source: trunk/Install.sh @ 62

Last change on this file since 62 was 62, checked in by rainer, 15 years ago

Fix broken Install.sh (ticket #36).

File size: 17.6 KB
Line 
1#! /bin/sh
2# Please have a TMP or TMPDIR environment variable if you don't trust /tmp,
3# or don't run this as root.
4#
5# -- partly taken from PureFTPd
6#
7
8VERSION=1.6.4
9
10
11# exits with a custom error message
12bail_error () {
13    echo
14    echo $1
15    echo
16    exit 1
17}
18
19get_config() {
20    mfile=`cat $tmp`
21    for z in $mfile ; do
22        cfgline="$cfgline --$z"
23    done
24}
25
26get_error() {
27    ge_rval=0
28    if  cat $tmp 2>&1 | grep Error > /dev/null ; then
29        ge_rval=1
30    fi
31    return ${ge_rval}
32}
33
34 
35
36#------------------------------------------------------------
37#
38#  Find a 'dialog' program
39#
40#------------------------------------------------------------
41PATH=/usr/local/bin:/usr/local/sbin:$PATH; export PATH
42
43WELCOME=`cat <<EOF
44Welcome to the SAMHAIN configuration tool
45
46This script is meant to make installing SAMHAIN as easy as
47possible.  Just read the text below, hit ENTER, and you are
48on your way.
49
50SAMHAIN ships with NO WARRANTY whatsoever, without
51even the implied warranty of merchantability or fitness
52for a particular purpose. The author takes no responsibility
53for the consequences of running this script.
54
55Please send any questions to support@la-samhna.com.
56EOF`
57
58if [ -z "$dialog" ] ; then
59  if [ -n "$DISPLAY" ] ; then
60    Xdialog --msgbox "$WELCOME" 20 75 2> /dev/null && dialog='Xdialog'
61        gauge='--gauge'
62  fi
63fi
64if [ -z "$dialog" ] ; then
65  dialog --msgbox "$WELCOME" 20 75 2> /dev/null && dialog='dialog'
66
67# Workaround for old versions of 'dialog' (Slackware)
68
69  if "$dialog" 2>&1 | grep gauge > /dev/null ; then
70    gauge='--gauge'
71  elif "$dialog" 2>&1 | grep guage > /dev/null ; then
72    gauge='--guage'
73  else
74    gauge=''
75  fi
76fi
77if [ -z "$dialog" ] ; then
78  lxdialog --msgbox "$WELCOME" 20 75 2> /dev/null && dialog='lxdialog'
79fi
80if [ -z "$dialog" ] ; then
81  /usr/src/linux/scripts/lxdialog/lxdialog --msgbox "$WELCOME" 20 75 2> /dev/null && dialog='/usr/src/linux/scripts/lxdialog/lxdialog'
82fi
83
84if [ -z "$dialog" ] ; then
85  bail_error "No \"dialog\" found, GUI installation impossible"
86fi
87
88#------------------------------------------------------------
89#
90#  Find a writable temporary directory
91#
92#------------------------------------------------------------
93tempdir=''
94for tmpdir in "$TMP" "$TMPDIR" /tmp /var/tmp; do
95  if [ -z "$tempdir" ] && [ -d "$tmpdir" ] && [ -w "$tmpdir" ]; then
96    tempdir="$tmpdir"
97  fi
98done
99if [ -z "$tempdir" ]; then
100  bail_error "Unable to find a suitable temporary directory"
101fi
102
103# Create a temporary file
104tmp=`mktemp $tempdir/build.gui.XXXXXX`
105if [ $? -ne 0 ]; then
106  bail_error "Cannot create temp file, exiting..."
107fi
108
109trap "rm -f $tmp; exit 1" EXIT SIGHUP SIGINT SIGQUIT SIGSEGV SIGTERM
110
111#------------------------------------------------------------
112#
113#  Build config line
114#
115#------------------------------------------------------------
116cfgline='';
117
118$dialog \
119--title "Compile-time options" \
120--backtitle "Samhain $VERSION" \
121--radiolist "Samhain can run as standalone application on a single dektop machine, or as a client/server application for centralized monitoring of many hosts" \
12210 75 3 \
123"disable-network"          "Single desktop machine" on \
124"enable-network=client"    "Network (client)" off \
125"enable-network=server"    "Network (server)" off \
1262> $tmp
127
128mtest=$?
