Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Prerequisites

The individual performing this installation has some Linux experience.
Root level server access.
Pre-requisites are installed as per the RedHat/CentOS or Debian/Ubuntu guides.

NOTE - This guide is for a new install of Open-AudIT. If you wish to upgrade an existing installation, see the upgrade guide.

You should be able to determine the IP Address of your Open-AudIT server via the following command:

Code Block
languagebash
ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1'

This will be required later, so make a note of it now.

Installation Steps

All local commands should be run as root.

Copy the Open-AudIT tarball to the server (OAE-Linux-x86_64-1.0.4.tar.gz).

You may need to use SCP or FTP to get the file onto the server.

The file will now likely be in the users home directory.

Change into the /usr/local directory.

Code Block
languagebash
cd /usr/local

Untar the file.

Code Block
languagebash
tar xvf ~/OAE-Linux-x86_64-1.0.4.tar.gz

Fix the file ownership and permissions.

Code Block
languagebash
chown -R root:root omk
 
chmod -R 700 /usr/local/omk

chmod -R 755 /usr/local/omk/log  
 
chmod -R 770 /usr/local/open-audit
 
chmod -R 777 /usr/local/open-audit/code_igniter/application/views/lang/

chmod 770 /usr/local/open-audit/other/audit_linux.sh
 
chmod 770 /usr/local/open-audit/other/audit_subnet.sh
 
chmod 660 /usr/local/open-audit/other/open-audit.log  

Change permissions for Debian / Ubuntu

Code Block
languagebash
chown -R root:www-data /usr/local/open-audit

 Change permissions for RedHat / CentOS

Code Block
languagebash
chown -R root:apache /usr/local/open-audit

For Debian / Ubuntu, create the lock directory

Code Block
languagebash
mkdir /var/lock/subsys

Change into the /usr/local/omk directory.

Code Block
languagebash
cd /usr/local/omk/

Copy the daemon startup script.

Code Block
languagebash
cp install/omkd.init.d /etc/init.d/omkd

For Debian / Ubuntu, you will need to edit the start up script (nano /etc/init.d/omkd).

You need to replace the line

. /etc/init.d/functions

with 

. /lib/lsb/init-functions

For Debian / Ubuntu, create a symlink

Code Block
languagebash
ln -s /usr/lib/insserv/insserv /sbin/insserv

Add the daemon

Code Block
languagebash
chkconfig mysqld on
chkconfig omkd on
chkconfig httpd on

Copy the config files.

Code Block
languagebash
cp install/users.dat conf/
 
cp install/oae_reports.json conf/
 
cp install/opCommon.nmis conf/

Edit the config files.

Code Block
languagebash
nano conf/opCommon.nmis

Edit the "openauditenterprise" section and insert the actual ip address of the server (not 127.0.0.1 or localhost) in to the oae_server variable (along with http:// and don't forget the trailing /). If you have Open-AudIT installed into a sub directory in your web root, be sure to add that to the end of the oae_server variable above. On the Opmantek virtual appliance (for example) it would be http://<SERVER_IP>/open-audit/

Optional - change and note the oae_username and oae_password values.

If you have other Opmantek software installed (NMIS, opMaps, etc) you can also edit the module_configs -> module_host variable in opCommon.nmis. Replace http://localhost with the address of the server.

The email section is described in the Open-AudIT Enterprise - Configuration Guide document.

And set the permissions to writeable.

Code Block
languagebash
chmod -R 755 /usr/local/omk/conf 

Create the nmis user. 

Code Block
languagebash
useradd nmis

Start the daemon.

Code Block
languagebash
service omkd start

Test the Daemon

You should now be able to point a web browser at http://SERVER:8042/omk/oae

The default credentials for the Dashboard are user: nmis, password: nm1888.

Configure Apache

Copy the apache config file to the correct location and restart apache.

For Debian / Ubuntu:

Code Block
languagebash
cp /usr/local/omk/install/04omk-proxy.conf /etc/apache2/conf.d/
 
service apache2 restart 

For RedHat / CentOS:

Code Block
languagebash
cp /usr/local/omk/install/04omk-proxy.conf /etc/httpd/conf.d/
 
service httpd restart

Copy the required files into the webroot

For Debian / Ubuntu

Code Block
languagebash
cp -r /usr/local/open-audit/www/* /var/www/

chown -R root:www-data /var/www

chmod -R 755 /var/www

For RedHat / CentOS

Code Block
languagebash
cp -r /usr/local/open-audit/www/* /var/www/html/

chown -R root:apache /var/www/html

chmod -R 755 /var/www/html

Note - if you are installing into a web root subdirectory, you will need to copy the files into a subdirectory. The below example is from the Opmantek virtual appliance.

