1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
#!/bin/sh
set -e
# summary of how this script can be called:
# * <new-preinst> `install'
# * <new-preinst> `install' <old-version>
# * <new-preinst> `upgrade' <old-version>
# * <old-preinst> `abort-upgrade' <new-version>
DEFAULT=/etc/default/snort
PARAMETERS=/etc/snort/snort.common.parameters
# Initialise variables
SNORTUSER=""
SNORTGROUP=""
LOGDIR=""
check_parameters() {
# Check if the old parameters file is there and this is
# an upgrade (default is not)
# Abort if either the old parameters file does not exist
# or if the new default has already been installed
[ ! -r "$PARAMETERS" ] && return
[ -r "$DEFAULT" ] && return
# Extract our values from there
logdir=`cat $PARAMETERS | perl -ne 'print $1 if /-l\s+([\w\/]+)/'`
user_snort=`cat $PARAMETERS | perl -ne 'print $1 if /-u\s+(\w+)/'`
group_snort=`cat $PARAMETERS | perl -ne 'print $1 if /-g\s+(\w+)/'`
extraparms=`cat $PARAMETERS | sed -e 's/-l[[:space:]]\+[\/[:alnum:]]\+[[:space:]]\+//g; s/-u[[:space:]]\+[[:alnum:]]\+[[:space:]]*//g; s/-g[[:space:]]\+[[:alnum:]]\+[[:space:]]*//g;'`
echo "Creating new $DEFAULT configuration based on $PARAMETERS"
cat <<EOF >$DEFAULT
# Parameters for the daemon
PARAMS="$extraparms"
# Logging directory
LOGDIR="$logdir"
# Snort user
SNORTUSER="$user_snort"
# Snort group
SNORTGROUP="$group_snort"
EOF
return
}
case "$1" in
install|upgrade)
check_parameters
[ -r "$DEFAULT" ] && . $DEFAULT
# Sane defaults, just in case
[ -z "$SNORTUSER" ] && SNORTUSER=snort
[ -z "$SNORTGROUP" ] && SNORTGROUP=snort
[ -z "$LOGDIR" ] && LOGDIR=/var/log/snort
# create snort user to avoid running snort as root
# 1. create group if not existing
if ! getent group | grep -q "^$SNORTGROUP:" ; then
addgroup --quiet --system $SNORTGROUP 2>/dev/null || true
fi
# 2. create homedir if not existing
test -d $LOGDIR || mkdir $LOGDIR
# 3. create user if not existing
if ! getent passwd | grep -q "^$SNORTUSER:"; then
adduser --quiet \
--system \
--ingroup $SNORTGROUP \
--no-create-home \
--disabled-password \
$SNORTUSER 2>/dev/null || true
fi
# 4. adjust passwd entry
usermod -c "Snort IDS" \
-d $LOGDIR \
-g $SNORTGROUP \
$SNORTUSER
# 5. adjust file and directory permissions
if ! dpkg-statoverride --list $LOGDIR >/dev/null
then
chown -R $SNORTUSER:adm $LOGDIR
chmod u=rwx,g=rxs,o= $LOGDIR
fi
# setup /etc/snort
test -d /etc/snort || mkdir /etc/snort
# move config file to new location
if [ -e /etc/snort.conf ]; then
mv /etc/snort.conf /etc/snort/snort.conf
fi
# rename probably existing cron job with old name
if [ -e /etc/cron.daily/snort ]; then
mv /etc/cron.daily/snort /etc/cron.daily/5snort
fi
# If this is the first time we are installation then create
# the /etc/snort/db-pending-config
if [ "$1" = "install" ] && [ -z "$2" ] ; then
touch /etc/snort/db-pending-config
fi
;;
configure)
;;
abort-upgrade)
;;
*)
echo "preinst called with unknown argument \`$1'" >&2
exit 0
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0
|
