Table of Contents |
---|
Requirements
Root level access to the Linux server.
Basic Linux knowledge.
A 64bit linux server running one of - RedHat 6, Centos 6, Debian 6 or 7, Ubuntu 12.04 or 14.04.
Description
As at version 1.3.1 of Open-AudIT on 16th May, 2014 (for RedHat / Centos installs only at this stage), an installation script is now shipped in the tarball. This script can perform installs, upgrades, backups, restores, uninstalls and check for install dependencies. How to perform all of the above is detailed below. The script will log it's commands to the file /tmp/install.log. If your install fails, this log will provide valuable information as to why.
NOTE - Any commands that have <SOMETHING> in them require that you substitute <SOMETHING> for the appropriate value. For example, if your server's hostname is 'vali', and the command states echo "<YOUR_SERVER><HOSTNAME>" >> somefile.txt you should type echo "vali" >> somefile.txt. The specific value of <HOSTNAME> refers to the hostname of your server.
All commands should be run as root (you can "sudo su" on Ubuntu). All steps below require the tarball to be copied to /tmp, extracted and then the install script (install.pl) run from that directory.
Code Block | ||
---|---|---|
| ||
cd /tmp tar xf OAE-Linux-x68_64-release_1.3.1.tar.gz |
Installation on a new server
To install Open-AudIT on a new server (which does not have an existing Open-AudIT installation) perform the following steps (after copying and extracting the tarball as above):
...
To access the application, go to http://<YOUR_SERVER><HOSTNAME>/omk/oae and you will see a logon screen.
Upgrade on an existing server
To upgrade an existing installation of Open-AudIT perform the following steps (after copying and extracting the tarball as above):
...
Your database will NOT be upgraded. You will need to log on to Open-AudIT - when you do you will be prompted to upgrade it. Go to http://<YOUR_SERVER><HOSTNAME>/open-audit/index.php/main/list_groups/0
Backup an existing installation
To backup an existing installation without installing or upgrading, perform the following steps (after copying and extracting the tarball as above):
...
The script will confirm you wish to take a backup of your existing files and data. If you answer 'y', a tarball will be created in /tmp named open-audit_backup-YYYY-MM-DD-HHMM.tar.gz Where YYYY is the year, MM is the month, DD is the day, HH is the hour and MM is the minute. Included in this backup will be the install script itself so a restore is as simple as an install or upgrade. See below for further details.
Restore a backup
To restore a backup taken previously by the script, perform the following steps (after copying the backup file to /tmp):
...
You will be prompted for your MySQL root user credentials. Any existing Open-AudIT files and database will be removed from the server (if they exist). The backed-up files will be restored to the server, the daemon installed and configured, the database restored and the daemon started.
Uninstalling
To uninstall Open-AudIT and delete all data perform the following steps (after copying and extracting the tarball as above):
...
The script will offer to provide a backup of the existing files and data (as per above) and then confirm that you do wish to uninstall Open-AudIT. If you answer 'y', the files will be deleted, the daemon removed and the database and database user dropped.
Checking Dependencies
To check the dependencies are installed without actually installing perform the following steps (after copying and extracting the tarball as above):
...
The script will run, check the dependencies are installed and inform you if they are or provide information on which packages are not and offer the commands for you to install them.
Installing Dependencies
The check dependencies option above should inform you which packages are missing from your system. To install these packages perform the followingfollow the instructions below as appropriate for your operating system.
Installing Dependencies for RedHat 6 / Centos 6 servers
The complete list of packages required by a RedHat/Centos install are - mysql, mysql-server, httpd, php, php-cli, php-mysql, php-ldap, php-mbstring, php-mcrypt, php-process, php-snmp, php-xml, nmap, zip, curl, wget, sshpass, screen, samba-client, winexe.
Ensure your package manager is up to date
...
Code Block | ||
---|---|---|
| ||
yum install winexe |
SELinux is know known to cause some issues. Disable it by
...
Code Block | ||
---|---|---|
| ||
sed -i 's/\*filter$/*filter\n-A INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT/' /etc/sysconfig/iptables sed -i 's/\*filter$/*filter\n-A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT/' /etc/sysconfig/iptables /etc/init.d/iptables restart |
Configure PHP (substituting $TIMEZONE from as below).
