Versions Compared

Old Version 26

changes.mady.by.user Mark Unwin

Saved on

compared with

New Version Current

changes.mady.by.user Mark Unwin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Prerequisites

...

NOTE - Open-AudIT 1.2 has some additional prerequisites. Please ensure you install screen, ssh-pass and samba-client via your package manager. Please also install winexe via the Suse Build Service. Details are on the prerequisites pages for RedHat/CentOS and Debian/Ubuntu.

Backup Your Existing Install

...

Code Block
languagebash
chown -R root:root omk

chmod -R 775 omk

chmod -R 770 /usr/local/open-audit

chmod -R 777 /usr/local/open-audit/code_igniter/application/views/lang
 
chmod -R 777 /usr/local/open-audit/code_igniter/application/uploads

chmod 770 /usr/local/open-audit/other/audit_linux.sh

chmod 770 /usr/local/open-audit/other/audit_subnet.sh

chmod 660 /usr/local/open-audit/other/open-audit.log
 
chmod 770 /usr/local/open-audit/other/discover_subnet.sh

...

Code Block
languagebash
cd omk

 

Install the omkd Daemon (if not installed)

 

Copy the daemon startup script.

 

Code Block
languagebash
cp /usr/local/omk/install/omkd.init.d /etc/init.d/omkd

 

Adjust the startup script for your flavor of Linux distribution

 

Section
Column
width40%

for Debian / Ubuntu

You need to comment out the lines (nano /etc/init.d/omkd)

Code Block
languagebash
. /etc/init.d/functions             # RedHat/CentOS only
 
lockfile=/var/lock/subsys/$prog     # RedHat/CentOS only

killproc $prog         killproc $prog                       # Redhat/CentOS only

and uncomment (remove the # from the front of the line) the lines below them

Code Block
languagebash
# . /lib/lsb/init-functions          # Debian/Ubuntu only
 
# lockfile=/var/lock/$prog           # Debian/Ubuntu only
 
# pkill $prog         #pkill  $prog                   ## Debian/Ubuntu only 
Column
width40%

for RedHat / CentOS - nothing required.

 

Add the daemon to the startup sequence

 

Section
Column
width40%

For Debian / Ubuntu

Code Block
languagebash
update-rc.d omkd start 20 2 3 4 5 . stop 20 0 1 6 . 
Column
width40%

For RedHat / CentOS

Code Block
languagebash
chkconfig --add omkd 

 

 Copy the config files.
Code Block
languagebash
cp install/users.dat conf/

cp install/oae_reports.json conf/

cp install/opCommon.nmis conf/
Edit the config files.
Code Block
languagebash
nano conf/opCommon.nmis

...

Code Block
languagebash
useradd nmis

 

 

Anchor
proxy
proxy
Integrate the omkd daemon with Apache

To make the Opmantek applications accessible via the web the omkd needs to be integrated with your Apache webserver, so that the Apache serving as a front-end knows how to reach the omkd-provided applications.

...

Please note that it is essential that you perform the following step and replace any existing proxy config files from older Open-AudIT Enterprise installations! Release 1.2.1 corrects a security issue with the proxy configuration which could have been abused for denial-of-service attacks if Open-AudIT Enterprise was installed with unrestricted inbound access from the  the Internet.

For Debian / Ubuntu:

Code Block
languagebash
cp /usr/local/omk/install/04omk-proxy.conf /etc/apache2/conf.d/

...

Code Block
languagebash
service omkd start

Edit the Open-AudIT scripts (if using a web root subdirectory)

If you have your web root in a subdirectory (as per the Opmantek virtual appliance), you will need to edit the "url" variable in the various script files. These files can be found in /usr/local/open-audit/other/ The files you will need to edit all begin with audit_ They include audit_linux.sh, audit_subnet.sh, audit_windows.vbs, etc, etc. The URL variable can usually be found at the top of the file.

Delete the old web files

The new web files should live in the subdirectory /open-audit/. We should remove the existing web files.

For Debian / Ubuntu (prior to 14.04)

Code Block
languagebash
rm -rf /var/www/open-audit
 
rm -rf /var/www/device_images

rm -rf /var/www/theme-tango

rm /var/www/index.php

rm /var/www/favicon.png

For RedHat / CentOS / Ubuntu 14.04

Code Block
languagebash
rm -rf /var/www/html/open-audit
 
rm -rf /var/www/html/device_images

rm -rf /var/www/html/theme-tango

rm /var/www/html/index.php

rm /var/www/html/favicon.png

Copy new web files

If your Open-AudIT install is into a subdirectory of your webroot, be sure to add that to the end of the destination of the cp command below.

For Debian / Ubuntu (prior to 14.04)

Code Block
languagebash
cp -Rf /usr/local/open-audit/www/* /var/www/

For RedHat / CentOS / Ubuntu 14.04

Code Block
languagebash
cp -Rf /usr/local/open-audit/www/* /var/www/html/

Fix the file permissions

For Debian / Ubuntu (prior to 14.04)

Code Block
languagebash
chmod -R 775 /var/www/

For RedHat / CentOS / Ubuntu 14.04

Code Block
languagebash
chmod -R 775 /var/www/html

Restore old files (if required)

Copy any attachment files from your old to the new install.

...

If you have any Groups or Report files saved in /usr/local/open-audit_backup/code_igniter/application/controllers/(groups or reports)/ that have been custom written, you may wish to copy them to the new install. If they are already activated in the database, there should be no need.

Log in to Open-AudIT at http://SERVER/open-audit/index.php/main/list_groups and go to Help -> About to verify that the installation status is ok; if a database upgrade is required, that page will display all relevant instructions for performing the database upgrade.

...

Code Block
languagebash
service apacheapache2 reload

for RedHat / CentOS

...

Ensure you copy the new audit scripts to any hosts that use them - these are usually updated.

Enjoy Open-AudIT v1.0.4 AudIT (smile)