source: trunk/Install.sh@ 501

Last change on this file since 501 was 481, checked in by katerina, 9 years ago

Enhancements and fixes for tickets #374, #375, #376, #377, #378, and #379.

File size: 16.7 KB
RevLine 
[1]1#! /bin/sh
2# Please have a TMP or TMPDIR environment variable if you don't trust /tmp,
3# or don't run this as root.
4#
5# -- partly taken from PureFTPd
6#
7
8VERSION=1.6.4
9
10
11# exits with a custom error message
12bail_error () {
13 echo
14 echo $1
15 echo
16 exit 1
17}
18
19get_config() {
20 mfile=`cat $tmp`
21 for z in $mfile ; do
22 cfgline="$cfgline --$z"
23 done
24}
25
26get_error() {
27 ge_rval=0
28 if cat $tmp 2>&1 | grep Error > /dev/null ; then
29 ge_rval=1
30 fi
31 return ${ge_rval}
32}
33
34
35
36#------------------------------------------------------------
37#
38# Find a 'dialog' program
39#
40#------------------------------------------------------------
41PATH=/usr/local/bin:/usr/local/sbin:$PATH; export PATH
42
43WELCOME=`cat <<EOF
44Welcome to the SAMHAIN configuration tool
45
46This script is meant to make installing SAMHAIN as easy as
[62]47possible. Just read the text below, hit ENTER, and you are
[1]48on your way.
49
50SAMHAIN ships with NO WARRANTY whatsoever, without
51even the implied warranty of merchantability or fitness
52for a particular purpose. The author takes no responsibility
53for the consequences of running this script.
54
55Please send any questions to support@la-samhna.com.
56EOF`
57
58if [ -z "$dialog" ] ; then
59 if [ -n "$DISPLAY" ] ; then
60 Xdialog --msgbox "$WELCOME" 20 75 2> /dev/null && dialog='Xdialog'
61 gauge='--gauge'
62 fi
63fi
64if [ -z "$dialog" ] ; then
65 dialog --msgbox "$WELCOME" 20 75 2> /dev/null && dialog='dialog'
66
67# Workaround for old versions of 'dialog' (Slackware)
68
69 if "$dialog" 2>&1 | grep gauge > /dev/null ; then
70 gauge='--gauge'
71 elif "$dialog" 2>&1 | grep guage > /dev/null ; then
72 gauge='--guage'
73 else
74 gauge=''
75 fi
76fi
77if [ -z "$dialog" ] ; then
78 lxdialog --msgbox "$WELCOME" 20 75 2> /dev/null && dialog='lxdialog'
79fi
80if [ -z "$dialog" ] ; then
81 /usr/src/linux/scripts/lxdialog/lxdialog --msgbox "$WELCOME" 20 75 2> /dev/null && dialog='/usr/src/linux/scripts/lxdialog/lxdialog'
82fi
83
84if [ -z "$dialog" ] ; then
85 bail_error "No \"dialog\" found, GUI installation impossible"
86fi
87
88#------------------------------------------------------------
89#
90# Find a writable temporary directory
91#
92#------------------------------------------------------------
93tempdir=''
94for tmpdir in "$TMP" "$TMPDIR" /tmp /var/tmp; do
95 if [ -z "$tempdir" ] && [ -d "$tmpdir" ] && [ -w "$tmpdir" ]; then
96 tempdir="$tmpdir"
97 fi
98done
99if [ -z "$tempdir" ]; then
100 bail_error "Unable to find a suitable temporary directory"
101fi
102
103# Create a temporary file
104tmp=`mktemp $tempdir/build.gui.XXXXXX`
105if [ $? -ne 0 ]; then
106 bail_error "Cannot create temp file, exiting..."
