Linux - Installing or Upgrading
Open-AudIT Enterprise is distributed as a self-extracting installer file; to install or upgrade you just need to download that file from the website and then run it in your shell.
BEFORE YOU DO - Read this article as there are things to know before you do it.
Requirements
Root level access to the Linux server.
Basic Linux knowledge.
A 64bit linux server running one of - RedHat 6, Centos 6, Debian 6 or 7, Ubuntu 12.04 or 14.04.
Perl installed on the server.
Description
As at version 1.4, the linux installer script has changed.
NOTE - Debian based distributions will receive an error about a missing perl package. This is safe to ignore and will be addressed in a future version.
Dependencies are checked and if not present, can be installed by the installer script.
CentOS / RedHat considerations
If you have a minimal install of Centos or RedHat, you will likely need to install the perl-core package to be able to run the installer.
yum install perl-core
SELinux
If SELinux is installed and running, you will need to disable it.
To stop SELinux run the command
setenforce 0
To ensure it does not start after a reboot, edit the file /etc/sysconfig/config and change the line
SELINUX=enforcing
to
SELINUX=permissive
ipTables (for RedHat 6 / Centos 6)
ipTables is installed, active and blocks all ports except port 22 by default. You can disable ipTables completely or allow only port 80.
To disable ipTables completely, run the following commands:
service iptables stop
then stop it from starting with
chkconfig iptables off
To allow only port 80, run the following commands:
iptables -I INPUT 5 -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
and then save it
service iptables save
Firewall (for Redhat 7 / Centos 7)
You can disable firewalld completely or allow only port 80.
To disable firewalld completely, run the following commands:
service firewalld stop
then stop it from starting with
chkconfig firewalld off
Installing / Upgrading
All commands should be run as root (you can "sudo su" on Ubuntu).
When an upgrade is performed, Your database will NOT be upgraded. You will need to log on to Open-AudIT - when you do you will be prompted to upgrade it.
NOTE - Any commands that have <SOMETHING> in them require that you substitute <SOMETHING> for the appropriate value. For example, if your server's hostname is 'vali', and the command states echo "<HOSTNAME>" >> somefile.txt you should type echo "vali" >> somefile.txt. The specific value of <HOSTNAME> refers to the hostname of your server.
<HOSTNAME> can be obtained by running the command 'hostname'.
As of February 2016, Open-AudIT Enterprise is distributed as a self-extracting installer file; to install or upgrade you just need to download that file from the website and then run it in your shell.
Apache Proxy Config on RedHat
If the installer cannot find your Apache config directory (usually only on Ubuntu), you will need to manually copy the Apache proxy config file.
On RedHat, your apache configuration directory will likely be in /etc/httpd/conf.d
cp /usr/local/omk/install/04omk-proxy.conf /etc/httpd.conf.d/
Set the server name for Apache and restart.
echo "ServerName <HOSTNAME>" >> /etc/httpd/conf/httpd.conf chsh -s /bin/bash apache service httpd start
Apache Proxy Config on Debian
If the installer cannot find your Apache config directory (usually only on Ubuntu), you will need to manually copy the Apache proxy config file.
On RedHat, your apache configuration directory will likely be in /etc/apache2/conf.d
cp /usr/local/omk/install/04omk-proxy.conf /etc/httpd.conf.d/
Set the server name for Apache and restart.
echo "ServerName <HOSTNAME>" >> /etc/apache2/apache2.conf service apache2 restart
Apache Proxy Config on Ubuntu
If the installer cannot find your Apache config directory (usually only on Ubuntu), you will need to manually copy the Apache proxy config file.
