls/certs/cerebrate-chain.pem
+        SSLCertificateKeyFile /etc/pki/tls/private/cerebrate-key.pem
+
+        <FilesMatch "\.(cgi|shtml|phtml|php)$">
+                SSLOptions +StdEnvVars
+        </FilesMatch>
+        ServerName mycerebrate.<csirt.eu>
+        DocumentRoot /var/www/cerebrate/webroot
+        <Directory /var/www/cerebrate/webroot>
+                Options -Indexes
+                AllowOverride all
+                Order allow,deny
+                allow from all
+                SSLOptions +StdEnvVars
+        </Directory>
+
+        BrowserMatch "MSIE [2-5]" \
+                nokeepalive ssl-unclean-shutdown \
+                downgrade-1.0 force-response-1.0
+
+        CustomLog /var/log/apache2/cerebrate_ssl_request.log \
+                "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+</VirtualHost>
+```
--- a/src/Lib/default/local_tool_connectors/MispConnector.php
+++ b/src/Lib/default/local_tool_connectors/MispConnector.php
@ -907,6 +907,12 @@ class MispConnector extends CommonConnectorTools
                                        'reload_url' => '/localTools/action/' . h($params['connection']['id']) . '/organisationsAction',
                                        'popover_url' => '/localTools/action/' . h($params['connection']['id']) . '/fetchSelectedOrganisationsAction'
                                    ],
+                                    [
+                                        'text' => __('Fetch all organisations'),
+                                        'html' => '<i class="fas fa-download"></i> ',
+                                        'reload_url' => '/localTools/action/' . h($params['connection']['id']) . '/organisationsAction',
+                                        'popover_url' => '/localTools/action/' . h($params['connection']['id']) . '/fetchSelectedOrganisationsAction?ids=all'
+                                    ],
                                    [
                                        'text' => __('Push organisations'),
                                        'html' => '<i class="fas fa-upload"></i> ',
@ -1190,23 +1196,42 @@ class MispConnector extends CommonConnectorTools
            return [
                'data' => [
                    'title' => __('Fetch organisations'),
-                    'description' => __('Fetch and create/update the selected {0} organisations from MISP?', count($ids)),
+                    'description' => is_array($ids) ?
+                        __('Fetch and create/update the selected {0} organisations from MISP?', count($ids)) :
+                        __('Fetch and create/update ALL organisations from MISP?'),
                    'submit' => [
                        'action' => $params['request']->getParam('action')
                    ],
-                    'url' => ['controller' => 'localTools', 'action' => 'action', $params['connection']['id'], 'fetchSelectedOrganisationsAction']
+                    'url' => is_array($ids) ? 
+                        ['controller' => 'localTools', 'action' => 'action', $params['connection']['id'], 'fetchSelectedOrganisationsAction'] :
+                        ['controller' => 'localTools', 'action' => 'action', $params['connection']['id'], 'fetchSelectedOrganisationsAction?ids=all']
                ]
            ];
        } elseif ($params['request']->is(['post'])) {
            $successes = 0;
            $errors = 0;
-            foreach ($ids as $id) {
-                $response = $this->getData('/organisations/view/' . $id, $params);
-                $result = $this->captureOrganisation($response->getJson()['Organisation']);
+            if (!is_array($ids) && $ids === 'all') {
+                $response = $this->getData('/organisations/index/scope:all', $params);
                if ($response->getStatusCode() == 200) {
-                    $successes++;
-                } else {
-                    $errors++;
+                    $orgs = $response->getJson();
+                    foreach ($orgs as $org) {
+                        $result = $this->captureOrganisation($org['Organisation']);
+                        if ($result) {
+                            $successes++;
+                        } else {
+                            $errors++;
+                        }
+                    }
+                }
+            } else {
+                foreach ($ids as $id) {
+                    $response = $this->getData('/organisations/view/' . $id, $params);
+                    $result = $this->captureOrganisation($response->getJson()['Organisation']);
+                    if ($response->getStatusCode() == 200) {
+                        $successes++;
+                    } else {
+                        $errors++;
+                    }
                }
            }
            if ($successes) {
Author	SHA1	Message	Date
jacobkarapatakis	9746988450	Merge `37b418e0b3` into `d3f08205fb`	2023-12-09 12:22:43 +01:00
iglocska	d3f08205fb	chg: [MISP connector] added bulk org pull	2023-11-30 11:44:38 +01:00
jacobkarapatakis	37b418e0b3	Update INSTALL-rhel.md made some changes to the installation of cerebrate, after new version requirements and lessons learnt.	2022-11-21 12:56:37 +02:00