Skip to content

Commit

Permalink
#26 Add missing files in system packages
Browse files Browse the repository at this point in the history
  • Loading branch information
@To-om
To-om committed May 19, 2017
1 parent 5084a36 commit cb96b17
Show file tree
Hide file tree
Showing 7 changed files with 614 additions and 4 deletions.
9 changes: 5 additions & 4 deletions build.sbt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,14 +54,13 @@ packageSummary := "Powerful Observable Analysis Engine"
packageDescription := """Cortex tries to solve a common problem frequently encountered by SOCs, CSIRTs and security
| researchers in the course of threat intelligence, digital forensics and incident response: how to analyze
| observables they have collected, at scale, by querying a single tool instead of several?
|
| Cortex, an open source and free software, has been created by TheHive Project for this very purpose. Observables,
| such as IP and email addresses, URLs, domain names, files or hashes, can be analyzed one by one or in bulk mode
| using a Web interface. Analysts can also automate these operations thanks to the Cortex REST API. """.stripMargin
defaultLinuxInstallLocation := "/opt"
linuxPackageMappings ~= { _.map { pm =>
val mappings = pm.mappings.filterNot {
case (_, path) => path.startsWith("/opt/cortex/package") || path.startsWith("/opt/cortex/conf")
case (_, path) => path.startsWith("/opt/cortex/package") || (path.startsWith("/opt/cortex/conf") && path != "/opt/cortex/conf/reference.conf")
}
com.typesafe.sbt.packager.linux.LinuxPackageMapping(mappings, pm.fileData).withConfig()
} :+ packageMapping(
Expand All @@ -74,11 +73,12 @@ linuxPackageMappings ~= { _.map { pm =>
}

packageBin := {
(packageBin in Universal).value
(packageBin in Debian).value
(packageBin in Rpm).value
(packageBin in Universal).value
}
// DEB //
version in Debian := version.value + "-2"
debianPackageDependencies += "java8-runtime-headless | java8-runtime"
maintainerScripts in Debian := maintainerScriptsFromDirectory(
baseDirectory.value / "package" / "debian",
Expand All @@ -88,7 +88,7 @@ linuxEtcDefaultTemplate in Debian := (baseDirectory.value / "package" / "etc_def
linuxMakeStartScript in Debian := None

// RPM //
rpmRelease := "1"
rpmRelease := "2"
rpmVendor in Rpm := "TheHive Project"
rpmUrl := Some("http://thehive-project.org/")
rpmLicense := Some("AGPL")
Expand All @@ -109,6 +109,7 @@ packageBin in Rpm := {
// DOCKER //
import com.typesafe.sbt.packager.docker.{ Cmd, ExecCmd }

version in Docker := version.value + "-1"
defaultLinuxInstallLocation in Docker := "/opt/cortex"
dockerRepository := Some("certbdf")
dockerUpdateLatest := true
Expand Down
87 changes: 87 additions & 0 deletions package/debian/postinst
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
#!/bin/sh
set -e
# #######################################
# ## SBT Native Packager Bash Library ##
# #######################################

# Adding system user
# $1 = user
# $2 = uid
# $3 = group
# $4 = description
# $5 = shell (defaults to /bin/false)
addUser() {
user="$1"
if [ -z "$user" ]; then
echo "usage: addUser user [group] [description] [shell]"
exit 1
fi
uid="$2"
if [ -z "$uid" ]; then
uid_flags=""
else
uid_flags="--uid $uid"
fi
group=${3:-$user}
descr=${4:-No description}
shell=${5:-/bin/false}
if ! getent passwd | grep -q "^$user:";
then
echo "Creating system user: $user in $group with $descr and shell $shell"
useradd $uid_flags --gid $group -r --shell $shell -c "$descr" $user
fi
}

# Adding system group
# $1 = group
# $2 = gid
addGroup() {
group="$1"
gid="$2"
if [ -z "$gid" ]; then
gid_flags=""
else
gid_flags="--gid $gid"
fi
if ! getent group | grep -q "^$group:" ;
then
echo "Creating system group: $group"
groupadd $gid_flags -r $group
fi
}

# Will return true even if deletion fails
# $1 = user
deleteUser() {
if hash deluser 2>/dev/null; then
deluser --quiet --system $1 > /dev/null || true
elif hash userdel 2>/dev/null; then
userdel $1
else
echo "WARNING: Could not delete user $1 . No suitable program (deluser, userdel) found"
fi
}

# Will return true even if deletion fails
# $1 = group
deleteGroup() {
if hash delgroup 2>/dev/null; then
delgroup --quiet --system $1 > /dev/null || true
elif hash groupdel 2>/dev/null; then
groupdel $1
else
echo "WARNING: Could not delete user $1 . No suitable program (delgroup, groupdel) found"
fi
}

# #######################################


addGroup cortex ""
addUser cortex "" cortex "cortex daemon-user" "/bin/false"

# Chown definitions created by SBT Native Packager

chown cortex:cortex /var/log/cortex
chown root:cortex /etc/cortex/application.conf /etc/cortex/logback.xml
chmod 0640 /etc/cortex/application.conf /etc/cortex/logback.xml
103 changes: 103 additions & 0 deletions package/debian/postrm
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
#!/bin/sh
set -e
# #######################################
# ## SBT Native Packager Bash Library ##
# #######################################

