Snort mailing list archives
puresecure startup scripts
From: Neal Hamilton <nealhamiltonjr () yahoo com>
Date: Mon, 29 Jul 2002 22:09:42 -0500
if anyone here is using puresecure on openbsd 3.1 could you please take a look at the issue i am having with the startup scripts and advise what to do.
thanks in advance.I installed some startup scripts to /etc/rc.local , so the app (puresecure)and its deps. Mysqld and apache would start upon boot. I followed the vendors instructions to the T which I will paste below, but I am getting the following errors when the script tries to run upon boot. I have pasted a copy of the instructions, the scripts and my final rc.local file below. Would one of you fine script guru's take a look at this and see what I need to edit to correct this.
Thanks in advance The system: openbsd 3.1, stock kernel The errors are as follows: Starting local daemons /usr/local/bin/mysqld.sh [49] : syntax error: '(' unexpected/usr/local/bin/httpd.sh [43] : syntax error: '(' unexpected /usr/local/bin/puresecure.sh [38] syntax error '(' unexpected
The instructions I followed is the following: Demarc PureSecure 1.6 Startup and Shutdown Scripts for BSD Unix ------------------------------------------------------------------------------- This document will explain how to install the startup and shutdown scripts provided for use on a BSD server. Notes: * You should always be extremely careful when altering a computer's startup or shutdown procedure. BSDs can simply follow the directions to install the scripts using the /etc/rc.local file as described in Method 1 below. ------------------------------------------------------------------------------- METHOD 1: Installing the scripts in /etc/rc.local ---------------------------------------------------------------------------- If you are using the /etc/rc.local method you may copy the scripts into any path you choose as long as the path is reflected in the lines below, for this example we will assume that they will be moved to /usr/local/bin/ as shown: ******did this********* 'cp httpd.sh /usr/local/bin/' 'cp mysqld.sh /usr/local/bin/' 'cp puresecure.sh /usr/local/bin/'You should then append the following lines to your /etc/rc.local file: ********did this********
#-------------------------------------------------- # Startup MySQL Database Server if [ -x /usr/local/bin/mysqld.sh ]; then /usr/local/bin/mysqld.sh fi # Startup Apache Web Server if [ -x /usr/local/bin/httpd.sh ]; then /usr/local/bin/httpd.sh fi # Startup PureSecure Sensor if [ -x /usr/local/bin/puresecure.sh ]; then /usr/local/bin/puresecure.sh fi #-------------------------------------------------- here is the scripts that I inserted into rc.local #cd /usr/local/bin ******below is the script for mysqld:****************** #cat mysqld | more #!/bin/sh # Modified Mandrake MySQL Startup script to support most flavors of unix/linux # Original Copyright is as follows:# Copyright Abandoned 1996 TCX DataKonsult AB & Monty Program KB & Detron HB # This file is public domain and comes with NO WARRANTY of any kind
# Set some defaults datadir=/usr/local/mysql/var basedir=/usr/local/mysql bindir=/usr/local/mysql/bin TMPDIR=/tmp TMP=/tmp pidfile=$datadir/mysqld.pid start(){ # Start daemon # Safeguard (relative paths, core dumps..) cd $basedir export TMPDIR export TMP if test -x $bindir/safe_mysqld then # Give extra arguments to mysqld echo "Starting MySQL Server" $bindir/safe_mysqld --datadir=$datadir --pid-file=$pidfile 2>&1 & # safe_mysqld & echo echo sleep 2 status # Make lock for RedHat / SuSE if test -w /var/lock/subsys then touch /var/lock/subsys/mysql fi echo else echo "Can't execute $bindir/safe_mysqld" fi } stop(){ # Stop daemon. We use a signal here to avoid having to know the # root password. # Safeguard (relative paths, core dumps..) cd $basedir echo "Stopping MySQL Server" if [ -f "$pidfile" ] then mysqld_pid=`cat $pidfile` kill $mysqld_pid # mysqld should remove the pidfile when it exits, so wait for it. sleep 1 while [ -s $pidfile -a "$flags" != aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa ] do [ -z "$flags" ] && echo "Wait for mysqld to exit\c" || echo ".\c" flags=a$flags sleep 1 echo "Still alive... attempting to kill MySQL Server again..." done if [ -s $pidfile ] then echo " gave up waiting!" exit -1 fi # delete lock for RedHat / SuSE if test -f /var/lock/subsys/mysql then rm /var/lock/subsys/mysql fi echo echo "Stopped MySQL Server" exit 0 else echo "No mysqld pid file found. Looked for $mysql_pid." "$pidfile" exit -1 echo fi } status(){ # check if the process is running echo "Checking to see if MySQL Server daemon is running:" echo "------------------------------------------------------" echo "Running processes:" ps auxww | grep mysqld | grep -v grep | grep -v status echo "------------------------------------------------------" } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status ;; reload) $0 stop $0 start ;; restart) $0 stop $0 start ;; *) # usage echo "Usage: $0 {start|stop|status|reload|restart}" exit 1 ;; esac ******** httpd.sh script**************************** #!