def install_rsyslogd(args):
"""
Install rsyslogd on the server.
"""
app.print_verbose("Install rsyslogd.")
version_obj = version.Version("InstallRsyslogd", SCRIPT_VERSION)
version_obj.check_executed()
# Installing packages
x("yum install rsyslog rsyslog-gnutls gnutls-utils -y")
# Autostart rsyslog at boot
x("chkconfig rsyslog on")
# Generation new certs if no certs exsists
if not os.path.exists('/etc/pki/rsyslog/ca.crt'):
rsyslog_newcerts(args)
# Add iptables chains
iptables.add_rsyslog_chain("server")
iptables.save()
# Restarting service
x("service rsyslog restart")
install_compress_logs()
# Configure logrotate
installLogrotate.install_logrotate(args)
version_obj.mark_executed()
def install_rsyslogd(args):
"""
Install rsyslogd on the server.
"""
app.print_verbose("Install rsyslogd.")
version_obj = version.Version("InstallRsyslogd", SCRIPT_VERSION)
version_obj.check_executed()
# Installing packages
x("yum install rsyslog rsyslog-gnutls gnutls-utils -y")
# Autostart rsyslog at boot
x("chkconfig rsyslog on")
# Generation new certs if no certs exsists
if not os.path.exists('/etc/pki/rsyslog/ca.crt'):
rsyslog_newcerts(args)
_setup_rsyslogd()
# Add iptables chains
iptables.add_rsyslog_chain("server")
iptables.save()
# Restarting service
x("service rsyslog restart")
install_compress_logs()
# Configure logrotate
installLogrotate.install_logrotate(args)
version_obj.mark_executed()
def install_rsyslogd_client(args):
'''
Install rsyslog client the server
'''
app.print_verbose("Install rsyslog client.")
# If rsyslogd is installed, raise exception.
version_obj = version.Version("InstallRsyslogd",
installRsyslogd.SCRIPT_VERSION)
version_obj.check_executed()
#
version_obj = version.Version("InstallRsyslogdClient", SCRIPT_VERSION)
version_obj.check_executed()
# Initialize all passwords used by the script
app.init_mysql_passwords()
#Enabling iptables before server has start
iptables.add_rsyslog_chain("client")
iptables.save()
# Wating for rsyslog Server to start
general.wait_for_server_to_start(config.general.get_log_server_hostname1(),
"514")
app.print_verbose("CIS 5.2 Configure rsyslog")
app.print_verbose("CIS 5.2.1 Install the rsyslog package")
general.install_packages("rsyslog rsyslog-gnutls")
app.print_verbose("CIS 5.2.2 Activate the rsyslog Service")
if os.path.exists('/etc/xinetd.d/syslog'):
x("chkconfig syslog off")
x("chkconfig rsyslog on")
_configure_rsyslog_conf()
_gen_and_copy_cert(args)
# Restaring rsyslog
x("/etc/init.d/rsyslog restart")
# Configure logrotate
installLogrotate.install_logrotate(args)
version_obj.mark_executed()
def install_rsyslogd_client(args):
'''
Install rsyslog client the server
'''
app.print_verbose("Install rsyslog client.")
# If rsyslogd is installed, raise exception.
version_obj = version.Version("InstallRsyslogd", installRsyslogd.SCRIPT_VERSION)
version_obj.check_executed()
#
version_obj = version.Version("InstallRsyslogdClient", SCRIPT_VERSION)
version_obj.check_executed()
# Initialize all passwords used by the script
app.init_mysql_passwords()
#Enabling iptables before server has start
iptables.add_rsyslog_chain("client")
iptables.save()
# Wating for rsyslog Server to start
general.wait_for_server_to_start(config.general.get_log_server_hostname1(), "514")
app.print_verbose("CIS 5.2 Configure rsyslog")
app.print_verbose("CIS 5.2.1 Install the rsyslog package")
general.install_packages("rsyslog rsyslog-gnutls")
app.print_verbose("CIS 5.2.2 Activate the rsyslog Service")
if os.path.exists('/etc/xinetd.d/syslog'):
x("chkconfig syslog off")
x("chkconfig rsyslog on")
_configure_rsyslog_conf()
_gen_and_copy_cert(args)
# Restaring rsyslog
x("/etc/init.d/rsyslog restart")
# Configure logrotate
installLogrotate.install_logrotate(args)
version_obj.mark_executed()
def install_rsyslogd(args):
'''
Install rsyslogd on the server.
'''
app.print_verbose("Install rsyslogd.")
version_obj = version.Version("InstallRsyslogd", SCRIPT_VERSION)
version_obj.check_executed()
# Initialize all passwords used by the script
app.init_mysql_passwords()
# Setup syco dependencies.
if not os.path.exists('/etc/init.d/mysqld'):
install_mysql(["", "1", "1G"])
# Installing packages
x("yum install rsyslog rsyslog-gnutls rsyslog-mysql gnutls-utils -y")
# Autostart rsyslog at boot
x("chkconfig rsyslog on")
# Generation new certs if no certs exsists
if not os.path.exists('/etc/pki/rsyslog/ca.crt'):
rsyslog_newcerts(args)
sql_password = generate_password(20, string.letters + string.digits)
_setup_database(sql_password)
_setup_rsyslogd(sql_password)
# Add iptables chains
iptables.add_rsyslog_chain("server")
iptables.save()
# Restarting service
x("/etc/init.d/rsyslog restart")
install_purge_db()
install_compress_logs()
# Configure logrotate
installLogrotate.install_logrotate(args)
version_obj.mark_executed()
def install_rsyslogd(args):
'''
Install rsyslogd on the server.
'''
app.print_verbose("Install rsyslogd.")
version_obj = version.Version("InstallRsyslogd", SCRIPT_VERSION)
version_obj.check_executed()
# Initialize all passwords used by the script
app.init_mysql_passwords()
# Setup syco dependencies.
if not os.path.exists('/etc/init.d/mysqld'):
install_mysql(["","1","1G"])
# Installing packages
x("yum install rsyslog rsyslog-gnutls rsyslog-mysql gnutls-utils -y")
# Autostart rsyslog at boot
x("chkconfig rsyslog on")
# Generation new certs if no certs exsists
if not os.path.exists('/etc/pki/rsyslog/ca.crt'):
rsyslog_newcerts(args)
sql_password = generate_password(20, string.letters + string.digits)
_setup_database(sql_password)
_setup_rsyslogd(sql_password)
# Add iptables chains
iptables.add_rsyslog_chain("server")
iptables.save()
# Restarting service
x("/etc/init.d/rsyslog restart")
install_purge_db()
install_compress_logs()
# Configure logrotate
installLogrotate.install_logrotate(args)
version_obj.mark_executed()
