#!/bin/sh # Atomic Workload Protection (agent) # Name: asl # Copyright Atomicorp 2020 # Summary: Atomic Worload Protection (agent) # License: Commercial. Unauthorized redistribution prohibited. INSTALLER_VER=7.0.2 export LANG=C SERVER=www.atomicorp.com ARCH=`uname -i` GET=/usr/bin/wget ALT_REPO_DISABLED=0 ROOT_UID="0" LOG=/root/tortix-install.log DATE=$(date +%Y%m%d-%H:%M) BETA=0 function app_exit { EXIT_CODE=$1 echo # re-enable disabled repos if [ $ALT_REPO_DISABLED -ge 1 ]; then for reponame in $ALT_REPO; do /usr/bin/yum-config-manager --enable $reponame > /dev/null done fi # remove lock file rm -f /asl-installer.lock # exit exit $EXIT_CODE } # make sure no instance of the installer is running if [ -f /asl-installer.lock ]; then echo "Another installer is already running." app_exit 1 else touch /asl-installer.lock fi #Check if run as root # For environments that do not use bash. if [ ! "$UID" ]; then UID=`id -u` fi if [ "$UID" -ne "$ROOT_UID" ] ; then echo "ERROR: You must be root to run this program." rm -f /asl-installer.lock exit 1 fi if [ -f /root/asl.cfg ]; then AUTO=1 source /root/asl.cfg fi function freespace_check { FILESYSTEM=$1 MINIMUM=$2 RECOMENDED=$3 SIZES=($(stat -L -f -c "%a %S" ${FILESYSTEM})) FREES=$((${SIZES[0]}*${SIZES[1]})) FREESMB=$(($FREES/1024/1024)) echo -n "`date -u` Freespace Check: " | tee -a $LOG if [ $FREESMB -lt $RECOMENDED ]; then if [ $FREESMB -lt $MINIMUM ]; then echo "FAILURE: in order to complete installation $FILESYSTEM will need at least $MINIMUM MB free." | tee -a $LOG echo "Currently: $FREESMB MB free" | tee -a $LOG app_exit 1 fi echo "Warning: $RECOMENDED GB is the recommended amount of disk space for awp-hub." | tee -a $LOG else echo "PASS" | tee -a $LOG fi } function check_third_party { # Check for 3rd party repos ALT_REPO=$(yum -v -C repolist |awk -F: '/Repo-id/ {print $2}' |egrep -iv "^ (asl-|atomic|base|extras|updates|tortix|cloudlinux|epel|plesk|rhel-6|EA4|r1soft|quantum|zabbix|PLESK|mysql|percona|cpanel-addons-production-feed|rack|mariadb|rhel-7|rhel-server|rhel-ha|rhel-rs|rhel-sjis)") RETVAL=$? echo -n "`date -u` ThirdParty Repo Check: " | tee -a $LOG if [ $RETVAL -lt 1 ]; then echo -n "WARNING - Third party repos detected, Temporarily disabling." if [ -f /usr/bin/yum-config-manager ]; then ALT_REPO_DISABLED=1 for reponame in $ALT_REPO; do echo "Disabling: $reponame" /usr/bin/yum-config-manager --disable $reponame > /dev/null done fi else echo "PASS" fi } function preflight_installation { echo -n "Starting Preflight Installation Checks:" | tee -a $LOG echo #Remove asl and awp repos if they exist. if [ -f /etc/yum.repos.d/asl.repo ]; then rm -f /etc/yum.repos.d/asl.repo fi if [ -f /etc/yum.repos.d/awp.repo ]; then rm -f /etc/yum.repos.d/awp.repo fi #Check Disk freespace_check $1 $2 $3 #Check Ram. echo -n "`date -u` MEM: " ram=$(free |awk '/Mem:/ {print $2}') swap=$(free |awk '/Swap:/ {print $2}') if [ $ram -lt 2090000 ]; then echo "FAIL - A minimuim of 2G of memory is required" | tee -a $LOG app_exit 1 else echo "PASS" fi echo -n "`date -u` SWAP: " if [ $swap -lt 2090000 ]; then echo "FAIL - A minimum swap size of 2G is required for AWP." | tee -a $LOG app_exit 1 else echo "PASS" fi #Checking ports #Webd port check PORT_INFO_WEBD=$(ss -tulwnp | grep -e "tcp.*:30001" | awk '{print $7}') re="users:.*\"(.*)\",pid=([0-9]+),fd=([0-9]+).*" echo -n "`date -u` PORT-CHECK-1: " if [[ $PORT_INFO_WEBD =~ $re ]]; then echo "FAIL - ${BASH_REMATCH[1]} running on 30001." | tee -a $LOG app_exit 1 else echo "PASS" fi #Tortixd port check PORT_INFO_TORTIXD=$(ss -tulwnp | grep -e "tcp.*:30000" | awk '{print $7}') re="users:.*\"(.*)\",pid=([0-9]+),fd=([0-9]+).*" echo -n "`date -u` PORT-CHECK-2: " if [[ $PORT_INFO_TORTIXD =~ $re ]]; then echo "FAIL - ${BASH_REMATCH[1]} running on 30000." | tee -a $LOG app_exit 1 else echo "PASS" fi #CPU Core check CORES=$(nproc) echo -n "`date -u` CPU Cores: " | tee -a $LOG if [[ $CORES < 2 ]]; then echo "FAIL - A minimum of 2 cores needed, $CORES available." | tee -a $LOG app_exit 1 else echo "PASS" | tee -a $LOG fi # Network check echo -n "`date -u` SSL: " | tee -a $LOG curl -s https://google.com >/dev/null RETVAL=$? if [ $RETVAL -eq 60 ]; then echo "FAILED: SSL Network failure (google.com): CA invalid" | tee -a $LOG app_exit 1 elif [ $RETVAL -ne 0 ] ; then echo "FAILED: SSL Network failure (google.com): connection failed" | tee -a $LOG app_exit 1 else echo "PASS" | tee -a $LOG fi #OS release check if [ -f /etc/system-release ]; then RELEASE_FILE=/etc/system-release elif [ -f /etc/redhat-release ] ; then RELEASE_FILE=/etc/redhat-release else echo | tee -a $LOG echo "Error: /etc/redhat-release was not detected" | tee -a $LOG echo echo "`date -u` ERROR: could not determine release file" | tee -a $LOG app_exit 1 fi #EL5 if egrep -q "release 7" $RELEASE_FILE ; then DIST="el7" DIR=centos/7 SUGGESTS="tortixd tortixd-mod_ssl tortix-waf tortix-mod_evasive" #EL8 elif egrep -q "release 8" $RELEASE_FILE ; then DIST="el8" DIR=centos/8 SUGGESTS="" else echo "Error: Unable to determine distribution type. Please send the contents of $RELEASE_FILE to support@atomicorp.com" | tee -a $LOG echo "`date -u` ERROR: unable to determine distribution type" | tee -a $LOG app_exit 1 fi echo "`date -u` distribution determined as $DIST" | tee -a $LOG if [ -d /etc/csf ]; then echo "WARNING: Configserver (CSF) detected. AP does not support CSF." | tee -a $LOG echo "CSF or other 3rd party WAF / Firewall management tools should be removed" | tee -a $LOG echo "before installing AP." | tee -a $LOG if [ ! $AUTO ]; then check_input " Would you like to remove csf? (yes/no) [Default: yes]" "yes|no" "yes" if [ "$INPUTTEXT" == "yes" ]; then if [ -f /etc/csf/uninstall.sh ]; then /etc/csf/uninstall.sh fi else check_input " Do you wish to continue? (yes/no) [Default: no]" "yes|no" "no" if [ "$INPUTTEXT" == "no" ]; then echo "Exiting..." | tee -a $LOG app_exit 1 fi check_input " Are you sure you wish to continue? (yes/no) [Default: no]" "yes|no" "no" if [ "$INPUTTEXT" == "no" ]; then echo "Exiting..." | tee -a $LOG app_exit 1 fi echo "WARNING: CSF detected, user accepted risk " | tee -a $LOG fi fi fi } #Run Preflight installation checks. preflight_installation / 1 10 # Logging echo "Tortix install begin: $DATE" >> $LOG if [ ! $SSH_TTY ]; then INSTALL_TTY="/dev/$(ps -p$$ --no-heading | awk '{print $2}')" else INSTALL_TTY=$SSH_TTY fi echo "Environment" >> $LOG env >>$LOG rawurlencode() { local string="${1}" local strlen=${#string} local encoded="" for (( pos=0 ; pos /etc/asl/VERSION ASL_VERSION=0 APPINV_VERSION=0 CLAMAV_VERSION=0 GEOMAP_VERSION=0 GRSEC_VERSION=0 MODSEC_VERSION=0 OSSEC_VERSION=0 EOF fi # Redundancy #2, ensure db files exist if [ ! -f /etc/asl/disabled_signatures ]; then touch /etc/asl/disabled_signatures fi if [ ! -f /etc/asl/whitelist ]; then touch /etc/asl/whitelist fi # Redundancy #3, ensure localhost is set if ! grep -q 127.0.0.1.