Thursday, March 22, 2007

TaoSecurity CVS at Sourceforge

For a while I've maintained a set of fairly lame scripts for automating installation of certain Sguil components on FreeBSD. These scripts have previously been posted as .tar.gz archives in various places. Today I decided to make use of the TaoSecurity Sourceforge site I created a few months back. From now on you can access my scripts via CVS at that site.

My CVS experience is minimal, although I posted some notes from Sguil a few years ago.

I wanted to document how I set this up, because it was not intuitive. Thanks to Bamm for helping me via IRC. I also found this doc and this how-to helpful.

I decided to maintain my local repository on macmini. I wanted to experiment with a local repository before committing anything to Sourceforge. Here I set up that local repository. I have my scripts in a directory called taosecurity_sguil_scripts. I'm going to call the CVS module taosecurity_sguil_scripts too.

richard@macmini:~$ mkdir cvsroot
richard@macmini:~$ cvs -d /home/richard/cvsroot init
richard@macmini:~$ cd taosecurity_sguil_scripts

I wanted my scripts to have lines in them indicating the version number. Bamm pointed me towards this keyword list, which resulted in me adding the following:

richard@macmini:~/taosecurity_sguil_scripts$ cat sguild_adduser.sh
#!/bin/sh
#
# $Id$ #
#
SGUIL=sguil-0.6.1
LD_LIBRARY_PATH=/usr/local/lib/mysql
export LD_LIBRARY_PATH
cd /usr/local/src/$SGUIL/server/
./sguild -c sguild.conf -u sguild.users -adduser sguil
cp sguild.users /usr/local/etc/nsm/
chown sguil:sguil /usr/local/etc/nsm/sguild.users

That # $Id$ # will be transformed into what I want later.

Now I check the scripts into the local repository.

richard@macmini:~/taosecurity_sguil_scripts$ cvs -d /home/richard/cvsroot/ \
> import -m "Initial import." taosecurity_sguil_scripts TaoSecurity start
N taosecurity_sguil_scripts/sguil_sensor_install.sh
N taosecurity_sguil_scripts/snort_src_install.sh
N taosecurity_sguil_scripts/sguil_server_install.sh
N taosecurity_sguil_scripts/sguil_database_install_pt2.sh
N taosecurity_sguil_scripts/sguil_database_install_pt1.sh
N taosecurity_sguil_scripts/README
N taosecurity_sguil_scripts/sguild_adduser.sh
N taosecurity_sguil_scripts/sguil_client_install.sh
N taosecurity_sguil_scripts/sguil_sensor_install_patch.sh
N taosecurity_sguil_scripts/snort
N taosecurity_sguil_scripts/sancp

No conflicts created by this import

To experiment with checking scripts out of the local repository, I make a wc_tss working copy directory and try retrieving the files.

richard@macmini:~/taosecurity_sguil_scripts$ cd
richard@macmini:~$ mkdir wc_tss
richard@macmini:~$ cd wc_tss/
richard@macmini:~/wc_tss$ cvs -d /home/richard/cvsroot/ checkout \
> taosecurity_sguil_scripts
cvs checkout: Updating taosecurity_sguil_scripts
U taosecurity_sguil_scripts/README
U taosecurity_sguil_scripts/sancp
U taosecurity_sguil_scripts/sguil_client_install.sh
U taosecurity_sguil_scripts/sguil_database_install_pt1.sh
U taosecurity_sguil_scripts/sguil_database_install_pt2.sh
U taosecurity_sguil_scripts/sguil_sensor_install.sh
U taosecurity_sguil_scripts/sguil_sensor_install_patch.sh
U taosecurity_sguil_scripts/sguil_server_install.sh
U taosecurity_sguil_scripts/sguild_adduser.sh
U taosecurity_sguil_scripts/snort
U taosecurity_sguil_scripts/snort_src_install.sh
richard@macmini:~/wc_tss$ ls
taosecurity_sguil_scripts
richard@macmini:~/wc_tss$ cd taosecurity_sguil_scripts/
richard@macmini:~/wc_tss/taosecurity_sguil_scripts$ ls
CVS sguild_adduser.sh sguil_sensor_install.sh
README sguil_database_install_pt1.sh sguil_server_install.sh
sancp sguil_database_install_pt2.sh snort
sguil_client_install.sh sguil_sensor_install_patch.sh snort_src_install.s