129if [ $mtest = -1 ]; then
130    exit 1
131fi
132if [ $mtest = 0 ]; then
133    get_config
134else
135    get_error || bail_error "Your \"dialog\" does not support --radiolist, GUI installation impossible"
136    cfgline="--disable-network"
137fi
138
139cfgtest=`echo $cfgline | grep disable`
140
141
142#------------------------------------------------------------
143#
144#  Server options
145#
146#------------------------------------------------------------
147if [ -z $cfgtest ]; then
148
149INET=yes
150HTML="\n /usr/local/var/samhain/samhain.html"
151
152$dialog \
153--backtitle "Samhain $VERSION" \
154--msgbox "You have chosen to build SAMHAIN as a client/server application.\n\nThis requires some additional configuration.\nPlease read the manual if you are not sure\nwhich options are useful or neccessary for you." 10 75 
155
156if [ $? = -1 ]; then
157    exit 1
158fi
159
160
161$dialog \
162--title 'Network options' \
163--separate-output \
164--backtitle "Samhain $VERSION" \
165--checklist 'Use SPACE to set/unset. If in doubt, read the manual.' \
16620 75 10 \
167'enable-udp' "Server listens also on 514/udp" off \
168'disable-encrypt' "Disable client/server encryption" off \
169'disable-srp' "Disable SRP client/server authentication" off \
1702> $tmp
171
172mtest=$?
173if [ $mtest = -1 ]; then
174    exit 1
175fi
176if [ $mtest = 0 ]; then
177    get_config
178fi
179
180$dialog \
181--title 'Network options' \
182--backtitle "Samhain $VERSION" \
183--inputbox "Server port" 10 75 "49777" \
1842> $tmp
185
186mtest=$?
187if [ $mtest = -1 ]; then
188    exit 1
189fi
190
191if [ $mtest = 0 ]; then
192    mfile=`cat $tmp`
193    for z in $mfile ; do
194        cfgline="$cfgline --with-port=$z"
195    done
196fi
197
198
199$dialog \
200--title 'Network options' \
201--backtitle "Samhain $VERSION" \
202--inputbox "Server address" 10 75 "127.0.0.1" \
2032> $tmp
204
205mtest=$?
206if [ $mtest = -1 ]; then
207    exit 1
208fi
209if [ $mtest = 0 ]; then
210    mfile=`cat $tmp`
211    for z in $mfile ; do
212        cfgline="$cfgline --with-logserver=$z"
213    done
214fi
215
216$dialog \
217--title "Network options" \
218--backtitle 'Samhain $VERSION' \
219--inputbox "Backup server address" 10 75 "none" \
2202> $tmp
221
222mtest=$?
223if [ $mtest = -1 ]; then
224    exit 1
225fi
226if [ $mtest = 0 ]; then
227    mfile=`cat $tmp`
228    for z in $mfile ; do
229        if [ "x$z" != "xnone" ]; then 
230            cfgline="$cfgline --with-altlogserver=$z"
231        fi
232    done
233fi
234
235# if [ -z $cfgtest ]; then
236fi
237
238os=`uname -s`
239if [ x"$os" = xLinux ]
240then
241    PROC=`uname -m`
242    if [ x"$PROC" = xi686 ] ; then
243       I386_LINUX=yes
244    fi
245    if [ x"$PROC" = xi586 ] ; then 
246       I386_LINUX=yes
247    fi
248    if [ x"$PROC" = xi486 ] ; then
249       I386_LINUX=yes
250    fi
251    if [ x"$PROC" = xi386 ] ; then
252       I386_LINUX=yes
253    fi
254fi
255
256$dialog \
257--title 'General options' \
258--separate-output \
259--backtitle "Samhain $VERSION" \
260--checklist 'Use SPACE to set/unset. If in doubt, read the MANUAL.' \
26120 75 10 \
262'enable-static' "Don't link with shared libraries" on \
263'enable-suidcheck' "Check for suid/sgid files" on \
264'enable-login-watch' "Watch for login/logout events" off \
265'enable-ptrace' "Enable anti-debugger code" off \
266'enable-db-reload' "Reload database on SIGHUP" off \
267'enable-xml-log' "Write log in XML format" off \
268'disable-mail' "Compile without built-in mailer" off \
269'disable-external-scripts' "Disable use of external scripts" off \
270'enable-debug' "Compile in debugging code" off \
2712> $tmp
272
273mtest=$?