*localhost /etc/hosts; then echo "127.0.0.1 localhost.localdomain localhost" >> /etc/hosts fi if [ ! -f /etc/asl/config ]; then echo "Error: /etc/asl/config was not detected" echo app_exit 1 fi if [ ! $AUTO ]; then check_input "Continue with ASL configuration? (yes/no) [Default: yes]" "yes|no" "yes" if [ "$INPUTTEXT" == "no" ]; then echo "Exiting...." exit fi fi # set the basic config in /etc/asl/config ESCAPED_PASSWORD=$(echo $PASSWORD | sed -e 's/[\/&]/\\&/g') sed -i "s/\"USERNAME\"/\"$USERNAME\"/" /etc/asl/config sed -i "s/\"PASSWORD\"/\"$ESCAPED_PASSWORD\"/" /etc/asl/config if [ ! -f /root/asl.cfg ]; then echo "USERNAME=\"$USERNAME\"" >> asl.cfg echo "PASSWORD=\"$ESCAPED_PASSWORD\"" >> asl.cfg echo "KERNEL_CHANNEL=\"disabled\"" >> asl.cfg echo "FW_ENABLE=\"no\"" >> asl.cfg echo "FW_ENABLE_IPSET=\"no\"" >> asl.cfg echo "ALLOW_kmod_loading=\"yes\"" >> asl.cfg echo "CLAMAV_ENABLED=\"yes\"" >> asl.cfg echo "CLAMAV_ENABLE_REALTIME=\"yes\"" >> asl.cfg echo "CLAMAV_PREVENTONACCESS=\"yes\"" >> asl.cfg echo "OSSEC_MODE=\"client\"" >> asl.cfg echo "MODSEC_ENABLED=\"no\"" >> asl.cfg echo "WAF_ENGINE=\"off\"" >> asl.cfg echo "PHP_CHECKS=\"no\"" >> asl.cfg echo "RKHUNTER_ENABLED=\"no\"" >> asl.cfg echo "MODEV_ENABLED=\"no\"" >> asl.cfg echo "MOD_QOS_ENABLED=\"no\"" >> asl.cfg echo "MYSQL_CHECKS=\"no\"" >> asl.cfg echo "HIDS_SHUN_TRACKING=\"no\"" >> asl.cfg else echo "asl.cfg detected" fi echo "DEBUG: configured is $CONFIGURED" echo "DEBUG: AUTO is $AUTO" if [[ "$OSSEC_SERVER" == "" ]]; then echo echo " Configuring console server" echo check_input " Enter IP Address of the AEO Management Hub:" \ "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" "" OSSEC_SERVER=$INPUTTEXT perl -pi -e "s/^OSSEC_SERVER=.*/OSSEC_SERVER=\"$OSSEC_SERVER\"/" /etc/asl/config perl -pi -e "s/^OSSEC_MODE=.*/OSSEC_MODE=\"client\"/" /etc/asl/config fi AUTO=1 source /root/asl.cfg # Globals export OSSEC_MODE="client" # Configure the system /var/asl/lib/modules/configuration_setup.sh auto touch /var/asl/data/{waf_classes,waf-rule-list,security-modules,updates-data,vulnerability-data,vulnerability-report.html,security-modules,webapp.db} source /etc/asl/config if [ "$MODSEC_ENABLED" == "yes" ]; then if ! rpm -q mod_security >/dev/null; then if ! rpm -q httpd >/dev/null ; then echo echo "Mod_security set to enabled, but apache was not detected. Disabling...." echo perl -pi -e "s/^MODSEC_ENABLED=.*/MODSEC_ENABLED=\"no\"/" /etc/asl/config else yum -y install mod_security fi fi if [ -f /etc/httpd/conf.d/mod_security.conf ]; then mv /etc/httpd/conf.d/mod_security.conf /etc/httpd/conf.d/mod_security.conf.disabled.by.atomic fi fi echo "Preparing to update, this may take a moment" | tee -a $LOG /var/asl/bin/aum -uf COUNT=0 while [ ! -f /var/asl/rules/modsec/waf_rule_config ] ; do /var/asl/bin/aum -uf COUNT=`expr $COUNT + 1` if [ $COUNT -ge 4 ]; then #echo "Error: Could not complete installation." break fi done # Kernel source /etc/asl/config # Clear firewall rules if [ -f /etc/init.d/iptables ] ; then /etc/init.d/iptables stop >/dev/null 2>&1 else service firewalld stop >/dev/null 2>&1 fi # run a fix event /var/asl/bin/asl -s -f if [ -f /etc/init.d/asl-firewall ]; then /etc/init.d/asl-firewall start >/dev/null 2>&1 fi # Scan the system for malware echo "Updating malware definitions..." if [ -f /usr/bin/freshclam ]; then /usr/bin/freshclam -d else echo echo "ERROR: malware update component not found!" echo " Malware detection is broken. Unsupportable configuration" echo fi # Re-enable disabled repos if [ $ALT_REPO_DISABLED -ge 1 ]; then for reponame in $ALT_REPO; do /usr/bin/yum-config-manager --enable $reponame > /dev/null done fi echo "Installation completed" >> $LOG if [ -f /etc/asl/tortix.key ]; then echo "Your login information for the ASL Support Portal is:" echo echo "Username: $USERNAME" echo "Password: $PASSWORD" echo echo "The support portal is located at https://atomicorp.com/support/support-portal.html" fi if [ "$KERNEL_CHANNEL" != "disabled" ]; then echo echo echo "Please reboot your server to complete the installation process." echo echo fi } clear echo echo "Atomic Workload Protection (agent) Installer (v$INSTALLER_VER)" echo "Further Documentation is available at: " echo "https://wiki.atomicorp.com/wiki/index.php/ASL_installation" echo echo "Support: support@atomicorp.com" echo if [ ! $AUTO ]; then echo "Hit any key to view the License agreement, or Ctrl-C to exit" echo read -n 1 < $INSTALL_TTY cat << EOF | less -e -M -Ps"Press any key to view the next page" STANDARD TERMS AND AGREEMENT 1. DEFINITIONS. Capitalized terms will have the meanings set forth in this Section 1, or in the section where they are first used. 1.1 "Access Protocols" means the passwords, access codes, technical specifications, connectivity standards or protocols, or other relevant procedures, as may be necessary to allow Customer or any Authorized Users to access the Licensed Software. 1.2 "Authorized User" means each of Customer's employees, agents, and independent contractors who are authorized to access the Licensed Software pursuant to Customer's rights under this Agreement. 1.3 "Company" means Atomic Corporate Industries, Inc. 1.4 "Licensed Software" means the software identified in any Order Form that allows Authorized Users to access certain features and functions through the Customer Environment. 1.5 "Customer" means the customer identified on the Order Form. 1.6 "Customer Content" means any content and information provided or submitted by, or on behalf of, Customer or its Authorized Users for use with the Services. 1.7 "Customer Environment" means the self-hosted (or third party hosted) environment owned or controlled by Customer in which the Licensed Software is deployed, as approved by Company. The Customer Environment must meet the minimum specifications identified in writing by Company. 1.8 "Documentation" means the technical materials provided by Company to Customer in hard copy or electronic form describing the use and operation of the Licensed Software. 1.9 "Effective Date" means the date of last signature on the first Order Form signed by the parties. 1.10 "Intellectual Property Rights" means any and all now known or hereafter existing (a) rights associated with works of authorship, including copyrights, mask work rights, and moral rights; (b) trademark or service mark rights; (c) trade secret rights; (d) patents, patent rights, and industrial property rights; (e) layout design rights, design rights, and other proprietary rights of every kind and nature other than trademarks, service marks, trade dress, and similar rights; and (f) all registrations, applications, renewals, extensions, or reissues of the foregoing, in each case in any jurisdiction throughout the world. 1.11 "Licensed Material" means results, reports, materials and documentation made available to Customer as part of the Services. 1.12 "Order Form" means an order form or proposal that is signed by both parties and references these terms and conditions. 1.13 "Professional Services" means professional services provided by Company to Customer as described in any Order Form (as may be further elaborated in any statement of work), including training and configuration services. 1.14 "Services" means any services provided by Company to Customer under this Agreement as set forth in an Order Form, including, but not limited to, provision of the Licensed Software and Professional Services. 2. PROVISION OF SERVICES 2.1 Self-Hosted License. Subject to Customer's payment of the fees set forth in the Order Form or any applicable SOW(s) ("Fees"), Company hereby grants to Customer a non-exclusive, non-transferable, non-sublicenseable right and license during the License Term set forth on the applicable Order Form (i) to install and operate the Licensed Software as identified in an Order Form in the Customer Environment solely in accordance with applicable, standard Documentation provided by Company; and (ii) to permit Authorized Users to access the Licensed Software solely for Customer's internal business purposes. Customer will be and is solely responsible for obtaining any third party licenses or consents relating to Customer's data or Customer's integration or interoperation of any Licensed Software with third party products or services not provided by Company. Customer acknowledges and agrees that Company shall not be liable for any down-time, loss of data or business, corrupted, intelligible, garbled, deleted, lost or otherwise destroyed data that is/was stored in the Customer Environment, or any other security breaches attributable to the Customer Environment and/or the third-party service provider(s) that own or control the Customer Environment. 2.2 Documentation License. Subject to the terms and conditions of this Agreement and Customer's payment of Fees, Company hereby grants to Customer a non-exclusive, non-transferable, non-sublicenseable right and license during the Term to make copies of the Documentation provided by Company solely for use by individual employees, agents, or contractors of Customer in connection with the exercise of rights granted in Section 2.1. Customer acknowledges that no right is granted to modify, adapt, translate, publicly display, publish, create derivative works or distribute the Documentation. 2.3 Support Services. Company will exercise commercially reasonable efforts to (a) provide support for the use of the Licensed Software to Customer in accordance with the terms of the Order Form, and (b) keep the Licensed Software operational and available to Customer, in each case in accordance with its standard policies and procedures. 2.4 Delivery. As soon as commercially practicable after the Effective Date, Company shall deliver to Customer one (1) copy of the Licensed Software and the Documentation for use by Customer in exercising its rights under the licenses granted in Section 2.1. Notwithstanding any provision under a separate SOW which may require Company to perform certain services in the nature of installation of the Licensed Software or configuration of Customer's computers, networks or other systems, for purposes of this Addendum delivery shall be deemed complete upon receipt by Customer of media upon which the Licensed Software and Documentation are digitally stored (the "Delivery Date"). 3. INTELLECTUAL PROPERTY 3.1 Ownership. The Licensed Software, Licensed Materials and Documentation, and all worldwide Intellectual Property Rights in each of the foregoing, are the exclusive property of Company and its suppliers. All rights in and to the Licensed Software and Documentation not expressly granted to Customer in this Agreement are reserved by Company and its suppliers. Except as expressly set forth herein, no express or implied license or right of any kind is granted to Customer regarding the Licensed Software, Documentation, or any part thereof. 3.2 Restrictions. Customer will not, and will not permit any Authorized User or other party to: (a) allow any third party to access the Licensed Software, Licensed Material or Documentation, except as expressly allowed herein; (b) modify, adapt, alter or translate the Licensed Software, Licensed Material or Documentation; (c) sublicense, lease, sell, resell, rent, loan, distribute, transfer or otherwise allow the use of the Licensed Software or Documentation for the benefit of any unauthorized third party; (d) reverse engineer, decompile, disassemble, or otherwise derive or determine or attempt to derive or determine the source code (or the underlying ideas, algorithms, structure or organization) of the Licensed Software, except as permitted by law; (e) interfere in any manner with the operation of the Licensed Software or the hardware and network used to operate the Licensed Software; (f) modify, copy or make derivative works based on any part of the Licensed Software or Documentation; (g) access or use the Licensed Software to build a similar or competitive product or service; (h) attempt to access the Licensed Software through any unapproved interface; or (i) otherwise use the Licensed Software, Licensed Material, or Documentation in any manner that exceeds the scope of use permitted under Section 3.1 or in a manner inconsistent with applicable law, the Documentation, or this Agreement. Customer acknowledges and agrees that the Licensed Software will not be used, and are not licensed for use, in connection with any of Customer's time-critical or mission-critical functions. Customer will not remove, alter, or obscure any proprietary notices (including copyright and trademark notices) of Company or its licensors on the Licensed Material or any copies thereof. 