688
edits
Changes
From SME Server
Jump to navigationJump to search
mLine 1:
Line 1: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + − Line 243:
Line 312: + + + + + +
update time stamp
=[[User:Mmccarn|Mmccarn]] ([[User talk:Mmccarn|talk]]) [[User:Mmccarn|Mmccarn]] ([[User talk:Mmccarn|talk]]) 13:10, 22 January 2018 (CET) =
==Wazuh==
===Repo===
<nowiki>/sbin/e-smith/db yum_repositories set wazuh repository \
Name 'Wazuh repository' \
BaseURL 'https://packages.wazuh.com/3.x/yum/' \
EnableGroups no \
GPGCheck yes \
GPGKey https://packages.wazuh.com/key/GPG-KEY-WAZUH \
Visible no \
status disabled</nowiki>
===Agent Configuration===
[https://documentation.wazuh.com/current/installation-guide/installing-wazuh-agent/wazuh_agent_rpm.html Wazuh Client Installation Instructions]
Wazuh 3.x installs correctly from the yum repository:
yum --enablerepo=wazuh install wazuh-agent
Create the client account on the wazuh manager:
/var/ossec/bin/agent-auth -m [ip.of.wazuh.server]
Replace "MANAGER_IP" with the IP address of the wazuh manager in this section of /var/ossec/etc/ossec.conf:
<nowiki>...
<client>
<server>
<address>MANAGER_IP</address>
</server>
<config-profile>rhel, rhel6</config-profile>
</client>
...
</nowiki>
Start the agent
/etc/init.d/wazuh-agent start
===SME Customizations===
I added these instructions to /var/ossec/etc/ossec.conf:
<nowiki> <localfile>
<log_format>djb-multilog</log_format>
<location>/var/log/dovecot/current</location>
</localfile>
<localfile>
<log_format>djb-multilog</log_format>
<location>/var/log/tinydns/current</location>
</localfile>
<localfile>
<log_format>djb-multilog</log_format>
<location>/var/log/dnscache/current</location>
</localfile>
<localfile>
<log_format>command</log_format>
<command>grep -h logterse /var/log/*qpsmtpd/current</command>
<alias>s/qpsmtpd</alias>
<frequency>360</frequency>
</localfile>
</nowiki>
And this instruction to /var/ossec/etc/local_internal_options.conf:
<nowiki># from https://documentation.wazuh.com/2.0/user-manual/reference/ossec-conf/localfile.html
# 'it may not be permissible in all environments to allow the Wazuh manager to run
# arbitrary commands on agents in their root security context.'
logcollector.remote_commands=1
</nowiki>
And restarted the agent using
/etc/init.d/wazuh-agent restart
=Older=
Mariadb notes moved to [[MariaDB_alongside_MySQL]]
Mariadb notes moved to [[MariaDB_alongside_MySQL]]
==Install Moodle 2.6 using git==
==Install Moodle 2.6 using git==
===Requirements===
===Requirements===
<nowiki>DOMAIN=tiddlywiki.domain.tld
<nowiki>DOMAIN=tiddlywiki.domain.tld
db domains set $DOMAIN domain Nameservers internet ProxyPassTarget http://localhost:8080/ TemplatePath ProxyPassVirtualHosts
db domains set $DOMAIN domain Nameservers internet ProxyPassTarget http://localhost:8080/ TemplatePath ProxyPassVirtualHosts
#
# Several TiddlyWiki 5 Plugins require AllowEncodedSlashes On in httpd.conf
mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/ProxyPassVirtualHosts
echo '#
# AllowEncodedSlashes On from custom template in ProxyPassVirtualHosts
AllowEncodedSlashes On ' > /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/ProxyPassVirtualHosts/04ProxyPassVirtualHosts
signal-event domain-create $DOMAIN</nowiki>
signal-event domain-create $DOMAIN</nowiki>
