From 012c7178acc51975cf390eabf204bb6a1896fc46 Mon Sep 17 00:00:00 2001 From: Stephane Segning Lambou Date: Fri, 16 Aug 2024 18:41:03 +0100 Subject: [PATCH] chore: more colors to the bash script --- scripts/install.sh | 155 +++++++++++++++++++++++++-------------------- 1 file changed, 88 insertions(+), 67 deletions(-) diff --git a/scripts/install.sh b/scripts/install.sh index f58dda1..c62f6ad 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -11,23 +11,57 @@ LOG_LEVEL=${LOG_LEVEL:-INFO} USER="root" GROUP="wazuh" -# Function to handle logging +# Define text formatting +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[1;34m' +BOLD='\033[1m' +NORMAL='\033[0m' + +# Function for logging with timestamp log() { local LEVEL="$1" shift local MESSAGE="$*" - local TIMESTAMP="$(date +"%Y-%m-%d %H:%M:%S")" + local TIMESTAMP + TIMESTAMP=$(date +"%Y-%m-%d %H:%M:%S") + echo -e "${TIMESTAMP} ${LEVEL} ${MESSAGE}" +} - if [ "$LEVEL" = "ERROR" ] || { [ "$LEVEL" = "WARNING" ] && [ "$LOG_LEVEL" != "ERROR" ]; } || { [ "$LEVEL" = "INFO" ] && [ "$LOG_LEVEL" = "INFO" ]; }; then - echo "$TIMESTAMP [$LEVEL] $MESSAGE" - fi +# Logging helpers +info_message() { + log "${BLUE}${BOLD}[INFO]${NORMAL}" "$*" +} + +warn_message() { + log "${YELLOW}${BOLD}[WARNING]${NORMAL}" "$*" +} + +error_message() { + log "${RED}${BOLD}[ERROR]${NORMAL}" "$*" +} + +success_message() { + log "${GREEN}${BOLD}[SUCCESS]${NORMAL}" "$*" } -# Function to print steps print_step() { - local step="$1" - local message="$2" - log INFO "------ Step $step : $message ------" + log "${BLUE}${BOLD}[STEP]${NORMAL}" "$1: $2" +} + +# Check if sudo is available or if the script is run as root +maybe_sudo() { + if [ "$(id -u)" -ne 0 ]; then + if command -v sudo >/dev/null 2>&1; then + sudo "$@" + else + error_message "This script requires root privileges. Please run with sudo or as root." + exit 1 + fi + else + "$@" + fi } custom_sed() { @@ -40,7 +74,7 @@ custom_sed() { elif [ "$(uname)" = "Darwin" ]; then maybe_sudo sed -e -i '' "$pattern" "$file" > "$tmp_file" else - log ERROR "Unsupported OS for sed." + error_message "Unsupported OS for sed." exit 1 fi @@ -50,49 +84,35 @@ custom_sed() { # Create a temporary directory and ensure it's cleaned up on exit TMP_DIR=$(mktemp -d) cleanup() { - log INFO "Cleaning up temporary files..." + info_message "Cleaning up temporary files..." rm -rf "$TMP_DIR" } trap cleanup EXIT -# Check if sudo is available or if the script is run as root -maybe_sudo() { - if [ "$(id -u)" -ne 0 ]; then - if command -v sudo >/dev/null 2>&1; then - sudo "$@" - else - log ERROR "This script requires root privileges. Please run with sudo or as root." - exit 1 - fi - else - "$@" - fi -} - # Ensure that the root:wazuh user and group exist, creating them if necessary ensure_user_group() { - log INFO "Ensuring that the $USER:$GROUP user and group exist..." + info_message "Ensuring that the $USER:$GROUP user and group exist..." if ! id -u "$USER" >/dev/null 2>&1; then - log INFO "Creating user $USER..." + info_message "Creating user $USER..." if [ "$(uname -o)" = "GNU/Linux" ] && command -v groupadd >/dev/null 2>&1; then maybe_sudo useradd -m "$USER" elif [ "$(which apk)" = "/sbin/apk" ]; then maybe_sudo adduser -D "$USER" else - log ERROR "Unsupported OS for creating user." + error_message "Unsupported OS for creating user." exit 1 fi fi if ! getent group "$GROUP" >/dev/null 2>&1; then - log INFO "Creating group $GROUP..." + info_message "Creating group $GROUP..." if [ "$(uname -o)" = "GNU/Linux" ] && command -v groupadd >/dev/null 2>&1; then maybe_sudo groupadd "$GROUP" elif [ "$(which