3.3 Open Source Software. Certain items of software may be provided to Customer with the Licensed Software and are subject to "open source" or "free software" licenses ("Open Source Software"). Some of the Open Source Software is owned by third parties. The Open Source Software is not subject to the terms and conditions of Sections 2.1 or 10. Instead, each item of Open Source Software is licensed under the terms of the end-user license that accompanies such Open Source Software. Nothing in this Agreement limits Customer's rights under, or grants Customer rights that supersede, the terms and conditions of any applicable end user license for the Open Source Software. If required by any license for particular Open Source Software, Company makes such Open Source Software, and Company's modifications to that Open Source Software, available by written request at the notice address specified below. 3.4 Feedback. Customer hereby grants to Company a royalty-free, worldwide, transferable, sublicensable, irrevocable, perpetual license to use or incorporate into the Services any suggestions, enhancement requests, recommendations or other feedback provided by Customer, including Authorized Users, relating to the Services. Company will not identify Customer as the source of any such feedback. 4. FEES AND EXPENSES; PAYMENTS 4.1 Fees. In consideration for the license rights granted to Customer and the Services performed by Company under this Agreement, Customer will pay to Company the Fees. Except as otherwise provided in the Order Form, all Fees are billed at the end of the month due and payable within thirty (30) days of the date of the invoice. Company reserves the right to modify the Fees payable hereunder upon written notice to Customer at least [ninety (90) days] prior to the end of the then-current term. Company will be reimbursed only for expenses that are expressly provided for in an Order Form or SOW or that have been approved in advance in writing by Customer, provided Company has furnished such documentation for authorized expenses as Client may reasonably request. Company reserves the right (in addition to any other rights or remedies Company may have) to terminate this Agreement if any Fees are more than thirty (30) days overdue until such amounts are paid in full. Customer will maintain complete, accurate and up-to-date Customer billing and contact information at all times. 4.2 Taxes. The Fees are exclusive of all applicable sales, use, value-added and other taxes, and all applicable duties, tariffs, assessments, export and import fees, or other similar charges, and Customer will be responsible for payment of all such taxes (other than taxes based on Company's income), fees, duties, and charges and any related penalties and interest, arising from the payment of the fees, the provision of the Services, or the license of the Licensed Software to Customer. Customer will make all payments of Fees to Company free and clear of, and without reduction for, any withholding taxes; any such taxes imposed on payments of Fees to Company will be Customer's sole responsibility, and Customer will provide Company with official receipts issued by the appropriate taxing authority, or such other evidence as the Company may reasonably request, to establish that such taxes have been paid. 4.3 Interest. Any amounts not paid when due will bear interest at the rate of one and one half percent (1.5%) per month, or the maximum legal rate if less, from the due date until paid. 5. CUSTOMER CONTENT AND RESPONSIBILITIES 5.1 License; Ownership. Customer is solely responsible for any and all obligations with respect to the accuracy, quality and legality of Customer Content. Customer will obtain all third party licenses, consents and permissions needed for Company to use the Customer Content to provide the Services. Without limiting the foregoing, Customer will be solely responsible for obtaining from third parties all necessary rights for Company to use the Customer Content submitted by or on behalf of Clients for the purposes set forth in this Agreement. Customer grants Company a non-exclusive, worldwide, royalty-free and fully paid license during the Term (a) to use the Customer Content as necessary for purposes of providing and improving the Services, (b) to use the Customer trademarks, service marks, and logos as required to provide the Services, and (c) use the Customer Content in an aggregated and anonymized form to: (i) improve the Services and Company's related products and services; (ii) provide analytics and benchmarking services; and (iii) generate and disclose statistics regarding use of the Services, provided, however, that no Customer-only statistics will be disclosed to third parties without Customer's consent. The Customer Content, and all worldwide Intellectual Property Rights in it, is the exclusive property of Customer. All rights in and to the Customer Content not expressly granted to Company in this Agreement are reserved by Customer. 5.2 Customer Warranty. Customer represents and warrants that any Customer Content will not (a) infringe any copyright, trademark, or patent; (b) misappropriate any trade secret; (c) be deceptive, defamatory, obscene, pornographic or unlawful; (d) contain any viruses, worms or other malicious computer programming codes intended to damage Company's system or data; and (e) otherwise violate the rights of a third party. Company is not obligated to back up any Customer Content; the Customer is solely responsible for creating backup copies of any Customer Content at Customer's sole cost and expense. Customer agrees that any use of the Licensed Software contrary to or in violation of the representations and warranties of Customer in this Section 5.2 constitutes unauthorized and improper use of the Licensed Software. 5.3 Customer Responsibility for Data and Security. Customer and its Authorized Users will have access to the Customer Content and will be responsible for all changes to and/or deletions of Customer Content and the security of all passwords and other Access Protocols required in order the access the Licensed Software. Customer will have the ability to export Customer Content out of the Licensed Software and is encouraged to make its own back-ups of the Customer Content. Customer will have the sole responsibility for the accuracy, quality, integrity, legality, reliability, and appropriateness of all Customer Content. 