274if [ $mtest = -1 ]; then
275    exit 1
276fi
277if [ $mtest = 0 ]; then
278    get_config
279fi
280
281#------------------------------------------------------------
282#
283#  Kernel module
284#
285#------------------------------------------------------------
286
287KCHECK="no"
288
289if [ "x$I386_LINUX" = "xyes" ]; then
290
291$dialog \
292--title "Kernel module rootkit detection" \
293--separate-output \
294--backtitle "Samhain $VERSION" \
295--inputbox "SAMHAIN can detect kernel module rootkits if compiled with support\nfor this. If you want to enable this option, please give the path\nto your System.map file, else choose CANCEL.\n\nNOTE: this option will require root privileges for at least one\ncommand during compilation (to read from /dev/kmem)." \
29616 75 "/boot/System.map" \
2972> $tmp
298
299mtest=$?
300
301if [ $mtest = -1 ]; then
302    exit 1
303fi
304if [ $mtest = 0 ]; then
305    mfile=`cat $tmp`
306    for z in $mfile ; do
307        cfgline="$cfgline --with-kcheck=$z"
308    done
309    KCHECK="yes"
310fi
311
312fi
313
314#------------------------------------------------------------
315#
316#  Signature options
317#
318#------------------------------------------------------------
319$dialog \
320--title "Signed database and configuration" \
321--separate-output \
322--backtitle "Samhain $VERSION" \
323--yesno "Samhain can be configured to support PGP signed database\nand configuration files. This requires a working installation\nof GnuPG.\n\nDo you want to use this option ?" \
32410 75 \
3252> $tmp
326
327mtest=$?
328
329if [ $mtest = -1 ]; then
330    exit 1
331fi
332if [ $mtest = 0 ]; then
333 
334
335$dialog \
336--title "Signed database and configuration" \
337--separate-output \
338--backtitle "Samhain $VERSION" \
339--inputbox "Please enter the full path to gpg (i.e. the GnuPG binary)" \
34010 75 "/usr/bin/gpg" \
3412> $tmp
342
343mtest=$?
344
345if [ $mtest = -1 ] 
346then
347    exit 1
348fi
349if [ $mtest = 0 ]
350then
351
352mfile=`cat $tmp`
353for z in $mfile ; do
354        cfgline="$cfgline --with-gpg=$z"
355done
356
357$dialog \
358--title "Signed database and configuration" \
359--separate-output \
360--backtitle "Samhain $VERSION" \
361--inputbox "Please enter the fingerprint of the key to use (one string, no spaces)" \
36210 75 "6BD9050FD8FC941B43412DCC68B7AB8957548DCD" \
3632> $tmp
364
365mtest=$?
366
367if [ $mtest = -1 ]; then
368    exit 1
369fi
370if [ $mtest = 0 ]; then
371    z=`cat $tmp`
372    cfgline="$cfgline --with-fp=$z"
373fi
374 
375
376fi 
377# want signed
378fi
379
380#------------------------------------------------------------
381#
382#  Stealth options
383#
384#------------------------------------------------------------
385$dialog \
386--title "Stealth options" \
387--separate-output \
388--backtitle "Samhain $VERSION" \
389--yesno "Samhain has some stealth options to hide its presence.\nDo you want to take advantage of these ?" \
39010 75 \
3912> $tmp
392
393mtest=$?
394if [ $mtest = -1 ]; then
395    exit 1
396fi
397if [ $mtest = 0 ]; then
398
399$dialog \
400--title "Stealth options" \
401--backtitle "Samhain $VERSION" \
402--radiolist "Full stealth mode will hide ascii strings within the binary, and use a config file that is hidden by steganography within an image file. Micro stealth is just strings hiding, without the stego config file." \
40320 75 4 \
404'full' "Enable full stealth mode" off \
405'micro' "Enable micro stealth mode" on \
406'none'  "None of both" off \
4072> $tmp
408
409mtest=$?