On Ubuntu, your apache configuration directory will likely be in /etc/apache2/conf-available. You will also need a symlink to conf-enabled.
cp /usr/local/omk/install/04omk-proxy.conf /etc/apache2/conf-available ln -s /etc/apache2/conf-available/04omk-proxy.conf /etc/apache2/conf-enabled/04omk-proxy.conf
Set the server name for Apache, enable mod-proxy and restart.
echo "ServerName <HOSTNAME>" >> /etc/apache2/apache2.conf a2enmod proxy_http service apache2 restart
Configure PHP on RedHat
You will need to ensure your PHP timezone is set correctly. You can check which time zones PHP supports at http://www.php.net/manual/en/timezones.php You can find out your server's timezone by running the command:
cat /etc/sysconfig/clock | grep ZONE | cut -d"\"" -f2
Configure PHP (substituting <TIMEZONE> from above). Set your PHP defaults:
sed -i -e 's/memory_limit/;memory_limit/g' /etc/php.ini echo "memory_limit = 512M" >> /etc/php.ini sed -i -e 's/max_execution_time/;max_execution_time/g' /etc/php.ini echo "max_execution_time = 300" >> /etc/php.ini sed -i -e 's/max_input_time/;max_input_time/g' /etc/php.ini echo "max_input_time = 600" >> /etc/php.ini sed -i -e 's/error_reporting/;error_reporting/g' /etc/php.ini echo "error_reporting = E_ALL" >> /etc/php.ini sed -i -e 's/display_errors/;display_errors/g' /etc/php.ini echo "display_errors = On" >> /etc/php.ini sed -i -e 's/upload_max_filesize/;upload_max_filesize/g' /etc/php.ini echo "upload_max_filesize = 10M" >> /etc/php.ini sed -i -e 's/date.timezone/;date.timezone/g' /etc/php.ini echo "date.timezone = <TIMEZONE>" >> /etc/php.ini
Configure PHP on Debian / Ubuntu
You will need to ensure your PHP timezone is set correctly. You can check which time zones PHP supports at http://www.php.net/manual/en/timezones.php You can find out your server's timezone by
cat /etc/timezone
Configure PHP (substituting <TIMEZONE> from above). Set your PHP defaults
sed -i -e 's/memory_limit/;memory_limit/g' /etc/php5/apache2/php.ini echo "memory_limit = 512M" >> /etc/php5/apache2/php.ini sed -i -e 's/max_execution_time/;max_execution_time/g' /etc/php5/apache2/php.ini echo "max_execution_time = 300" >> /etc/php5/apache2/php.ini sed -i -e 's/max_input_time/;max_input_time/g' /etc/php5/apache2/php.ini echo "max_input_time = 600" >> /etc/php5/apache2/php.ini sed -i -e 's/error_reporting/;error_reporting/g' /etc/php5/apache2/php.ini echo "error_reporting = E_ALL" >> /etc/php5/apache2/php.ini sed -i -e 's/display_errors/;display_errors/g' /etc/php5/apache2/php.ini echo "display_errors = On" >> /etc/php5/apache2/php.ini sed -i -e 's/upload_max_filesize/;upload_max_filesize/g' /etc/php5/apache2/php.ini echo "upload_max_filesize = 10M" >> /etc/php5/apache2/php.ini sed -i -e 's/date.timezone/;date.timezone/g' /etc/php5/apache2/php.ini echo "date.timezone = <TIMEZONE>" >> /etc/php5/apache2/php.ini
You may need to manually enable mcrypt in PHP.
php5enmod mcrypt
Example
An example of an upgrade on Ubuntu 14.04 from v1.3.2 to v1.4 is below.