6. PROFESSIONAL SERVICES. Where the parties have agreed to Company's provision of Professional Services, the details of such Professional Services will be set out in an Order Form or a mutually executed statement of work ("SOW"). The Order Form or SOW, as applicable, will include: (a) a description of the Professional Services; (b) the schedule for the performance of the Professional Services; and (c) the Fees applicable for the performance of the Professional Services. Each Order Form or SOW, as applicable, will incorporate the terms and conditions of this Agreement. To the extent that a conflict arises between the terms and conditions of an Order Form or SOW and the terms of this Agreement, the terms and conditions of this Agreement will govern, except to the extent that the Order Form or SOW, as applicable, expressly states that it supersedes specific language in the Agreement. 7. WARRANTIES AND DISCLAIMERS 7.1 Limited Warranty. Company warrants, for the benefit of Company only, that the Licensed Software, when used in the Customer Environment, will conform in all material respects to the Documentation for a period of ninety (90) days after the Delivery Date ("Warranty Period"), provided that such warranty will not apply to failures to conform to the Documentation to the extent such failures arise, in whole or in part, from any modification of the Licensed Software by Customer or any third party or any combination of the Licensed Software with software, hardware or other technology not provided by Company under this Agreement (except to the extent such combination is expressly contemplated in the Documentation as required for ordinary operation of the Licensed Software). Provided that Customer submits written notice to Company of any such breach of warranty during the Warranty Period, within thirty (30) days of such breach, Company will, as Customer's sole and exclusive remedy, for any breach of the foregoing, repair or replace the Licensed Software so that it conforms in all material respects to the Documentation or, at Company's option, refund the fees paid by Customer for the Services which gave rise to the breach. 7.2 Disclaimer. THE LIMITED WARRANTY SET FORTH IN SECTION 7.1 IS MADE FOR THE BENEFIT OF CUSTOMER ONLY. EXCEPT AS EXPRESSLY PROVIDED IN THIS SECTION 7.1, AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICES, LICENSED MATERIAL AND DOCUMENTATION ARE PROVIDED "AS IS," AND COMPANY MAKES NO (AND HEREBY DISCLAIMS ALL) OTHER WARRANTIES, REPRESENTATIONS, OR CONDITIONS, WHETHER WRITTEN, ORAL, EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF SATISFACTORY QUALITY, COURSE OF DEALING, TRADE USAGE OR PRACTICE, SYSTEM INTEGRATION, DATA ACCURACY, MERCHANTABILITY, TITLE, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR PURPOSE. COMPANY DOES NOT WARRANT THAT ALL ERRORS CAN BE CORRECTED, OR THAT OPERATION OF THE LICENSED SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE. 8. LIMITATION OF LIABILITY 8.1 Types of Damages. IN NO EVENT WILL EITHER PARTY BE LIABLE TO THE OTHER PARTY FOR ANY INCIDENTAL, INDIRECT, SPECIAL, CONSEQUENTIAL OR PUNITIVE DAMAGES, REGARDLESS OF THE NATURE OF THE CLAIM, INCLUDING, WITHOUT LIMITATION, LOST PROFITS, COSTS OF DELAY, ANY FAILURE OF DELIVERY, BUSINESS INTERRUPTION, COSTS OF LOST OR DAMAGED DATA OR DOCUMENTATION, OR LIABILITIES TO THIRD PARTIES ARISING FROM ANY SOURCE, EVEN IF A PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION UPON DAMAGES AND CLAIMS IS INTENDED TO APPLY WITHOUT REGARD TO WHETHER OTHER PROVISIONS OF THIS AGREEMENT HAVE BEEN BREACHED OR HAVE PROVEN INEFFECTIVE. 8.2 Amount of Damages. THE MAXIMUM LIABILITY OF EITHER PARTY ARISING OUT OF OR IN ANY WAY CONNECTED TO THIS AGREEMENT WILL NOT EXCEED THE FEES PAID BY CUSTOMER TO COMPANY DURING THE TWELVE (12) MONTHS PRECEDING THE ACT, OMISSION OR OCCURRENCE GIVING RISE TO SUCH LIABILITY. IN NO EVENT WILL COMPANY'S SUPPLIERS HAVE ANY LIABILITY ARISING OUT OF OR IN ANY WAY CONNECTED TO THIS AGREEMENT. NOTHING IN THIS AGREEMENT WILL LIMIT OR EXCLUDE EITHER PARTY'S LIABILITY FOR GROSS NEGLIGENCE OR INTENTIONAL MISCONDUCT OF A PARTY OR ITS EMPLOYEES OR AGENTS OR FOR DEATH OR PERSONAL INJURY. 8.3 Basis of the Bargain. The parties agree that the limitations of liability set forth in this Section 8 will survive and continue in full force and effect despite any failure of consideration or of an exclusive remedy. The parties acknowledge that the prices have been set and the Agreement entered into in reliance upon these limitations of liability and that all such limitations form an essential basis of the bargain between the parties. 9. CONFIDENTIALITY 9.1 Confidential Information. "Confidential Information" means any nonpublic information of a party (the "Disclosing Party"), whether disclosed orally or in written or digital media, that is identified as "confidential" or with a similar legend at the time of such disclosure or that the receiving party (the "Receiving Party") knows or should have known is the confidential or proprietary information of the Disclosing Party. The Services, Documentation, and all enhancements and improvements thereto will be considered Confidential Information of Company. 9.2 Protection of Confidential Information. The Receiving Party agrees that it will not use or disclose to any third party any Confidential Information of the Disclosing Party, except as expressly permitted under this Agreement. The Receiving Party will limit access to the Confidential Information to Authorized Users (with respect to Customer) or to those employees who have a need to know, who have confidentiality obligations no less restrictive than those set forth herein, and who have been informed of the confidential nature of such information (with respect to Company). In addition, the Receiving Party will protect the Disclosing Party's Confidential Information from unauthorized use, access, or disclosure in the same manner that it protects its own proprietary information of a similar nature, but in no event with less than reasonable care. At the Disclosing Party's request or upon termination or expiration of this Agreement, the Receiving Party will return to the Disclosing Party or destroy (or permanently erase in the case of electronic files) all copies of the Confidential Information that the Receiving Party does not have a continuing right to use under this Agreement, and the Receiving Party will, upon request, certify to the Disclosing Party its compliance with this sentence. 