diff --git a/macos/package_files/4.2.3/build.sh b/macos/package_files/4.2.3/build.sh deleted file mode 100755 index d99b415d4f..0000000000 --- a/macos/package_files/4.2.3/build.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/bash -# Program to build OSX wazuh-agent -# Wazuh package generator -# Copyright (C) 2015-2020, Wazuh Inc. -# -# This program is a free software; you can redistribute it -# and/or modify it under the terms of the GNU General Public -# License (version 2) as published by the FSF - Free Software -# Foundation. -set -exf -DESTINATION_PATH=$1 -SOURCES_PATH=$2 -BUILD_JOBS=$3 -INSTALLATION_SCRIPTS_DIR=${DESTINATION_PATH}/packages_files/agent_installation_scripts - -function configure() { - echo USER_LANGUAGE="en" > ${CONFIG} - echo USER_NO_STOP="y" >> ${CONFIG} - echo USER_INSTALL_TYPE="agent" >> ${CONFIG} - echo USER_DIR="${DESTINATION_PATH}" >> ${CONFIG} - echo USER_DELETE_DIR="y" >> ${CONFIG} - echo USER_CLEANINSTALL="y" >> ${CONFIG} - echo USER_BINARYINSTALL="y" >> ${CONFIG} - echo USER_AGENT_SERVER_IP="MANAGER_IP" >> ${CONFIG} - echo USER_ENABLE_SYSCHECK="y" >> ${CONFIG} - echo USER_ENABLE_ROOTCHECK="y" >> ${CONFIG} - echo USER_ENABLE_OPENSCAP="n" >> ${CONFIG} - echo USER_ENABLE_CISCAT="n" >> ${CONFIG} - echo USER_ENABLE_ACTIVE_RESPONSE="y" >> ${CONFIG} - echo USER_CA_STORE="n" >> ${CONFIG} -} - -function build() { - - configure - - if [ -z "${USER_BINARYINSTALL}" ]; then - make -C ${SOURCES_PATH}/src deps TARGET=agent - - echo "Generating Wazuh executables" - make -j$JOBS -C ${SOURCES_PATH}/src DYLD_FORCE_FLAT_NAMESPACE=1 TARGET=agent build - fi - - echo "Running install script" - ${SOURCES_PATH}/install.sh - - find ${DESTINATION_PATH}/ruleset/sca/ -type f -exec rm -f {} \; - - # Add the auxiliar script used while installing the package - mkdir -p ${INSTALLATION_SCRIPTS_DIR}/ - cp ${SOURCES_PATH}/gen_ossec.sh ${INSTALLATION_SCRIPTS_DIR}/ - cp ${SOURCES_PATH}/add_localfiles.sh ${INSTALLATION_SCRIPTS_DIR}/ - - mkdir -p ${INSTALLATION_SCRIPTS_DIR}/src/init - mkdir -p ${INSTALLATION_SCRIPTS_DIR}/etc/templates/config/{generic,darwin} - - cp -r ${SOURCES_PATH}/etc/templates/config/generic ${INSTALLATION_SCRIPTS_DIR}/etc/templates/config - cp -r ${SOURCES_PATH}/etc/templates/config/darwin ${INSTALLATION_SCRIPTS_DIR}/etc/templates/config - - find ${SOURCES_PATH}/src/init/ -name *.sh -type f -exec install -m 0640 {} ${INSTALLATION_SCRIPTS_DIR}/src/init \; - - mkdir -p ${INSTALLATION_SCRIPTS_DIR}/sca/generic - mkdir -p ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/{15,16,17,18,20} - - cp -r ${SOURCES_PATH}/ruleset/sca/darwin ${INSTALLATION_SCRIPTS_DIR}/sca - cp -r ${SOURCES_PATH}/ruleset/sca/generic ${INSTALLATION_SCRIPTS_DIR}/sca - cp ${SOURCES_PATH}/etc/templates/config/generic/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/generic/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/15/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/15/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/16/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/16/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/17/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/17/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/18/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/18/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/19/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/19/ - cp ${SOURCES_PATH}/etc/templates/config/darwin/20/sca.files ${INSTALLATION_SCRIPTS_DIR}/sca/darwin/20/ - - cp ${SOURCES_PATH}/src/VERSION ${INSTALLATION_SCRIPTS_DIR}/src/ - cp ${SOURCES_PATH}/src/REVISION ${INSTALLATION_SCRIPTS_DIR}/src/ -} - -build diff --git a/macos/package_files/4.2.3/postinstall.sh b/macos/package_files/4.2.3/postinstall.sh deleted file mode 100755 index 7b269fc216..0000000000 --- a/macos/package_files/4.2.3/postinstall.sh +++ /dev/null @@ -1,124 +0,0 @@ -#! /bin/bash -# By Spransy, Derek" and Charlie Scott -# Modified by Santiago Bassett (http://www.wazuh.com) - Feb 2016 -# alterations by bil hays 2013 -# -Switched to bash -# -Added some sanity checks -# -Added routine to find the first 3 contiguous UIDs above 100, -# starting at 600 puts this in user space -# -Added lines to append the ossec users to the group ossec -# so the the list GroupMembership works properly -GROUP="ossec" -USER="ossec" -DIR="/Library/Ossec" -INSTALLATION_SCRIPTS_DIR="${DIR}/packages_files/agent_installation_scripts" -SCA_BASE_DIR="${INSTALLATION_SCRIPTS_DIR}/sca" - -if [ $(launchctl getenv WAZUH_PKG_UPGRADE) = true ]; then - rm -rf ${DIR}/etc/{ossec.conf,client.keys,local_internal_options.conf,shared} - cp -rf ${DIR}/config_files/{ossec.conf,client.keys,local_internal_options.conf,shared} ${DIR}/etc/ - rm -rf ${DIR}/config_files/ -fi - -# Default for all directories -chmod -R 750 ${DIR}/ -chown -R root:${GROUP} ${DIR}/ - -chown -R root:wheel ${DIR}/bin -chown -R root:wheel ${DIR}/lib - -# To the ossec queue (default for agentd to read) -chown -R ${USER}:${GROUP} ${DIR}/queue/{alerts,diff,sockets,rids} - -chmod -R 770 ${DIR}/queue/{alerts,sockets} -chmod -R 750 ${DIR}/queue/{diff,sockets,rids} - -# For the logging user -chmod 770 ${DIR}/logs -chown -R ${USER}:${GROUP} ${DIR}/logs -find ${DIR}/logs/ -type d -exec chmod 750 {} \; -find ${DIR}/logs/ -type f -exec chmod 660 {} \; - -chown -R root:${GROUP} ${DIR}/tmp -chmod 1750 ${DIR}/tmp - -chmod 770 ${DIR}/etc -chown ${USER}:${GROUP} ${DIR}/etc -chmod 640 ${DIR}/etc/internal_options.conf -chown root:${GROUP} ${DIR}/etc/internal_options.conf -chmod 640 ${DIR}/etc/local_internal_options.conf -chown root:${GROUP} ${DIR}/etc/local_internal_options.conf -chmod 640 ${DIR}/etc/client.keys -chown root:${GROUP} ${DIR}/etc/client.keys -chmod 640 ${DIR}/etc/localtime -chmod 770 ${DIR}/etc/shared # ossec must be able to write to it -chown -R root:${GROUP} ${DIR}/etc/shared -find ${DIR}/etc/shared/ -type f -exec chmod 660 {} \; -chown root:${GROUP} ${DIR}/etc/ossec.conf -chmod 660 ${DIR}/etc/ossec.conf - - -chmod 770 ${DIR}/.ssh - -# For the /var/run -chmod -R 770 ${DIR}/var -chown -R root:${GROUP} ${DIR}/var - -. ${INSTALLATION_SCRIPTS_DIR}/src/init/dist-detect.sh - -upgrade=$(launchctl getenv WAZUH_PKG_UPGRADE) -restart=$(launchctl getenv WAZUH_RESTART) - -launchctl unsetenv WAZUH_PKG_UPGRADE -launchctl unsetenv WAZUH_RESTART - -if [ "${upgrade}" = "false" ]; then - ${INSTALLATION_SCRIPTS_DIR}/gen_ossec.sh conf agent ${DIST_NAME} ${DIST_VER}.