107fi
108
109trap "rm -f $tmp; exit 1" EXIT SIGHUP SIGINT SIGQUIT SIGSEGV SIGTERM
110
111#------------------------------------------------------------
112#
113# Build config line
114#
115#------------------------------------------------------------
116cfgline='';
117
118$dialog \
119--title "Compile-time options" \
120--backtitle "Samhain $VERSION" \
121--radiolist "Samhain can run as standalone application on a single dektop machine, or as a client/server application for centralized monitoring of many hosts" \
12210 75 3 \
123"disable-network" "Single desktop machine" on \
124"enable-network=client" "Network (client)" off \
125"enable-network=server" "Network (server)" off \
1262> $tmp
127
128mtest=$?
129if [ $mtest = -1 ]; then
130 exit 1
131fi
132if [ $mtest = 0 ]; then
133 get_config
134else
135 get_error || bail_error "Your \"dialog\" does not support --radiolist, GUI installation impossible"
136 cfgline="--disable-network"
137fi
138
139cfgtest=`echo $cfgline | grep disable`
140
141
142#------------------------------------------------------------
143#
144# Server options
145#
146#------------------------------------------------------------
147if [ -z $cfgtest ]; then
148
149INET=yes
150HTML="\n /usr/local/var/samhain/samhain.html"
151
152$dialog \
153--backtitle "Samhain $VERSION" \
154--msgbox "You have chosen to build SAMHAIN as a client/server application.\n\nThis requires some additional configuration.\nPlease read the manual if you are not sure\nwhich options are useful or neccessary for you." 10 75
155
156if [ $? = -1 ]; then
157 exit 1
158fi
159
160
161$dialog \
162--title 'Network options' \
163--separate-output \
164--backtitle "Samhain $VERSION" \
165--checklist 'Use SPACE to set/unset. If in doubt, read the manual.' \
16620 75 10 \
167'enable-udp' "Server listens also on 514/udp" off \
168'disable-encrypt' "Disable client/server encryption" off \
169'disable-srp' "Disable SRP client/server authentication" off \
1702> $tmp
171
172mtest=$?
173if [ $mtest = -1 ]; then
174 exit 1
175fi
176if [ $mtest = 0 ]; then
177 get_config
178fi
179
180$dialog \
181--title 'Network options' \
182--backtitle "Samhain $VERSION" \
183--inputbox "Server port" 10 75 "49777" \
1842> $tmp
185
186mtest=$?
187if [ $mtest = -1 ]; then
188 exit 1
189fi
190
191if [ $mtest = 0 ]; then
192 mfile=`cat $tmp`
193 for z in $mfile ; do
194 cfgline="$cfgline --with-port=$z"
195 done
196fi
197
198
199$dialog \
200--title 'Network options' \
201--backtitle "Samhain $VERSION" \
202--inputbox "Server address" 10 75 "127.0.0.1" \
2032> $tmp
204
205mtest=$?
206if [ $mtest = -1 ]; then
207 exit 1
208fi
209if [ $mtest = 0 ]; then
210 mfile=`cat $tmp`
211 for z in $mfile ; do
212 cfgline="$cfgline --with-logserver=$z"
213 done
214fi
215
216$dialog \
217--title "Network options" \
218--backtitle 'Samhain $VERSION' \
219--inputbox "Backup server address" 10 75 "none" \
2202> $tmp
221
222mtest=$?
223if [ $mtest = -1 ]; then
224 exit 1
225fi
226if [ $mtest = 0 ]; then
227 mfile=`cat $tmp`
228 for z in $mfile ; do
229 if [ "x$z" != "xnone" ]; then
230 cfgline="$cfgline --with-altlogserver=$z"
231 fi
232 done
233fi
234
235# if [ -z $cfgtest ]; then
236fi
237
238os=`uname -s`
239if [ x"$os" = xLinux ]
240then
241 PROC=`uname -m`
242 if [ x"$PROC" = xi686 ] ; then
243 I386_LINUX=yes
244 fi
245 if [ x"$PROC" = xi586 ] ; then
246 I386_LINUX=yes
247 fi
248 if [ x"$PROC" = xi486 ] ; then
249 I386_LINUX=yes
250 fi
251 if [ x"$PROC" = xi386 ] ; then
252 I386_LINUX=yes
253 fi
254fi
255
256$dialog \
257--title 'General options' \
258--separate-output \
259--backtitle "Samhain $VERSION" \
260--checklist 'Use SPACE to set/unset. If in doubt, read the MANUAL.' \
26120 75 10 \
262'enable-static' "Don't link with shared libraries" on \
263'enable-suidcheck' "Check for suid/sgid files" on \
264'enable-login-watch' "Watch for login/logout events" off \
265'enable-ptrace' "Enable anti-debugger code" off \
266'enable-db-reload' "Reload database on SIGHUP" off \
267'enable-xml-log' "Write log in XML format" off \
268'disable-mail' "Compile without built-in mailer" off \
269'disable-external-scripts' "Disable use of external scripts" off \
270'enable-debug' "Compile in debugging code" off \
2712> $tmp
272
273mtest=$?
