Merge branch 'develop' of Linux-Help/ossec-ng into master

metadata.rb

@@ -4,7 +4,7 @@ maintainer_email "psi-jack@linux-help.org"
 license          "GPLv2"
 description      "Installs/Configures ossec"
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version          "1.2.0"
+version          "1.2.1"
 issues_url       "http://git.linux-help.org/Linux-Help/ossec-ng/issues"
 source_url       "http://git.linux-help.org/Linux-Help/ossec-ng"
 
@@ -26,7 +26,7 @@ end
 
 depends 'yum-epel'
 depends 'yum-atomic', '~> 0.1.2'
-depends 'apt-atomic', '~> 0.1.2'
+depends 'apt-atomic', '~> 0.1.3'
 
 suggests 'postfix'
 suggests 'selinux_policy'

recipes/agent.rb

@@ -3,11 +3,11 @@
 # and role specific configuration for the node
 # get a key from the ossec-server if there's one
 
-#if not node['lsb']['codename'].eql?('lucid')
-#  return true
-#end
-
-include_recipe "yum-atomic"
+if node['platform_family'] == "rhel"
+  include_recipe "yum-atomic"
+elsif node['platform_family'] == "debian"
+  include_recipe "apt-atomic"
+end
 
 class Chef::Recipe
   include OssecCore
@@ -25,92 +25,95 @@ if not node["ossec"]["agent"]["enable"]
 end
 
