tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2013-09-19 Ramon Novoa <rnovoa@artica.es> 

* Linux/pandora_agent.conf: The default user should not be pandora.

	* pandora_agent_installer: Removed some calls to chown that had the
	  potential to damage a Linux system.

	* pandora_agent: Delay the parsing of include files to make sure
	  that all variables that may affect a module's configuration
	  have already been read.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@8783 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
ramonn 2013-09-19 12:07:31 +00:00
parent e04398237c
commit 413f64ba2d
4 changed files with 43 additions and 41 deletions

11
pandora_agents/unix/ChangeLog
View File

@ -1,3 +1,14 @@
2013-09-19 Ramon Novoa <rnovoa@artica.es>
* Linux/pandora_agent.conf: The default user should not be pandora.
* pandora_agent_installer: Removed some calls to chown that had the
potential to damage a Linux system.
* pandora_agent: Delay the parsing of include files to make sure
that all variables that may affect a module's configuration
have already been read.
2013-09-13 Ramon Novoa <rnovoa@artica.es> 2013-09-13 Ramon Novoa <rnovoa@artica.es>
* pandora_agent: Added a missing parameter to a call to log_message. * pandora_agent: Added a missing parameter to a call to log_message.

2
pandora_agents/unix/Linux/pandora_agent.conf
View File

@ -125,7 +125,7 @@ remote_config 0
#agent_threads 1 #agent_threads 1
# User the agent will run as # User the agent will run as
#pandora_user root #pandora_user pandora
# Enable or disable XML buffer. # Enable or disable XML buffer.
# If you are in a secured environment and want to enable the XML buffer you # If you are in a secured environment and want to enable the XML buffer you

41
pandora_agents/unix/pandora_agent
View File

@ -649,22 +649,6 @@ sub read_config (;$) {
next; next;
} }
next if ($line =~ /^module\s*\w*/); next if ($line =~ /^module\s*\w*/);
# Additional configuration file
if ($line =~ /^include\s+(.*)\s*/) {
log_message ('setup', "include is $1");
$Conf{'include'} = $Conf{'include'} ? "$Conf{'include'} $1" : $1;
foreach my $file_name (glob("$1")) {
open (FILE, "$file_name") or next;
log_message ('setup', "reading $file_name");
my @file_conf = <FILE>;
parse_conf_modules(\@file_conf);
close (FILE);
}
next;
}
#Configuration token #Configuration token
if ($line =~ /^\s*(\S+)\s+(.*)$/) { if ($line =~ /^\s*(\S+)\s+(.*)$/) {
@ -693,6 +677,31 @@ sub read_config (;$) {
$Conf{'intensive_interval'} = $Conf{'interval'}; $Conf{'intensive_interval'} = $Conf{'interval'};
} }
# Search for includes after all other variables have been set
foreach my $line (@file) {
# Skip comments and empty lines
next if ($line =~ m/^\s*#/) or ($line =~ m/^\s*$/);
# Replace CRLF with LF
$line =~ s/\r\n/\n/g;
# Additional configuration file
if ($line =~ /^include\s+(.*)\s*/) {
$Conf{'include'} = $Conf{'include'} ? "$Conf{'include'} $1" : $1;
foreach my $file_name (glob("$1")) {
open (FILE, "$file_name") or next;
log_message ('setup', "reading $file_name");
my @file_conf = <FILE>;
parse_conf_modules(\@file_conf);
close (FILE);
}
next;
}
}
# Module, plugin and collection definitions # Module, plugin and collection definitions
parse_conf_modules(\@file); parse_conf_modules(\@file);

30
pandora_agents/unix/pandora_agent_installer
View File

@ -32,6 +32,11 @@ PANDORA_BASE=`echo $2 | sed -e 's/\/$//'`
if [ "$3" != "" ] if [ "$3" != "" ]
then then
PANDORA_USER=$3 PANDORA_USER=$3
if [ "$PANDORA_BASE" == "" ]
then
echo "When specifying a custom user the agent must be installed to a custom location where that user has write permissions!"
exit 1
fi
else else
PANDORA_USER="root" PANDORA_USER="root"
fi fi
@ -240,10 +245,6 @@ install () {
# Alter dynamically the daemon launcher and setup the new path # Alter dynamically the daemon launcher and setup the new path
# if PANDORA_BASE is customized. # if PANDORA_BASE is customized.
AGENT_CFG=$OS_NAME/pandora_agent.conf
AGENT_CFG_TEMP=$OS_NAME/pandora_agent.conf.temp
if [ ! -z "$PANDORA_BASE" ] if [ ! -z "$PANDORA_BASE" ]
then then
if [ "$OS_NAME" = "FreeBSD" ] if [ "$OS_NAME" = "FreeBSD" ]
@ -342,6 +343,7 @@ install () {
sed -e "s/.*pandora_user .*/pandora_user $PANDORA_USER/" $AGENT_CFG > $AGENT_CFG_TEMP 2> /dev/null && \ sed -e "s/.*pandora_user .*/pandora_user $PANDORA_USER/" $AGENT_CFG > $AGENT_CFG_TEMP 2> /dev/null && \
mv $AGENT_CFG_TEMP $AGENT_CFG mv $AGENT_CFG_TEMP $AGENT_CFG
chmod 755 pandora_agent_daemon chmod 755 pandora_agent_daemon
chown -R $PANDORA_USER $PANDORA_BASE
fi fi
# Create logfile # Create logfile
@ -452,26 +454,6 @@ install () {
chmod -R 770 $PANDORA_BASE$PANDORA_TEMP chmod -R 770 $PANDORA_BASE$PANDORA_TEMP
chmod 775 $PANDORA_BASE$PANDORA_TEMP chmod 775 $PANDORA_BASE$PANDORA_TEMP
fi fi
#chown each directory one by one to avoid erros when no pandora_base and pandora_use is given
chown -R $PANDORA_USER $PANDORA_BASE/var/log
chown -R $PANDORA_USER $PANDORA_BASE/$PANDORA_MAN/man1
if [ "$OS_NAME" = "FreeBSD" ]
then
chown -R $PANDORA_USER $PANDORA_BASE/usr/local/bin
else
chown -R $PANDORA_USER $PANDORA_BASE/usr/bin
fi
chown -R $PANDORA_USER $PANDORA_BASE$PANDORA_HOME
chown -R $PANDORA_USER $PANDORA_BASE/tmp
chown -R $PANDORA_USER $PANDORA_BASE$PANDORA_TEMP/data_out
chown -R $PANDORA_USER $PANDORA_BASE$PANDORA_CFG
chown -R $PANDORA_USER $PANDORA_BASE$PANDORA_LOG_DIR
chown -R $PANDORA_USER $PANDORA_BASE$PANDORA_HOME/collections
chown -R $PANDORA_USER $PANDORA_BASE$PANDORA_HOME/plugins
echo "Copying default agent configuration to $PANDORA_BASE$PANDORA_CFG/pandora_agent.conf" echo "Copying default agent configuration to $PANDORA_BASE$PANDORA_CFG/pandora_agent.conf"