apk)" = "/sbin/apk" ]; then maybe_sudo addgroup "$GROUP" else - log ERROR "Unsupported OS for creating group." + error_message "Unsupported OS for creating group." exit 1 fi fi @@ -109,9 +129,9 @@ restart_wazuh_agent() { case "$(uname)" in Linux) if maybe_sudo /var/ossec/bin/wazuh-control restart >/dev/null 2>&1; then - log INFO "Wazuh agent restarted successfully." + info_message "Wazuh agent restarted successfully." else - log ERROR "Error occurred during Wazuh agent restart." + error_message "Error occurred during Wazuh agent restart." fi ;; Darwin) @@ -119,7 +139,7 @@ restart_wazuh_agent() { maybe_sudo launchctl load /Library/LaunchDaemons/com.wazuh.agent.plist ;; *) - log ERROR "Unsupported operating system for restarting Wazuh agent." + error_message "Unsupported operating system for restarting Wazuh agent." exit 1 ;; esac @@ -133,7 +153,7 @@ check_file_limit() { error_message "Error occurred during the addition of the file_limit block." exit 1 } - log INFO "The file limit block was added successfully" + info_message "The file limit block was added successfully" fi } @@ -144,7 +164,7 @@ download_yara_script() { elif [ "$(uname)" = "Darwin" ]; then YARA_SH_PATH="/Library/Ossec/active-response/bin/yara.sh" else - log ERROR "Unsupported OS. Exiting..." + error_message "Unsupported OS. Exiting..." exit 1 fi @@ -152,16 +172,16 @@ download_yara_script() { maybe_sudo mkdir -p "$(dirname "$YARA_SH_PATH")" maybe_sudo curl -SL --progress-bar "$YARA_SH_URL" -o "$TMP_DIR/yara.sh" || { - log ERROR "Failed to download yara.sh script." + error_message "Failed to download yara.sh script." exit 1 } maybe_sudo mv "$TMP_DIR/yara.sh" "$YARA_SH_PATH" (change_owner "$YARA_SH_PATH" && maybe_sudo chmod 750 "$YARA_SH_PATH") || { - log ERROR "Error occurred during yara.sh file permissions change." + error_message "Error occurred during yara.sh file permissions change." exit 1 } - log INFO "yara.sh script downloaded and installed successfully." + info_message "yara.sh script downloaded and installed successfully." } update_ossec_conf() { @@ -170,24 +190,25 @@ update_ossec_conf() { elif [ "$(uname)" = "Darwin" ]; then OSSEC_CONF_PATH="/Library/Ossec/etc/ossec.conf" else - log ERROR "Unsupported OS. Exiting..." + error_message "Unsupported OS. Exiting..." exit 1 fi - custom_sed '/\/etc,\/usr\/bin,\/usr\/sbin<\/directories>/a\ - /tmp/yara/malware' "$OSSEC_CONF_PATH" || { - log ERROR "Error occurred during Wazuh agent configuration file update." + if ! sudo grep -q '\/home, \/root, \/bin, \/sbin' "$OSSEC_CONF_PATH"; then + custom_sed '/\/etc,\/usr\/bin,\/usr\/sbin<\/directories>/a\ + \/home, \/root, \/bin, \/sbin' "$OSSEC_CONF_PATH" || { + error_message "Error occurred during configuration of directories to monitor." exit 1 } - log INFO "Wazuh agent configuration file updated successfully." + fi + + info_message "Wazuh agent configuration file updated successfully." - # Step 5: Update frequency in Wazuh agent configuration file - print_step 5 "Updating frequency in Wazuh agent configuration file..." custom_sed 's/43200<\/frequency>/300<\/frequency>/g' "$OSSEC_CONF_PATH" || { - log ERROR "Error occurred during frequency update in Wazuh agent configuration file." + error_message "Error occurred during frequency update in Wazuh agent configuration file." exit 1 } - log INFO "Frequency in Wazuh agent configuration file updated successfully." + info_message "Frequency in Wazuh agent configuration file updated successfully." check_file_limit } @@ -198,46 +219,46 @@ update_ossec_conf() { print_step 1 "Installing YARA and necessary tools..." install_yara_ubuntu() { - log INFO "Installing