274if [ $mtest = -1 ]; then
275 exit 1
276fi
277if [ $mtest = 0 ]; then
278 get_config
279fi
280
281
282#------------------------------------------------------------
283#
284# Signature options
285#
286#------------------------------------------------------------
287$dialog \
288--title "Signed database and configuration" \
289--backtitle "Samhain $VERSION" \
290--yesno "Samhain can be configured to support PGP signed database\nand configuration files. This requires a working installation\nof GnuPG.\n\nDo you want to use this option ?" \
29110 75 \
2922> $tmp
293
294mtest=$?
295
296if [ $mtest = -1 ]; then
297 exit 1
298fi
299if [ $mtest = 0 ]; then
300
301
302$dialog \
303--title "Signed database and configuration" \
304--backtitle "Samhain $VERSION" \
305--inputbox "Please enter the full path to gpg (i.e. the GnuPG binary)" \
30610 75 "/usr/bin/gpg" \
3072> $tmp
308
309mtest=$?
310
311if [ $mtest = -1 ]
312then
313 exit 1
314fi
315if [ $mtest = 0 ]
316then
317
318mfile=`cat $tmp`
319for z in $mfile ; do
320 cfgline="$cfgline --with-gpg=$z"
321done
322
323$dialog \
324--title "Signed database and configuration" \
325--backtitle "Samhain $VERSION" \
326--inputbox "Please enter the fingerprint of the key to use (one string, no spaces)" \
32710 75 "6BD9050FD8FC941B43412DCC68B7AB8957548DCD" \
3282> $tmp
329
330mtest=$?
331
332if [ $mtest = -1 ]; then
333 exit 1
334fi
335if [ $mtest = 0 ]; then
336 z=`cat $tmp`
337 cfgline="$cfgline --with-fp=$z"
338fi
339
340
341fi
342# want signed
343fi
344
345#------------------------------------------------------------
346#
347# Stealth options
348#
349#------------------------------------------------------------
350$dialog \
351--title "Stealth options" \
352--backtitle "Samhain $VERSION" \
353--yesno "Samhain has some stealth options to hide its presence.\nDo you want to take advantage of these ?" \
35410 75 \
3552> $tmp
356
357mtest=$?
358if [ $mtest = -1 ]; then
359 exit 1
360fi
361if [ $mtest = 0 ]; then
362
363$dialog \
364--title "Stealth options" \
365--backtitle "Samhain $VERSION" \
366--radiolist "Full stealth mode will hide ascii strings within the binary, and use a config file that is hidden by steganography within an image file. Micro stealth is just strings hiding, without the stego config file." \
36720 75 4 \
368'full' "Enable full stealth mode" off \
369'micro' "Enable micro stealth mode" on \
370'none' "None of both" off \
3712> $tmp
372
373mtest=$?
374if [ $mtest = -1 ]; then
375 exit 1
376fi
377if [ $mtest = 0 ]; then
378 mfile=`cat $tmp`
379 for z in $mfile ; do
380 mtest=$z
381 done
382else
383 mtest="none"
384fi
385
386if [ "x$mtest" != "xnone" ]; then
387
388if [ "x$mtest" = "xfull" ]; then
389 FULL_STEALTH="yes"
390fi
391
392$dialog \
393--title 'Stealth options' \
394--backtitle "Samhain $VERSION" \
395--inputbox "Please select a number between 128 and 255. This number will be used to obfuscate strings within the binary by xoring them." 10 75 "137" \
3962> $tmp
397
398mtest=$?