root@ubuntu1404:/tmp/Open-AudIT-1.4.0# ./installer ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Open-AudIT (1.4.0) Installation script ++++++++++++++++++++++++++++++++++++++++++++++++++++++ This installer will install Open-AudIT into /usr/local/omk. To select a different installation location please rerun the installer with the -t option. Ok to proceed with installation? Type 'y' or hit <Enter> to accept, any other key for 'no': y ++++++++++++++++++++++++++++++++++++++++++++++++++++++ performing pre-installation steps ++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Opmantek daemon init scripts detected ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Ok to shut down running Opmantek daemons for the duration of the installation? Type 'y' or hit <Enter> to accept, any other key for 'no': y Looking for old installations... ++++++++++++++++++++++++++++++++++++++++++++++++++++++ An old legacy installation was detected. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ The installer has found a pre-existing installation of one or more Opmantek products in /usr/local/omk. The installation can proceed but may cause disruptions to installed legacy products other than Open-AudIT. If you agree to continue, the installer will take a backup snapshot of your complete previous installation and then prepare the installation environment for Open-AudIT. Do you want to continue the installation? Type 'y' or hit <Enter> to accept, any other key for 'no': y Creating legacy snapshot, please wait... Snapshot created, file name: /root/omk-legacy-2014-08-20.tgz The installer has created a full snapshot of your previous installion in /root/omk-legacy-2014-08-20.tgz. The installation of Open-AudIT will now proceed. Should you need to revert to your previous installation status, simply remove all contents of /usr/local/omk and unpack the snapshot: rm -rf /usr/local/omk/* && tar -C / -xzvf /root/omk-legacy-2014-08-20.tgz Hit <Enter> when ready to continue: ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Checking the Open-AudIT dependencies ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Required package mysql-server is installed. Required package apache2 is installed. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Required packge apache2-utils is not installed. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Open-AudIT requires package apache2-utils to be installed and configured. Do you want to install this package now? Type 'y' or hit <Enter> to accept, any other key for 'no': y Using apt-get to install apache2-utils Required package libapache2-mod-proxy-html is installed. Required package libapache2-mod-php5 is installed. Required package openssh-client is installed. Required package php5 is installed. Required package php5-ldap is installed. Required package php5-mcrypt is installed. Required package php5-mysql is installed. Required package php5-snmp is installed. Required package nmap is installed. Required package zip is installed. Required package wget is installed. Required package curl is installed. Required package sshpass is installed. Required package screen is installed. Required package smbclient is installed. Required package logrotate is installed. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Required packge libtime-parsedate-perl is not installed. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Open-AudIT requires package libtime-parsedate-perl to be installed and configured. Do you want to install this package now? Type 'y' or hit <Enter> to accept, any other key for 'no': y Using apt-get to install libtime-parsedate-perl -------COMMAND RETURNED EXIT CODE 100-------- apt-get -yq install libtime-parsedate-perl Reading package lists... Building dependency tree... Reading state information... E: Unable to locate package libtime-parsedate-perl ---------------------------------------- Looking for an existing Open-AudIT Community installation... Do you want to perform a backup of your Open-AudIT installation? Type 'y' or hit <Enter> to accept, any other key for 'no': y Backing up database openaudit Open-AudIT Backup created successfully, file name: /root/open-audit-backup-2014-08-20.tgz ++++++++++++++++++++++++++++++++++++++++++++++++++++++ copying files ++++++++++++++++++++++++++++++++++++++++++++++++++++++ ........................................................................................................................................................................................................................................................................ ++++++++++++++++++++++++++++++++++++++++++++++++++++++ done copying files ++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++ performing post-installation operations ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Open-AudIT needs the live configuration files in /usr/local/omk/conf/, and ships the defaults in /usr/local/omk/install/. If you agree, the installer will copy all missing files to the live configuration directory - it will not overwrite any files that are already present. Ok to copy new or missing config files into the live configuration directory? Type 'y' or hit <Enter> to accept, any other key for 'no': y Init script for Opmantek daemon already present. Installing conveniece symlinks ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Updated logrotation config file omk-rotate.conf available ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Ok to install the updated logrotation config file omk-rotate.conf? Type 'y' or hit <Enter> to accept, any other key for 'no': y ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Updated logrotation config file open-audit-rotate.conf available ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Ok to install the updated logrotation config file open-audit-rotate.conf? Type 'y' or hit <Enter> to accept, any other key for 'no': y Upgrading Opmantek Modules file ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Adjusting users, ownerships and permissions ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Priming remaining directories ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Configuration Updates ++++++++++++++++++++++++++++++++++++++++++++++++++++++ The new version of Open-AudIT may have introduced new configuration items, which can be added automatically (with their default settings). Do you want to import any new configuration settings now? Type 'y' or hit <Enter> to accept, any other key for 'no': y Updating common config with new defaults. Apache config directory unknown or non-existent, cannot install proxy config file! Please note that the GUI for your Open-AudIT installation will only be available at the URL http://localhost:8042/ until you configure Apache, and enable the Apache proxy with the config file ./install/04omk-proxy.conf or equivalent. Hit <Enter> when ready to continue. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Installing Open-AudIT files ++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Copying Open-AudIT Web files ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Upgrade of existing Open-AudIT installation, no database initialisation required. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ performing final update operations ++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Adjusting Open-AudIT for standalone operation ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Adjusting Login Banner ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Detecting Configuration Changes ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Would you like to see an overview of all changed configuration items? Type 'y' or hit <Enter> to accept, any other key for 'no': y Performing config diff check, please wait... Can't locate Time/ParseDate.pm in @INC (you may need to install the Time::ParseDate module) (@INC contains: /usr/local/omk/bin/../lib /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .) at /usr/local/omk/bin/../lib/OMK/Common.pm line 74. BEGIN failed--compilation aborted at /usr/local/omk/bin/../lib/OMK/Common.pm line 74. Compilation failed in require at /usr/local/omk/bin/opdiffconfigs.pl line 40. BEGIN failed--compilation aborted at /usr/local/omk/bin/opdiffconfigs.pl line 40. Can't locate Time/ParseDate.pm in @INC (you may need to install the Time::ParseDate module) (@INC contains: /usr/local/omk/bin/../lib /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .) at /usr/local/omk/bin/../lib/OMK/Common.pm line 74. BEGIN failed--compilation aborted at /usr/local/omk/bin/../lib/OMK/Common.pm line 74. Compilation failed in require at /usr/local/omk/bin/opdiffconfigs.pl line 40. BEGIN failed--compilation aborted at /usr/local/omk/bin/opdiffconfigs.pl line 40. The configuration comparison tool has detected some differences between the shipped defaults (in /usr/local/omk/install) and the active settings (in /usr/local/omk/conf). The affected files are: opModules.nmis opCommon.nmis A detailed listing of these differences has been saved in /tmp/Open-AudIT-config-diffs-2014-08-20. You should review those differences (using less or an editor like nano, vi or emacs) and adjust your configuration settings accordingly. Hit <Enter> when ready to continue: ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Opmantek Daemon Startup ++++++++++++++++++++++++++++++++++++++++++++++++++++++ The Opmantek daemon can now be started. It needs to be active to provide the Open-AudIT GUI, but you might want to delay that operation until you have adjusted the configuration files. Do you want to start the Opmantek daemon now? Type 'y' or hit <Enter> to accept, any other key for 'no': y Starting OMKD opEvents not installed or opEvents daemon init script not installed as /etc/init.d/opeventsd. opConfig not installed or opConfig daemon init script not installed as /etc/init.d/opconfigd. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ Open-AudIT is Ready for Configuration ++++++++++++++++++++++++++++++++++++++++++++++++++++++ This initial installation of Open-AudIT is now complete. However, to configure and fine-tune the application suitably for your environment you will need to make certain configuration adjustments. We highly recommend that you visit the documentation site for Open-AudIT at https://docs.community.firstwave.com/wiki/display/OA/Home which will help you to determine what configuration changes may be required for your environment. If you have started the Opmantek daemon, then your new Open-AudIT dashboard should now be accessible at http://<HOSTNAME_OR_IP>/omk/oae/ If your browser is running on the same machine as Open-AudIT was installed onto, this would be http://localhost/omk/oae/ ++++++++++++++++++++++++++++++++++++++++++++++++++++++ installation complete. ++++++++++++++++++++++++++++++++++++++++++++++++++++++ root@ubuntu1404:/tmp/Open-AudIT-1.4.0#