From 6444dbb73b51b6dd56d5093a4f050b4bc2deae64 Mon Sep 17 00:00:00 2001 From: Stephane Segning Lambou Date: Thu, 15 Aug 2024 09:31:00 +0100 Subject: [PATCH] chore: better script & ci --- scripts/install.sh | 137 ++++++++++++--------------------------------- 1 file changed, 36 insertions(+), 101 deletions(-) diff --git a/scripts/install.sh b/scripts/install.sh index 54f8c55..a5cb0ca 100644 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -2,15 +2,11 @@ set -euo pipefail -# Define log levels -LOG_LEVEL=${LOG_LEVEL:-INFO} # Default to INFO if not set -YARA_VERSION="4.2.3" -TEMP_DIR=$(mktemp -d) +LOG_LEVEL=${LOG_LEVEL:-INFO} YARA_RULES_URL="https://valhalla.nextron-systems.com/api/v1/get" YARA_RULES_APIKEY="1111111111111111111111111111111111111111111111111111111111111111" YARA_RULES_DIR="/var/ossec/ruleset/yara/rules" YARA_RULES_FILE="$YARA_RULES_DIR/yara_rules.yar" -MAX_RETRIES=3 USER="root" GROUP="wazuh" @@ -26,118 +22,57 @@ log() { fi } -cleanup() { - rm -rf "$TEMP_DIR" - log INFO "Cleaned up temporary directory." +install_yara_ubuntu() { + log INFO "Installing YARA on Ubuntu..." + sudo apt update + sudo apt install -y yara } -trap cleanup EXIT -install_dependencies_ubuntu() { - log INFO "Installing necessary packages and building YARA from source on Ubuntu..." - apt update && apt install -y make gcc autoconf libtool libssl-dev pkg-config jq curl pv +install_yara_alpine() { + log INFO "Installing YARA on Alpine Linux..." + sudo apk update + sudo apk add yara } -install_dependencies_macos() { - log INFO "Installing necessary packages and building YARA from source on macOS..." - brew install autoconf automake libtool openssl pkg-config jq curl pv -} - -download_file() { - local URL=$1 - local OUTPUT_PATH=$2 - local HEADERS=${3:-""} - local RETRY=0 - - log INFO "Downloading file from $URL to $OUTPUT_PATH..." - - while [[ $RETRY -lt $MAX_RETRIES ]]; do - log INFO "Attempting to download file from $URL (Attempt $((RETRY+1))/$MAX_RETRIES)..." - - if [[ -n "$HEADERS" ]]; then - curl --progress-bar -SL "$URL" "$HEADERS" -o "$OUTPUT_PATH" | cat - else - curl --progress-bar -SL "$URL" -o "$OUTPUT_PATH" | cat - fi - - # Check if the download was successful by validating the file size - if [[ -s "$OUTPUT_PATH" ]]; then - log INFO "File downloaded successfully to $OUTPUT_PATH." - return 0 - else - log WARNING "Download failed or file is empty. Retrying..." - ((RETRY++)) - fi - done - - log ERROR "Failed to download the file from $URL after $MAX_RETRIES attempts." - exit 1 -} - -download_yara() { - log INFO "Downloading YARA v${YARA_VERSION}..." - download_file "https://github.com/VirusTotal/yara/archive/v${YARA_VERSION}.tar.gz" "$TEMP_DIR/yara-${YARA_VERSION}.tar.gz" -} - -extract_yara() { - log INFO "Extracting YARA..." - if ! pv "$TEMP_DIR/yara-${YARA_VERSION}.tar.gz" | tar xz -C "$TEMP_DIR"; then - log ERROR "Failed to extract YARA tarball. The file might be corrupted." - exit 1 - fi -} - -build_and_install_yara() { - log INFO "Building and installing YARA..." - cd "$TEMP_DIR/yara-${YARA_VERSION}" || { log ERROR "Failed to change directory to YARA source. Exiting..."; exit 1; } - ./bootstrap.sh && ./configure && make && make install - - # Set ownership and group - chown -R "$USER":"$GROUP" /usr/local/bin/yara* - log INFO "YARA installed with ownership set to user $USER and group $GROUP." -} - -run_yara_tests() { - log INFO "Running YARA tests..." - make check +install_yara_macos() { + log INFO "Installing YARA on macOS..." + brew install yara } download_yara_rules() { log INFO "Downloading YARA rules..." - mkdir -p "$YARA_RULES_DIR" - download_file "$YARA_RULES_URL" "$YARA_RULES_FILE" \ - "-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \ - -H 'Accept-Language: en-US,en;q=0.5' \ - --compressed \ - -H 'Referer: https://valhalla.nextron-systems.com/' \ - -H 'Content-Type: application/x-www-form-urlencoded' \ - -H 'DNT: 1' -H 'Connection: keep-alive' -H 'Upgrade-Insecure-Requests: 1' \ - --data 'demo=demo&apikey=$YARA_RULES_APIKEY&format=text'" - - # Set ownership and group for YARA rules - chown -R "$USER":"$GROUP" "$YARA_RULES_DIR" - log INFO "YARA rules downloaded successfully to $YARA_RULES_FILE with ownership set to user $USER and group $GROUP." + sudo mkdir -p "$YARA_RULES_DIR" + curl --progress-bar -L "$YARA_RULES_URL" \ + -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \ + -H 'Accept-Language: en-US,en;q=0.5' \ + --compressed \ + -H 'Referer: https://valhalla.nextron-systems.com/' \ + -H 'Content-Type: application/x-www-form-urlencoded' \ + -H 'DNT: 1' -H 'Connection: keep-alive' -H 'Upgrade-Insecure-Requests: 1' \ + --data "demo=demo&apikey=$YARA_RULES_APIKEY&format=text" \ + -o "$YARA_RULES_FILE" + sudo chown -R "$USER":"$GROUP" "$YARA_RULES_DIR" + log INFO "YARA rules downloaded successfully to $YARA_RULES_FILE." } -# Main script logic log INFO "Starting YARA installation script." -if [[ $(uname) == "Linux" && -x "$(command -v apt)" ]]; then - install_dependencies_ubuntu -elif [[ $(uname) == "Darwin" && -x "$(command -v brew)" ]]; then - install_dependencies_macos +if [[ $(uname) == "Linux" ]]; then + if command -v apt &> /dev/null; then + install_yara_ubuntu + elif command -v apk &> /dev/null; then + install_yara_alpine + else + log ERROR "Unsupported Linux distribution. Exiting..." + exit 1 + fi +elif [[ $(uname) == "Darwin" ]]; then + install_yara_macos else - log ERROR "Unsupported operating system or package manager. Exiting..." + log ERROR "Unsupported operating system. Exiting..." exit 1 fi -# Install YARA -download_yara -extract_yara -build_and_install_yara -run_yara_tests - -# Download YARA rules download_yara_rules - log INFO "YARA installation and configuration completed successfully."