You will need to ensure your PHP timezone is set correctly. You can check which time zones PHP supports at http://www.php.net/manual/en/timezones.php You can find out your server's timezone by
Code Block | ||
---|---|---|
| ||
cat /etc/sysconfig/clock | grep ZONE | cut -d"\"" -f2 |
Set Configure PHP (substituting <TIMEZONE> from above). Set your PHP defaults
Code Block | ||
---|---|---|
| ||
sed -i -e 's/memory_limit/;memory_limit/g' /etc/php.ini echo "memory_limit = 512M" >> /etc/php.ini sed -i -e 's/max_execution_time/;max_execution_time/g' /etc/php.ini echo "max_execution_time = 300" >> /etc/php.ini sed -i -e 's/max_input_time/;max_input_time/g' /etc/php.ini echo "max_input_time = 600" >> /etc/php.ini sed -i -e 's/error_reporting/;error_reporting/g' /etc/php.ini echo "error_reporting = E_ALL" >> /etc/php.ini sed -i -e 's/display_errors/;display_errors/g' /etc/php.ini echo "display_errors = On" >> /etc/php.ini sed -i -e 's/upload_max_filesize/;upload_max_filesize/g' /etc/php.ini echo "upload_max_filesize = 10M" >> /etc/php.ini # Get a valid dat/time string from http://www.php.net/manual/en/timezones.php sed -i -e 's/date.timezone/;date.timezone/g' /etc/php.ini echo "date.timezone = <TIMEZONE_FROM_ABOVE><TIMEZONE>" >> /etc/php.ini |
If you have had to install MySQL and Apache, configure and start the daemons
Code Block | ||
---|---|---|
| ||
chkconfig --levels 235 mysqld on service mysqld start echo "ServerName <YOUR_SERVER><HOSTNAME>" >> /etc/httpd/conf/httpd.conf chkconfig --levels 235 httpd on chsh -s /bin/bash apache service httpd start |
Lastly, set the SUID for the nmap binary (so we can use the apache front end to run scripts which call nmap).
NOTE - This command will likely need to be re-run if Nmap is upgraded.
Code Block | ||
---|---|---|
| ||
chmod u+s /usr/bin/nmap |
Installing Dependencies for Debian / Ubuntu servers
The complete list of packages required by a Debian/Ubuntu install are - mysql-server, apache2, libapache2-mod-proxy-html, libapache2-mod-php5, openssh-server, php5, php5-ldap, php5-mcrypt, php5-mysql, php5-snmp, nmap, snmp, zip, wget, curl, sshpass, screen, smbclient, winexe.
Ensure your package manager is up to date
Code Block | ||
---|---|---|
| ||
apt-get update |
Install the missing dependencies by copying and pasting the output from the script "apt-get install package1 package2 etc etc".
If you have not already, download the appropriate 'winexe' package from the repository at http://download.opensuse.org/repositories/home:/ahajda:/winexe/
Install it
Code Block | ||
---|---|---|
| ||
dpkg -i install winexe |
You will need to ensure your PHP timezone is set correctly. You can check which time zones PHP supports at http://www.php.net/manual/en/timezones.php You can find out your server's timezone by
Code Block | ||
---|---|---|
| ||
cat /etc/timezone |
Configure PHP (substituting <TIMEZONE> from above). Set your PHP defaults
Code Block | ||
---|---|---|
| ||
sed -i -e 's/memory_limit/;memory_limit/g' /etc/php5/apache2/php.ini
echo "memory_limit = 512M" >> /etc/php5/apache2/php.ini
sed -i -e 's/max_execution_time/;max_execution_time/g' /etc/php5/apache2/php.ini
echo "max_execution_time = 300" >> /etc/php5/apache2/php.ini
sed -i -e 's/max_input_time/;max_input_time/g' /etc/php5/apache2/php.ini
echo "max_input_time = 600" >> /etc/php5/apache2/php.ini
sed -i -e 's/error_reporting/;error_reporting/g' /etc/php5/apache2/php.ini
echo "error_reporting = E_ALL" >> /etc/php5/apache2/php.ini
sed -i -e 's/display_errors/;display_errors/g' /etc/php5/apache2/php.ini
echo "display_errors = On" >> /etc/php5/apache2/php.ini
sed -i -e 's/upload_max_filesize/;upload_max_filesize/g' /etc/php5/apache2/php.ini
echo "upload_max_filesize = 10M" >> /etc/php5/apache2/php.ini
sed -i -e 's/date.timezone/;date.timezone/g' /etc/php5/apache2/php.ini
echo "date.timezone = <TIMEZONE>" >> /etc/php5/apache2/php.ini |
You may need to manually enable mcrypt in PHP.
Code Block | ||
---|---|---|
| ||
php5enmod mcrypt |
Set the server name for Apache, enable mod-proxy and restart
Code Block | ||
---|---|---|
| ||
echo "ServerName <HOSTNAME>" >> /etc/apache2/apache2.conf
a2enmod proxy_http
service apache2 restart |
Lastly, set the SUID for the nmap binary (so we can use the apache front end to run scripts which call nmap).
Code Block | ||
---|---|---|
| ||
dpkg-statoverride --update --add root root 4755 /usr/bin/nmap |