399if [ $mtest = -1 ]; then
400 exit 1
401fi
402if [ $mtest = 0 ]; then
403 mfile=`cat $tmp`
404 for z in $mfile ; do
405 mnum=$z
406 done
407else
408 mnum="137"
409fi
410
411if [ "x$FULL_STEALTH" = "xyes" ]; then
412 cfgline="$cfgline --enable-stealth=$mnum"
413else
414 cfgline="$cfgline --enable-micro-stealth=$mnum"
415fi
416
417# if [ "x$mtest" != "xnone" ]; then
418fi
419
420
421$dialog \
422--title 'Stealth options' \
423--backtitle "Samhain $VERSION" \
424--inputbox "Please choose a new name to replace \"samhain\" upon installation" \
42510 75 "samhain" \
4262> $tmp
427
428mtest=$?
429if [ $mtest = -1 ]; then
430 exit 1
431fi
432if [ $mtest = 0 ]; then
433 mfile=`cat $tmp`
434 for z in $mfile ; do
435 cfgline="$cfgline --enable-install-name=$z"
436 done
437fi
438
439$dialog \
440--title "Stealth options" \
441--backtitle "Samhain $VERSION" \
442--inputbox "You can set a magic string such that command line arguments will be ignored unless the first argument is this magic string, and read from stdin otherwise. If you do not want this, select CANCEL, otherwise choose a string and select OK." \
44310 75 "foo" \
4442> $tmp
445
446mtest=$?
447if [ $mtest = -1 ]; then
448 exit 1
449fi
450if [ $mtest = 0 ]; then
451 mfile=`cat $tmp`
452 for z in $mfile ; do
453 cfgline="$cfgline --enable-nocl=$z"
454 done
455fi
456
457if [ "x$I386_LINUX" = "xyes" ]; then
458$dialog \
459--title "Stealth options" \
460--backtitle "Samhain $VERSION" \
461--yesno "SAMHAIN can compile and install a kernel module to hide the SAMHAIN daemon process. Do you want that ?"\
4622> $tmp
463
464mtest=$?
465
466if [ $mtest = -1 ]; then
467 exit 1
468fi
469if [ $mtest = 0 ]; then
470 cfgline="$cfgline --enable-khide"
471fi
472
473# f [ "x$I386_LINUX" = "xyes" ]; then
474fi
475
476# want stealth
477fi
478
479#------------------------------------------------------------
480#
481# Paths to configure
482#
483#------------------------------------------------------------
484$dialog \
485--title 'Paths' \
486--backtitle "Samhain $VERSION" \
487--radiolist "Do you wish to change the default paths ?\n\nThe default paths are:\n\n /usr/local/sbin all binaries\n /etc/samhainrc configuration file\n /var/lib/samhain/samhain_file data file\n /var/log/samhain_log log file\n /var/run/samhain.pid pid file $HTML" 20 76 5 \
488'usr' "Install binaries in /usr/sbin" off \
489'opt' "Use /opt/samhain, /etc/opt, /var/opt" off \
490'all' "Set paths individually" off \
491'cancel' "Don't change the paths" on \
4922> $tmp
493
494mtest=$?
495if [ $mtest = -1 ]; then
496 exit 1
497fi
498if [ $mtest = 0 ]; then
499#
500# edit paths
501#
502mfile=`cat $tmp`
503for z in $mfile ; do
504 if [ "x$z" = "xopt" ]; then
505 cfgline="$cfgline --prefix=OPT"
506 fi
507 if [ "x$z" = "xusr" ]; then
508 cfgline="$cfgline --prefix=USR"
509 fi
510 if [ "x$z" = "xall" ]; then
511$dialog \
512--title 'Paths' \
513--backtitle "Samhain $VERSION" \
514--inputbox "Exec prefix" 10 75 "/usr/local" \
5152> $tmp
516
517mtest=$?
