You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Introduction

This document will describe how to install Open-AudIT v1.0 on GNU/Linux distros.

 Caveats

These installation instructions and scripts have been tested on Ubuntu 12.04, Ubuntu 13.04, Debian 7 and CentOS 6.3. Other distributions may work. If you do install on another distribution and make alterations to the install script (or notes thereof), please contribute this back to the community so others can also benefit.

Assumptions

The reader is assumed to have a working knowledge of UNIX or GNU/Linux systems.

Where there are differences between CentOS 6 and Debian/Ubuntu, this document will use the following convention.

Instructions specific to Red Hat/CentOS will be in RED.

Instructions specific to Debian/Ubuntu will be in BLUE.

Instructions applicable to any distro will remain in BLACK.

Also, this document will use the <oadir> tag to refer to Open-AudIT's installation directory. The default place is /usr/local/open-audit.

Installation

Linux Distribution

First, install your GNU/Linux distribution. With both CentOS and Debian/Ubuntu, I do a basic installation with no extra stuff. That means no GNOME, KDE, "Server" packages, or anything else. Just a base installation is all that's necessary. This guide has been checked on Linux installs with minimal install which is indeed quite minimal, because of this you may see some packages being installed that you might normally assume to be installed.

Linux Security Settings

If you're running CentOS or any other Red Hat-derived distribution, be sure that SELinux is turned off, Permissive mode was tested and it worked well, just very nagging. So disabling SELinux is a lot easier that way.

Also, I like to turn off the default Red Hat firewall. It is assumed that the reader knows how to do both of these; if not, there are plenty of resources on the Web describing how.

Additional Packages

Now that you have your system set up, there are some things that we need to install to make Open-AudIT work. 

 

CentOS Additional Packages

rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
yum -y install mysql mysql-server
chkconfig --levels 235 mysqld on
service mysqld start
yum -y install httpd
chkconfig --levels 235 httpd on
service httpd start
yum -y install nano openssh-server php php-cli php-mysql php-ldap php-mbstring php-mcrypt php-snmp php-xml nmap snmp zip
chkconfig --levels 235 sshd on
service sshd start
sed -i -e 's/SELINUX=/#SELINUX=/g' /etc/selinux/config
echo "SELINUX=disabled" >> /etc/selinux/config
setenforce 0
sed -i '1s/^/A INPUT -p tcp -m tcp --dport 80 -j ACCEPT\n/' /etc/sysconfig/iptables
sed -i '1s/^/A INPUT -p tcp -m tcp --dport 443 -j ACCEPT\n/' /etc/sysconfig/iptables
sed -i -e 's/memory_limit/;memory_limit/g' /etc/php.ini
echo "memory_limit = 512M" >> /etc/php.ini
sed -i -e 's/max_execution_time/;max_execution_time/g' /etc/php.ini
echo "max_execution_time = 300" >> /etc/php.ini
sed -i -e 's/max_input_time/;max_input_time/g' /etc/php.ini
echo "max_input_time = 600" >> /etc/php.ini
sed -i -e 's/error_reporting/;error_reporting/g' /etc/php.ini
echo "error_reporting = E_ALL" >> /etc/php.ini
sed -i -e 's/display_errors/;display_errors/g' /etc/php.ini
echo "display_errors = On" >> /etc/php.ini
sed -i -e 's/upload_max_filesize/;upload_max_filesize/g' /etc/php.ini
echo "upload_max_filesize = 10M" >> /etc/php.ini
sed -i -e 's/date.timezone/;date.timezone/g' /etc/php.ini
echo "date.timezone = $TIMEZONE" >> /etc/php.ini
echo "ServerName $HOSTNAME" >> /etc/httpd/conf/httpd.conf
chsh -s /bin/bash apache
service httpd restart
  • No labels