410if [ $mtest = -1 ]; then
411    exit 1
412fi
413if [ $mtest = 0 ]; then
414    mfile=`cat $tmp`
415    for z in $mfile ; do
416        mtest=$z
417    done
418else
419    mtest="none"
420fi
421
422if [ "x$mtest" != "xnone" ]; then
423
424if [ "x$mtest" = "xfull" ]; then
425    FULL_STEALTH="yes"
426fi
427
428$dialog \
429--title 'Stealth options' \
430--backtitle "Samhain $VERSION" \
431--inputbox "Please select a number between 128 and 255. This number will be used to obfuscate strings within the binary by xoring them." 10 75 "137" \
4322> $tmp
433
434mtest=$?
435if [ $mtest = -1 ]; then
436    exit 1
437fi
438if [ $mtest = 0 ]; then
439    mfile=`cat $tmp`
440    for z in $mfile ; do
441        mnum=$z
442    done
443else
444    mnum="137"
445fi
446
447if [ "x$FULL_STEALTH" = "xyes" ]; then
448    cfgline="$cfgline --enable-stealth=$mnum"
449else
450    cfgline="$cfgline --enable-micro-stealth=$mnum"
451fi
452
453# if [ "x$mtest" != "xnone" ]; then
454fi
455
456
457$dialog \
458--title 'Stealth options' \
459--backtitle "Samhain $VERSION" \
460--inputbox "Please choose a new name to replace \"samhain\" upon installation" \
46110 75 "samhain" \
4622> $tmp
463
464mtest=$?
465if [ $mtest = -1 ]; then
466    exit 1
467fi
468if [ $mtest = 0 ]; then
469    mfile=`cat $tmp`
470    for z in $mfile ; do
471        cfgline="$cfgline --enable-install-name=$z"
472    done
473fi
474
475$dialog \
476--title "Stealth options" \
477--separate-output \
478--backtitle "Samhain $VERSION" \
479--inputbox "You can set a magic string such that command line arguments will be ignored unless the first argument is this magic string, and read from stdin otherwise. If you do not want this, select CANCEL, otherwise choose a string and select OK." \
48010 75 "foo" \
4812> $tmp
482
483mtest=$?
484if [ $mtest = -1 ]; then
485    exit 1
486fi
487if [ $mtest = 0 ]; then
488    mfile=`cat $tmp`
489    for z in $mfile ; do
490        cfgline="$cfgline --enable-nocl=$z"
491    done
492fi
493
494if [ "x$I386_LINUX" = "xyes" ]; then
495$dialog \
496--title "Stealth options" \
497--separate-output \
498--backtitle "Samhain $VERSION" \
499--yesno "SAMHAIN can compile and install a kernel module to hide the SAMHAIN daemon process. Do you want that ?"\
5002> $tmp
501
502mtest=$?
503
504if [ $mtest = -1 ]; then
505    exit 1
506fi
507if [ $mtest = 0 ]; then
508    cfgline="$cfgline --enable-khide"
509fi
510
511# f [ "x$I386_LINUX" = "xyes" ]; then
512fi
513
514# want stealth
515fi
516
517#------------------------------------------------------------
518#
519#  Paths to configure
520#
521#------------------------------------------------------------
522$dialog \
523--title 'Paths' \
524--backtitle "Samhain $VERSION" \
525--radiolist "Do you wish to change the default paths ?\n\nThe default paths are:\n\n /usr/local/sbin all binaries\n /etc/samhainrc configuration file\n /var/lib/samhain/samhain_file data file\n /var/log/samhain_log log file\n /var/run/samhain.pid pid file $HTML" 20 76 5 \
526'usr'    "Install binaries in /usr/sbin" off \
527'opt'    "Use /opt/samhain, /etc/opt, /var/opt" off \
528'all'    "Set paths individually" off \
529'cancel' "Don't change the paths" on \
5302> $tmp
531
532mtest=$?