518if [ $mtest = -1 ]; then
519 exit 1
520fi
521if [ $mtest = 0 ]; then
522 mfile=`cat $tmp`
523 for z in $mfile ; do
524 cfgline="$cfgline --exec-prefix=$z"
525 done
526fi
527
528
529$dialog \
530--title 'Paths' \
531--backtitle "Samhain $VERSION" \
532--inputbox "Configuration" 10 75 "/etc/samhainrc" \
5332> $tmp
534
535mtest=$?
536if [ $mtest = -1 ]; then
537 exit 1
538fi
539if [ $mtest = 0 ]; then
540 mfile=`cat $tmp`
541 for z in $mfile ; do
542 cfgline="$cfgline --with-config-file=$z"
543 done
544fi
545
546$dialog \
547--title 'Paths' \
548--backtitle "Samhain $VERSION" \
549--inputbox "Man pages" 10 75 "/usr/local/share/man" \
5502> $tmp
551
552mtest=$?
553if [ $mtest = -1 ]; then
554 exit 1
555fi
556if [ $mtest = 0 ]; then
557 mfile=`cat $tmp`
558 for z in $mfile ; do
559 cfgline="$cfgline --with-mandir=$z"
560 done
561fi
562
563$dialog \
564--title 'Paths' \
565--backtitle "Samhain $VERSION" \
566--inputbox "Database" 10 75 "/var/lib/samhain/samhain_data" \
5672> $tmp
568
569mtest=$?
570if [ $mtest = -1 ]; then
571 exit 1
572fi
573if [ $mtest = 0 ]; then
574 mfile=`cat $tmp`
575 for z in $mfile ; do
576 cfgline="$cfgline --with-data-file=$z"
577 done
578fi
579
580$dialog \
581--title 'Paths' \
582--backtitle "Samhain $VERSION" \
583--inputbox "Log file" 10 75 "/var/log/samhain_log" \
5842> $tmp
585
586mtest=$?
587if [ $mtest = -1 ]; then
588 exit 1
589fi
590if [ $mtest = 0 ]; then
591 mfile=`cat $tmp`
592 for z in $mfile ; do
593 cfgline="$cfgline --with-log-file=$z"
594 done
595fi
596
597$dialog \
598--title 'Paths' \
599--backtitle "Samhain $VERSION" \
600--inputbox "Lock file" 10 75 "/var/run/samhain.pid" \
6012> $tmp
602
603mtest=$?
604if [ $mtest = -1 ]; then
605 exit 1
606fi
607if [ $mtest = 0 ]; then
608 mfile=`cat $tmp`
609 for z in $mfile ; do
610 cfgline="$cfgline --with-pid-file=$z"
611 done
612fi
613
614if [ "x$INET" = "xyes" ]; then
615$dialog \
616--title 'Paths' \
617--backtitle "Samhain $VERSION" \
618--inputbox "Server status" 10 75 "/var/lib/samhain/samhain.html" \
6192> $tmp
620
621mtest=$?
622if [ $mtest = -1 ]; then
623 exit 1
624fi
625if [ $mtest = 0 ]; then
626 mfile=`cat $tmp`
627 for z in $mfile ; do
628 cfgline="$cfgline --with-html-file=$z"
629 done
630fi
631# if [ "x$INET" = "xyes" ]; then
632fi
633
634 fi
635
636done
637# edit paths
638fi
639
640
641if [ ! -f "configure" ] ; then
642 bail_error "Setup problem... try to install manually"
643fi
644
645echo "./configure $cfgline" > Install.log 2>/dev/null
646
647if [ $? != 0 ]; then
648 $dialog --infobox "ERROR writing to \"Install.log\".\n\nAborting." 10 55
649 exit 1
650fi
651
652
653
654if [ "x$KCHECK" = "xyes" ]; then
655 if [ `id -u` != 0 ]; then
[112]656$dialog --msgbox "Compiling with --with-kcheck option (kernel rootkit detection). This\nrequires root privileges for at least one command during compilation,\nbut you are not running this as root. Please expect compilation to fail.\n\nYou need to follow the instructions shown in the \nerror message after failure." 20 75
[1]657 fi
658fi
659
660
661if [ -n "$gauge" ] ; then
662(
663 sfail=0
664 echo 20
665 rm -f config.cache 2> /dev/null
666 echo 30
667 if [ -z "$cfgline2" ]; then
668 ./configure $cfgline >> Install.log 2>&1
669 else
670 ./configure $cfgline --with-checksum="$cfgline2" >> Install.log 2>&1
671 fi
672 cfail=$?