9.3 Exceptions. The confidentiality obligations set forth in Section 9.2 will not apply to any information that (a) is at the time of disclosure or becomes generally available to the public through no fault of the Receiving Party; (b) is lawfully provided to the Receiving Party by a third party free of any confidentiality duties or obligations; (c) was already known to the Receiving Party at the time of disclosure free of any confidentiality duties or obligations; or (d) the Receiving Party can demonstrate, by clear and convincing evidence, was independently developed by employees and contractors of the Receiving Party who had no access to the Confidential Information. In addition, the Receiving Party may disclose Confidential Information to the extent that such disclosure is necessary for the Receiving Party to enforce its rights under this Agreement or is required by law or by the order of a court or similar judicial or administrative body, provided that (to the extent legally permissible) the Receiving Party promptly notifies the Disclosing Party in writing of such required disclosure and cooperates with the Disclosing Party if the Disclosing Party seeks an appropriate protective order. 10. INDEMNIFICATION 10.1 By Company. Company will defend at its expense any suit brought against Customer, and will pay any settlement Company makes or approves, or any damages finally awarded in such suit, insofar as such suit is based on a claim by any third party alleging that the Licensed Software infringes such third party's patents, copyrights or trade secret rights under applicable laws of any jurisdiction within the United States of America. If any portion of the Licensed Software becomes, or in Company's opinion is likely to become, the subject of a claim of infringement, Company may, at Company's option: (a) procure for Customer the right to continue using the Licensed Software; (b) replace the Licensed Software with non-infringing software or services which do not materially impair the functionality of the Licensed Software; (c) modify the Licensed Software so that it becomes non-infringing; or (d) terminate this Agreement and refund any unused prepaid Fees for the remainder of the term then in effect, and upon such termination, Customer will immediately cease all use of the Licensed Software and Documentation. Notwithstanding the foregoing, Company will have no obligation under this Section 10.1 or otherwise with respect to any infringement claim based upon (i) any use of the Licensed Software not in accordance with this Agreement or as specified in the Documentation; (ii) any use of the Licensed Software in combination with other products, equipment, software or data not supplied by Company; or (iii) any modification of the Licensed Software by any person other than Company or its authorized agents (collectively, the "Exclusions" and each, an "Exclusion"). This Section 10.1 states the sole and exclusive remedy of Customer and the entire liability of Company, or any of the officers, directors, employees, shareholders, contractors or representatives of the foregoing, for infringement claims and actions. 10.2 By Customer. Customer will defend at its expense any suit brought against Company, and will pay any settlement Customer makes or approves, or any damages finally awarded in such suit, insofar as such suit is based on a claim arising out of or relating to (a) an Exclusion, or (b) Customer's breach or alleged breach of Sections 5.2. This Section 10.2 states the sole and exclusive remedy of Company and the entire liability of Customer, or any of the officers, directors, employees, shareholders, contractors or representatives of the foregoing, for the claims and actions described herein. 10.3 Procedure. The indemnifying party's obligations as set forth above are expressly conditioned upon each of the foregoing: (a) the indemnified party will promptly notify the indemnifying party in writing of any threatened or actual claim or suit; (b) the indemnifying party will have sole control of the defense or settlement of any claim or suit; and (c) the indemnified party will cooperate with the indemnifying party to facilitate the settlement or defense of any claim or suit. 11. TERM AND TERMINATION 11.1 Term. This Agreement will begin on the Effective Date and continue in full force and effect as long as any Order Form and/or Statement of Work remains in effect, unless earlier terminated in accordance with the Agreement (the "Term"). Unless otherwise stated in the applicable Order Form, the term of an Order Form will begin on the effective date of the Order Form and continue in full force and effect for one (1) year, unless earlier terminated in accordance with the Agreement. Thereafter, the Order Form will automatically renew for additional terms of one (1) year unless either party gives written notice of non-renewal to the other party at least [sixty (60) days] prior to the expiration of the then-current term. The term of an Order Form is referred to herein as the "License Term". 11.2 Termination for Convenience. Either party may terminate this Agreement for convenience on sixty (60) days' prior written notice to the other party. Customer acknowledges and agrees that it will not receive a refund of any Fees paid as of the date of termination. 11.3 Termination for Breach. Either party may terminate this Agreement immediately upon notice to the other party if the other party materially breaches this Agreement, and such breach remains uncured more than thirty (30) days after receipt of written notice of such breach. 11.4 Effect of Termination. Upon termination or expiration of this Agreement for any reason: (a) all licenses granted hereunder will immediately terminate; (b) promptly after the effective date of termination or expiration, each party will comply with the obligations to return all Confidential Information of the other party, as set forth in the Section 9; and (c) any amounts owed to Company under this Agreement will become immediately due and payable. Sections 1, 3.2, 3.3, 3.5, 4, 7.2, 8, 9, 10, 11.3, 11.4, and 12 will survive expiration or termination of this Agreement for any reason. 