YARA on Ubuntu/Debian..." + info_message "Installing YARA on Ubuntu/Debian..." maybe_sudo apt update maybe_sudo apt install -y yara jq curl git } install_yara_alpine() { - log INFO "Installing YARA on Alpine Linux..." + info_message "Installing YARA on Alpine Linux..." maybe_sudo apk update maybe_sudo apk add yara jq curl git } install_yara_centos() { - log INFO "Installing YARA on CentOS/RHEL..." + info_message "Installing YARA on CentOS/RHEL..." maybe_sudo yum install -y epel-release maybe_sudo yum install -y yara jq curl git } install_yara_fedora() { - log INFO "Installing YARA on Fedora..." + info_message "Installing YARA on Fedora..." maybe_sudo dnf install -y yara jq curl git } install_yara_suse() { - log INFO "Installing YARA on SUSE..." + info_message "Installing YARA on SUSE..." maybe_sudo zypper install -y yara jq curl git } install_yara_arch() { - log INFO "Installing YARA on Arch Linux..." + info_message "Installing YARA on Arch Linux..." maybe_sudo pacman -Syu --noconfirm yara jq curl git } install_yara_busybox() { - log INFO "Installing YARA on BusyBox..." - log ERROR "BusyBox does not support direct package management for YARA. Consider cross-compiling or using a pre-built binary." + info_message "Installing YARA on BusyBox..." + error_message "BusyBox does not support direct package management for YARA. Consider cross-compiling or using a pre-built binary." exit 1 } install_yara_macos() { - log INFO "Installing YARA on macOS..." + info_message "Installing YARA on macOS..." brew install yara jq curl git } @@ -257,7 +278,7 @@ install_yara_tools() { elif command -v pacman >/dev/null 2>&1; then install_yara_arch else - log ERROR "Unsupported Linux distribution. Exiting..." + error_message "Unsupported Linux distribution. Exiting..." exit 1 fi ;; @@ -265,7 +286,7 @@ install_yara_tools() { install_yara_macos ;; *) - log ERROR "Unsupported operating system. Exiting..." + error_message "Unsupported operating system. Exiting..." exit 1 ;; esac @@ -282,7 +303,7 @@ API_KEY="1111111111111111111111111111111111111111111111111111111111111111" YARA_RULES_DEST_DIR="/var/ossec/ruleset/yara/rules" download_yara_rules() { - log INFO "Downloading YARA rules..." + info_message "Downloading YARA rules..." maybe_sudo curl -SL --progress-bar "$YARA_RULES_URL" \ -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \ -H 'Accept-Language: en-US,en;q=0.5' \ @@ -297,9 +318,9 @@ download_yara_rules() { maybe_sudo mkdir -p "$YARA_RULES_DEST_DIR" maybe_sudo mv "$YARA_RULES_FILE" "$YARA_RULES_DEST_DIR/yara_rules.yar" change_owner "$YARA_RULES_DEST_DIR" - log INFO "YARA rules moved to $YARA_RULES_DEST_DIR." + info_message "YARA rules moved to $YARA_RULES_DEST_DIR." else - log ERROR "Error occurred during YARA rules download." + error_message "Error occurred during YARA rules download." exit 1 fi } @@ -314,15 +335,15 @@ download_yara_script print_step 4 "Updating Wazuh agent configuration file..." update_ossec_conf -# Step 6: Restart Wazuh agent -print_step 6 "Restarting Wazuh agent..." +# Step 5: Restart Wazuh agent +print_step 5 "Restarting Wazuh agent..." restart_wazuh_agent || { - log ERROR "Error occurred during Wazuh agent restart." + error_message "Error occurred during Wazuh agent restart." } -log INFO "Wazuh agent restarted successfully." +info_message "Wazuh agent restarted successfully." # Clean up temporary files -print_step 7 "Cleaning up temporary files..." +print_step 6 "Cleaning up temporary files..." # The cleanup will be automatically done due to the trap -log INFO "Temporary files cleaned up." +info_message "Temporary files cleaned up."