Skip to end of banner
Go to start of banner

Linux - Installing

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 19 Next »

Requirements

The individual performing this installation has some Linux experience.
Root level server access.
Pre-requisites are installed as per the RedHat/CentOS or Debian/Ubuntu guides.

NOTE - This guide is for a new install of Open-AudIT. If you wish to upgrade an existing installation, see the Linux - Upgrading guide.

You should be able to determine the IP Address of your Open-AudIT server via the following command:

ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1'

This will be required later, so make a note of it now.

Install Steps

All local commands should be run as root.

Copy the Open-AudIT tarball to the server (OAE-Linux-x86_64-1.0.5.tar.gz).

You may need to use SCP or FTP to get the file onto the server.

The file will now likely be in the users home directory.

Change into the /usr/local directory.
cd /usr/local
Untar the file.
tar xvf ~/OAE-Linux-x86_64-1.0.5.tar.gz
Fix the file ownership and permissions.
cd /usr/local
chown -R root:root omk
chmod -R 700 omk
chmod  755 omk/log  
chmod -R 770 open-audit
chmod -R 777 open-audit/code_igniter/application/views/lang/
chmod 770 open-audit/other/audit_*.sh
chmod 660 open-audit/other/open-audit.log
Change permissions

for Debian / Ubuntu

chown -R root:www-data /usr/local/open-audit

 

for RedHat / CentOS

chown -R root:apache /usr/local/open-audit 

Install the Daemon

Copy the daemon startup script.
cp /usr/local/omk/install/omkd.init.d /etc/init.d/omkd
Edit the start up script 

for Debian / Ubuntu

You need to comment out the lines (nano /etc/init.d/omkd)

. /etc/init.d/functions     # RedHat/CentOS only
 
lockfile=/var/lock/subsys/$prog     # RedHat/CentOS only

        killproc $prog           # Redhat/CentOS only

and uncomment (remove the # from the front of the line) the lines below them

# . /lib/lsb/init-functions # Debian/Ubuntu only
 
# lockfile=/var/lock/$prog           # Debian/Ubuntu only
 
        #pkill $prog              # Debian/Ubuntu only 

for RedHat / CentOS - nothing required.

Add the daemon

For Debian / Ubuntu

update-rc.d omkd start 20 2 3 4 5 . stop 20 0 1 6 . 

For RedHat / CentOS

chkconfig --add omkd 
Copy the config files.
cd /usr/local/omk/install
cp users.dat oae_reports.json opCommon.nmis opModules.nmis ../conf
Edit the config files.

Make sure you set both oae_server and oae_link. They will likely be the same address.

Set omkd_require_nmis to 'false' if you do not have NMIS installed on this server.

nano /usr/local/omk/conf/opCommon.nmis

OAE_SERVER variable - Edit the "openauditenterprise" section and insert the ip address of the server (127.0.0.1 or localhost are also fine) in to the oae_server variable (along with http:// and don't forget the trailing /). If you have Open-AudIT installed into a sub directory in your web root, be sure to add that to the end of the oae_server variable above. On the Opmantek virtual appliance (for example) it would be http://<SERVER_IP>/open-audit/

OAE_LINK variable - Edit the "openauditenterprise" section and insert the actual ip address of the server (127.0.0.1 or localhost are NOT fine) in to the oae_link variable (along with http:// and don't forget the trailing /). If you have Open-AudIT installed into a sub directory in your web root, be sure to add that to the end of the oae_link variable above. On the Opmantek virtual appliance (for example) it would be http://<SERVER_IP>/open-audit/ NOTE - If your Open-AudIT Enterprise and Open-AudIT installations are on the same machine, the oae_link variable can be set to only the directory of Open-AudIT. IE - if you have an Open-AudIT install in the root of your web directory, you can set the variable to "/". On the Opmantek virtual appliance it would be set to "/open-audit/".

Optional - change and note the oae_username and oae_password values.

If you have other Opmantek software installed (NMIS, opMaps, etc) you can also edit the module_configs -> module_host variable in opCommon.nmis. Replace http://localhost with the address of the server.

The email section is described in the Open-AudIT Enterprise - Configuration Guide document.

Set the permissions to writeable.
chmod -R 755 /usr/local/omk/conf 
Create the nmis user. 
useradd nmis
Start the daemon.
service omkd start

Test the daemon

You should now be able to point a web browser at http://SERVER:8042/omk/oae

The default credentials for the Dashboard are user: nmis, password: nm1888.

