def install_ossec_client(args):
'''
Install OSSEC Client on the server
'''
if os.path.exists('/var/ossec/bin/manage_agents'):
app.print_error("Not insalling OSSEC client since OSSEC server detected")
return
app.print_verbose("Install ossec client.")
version_obj = version.Version("InstallOssec", SCRIPT_VERSION)
version_obj.check_executed()
# Initialize all passwords used by the script
app.init_mysql_passwords()
build_ossec('preloaded-vars-client.conf')
_setup_conf()
_setup_keys()
# Enabling syslog logging
x('/var/ossec/bin/ossec-control enable client-syslog')
# Adding iptables rules
iptables.add_ossec_chain()
iptables.save()
# Restaring OSSEC server
x("service ossec restart")
x('yum remove gcc perl-Time-HiRes -y')
version_obj.mark_executed()
def install_ossec_server(args):
'''
Install OSSEC server on the server
'''
app.print_verbose("Install ossecd.")
version_obj = version.Version("InstallOssecd", SCRIPT_VERSION)
version_obj.check_executed()
install_dir = get_install_dir()
build_ossec("preloaded-vars-server.conf")
_generate_client_keys()
# Setup server config and local rules from syco
x('\cp -f ' + SYCO_FO_PATH +
'var/ossec/ossec_server.conf /var/ossec/etc/ossec.conf')
x('chown root:ossec /var/ossec/etc/ossec.conf')
x('chmod 640 /var/ossec/etc/ossec.conf')
# Configure rules
x('cp -f ' + SYCO_FO_PATH +
'var/ossec/local_rules.xml /var/ossec/rules/local_rules.xml')
#x("find /var/ossec/rules -type d -print0 | xargs -0 chmod 750")
#x("find /var/ossec/rules -type f -print0 | xargs -0 chmod 640")
x('chown root:ossec /var/ossec/rules/local_rules.xml')
x('chmod 640 /var/ossec/rules/local_rules.xml')
# Enabling syslog logging
x('/var/ossec/bin/ossec-control enable client-syslog')
# Adding iptables rules
iptables.add_ossec_chain()
iptables.save()
x("service ossec restart")
# Clean up install
x('yum remove gcc perl-Time-HiRes -y')
version_obj.mark_executed()
def install_ossec_server(args):
'''
Install OSSEC server on the server
'''
app.print_verbose("Install ossecd.")
version_obj = version.Version("InstallOssecd", SCRIPT_VERSION)
version_obj.check_executed()
install_dir = get_install_dir()
build_ossec("preloaded-vars-server.conf")
_generate_client_keys()
# Setup server config and local rules from syco
x('\cp -f /opt/syco/var/ossec/ossec_server.conf /var/ossec/etc/ossec.conf')
x('chown root:ossec /var/ossec/etc/ossec.conf')
x('chmod 640 /var/ossec/etc/ossec.conf')
# Configure rules
x('cp -f /opt/syco/var/ossec/local_rules.xml /var/ossec/rules/local_rules.xml')
#x("find /var/ossec/rules -type d -print0 | xargs -0 chmod 750")
#x("find /var/ossec/rules -type f -print0 | xargs -0 chmod 640")
x('chown root:ossec /var/ossec/rules/local_rules.xml')
x('chmod 640 /var/ossec/rules/local_rules.xml')
# Enabling syslog logging
x('/var/ossec/bin/ossec-control enable client-syslog')
# Adding iptables rules
iptables.add_ossec_chain()
iptables.save()
x("service ossec restart")
# Clean up install
x('yum remove gcc make perl-Time-HiRes -y')
version_obj.mark_executed()