${DIST_SUBVER} ${DIR} > ${DIR}/etc/ossec.conf - chown root:ossec ${DIR}/etc/ossec.conf - chmod 0640 ${DIR}/etc/ossec.conf -fi - -SCA_DIR="${DIST_NAME}/${DIST_VER}" -mkdir -p ${DIR}/ruleset/sca - -SCA_TMP_DIR="${SCA_BASE_DIR}/${SCA_DIR}" - -# Install the configuration files needed for this hosts -if [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/${DIST_SUBVER}" -elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}/${DIST_VER}" -elif [ -r "${SCA_BASE_DIR}/${DIST_NAME}/sca.files" ]; then - SCA_TMP_DIR="${SCA_BASE_DIR}/${DIST_NAME}" -else - SCA_TMP_DIR="${SCA_BASE_DIR}/generic" -fi - -SCA_TMP_FILE="${SCA_TMP_DIR}/sca.files" - -if [ -r ${SCA_TMP_FILE} ]; then - - rm -f ${DIR}/ruleset/sca/* || true - - for sca_file in $(cat ${SCA_TMP_FILE}); do - mv ${SCA_BASE_DIR}/${sca_file} ${DIR}/ruleset/sca - done -fi - -# Register and configure agent if Wazuh environment variables are defined -${INSTALLATION_SCRIPTS_DIR}/src/init/register_configure_agent.sh ${DIR} > /dev/null || : - -# Install the service -${INSTALLATION_SCRIPTS_DIR}/src/init/darwin-init.sh ${DIR} - -# Remove temporary directory -rm -rf ${DIR}/packages_files - -# Remove 4.1.5 patch -if [ -f ${DIR}/queue/alerts/sockets ]; then - rm ${DIR}/queue/alerts/sockets -fi - -if ${upgrade} && ${restart}; then - ${DIR}/bin/wazuh-control restart -fi diff --git a/macos/package_files/4.2.3/preinstall.sh b/macos/package_files/4.2.3/preinstall.sh deleted file mode 100755 index 3b97800f41..0000000000 --- a/macos/package_files/4.2.3/preinstall.sh +++ /dev/null @@ -1,228 +0,0 @@ -#! /bin/bash -# By Spransy, Derek" and Charlie Scott -# Modified by Wazuh, Inc. . -# This program is a free software; you can redistribute it and/or modify it under the terms of GPLv2 - -##### -# This checks for an error and exits with a custom message -# Returns zero on success -# $1 is the message -# $2 is the error code - -DIR="/Library/Ossec" - -if [ ! -d ${DIR} ]; then - launchctl setenv WAZUH_PKG_UPGRADE false -else - launchctl setenv WAZUH_PKG_UPGRADE true - if ${DIR}/bin/wazuh-control status | grep "is running" > /dev/null 2>&1; then - launchctl setenv WAZUH_RESTART true - elif ${DIR}/bin/ossec-control status | grep "is running" > /dev/null 2>&1; then - launchctl setenv WAZUH_RESTART true - else - launchctl setenv WAZUH_RESTART false - fi -fi - -# Stops the agent before upgrading it -if [ -f ${DIR}/bin/wazuh-control ]; then - ${DIR}/bin/wazuh-control stop -elif [ -f ${DIR}/bin/ossec-control ]; then - ${DIR}/bin/ossec-control stop -fi - -if [ $(launchctl getenv WAZUH_PKG_UPGRADE) = true ]; then - mkdir -p ${DIR}/config_files/ - cp -r ${DIR}/etc/{ossec.conf,client.keys,local_internal_options.conf,shared} ${DIR}/config_files/ - - if [ -d ${DIR}/logs/ossec ]; then - mv ${DIR}/logs/ossec ${DIR}/logs/wazuh - fi - - if [ -d ${DIR}/queue/ossec ]; then - mv ${DIR}/queue/ossec ${DIR}/queue/sockets - fi -fi - -if [ $(launchctl getenv WAZUH_PKG_UPGRADE) = true ]; then - if pkgutil --pkgs | grep -i wazuh-agent-etc > /dev/null 2>&1 ; then - pkgutil --forget com.wazuh.pkg.wazuh-agent-etc - fi -fi - -if [[ ! -f "/usr/bin/dscl" ]] - then - echo "Error: I couldn't find dscl, dying here"; - exit -fi - -DSCL="/usr/bin/dscl"; - -function check_errm -{ - if [[ ${?} != "0" ]] - then - echo "${1}"; - exit ${2}; - fi -} - -# get unique id numbers (uid, gid) that are greater than 100 -unset -v i new_uid new_gid idvar; -declare -i new_uid=0 new_gid=0 i=100 idvar=0; -while [[ $idvar -eq 0 ]]; do - i=$[i+1] - if [[ -z "$(/usr/bin/dscl . -search /Users uid ${i})" ]] && [[ -z "$(/usr/bin/dscl . -search /Groups gid ${i})" ]]; - then - new_uid=$i - new_gid=$i - idvar=1 - #break - fi -done - -echo "UID available for ossec user is:"; -echo ${new_uid} - -# Verify that the uid and gid exist and match -if [[ $new_uid -eq 0 ]] || [[ $new_gid -eq 0 ]]; - then - echo "Getting unique id numbers (uid, gid) failed!"; - exit 1; -fi -if [[ ${new_uid} != ${new_gid} ]] - then - echo "I failed to find matching free uid and gid!"; - exit 5; -fi - -# Creating the group -if [[ $(dscl . -read /Groups/ossec) ]] - then - echo "ossec group already exists."; -else - sudo ${DSCL} localhost -create /Local/Default/Groups/ossec - check_errm "Error creating group ossec" "67" - sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec PrimaryGroupID ${new_gid} - sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RealName ossec - sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RecordName ossec - sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec RecordType: dsRecTypeStandard:Groups - sudo ${DSCL} localhost -createprop /Local/Default/Groups/ossec Password "*" -fi - -# Creating the user -if [[ $(dscl . -read /Users/ossec) ]] - then - echo "ossec user already exists."; -else - sudo ${DSCL} localhost -create /Local/Default/Users/ossec - check_errm "Error creating user ossec" "77" - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec RecordName ossec - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec RealName ossec - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec UserShell /usr/bin/false - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec NFSHomeDirectory /var/ossec - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec UniqueID ${new_uid} - sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec PrimaryGroupID ${new_gid} - sudo ${DSCL} localhost -append /Local/Default/Groups/ossec GroupMembership ossec -sudo ${DSCL} localhost -createprop /Local/Default/Users/ossec Password "*" -fi - -#Hide the fixed users -dscl . create /Users/ossec IsHidden 1 - -sudo tee /Library/LaunchDaemons/com.wazuh.agent.plist <<-'EOF' - - - - - Label - com.wazuh.agent - ProgramArguments - - /Library/StartupItems/WAZUH/launcher.sh - - RunAtLoad - - - -EOF -chown root:wheel /Library/LaunchDaemons/com.wazuh.agent.plist -chmod u=rw-,go=r-- /Library/LaunchDaemons/com.wazuh.agent.plist - -sudo mkdir /Library/StartupItems/WAZUH -chown root:wheel /Library/StartupItems/WAZUH - -sudo tee /Library/StartupItems/WAZUH/WAZUH <<-'EOF' -#!/bin/sh -. /etc/rc.common - -DIRECTORY="/Library/Ossec" - -StartService () -{ - ${DIRECTORY}/bin/wazuh-control start -} -StopService () -{ - ${DIRECTORY}/bin/wazuh-control stop -} -RestartService () -{ - ${DIRECTORY}/bin/wazuh-control restart -} -RunService "$1" -EOF -chown root:wheel /Library/StartupItems/WAZUH/WAZUH -chmod u=rwx,go=r-x /Library/StartupItems/WAZUH/WAZUH - -sudo tee /Library/StartupItems/WAZUH/StartupParameters.plist <<-'EOF' - - - - - Description - WAZUH Security agent - Messages - - start - Starting Wazuh agent - stop - Stopping Wazuh agent - - Provides - - WAZUH - - Requires - - IPFilter - - - -EOF -chown root:wheel /Library/StartupItems/WAZUH/StartupParameters.plist -chmod u=rw-,go=r-- /Library/StartupItems/WAZUH/StartupParameters.plist - -sudo tee /Library/StartupItems/WAZUH/launcher.sh <<-'EOF' -#!/bin/sh - -DIRECTORY="/Library/Ossec" - -capture_sigterm() { - ${DIRECTORY}/bin/wazuh-control stop - exit $? -} - -if ! ${DIRECTORY}/bin/wazuh-control start; then - ${DIRECTORY}/bin/wazuh-control stop -fi - -while : ; do - trap capture_sigterm SIGTERM - sleep 3 -done -EOF - -chown root:wheel /Library/StartupItems/WAZUH/launcher.sh -chmod u=rxw-,go=rx- /Library/StartupItems/WAZUH/launcher.sh