Configure Apache

Copy the apache config file to the correct location and restart apache.

for Debian / Ubuntu:

cp /usr/local/omk/install/04omk-proxy.conf /etc/apache2/conf.d/
 
service apache2 restart  

for RedHat / CentOS:

cp /usr/local/omk/install/04omk-proxy.conf /etc/httpd/conf.d/
 
service httpd restart 

Copy the required files into the webroot

for Debian / Ubuntu

cp -r /usr/local/open-audit/www/* /var/www/
chown -R root:www-data /var/www
chmod -R 755 /var/www 

for RedHat / CentOS

cp -r /usr/local/open-audit/www/* /var/www/html/
chown -R root:apache /var/www/html
chmod -R 755 /var/www/html 

Note - if you are installing into a web root subdirectory, you will need to copy the files into a subdirectory. The below example is from the Opmantek virtual appliance.

cp -Rf /usr/local/open-audit/www/* /var/www/html/open-audit/

Ensure index.php contains the correct locations for finding the OpenAudit files.

Edit /var/www/index.php (for Debian/Ubuntu) or /var/www/html/index.php (for RedHat/CentOS) and check the lines that specify the $system_path and $application_folder. There are two lines for each variable. Ensure the windows paths are commented out by placing a # at the start of the line. The linux paths should correspond to /usr/local/open-audit/code_igniter/ (system or application).

Remove index.html

The index.html file (if it exists) in the webroot is not required.

for Debian / Ubuntu

rm /var/www/index.html 

for RedHat / CentOS

rm /var/www/html/index.html 

Configure MySQL

If you have not already, set the root password for MySQL.

If you have set the password, the following steps will make use of it.

In the below commands, replace PASSWORD (only the PASSWORD containing all capital letters) with a suitable password of your choosing.

mysql -u root -e "USE mysql; UPDATE user set Password = password('PASSWORD') WHERE User = 'root'; FLUSH PRIVILEGES;"

Create the Open-AudIT database and the database user used by the application.

mysql -u root -pPASSWORD -e "CREATE DATABASE openaudit;"

mysql -u root -pPASSWORD -e "CREATE USER openaudit@localhost IDENTIFIED BY 'openauditpassword';"

mysql -u root -pPASSWORD -e "GRANT ALL PRIVILEGES ON openaudit.* TO openaudit@localhost IDENTIFIED BY 'openauditpassword';"

mysql -u root -pPASSWORD -e "FLUSH PRIVILEGES;"

Insert the database schema

mysql -u root -pPASSWORD openaudit < /usr/local/open-audit/other/openaudit_mysql.sql

Set some configuration items. NOTE - replace IPADDRESS with your actual IP Address as obtained at the start of this document. Setting these details will activate the icon links in the header of Open-AudIT. These fields can also contain relative URL's, thus /omk/oae/map for a link to Maps for Open-AudIT on the same server. Links containing a port number must contain a full URL at this stage.

mysql -u root -popenauditrootuserpassword -e "USE openaudit; DELETE FROM oa_config WHERE config_name = 'maps_url'; INSERT INTO oa_config (config_name, config_value, config_editable, config_description) VALUES ('maps_url', 'http://IPADDRESS/omk/oae/map', 'y', 'The web server address of Maps for Open-AudIT Enterprise.');"

mysql -u root -popenauditrootuserpassword -e "USE openaudit; DELETE FROM oa_config WHERE config_name = 'oae_url'; INSERT INTO oa_config (config_name, config_value, config_editable, config_description) VALUES ('oae_url', 'http://IPADDRESS/omk/oae', 'y', 'The web server address of Open-AudIT Enterprise.');"

Test the Website

You should now be able to access the web page at http://IPADDRESS/index.php Assuming you can, proceed to the next section.

Enter Your License

Go to the URL http://<server>/omk/oae/
Enter the default credentials of nmis and nm1888.
Click the "View and enter licenses" button.
Click "Enter a license key".
Paste your license key text into the text box and click "Add License".
You should see a message at the top of the screen saying "Success: You have added a license for Open-AudIT Enterprise."
Close the browser tab.
Click the "License Entered, Continue" button.
Accept the End User License Agreement.
You should now see the Open-AudIT Enterprise dashboard.

Log in to Open-AudIT Enterprise

Go to the URL http://IPADDRESS/omk/oae

Log in to Open-AudIT

Go to the URL http://IPADDRESS/index.php/login/index/main/list_groups

If you don't have a valid license, you should be able to log in to Open-AudIT at http://IPADDRESS/index.php

Modify your Audit Scripts

If you have installed Open-AudIT into a sub directory on your webserver, you must alter the audit scripts to submit to the correct URL, which means the URL needs to include this sub directory.. The files that need to be modified are all in /usr/local/open-audit/other and are named

  • audit_subnet.sh
  • audit_linux.sh
  • audit_osx.sh
  • audit_subnet.vbs
  • audit_windows.vbs

You should reset the variable "url" (sans quotes) to include this subdirectory.

For example, on the Opmantek VM you need to change the URL in the audit_subnet.sh script from

url="http://localhost/index.php/system/add_nmap"

to

url="http://localhost/open-audit/index.php/system/add_nmap"
  • No labels