Versions Compared

Old Version 12

changes.mady.by.user Mark Unwin

Saved on

compared with

New Version 13

changes.mady.by.user Mark Unwin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Requirements

Root level access to the Linux server.

Basic Linux knowledge.

A 64bit linux server.

Description

As at version 1.3.1 of Open-AudIT (for RedHat / Centos installs only at this stage), an installation script is now shipped in the tarball. This script can perform installs, upgrades, backups, restores, uninstalls and check for install dependencies. How to perform all of the above is detailed below. The script will log it's commands to the file /tmp/install.log. If your install fails, this log will provide valuable information as to why.

NOTE - Any commands that have <SOMETHING> in them require that you substitute <SOMETHING> for the appropriate value. For example, if your server's hostname is 'vali', and the command states echo "<YOUR_SERVER><HOSTNAME>" >> somefile.txt you should type echo "vali" >> somefile.txt. The specific value of <HOSTNAME> refers to the hostname of your server.

All commands should be run as root (you can "sudo su" on Ubuntu). All steps below require the tarball to be copied to /tmp, extracted and then the install script (install.pl) run from that directory.

...

To access the application, go to http://<YOUR_SERVER><HOSTNAME>/omk/oae and you will see a logon screen.

...

Your database will NOT be upgraded. You will need to log on to Open-AudIT - when you do you will be prompted to upgrade it. Go to http://<YOUR_SERVER><HOSTNAME>/open-audit/index.php/main/list_groups/0

...

Installing Dependencies for RedHat 6 / Centos 6 servers

The complete list of packages required by a RedHat/Centos install are - mysql, mysql-server, httpd, php, php-cli, php-mysql, php-ldap, php-mbstring, php-mcrypt, php-snmp, php-xml, nmap, zip, curl, wget, sshpass, screen, samba-client, winexe.

Ensure your package manager is up to date

...

Code Block
languagebash
chkconfig --levels 235 mysqld on
service mysqld start
echo "ServerName <YOUR_SERVER><HOSTNAME>" >> /etc/httpd/conf/httpd.conf
chkconfig --levels 235 httpd on
chsh -s /bin/bash apache
service httpd start

...

Code Block
languagebash
chmod u+s /usr/bin/nmap

Installing Dependencies for Debian / Ubuntu servers

The complete list of packages required by a Debian/Ubuntu install are - mysql-server, apache2, libapache2-mod-proxy-html, libapache2-mod-php5, openssh-server, php5, php5-ldap, php5-mcrypt, php5-mysql, php5-snmp, nmap, snmp, zip, wget, curl, sshpass, screen, samba-client, winexe.

Ensure your package manager is up to date

Code Block
languagebash
apt-get update && apt-get upgrade

Install the missing dependencies by copying and pasting the output from the script "apt-get install package1 package2 etc etc".

If you have not already, download the appropriate 'winexe' package from the repository at http://download.opensuse.org/repositories/home:/ahajda:/winexe/

Install it

Code Block
languagebash
dpkg -i install winexe

You will need to ensure your PHP timezone is set correctly. You can check which time zones PHP supports at http://www.php.net/manual/en/timezones.php You can find out your server's timezone by

Code Block
languagebash
cat /etc/sysconfig/clock | grep ZONE | cut -d"\"" -f2

Configure PHP (substituting <TIMEZONE> from above). Set your PHP defaults 

Code Block
languagebash
sed -i -e 's/memory_limit/;memory_limit/g' /etc/php5/apache2/php.ini
echo "memory_limit = 512M" >> /etc/php5/apache2/php.ini
sed -i -e 's/max_execution_time/;max_execution_time/g' /etc/php5/apache2/php.ini
echo "max_execution_time = 300" >> /etc/php5/apache2/php.ini
sed -i -e 's/max_input_time/;max_input_time/g' /etc/php5/apache2/php.ini
echo "max_input_time = 600" >> /etc/php5/apache2/php.ini
sed -i -e 's/error_reporting/;error_reporting/g' /etc/php5/apache2/php.ini
echo "error_reporting = E_ALL" >> /etc/php5/apache2/php.ini
sed -i -e 's/display_errors/;display_errors/g' /etc/php5/apache2/php.ini
echo "display_errors = On" >> /etc/php5/apache2/php.ini
sed -i -e 's/upload_max_filesize/;upload_max_filesize/g' /etc/php5/apache2/php.ini
echo "upload_max_filesize = 10M" >> /etc/php5/apache2/php.ini
sed -i -e 's/date.timezone/;date.timezone/g' /etc/php5/apache2/php.ini
echo "date.timezone = <TIMEZONE>" >> /etc/php5/apache2/php.ini

Set the server name for Apache, enable mod-proxy and restart

Code Block
languagebash
echo "ServerName <HOSTNAME>" >> /etc/apache2/apache2.conf
a2enmod proxy_http
service apache2 restart

Lastly, set the SUID for the nmap binary (so we can use the apache front end to run scripts which call nmap).

Code Block
languagebash
chmod u+s /usr/bin/nmap