# Adding system user
# $1 = user
# $2 = uid
# $3 = group
# $4 = description
# $5 = shell (defaults to /bin/false)
addUser() {
user="$1"
if [ -z "$user" ]; then
echo "usage: addUser user [group] [description] [shell]"
exit 1
fi
uid="$2"
if [ -z "$uid" ]; then
uid_flags=""
else
uid_flags="--uid $uid"
fi
group=${3:-$user}
descr=${4:-No description}
shell=${5:-/bin/false}
if ! getent passwd | grep -q "^$user:";
then
echo "Creating system user: $user in $group with $descr and shell $shell"
useradd $uid_flags --gid $group -r --shell $shell -c "$descr" $user
fi
}

# Adding system group
# $1 = group
# $2 = gid
addGroup() {
group="$1"
gid="$2"
if [ -z "$gid" ]; then
gid_flags=""
else
gid_flags="--gid $gid"
fi
if ! getent group | grep -q "^$group:" ;
then
echo "Creating system group: $group"
groupadd $gid_flags -r $group
fi
}

# Will return true even if deletion fails
# $1 = user
deleteUser() {
if hash deluser 2>/dev/null; then
deluser --quiet --system $1 > /dev/null || true
elif hash userdel 2>/dev/null; then
userdel $1
else
echo "WARNING: Could not delete user $1 . No suitable program (deluser, userdel) found"
fi
}

# Will return true even if deletion fails
# $1 = group
deleteGroup() {
if hash delgroup 2>/dev/null; then
delgroup --quiet --system $1 > /dev/null || true
elif hash groupdel 2>/dev/null; then
groupdel $1
else
echo "WARNING: Could not delete user $1 . No suitable program (delgroup, groupdel) found"
fi
}

# #######################################


# Deleting user: ${{user}} and group: ${{group}}
case "$1" in
remove|failed-upgrade|abort-upgrade|abort-install|disappear)
;;
purge)
deleteUser cortex
deleteGroup cortex
;;
upgrade)
;;
*)
echo "postinst called with unknown argument \`\$1'" >&2
;;
esac
# ------------------------------------------------------------------------------------
# ____ _ _ _
# / ___| ___ _ ____ _____ _ __ / \ _ __ ___| |__ ___| |_ _ _ _ __ ___
# \___ \ / _ \ '__\ \ / / _ \ '__| / _ \ | '__/ __| '_ \ / _ \ __| | | | '_ \ / _ \
# ___) | __/ | \ V / __/ | / ___ \| | | (__| | | | __/ |_| |_| | |_) | __/
# |____/ \___|_| \_/ \___|_| /_/ \_\_| \___|_| |_|\___|\__|\__, | .__/ \___|
# |___/|_|
# ------------------------------------------------------------------------------------

# empty
118 changes: 118 additions & 0 deletions package/debian/prerm
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
#!/bin/sh
set -e
# #######################################
# ## SBT Native Packager Bash Library ##
# #######################################

# Adding system user
# $1 = user
# $2 = uid
# $3 = group
# $4 = description
# $5 = shell (defaults to /bin/false)
addUser() {
user="$1"
if [ -z "$user" ]; then
echo "usage: addUser user [group] [description] [shell]"
exit 1
fi
uid="$2"
if [ -z "$uid" ]; then
uid_flags=""
else
uid_flags="--uid $uid"
fi
group=${3:-$user}
descr=${4:-No description}
shell=${5:-/bin/false}
if ! getent passwd | grep -q "^$user:";
then
echo "Creating system user: $user in $group with $descr and shell $shell"
useradd $uid_flags --gid $group -r --shell $shell -c "$descr" $user
fi
}

# Adding system group
# $1 = group
# $2 = gid
addGroup() {
group="$1"
gid="$2"
if [ -z "$gid" ]; then
gid_flags=""
else
gid_flags="--gid $gid"
fi
if ! getent group | grep -q "^$group:" ;
then
echo "Creating system group: $group"
groupadd $gid_flags -r $group
fi
}

# Will return true even if deletion fails
# $1 = user
deleteUser() {
if hash deluser 2>/dev/null; then
deluser --quiet --system $1 > /dev/null || true
elif hash userdel 2>/dev/null; then
userdel $1
else
echo "WARNING: Could not delete user $1 . No suitable program (deluser, userdel) found"
fi
}

# Will return true even if deletion fails
# $1 = group
deleteGroup() {
if hash delgroup 2>/dev/null; then
delgroup --quiet --system $1 > /dev/null || true
elif hash groupdel 2>/dev/null; then
groupdel $1
else
echo "WARNING: Could not delete user $1 . No suitable program (delgroup, groupdel) found"
fi
}

# #######################################

# ------------------------------------------------------------------------------------
# ____ _ _ _
# / ___| ___ _ ____ _____ _ __ / \ _ __ ___| |__ ___| |_ _ _ _ __ ___
# \___ \ / _ \ '__\ \ / / _ \ '__| / _ \ | '__/ __| '_ \ / _ \ __| | | | '_ \ / _ \
# ___) | __/ | \ V / __/ | / ___ \| | | (__| | | | __/ |_| |_| | |_) | __/
# |____/ \___|_| \_/ \___|_| /_/ \_\_| \___|_| |_|\___|\__|\__, | .__/ \___|
# |___/|_|
# ------------------------------------------------------------------------------------

#
# Adding service to autostart
# $1 = service name
#
startService() {
app_name=$1
initctl reload-configuration
service $app_name start
}

#
# Removing service from autostart
# $1 = service name
#
stopService() {
app_name=$1
service $app_name stop
}

#
# Restarting the service after package upgrade
# $1 = service name
#
restartService() {
app_name=$1
initctl reload-configuration
service $app_name start
}


stopService cortex || echo "cortex wasn't even running!"
Loading

0 comments on commit cb96b17

Please sign in to comment.