From 5e6a573b5acb43f5f6f8432b6f49ec9e08463fe8 Mon Sep 17 00:00:00 2001 From: Mario Preksavec Date: Fri, 14 Oct 2016 13:45:14 +0700 Subject: system/ossec-local: Added (Open Source Host-based IDS). Signed-off-by: Willy Sudiarto Raharjo --- system/ossec-local/doinst.sh | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 system/ossec-local/doinst.sh (limited to 'system/ossec-local/doinst.sh') diff --git a/system/ossec-local/doinst.sh b/system/ossec-local/doinst.sh new file mode 100644 index 0000000000000..a68e4ea3a2e13 --- /dev/null +++ b/system/ossec-local/doinst.sh @@ -0,0 +1,29 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +preserve_perms() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ -e $OLD ]; then + cp -a $OLD ${NEW}.incoming + cat $NEW > ${NEW}.incoming + mv ${NEW}.incoming $NEW + fi + config $NEW +} + +preserve_perms etc/rc.d/rc.ossec.new +config etc/ossec-init.conf.new +config etc/logrotate.d/ossec.new +find var/ossec/etc var/ossec/rules -type f -name '*.new' \ + | while read new ; do config $new ; done -- cgit v1.2.3