Great, that worked. Let's see if sguild_adduser.sh has the Id I expect.

richard@macmini:~/wc_tss/taosecurity_sguil_scripts$ cat sguild_adduser.sh
#!/bin/sh
#
# $Id: sguild_adduser.sh,v 1.1.1.1 2007/03/22 16:24:55 richard Exp $ #
#
SGUIL=sguil-0.6.1
LD_LIBRARY_PATH=/usr/local/lib/mysql
export LD_LIBRARY_PATH
cd /usr/local/src/$SGUIL/server/
./sguild -c sguild.conf -u sguild.users -adduser sguil
cp sguild.users /usr/local/etc/nsm/
chown sguil:sguil /usr/local/etc/nsm/sguild.users

Awesome. I think I'm ready to upload the scripts to Sourceforge.

richard@macmini: export CVS_RSH=ssh
richard@macmini:~$ cd taosecurity_sguil_scripts
richard@macmini:~/taosecurity_sguil_scripts$ cvs \
> -d:ext:taosecurity@taosecurity.cvs.sf.net:/cvsroot/taosecurity import -m \
> "Initial import." taosecurity_sguil_scripts TaoSecurity start
The authenticity of host 'taosecurity.cvs.sf.net (66.35.250.90)' can't be
established.
RSA key fingerprint is 13:f1:65:c3:6c:b7:7e:a5:f0:f3:f5:19:f4:42:9c:4a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'taosecurity.cvs.sf.net,66.35.250.90' (RSA)
to the list of known hosts.
taosecurity@taosecurity.cvs.sf.net's password:
N taosecurity_sguil_scripts/sguil_sensor_install.sh
N taosecurity_sguil_scripts/snort
N taosecurity_sguil_scripts/sancp
N taosecurity_sguil_scripts/sguil_client_install.sh
N taosecurity_sguil_scripts/sguil_server_install.sh
N taosecurity_sguil_scripts/sguil_database_install_pt1.sh
N taosecurity_sguil_scripts/sguil_database_install_pt2.sh
N taosecurity_sguil_scripts/snort_src_install.sh
N taosecurity_sguil_scripts/sguil_sensor_install_patch.sh
N taosecurity_sguil_scripts/sguild_adduser.sh
N taosecurity_sguil_scripts/README

No conflicts created by this import

That worked. I can now browse CVS and see my files.

To test checking them out, I go to another machine and try the following.

richard@neely:/tmp$ cvs \
> -d:pserver:anonymous@taosecurity.cvs.sourceforge.net:/cvsroot/taosecurity \
> login
Logging in to
:pserver:anonymous@taosecurity.cvs.sourceforge.net:2401/cvsroot/taosecurity
CVS password:
cvs login: CVS password file /home/richard/.cvspass does not exist
- creating a new file
richard@neely:/tmp$ cvs \
> -d:pserver:anonymous@taosecurity.cvs.sourceforge.net:/cvsroot/taosecurity \
> checkout taosecurity_sguil_scripts
cvs checkout: Updating taosecurity_sguil_scripts
U taosecurity_sguil_scripts/README
U taosecurity_sguil_scripts/sancp
U taosecurity_sguil_scripts/sguil_client_install.sh
U taosecurity_sguil_scripts/sguil_database_install_pt1.sh
U taosecurity_sguil_scripts/sguil_database_install_pt2.sh
U taosecurity_sguil_scripts/sguil_sensor_install.sh
U taosecurity_sguil_scripts/sguil_sensor_install_patch.sh
U taosecurity_sguil_scripts/sguil_server_install.sh
U taosecurity_sguil_scripts/sguild_adduser.sh
U taosecurity_sguil_scripts/snort
U taosecurity_sguil_scripts/snort_src_install.sh

That worked too. So, from now on, if you'd like to get my FreeBSD Sguil installation scripts, please retrieve them from CVS.

No comments: