Requirements
The individual performing this installation has some Linux experience.
Root level server access.
Pre-requisites are installed as per the RedHat/CentOS or Debian/Ubuntu guides.
NOTE - This guide is for a new install of Open-AudIT. If you wish to upgrade an existing installation, see the upgrade Linux - Upgrading guide.
You should be able to determine the IP Address of your Open-AudIT server via the following command:
...
Fix the file ownership and permissions.
Code Block |
---|
|
cd /usr/local
chown -R root:root omk
chmod -R 700 /usr/local/omk
chmod -R 755 /usr/local/omk/log
chmod -R 770 /usr/local/open-audit
chmod -R 777 /usr/local/open-audit/code_igniter/application/views/lang/
chmod 770 /usr/local/open-audit/other/audit_linux*.sh
chmod 770 /usr/local/open-audit/other/audit_subnet.sh
chmod 660 /usr/local/open-audit/other/open-audit.log |
...
Section |
---|
Column |
---|
| for Debian / Ubuntu You need to comment out the lines (nano /etc/init.d/omkd) Code Block |
---|
| . /etc/init.d/functions # RedHat/CentOS only
lockfile=/var/lock/subsys/$prog # RedHat/CentOS only
killproc $prog # Redhat/CentOS only |
and uncomment (remove the # from the front of the line) the lines below them Code Block |
---|
| # . /lib/lsb/init-functions # Debian/Ubuntu only
# lockfile=/var/lock/$prog # Debian/Ubuntu only
#pkill $prog # Debian/Ubuntu only |
|
Column |
---|
| for RedHat / CentOS - nothing required. |
|
Add the daemon
Section |
---|
Column |
---|
| For Debian / Ubuntu Code Block |
---|
| update-rc.d omkd start 20 2 3 4 5 . stop 20 0 1 6 . |
|
Column |
---|
| For RedHat / CentOS Code Block |
---|
| chkconfig --add omkd |
|
|
Copy the config files.
Code Block |
---|
|
cpcd /usr/local/omk/install/
cp users.dat /usr/local/omk/conf/
cp /usr/local/omk/install/oae_reports.json /usr/local/omk/conf/
cp /usr/local/omk/install/opCommon.nmis /usr/local/omk/conf/
cp /usr/local/omk/install/opModules.nmis /usr/local/omk/conf/oae_reports.json opCommon.nmis opModules.nmis ../conf
|
Edit the config files.
Make sure you set both both oae_server
and oae_link
. They will likely be the same address.
Set Set omkd_require_nmis
to 'false' if you do not have NMIS installed on this server.
Code Block |
---|
|
nano /usr/local/omk/conf/opCommon.nmis |
...
Code Block |
---|
|
service omkd start |
Test the daemon
You should now be able to point a web browser at http://SERVER:8042/omk/oae
...
Section |
---|
Column |
---|
| for Debian / Ubuntu: Code Block |
---|
| cp /usr/local/omk/install/04omk-proxy.conf /etc/apache2/conf.d/
service apache2 restart |
|
Column |
---|
| for RedHat / CentOS: Code Block |
---|
| cp /usr/local/omk/install/04omk-proxy.conf /etc/httpd/conf.d/
service httpd restart |
|
|
Copy the required files into the webroot
Section |
---|
Column |
---|
| for Debian / Ubuntu Code Block |
---|
| cp -r /usr/local/open-audit/www/* /var/www/
chown -R root:www-data /var/www
chmod -R 755 /var/www |
|
Column |
---|
| for RedHat / CentOS Code Block |
---|
| cp -r /usr/local/open-audit/www/* /var/www/html/
chown -R root:apache /var/www/html
chmod -R 755 /var/www/html |
|
|
Note - if you are installing into a web root subdirectory, you will need to copy the files into a subdirectory. The below example is from the Opmantek virtual appliance.
Code Block |
---|
|
\cp -Rf /usr/local/open-audit/www/* /var/www/html/open-audit/ |
Ensure index.php is pointed at contains the correct locationlocations for finding the OpenAudit files.
Edit /var/www/index.php (for Debian/Ubuntu) or /var/www/html/index.php (for RedHat/CentOS) and check the lines that specify the $system_path and $application_folder. There are two lines for each variable. Ensure the windows paths are commented out by placing a # at the start of the line. The linux paths should correspond to /usr/local/open-audit/code_igniter/ (system or application).
...
If you have installed Open-AudIT into a sub directory on your webserver, you must alter the audit scripts to submit to the correct URL, which means the URL needs to include this sub directory as well.. The files that need to be modified are all in in /usr/local/open-audit/other
and are named named
- audit_subnet.sh
- audit_linux.sh
- audit_osx.sh
- audit_subnet.vbs
- audit_windows.vbs
You should reset the variable "url" (sans quotes) to include this subdirectory.
For example, on the Opmantek VM reset you need to change the URL in the audit_subnet.sh script from
Code Block |
---|
url="http://localhost/index.php/system/add_nmap" |
to
Code Block |
---|
url="http://localhost/open-audit/index.php/system/add_nmap" |