/bin/sh # # Apache Server (SSL) # startup script # Comments to support chkconfig on RedHat style Linux # chkconfig: 2345 111 111 # description: Apache SSL Web Server httpd_binary="/usr/local/www/bin/apachectl" if test -f $httpd_binary then #we've found the script, so we can continue echo -n else echo "apachectl not found at $httpd_binary" exit 0 fi RETVAL=0 start() { # Start Apache/SSL echo " Starting Apache Web Server: " echo "----------------------------------------------------------" $httpd_binary startssl RETVAL=$? echo return $RETVAL } restart() { # Restart Server echo " Restarting Apache Web Server: " echo "----------------------------------------------------------" $httpd_binary restart RETVAL=$? echo return $RETVAL } stop() { # Stop Server echo " Stopping Apache Web Server: " echo "----------------------------------------------------------" $httpd_binary stop RETVAL=$? echo return $RETVAL } status() { # Status of Server echo "Attempting to list Apache Service processes:" echo "----------------------------------------------------------" ps auxww | grep httpd | grep -v status echo echo "----------------------------------------------------------" echo "Attempting to access Apache status via Lynx if configured:" echo "----------------------------------------------------------" $httpd_binary status RETVAL=$? echo return $RETVAL } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status ;; restart) restart ;; *) echo "Usage: $0 {start|stop|status|restart}" exit 1 ;; esac exit $? *****puresecure.sh script******************************* #!/bin/sh # # Demarc PureSecure Sensor # startup script # Comments to support chkconfig on RedHat style Linux # chkconfig: 2345 101 101 # description: PureSecure Total Intrusion Detection System Sensor psd_binary="/usr/local/puresecure/sensor/bin/psd" psd_config_file="/usr/local/puresecure/sensor/conf/psd.conf" #psd_extra_options="-i eth1" [ -f $psd_binary ] || exit 0 [ -f $psd_config_file ] || exit 0 RETVAL=0 start() { # Start Sensor echo -n "Starting PureSecure Sensor: " $psd_binary -f $psd_config_file $psd_extra_options -b RETVAL=$? echo return $RETVAL } restart() { # Restart Sensor echo -n "Restarting PureSecure Sensor: " $psd_binary -f $psd_config_file $psd_extra_options -R RETVAL=$? echo return $RETVAL } stop() { # Stop Sensor echo -n "Stopping PureSecure Sensor: " $psd_binary $psd_extra_options -k RETVAL=$? echo return $RETVAL } status() { # Status of Sensor $psd_binary -f $psd_config_file $psd_extra_options -g RETVAL=$? echo return $RETVAL } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status ;; restart) restart ;; *) echo $"Usage: $0 {start|stop|status|restart}" exit 1 esac exit $? *******my rc.local file*********************************************** #cd /etc # cat rclocal cat: rclocal: No such file or directory PS-MAIN# cat rc.local # $OpenBSD: rc.local,v 1.33 2001/06/05 23:01:55 naddy Exp $# site-specific startup actions, daemons, and other things which # can be done AFTER your system goes into securemode. For actions # which should be done BEFORE your system has gone into securemode # please see /etc/rc.securelevel
# site-specific startup actions, daemons which can be run # Add your local changes additions to this file echo -n 'starting local daemons:' # run ntpdate prior to ntpd if [ $securelevel -le 1 -a X"${ntpdate_flags}" != X"NO" \ -a -x /usr/local/sbin/ntpdate ]; then echo -n ' ntpdate' /usr/local/sbin/ntpdate -b ${ntpdate_flags} >/dev/null fi if [ X"${ntpd}" == X"YES" -a -x /usr/local/sbin/ntpd \ -a -e /etc/ntp.conf ]; then echo -n ' ntpd'; /usr/local/sbin/ntpd -p /var/run/ntpd.pid fi if [ -x /usr/local/sbin/cfsd ]; then if ps auxc | grep -q '^ *root .* mountd$'; then echo -n ' cfsd'; /usr/local/sbin/cfsd >/dev/null 2>&1 mount -o port=3049,nfsv2,intr localhost:/null /crypt else echo -n ' cfsd (failed, no mountd running)' fi fi #if [ -x /usr/local/sbin/snmpd ]; then # echo -n ' snmpd'; /usr/local/sbin/snmpd #fi echo '.' # Netatalk stuff #if [ -f /etc/netatalk/rc.atalk ]; then # . /etc/netatalk/rc.atalk #fi #-------------------------------------------------- # Startup MySQL Database Server if [ -x /usr/local/bin/mysqld.sh ]; then /usr/local/bin/mysqld.sh fi # Startup Apache Web Server if [ -x /usr/local/bin/httpd.sh ]; then /usr/local/bin/httpd.sh fi # Startup PureSecure Sensor if [ -x /usr/local/bin/puresecure.sh ]; then /usr/local/bin/puresecure.sh fi #--------------------------------------------------
Current thread:
- puresecure startup scripts Neal Hamilton (Jul 29)