 # Search for the ossec server, and do nothing if there's none
-ossec_server = search(:node,
-                      "role:ossec-server " \
-                      "AND chef_environment:#{node.chef_environment}"
-                     ).first
-if ossec_server.nil?
-  Chef::Log.info("OSSEC: No ossec server available. Agent will not be provisionned")
-  return true
-end
-
-# install the agent package
-package "ossec-hids-client"
-
-# define the agent parameters
-agent_hash = ossec_agent_create_parameters(node, ossec_server)
-
-# check for the agent configuration on the server. if the server has none, do
-# not continue the provisioning. If the server has a configuration for this
-# agent, store the parameters on the node and continue
-if ossec_verify_agent(agent_hash, ossec_server)
-  node.normal["ossec"]["agents"][agent_hash[:id]] = ossec_server["ossec"]["agents"][agent_hash[:id]].to_hash
+if Chef::Config[:solo]
+  Chef::Log.warn('This recipe uses search. Chef Solo does not support search')
 else
-  Chef::Log.info("OSSEC: this agent is unknown on the ossec server")
-  return true
-end
-
-# Make sure that the server prepared a key for us
-unless ossec_agent_has_valid_key?(agent_hash, ossec_server)
-  Chef::Log.info("OSSEC: Server doesn't have a valid key for agent.")
-  return true
-end
-
-service "ossec-agent" do
-  #provider Chef::Provider::Service::Init
-  service_name node["ossec"]["client"]["service_name"]
-  supports :start => true, :stop => true, :restart => true, :status => true
-  action [ :start ]
-  only_if "test -e /var/ossec/etc/ossec.conf && test -e /var/ossec/etc/client.keys"
-end
-
-# Get the IP of the ossec server
-ossec_server_ip = ossec_server[:network][:lanip] || ossec_server.ipaddress
-
-# Expand the local flags from node attributes
-ossec_set_filtered_flags!("command", "active-response", "syslog_files")
-ossec_set_syscheck_flags!("ignore")
-
-template "/var/ossec/etc/ossec.conf" do
-  source "ossec-agent.conf.erb"
-  owner "ossec"
-  group "ossec"
-  variables("ossec_server_ip"  => ossec_server_ip )
-  manage_symlink_source true
-  notifies :restart, "service[ossec-agent]"
-end
-
-# If client.keys is modified, ask for a queue rid on the server
-template "/var/ossec/etc/client.keys" do
-  mode 0440
-  owner "root"
-  group "ossec"
-  notifies :create, "ruby_block[set-rid-flag]"
-  notifies :restart, "service[ossec-agent]"
-end
-
-# "set-rid-flag" is not run by default, but called when the agent's key
-# is modified (or created)
-ruby_block "set-rid-flag" do
-  block do
-    # if the server side rid flag is not set to "done",
-    # request a queue rid by setting the agent side flag to "todo"
-    if ossec_server["ossec"]["agents"][agent_hash[:id]]["rid"].eql?("none")
-      node.normal["ossec"]["agents"][agent_hash[:id]]["rid"] = "todo"
-      Chef::Log.info "Setting Queue Rid Flag on"
-    end
+  ossec_server = search(:node,
+                        "role:ossec-server " \
+                        "AND chef_environment:#{node.chef_environment}"
+                       ).first
+  if ossec_server.nil?
+    Chef::Log.info("OSSEC: No ossec server available. Agent will not be provisionned")
+    return true
   end
-  action :nothing
-end
-
-# unset rid flag if necessary, check that at every run
-if node["ossec"]["agents"][agent_hash[:id]]["rid"].eql?("todo") \
-   and ossec_server["ossec"]["agents"][agent_hash[:id]]["rid"].eql?("done")
+  
+  # install the agent package
+  package "ossec-hids-client"
+  
+  # define the agent parameters
+  agent_hash = ossec_agent_create_parameters(node, ossec_server)
+  
+  # check for the agent configuration on the server. if the server has none, do
+  # not continue the provisioning. If the server has a configuration for this
+  # agent, store the parameters on the node and continue
+  if ossec_verify_agent(agent_hash, ossec_server)
+    node.normal["ossec"]["agents"][agent_hash[:id]] = ossec_server["ossec"]["agents"][agent_hash[:id]].to_hash
+  else
+    Chef::Log.info("OSSEC: this agent is unknown on the ossec server")
+    return true
+  end
+  
+  # Make sure that the server prepared a key for us
+  unless ossec_agent_has_valid_key?(agent_hash, ossec_server)
+    Chef::Log.info("OSSEC: Server doesn't have a valid key for agent.")
+    return true
+  end
+  
+  service "ossec-agent" do
+    #provider Chef::Provider::Service::Init
+    service_name node["ossec"]["client"]["service_name"]
+    supports :start => true, :stop => true, :restart => true, :status => true
+    action [ :start ]
+    only_if "test -e /var/ossec/etc/ossec.conf && test -e /var/ossec/etc/client.keys"
+  end
+  
+  # Get the IP of the ossec server
+  ossec_server_ip = ossec_server[:network][:lanip] || ossec_server.ipaddress
+  
+  # Expand the local flags from node attributes
+  ossec_set_filtered_flags!("command", "active-response", "syslog_files")
+  ossec_set_syscheck_flags!("ignore")
+  
+  template "/var/ossec/etc/ossec.conf" do
+    source "ossec-agent.conf.erb"
+    owner "ossec"
+    group "ossec"
+    variables("ossec_server_ip"  => ossec_server_ip )
+    manage_symlink_source true
+    notifies :restart, "service[ossec-agent]"
+  end
+  
+  # If client.keys is modified, ask for a queue rid on the server
+  template "/var/ossec/etc/client.keys" do
+    mode 0440
+    owner "root"
+    group "ossec"
+    notifies :create, "ruby_block[set-rid-flag]"
+    notifies :restart, "service[ossec-agent]"
+  end
+  
+  # "set-rid-flag" is not run by default, but called when the agent's key
+  # is modified (or created)
+  ruby_block "set-rid-flag" do
+    block do
+      # if the server side rid flag is not set to "done",
+      # request a queue rid by setting the agent side flag to "todo"
+      if ossec_server["ossec"]["agents"][agent_hash[:id]]["rid"].eql?("none")
+        node.normal["ossec"]["agents"][agent_hash[:id]]["rid"] = "todo"
+        Chef::Log.info "Setting Queue Rid Flag on"
+      end
+    end
+    action :nothing
+  end
+  
+  # unset rid flag if necessary, check that at every run
   ruby_block "unset rid flag" do
     block do
       node.normal["ossec"]["agents"][agent_hash[:id]]["rid"] = "none"
       Chef::Log.info "Setting Queue Rid Flag off"
     end
     notifies :restart, "service[ossec-agent]"
+    only_if { node["ossec"]["agents"][agent_hash[:id]]["rid"].eql?("todo") \
+              and ossec_server["ossec"]["agents"][agent_hash[:id]]["rid"].eql?("done") }
   end
 end

recipes/default.rb

@@ -2,5 +2,5 @@
 # Cookbook Name:: ossec
 # Recipe:: default
 #
-include_recipe "ossec::agent"
+include_recipe "ossec-ng::agent"
 

recipes/server.rb

@@ -2,7 +2,12 @@
 # install the ossec-hids-server package and push the
 # default configuration from the templates
 
-include_recipe "yum-atomic"
+if node['platform_family'] == "rhel"
+  include_recipe "yum-atomic"
+elsif node['platform_family'] == "debian"
+  include_recipe "apt-atomic"
+end
+
 
 class Chef::Recipe
   include OssecCore