673 echo 50
674 if [ $cfail = 0 ]; then
675 make clean >> Install.log 2>&1
676 cfail=$?
677 else
678 sfail=1
679 fi
680 echo 60
681 if [ $cfail = 0 ]; then
682 make >> Install.log 2>&1
683 cfail=$?
684 else
685 sfail=1
686 fi
687 echo 80
688 if [ $cfail = 0 ]; then
689 make install >> Install.log 2>&1
690 cfail=$?
691 else
692 sfail=1
693 fi
694 echo 100
695 echo cfail=$cfail > $tmp
696 echo sfail=$sfail >> $tmp
697) | $dialog \
698--title 'Compilation and installation' \
699--backtitle "Samhain $VERSION" \
700"$gauge" 'Please wait...' 10 75 10
701else
702 sfail=0
703 rm -f config.cache 2> /dev/null
704 $dialog --infobox "Running configure ..." 4 44
705 if [ -z "$cfgline2" ]; then
706 ./configure $cfgline >> Install.log 2>&1
707 else
708 ./configure $cfgline --with-checksum="$cfgline2" >> Install.log 2>&1
709 fi
710 cfail=$?
711 if [ $cfail = 0 ]; then
712 $dialog --infobox "Running make clean ..." 4 44
713 make clean >> Install.log 2>&1
714 cfail=$?
715 else
716 sfail=1
717 fi
718 if [ $cfail = 0 ]; then
719 $dialog --infobox "Running make ..." 4 44
720 make >> Install.log 2>&1
721 cfail=$?
722 else
723 sfail=1
724 fi
725 if [ $cfail = 0 ]; then
726 $dialog --infobox "Running make install ..." 4 44
727 make install >> Install.log 2>&1
728 cfail=$?
729 else
730 sfail=1
731 fi
732 echo cfail=$cfail > $tmp
733 echo sfail=$sfail >> $tmp
734fi
735
736. $tmp
737
738
739echo "SAMHAIN is now installed on your system." > $tmp
740echo "Please read the documentation to know how to run it." >> $tmp
741
742
743if [ "x$sfail" = "x0" ] ; then
744
745 if [ "x$cfail" = "x0" ] ; then
746 if [ "x${FULL_STEALTH}" = "xyes" ]; then
747 tail -21 Install.log >> $tmp
748 else
749 tail -11 Install.log >> $tmp
750 fi
751 $dialog --title "Build report (use arrow keys to scroll the text box)" \
752--backtitle "Samhain $VERSION installed. PLEASE READ THE MANUAL." \
753--textbox \
754$tmp \
75520 75
756 else
757 $dialog --title "Problem report" \
758--backtitle "Samhain $VERSION: Build failed (see Install.log):" \
759--msgbox \
760"Compilation was successful, but you need to be root in\norder to install the files to the selected prefix.\nPlease run 'make install' as root." \
76110 75
762 fi
763
764else
765
766 MSG=`tail -10 Install.log`
767 $dialog --title "Problem report" \
768--backtitle "Samhain $VERSION: Build failed (see Install.log):" \
769--msgbox "$MSG" 20 75
770
771fi
772
773rm -f $tmp
774
775exit 0
776
777
778
779
780
781
Note: See TracBrowser for help on using the repository browser.