533if [ $mtest = -1 ]; then
534    exit 1
535fi
536if [ $mtest = 0 ]; then
537#
538# edit paths
539#
540mfile=`cat $tmp`
541for z in $mfile ; do
542    if [ "x$z" = "xopt" ]; then
543            cfgline="$cfgline --prefix=OPT"
544    fi
545    if [ "x$z" = "xusr" ]; then
546            cfgline="$cfgline --prefix=USR"
547    fi
548    if [ "x$z" = "xall" ]; then
549$dialog \
550--title 'Paths' \
551--backtitle "Samhain $VERSION" \
552--inputbox "Exec prefix" 10 75 "/usr/local" \
5532> $tmp
554
555mtest=$?
556if [ $mtest = -1 ]; then
557    exit 1
558fi
559if [ $mtest = 0 ]; then
560    mfile=`cat $tmp`
561    for z in $mfile ; do
562        cfgline="$cfgline --exec-prefix=$z"
563    done
564fi
565
566
567$dialog \
568--title 'Paths' \
569--backtitle "Samhain $VERSION" \
570--inputbox "Configuration" 10 75 "/etc/samhainrc" \
5712> $tmp
572
573mtest=$?
574if [ $mtest = -1 ]; then
575    exit 1
576fi
577if [ $mtest = 0 ]; then
578    mfile=`cat $tmp`
579    for z in $mfile ; do
580        cfgline="$cfgline --with-config-file=$z"
581    done
582fi
583
584$dialog \
585--title 'Paths' \
586--backtitle "Samhain $VERSION" \
587--inputbox "Man pages" 10 75 "/usr/local/share/man" \
5882> $tmp
589
590mtest=$?
591if [ $mtest = -1 ]; then
592    exit 1
593fi
594if [ $mtest = 0 ]; then
595    mfile=`cat $tmp`
596    for z in $mfile ; do
597        cfgline="$cfgline --with-mandir=$z"
598    done
599fi
600
601$dialog \
602--title 'Paths' \
603--backtitle "Samhain $VERSION" \
604--inputbox "Database" 10 75 "/var/lib/samhain/samhain_data" \
6052> $tmp
606
607mtest=$?
608if [ $mtest = -1 ]; then
609    exit 1
610fi
611if [ $mtest = 0 ]; then
612    mfile=`cat $tmp`
613    for z in $mfile ; do
614        cfgline="$cfgline --with-data-file=$z"
615    done
616fi
617
618$dialog \
619--title 'Paths' \
620--backtitle "Samhain $VERSION" \
621--inputbox "Log file" 10 75 "/var/log/samhain_log" \
6222> $tmp
623
624mtest=$?
625if [ $mtest = -1 ]; then
626    exit 1
627fi
628if [ $mtest = 0 ]; then
629    mfile=`cat $tmp`
630    for z in $mfile ; do
631        cfgline="$cfgline --with-log-file=$z"
632    done
633fi
634
635$dialog \
636--title 'Paths' \
637--backtitle "Samhain $VERSION" \
638--inputbox "Lock file" 10 75 "/var/run/samhain.pid" \
6392> $tmp
640
641mtest=$?
642if [ $mtest = -1 ]; then
643    exit 1
644fi
645if [ $mtest = 0 ]; then
646    mfile=`cat $tmp`
647    for z in $mfile ; do
648        cfgline="$cfgline --with-pid-file=$z"
649    done
650fi
651
652if [ "x$INET" = "xyes" ]; then
653$dialog \
654--title 'Paths' \
655--backtitle "Samhain $VERSION" \
656--inputbox "Server status" 10 75 "/var/lib/samhain/samhain.html" \
6572> $tmp
658
659mtest=$?