Code Block
languagebash
\cp -Rf /usr/local/open-audit/www/* /var/www/html/open-audit/

Ensure index.php is pointed at the correct location.

Edit /var/www/index.php (for Debian/Ubuntu) or /var/www/html/index.php (for RedHat/CentOS) and check the lines that specify the $system_path and $application_folder. There are two lines for each variable. Ensure the windows paths are commented out by placing a # at the start of the line. The linux paths should correspond to /usr/local/open-audit/code_igniter/ (system or application).

Fix the file permissions

For Debian / Ubuntu

Code Block
languagebash
chmod -R 775 /var/www/

For RedHat / CentOS

Code Block
languagebash
chmod -R 775 /var/www/html

Remove the unrequired index.html file (if it exists) from the webroot.

For Debian / Ubuntu

Code Block
languagebash
rm /var/www/index.html

For RedHat / CentOS

Code Block
languagebash
rm /var/www/html/index.html

Configure MySQL

If you have not already, set the root password for MySQL.

If you have set the password, the following steps will make use of it.

In the below commands, replace PASSWORD (only the PASSWORD containing all capital letters) with a suitable password of your choosing.

Code Block
languagebash
mysql -u root -e "USE mysql; UPDATE user set Password = password('PASSWORD') WHERE User = 'root'; FLUSH PRIVILEGES;"

Create the Open-AudIT database and the database user used by the application.

Code Block
languagebash
mysql -u root -pPASSWORD -e "CREATE DATABASE openaudit;"

mysql -u root -pPASSWORD -e "CREATE USER openaudit@localhost IDENTIFIED BY 'openauditpassword';"

mysql -u root -pPASSWORD -e "GRANT ALL PRIVILEGES ON openaudit.* TO openaudit@localhost IDENTIFIED BY 'openauditpassword';"

mysql -u root -pPASSWORD -e "FLUSH PRIVILEGES;"

Insert the database schema

mysql -u root -pPASSWORD openaudit < /usr/local/open-audit/other/openaudit_mysql.sql

Set some configuration items. NOTE - replace IPADDRESS with your actual IP Address as obtained at the start of this document. Setting these details will activate the icon links in the header of Open-AudIT. These fields can also contain relative URL's, thus /omk/oae/map for a link to Maps for Open-AudIT on the same server. Links containing a port number must contain a full URL at this stage.

Code Block
languagebash
mysql -u root -popenauditrootuserpassword -e "USE openaudit; DELETE FROM oa_config WHERE config_name = 'maps_url'; INSERT INTO oa_config (config_name, config_value, config_editable, config_description) VALUES ('maps_url', 'http://IPADDRESS/omk/oae/map', 'y', 'The web server address of Maps for Open-AudIT Enterprise.');"

mysql -u root -popenauditrootuserpassword -e "USE openaudit; DELETE FROM oa_config WHERE config_name = 'oae_url'; INSERT INTO oa_config (config_name, config_value, config_editable, config_description) VALUES ('oae_url', 'http://IPADDRESS/omk/oae', 'y', 'The web server address of Open-AudIT Enterprise.');"

PHP Installation

Code Block
languagebash
 yum -y install nano openssh-server php php-cli php-mysql php-ldap php-mbstring php-mcrypt php-snmp php-xml nmap snmp zip  

Test the website

You should now be able to access the web page at http://IPADDRESS/index.php Assuming you can, proceed to the next section.

Enter Your License

Go to the URL http://<server>/omk/oae/
Enter the default credentials of nmis and nm1888.
Click the "View and enter licenses" button.
Click "Enter a license key".
Paste your license key text into the text box and click "Add License".
You should see a message at the top of the screen saying "Success: You have added a license for Open-AudIT Enterprise."
Close the browser tab.
Click the "License Entered, Continue" button.
Accept the End User License Agreement.
You should now see the Open-AudIT Enterprise dashboard.

Log in to Open-AudIT Enterprise

Go to the URL http://IPADDRESS/omk/oae

Log in to Open-AudIT

Go to the URL http://IPADDRESS/index.php/login/index/main/list_groups

If you don't have a valid license, you should be able to log in to Open-AudIT at http://IPADDRESS/index.phpThis page is no longer used.

Please see:

Linux - Installing (old pre v1.3.1)

Linux - Upgrading (old pre v1.3.1)

Windows - Installing

Windows - Upgrading