12. MISCELLANEOUS 12.1 Governing Law and Venue. This Agreement and any action related thereto will be governed and interpreted by and under the laws of the State of Delaware, without giving effect to any conflicts of laws principles that require the application of the law of a different jurisdiction. Customer hereby expressly consents to the personal jurisdiction and venue in the state and federal courts for New Castle County, Delaware for any lawsuit filed there against Customer by Company arising from or related to this Agreement. The United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement. 12.2 Export. Customer agrees not to export, reexport, or transfer, directly or indirectly, any U.S. technical data acquired from Company, or any products utilizing such data, in violation of the United States export laws or regulations. 12.3 Severability. If any provision of this Agreement is, for any reason, held to be invalid or unenforceable, the other provisions of this Agreement will remain enforceable and the invalid or unenforceable provision will be deemed modified so that it is valid and enforceable to the maximum extent permitted by law. 12.4 Waiver. Any waiver or failure to enforce any provision of this Agreement on one occasion will not be deemed a waiver of any other provision or of such provision on any other occasion. 12.5 No Assignment. Neither party will assign, subcontract, delegate, or otherwise transfer this Agreement, or its rights and obligations herein, without obtaining the prior written consent of the other party, and any attempted assignment, subcontract, delegation, or transfer in violation of the foregoing will be null and void; provided, however, that either party may assign this Agreement in connection with a merger, acquisition, reorganization or sale of all or substantially all of its assets, or other operation of law, without any consent of the other party. The terms of this Agreement will be binding upon the parties and their respective successors and permitted assigns. 12.6 Compliance with Law. Customer will always comply with all international and domestic laws, ordinances, regulations, and statutes that are applicable to its purchase and use of the Services, Licensed Material and Documentation. 12.7 Force Majeure. Any delay in the performance of any duties or obligations of either party (except the payment of Fees owed) will not be considered a breach of this Agreement if such delay is caused by a labor dispute, shortage of materials, fire, earthquake, flood, or any other event beyond the control of such party, provided that such party uses reasonable efforts, under the circumstances, to notify the other party of the cause of such delay and to resume performance as soon as possible. 12.8 Independent Contractors. Customer's relationship to Company is that of an independent contractor, and neither party is an agent or partner of the other. Customer will not have, and will not represent to any third party that it has, any authority to act on behalf of Company. 12.9 Notices. All notices required or permitted under this agreement must be delivered in writing, if to Company, by emailing [INSERT EMAIL] and if to Customer by emailing the Customer email address listed on the applicable Order Form, provided, however, that with respect to any notices relating to breaches of this agreement or termination, a copy of such notice will also be sent in writing to the other party at the address listed on the Order Form by courier, by certified or registered mail (postage prepaid and return receipt requested), or by a nationally-recognized express mail service. Each party may change its email address and/or address for receipt of notice by giving notice of such change to the other party. 12.10 Counterparts. This Agreement may be executed in one or more counterparts, each of which will be deemed an original and all of which will be taken together and deemed to be one instrument. 12.11 Entire Agreement. This Agreement is the final, complete and exclusive agreement of the parties with respect to the subject matters hereof and supersedes and merges all prior discussions between the parties with respect to such subject matters. No modification of or amendment to this Agreement, or any waiver of any rights under this Agreement, will be effective unless in writing and signed by an authorized signatory of Customer and the Company. EOF check_input "Do you agree to these terms (yes/no) [Default: yes]" "yes|no" "yes" if [ $INPUTTEXT != "yes" ]; then echo " Exiting install, License was not accepted " | tee -a $LOG app_exit 1 fi echo "NOTICE: User accepted License" >> $LOG fi if [ -f /etc/yum.repos.d/asl.repo ]; then rm -f /etc/yum.repos.d/asl.repo fi if [ -d /etc/csf ]; then echo echo echo "WARNING: Configserver (CSF) detected. ASL does not support CSF." echo "CSF or other 3rd party WAF / Firewall management tools should be removed" echo "before installing ASL." echo echo if [ ! $AUTO ]; then check_input " Would you like to remove csf? (yes/no) [Default: yes]" "yes|no" "yes" if [ "$INPUTTEXT" == "yes" ]; then if [ -f /etc/csf/uninstall.sh ]; then /etc/csf/uninstall.sh fi else check_input " Do you wish to continue? (yes/no) [Default: no]" "yes|no" "no" if [ "$INPUTTEXT" == "no" ]; then echo echo "Exiting..." echo app_exit 1 fi check_input " Are you sure you wish to continue? (yes/no) [Default: no]" "yes|no" "no" if [ "$INPUTTEXT" == "no" ]; then echo echo "Exiting..." echo app_exit 1 fi fi fi echo echo "WARNING: CSF detected, user accepted risk " >> $LOG echo fi echo -n "Performing Basic environment checks: " | tee -a $LOG echo | tee -a $LOG # Main if [ ! $AUTO ]; then CONFIGURED=no fi if [ ! -f /var/asl/bin/asl ]; then if [ -f /etc/asl/config ]; then mv /etc/asl/config /etc/asl/config.preupgrade fi fi if [ -f /etc/asl/config ] ; then source /etc/asl/config fi if [ "$CONFIGURED" != "yes" ]; then # --------- from tortix.key if [ -f /etc/asl/tortix.key ] && [ -s /etc/asl/tortix.key ]; then TC_TARGET="www.atomicorp.com/channels/rules/plesk/README" STEXT=`base64 -d /etc/asl/tortix.key` USERNAME=$(php -r "\$z = unserialize('"$STEXT"'); echo \$z[\"login\"] ; ") PASSWORD=$(php -r "\$z = unserialize('"$STEXT"'); echo \$z[\"pass\"] ; ") if [ "$USERNAME" == "" ]; then echo " Error: Username was empty. (Encoding error)" app_exit 1 fi if [ "$PASSWORD" == "" ]; then echo " Error: Password field was empty. (Encoding error)" app_exit 1 fi export USERNAME echo "Username: $USERNAME" >> $LOG # --------- from stdin else TC_TARGET="updates.atomicorp.com/channels/asl-3.0/README" echo -n "Enter subscription Username: " | tee -a $LOG read USERNAME < $INSTALL_TTY export USERNAME echo "Username: $USERNAME" >> $LOG if [ "$USERNAME" == "" ]; then echo "Exiting: Username is blank. " | tee -a $LOG echo app_exit 1 fi PASSCONFIRMED=0 failed=0 while [ $PASSCONFIRMED -lt 1 ]; do if [ $failed -gt 2 ]; then echo "Exiting: too many failed attempts." |tee -a $LOG echo app_exit 1 fi echo -n "Enter Subscription Password: " unset PASSWORD read -sr PASSWORD < $INSTALL_TTY # while IFS= read -r -s -n1 pass <$INSTALL_TTY ; do # if [[ -z $pass ]]; then # echo # break # else # echo -n '*' # PASSWORD+=$pass # fi # done echo if [ "$PASSWORD" == "" ]; then echo "Exiting: Password is blank..." | tee -a $LOG echo app_exit 1 fi unset PASSWORD2 echo -n "Re-Enter Subscription Password: " read -sr PASSWORD2 < $INSTALL_TTY #while IFS= read -r -s -n1 pass <$INSTALL_TTY; do # if [[ -z $pass ]]; then # echo # break # else # echo -n '*' # PASSWORD2+=$pass # fi #done echo if [ "$PASSWORD" == "$PASSWORD2" ]; then PASSCONFIRMED=1 else failed=$(( $failed + 1 )) echo "Sorry, passwords do not match." | tee -a $LOG echo fi done fi fi ENCPASSWORD=$(rawurlencode $PASSWORD) TEST_CREDENTIALS=$($GET -nv https://$USERNAME:$ENCPASSWORD@$TC_TARGET -O - 2>&1) echo -n "Verifying account: " | tee -a $LOG if [ "$TEST_CREDENTIALS" == "Authorization failed." ]; then echo " Failed" | tee -a $LOG echo echo " ERROR: ASL Username/Password credentials are incorrect or this license has expired." | tee -a $LOG echo " For more information, please see this FAQ:" | tee -a $LOG echo " https://wiki.atomicorp.com/wiki/index.php/ASL_FAQ#HTTP_Error_401:_Authorization_Required_Trying_other_mirror " | tee -a $LOG echo app_exit 1 else echo " Passed" | tee -a $LOG fi if [ -f /etc/system-release ]; then RELEASE_FILE=/etc/system-release elif [ -f /etc/redhat-release ] ; then RELEASE_FILE=/etc/redhat-release elif [ -f /etc/openvz-release ]; then RELEASE_FILE=/etc/openvz-release elif [ -f /etc/virtuozzo-release ]; then RELEASE_FILE=/etc/openvz-release else echo echo "Error: /etc/redhat-release was not detected" | tee -a $LOG echo app_exit 1 fi RELEASE=`cat $RELEASE_FILE | awk -F\( '{print $1}'` echo "Release is: $RELEASE" >> $LOG # EL5 if egrep -q "release 5|release 2011" $RELEASE_FILE ; then DIST="el5" DIR=centos/5 # EL6 elif egrep -q "release 6|release 2012" $RELEASE_FILE ; then DIST="el6" DIR=centos/6 # EL7 elif egrep -q "release 7" $RELEASE_FILE ; then DIST="el7" DIR=centos/7 else echo "Error: Unable to determine distribution type. Please send the contents of $RELEASE_FILE to support@atomicorp.com" | tee -a $LOG app_exit 1 fi if [ ! -f /usr/bin/yum ]; then echo echo "Error: Yum was not detected. Contact your provider for support." | tee -a $LOG echo app_exit 1 else YUM=1 fi # Make sure selinux is as off as we can make it if [ -x /usr/sbin/setenforce ]; then /usr/sbin/setenforce 0 fi ## yum, make sure yum is up to date echo -n "Ensuring yum is up to date: " | tee -a $LOG /usr/bin/yum -y upgrade yum >> $LOG 2>&1 if [ $? -ne 0 ] ; then echo "ERROR: yum could not complete a basic upgrade event." cat $LOG app_exit 1 else echo "Done" | tee -a $LOG fi ## check for perl (minimal installs) echo -n "Checking for perl: " | tee -a $LOG if [ ! -f /usr/bin/perl ]; then /usr/bin/yum -y install perl >> $LOG 2>&1|| app_exit 1 fi echo "Done" | tee -a $LOG echo -n "Installing the Atomic GPG key: " |tee -a $LOG if [ ! -f /etc/pki/rpm-gpg/RPM-GPG-KEY.art.txt ]; then if [ ! -d /etc/pki/rpm-gpg ]; then mkdir -p /etc/pki/rpm-gpg/ fi wget -q https://www.atomicorp.com/RPM-GPG-KEY.art.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY.art.txt >> $LOG 2>&1 RETVAL=$? if [ ! "$RETVAL" = 0 ]; then echo FAIL echo echo " Could not download the Legacy Atomicorp gpg key" echo exit 1 fi rm -f RPM-GPG-KEY.art.txt fi echo "OK" | tee -a $LOG /bin/rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY.art.txt if [ ! -f /etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt ]; then if [ ! -d /etc/pki/rpm-gpg ]; then mkdir -p /etc/pki/rpm-gpg/ fi wget -q https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt >> $LOG 2>&1 RETVAL=$? if [ ! "$RETVAL" = 0 ]; then echo FAIL wget https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt echo echo " Could not download the Atomicorp gpg key" echo exit 1 fi fi /bin/rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt if [ ! -d /etc/asl ]; then mkdir /etc/asl fi cat << EOF > /etc/yum.repos.d/asl.repo [asl-4.0] name=Atomicorp - $releasever - Atomic Secured Linux 4.0 mirrorlist=file:///etc/asl/asl-4.0-mirrorlist priority=1 enabled=1 gpgkey = https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt gpgcheck=1 $KERNEL [asl-4.0-testing] name=Atomicorp - $releasever - Atomic Secured Linux 4.0 (Testing) mirrorlist=file:///etc/asl/asl-4.0-testing-mirrorlist priority=1 enabled=0 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt gpgcheck=1 $KERNEL EOF cat << EOF > /etc/asl/asl-4.0-mirrorlist https://$USERNAME:$ENCPASSWORD@www4.atomicorp.com/channels/asl-4.0/$DIR/$ARCH https://$USERNAME:$ENCPASSWORD@www5.atomicorp.com/channels/asl-4.0/$DIR/$ARCH https://$USERNAME:$ENCPASSWORD@www6.atomicorp.com/channels/asl-4.0/$DIR/$ARCH https://$USERNAME:$ENCPASSWORD@www7.atomicorp.com/channels/asl-4.0/$DIR/$ARCH EOF cat << EOF > /etc/asl/asl-4.0-testing-mirrorlist https://$USERNAME:$ENCPASSWORD@www4.atomicorp.com/channels/asl-4.0-testing/$DIR/$ARCH https://$USERNAME:$ENCPASSWORD@www5.atomicorp.com/channels/asl-4.0-testing/$DIR/$ARCH https://$USERNAME:$ENCPASSWORD@www6.atomicorp.com/channels/asl-4.0-testing/$DIR/$ARCH https://$USERNAME:$ENCPASSWORD@www7.atomicorp.com/channels/asl-4.0-testing/$DIR/$ARCH EOF cat << EOF > /etc/asl/tortix-mirrorlist https://$USERNAME:$ENCPASSWORD@www4.atomicorp.com/channels/tortix/$DIR/$ARCH https://$USERNAME:$ENCPASSWORD@www5.atomicorp.com/channels/tortix/$DIR/$ARCH https://$USERNAME:$ENCPASSWORD@www6.atomicorp.com/channels/tortix/$DIR/$ARCH https://$USERNAME:$ENCPASSWORD@www7.atomicorp.com/channels/tortix/$DIR/$ARCH EOF # Begin install echo "Standard" | tee -a $LOG yum -y install asl ossec-hids-agent | tee -a $LOG if [ $? -ne 0 ]; then echo echo "Error: Could not install ASL" |tee -a $LOG app_exit 1 fi post_asl_install | tee -a $LOG # enable and restart ossec-agent systemctl enable ossec-hids service ossec-hids restart rm -f /asl-installer.lock