660if [ $mtest = -1 ]; then
661    exit 1
662fi
663if [ $mtest = 0 ]; then
664    mfile=`cat $tmp`
665    for z in $mfile ; do
666        cfgline="$cfgline --with-html-file=$z"
667    done
668fi
669# if [ "x$INET" = "xyes" ]; then
670fi
671
672   fi
673
674done
675# edit paths
676fi
677
678
679if [ ! -f "configure" ] ; then
680    bail_error "Setup problem... try to install manually"
681fi
682
683echo "./configure $cfgline" > Install.log 2>/dev/null
684
685if [ $? != 0 ]; then
686    $dialog --infobox "ERROR writing to \"Install.log\".\n\nAborting." 10 55
687    exit 1
688fi
689
690
691
692if [ "x$KCHECK" = "xyes" ]; then
693    if [ `id -u` != 0 ]; then
694$dialog --msgbox "Compiling with --with-kcheck option (kernel rootkit detection). This\nrequires root privileges for at least one command during compilation,\nbut you are not running this as root. Please expect compilation to fail.\n\nYou need to run \"make\" manually after failure, and\nfollow the instructions to execute the one required\ncommand as root." 20 75
695    fi
696fi
697
698
699if [ -n "$gauge" ] ; then
700(
701  sfail=0
702  echo 20
703  rm -f config.cache 2> /dev/null
704  echo 30
705  if [ -z "$cfgline2" ]; then
706    ./configure $cfgline >> Install.log 2>&1
707  else
708    ./configure $cfgline --with-checksum="$cfgline2" >> Install.log 2>&1
709  fi
710  cfail=$?
711  echo 50
712  if [ $cfail = 0 ]; then
713    make clean >> Install.log 2>&1
714    cfail=$?
715  else
716    sfail=1
717  fi
718  echo 60
719  if [ $cfail = 0 ]; then
720    make >> Install.log 2>&1
721    cfail=$?
722  else
723    sfail=1
724  fi
725  echo 80
726  if [ $cfail = 0 ]; then
727    make install >> Install.log 2>&1
728    cfail=$?
729  else
730    sfail=1
731  fi
732  echo 100
733  echo cfail=$cfail > $tmp
734  echo sfail=$sfail >> $tmp
735) | $dialog \
736--title 'Compilation and installation' \
737--backtitle "Samhain $VERSION" \
738"$gauge" 'Please wait...' 10 75 10
739else
740  sfail=0
741  rm -f config.cache 2> /dev/null
742  $dialog --infobox "Running configure ..." 4 44
743  if [ -z "$cfgline2" ]; then
744    ./configure $cfgline >> Install.log 2>&1
745  else
746    ./configure $cfgline --with-checksum="$cfgline2" >> Install.log 2>&1
747  fi
748  cfail=$?
749  if [ $cfail = 0 ]; then
750    $dialog --infobox "Running make clean ..." 4 44
751    make clean >> Install.log 2>&1
752    cfail=$?
753  else
754    sfail=1
755  fi
756  if [ $cfail = 0 ]; then
757    $dialog --infobox "Running make ..." 4 44
758    make >> Install.log 2>&1
759    cfail=$?
760  else
761    sfail=1
762  fi
763  if [ $cfail = 0 ]; then
764    $dialog --infobox "Running make install ..." 4 44
765    make install >> Install.log 2>&1
766    cfail=$?
767  else
768    sfail=1
769  fi
770  echo cfail=$cfail > $tmp
771  echo sfail=$sfail >> $tmp
772fi
773
774. $tmp
775
776
777echo "SAMHAIN is now installed on your system." > $tmp
778echo "Please read the documentation to know how to run it." >> $tmp 
779
780
781if [ "x$sfail" = "x0" ] ; then
782
783    if [ "x$cfail" = "x0" ] ; then
784        if [ "x${FULL_STEALTH}" = "xyes" ]; then
785            tail -21 Install.log >> $tmp
786        else
787            tail -11 Install.log >> $tmp
788        fi
789        $dialog --title "Build report (use arrow keys to scroll the text box)" \
790--backtitle "Samhain $VERSION installed. PLEASE READ THE MANUAL." \
791--textbox \
792$tmp \
79320 75
794    else
795        $dialog --title "Problem report" \
796--backtitle "Samhain $VERSION: Build failed (see Install.log):" \
797--msgbox \
798"Compilation was successful, but you need to be root in\norder to install the files to the selected prefix.\nPlease run 'make install' as root." \
79910 75
800    fi
801
802else
803
804    MSG=`tail -10 Install.log`
805    $dialog --title "Problem report" \
806--backtitle "Samhain $VERSION: Build failed (see Install.log):" \
807--msgbox "$MSG" 20 75
808
809fi
810
811rm -f $tmp
812
813exit 0
814
815
816
817
818
819
Note: See TracBrowser for help on using the repository browser.